2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
18 * @file PrivilegeHandler.cpp
19 * @brief This is the implementation for the PrivilegeHandler class.
24 #include <FBaseString.h>
26 #include <FSecCryptoAesCipher.h>
27 #include <FSecCryptoSha1Hash.h>
28 #include <FBase_StringConverter.h>
29 #include <FBaseInternalTypes.h>
30 #include <FSec_AccessControlTypes.h>
31 #include <FSec_DeviceKeyGenerator.h>
32 #include <FIoDatabase.h>
33 #include <FIoDbEnumerator.h>
35 #include "InstallerDefs.h"
36 #include "PrivilegeHandler.h"
37 #include "InstallerUtil.h"
39 using namespace Tizen::App;
40 using namespace Tizen::Base;
41 using namespace Tizen::Base::Collection;
42 using namespace Tizen::Base::Utility;
43 using namespace Tizen::Security;
44 using namespace Tizen::Security::Crypto;
45 using namespace Tizen::Text;
46 using namespace Tizen::Io;
50 PrivilegeHandler::PickExternalPrivilege(const IList& fullPrivilegeList, IList& normalPrivilegeList, IList& externalPrivilegeList)
53 String externalPrivilege;
54 ArrayList privilegeList;
56 DbEnumerator* pDbEnum;
58 r = privilegeDb.Construct(EXTERNAL_PRIVILEGE_DB_NAME, "r");
59 TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, r, r, "[%s] Propagating.", GetErrorMessage(r));
62 pDbEnum = privilegeDb.QueryN(L"SELECT PRIVILEGE_ID FROM PrivilegeInfo");
63 TryReturnResultTag(OSP_INSTALLER, pDbEnum != null, E_DATABASE, E_DATABASE, "[E_DATABASE] Privilege database error.");
65 AppLog("------------------------------------------");
66 AppLog("External Privilege");
67 AppLog("------------------------------------------");
69 while (pDbEnum->MoveNext() == E_SUCCESS)
71 r = pDbEnum->GetStringAt(0, externalPrivilege);
72 TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, E_DATABASE, E_DATABASE, "[E_DATABASE] Privilege database error.");
74 AppLog("%ls", externalPrivilege.GetPointer());
75 privilegeList.Add(new String(externalPrivilege));
79 IEnumerator* pEnum = fullPrivilegeList.GetEnumeratorN();
80 while(pEnum->MoveNext() == E_SUCCESS)
82 String* tempString = static_cast<String*>(pEnum->GetCurrent());
84 if (privilegeList.Contains(*tempString))
86 externalPrivilegeList.Add(new String(*tempString));
90 normalPrivilegeList.Add(new String(*tempString));
95 privilegeList.RemoveAll(true);
100 PrivilegeHandler::GenerateCipherPrivilege(const AppId& appId, const IList& privilegeList, String& encryptedPrivileges, String& checksum, IList& stringPrivilegeList)
102 result r = E_SUCCESS;
103 byte* pBitwisePrivilege = null;
105 ArrayList normalPrivilegeList;
107 encryptedPrivileges.Clear();
109 normalPrivilegeList.Construct();
111 count = privilegeList.GetCount();
117 r = PickExternalPrivilege(privilegeList, normalPrivilegeList, stringPrivilegeList);
120 pBitwisePrivilege = PackPrivilegeN(normalPrivilegeList);
121 TryReturnResultTag(OSP_INSTALLER, pBitwisePrivilege != null, GetLastResult(), GetLastResult(), "[%s] Propagating.", GetErrorMessage(GetLastResult()));
125 AppLog("Working with normal PrivilegeDb.");
126 pBitwisePrivilege = PackPrivilegeN(privilegeList);
127 TryReturnResultTag(OSP_INSTALLER, pBitwisePrivilege != null, GetLastResult(), GetLastResult(), "[%s] Propagating.", GetErrorMessage(GetLastResult()));
130 r = GetEncryptedBitwise(pBitwisePrivilege, encryptedPrivileges);
131 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
133 r = GetChecksum(appId, pBitwisePrivilege, checksum);
134 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
140 if (pBitwisePrivilege)
142 free(pBitwisePrivilege);
145 normalPrivilegeList.RemoveAll(true);
150 PrivilegeHandler::GenerateCipherPrivilege(const AppId& appId, const IList& privilegeList, int visibilityLevel, String& encryptedPrivileges, String& checksum, IList& stringPrivilegeList)
152 result r = E_SUCCESS;
153 byte* pBitwisePrivilege = null;
155 ArrayList normalPrivilegeList;
157 encryptedPrivileges.Clear();
159 normalPrivilegeList.Construct();
161 count = privilegeList.GetCount();
