2 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
4 // Licensed under the Apache License, Version 2.0 (the License);
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
18 * @file FSec_PrivilegeManagerInfo.cpp
19 * @brief This is the implementation for the Privilege Information class.
22 #include <unique_ptr.h>
26 #include <FBaseSysLog.h>
27 #include <FBase_StringConverter.h>
28 #include <FBaseString.h>
29 #include <FAppPkg_PackageInfoImpl.h>
30 #include <FSecSecretKey.h>
31 #include <FSecCryptoAesCipher.h>
32 #include <FSecCryptoSha1Hmac.h>
33 #include <FSecCryptoSha1Hash.h>
34 #include <FBaseColArrayList.h>
35 #include <FBaseColHashMap.h>
36 #include <privilege_info.h>
38 #include "FSec_PrivilegeInfo.h"
40 using namespace Tizen::App;
41 using namespace Tizen::App::Package;
42 using namespace Tizen::Base;
43 using namespace Tizen::Base::Collection;
44 using namespace Tizen::Base::Utility;
45 using namespace Tizen::Security::Crypto;
46 using namespace Tizen::Text;
48 namespace Tizen { namespace Security
51 _PrivilegeInfo::_PrivilegeInfo(void)
53 memset(__bitwisePrivilege, 0, MAX_BITWISE_PRIV_SIZE);
58 _PrivilegeInfo::~_PrivilegeInfo(void)
60 __privilegeList.RemoveAll(true);
64 _PrivilegeInfo::Construct(const AppId& appId, const byte* pBitwisePrivilege, const ArrayList* pPrivilegeList)
68 SysTryReturnResult(NID_SEC, (pBitwisePrivilege != null), E_INVALID_ARG, "One of the argument is invalid.");
69 SysTryReturnResult(NID_SEC,
70 appId.GetLength() > 0 && appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG,
71 "One of the argument is invalid.");
73 // Set base length of privilege information to max
74 __bitwiseLength = MAX_BITWISE_PRIV_SIZE;
77 memcpy(__bitwisePrivilege, pBitwisePrivilege, __bitwiseLength);
80 std::unique_ptr<IEnumerator> pEnum(null);
81 r = __privilegeList.Construct(32, 0.75);
82 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
84 pEnum.reset(pPrivilegeList->GetEnumeratorN());
85 SysTryReturnResult(NID_SEC, pEnum != null, E_SYSTEM, "An unexpected system error occurred.");
87 while (pEnum->MoveNext() == E_SUCCESS)
89 int ret = PRVMGR_ERR_NONE;
90 char* pPrivilegeLevel = null;
91 std::unique_ptr<char[]> pPrivilegeId(null);
92 String* pTempString = static_cast< String* >(pEnum->GetCurrent());
94 pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(*pTempString));
95 SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
97 ret = privilege_info_get_external_privilege_level(static_cast<char*>(pPrivilegeId.get()), &pPrivilegeLevel);
98 SysTryReturnResult(NID_SEC, ret == PRVMGR_ERR_NONE, E_SYSTEM, "An unexpected system error occurred.");
100 __privilegeList.Add((new String(*pTempString)), (new String(pPrivilegeLevel)));
107 _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, const String& checksum, const ArrayList* pPrivilegeList)
109 result r = E_SUCCESS;
110 byte* pDecrytpedBitwisePrivilege = null;
112 std::unique_ptr<ByteBuffer> pBitwisePrivilege(null);
113 _PackageInfoImpl infoImpl;
115 SysTryReturnResult(NID_SEC,
116 appId.GetLength() > 0 && appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG,
117 "One of the argument is invalid.");
118 SysTryReturnResult(NID_SEC, encryptedPrivileges.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
119 SysTryReturnResult(NID_SEC, checksum.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
121 pBitwisePrivilege.reset(StringUtil::DecodeBase64StringN(encryptedPrivileges));
122 SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
124 pDecrytpedBitwisePrivilege = const_cast <byte*>(pBitwisePrivilege->GetPointer());
125 SysTryReturnResult(NID_SEC, pDecrytpedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
127 r = VerifyIntegrity(appId, pDecrytpedBitwisePrivilege, checksum, pBitwisePrivilege->GetLimit());
