projects / platform / framework / native / appfw.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Getting token based on delimiter" into tizen_2.2
[platform/framework/native/appfw.git] / src / security / FSec_PrivilegeInfo.cpp
1 //
2 // Copyright (c) 2012 Samsung Electronics Co., Ltd.
3 //
4 // Licensed under the Apache License, Version 2.0 (the License);
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //     http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 //
16
17 /**
18  * @file                FSec_PrivilegeManagerInfo.cpp
19  * @brief               This is the implementation for the Privilege Information class.
20  */
21
22 #include <unique_ptr.h>
23 #include <stdlib.h>
24 #include <dukgen.h>
25
26 #include <FBaseSysLog.h>
27 #include <FBase_StringConverter.h>
28 #include <FBaseString.h>
29 #include <FAppPkg_PackageInfoImpl.h>
30 #include <FSecSecretKey.h>
31 #include <FSecCryptoAesCipher.h>
32 #include <FSecCryptoSha1Hmac.h>
33 #include <FSecCryptoSha1Hash.h>
34 #include <FBaseColArrayList.h>
35 #include <FBaseColHashMap.h>
36 #include <privilege_info.h>
37
38 #include "FSec_PrivilegeInfo.h"
39
40 using namespace Tizen::App;
41 using namespace Tizen::App::Package;
42 using namespace Tizen::Base;
43 using namespace Tizen::Base::Collection;
44 using namespace Tizen::Base::Utility;
45 using namespace Tizen::Security::Crypto;
46 using namespace Tizen::Text;
47
48 namespace Tizen { namespace Security
49 {
50
51 _PrivilegeInfo::_PrivilegeInfo(void)
52 {
53         memset(__bitwisePrivilege, 0, MAX_BITWISE_PRIV_SIZE);
54         __bitwiseLength = 0;
55         __apiVisibility = 0;
56 }
57
58 _PrivilegeInfo::~_PrivilegeInfo(void)
59 {
60         __privilegeList.RemoveAll(true);
61 }
62
63 result
64 _PrivilegeInfo::Construct(const AppId& appId, const byte* pBitwisePrivilege, const ArrayList* pPrivilegeList)
65 {
66         result r = E_SUCCESS;
67
68         SysTryReturnResult(NID_SEC, (pBitwisePrivilege != null), E_INVALID_ARG, "One of the argument is invalid.");
69         SysTryReturnResult(NID_SEC,
70                                           appId.GetLength() > 0 && appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG,
71                                           "One of the argument is invalid.");
72
73         // Set base length of privilege information to max
74         __bitwiseLength = MAX_BITWISE_PRIV_SIZE;
75
76         __appId = appId;
77         memcpy(__bitwisePrivilege, pBitwisePrivilege, __bitwiseLength);
78
79
80         std::unique_ptr<IEnumerator> pEnum(null);
81         r = __privilegeList.Construct(32, 0.75);
82         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
83
84         pEnum.reset(pPrivilegeList->GetEnumeratorN());
85         SysTryReturnResult(NID_SEC, pEnum != null, E_SYSTEM, "An unexpected system error occurred.");
86
87         while (pEnum->MoveNext() == E_SUCCESS)
88         {
89                 int ret = PRVMGR_ERR_NONE;
90                 char* pPrivilegeLevel = null;
91                 std::unique_ptr<char[]> pPrivilegeId(null);
92                 String* pTempString = static_cast< String* >(pEnum->GetCurrent());
93
94                 pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(*pTempString));
95                 SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
96
97                 ret = privilege_info_get_external_privilege_level(static_cast<char*>(pPrivilegeId.get()), &pPrivilegeLevel);
98                 SysTryReturnResult(NID_SEC, ret == PRVMGR_ERR_NONE, E_SYSTEM, "An unexpected system error occurred.");
99
100                 __privilegeList.Add((new String(*pTempString)), (new String(pPrivilegeLevel)));
101         }
102
103         return r;
104 }
105
106 result
107 _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, const String& checksum, const ArrayList* pPrivilegeList)
108 {
109         result r = E_SUCCESS;
110         byte* pDecrytpedBitwisePrivilege = null;
111
112         std::unique_ptr<ByteBuffer> pBitwisePrivilege(null);
113         _PackageInfoImpl infoImpl;
114
115         SysTryReturnResult(NID_SEC,
116                                           appId.GetLength() > 0 && appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG,