167 r = PickExternalPrivilege(privilegeList, normalPrivilegeList, stringPrivilegeList);
170 r = PackPrivilegeN(normalPrivilegeList, visibilityLevel, &pBitwisePrivilege);
171 TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, r, r, "[%s] Propagating.", GetErrorMessage(r));
175 AppLog("Working with normal PrivilegeDb.");
176 r = PackPrivilegeN(privilegeList, visibilityLevel, &pBitwisePrivilege);
177 TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, r, r, "[%s] Propagating.", GetErrorMessage(r));
180 r = GetEncryptedBitwise(pBitwisePrivilege, encryptedPrivileges);
181 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
183 r = GetChecksum(appId, pBitwisePrivilege, checksum);
184 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
190 if (pBitwisePrivilege)
192 free(pBitwisePrivilege);
195 normalPrivilegeList.RemoveAll(true);
200 PrivilegeHandler::PackPrivilegeN(const IList& privilegeList)
202 result r = E_SUCCESS;
204 int privilegeEnum = 0;
206 bool validStringFlag = false;
207 bool resultFlag = true;
208 byte privilegeBit = 0;
209 byte* pResult = null;
210 byte* pBitwisePrivilege = null;
211 IEnumerator* pEnum = null;
215 pResult = (byte*) malloc(sizeof(byte) * MAX_BITWISE_PRIV_SIZE);
216 TryReturnResultTag(OSP_INSTALLER, pResult != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");
218 memset(pResult, 0, MAX_BITWISE_PRIV_SIZE);
220 pEnum = privilegeList.GetEnumeratorN();
221 TryCatch(pEnum != null, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
223 while (pEnum->MoveNext() == E_SUCCESS)
225 validStringFlag = false;
226 String privilegeURI = L"http://tizen.org/privilege/";
228 String* pTempString = (String*) pEnum->GetCurrent();
230 if ((pTempString->GetLength()) < (privilegeURI.GetLength()))
232 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string (Length error): [%ls]", pTempString->GetPointer());
238 pTempString->SubString(0, privilegeURI.GetLength(), uriString);
240 if (!(uriString.Equals(privilegeURI, true)))
242 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string (URI error): [%ls]", pTempString->GetPointer());
247 String privilegeString;
248 pTempString->SubString(privilegeURI.GetLength(), pTempString->GetLength()-privilegeURI.GetLength(), privilegeString);
250 for (index = 0; index < _MAX_PRIVILEGE_ENUM; index++)
252 if (wcscmp(privilegeListTable[index].privilegeString, privilegeString.GetPointer()) == 0)
254 validStringFlag = true;
255 privilegeEnum = static_cast< int >(privilegeListTable[index].privilege);
257 position = privilegeEnum / _BITS_IN_BYTE;
258 privilegeBit = (byte) (privilegeEnum % _BITS_IN_BYTE);
259 pResult[position] = pResult[position] | (1 << privilegeBit);
264 if (validStringFlag == false)
266 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string: [%ls]", pTempString->GetPointer());
271 TryCatchTag(OSP_INSTALLER, resultFlag == true, r = E_INVALID_ARG, "[E_INVALID_ARG] One of privilege string is invalid.");
273 pBitwisePrivilege = pResult;
277 return pBitwisePrivilege;
290 PrivilegeHandler::PackPrivilegeN(const IList& privilegeList, int visibilityLevel, byte** ppBitwisePrivilege)
292 result r = E_SUCCESS;
294 int privilegeEnum = 0;
296 bool validStringFlag = false;
297 bool validLevelFlag = true;
298 bool resultFlag = true;
299 bool resultLevelFlag = true;
300 byte privilegeBit = 0;
301 byte* pResult = null;
302 IEnumerator* pEnum = null;
306 pResult = (byte*) malloc(sizeof(byte) * MAX_BITWISE_PRIV_SIZE);
307 TryReturnResultTag(OSP_INSTALLER, pResult != null, E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");
309 memset(pResult, 0, MAX_BITWISE_PRIV_SIZE);
311 pEnum = privilegeList.GetEnumeratorN();
312 TryCatchTag(OSP_INSTALLER, pEnum != null, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
314 while (pEnum->MoveNext() == E_SUCCESS)
316 validStringFlag = false;
317 validLevelFlag = true;
319 String privilegeURI = L"http://tizen.org/privilege/";
321 String* pTempString = (String*) pEnum->GetCurrent();
