2 // Open Service Platform
3 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 * @file FSec_PrivilegeManagerInfo.cpp
20 * @brief This is the implementation for the Privilege Information class.
23 #include <unique_ptr.h>
25 #include <FBaseSysLog.h>
26 #include <FBase_StringConverter.h>
27 #include <FBaseString.h>
28 #include <FAppPkg_PackageInfoImpl.h>
29 #include <FSecCryptoAesCipher.h>
30 #include <FSecCryptoSha1Hmac.h>
31 #include <FSecCryptoSha1Hash.h>
33 #include "FSec_DeviceKeyGenerator.h"
34 #include "FSec_PrivilegeInfo.h"
36 using namespace Tizen::App;
37 using namespace Tizen::App::Package;
38 using namespace Tizen::Base;
39 using namespace Tizen::Base::Utility;
40 using namespace Tizen::Security::Crypto;
41 using namespace Tizen::Text;
43 namespace Tizen { namespace Security
46 _PrivilegeInfo::_PrivilegeInfo(void)
48 memset(__bitwisePrivilege, 0, MAX_BITWISE_PRIV_SIZE);
53 _PrivilegeInfo::~_PrivilegeInfo(void)
59 _PrivilegeInfo::Construct(const AppId& appId, const byte* pBitwisePrivilege)
63 SysTryReturnResult(NID_SEC, (pBitwisePrivilege != null), E_INVALID_ARG, "One of the argument is invalid.");
64 SysTryReturnResult(NID_SEC,
65 appId.GetLength() > 0 && appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG,
66 "One of the argument is invalid.");
68 // Set base length of privilege information to max
69 __bitwiseLength = MAX_BITWISE_PRIV_SIZE;
72 memcpy(__bitwisePrivilege, pBitwisePrivilege, __bitwiseLength);
78 _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, const String& checksum)
81 byte* pDecrytpedBitwisePrivilege = null;
83 std::unique_ptr<ByteBuffer> pBitwisePrivilege(null);
84 _PackageInfoImpl infoImpl;
86 SysLog(NID_SEC, "Enter.");
88 SysTryReturnResult(NID_SEC,
89 appId.GetLength() > 0 && appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG,
90 "One of the argument is invalid.");
91 SysTryReturnResult(NID_SEC, encryptedPrivileges.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
92 SysTryReturnResult(NID_SEC, checksum.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
94 pBitwisePrivilege.reset(StringUtil::DecodeBase64StringN(encryptedPrivileges));
95 SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
97 pDecrytpedBitwisePrivilege = const_cast <byte*>(pBitwisePrivilege->GetPointer());
98 SysTryReturnResult(NID_SEC, pDecrytpedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
100 r = VerifyIntegrity(appId, pDecrytpedBitwisePrivilege, checksum, pBitwisePrivilege->GetLimit());
101 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_INVALID_ARG, "The checksum is abnormal.");
103 // Set base length of privilege information
104 __bitwiseLength = pBitwisePrivilege->GetLimit();
106 memcpy(__bitwisePrivilege, pDecrytpedBitwisePrivilege, __bitwiseLength);
109 r = infoImpl.Construct(appId);
110 if (r == E_APP_NOT_INSTALLED)
112 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The package information does not exist.");
113 return E_DATA_NOT_FOUND;
115 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
117 __apiVisibility = infoImpl.GetApiVisibility();
118 SysTryReturnResult(NID_SEC, __apiVisibility >= 0, E_SYSTEM, "An unexpected system error occurred.");
120 SysLog(NID_SEC, "Exit.");
125 _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, const String& checksum, const String& encryptedVisibiliity, const String& visibilityChecksum)
127 result r = E_SUCCESS;
128 byte* pDecrytpedBitwisePrivilege = null;
132 std::unique_ptr<ISecretKey> pKey(null);
133 std::unique_ptr<ByteBuffer> pEncryptedBitwisePrivilege(null);
134 std::unique_ptr<ByteBuffer> pBitwisePrivilege(null);
135 std::unique_ptr<ByteBuffer> pEncryptedVisibility(null);
136 std::unique_ptr<ByteBuffer> pVisibility(null);
138 _PackageInfoImpl infoImpl;
139 const byte ivector[_IV_LEN] =
141 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F,
142 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B
145 SysLog(NID_SEC, "Enter.");
147 SysTryReturnResult(NID_SEC,
148 appId.GetLength() > 0 && appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG,
149 "One of the argument is invalid.");
150 SysTryReturnResult(NID_SEC, encryptedPrivileges.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
151 SysTryReturnResult(NID_SEC, checksum.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
153 pEncryptedBitwisePrivilege.reset(StringUtil::DecodeBase64StringN(encryptedPrivileges));
154 SysTryReturnResult(NID_SEC, pEncryptedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
156 pEncryptedVisibility.reset(StringUtil::DecodeBase64StringN(encryptedVisibiliity));
157 SysTryReturnResult(NID_SEC, pEncryptedVisibility != null, E_SYSTEM, "An unexpected system error occurred.");