117                                           "One of the argument is invalid.");
118         SysTryReturnResult(NID_SEC, encryptedPrivileges.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
119         SysTryReturnResult(NID_SEC, checksum.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
120
121         pBitwisePrivilege.reset(StringUtil::DecodeBase64StringN(encryptedPrivileges));
122         SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
123
124         pDecrytpedBitwisePrivilege = const_cast <byte*>(pBitwisePrivilege->GetPointer());
125         SysTryReturnResult(NID_SEC, pDecrytpedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
126
127         r = VerifyIntegrity(appId, pDecrytpedBitwisePrivilege, checksum, pBitwisePrivilege->GetLimit());
128         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_INVALID_ARG, "The checksum is abnormal.");
129
130         // Set base length of privilege information
131         __bitwiseLength = pBitwisePrivilege->GetLimit();
132
133         memcpy(__bitwisePrivilege, pDecrytpedBitwisePrivilege, __bitwiseLength);
134         __appId = appId;
135
136         r = infoImpl.Construct(appId);
137         if (r == E_APP_NOT_INSTALLED)
138         {
139                 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The package information does not exist.");
140                 return E_DATA_NOT_FOUND;
141         }
142         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
143
144         __apiVisibility = infoImpl.GetApiVisibility();
145         SysTryReturnResult(NID_SEC, __apiVisibility >= 0, E_SYSTEM, "An unexpected system error occurred.");
146
147         std::unique_ptr<IEnumerator> pEnum(null);
148         r = __privilegeList.Construct(32, 0.75);
149         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
150
151         pEnum.reset(pPrivilegeList->GetEnumeratorN());
152         SysTryReturnResult(NID_SEC, pEnum != null, E_SYSTEM, "An unexpected system error occurred.");
153
154         while (pEnum->MoveNext() == E_SUCCESS)
155         {
156                 int ret = PRVMGR_ERR_NONE;
157                 char* pPrivilegeLevel = null;
158                 std::unique_ptr<char[]> pPrivilegeId(null);
159                 String* pTempString = static_cast< String* >(pEnum->GetCurrent());
160
161                 pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(*pTempString));
162                 SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
163
164                 ret = privilege_info_get_external_privilege_level(static_cast<char*>(pPrivilegeId.get()), &pPrivilegeLevel);
165                 SysTryReturnResult(NID_SEC, ret == PRVMGR_ERR_NONE, E_SYSTEM, "An unexpected system error occurred.");
166
167                 __privilegeList.Add((new String(*pTempString)), (new String(pPrivilegeLevel)));
168         }
169
170         return r;
171 }
172
173 result
174 _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, const String& checksum, const String& encryptedVisibiliity, const String& visibilityChecksum, const ArrayList* pPrivilegeList)
175 {
176         result r = E_SUCCESS;
177         byte* pDecrytpedBitwisePrivilege = null;
178         int visibility = 0;
179
180         ByteBuffer ivByte;
181         std::unique_ptr<ISecretKey> pKey(null);
182         std::unique_ptr<ByteBuffer> pEncryptedBitwisePrivilege(null);
183         std::unique_ptr<ByteBuffer> pBitwisePrivilege(null);
184         std::unique_ptr<ByteBuffer> pEncryptedVisibility(null);
185         std::unique_ptr<ByteBuffer> pVisibility(null);
186         AesCipher cipherDec;
187         _PackageInfoImpl infoImpl;
188         const byte ivector[_IV_LEN] =
189         {
190                 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F,
191                 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B
192         };
193
194         SysTryReturnResult(NID_SEC,
195                                           appId.GetLength() > 0 && appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG,
196                                           "One of the argument is invalid.");
197         SysTryReturnResult(NID_SEC, encryptedPrivileges.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