323 if ((pTempString->GetLength()) < (privilegeURI.GetLength()))
325 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string (Length error): [%ls]", pTempString->GetPointer());
331 pTempString->SubString(0, privilegeURI.GetLength(), uriString);
333 if (!(uriString.Equals(privilegeURI, true)))
335 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string (URI error): [%ls]", pTempString->GetPointer());
340 String privilegeString;
341 pTempString->SubString(privilegeURI.GetLength(), pTempString->GetLength()-privilegeURI.GetLength(), privilegeString);
343 for (index = 0; index < _MAX_PRIVILEGE_ENUM; index++)
345 if (wcscmp(privilegeListTable[index].privilegeString, privilegeString.GetPointer()) == 0)
347 validStringFlag = true;
348 privilegeEnum = static_cast< int >(privilegeListTable[index].privilege);
350 if (visibilityLevel != _API_VISIBILITY_NONE)
352 if (visibilityLevelListTable[privilegeEnum][_PRV_API_VER_2_0] > visibilityLevel)
354 validLevelFlag = false;
359 position = privilegeEnum / _BITS_IN_BYTE;
360 privilegeBit = (byte) (privilegeEnum % _BITS_IN_BYTE);
361 pResult[position] = pResult[position] | (1 << privilegeBit);
366 if (validStringFlag == false)
368 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string: [%ls]", pTempString->GetPointer());
372 if (validLevelFlag == false)
374 AppLogExceptionTag(OSP_INSTALLER, "[E_ILLEGAL_ACCESS] The application does not have the privilege level to register [%ls]", pTempString->GetPointer());
375 resultLevelFlag = false;
379 TryCatchTag(OSP_INSTALLER, resultLevelFlag == true, r = E_ILLEGAL_ACCESS, "[E_ILLEGAL_ACCESS] Unauthorized privileges are detected.");
380 TryCatchTag(OSP_INSTALLER, resultFlag == true, r = E_INVALID_ARG, "[E_INVALID_ARG] Unsupported privilege strings are detected.");
382 *ppBitwisePrivilege = pResult;
398 PrivilegeHandler::GetEncryptedBitwise(byte* pBitwisePrivilege, String& encryptedPrivileges)
400 result r = E_SUCCESS;
401 ByteBuffer* pTempBitwisePrivilege = null;
403 pTempBitwisePrivilege = new (std::nothrow) ByteBuffer();
404 TryReturnResultTag(OSP_INSTALLER, pTempBitwisePrivilege != null, E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
406 r = pTempBitwisePrivilege->Construct(MAX_BITWISE_PRIV_SIZE);
407 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
409 r = pTempBitwisePrivilege->SetArray(pBitwisePrivilege, 0, MAX_BITWISE_PRIV_SIZE);
410 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
411 pTempBitwisePrivilege->Flip();
413 r = StringUtil::EncodeToBase64String(*pTempBitwisePrivilege, encryptedPrivileges);
414 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
420 delete pTempBitwisePrivilege;
426 PrivilegeHandler::GetChecksum(AppId appId, byte* pBitwisePrivilege, String& checksum)
428 result r = E_SUCCESS;
429 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
433 ByteBuffer* pChecksumByteBuffer = null;
436 pAppId = (char*) _StringConverter::CopyToCharArrayN(appId);
437 TryCatchTag(OSP_INSTALLER, pAppId != null, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
439 memcpy(tempChecksumString, pAppId, MAX_APP_ID_SIZE);
440 memcpy(tempChecksumString + MAX_APP_ID_SIZE, pBitwisePrivilege, MAX_BITWISE_PRIV_SIZE);
445 r = input.Construct(MAX_APP_ID_SIZE + MAX_BITWISE_PRIV_SIZE);
446 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
448 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + MAX_BITWISE_PRIV_SIZE);
449 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
452 pHash = new (std::nothrow) Sha1Hash();
453 TryCatchTag(OSP_INSTALLER, pHash != null, r = E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
455 pChecksumByteBuffer = pHash->GetHashN(input);
456 TryCatchTag(OSP_INSTALLER, pChecksumByteBuffer != null, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
458 r = StringUtil::EncodeToBase64String(*pChecksumByteBuffer, checksum);
459 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
466 delete pChecksumByteBuffer;