2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
18 * @file PrivilegeHandler.cpp
19 * @brief This is the implementation for the PrivilegeHandler class.
24 #include <FBaseString.h>
26 #include <FSecCryptoAesCipher.h>
27 #include <FSecCryptoSha1Hash.h>
28 #include <FBase_StringConverter.h>
29 #include <FBaseInternalTypes.h>
30 #include <FSec_AccessControlTypes.h>
31 #include <FIoDatabase.h>
32 #include <FIoDbEnumerator.h>
34 #include "InstallerDefs.h"
35 #include "PrivilegeHandler.h"
36 #include "InstallerUtil.h"
38 using namespace Tizen::App;
39 using namespace Tizen::Base;
40 using namespace Tizen::Base::Collection;
41 using namespace Tizen::Base::Utility;
42 using namespace Tizen::Security;
43 using namespace Tizen::Security::Crypto;
44 using namespace Tizen::Text;
45 using namespace Tizen::Io;
49 PrivilegeHandler::PickExternalPrivilege(const IList& fullPrivilegeList, IList& normalPrivilegeList, IList& externalPrivilegeList)
52 String externalPrivilege;
53 ArrayList privilegeList;
55 DbEnumerator* pDbEnum;
57 r = privilegeDb.Construct(EXTERNAL_PRIVILEGE_DB_NAME, "r");
58 TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, r, r, "[%s] Propagating.", GetErrorMessage(r));
61 pDbEnum = privilegeDb.QueryN(L"SELECT PRIVILEGE_ID FROM PrivilegeInfo");
62 TryReturnResultTag(OSP_INSTALLER, pDbEnum != null, E_DATABASE, E_DATABASE, "[E_DATABASE] Privilege database error.");
64 AppLog("------------------------------------------");
65 AppLog("External Privilege");
66 AppLog("------------------------------------------");
68 while (pDbEnum->MoveNext() == E_SUCCESS)
70 r = pDbEnum->GetStringAt(0, externalPrivilege);
71 TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, E_DATABASE, E_DATABASE, "[E_DATABASE] Privilege database error.");
73 AppLog("%ls", externalPrivilege.GetPointer());
74 privilegeList.Add(new String(externalPrivilege));
78 IEnumerator* pEnum = fullPrivilegeList.GetEnumeratorN();
79 while(pEnum->MoveNext() == E_SUCCESS)
81 String* tempString = static_cast<String*>(pEnum->GetCurrent());
83 if (privilegeList.Contains(*tempString))
85 externalPrivilegeList.Add(new String(*tempString));
89 normalPrivilegeList.Add(new String(*tempString));
94 privilegeList.RemoveAll(true);
99 PrivilegeHandler::GenerateCipherPrivilege(const AppId& appId, const IList& privilegeList, String& encryptedPrivileges, String& checksum, IList& stringPrivilegeList)
101 result r = E_SUCCESS;
102 byte* pBitwisePrivilege = null;
104 ArrayList normalPrivilegeList;
106 encryptedPrivileges.Clear();
108 normalPrivilegeList.Construct();
110 count = privilegeList.GetCount();
116 r = PickExternalPrivilege(privilegeList, normalPrivilegeList, stringPrivilegeList);
119 pBitwisePrivilege = PackPrivilegeN(normalPrivilegeList);
120 TryReturnResultTag(OSP_INSTALLER, pBitwisePrivilege != null, GetLastResult(), GetLastResult(), "[%s] Propagating.", GetErrorMessage(GetLastResult()));
124 AppLog("Working with normal PrivilegeDb.");
125 pBitwisePrivilege = PackPrivilegeN(privilegeList);
126 TryReturnResultTag(OSP_INSTALLER, pBitwisePrivilege != null, GetLastResult(), GetLastResult(), "[%s] Propagating.", GetErrorMessage(GetLastResult()));
129 r = GetEncryptedBitwise(pBitwisePrivilege, encryptedPrivileges);
130 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
132 r = GetChecksum(appId, pBitwisePrivilege, checksum);
133 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
139 if (pBitwisePrivilege)
141 free(pBitwisePrivilege);
144 normalPrivilegeList.RemoveAll(true);
149 PrivilegeHandler::GenerateCipherPrivilege(const AppId& appId, const IList& privilegeList, int visibilityLevel, String& encryptedPrivileges, String& checksum, IList& stringPrivilegeList)
151 result r = E_SUCCESS;
152 byte* pBitwisePrivilege = null;
154 ArrayList normalPrivilegeList;
156 encryptedPrivileges.Clear();
158 normalPrivilegeList.Construct();
160 count = privilegeList.GetCount();
166 r = PickExternalPrivilege(privilegeList, normalPrivilegeList, stringPrivilegeList);
