src/Step/SignatureStep.cpp

   1 //
   2 // Open Service Platform
   3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
   4 //
   5 // Licensed under the Apache License, Version 2.0 (the License);
   6 // you may not use this file except in compliance with the License.
   7 // You may obtain a copy of the License at
   8 //
   9 //     http://www.apache.org/licenses/LICENSE-2.0
  10 //
  11 // Unless required by applicable law or agreed to in writing, software
  12 // distributed under the License is distributed on an "AS IS" BASIS,
  13 // WITHOUT  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  14 // See the License for the specific language governing permissions and
  15 // limitations under the License.
  16 //
  17 /**
  18  * @file        SignatureStep.cpp
  19  * @brief       This is the implementation file for %SignatureStep class.
  20  */
  21
  22 #include <FIoFile.h>
  23 #include <FBase_StringConverter.h>
  24
  25 #include "InstallationContext.h"
  26 #include "PrivilegeHandler.h"
  27 #include "SignatureHandler.h"
  28 #include "SignatureStep.h"
  29
  30 using namespace Tizen::App;
  31 using namespace Tizen::Base;
  32 using namespace Tizen::Base::Collection;
  33 using namespace Tizen::Io;
  34
  35 SignatureStep::SignatureStep(void)
  36 :__state(STATE_SIGNER_INIT)
  37 ,__pContext(null)
  38 ,__pSignatureManager(null)
  39 {
  40 }
  41
  42 SignatureStep::~SignatureStep(void)
  43 {
  44         delete __pSignatureManager;
  45 }
  46
  47 InstallerError
  48 SignatureStep::Run(InstallationContext* pContext)
  49 {
  50         InstallerError error = INSTALLER_ERROR_NONE;
  51         AppLog(" SignatureStep - START");
  52
  53         __pContext = pContext;
  54
  55         if (__pContext->__isVerificationMode == false)
  56         {
  57                 AppLog("no signature file[%ls]", __pContext->GetSignatureXmlPath().GetPointer());
  58                 return INSTALLER_ERROR_NONE;
  59         }
  60
  61         while (true)
  62         {
  63                 switch (__state)
  64                 {
  65                 case STATE_SIGNER_INIT:
  66                         AppLog("[STATE_SIGNER_INIT]");
  67                         error = OnStateSignerInit();
  68                         break;
  69
  70                 case STATE_SIGNER_CERT:
  71                         AppLog("[STATE_SIGNER_CERT]");
  72                         error = OnStateSignerCert();
  73                         break;
  74
  75                 case STATE_CERT_CHAIN:
  76                         AppLog("[STATE_CERT_CHAIN]");
  77                         error = OnStateCertChain();
  78                         break;
  79
  80                 case STATE_ROOT_CERT:
  81                         AppLog("[STATE_ROOT_CERT]");
  82                         error = OnStateRootCert();
  83                         break;
  84
  85                 case STATE_DONE:
  86                         AppLog("[STATE_DONE]");
  87                         error = OnStateDone();
  88                         break;
  89
  90                 default:
  91                         break;
  92                 }
  93
  94                 if (error != INSTALLER_ERROR_NONE)
  95                 {
  96                         break;
  97                 }
  98
  99                 if (__state > STATE_DONE)
 100                 {
 101                         AppLog(" SignatureStep - END");
 102                         break;
 103                 }
 104         }
 105
 106         return error;
 107 }
 108
 109 void
 110 SignatureStep::GoNextState(void)
 111 {
 112         __state++;
 113 }
 114
 115 InstallerError
 116 SignatureStep::OnStateSignerInit(void)
 117 {
 118         InstallerError error = INSTALLER_ERROR_NONE;
 119         bool ret = true;
 120
 121         __pSignatureManager = new (std::nothrow) SignatureManager();
 122         TryReturn(__pSignatureManager, error = INSTALLER_ERROR_OUT_OF_MEMORY, "__pSignatureManager is null.");