198         SysTryReturnResult(NID_SEC, checksum.GetLength() > 0, E_INVALID_ARG, "One of the argument is invalid.");
199
200         pEncryptedBitwisePrivilege.reset(StringUtil::DecodeBase64StringN(encryptedPrivileges));
201         SysTryReturnResult(NID_SEC, pEncryptedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
202
203         pEncryptedVisibility.reset(StringUtil::DecodeBase64StringN(encryptedVisibiliity));
204         SysTryReturnResult(NID_SEC, pEncryptedVisibility != null, E_SYSTEM, "An unexpected system error occurred.");
205
206         r = ivByte.Construct(_IV_LEN);
207         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
208
209         r = ivByte.SetArray(ivector, 0, _IV_LEN);
210         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
211         ivByte.Flip();
212
213         r = cipherDec.Construct(L"CBC/128/PKCS7PADDING", CIPHER_DECRYPT);
214         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
215
216         pKey.reset(GetDeviceUniqueKeyN());
217         SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
218
219         r = cipherDec.SetKey(*pKey.get());
220         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
221
222         r = cipherDec.SetInitialVector(ivByte);
223         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
224
225         pBitwisePrivilege.reset(cipherDec.DecryptN(*pEncryptedBitwisePrivilege.get()));
226         SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
227
228         pVisibility.reset(cipherDec.DecryptN(*pEncryptedVisibility.get()));
229         SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
230
231         pDecrytpedBitwisePrivilege = const_cast <byte*>(pBitwisePrivilege->GetPointer());
232         SysTryReturnResult(NID_SEC, pDecrytpedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
233
234         visibility = static_cast<int>(*(pVisibility->GetPointer()));
235
236         r = VerifyIntegrity(appId, pDecrytpedBitwisePrivilege, checksum, pBitwisePrivilege->GetLimit(), visibility, visibilityChecksum);
237         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_INVALID_ARG, "The checksum is abnormal.");
238
239         // Set base length of privilege information
240         __bitwiseLength = pBitwisePrivilege->GetLimit();
241
242         memcpy(__bitwisePrivilege, pDecrytpedBitwisePrivilege, __bitwiseLength);
243         __appId = appId;
244
245         __apiVisibility = visibility;
246
247         std::unique_ptr<IEnumerator> pEnum(null);
248         r = __privilegeList.Construct(32, 0.75);
249         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
250
251         pEnum.reset(pPrivilegeList->GetEnumeratorN());
252         SysTryReturnResult(NID_SEC, pEnum != null, E_SYSTEM, "An unexpected system error occurred.");
253
254         while (pEnum->MoveNext() == E_SUCCESS)
255         {
256                 int ret = PRVMGR_ERR_NONE;
257                 char* pPrivilegeLevel = null;
258                 std::unique_ptr<char[]> pPrivilegeId(null);
259                 String* pTempString = static_cast< String* >(pEnum->GetCurrent());
260
261                 pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(*pTempString));
262                 SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred.");
263
264                 ret = privilege_info_get_external_privilege_level(static_cast<char*>(pPrivilegeId.get()), &pPrivilegeLevel);
265                 SysTryReturnResult(NID_SEC, ret == PRVMGR_ERR_NONE, E_SYSTEM, "An unexpected system error occurred.");
266
267                 __privilegeList.Add((new String(*pTempString)), (new String(pPrivilegeLevel)));
268         }
269
270         return r;
271 }
272
273
274 _PrivilegeInfo*
275 _PrivilegeInfo::CloneN(void) const
276 {
277         _PrivilegeInfo* pPrivilegeInfo = null;
278         result r = E_SUCCESS;
279
280         ClearLastResult();
281
282         pPrivilegeInfo = new (std::nothrow) _PrivilegeInfo();
283         SysTryReturn(NID_SEC, pPrivilegeInfo != null, null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient.");
284
285         pPrivilegeInfo->__bitwiseLength = this->__bitwiseLength;
286
287         pPrivilegeInfo->__appId.Clear();