159 r = ivByte.Construct(_IV_LEN);
160 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
162 r = ivByte.SetArray(ivector, 0, _IV_LEN);
163 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
166 r = cipherDec.Construct(L"CBC/128/PKCS7PADDING", CIPHER_DECRYPT);
167 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
169 pKey.reset(_DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN));
170 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
172 r = cipherDec.SetKey(*pKey.get());
173 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
175 r = cipherDec.SetInitialVector(ivByte);
176 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
178 pBitwisePrivilege.reset(cipherDec.DecryptN(*pEncryptedBitwisePrivilege.get()));
179 SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
181 pVisibility.reset(cipherDec.DecryptN(*pEncryptedVisibility.get()));
182 SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
184 pDecrytpedBitwisePrivilege = const_cast <byte*>(pBitwisePrivilege->GetPointer());
185 SysTryReturnResult(NID_SEC, pDecrytpedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
187 visibility = static_cast<int>(*(pVisibility->GetPointer()));
189 r = VerifyIntegrity(appId, pDecrytpedBitwisePrivilege, checksum, pBitwisePrivilege->GetLimit(), visibility, visibilityChecksum);
190 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_INVALID_ARG, "The checksum is abnormal.");
192 // Set base length of privilege information
193 __bitwiseLength = pBitwisePrivilege->GetLimit();
195 memcpy(__bitwisePrivilege, pDecrytpedBitwisePrivilege, __bitwiseLength);
198 __apiVisibility = visibility;
200 SysLog(NID_SEC, "Exit.");
205 _PrivilegeInfo::CloneN(void) const
207 _PrivilegeInfo* pPrivilegeInfo = null;
211 pPrivilegeInfo = new (std::nothrow) _PrivilegeInfo();
212 SysTryReturn(NID_SEC, pPrivilegeInfo != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");
214 pPrivilegeInfo->__bitwiseLength = this->__bitwiseLength;
216 pPrivilegeInfo->__appId.Clear();
217 pPrivilegeInfo->__appId.Append(this->__appId);
218 memcpy(pPrivilegeInfo->__bitwisePrivilege, this->__bitwisePrivilege, pPrivilegeInfo->__bitwiseLength);
220 return pPrivilegeInfo;
224 _PrivilegeInfo::Construct(const _PrivilegeInfo& privilegeInfo)
226 result r = E_SUCCESS;
228 SysTryReturnResult(NID_SEC, privilegeInfo.__appId.GetLength() > 0 && privilegeInfo.__appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG, "The argument is invalid.");
230 __bitwiseLength = privilegeInfo.__bitwiseLength;
232 __appId = privilegeInfo.__appId;
233 memcpy(__bitwisePrivilege, privilegeInfo.__bitwisePrivilege, __bitwiseLength);
235 __apiVisibility = privilegeInfo.__apiVisibility;
241 _PrivilegeInfo::GetAppId(void) const
247 _PrivilegeInfo::GetBitwisePrivilegeN(byte*& pBitwisePrivilege) const
249 byte* pReturn = null;
250 result r = E_SUCCESS;
252 SysLog(NID_SEC, "Enter.");
254 pReturn = (byte*) malloc(sizeof(byte) * MAX_BITWISE_PRIV_SIZE);
255 SysTryReturnResult(NID_SEC, pReturn != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
256 memcpy(pReturn, __bitwisePrivilege, MAX_BITWISE_PRIV_SIZE);
258 pBitwisePrivilege = pReturn;
260 SysLog(NID_SEC, "Exit.");
265 _PrivilegeInfo::GetEncryptedBitwise(String& encryptedPrivileges) const
267 result r = E_SUCCESS;
269 std::unique_ptr<ISecretKey> pKey(null);
270 std::unique_ptr<ByteBuffer> pEncryptedBitwisePrivilege(null);
271 std::unique_ptr<ByteBuffer> pBitwisePrivilege(null);
273 const byte ivector[_IV_LEN] = { 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B};
275 SysLog(NID_SEC, "Enter.");
277 pBitwisePrivilege.reset(new (std::nothrow) ByteBuffer());
278 SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
280 r = pBitwisePrivilege->Construct(__bitwiseLength);
281 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
283 r = ivByte.Construct(_IV_LEN);
284 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
286 r = ivByte.SetArray(ivector, 0, _IV_LEN);
287 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
290 r = pBitwisePrivilege->SetArray(__bitwisePrivilege, 0, __bitwiseLength);
291 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
292 pBitwisePrivilege->Flip();
294 r = cipherEnc.Construct(L"CBC/128/PKCS7PADDING", CIPHER_ENCRYPT);
295 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
297 pKey.reset(_DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN));
298 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
300 r = cipherEnc.SetKey(*(pKey.get()));
301 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
303 r = cipherEnc.SetInitialVector(ivByte);
304 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