128 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_INVALID_ARG, "The checksum is abnormal.");
130 // Set base length of privilege information
131 __bitwiseLength = pBitwisePrivilege->GetLimit();
133 memcpy(__bitwisePrivilege, pDecrytpedBitwisePrivilege, __bitwiseLength);
136 r = infoImpl.Construct(appId);
137 if (r == E_APP_NOT_INSTALLED)
139 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The package information does not exist.");
140 return E_DATA_NOT_FOUND;
142 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
144 __apiVisibility = infoImpl.GetApiVisibility();
145 SysTryReturnResult(NID_SEC, __apiVisibility >= 0, E_SYSTEM, "An unexpected system error occurred.");
147 std::unique_ptr<IEnumerator> pEnum(null);
148 r = __privilegeList.Construct(32, 0.75);
149 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
151 pEnum.reset(pPrivilegeList->GetEnumeratorN());
152 SysTryReturnResult(NID_SEC, pEnum != null, E_SYSTEM, "An unexpected system error occurred.");
154 while (pEnum->MoveNext() == E_SUCCESS)
156 int ret = PRVMGR_ERR_NONE;
157 char* pPrivilegeLevel = null;
158 std::unique_ptr<char[]> pPrivilegeId(null);
159 String* pTempString = static_cast< String* >(pEnum->GetCurrent());
161 pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(*pTempString));
162 SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
164 ret = privilege_info_get_external_privilege_level(static_cast<char*>(pPrivilegeId.get()), &pPrivilegeLevel);
165 SysTryReturnResult(NID_SEC, ret == PRVMGR_ERR_NONE, E_SYSTEM, "An unexpected system error occurred.");
167 __privilegeList.Add((new String(*pTempString)), (new String(pPrivilegeLevel)));
174 _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, const String& checksum, const String& encryptedVisibiliity, const String& visibilityChecksum, const ArrayList* pPrivilegeList)
176 result r = E_SUCCESS;
177 byte* pDecrytpedBitwisePrivilege = null;
181 std::unique_ptr<ISecretKey> pKey(null);
182 std::unique_ptr<ByteBuffer> pEncryptedBitwisePrivilege(null);
183 std::unique_ptr<ByteBuffer> pBitwisePrivilege(null);
184 std::unique_ptr<ByteBuffer> pEncryptedVisibility(null);
185 std::unique_ptr<ByteBuffer> pVisibility(null);
187 _PackageInfoImpl infoImpl;
188 const byte ivector[_IV_LEN] =
190 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F,
191 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B
194 SysTryReturnResult(NID_SEC,
195 appId.GetLength() > 0 && appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG,
196 "One of the argument is invalid.");
197 SysTryReturnResult(NID_SEC, encryptedPrivileges.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
198 SysTryReturnResult(NID_SEC, checksum.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
200 pEncryptedBitwisePrivilege.reset(StringUtil::DecodeBase64StringN(encryptedPrivileges));
201 SysTryReturnResult(NID_SEC, pEncryptedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
203 pEncryptedVisibility.reset(StringUtil::DecodeBase64StringN(encryptedVisibiliity));
204 SysTryReturnResult(NID_SEC, pEncryptedVisibility != null, E_SYSTEM, "An unexpected system error occurred.");
206 r = ivByte.Construct(_IV_LEN);
207 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
209 r = ivByte.SetArray(ivector, 0, _IV_LEN);
210 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
213 r = cipherDec.Construct(L"CBC/128/PKCS7PADDING", CIPHER_DECRYPT);
214 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
216 pKey.reset(GetDeviceUniqueKeyN());
217 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
219 r = cipherDec.SetKey(*pKey.get());
220 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
222 r = cipherDec.SetInitialVector(ivByte);
223 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