 123
 124         ret = __pSignatureManager->Construct(__pContext);
 125         TryReturn(ret == true, error = INSTALLER_ERROR_INTERNAL_STATE, "Construct() failed");
 126
 127         ret = __pSignatureManager->ValidateSignatures();
 128         fprintf(stderr, "  ## __pSignatureManager->ValidateSignatures() result = [%d]\n", ret);
 129
 130         if (ret == true)
 131         {
 132                 AppLog("_pSignatureManager->ValidateSignatures() is ok.");
 133                 __state = STATE_ROOT_CERT;
 134         }
 135         else
 136         {
 137                 AppLog("_pSignatureManager->ValidateSignatures() does not be passed, using another validator.");
 138
 139                 __pContext->__rootCertType = ROOT_CERTIFICATE_NONE;
 140                 __pContext->__pAuthorCertList->RemoveAll();
 141                 __pContext->__pDistributorCertList->RemoveAll();
 142
 143                 GoNextState();
 144         }
 145
 146         return error;
 147 }
 148
 149
 150 InstallerError
 151 SignatureStep::OnStateSignerCert(void)
 152 {
 153         InstallerError error = INSTALLER_ERROR_NONE;
 154         bool ret = true;
 155
 156         ret = __pSignatureManager->SetSignature();
 157         TryCatch(ret == true, error = INSTALLER_ERROR_SIGNATURE_INVALID, "SetSignature() failed");
 158
 159 CATCH:
 160         GoNextState();
 161         return error;
 162 }
 163
 164 InstallerError
 165 SignatureStep::OnStateCertChain(void)
 166 {
 167         InstallerError error = INSTALLER_ERROR_NONE;
 168         bool ret = true;
 169
 170         ret = __pSignatureManager->AddCert();
 171         TryCatch(ret == true, error = INSTALLER_ERROR_CERTIFICATE_CHAIN_VERIFICATION_FAILED, "AddCert(DEVELOPER_ROOT_CERTIFICATE) failed");
 172
 173         ret = __pSignatureManager->VerifyChain();
 174         if (__pContext->__isPreloaded == true)
 175         {
 176                 fprintf(stderr, "  ## VerifyChain() result = [%d]\n", ret);
 177         }
 178         else
 179         {
 180                 TryCatch(ret == true, error = INSTALLER_ERROR_CERTIFICATE_CHAIN_VERIFICATION_FAILED, "VerifyChain() failed");
 181         }
 182
 183 CATCH:
 184         GoNextState();
 185         return error;
 186 }
 187
 188 InstallerError
 189 SignatureStep::OnStateRootCert(void)
 190 {
 191         InstallerError error = INSTALLER_ERROR_NONE;
 192         result r = E_SUCCESS;
 193         String privileges;
 194         String hmacPrivileges;
 195         ArrayList stringPrivilegeList;
 196         stringPrivilegeList.Construct();
 197
 198         const ArrayList* pPrivilegeList = __pContext->GetPrivilegeList();
 199         RootCertificateType certType = __pContext->__rootCertType;
 200         PackageId packageId = __pContext->__packageId;
 201         int apiVisibility = __pSignatureManager->GetApiVisibility(certType);
 202
 203         AppLog("PackageId = [%ls], CertType = [%d], ApiVisibility = [%d]", packageId.GetPointer(), certType, apiVisibility);
 204
 205         if (pPrivilegeList != null)
 206         {
 207                 r = PrivilegeHandler::GenerateCipherPrivilege(packageId, *pPrivilegeList, apiVisibility, privileges, hmacPrivileges, stringPrivilegeList);
 208                 TryCatch(!IsFailed(r), error = INSTALLER_ERROR_PRIVILEGE_INVALID, "privMgr.GeneratePrivilegeString() failed");
 209         }
 210
 211         __pContext->__privileges = privileges;
 212         __pContext->__hmacPrivileges = hmacPrivileges;
 213         __pContext->__certType = apiVisibility;
 214         __pContext->__pStringPrivilegeList = new ArrayList;
 215         __pContext->__pStringPrivilegeList->Construct(stringPrivilegeList);
 216
 217 CATCH:
 218         GoNextState();
 219         return error;
 220 }
 221
 222 InstallerError
 223 SignatureStep::OnStateDone(void)
 224 {
 225         InstallerError error = INSTALLER_ERROR_NONE;
 226
 227         GoNextState();
 228         return error;
 229 }
 230