288         pPrivilegeInfo->__appId.Append(this->__appId);
289         memcpy(pPrivilegeInfo->__bitwisePrivilege, this->__bitwisePrivilege, pPrivilegeInfo->__bitwiseLength);
290
291         std::unique_ptr<IMapEnumerator> pEnum(null);
292         pEnum.reset(this->__privilegeList.GetMapEnumeratorN());
293         SysTryCatch(NID_SEC, pEnum != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
294
295         r = pPrivilegeInfo->__privilegeList.Construct(32, 0.75);
296         SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
297
298         while (pEnum->MoveNext() == E_SUCCESS)
299         {
300                 String* pTempString = static_cast< String* >(pEnum->GetKey());
301                 String* pTempLevel = static_cast< String* >(pEnum->GetValue());
302                 pPrivilegeInfo->__privilegeList.Add((new String(*pTempString)), (new String(*pTempLevel)));
303         }
304
305         pPrivilegeInfo->__apiVisibility = this->__apiVisibility;
306         return pPrivilegeInfo;
307
308 CATCH:
309
310         SetLastResult(r);
311
312         delete pPrivilegeInfo;
313         return null;
314 }
315
316 result
317 _PrivilegeInfo::Construct(const _PrivilegeInfo& privilegeInfo)
318 {
319         result r = E_SUCCESS;
320
321         SysTryReturnResult(NID_SEC, privilegeInfo.__appId.GetLength() > 0 && privilegeInfo.__appId.GetLength() == MAX_APP_ID_SIZE, E_INVALID_ARG, "The argument is invalid.");
322
323         __bitwiseLength = privilegeInfo.__bitwiseLength;
324
325         __appId = privilegeInfo.__appId;
326         memcpy(__bitwisePrivilege, privilegeInfo.__bitwisePrivilege, __bitwiseLength);
327
328         __apiVisibility = privilegeInfo.__apiVisibility;
329
330         std::unique_ptr<IMapEnumerator> pEnum(null);
331         pEnum.reset(privilegeInfo.__privilegeList.GetMapEnumeratorN());
332         SysTryReturnResult(NID_SEC, pEnum != null, E_SYSTEM, "An unexpected system error occurred.");
333
334         r = __privilegeList.Construct(32, 0.75);
335         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
336
337         while (pEnum->MoveNext() == E_SUCCESS)
338         {
339                 String* pTempString = static_cast< String* >(pEnum->GetKey());
340                 String* pTempLevel = static_cast< String* >(pEnum->GetValue());
341                 __privilegeList.Add((new String(*pTempString)), (new String(*pTempLevel)));
342         }
343
344         return r;
345 }
346
347 const String
348 _PrivilegeInfo::GetAppId(void) const
349 {
350         return __appId;
351 }
352
353 result
354 _PrivilegeInfo::GetBitwisePrivilegeN(byte*& pBitwisePrivilege) const
355 {
356         byte* pReturn = null;
357         result r = E_SUCCESS;
358
359         pReturn = (byte*) malloc(sizeof(byte) * MAX_BITWISE_PRIV_SIZE);
360         SysTryReturnResult(NID_SEC, pReturn != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
361         memcpy(pReturn, __bitwisePrivilege, MAX_BITWISE_PRIV_SIZE);
362
363         pBitwisePrivilege = pReturn;
364
365         return r;
366 }
367
368 result
369 _PrivilegeInfo::GetEncryptedBitwise(String& encryptedPrivileges) const
370 {
371         result r = E_SUCCESS;
372         ByteBuffer ivByte;
373         std::unique_ptr<ISecretKey> pKey(null);
374         std::unique_ptr<ByteBuffer> pEncryptedBitwisePrivilege(null);
375         std::unique_ptr<ByteBuffer> pBitwisePrivilege(null);
376         AesCipher cipherEnc;
377         const byte ivector[_IV_LEN] = { 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B};
378
379         pBitwisePrivilege.reset(new (std::nothrow) ByteBuffer());
380         SysTryReturnResult(NID_SEC, pBitwisePrivilege != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
381
382         r = pBitwisePrivilege->Construct(__bitwiseLength);
383         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
384
385         r = ivByte.Construct(_IV_LEN);
386         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
387
388         r = ivByte.SetArray(ivector, 0, _IV_LEN);
389         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
390         ivByte.Flip();
391
392         r = pBitwisePrivilege->SetArray(__bitwisePrivilege, 0, __bitwiseLength);