225 pBitwisePrivilege.reset(cipherDec.DecryptN(*pEncryptedBitwisePrivilege.get()));
226 SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
228 pVisibility.reset(cipherDec.DecryptN(*pEncryptedVisibility.get()));
229 SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
231 pDecrytpedBitwisePrivilege = const_cast <byte*>(pBitwisePrivilege->GetPointer());
232 SysTryReturnResult(NID_SEC, pDecrytpedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
234 visibility = static_cast<int>(*(pVisibility->GetPointer()));
236 r = VerifyIntegrity(appId, pDecrytpedBitwisePrivilege, checksum, pBitwisePrivilege->GetLimit(), visibility, visibilityChecksum);
237 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_INVALID_ARG, "The checksum is abnormal.");
239 // Set base length of privilege information
240 __bitwiseLength = pBitwisePrivilege->GetLimit();
242 memcpy(__bitwisePrivilege, pDecrytpedBitwisePrivilege, __bitwiseLength);
245 __apiVisibility = visibility;
247 std::unique_ptr<IEnumerator> pEnum(null);
248 r = __privilegeList.Construct(32, 0.75);
249 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
251 pEnum.reset(pPrivilegeList->GetEnumeratorN());
252 SysTryReturnResult(NID_SEC, pEnum != null, E_SYSTEM, "An unexpected system error occurred.");
254 while (pEnum->MoveNext() == E_SUCCESS)
256 int ret = PRVMGR_ERR_NONE;
257 char* pPrivilegeLevel = null;
258 std::unique_ptr<char[]> pPrivilegeId(null);
259 String* pTempString = static_cast< String* >(pEnum->GetCurrent());
261 pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(*pTempString));
262 SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
264 ret = privilege_info_get_external_privilege_level(static_cast<char*>(pPrivilegeId.get()), &pPrivilegeLevel);
265 SysTryReturnResult(NID_SEC, ret == PRVMGR_ERR_NONE, E_SYSTEM, "An unexpected system error occurred.");
267 __privilegeList.Add((new String(*pTempString)), (new String(pPrivilegeLevel)));
275 _PrivilegeInfo::CloneN(void) const
277 _PrivilegeInfo* pPrivilegeInfo = null;
278 result r = E_SUCCESS;
282 pPrivilegeInfo = new (std::nothrow) _PrivilegeInfo();
283 SysTryReturn(NID_SEC, pPrivilegeInfo != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");
285 pPrivilegeInfo->__bitwiseLength = this->__bitwiseLength;
287 pPrivilegeInfo->__appId.Clear();
288 pPrivilegeInfo->__appId.Append(this->__appId);
289 memcpy(pPrivilegeInfo->__bitwisePrivilege, this->__bitwisePrivilege, pPrivilegeInfo->__bitwiseLength);
291 std::unique_ptr<IMapEnumerator> pEnum(null);
292 pEnum.reset(this->__privilegeList.GetMapEnumeratorN());
293 SysTryCatch(NID_SEC, pEnum != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
295 r = pPrivilegeInfo->__privilegeList.Construct(32, 0.75);
296 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
298 while (pEnum->MoveNext() == E_SUCCESS)
300 String* pTempString = static_cast< String* >(pEnum->GetKey());
301 String* pTempLevel = static_cast< String* >(pEnum->GetValue());
302 pPrivilegeInfo->__privilegeList.Add((new String(*pTempString)), (new String(*pTempLevel)));
305 pPrivilegeInfo->__apiVisibility = this->__apiVisibility;
306 return pPrivilegeInfo;
312 delete pPrivilegeInfo;
317 _PrivilegeInfo::Construct(const _PrivilegeInfo& privilegeInfo)
319 result r = E_SUCCESS;
321 SysTryReturnResult(NID_SEC, privilegeInfo.__appId.GetLength() > 0 && privilegeInfo.__appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG, "The argument is invalid.");
323 __bitwiseLength = privilegeInfo.__bitwiseLength;
325 __appId = privilegeInfo.__appId;
326 memcpy(__bitwisePrivilege, privilegeInfo.__bitwisePrivilege, __bitwiseLength);
328 __apiVisibility = privilegeInfo.__apiVisibility;
330 std::unique_ptr<IMapEnumerator> pEnum(null);