169 r = PackPrivilegeN(normalPrivilegeList, visibilityLevel, &pBitwisePrivilege);
170 TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, r, r, "[%s] Propagating.", GetErrorMessage(r));
174 AppLog("Working with normal PrivilegeDb.");
175 r = PackPrivilegeN(privilegeList, visibilityLevel, &pBitwisePrivilege);
176 TryReturnResultTag(OSP_INSTALLER, r == E_SUCCESS, r, r, "[%s] Propagating.", GetErrorMessage(r));
179 r = GetEncryptedBitwise(pBitwisePrivilege, encryptedPrivileges);
180 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
182 r = GetChecksum(appId, pBitwisePrivilege, checksum);
183 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
189 if (pBitwisePrivilege)
191 free(pBitwisePrivilege);
194 normalPrivilegeList.RemoveAll(true);
199 PrivilegeHandler::PackPrivilegeN(const IList& privilegeList)
201 result r = E_SUCCESS;
203 int privilegeEnum = 0;
205 bool validStringFlag = false;
206 bool resultFlag = true;
207 byte privilegeBit = 0;
208 byte* pResult = null;
209 byte* pBitwisePrivilege = null;
210 IEnumerator* pEnum = null;
214 pResult = (byte*) malloc(sizeof(byte) * MAX_BITWISE_PRIV_SIZE);
215 TryReturnResultTag(OSP_INSTALLER, pResult != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");
217 memset(pResult, 0, MAX_BITWISE_PRIV_SIZE);
219 pEnum = privilegeList.GetEnumeratorN();
220 TryCatch(pEnum != null, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
222 while (pEnum->MoveNext() == E_SUCCESS)
224 validStringFlag = false;
225 String privilegeURI = L"http://tizen.org/privilege/";
227 String* pTempString = (String*) pEnum->GetCurrent();
229 if ((pTempString->GetLength()) < (privilegeURI.GetLength()))
231 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string (Length error): [%ls]", pTempString->GetPointer());
237 pTempString->SubString(0, privilegeURI.GetLength(), uriString);
239 if (!(uriString.Equals(privilegeURI, true)))
241 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string (URI error): [%ls]", pTempString->GetPointer());
246 String privilegeString;
247 pTempString->SubString(privilegeURI.GetLength(), pTempString->GetLength()-privilegeURI.GetLength(), privilegeString);
249 for (index = 0; index < _MAX_PRIVILEGE_ENUM; index++)
251 if (wcscmp(privilegeListTable[index].privilegeString, privilegeString.GetPointer()) == 0)
253 validStringFlag = true;
254 privilegeEnum = static_cast< int >(privilegeListTable[index].privilege);
256 position = privilegeEnum / _BITS_IN_BYTE;
257 privilegeBit = (byte) (privilegeEnum % _BITS_IN_BYTE);
258 pResult[position] = pResult[position] | (1 << privilegeBit);
263 if (validStringFlag == false)
265 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string: [%ls]", pTempString->GetPointer());
270 TryCatchTag(OSP_INSTALLER, resultFlag == true, r = E_INVALID_ARG, "[E_INVALID_ARG] One of privilege string is invalid.");
272 pBitwisePrivilege = pResult;
276 return pBitwisePrivilege;
289 PrivilegeHandler::PackPrivilegeN(const IList& privilegeList, int visibilityLevel, byte** ppBitwisePrivilege)
291 result r = E_SUCCESS;
293 int privilegeEnum = 0;
295 bool validStringFlag = false;
296 bool validLevelFlag = true;
297 bool resultFlag = true;
298 bool resultLevelFlag = true;
299 byte privilegeBit = 0;
300 byte* pResult = null;
301 IEnumerator* pEnum = null;
305 pResult = (byte*) malloc(sizeof(byte) * MAX_BITWISE_PRIV_SIZE);
306 TryReturnResultTag(OSP_INSTALLER, pResult != null, E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");
308 memset(pResult, 0, MAX_BITWISE_PRIV_SIZE);
310 pEnum = privilegeList.GetEnumeratorN();
311 TryCatchTag(OSP_INSTALLER, pEnum != null, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
313 while (pEnum->MoveNext() == E_SUCCESS)
315 validStringFlag = false;
316 validLevelFlag = true;
318 String privilegeURI = L"http://tizen.org/privilege/";
320 String* pTempString = (String*) pEnum->GetCurrent();
322 if ((pTempString->GetLength()) < (privilegeURI.GetLength()))