306 pEncryptedBitwisePrivilege.reset(cipherEnc.EncryptN(*(pBitwisePrivilege.get())));
307 SysTryReturnResult(NID_SEC, pEncryptedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
309 r = StringUtil::EncodeToBase64String(*(pEncryptedBitwisePrivilege.get()), encryptedPrivileges);
310 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
312 SysLog(NID_SEC, "Exit.");
317 _PrivilegeInfo::GetChecksum(String& checksum) const
319 result r = E_SUCCESS;
320 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
324 std::unique_ptr<ISecretKey> pKey(null);
325 std::unique_ptr<IHmac> pHmac(null);
326 std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
327 std::unique_ptr<char> pAppId(null);
329 pAppId.reset(_StringConverter::CopyToCharArrayN(__appId));
330 SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
332 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
333 memcpy(tempChecksumString + MAX_APP_ID_SIZE, __bitwisePrivilege, __bitwiseLength);
337 r = input.Construct(MAX_APP_ID_SIZE + __bitwiseLength);
338 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
340 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + __bitwiseLength);
341 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
344 pHmac.reset(new (std::nothrow) Sha1Hmac());
345 SysTryReturnResult(NID_SEC, pHmac != null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
347 pKey.reset(_DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN));
348 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
350 r = pHmac->SetKey(*(pKey.get()));
351 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
353 pChecksumByteBuffer.reset(pHmac->GetHmacN(input));
354 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
356 r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), checksum);
357 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
363 _PrivilegeInfo::HasPrivilege(_Privilege privilege) const
366 int targetIndex = static_cast< int >(privilege) / _BITS_IN_BYTE;
367 byte privilegeBit = (byte) (static_cast< int >(privilege) % _BITS_IN_BYTE);
368 byte bitwiseTargetPrivilege = 0;
369 byte tempBitwisePrivilege = 0;
371 if (__apiVisibility != _API_VISIBILITY_NONE) // To be removed
373 if (visibilityLevelListTable[privilege][_PRV_API_VER_2_0] > __apiVisibility)
375 SysLog(NID_SEC, "Result : FALSE [Visibility]");
380 bitwiseTargetPrivilege = bitwiseTargetPrivilege | (1 << privilegeBit);
381 tempBitwisePrivilege = __bitwisePrivilege[targetIndex] & bitwiseTargetPrivilege;
383 if (bitwiseTargetPrivilege == tempBitwisePrivilege)
385 SysLog(NID_SEC, "Result : TRUE");
390 SysLogException(NID_SEC, E_PRIVILEGE_DENIED, "Result : FALSE [%ls, %ls]", __appId.GetPointer(), privilegeListTable[privilege].privilegeString);
397 _PrivilegeInfo::VerifyIntegrity(const AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length)
399 result r = E_SUCCESS;
400 bool verifyResult = false;
401 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
402 String base64EncodedChecksum;
404 std::unique_ptr<IHash> pHash(null);
405 std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
406 std::unique_ptr<char> pAppId(null);
408 SysLog(NID_SEC, "Enter.");
410 SysTryReturnResult(NID_SEC, length <= MAX_BITWISE_PRIV_SIZE, E_INVALID_ARG, "The privilege information of %ls is invalid.", appId.GetPointer());
412 pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
413 SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
415 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
416 memcpy(tempChecksumString + MAX_APP_ID_SIZE, targetBitwisePrivilege, length);
420 r = input.Construct(MAX_APP_ID_SIZE + length);
421 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
423 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + length);
424 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
427 pHash.reset(new (std::nothrow) Sha1Hash());
428 SysTryReturnResult(NID_SEC, pHash != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
430 pChecksumByteBuffer.reset(pHash->GetHashN(input));
431 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
433 r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), base64EncodedChecksum);
434 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
436 verifyResult = storedChecksum.Equals(base64EncodedChecksum, true);
437 if (verifyResult != true)
442 SysLog(NID_SEC, "Exit.");
447 _PrivilegeInfo::VerifyIntegrityEx(const AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length)
449 result r = E_SUCCESS;
450 bool verifyResult = false;
451 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
452 String base64EncodedChecksum;
455 std::unique_ptr<IHmac> pHmac(null);
