diff options
author | Janusz Kozerski <j.kozerski@samsung.com> | 2015-07-03 14:26:44 +0200 |
---|---|---|
committer | Janusz Kozerski <j.kozerski@samsung.com> | 2015-07-17 14:33:45 +0200 |
commit | ecacacfce9dc0f97fc67ba032726583b8881ed97 (patch) | |
tree | b8710bbd27d939524bf26bb802056d6736c85f8a /src/include | |
parent | 1bf0726b3028ddfaae0cdd70e46b416335da39a0 (diff) | |
download | cert-checker-ecacacfce9dc0f97fc67ba032726583b8881ed97.tar.gz cert-checker-ecacacfce9dc0f97fc67ba032726583b8881ed97.tar.bz2 cert-checker-ecacacfce9dc0f97fc67ba032726583b8881ed97.zip |
Add OCSP verification (CKM API is used)
* Add tests for certificates
* Remove unnecessary methods in Logic class
* Add missing include
* Use new cert-checker-vcore API
Change-Id: Idfa777d1f1ba6f7142ea78e29bf1bc63415b128e
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/cchecker/certs.h | 31 | ||||
-rw-r--r-- | src/include/cchecker/logic.h | 6 |
2 files changed, 25 insertions, 12 deletions
diff --git a/src/include/cchecker/certs.h b/src/include/cchecker/certs.h index ed8efe0..7da95e6 100644 --- a/src/include/cchecker/certs.h +++ b/src/include/cchecker/certs.h @@ -25,19 +25,36 @@ #ifndef CCHECKER_CERTS_H #define CCHECKER_CERTS_H +#include <ckm/ckm-certificate.h> +#include <vcore/Certificate.h> + #include <cchecker/app.h> +#include <ckm/ckm-manager.h> namespace CCHECKER { class Certs { public: - Certs(); - virtual ~Certs(); - void get_certificates (app_t &app, ocsp_urls_t &ocsp_urls); - private: - void find_app_signatures (app_t &app, const std::string &app_path, ocsp_urls_t &ocsp_urls); - void search_app (app_t &app, ocsp_urls_t &ocsp_urls); - + enum class ocsp_response_t { + OCSP_APP_OK, + OCSP_APP_REVOKED, + OCSP_CHECK_AGAIN, + OCSP_CERT_ERROR + }; + Certs(); + virtual ~Certs(); + void get_certificates (app_t &app, ocsp_urls_t &ocsp_urls); + ocsp_response_t check_ocsp (const app_t &app); // TODO: add custom url support + protected: // Needed for tests + ocsp_response_t check_ocsp_chain (const chain_t &chain); + void find_app_signatures (app_t &app, const std::string &app_path, ocsp_urls_t &ocsp_urls); + void search_app (app_t &app, ocsp_urls_t &ocsp_urls); + bool ocsp_create_list(const chain_t &chain, ValidationCore::CertificateList &certs_list); + bool ocsp_build_chain (const ValidationCore::CertificateList &certs_list, + CKM::CertificateShPtrVector &vect_ckm_chain); + + //private: + CKM::ManagerShPtr m_ckm; }; } // CCHECKER diff --git a/src/include/cchecker/logic.h b/src/include/cchecker/logic.h index d698437..8627c1d 100644 --- a/src/include/cchecker/logic.h +++ b/src/include/cchecker/logic.h @@ -80,13 +80,9 @@ class Logic { error_t setup_db(); void load_database_to_buffer(); - void check_ocsp(app_t &app); void add_ocsp_url(const std::string &issuer, const std::string &url, int64_t date); - void pkgmanager_uninstall(const app_t &app); - void get_certs_from_signature(const std::string &signature, std::vector<std::string> &cert); - void add_app_to_buffer_and_database(const app_t &app); - void remove_app_from_buffer(const app_t &app); + void remove_app_from_buffer_and_database(const app_t &app); void pkgmgr_callback_internal(GVariant *parameters, pkgmgr_event_t event); error_t register_dbus_signal_handler(GDBusProxy *proxy, |