1 /*

     2 * Copyright (c) 2007-2007 Nokia Corporation and/or its subsidiary(-ies).

     3 * All rights reserved.

     4 * This component and the accompanying materials are made available

     5 * under the terms of "Eclipse Public License v1.0"

     6 * which accompanies this distribution, and is available

     7 * at the URL "http://www.eclipse.org/legal/epl-v10.html".

     8 *

     9 * Initial Contributors:

    10 * Nokia Corporation - initial contribution.

    11 *

    12 * Contributors:

    13 *

    14 * Description:

    15 *

    16 */

    17 

    18 

    19 #include "javasmartcardcertificatesreader.h"

    20 #include "smartcardcryptotokenreader.h"

    21 #include "smartcardcertextrasreader.h"

    22 #include <openssl/x509.h>

    23 #include <openssl/bio.h>

    24 

    25 using namespace std;

    26 

    27 namespace java

    28 {

    29 namespace security

    30 {

    31 

    32 const int SHA_1_DIGEST_LEN = 20;

    33 const int MD5_DIGEST_LEN = 8;

    34 

    35 /* forward declarations of local/private methods */

    36 unsigned char * computePublicKeyHash(const HBufC8*);

    37 void computeCertHash(const char *, int, string&);

    38 

    39 void JavaSmartCardCertificatesReader::retrieveTrustedCertificates(vector<TrustedCertificate>& aTrustedCerts)

    40 {

    41     // retrieve the smart card certificates

    42     SmartCardCryptoTokenReader* smartCardCertsReader = SmartCardCryptoTokenReader::NewL();

    43     RArray<HBufC8*> smartCardCerts;

    44     smartCardCertsReader->RetrieveCerts(smartCardCerts);

    45     delete smartCardCertsReader;

    46     smartCardCertsReader = NULL;

    47 

    48     // retrieve the smart card certificates trusted usages

    49     SmartCardCertExtrasReader* smartCardCertsExtrasReader = SmartCardCertExtrasReader::NewL();

    50     RCPointerArray<HBufC> smartCardCertTrustedUsages;

    51     for (int i=0; i<smartCardCerts.Count(); i++)

    52     {

    53         // compute the SHA1 hash of the public key

    54         unsigned char * publicKeyHash = computePublicKeyHash(smartCardCerts[i]);

    55         if (publicKeyHash)

    56         {

    57             // retrieve the certificate's extra info

    58             TPtrC8 ptrPublicKeyHash((TUint8 *)publicKeyHash, SHA_1_DIGEST_LEN);

    59             smartCardCertsExtrasReader->GetCertTrustedUsages(ptrPublicKeyHash, smartCardCertTrustedUsages);

    60             // filter the retrieved trusted usages

    61             vector<string> trustedUsage;

    62             for (int j=0; j<smartCardCertTrustedUsages.Count(); j++)

    63             {

    64                 HBufC8 *buf8 = HBufC8::NewMaxL(smartCardCertTrustedUsages[j]->Length());

    65                 buf8->Des().Copy(smartCardCertTrustedUsages[j]->Des());

    66                 string usage((const char *)buf8->Ptr(), buf8->Length());

    67                 delete buf8;

    68                 buf8 = NULL;

    69                 trustedUsage.push_back(usage);

    70             }

    71             // format the public key hash as HEX

    72             string hash = "";

    73             computeCertHash((const char*)smartCardCerts[i]->Ptr(), smartCardCerts[i]->Length(), hash);

    74             if (hash.size() > 0)

    75             {

    76                 // save the certificate together with it's trusted usage

    77                 aTrustedCerts.push_back(TrustedCertificate(string(

    78                                             (const char*)smartCardCerts[i]->Ptr(),

    79                                             smartCardCerts[i]->Length()),

    80                                         hash,

    81                                         trustedUsage));

    82             }

    83 

    84             // cleanup

    85             delete[] publicKeyHash;

    86             publicKeyHash = NULL;

    87         }

    88         delete smartCardCerts[i];

    89     }

    90     smartCardCerts.Close();

    91     smartCardCertTrustedUsages.Close();

    92     delete smartCardCertsExtrasReader;

    93     smartCardCertsExtrasReader = NULL;

    94 }

    95 

    96 unsigned char * computePublicKeyHash(const HBufC8* smartCardCert)

    97 {

    98     unsigned char * publicKeyHash = NULL;

    99     X509 *x509 = NULL;

   100     BIO *bio;

   101     bio = BIO_new_mem_buf((void *) smartCardCert->Ptr(), smartCardCert->Length());

   102     if ((bio))

   103     {

   104         BIO_set_close(bio, BIO_CLOSE);

   105         x509 = d2i_X509_bio(bio,NULL);

   106         BIO_free(bio);

   107         if (x509)

   108         {

   109             ASN1_BIT_STRING* publicKey = X509_get_X509_PUBKEY(x509)->public_key;

   110             publicKeyHash = new unsigned char[SHA_1_DIGEST_LEN + 1];

   111             SHA1(publicKey->data,publicKey->length,publicKeyHash);

   112             publicKeyHash[SHA_1_DIGEST_LEN] = '\0';

   113             delete x509;

   114             x509 = NULL;

   115         }

   116     }

   117     return publicKeyHash;

   118 }

   119 

   120 

   121 void computeCertHash(const char * cert, int certLen, string& hash)

   122 {

   123     char computed_hash[MD5_DIGEST_LEN + 1];

   124     computed_hash[0] = '\0';

   125     X509 *x509 = NULL;

   126     BIO *bio;

   127     bio = BIO_new_mem_buf((void *) cert, certLen);

   128     if ((bio))

   129     {

   130         BIO_set_close(bio, BIO_CLOSE);

   131         x509 = d2i_X509_bio(bio,NULL);

   132         BIO_free(bio);

   133         if (x509)

   134         {

   135             sprintf(computed_hash,"%08lX",X509_issuer_name_hash(x509));

   136             // add the '\0'

   137             computed_hash[MD5_DIGEST_LEN] = '\0';

   138             delete x509;

   139             x509 = NULL;

   140         }

   141     }

   142     hash += string(computed_hash, MD5_DIGEST_LEN);

   143 }

   144 

   145 } //end namespace security

   146 } //end namespace java