Mercurial Mercurial > oss > FCL > sf > app > jrt / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
javacommons/security/src/midpauthenticationmoduleimpl.cpp
changeset 61 bf7ee68962da
parent 48 e0d6e9bd3ca7
child 69 773449708c84
equal deleted inserted replaced
48:e0d6e9bd3ca7 61:bf7ee68962da 
    13 *
 
    13 *
 
    14 * Description:
 
    14 * Description:
 
    15 *
 
    15 *
 
    16 */
 
    16 */
 
    17 
    17 
    18 
    18 #include "javacommonutils.h"
 
    19 #include "javajniutils.h"
 
    19 #include "javajniutils.h"
 
    20 #include "com_nokia_mj_impl_security_midp_authentication_AuthenticationModule.h"
 
    20 #include "com_nokia_mj_impl_security_midp_authentication_AuthenticationModule.h"
 
    21 #include "midpauthenticationmodule.h"
 
    21 #include "midpauthenticationmodule.h"
 
    22 #include "midpauthenticationmoduleimpl.h"
 
    22 #include "midpauthenticationmoduleimpl.h"
 
    23 #include "storagehandler.h"
 
    23 #include "storagehandler.h"
 
   470 
   470 
   471         // verify certificate
 
   471         // verify certificate
 
   472         if (X509_verify_cert(x509_ctx) != 1)
 
   472         if (X509_verify_cert(x509_ctx) != 1)
 
   473         {
 
   473         {
 
   474             ret_code = getErrCode(X509_STORE_CTX_get_error(x509_ctx));
 
   474             ret_code = getErrCode(X509_STORE_CTX_get_error(x509_ctx));
 
   475             break;
 
   475             // If the secure time of the device has not yet been set
 
       
   476             // to correct value (This can happen some times during
 
       
   477             // the first device boot),
 
       
   478             // allow installing with not yet valid certificates
 
       
   479             if (KCertNotYetValidFailure == ret_code)
 
       
   480             {
 
       
   481                 if (JavaCommonUtils::isFirstBoot())
 
       
   482                 {
 
       
   483                     ret_code = KCertAndSignatureOk;
 
       
   484                 }
 
       
   485             }
 
       
   486 
       
   487             if (KCertAndSignatureOk != ret_code)
 
       
   488             {
 
       
   489                 break;
 
       
   490             }
 
   476         }
 
   491         }
 
   477         // verify the extended key usage: it must point to id-kp-codeSigning (RFC3280 code signing)
 
   492         // verify the extended key usage: it must point to id-kp-codeSigning (RFC3280 code signing)
 
   478         // or 1.3.6.1.4.1.94.1.49.1.2.2.3 (Nokia Java Code Signing Extension)
 
   493         // or 1.3.6.1.4.1.94.1.49.1.2.2.3 (Nokia Java Code Signing Extension)
 
   479         EXTENDED_KEY_USAGE *extKeyUsage;
 
   494         EXTENDED_KEY_USAGE *extKeyUsage;
 
   480         if ((extKeyUsage=(EXTENDED_KEY_USAGE*)X509_get_ext_d2i(end_entity_cert, NID_ext_key_usage, NULL, NULL)) != NULL)
 
   495         if ((extKeyUsage=(EXTENDED_KEY_USAGE*)X509_get_ext_d2i(end_entity_cert, NID_ext_key_usage, NULL, NULL)) != NULL)
FCL/sf/app/jrt