393         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
394         pBitwisePrivilege->Flip();
395
396         r = cipherEnc.Construct(L"CBC/128/PKCS7PADDING", CIPHER_ENCRYPT);
397         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
398
399         pKey.reset(GetDeviceUniqueKeyN());
400         SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
401
402         r = cipherEnc.SetKey(*(pKey.get()));
403         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
404
405         r = cipherEnc.SetInitialVector(ivByte);
406         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
407
408         pEncryptedBitwisePrivilege.reset(cipherEnc.EncryptN(*(pBitwisePrivilege.get())));
409         SysTryReturnResult(NID_SEC, pEncryptedBitwisePrivilege != null, E_SYSTEM, "An unexpected system error occurred.");
410
411         r = StringUtil::EncodeToBase64String(*(pEncryptedBitwisePrivilege.get()), encryptedPrivileges);
412         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
413
414         return r;
415 }
416
417 result
418 _PrivilegeInfo::GetChecksum(String& checksum) const
419 {
420         result r = E_SUCCESS;
421         byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
422
423         ByteBuffer ivByte;
424         ByteBuffer input;
425         std::unique_ptr<ISecretKey> pKey(null);
426         std::unique_ptr<IHmac> pHmac(null);
427         std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
428         std::unique_ptr<char[]> pAppId(null);
429
430         pAppId.reset(_StringConverter::CopyToCharArrayN(__appId));
431         SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
432
433         memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
434         memcpy(tempChecksumString + MAX_APP_ID_SIZE, __bitwisePrivilege, __bitwiseLength);
435
436         pAppId.reset(null);
437
438         r = input.Construct(MAX_APP_ID_SIZE + __bitwiseLength);
439         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
440
441         r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + __bitwiseLength);
442         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
443         input.Flip();
444
445         pHmac.reset(new (std::nothrow) Sha1Hmac());
446         SysTryReturnResult(NID_SEC, pHmac != null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
447
448         pKey.reset(GetDeviceUniqueKeyN());
449         SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
450
451         r = pHmac->SetKey(*(pKey.get()));
452         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
453
454         pChecksumByteBuffer.reset(pHmac->GetHmacN(input));
455         SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
456
457         r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), checksum);
458         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
459
460         return r;
461 }
462
463 bool
464 _PrivilegeInfo::HasPrivilege(_Privilege privilege) const
465 {
466         bool ret = false;
467         int targetIndex = static_cast< int >(privilege) / _BITS_IN_BYTE;
468         byte privilegeBit = (byte) (static_cast< int >(privilege) % _BITS_IN_BYTE);
469         byte bitwiseTargetPrivilege = 0;
470         byte tempBitwisePrivilege = 0;
471
472         if (__apiVisibility != _API_VISIBILITY_NONE) // To be removed
473         {
474                 if (visibilityLevelListTable[privilege] > __apiVisibility)
475                 {
476                         SysLog(NID_SEC, "Result : FALSE [Visibility]");
477                         return ret;
478                 }
479         }
480
481         bitwiseTargetPrivilege = bitwiseTargetPrivilege | (1 << privilegeBit);
482         tempBitwisePrivilege = __bitwisePrivilege[targetIndex] & bitwiseTargetPrivilege;
483
484         if (bitwiseTargetPrivilege == tempBitwisePrivilege)
485         {
486                 SysLog(NID_SEC, "Result : TRUE");
487                 ret = true;
488         }
489         else
490         {
491                 SysLogException(NID_SEC, E_PRIVILEGE_DENIED, "Result : FALSE [%ls, %ls]", __appId.GetPointer(), privilegeListTable[privilege].privilegeString);
492         }
493
494         return ret;
495 }
496
497 bool
