--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/javacommons/security/src/utils/securityutils.h	Tue Apr 27 16:30:29 2010 +0300
@@ -0,0 +1,132 @@
+/*
+* Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies).
+* All rights reserved.
+* This component and the accompanying materials are made available
+* under the terms of "Eclipse Public License v1.0"
+* which accompanies this distribution, and is available
+* at the URL "http://www.eclipse.org/legal/epl-v10.html".
+*
+* Initial Contributors:
+* Nokia Corporation - initial contribution.
+*
+* Contributors:
+*
+* Description:
+*
+*/
+#ifndef SECURITYUTILS_H
+#define SECURITYUTILS_H
+
+#include <vector>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+#include <openssl/pem.h>
+#include <openssl/bio.h>
+#include "javajniutils.h"
+#include <openssl/sha.h>
+
+namespace java
+{
+namespace security
+{
+
+/*
+ * The OID of the certificate extension used to carry the IMEI list information
+ * in the Developer Certificates
+ */
+#define DEVCERT_IMEI_LIST_OID "1.3.6.1.4.1.94.1.49.1.2.2.7"
+
+/*
+ * id-kp-codeSigning OID
+ */
+#define X509_CODE_SIGNING_OID "1.3.6.1.5.5.7.3.3"
+
+/*
+ * Nokia Java Code Signing Extension OID
+ */
+#define NOKIA_CODE_SIGNING_OID "1.3.6.1.4.1.94.1.49.1.2.2.3"
+
+/*
+ * The policy identifiers for protection domains. These identifiers are searched
+ * into the X.509 certificatePolicies extension
+ * ({joint-iso-itu-t(2) ds(5) ce(29) certificatePolicies(32)})
+ */
+#define DEVCERT_MANUFACTURER_DOMAIN_OID "1.3.6.1.4.1.42.2.110.2.2.2.2"
+#define DEVCERT_OPERATOR_DOMAIN_OID "1.3.6.1.4.1.42.2.110.2.2.2.1"
+#define DEVCERT_IDENTIFIEDTHIRDPARTY_DOMAIN_OID "1.3.6.1.4.1.42.2.110.2.2.2.3"
+
+/*
+ * Internal constants for the protection domains
+ */
+const int DEVCERT_ANY_DOMAIN = -1;
+const int DEVCERT_UNKNOWN_DOMAIN = 0;
+const int DEVCERT_MANUFACTURER_DOMAIN = 1;
+const int DEVCERT_OPERATOR_DOMAIN = 2;
+const int DEVCERT_IDENTIFIEDTHIRDPARTY_DOMAIN = 3;
+
+/* The length of the SHA-1 digest (160 bits) */
+const int SHA_1_DIGEST_LEN = 20;
+
+/* The length of the MD5 digest (32 digit hexadecimal number) */
+const int MD5_DIGEST_LEN = 8;
+
+/* The length of the message chunks used to compute the hash */
+const int SHA_1_HASH_CHUNK_LEN = 128*1024;
+
+/* Types of supported certificates */
+const int PEM = 1;
+const int DER = 2;
+
+typedef struct cert_details_st
+{
+    char * issuer;
+    char * subject;
+    char * organization;
+    char * notBefore; /* format is YYYYMMDDHHMMSS */
+    char * notAfter; /* format is YYYYMMDDHHMMSS */
+    char * serial_number;
+    char * fingerprint;
+    int domain_category;
+} CERT_DETAILS;
+
+typedef struct auth_credentials_st
+{
+    char * domain_name;
+    char * domain_category;
+    char * jar_hash;
+    char * root_hash;
+    int chain_index;
+    int predefined_domain_category;
+    CERT_DETAILS* signing_cert;
+} AUTH_CREDENTIALS;
+
+typedef struct auth_info_st
+{
+    int cert_chain_len;
+    char ** cert_chain;
+    int signature_len;
+    char * signature;
+} AUTH_INFO;
+
+class SecurityUtils
+{
+public:
+    static bool areAllCriticalExtsKnown(X509 *);
+    static X509 * readCert(const char *, int len, int type);
+    static char * encodePEM(const char *, int);
+    static void getCertDetails(X509, CERT_DETAILS *, bool);
+    static char * computeDigest(const char*);
+    static void throw_exception(JNIEnv*, const char *);
+    static void getAuthInfo(JNIEnv*, jobjectArray, int, AUTH_INFO *);
+    static jobject getJNICertDetails(JNIEnv *, const CERT_DETAILS);
+    static jobjectArray getJNIAuthCredentials(JNIEnv *, std::vector<AUTH_CREDENTIALS*>);
+private:
+    static bool checkIMEI(const X509_EXTENSION *, const char *);
+    static char * computeDigest1(const char*);
+};
+
+} //end namespace security
+} //end namespace java
+
+#endif // SECURITYUTILS_H
+