331 pEnum.reset(privilegeInfo.__privilegeList.GetMapEnumeratorN());
332 SysTryReturnResult(NID_SEC, pEnum != null, E_SYSTEM, "An unexpected system error occurred.");
334 r = __privilegeList.Construct(32, 0.75);
335 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
337 while (pEnum->MoveNext() == E_SUCCESS)
339 String* pTempString = static_cast< String* >(pEnum->GetKey());
340 String* pTempLevel = static_cast< String* >(pEnum->GetValue());
341 __privilegeList.Add((new String(*pTempString)), (new String(*pTempLevel)));
348 _PrivilegeInfo::GetAppId(void) const
354 _PrivilegeInfo::GetBitwisePrivilegeN(byte*& pBitwisePrivilege) const
356 byte* pReturn = null;
357 result r = E_SUCCESS;
359 pReturn = (byte*) malloc(sizeof(byte) * MAX_BITWISE_PRIV_SIZE);
360 SysTryReturnResult(NID_SEC, pReturn != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
361 memcpy(pReturn, __bitwisePrivilege, MAX_BITWISE_PRIV_SIZE);
363 pBitwisePrivilege = pReturn;
369 _PrivilegeInfo::GetEncryptedBitwise(String& encryptedPrivileges) const
371 result r = E_SUCCESS;
373 std::unique_ptr<ISecretKey> pKey(null);
374 std::unique_ptr<ByteBuffer> pEncryptedBitwisePrivilege(null);
375 std::unique_ptr<ByteBuffer> pBitwisePrivilege(null);
377 const byte ivector[_IV_LEN] = { 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B};
379 pBitwisePrivilege.reset(new (std::nothrow) ByteBuffer());
380 SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
382 r = pBitwisePrivilege->Construct(__bitwiseLength);
383 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
385 r = ivByte.Construct(_IV_LEN);
386 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
388 r = ivByte.SetArray(ivector, 0, _IV_LEN);
389 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
392 r = pBitwisePrivilege->SetArray(__bitwisePrivilege, 0, __bitwiseLength);
393 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
394 pBitwisePrivilege->Flip();
396 r = cipherEnc.Construct(L"CBC/128/PKCS7PADDING", CIPHER_ENCRYPT);
397 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
399 pKey.reset(GetDeviceUniqueKeyN());
400 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
402 r = cipherEnc.SetKey(*(pKey.get()));
403 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
405 r = cipherEnc.SetInitialVector(ivByte);
406 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
408 pEncryptedBitwisePrivilege.reset(cipherEnc.EncryptN(*(pBitwisePrivilege.get())));
409 SysTryReturnResult(NID_SEC, pEncryptedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
411 r = StringUtil::EncodeToBase64String(*(pEncryptedBitwisePrivilege.get()), encryptedPrivileges);
412 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
418 _PrivilegeInfo::GetChecksum(String& checksum) const
420 result r = E_SUCCESS;
421 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
425 std::unique_ptr<ISecretKey> pKey(null);
426 std::unique_ptr<IHmac> pHmac(null);
427 std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
428 std::unique_ptr<char[]> pAppId(null);
430 pAppId.reset(_StringConverter::CopyToCharArrayN(__appId));
431 SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
433 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
434 memcpy(tempChecksumString + MAX_APP_ID_SIZE, __bitwisePrivilege, __bitwiseLength);
438 r = input.Construct(MAX_APP_ID_SIZE + __bitwiseLength);
439 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
441 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + __bitwiseLength);
442 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
445 pHmac.reset(new (std::nothrow) Sha1Hmac());
446 SysTryReturnResult(NID_SEC, pHmac != null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
448 pKey.reset(GetDeviceUniqueKeyN());
449 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