498 _PrivilegeInfo::HasPrivilegeEx(_Privilege privilege) const
499 {
500         bool ret = false;
501         int targetIndex = static_cast< int >(privilege) / _BITS_IN_BYTE;
502         byte privilegeBit = (byte) (static_cast< int >(privilege) % _BITS_IN_BYTE);
503         byte bitwiseTargetPrivilege = 0;
504         byte tempBitwisePrivilege = 0;
505
506         if (__apiVisibility != _API_VISIBILITY_NONE) // To be removed
507         {
508                 if (visibilityLevelListTable[privilege] > __apiVisibility)
509                 {
510                         return ret;
511                 }
512         }
513
514         bitwiseTargetPrivilege = bitwiseTargetPrivilege | (1 << privilegeBit);
515         tempBitwisePrivilege = __bitwisePrivilege[targetIndex] & bitwiseTargetPrivilege;
516
517         if (bitwiseTargetPrivilege == tempBitwisePrivilege)
518         {
519                 SysLog(NID_SEC, "Result : TRUE");
520                 ret = true;
521         }
522
523         return ret;
524 }
525
526 bool
527 _PrivilegeInfo::HasPrivilege(const String& privilege) const
528 {
529     bool ret = false;
530     bool validStringFlag = false;
531     int privilegeEnum = -1;
532     int index = 0;
533
534         String privilegeURI = L"http://tizen.org/privilege/";
535     String privilegeSubString;
536     String privilegeSubStringURI;
537     privilege.SubString(0, privilegeURI.GetLength(), privilegeSubStringURI);
538
539     if (privilegeSubStringURI.Equals(privilegeURI, true))
540     {
541         privilege.SubString(privilegeURI.GetLength(), privilege.GetLength() - privilegeURI.GetLength(), privilegeSubString);
542         for (index = 0; index < _MAX_PRIVILEGE_ENUM; index++)
543                 {
544                         if (wcscmp(privilegeListTable[index].privilegeString, privilegeSubString.GetPointer()) == 0)
545                         {
546                                 validStringFlag = true;
547                                 privilegeEnum = index;
548                                 break;
549                         }
550                 }
551     }
552
553     if (validStringFlag)
554     {
555         ret = HasPrivilege(privilegeListTable[index].privilege);
556     }
557     else
558     {
559                 ret = __privilegeList.ContainsKey(privilege);
560         if (ret)
561                 {
562                 if (__apiVisibility != _API_VISIBILITY_NONE) // To be removed
563                         {
564                         const String* pPrivilegeLevel = static_cast< const String* >(__privilegeList.GetValue(privilege));
565                         SysTryReturn(NID_SEC, pPrivilegeLevel != null, E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
566
567                         int privilegeLevel = GetPrivilegeLevel(*pPrivilegeLevel);
568                                 if (privilegeLevel > __apiVisibility)
569                                 {
570                                         SysLog(NID_SEC, "Result : FALSE [Visibility]");
571                                         return false;
572                                 }
573                         }
574
575                         SysLog(NID_SEC, "Result : TRUE");
576                 }
577                 else
578                 {
579                         SysLogException(NID_SEC, E_PRIVILEGE_DENIED, "Result : FALSE [%ls, %ls]", __appId.GetPointer(), privilege.GetPointer());
580                 }
581     }
582
583         return ret;
584 }
585
586 result
587 _PrivilegeInfo::VerifyIntegrity(const AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length)
588 {
589         result r = E_SUCCESS;
590         bool verifyResult = false;
591         byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
592         String base64EncodedChecksum;
593         ByteBuffer input;
594         std::unique_ptr<IHash> pHash(null);
595         std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
596         std::unique_ptr<char[]> pAppId(null);
597
598         SysTryReturnResult(NID_SEC, length <= MAX_BITWISE_PRIV_SIZE, E_INVALID_ARG, "The privilege information of %ls is invalid.", appId.GetPointer());
599
600         pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
