FCL/sf/mw/appinstall: comparison secureswitools/swisistools/source/signsislib/sissignaturecertificatechain.cpp

equal deleted inserted replaced

--1:000000000000
+:ba25891c3a9e
+/*
+* Copyright (c) 2007-2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of the License "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+/**
+@file
+@internalComponent
+@released
+*/
+#include <openssl/rsa.h>
+#include <openssl/evp.h>
+#include <openssl/objects.h>
+#include <openssl/x509.h>
+#include <openssl/err.h>
+#include <openssl/pem.h>
+#include <openssl/evp.h>
+#include "sissignaturecertificatechain.h"
+#include "signaturecertchaindata.h"
+#include "siscertificatechain.h"
+#include "exception.h"
+#include "utility.h"
+#include "sissignature.h"
+#include "siscontroller.h"
+CSisSignatureCertificateChain::CSisSignatureCertificateChain (CSignatureCertChainData& aSisSignatureCertChain)
+						: iSisSignatureCertChain(aSisSignatureCertChain)
+	{
+	CSISArray <CSignatureData, CSISFieldRoot::ESISSignature>	&signatures = iSisSignatureCertChain.Signatures();
+	int count = signatures.size();
+	iCertificateChain = new CSisCertificateChain(const_cast<CCertChainData&>(iSisSignatureCertChain.CertificateChain()));
+	}
+CSisSignatureCertificateChain::~CSisSignatureCertificateChain()
+	{
+	for(int i = 0; i < iSignatures.size(); ++i)
+		{
+		delete iSignatures[i];
+		}
+	iSignatures.clear();
+	delete iCertificateChain;
+	}
+void CSisSignatureCertificateChain::Sign (
+		const CSISSignatureAlgorithm::TAlgorithm aAlgorithm, const std::wstring& aCertificate,
+		const std::wstring& aPrivateKey, const std::wstring& aPassPhrase,  const TUint8* aBuffer, const TUint32 aBufferSize)
+	{
+	iCertificateChain->Load (aCertificate);
+	CSignatureData signatureContent;
+	CSignature* signature = new CSignature(signatureContent);
+	if (aAlgorithm != CSISSignatureAlgorithm::EAlgNone)
+		{
+		signatureContent.SetAlgorithm (aAlgorithm);
+		}
+	signature->Sign (aPrivateKey, aPassPhrase, aBuffer, aBufferSize);
+	iSisSignatureCertChain.AddSignature(signatureContent);
+	iSignatures.push_back (signature);
+	}
+void CSisSignatureCertificateChain::VerifySignature (const CSISController* aController, const TSISStream::pos_type aParentHeaderSize) const
+	{
+	int signatureCount = iSignatures.size ();
+	if (signatureCount != 0)
+		{
+		X509* x509 = iCertificateChain->GetBottomX509 ();
+		if (x509)
+			{
+			int index;
+			try
+				{
+				for (index = 0; index < signatureCount; index++)
+					{
+					int size = 0;
+					if (iSisSignatureCertChain.PreHeaderPos() <= 0)
+						{
+						size = aController->BufferSize ();
+						}
+					else
+						{
+						size = iSisSignatureCertChain.PreHeaderPos() - aParentHeaderSize;
+						assert (size <= aController->BufferSize ());
+						}
+					iSignatures [index]->VerifySignature (x509, aController->RawBuffer(), size);
+					}
+				}
+			catch (...)
+				{
+				CSignature* signature = iSignatures[index];
+				if (!signature->SignatureAlgorithm().IsAlgorithmKnown())
+					{
+					SISLogger::Log(L"Could not verify signature with unknown algorithm, continuing.\n");
+					}
+				else
+					{
+					X509_free (x509);
+					SISLogger::Log(L"Could not verify signature with known algorithm, exiting.\n");
+					throw;
+					}
+				}
+			X509_free (x509);
+			}
+		}
+	}