451 r = pHmac->SetKey(*(pKey.get()));
452 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
454 pChecksumByteBuffer.reset(pHmac->GetHmacN(input));
455 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
457 r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), checksum);
458 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
464 _PrivilegeInfo::HasPrivilege(_Privilege privilege) const
467 int targetIndex = static_cast< int >(privilege) / _BITS_IN_BYTE;
468 byte privilegeBit = (byte) (static_cast< int >(privilege) % _BITS_IN_BYTE);
469 byte bitwiseTargetPrivilege = 0;
470 byte tempBitwisePrivilege = 0;
472 if (__apiVisibility != _API_VISIBILITY_NONE) // To be removed
474 if (visibilityLevelListTable[privilege] > __apiVisibility)
476 SysLog(NID_SEC, "Result : FALSE [Visibility]");
481 bitwiseTargetPrivilege = bitwiseTargetPrivilege | (1 << privilegeBit);
482 tempBitwisePrivilege = __bitwisePrivilege[targetIndex] & bitwiseTargetPrivilege;
484 if (bitwiseTargetPrivilege == tempBitwisePrivilege)
486 SysLog(NID_SEC, "Result : TRUE");
491 SysLogException(NID_SEC, E_PRIVILEGE_DENIED, "Result : FALSE [%ls, %ls]", __appId.GetPointer(), privilegeListTable[privilege].privilegeString);
498 _PrivilegeInfo::HasPrivilegeEx(_Privilege privilege) const
501 int targetIndex = static_cast< int >(privilege) / _BITS_IN_BYTE;
502 byte privilegeBit = (byte) (static_cast< int >(privilege) % _BITS_IN_BYTE);
503 byte bitwiseTargetPrivilege = 0;
504 byte tempBitwisePrivilege = 0;
506 if (__apiVisibility != _API_VISIBILITY_NONE) // To be removed
508 if (visibilityLevelListTable[privilege] > __apiVisibility)
514 bitwiseTargetPrivilege = bitwiseTargetPrivilege | (1 << privilegeBit);
515 tempBitwisePrivilege = __bitwisePrivilege[targetIndex] & bitwiseTargetPrivilege;
517 if (bitwiseTargetPrivilege == tempBitwisePrivilege)
519 SysLog(NID_SEC, "Result : TRUE");
527 _PrivilegeInfo::HasPrivilege(const String& privilege) const
530 bool validStringFlag = false;
531 int privilegeEnum = -1;
534 String privilegeURI = L"http://tizen.org/privilege/";
535 String privilegeSubString;
536 String privilegeSubStringURI;
537 privilege.SubString(0, privilegeURI.GetLength(), privilegeSubStringURI);
539 if (privilegeSubStringURI.Equals(privilegeURI, true))
541 privilege.SubString(privilegeURI.GetLength(), privilege.GetLength() - privilegeURI.GetLength(), privilegeSubString);
542 for (index = 0; index < _MAX_PRIVILEGE_ENUM; index++)
544 if (wcscmp(privilegeListTable[index].privilegeString, privilegeSubString.GetPointer()) == 0)
546 validStringFlag = true;
547 privilegeEnum = index;
555 ret = HasPrivilege(privilegeListTable[index].privilege);
559 ret = __privilegeList.ContainsKey(privilege);
562 if (__apiVisibility != _API_VISIBILITY_NONE) // To be removed
564 const String* pPrivilegeLevel = static_cast< const String* >(__privilegeList.GetValue(privilege));
565 SysTryReturn(NID_SEC, pPrivilegeLevel != null, E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
567 int privilegeLevel = GetPrivilegeLevel(*pPrivilegeLevel);
568 if (privilegeLevel > __apiVisibility)
570 SysLog(NID_SEC, "Result : FALSE [Visibility]");
575 SysLog(NID_SEC, "Result : TRUE");
579 SysLogException(NID_SEC, E_PRIVILEGE_DENIED, "Result : FALSE [%ls, %ls]", __appId.GetPointer(), privilege.GetPointer());
587 _PrivilegeInfo::VerifyIntegrity(const AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length)
589 result r = E_SUCCESS;
590 bool verifyResult = false;
591 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
592 String base64EncodedChecksum;
594 std::unique_ptr<IHash> pHash(null);
595 std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
596 std::unique_ptr<char[]> pAppId(null);