601         SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
602
603         memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
604         memcpy(tempChecksumString + MAX_APP_ID_SIZE, targetBitwisePrivilege, length);
605
606         pAppId.reset(null);
607
608         r = input.Construct(MAX_APP_ID_SIZE + length);
609         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
610
611         r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + length);
612         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
613         input.Flip();
614
615         pHash.reset(new (std::nothrow) Sha1Hash());
616         SysTryReturnResult(NID_SEC, pHash != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
617
618         pChecksumByteBuffer.reset(pHash->GetHashN(input));
619         SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
620
621         r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), base64EncodedChecksum);
622         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
623
624         verifyResult = storedChecksum.Equals(base64EncodedChecksum, true);
625         if (verifyResult != true)
626         {
627                 r = E_INVALID_ARG;
628         }
629
630         return r;
631 }
632
633 result
634 _PrivilegeInfo::VerifyIntegrityEx(const AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length)
635 {
636         result r = E_SUCCESS;
637         bool verifyResult = false;
638         byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
639         String base64EncodedChecksum;
640         ByteBuffer ivByte;
641         ByteBuffer input;
642         std::unique_ptr<IHmac> pHmac(null);
643         std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
644         std::unique_ptr<ISecretKey> pKey(null);
645         std::unique_ptr<char[]> pAppId(null);
646
647         SysTryReturnResult(NID_SEC, length <= MAX_BITWISE_PRIV_SIZE, E_INVALID_ARG, "The privilege information of [%ls] is invalid.", appId.GetPointer());
648
649         pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
650         SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
651
652         memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
653         memcpy(tempChecksumString + MAX_APP_ID_SIZE, targetBitwisePrivilege, length);
654
655         pAppId.reset(null);
656
657         r = input.Construct(MAX_APP_ID_SIZE + length);
658         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
659
660         r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + length);
661         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
662         input.Flip();
663
664         pHmac.reset(new (std::nothrow) Sha1Hmac());
665         SysTryReturnResult(NID_SEC, pHmac != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
666
667         pKey.reset(GetDeviceUniqueKeyN());
668         SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
669
670         r = pHmac->SetKey(*(pKey.get()));
671         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
672
673         pChecksumByteBuffer.reset(pHmac->GetHmacN(input));
674         SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
675
676         r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), base64EncodedChecksum);
677         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
678
679         verifyResult = storedChecksum.Equals(base64EncodedChecksum, true);
680         if (verifyResult != true)
681         {
682                 r = E_INVALID_ARG;
683         }
684
685         return r;
686 }
687
688 result
689 _PrivilegeInfo::VerifyIntegrity(const AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length, int visibility, const Tizen::Base::String& storedVisibilityChecksum)
690 {
691         result r = E_SUCCESS;
692         bool verifyResult = false;
693         byte tempChecksumString[MAX_BITWISE_PRIV_SIZE + MAX_APP_ID_SIZE];
694         byte tempVisibilityChecksumString[sizeof(int) + MAX_APP_ID_SIZE];
695         String base64EncodedChecksum;
696         String base64EncodedVisibilityChecksum;
697         ByteBuffer ivByte;
698         ByteBuffer input;
699         ByteBuffer visibilityInput;