456 std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
457 std::unique_ptr<ISecretKey> pKey(null);
458 std::unique_ptr<char> pAppId(null);
460 SysLog(NID_SEC, "Enter.");
461 SysTryReturnResult(NID_SEC, length <= MAX_BITWISE_PRIV_SIZE, E_INVALID_ARG, "The privilege information of [%ls] is invalid.", appId.GetPointer());
463 pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
464 SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
466 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
467 memcpy(tempChecksumString + MAX_APP_ID_SIZE, targetBitwisePrivilege, length);
471 r = input.Construct(MAX_APP_ID_SIZE + length);
472 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
474 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + length);
475 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
478 pHmac.reset(new (std::nothrow) Sha1Hmac());
479 SysTryReturnResult(NID_SEC, pHmac != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
481 pKey.reset(_DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN));
482 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
484 r = pHmac->SetKey(*(pKey.get()));
485 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
487 pChecksumByteBuffer.reset(pHmac->GetHmacN(input));
488 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
490 r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), base64EncodedChecksum);
491 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
493 verifyResult = storedChecksum.Equals(base64EncodedChecksum, true);
494 if (verifyResult != true)
499 SysLog(NID_SEC, "Exit.");
504 _PrivilegeInfo::VerifyIntegrity(const AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length, int visibility, const Tizen::Base::String& storedVisibilityChecksum)
506 result r = E_SUCCESS;
507 bool verifyResult = false;
508 byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
509 byte tempVisibilityChecksumString[sizeof(int) + MAX_APP_ID_SIZE];
510 String base64EncodedChecksum;
511 String base64EncodedVisibilityChecksum;
514 ByteBuffer visibilityInput;
515 std::unique_ptr<IHmac> pHmac(null);
516 std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
517 std::unique_ptr<ByteBuffer> pVisibilityChecksumByteBuffer(null);
518 std::unique_ptr<ISecretKey> pKey(null);
519 std::unique_ptr<char> pAppId(null);
521 SysLog(NID_SEC, "Enter.");
522 SysTryReturnResult(NID_SEC, length <= MAX_BITWISE_PRIV_SIZE, E_INVALID_ARG, "The privilege information of [%ls] is invalid.", appId.GetPointer());
524 pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
525 SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
527 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
528 memcpy(tempChecksumString + MAX_APP_ID_SIZE, targetBitwisePrivilege, length);
530 memcpy(tempVisibilityChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
531 memcpy(tempVisibilityChecksumString + MAX_APP_ID_SIZE, (byte*)(&visibility), sizeof(int));
535 r = input.Construct(MAX_APP_ID_SIZE + length);
536 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
538 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + length);
539 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
542 r = visibilityInput.Construct(MAX_APP_ID_SIZE + sizeof(int));
543 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
545 r = visibilityInput.SetArray(tempVisibilityChecksumString, 0, MAX_APP_ID_SIZE + sizeof(int));
546 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
547 visibilityInput.Flip();
549 pHmac.reset(new (std::nothrow) Sha1Hmac());
550 SysTryReturnResult(NID_SEC, pHmac != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
552 pKey.reset(_DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN));
553 SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
555 r = pHmac->SetKey(*(pKey.get()));
556 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
558 pChecksumByteBuffer.reset(pHmac->GetHmacN(input));
559 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
561 r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), base64EncodedChecksum);
562 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
564 verifyResult = storedChecksum.Equals(base64EncodedChecksum, true);
565 if (verifyResult != true)
570 pVisibilityChecksumByteBuffer.reset(pHmac->GetHmacN(visibilityInput));
571 SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
573 r = StringUtil::EncodeToBase64String(*(pVisibilityChecksumByteBuffer.get()), base64EncodedVisibilityChecksum);
574 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
576 verifyResult = storedVisibilityChecksum.Equals(base64EncodedVisibilityChecksum, true);
577 if (verifyResult != true)
582 SysLog(NID_SEC, "Exit.");