598 SysTryReturnResult(NID_SEC, length <= MAX_BITWISE_PRIV_SIZE, E_INVALID_ARG, "The privilege information of %ls is invalid.", appId.GetPointer());
600 pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
601 SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
603 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
604 memcpy(tempChecksumString + MAX_APP_ID_SIZE, targetBitwisePrivilege, length);
608 r = input.Construct(MAX_APP_ID_SIZE + length);
609 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
611 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + length);
612 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
615 pHash.reset(new (std::nothrow) Sha1Hash());
616 SysTryReturnResult(NID_SEC, pHash != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
618 pChecksumByteBuffer.reset(pHash->GetHashN(input));
619 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
621 r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), base64EncodedChecksum);
622 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
624 verifyResult = storedChecksum.Equals(base64EncodedChecksum, true);
625 if (verifyResult != true)
634 _PrivilegeInfo::VerifyIntegrityEx(const AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length)
636 result r = E_SUCCESS;
637 bool verifyResult = false;
638 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
639 String base64EncodedChecksum;
642 std::unique_ptr<IHmac> pHmac(null);
643 std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
644 std::unique_ptr<ISecretKey> pKey(null);
645 std::unique_ptr<char[]> pAppId(null);
647 SysTryReturnResult(NID_SEC, length <= MAX_BITWISE_PRIV_SIZE, E_INVALID_ARG, "The privilege information of [%ls] is invalid.", appId.GetPointer());
649 pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
650 SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
652 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
653 memcpy(tempChecksumString + MAX_APP_ID_SIZE, targetBitwisePrivilege, length);
657 r = input.Construct(MAX_APP_ID_SIZE + length);
658 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
660 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + length);
661 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
664 pHmac.reset(new (std::nothrow) Sha1Hmac());
665 SysTryReturnResult(NID_SEC, pHmac != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
667 pKey.reset(GetDeviceUniqueKeyN());
668 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
670 r = pHmac->SetKey(*(pKey.get()));
671 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
673 pChecksumByteBuffer.reset(pHmac->GetHmacN(input));
674 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
676 r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), base64EncodedChecksum);
677 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
679 verifyResult = storedChecksum.Equals(base64EncodedChecksum, true);
680 if (verifyResult != true)
689 _PrivilegeInfo::VerifyIntegrity(const AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length, int visibility, const Tizen::Base::String& storedVisibilityChecksum)
691 result r = E_SUCCESS;
692 bool verifyResult = false;
693 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
694 byte tempVisibilityChecksumString[sizeof(int) + MAX_APP_ID_SIZE];
695 String base64EncodedChecksum;
696 String base64EncodedVisibilityChecksum;
699 ByteBuffer visibilityInput;
700 std::unique_ptr<IHmac> pHmac(null);
701 std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
702 std::unique_ptr<ByteBuffer> pVisibilityChecksumByteBuffer(null);
703 std::unique_ptr<ISecretKey> pKey(null);
704 std::unique_ptr<char[]> pAppId(null);
706 SysTryReturnResult(NID_SEC, length <= MAX_BITWISE_PRIV_SIZE, E_INVALID_ARG, "The privilege information of [%ls] is invalid.", appId.GetPointer());