324 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string (Length error): [%ls]", pTempString->GetPointer());
330 pTempString->SubString(0, privilegeURI.GetLength(), uriString);
332 if (!(uriString.Equals(privilegeURI, true)))
334 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string (URI error): [%ls]", pTempString->GetPointer());
339 String privilegeString;
340 pTempString->SubString(privilegeURI.GetLength(), pTempString->GetLength()-privilegeURI.GetLength(), privilegeString);
342 for (index = 0; index < _MAX_PRIVILEGE_ENUM; index++)
344 if (wcscmp(privilegeListTable[index].privilegeString, privilegeString.GetPointer()) == 0)
346 validStringFlag = true;
347 privilegeEnum = static_cast< int >(privilegeListTable[index].privilege);
349 if (visibilityLevel != _API_VISIBILITY_NONE)
351 if (visibilityLevelListTable[privilegeEnum][_PRV_API_VER_2_0] > visibilityLevel)
353 validLevelFlag = false;
358 position = privilegeEnum / _BITS_IN_BYTE;
359 privilegeBit = (byte) (privilegeEnum % _BITS_IN_BYTE);
360 pResult[position] = pResult[position] | (1 << privilegeBit);
365 if (validStringFlag == false)
367 AppLogExceptionTag(OSP_INSTALLER, "[E_INVALID_ARG] Invalid privilege string: [%ls]", pTempString->GetPointer());
371 if (validLevelFlag == false)
373 AppLogExceptionTag(OSP_INSTALLER, "[E_ILLEGAL_ACCESS] The application does not have the privilege level to register [%ls]", pTempString->GetPointer());
374 resultLevelFlag = false;
378 TryCatchTag(OSP_INSTALLER, resultLevelFlag == true, r = E_ILLEGAL_ACCESS, "[E_ILLEGAL_ACCESS] Unauthorized privileges are detected.");
379 TryCatchTag(OSP_INSTALLER, resultFlag == true, r = E_INVALID_ARG, "[E_INVALID_ARG] Unsupported privilege strings are detected.");
381 *ppBitwisePrivilege = pResult;
397 PrivilegeHandler::GetEncryptedBitwise(byte* pBitwisePrivilege, String& encryptedPrivileges)
399 result r = E_SUCCESS;
400 ByteBuffer* pTempBitwisePrivilege = null;
402 pTempBitwisePrivilege = new (std::nothrow) ByteBuffer();
403 TryReturnResultTag(OSP_INSTALLER, pTempBitwisePrivilege != null, E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
405 r = pTempBitwisePrivilege->Construct(MAX_BITWISE_PRIV_SIZE);
406 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
408 r = pTempBitwisePrivilege->SetArray(pBitwisePrivilege, 0, MAX_BITWISE_PRIV_SIZE);
409 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
410 pTempBitwisePrivilege->Flip();
412 r = StringUtil::EncodeToBase64String(*pTempBitwisePrivilege, encryptedPrivileges);
413 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
419 delete pTempBitwisePrivilege;
425 PrivilegeHandler::GetChecksum(AppId appId, byte* pBitwisePrivilege, String& checksum)
427 result r = E_SUCCESS;
428 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
432 ByteBuffer* pChecksumByteBuffer = null;
434 std::unique_ptr<char[]> pAppId(null);
435 pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
436 TryCatchTag(OSP_INSTALLER, pAppId != null, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
438 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
439 memcpy(tempChecksumString + MAX_APP_ID_SIZE, pBitwisePrivilege, MAX_BITWISE_PRIV_SIZE);
441 r = input.Construct(MAX_APP_ID_SIZE + MAX_BITWISE_PRIV_SIZE);
442 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
444 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + MAX_BITWISE_PRIV_SIZE);
445 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
448 pHash = new (std::nothrow) Sha1Hash();
449 TryCatchTag(OSP_INSTALLER, pHash != null, r = E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
451 pChecksumByteBuffer = pHash->GetHashN(input);
452 TryCatchTag(OSP_INSTALLER, pChecksumByteBuffer != null, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
454 r = StringUtil::EncodeToBase64String(*pChecksumByteBuffer, checksum);
455 TryCatchTag(OSP_INSTALLER, r == E_SUCCESS, r = E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
462 delete pChecksumByteBuffer;