708 pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
709 SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
711 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
712 memcpy(tempChecksumString + MAX_APP_ID_SIZE, targetBitwisePrivilege, length);
714 memcpy(tempVisibilityChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
715 memcpy(tempVisibilityChecksumString + MAX_APP_ID_SIZE, (byte*)(&visibility), sizeof(int));
719 r = input.Construct(MAX_APP_ID_SIZE + length);
720 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
722 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + length);
723 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
726 r = visibilityInput.Construct(MAX_APP_ID_SIZE + sizeof(int));
727 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
729 r = visibilityInput.SetArray(tempVisibilityChecksumString, 0, MAX_APP_ID_SIZE + sizeof(int));
730 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
731 visibilityInput.Flip();
733 pHmac.reset(new (std::nothrow) Sha1Hmac());
734 SysTryReturnResult(NID_SEC, pHmac != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
736 pKey.reset(GetDeviceUniqueKeyN());
737 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
739 r = pHmac->SetKey(*(pKey.get()));
740 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
742 pChecksumByteBuffer.reset(pHmac->GetHmacN(input));
743 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
745 r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), base64EncodedChecksum);
746 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
748 verifyResult = storedChecksum.Equals(base64EncodedChecksum, true);
749 if (verifyResult != true)
754 pVisibilityChecksumByteBuffer.reset(pHmac->GetHmacN(visibilityInput));
755 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
757 r = StringUtil::EncodeToBase64String(*(pVisibilityChecksumByteBuffer.get()), base64EncodedVisibilityChecksum);
758 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
760 verifyResult = storedVisibilityChecksum.Equals(base64EncodedVisibilityChecksum, true);
761 if (verifyResult != true)
770 _PrivilegeInfo::GetDeviceUniqueKeyN(void)
772 result r = E_SUCCESS;
773 ByteBuffer* pTempValue = null;
774 ISecretKey* pKey = null;
776 char uniqueInfo[_INFO_LEN] =
778 0x09, 0x25, 0x19, 0x87, 0xBF, 0x02, 0x14, 0x19,
779 0x88, 0xDD, 0x12, 0x30, 0x19, 0x86, 0xAD, 0xED
782 char* pUniqueKey = null;
783 pUniqueKey = GetDeviceUniqueKey(uniqueInfo, _INFO_LEN, _KEY_LEN);
784 SysTryCatch(NID_SEC, pUniqueKey != null, , E_SYSTEM, "[E_SYSTEM] Failed to generate the unique key.");
786 pTempValue = new (std::nothrow) ByteBuffer();
787 SysTryCatch(NID_SEC, pTempValue != null, , E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
789 r = pTempValue->Construct(_KEY_LEN);
790 SysTryCatch(NID_SEC, r == E_SUCCESS, , r, "[%s] Failed to generate device unique key.", GetErrorMessage(r));
792 r = pTempValue->SetArray(reinterpret_cast <byte*>(pUniqueKey), 0, _KEY_LEN);
793 SysTryCatch(NID_SEC, r == E_SUCCESS, , r, "[%s] Failed to generate device unique key.", GetErrorMessage(r));
797 pKey = new (std::nothrow) SecretKey();
798 SysTryCatch(NID_SEC, pKey != null, , E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
800 r = pKey->SetKey(*pTempValue);
801 SysTryCatch(NID_SEC, r == E_SUCCESS, , r, "[%s] Failed to generate device unique key.", GetErrorMessage(r));
803 if (pUniqueKey != null)
812 if (pUniqueKey != null)
823 _PrivilegeInfo::GetPrivilegeLevel(const String& privilegeLevel)
825 if(privilegeLevel.Equals(String(L"platform"), true))
827 return _API_VISIBILITY_PLATFORM;
829 else if(privilegeLevel.Equals(String(L"partner"), true))
831 return _API_VISIBILITY_PARTNER;
834 return _API_VISIBILITY_PUBLIC;