700         std::unique_ptr<IHmac> pHmac(null);
701         std::unique_ptr<ByteBuffer> pChecksumByteBuffer(null);
702         std::unique_ptr<ByteBuffer> pVisibilityChecksumByteBuffer(null);
703         std::unique_ptr<ISecretKey> pKey(null);
704         std::unique_ptr<char[]> pAppId(null);
705
706         SysTryReturnResult(NID_SEC, length <= MAX_BITWISE_PRIV_SIZE, E_INVALID_ARG, "The privilege information of [%ls] is invalid.", appId.GetPointer());
707
708         pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
709         SysTryReturnResult(NID_SEC, pAppId != null, E_SYSTEM, "An unexpected system error occurred.");
710
711         memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
712         memcpy(tempChecksumString + MAX_APP_ID_SIZE, targetBitwisePrivilege, length);
713
714         memcpy(tempVisibilityChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
715         memcpy(tempVisibilityChecksumString + MAX_APP_ID_SIZE, (byte*)(&visibility), sizeof(int));
716
717         pAppId.reset(null);
718
719         r = input.Construct(MAX_APP_ID_SIZE + length);
720         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
721
722         r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + length);
723         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
724         input.Flip();
725
726         r = visibilityInput.Construct(MAX_APP_ID_SIZE + sizeof(int));
727         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
728
729         r = visibilityInput.SetArray(tempVisibilityChecksumString, 0, MAX_APP_ID_SIZE + sizeof(int));
730         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
731         visibilityInput.Flip();
732
733         pHmac.reset(new (std::nothrow) Sha1Hmac());
734         SysTryReturnResult(NID_SEC, pHmac != null, E_OUT_OF_MEMORY, "Memory allocation is failed.");
735
736         pKey.reset(GetDeviceUniqueKeyN());
737         SysTryReturnResult(NID_SEC, pKey != null, E_SYSTEM, "An unexpected system error occurred.");
738
739         r = pHmac->SetKey(*(pKey.get()));
740         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
741
742         pChecksumByteBuffer.reset(pHmac->GetHmacN(input));
743         SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
744
745         r = StringUtil::EncodeToBase64String(*(pChecksumByteBuffer.get()), base64EncodedChecksum);
746         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
747
748         verifyResult = storedChecksum.Equals(base64EncodedChecksum, true);
749         if (verifyResult != true)
750         {
751                 r = E_INVALID_ARG;
752         }
753
754         pVisibilityChecksumByteBuffer.reset(pHmac->GetHmacN(visibilityInput));
755         SysTryReturnResult(NID_SEC, pChecksumByteBuffer != null, E_SYSTEM, "An unexpected system error occurred.");
756
757         r = StringUtil::EncodeToBase64String(*(pVisibilityChecksumByteBuffer.get()), base64EncodedVisibilityChecksum);
758         SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred.");
759
760         verifyResult = storedVisibilityChecksum.Equals(base64EncodedVisibilityChecksum, true);
761         if (verifyResult != true)
762         {
763                 r = E_INVALID_ARG;
764         }
765
766         return r;
767 }
768
769 ISecretKey*
770 _PrivilegeInfo::GetDeviceUniqueKeyN(void)
771 {
772         result r = E_SUCCESS;
773         ByteBuffer* pTempValue = null;
774         ISecretKey* pKey = null;
775
776         char uniqueInfo[_INFO_LEN] =
777         {
778                 0x09, 0x25, 0x19, 0x87, 0xBF, 0x02, 0x14, 0x19,
779                 0x88, 0xDD, 0x12, 0x30, 0x19, 0x86, 0xAD, 0xED
780         };
781
782         char* pUniqueKey = null;
783         pUniqueKey = GetDeviceUniqueKey(uniqueInfo, _INFO_LEN, _KEY_LEN);
784         SysTryCatch(NID_SEC, pUniqueKey != null, , E_SYSTEM, "[E_SYSTEM] Failed to generate the unique key.");
785
786         pTempValue = new (std::nothrow) ByteBuffer();
787         SysTryCatch(NID_SEC, pTempValue != null, , E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
788
789         r = pTempValue->Construct(_KEY_LEN);
790         SysTryCatch(NID_SEC, r == E_SUCCESS, , r, "[%s] Failed to generate device unique key.", GetErrorMessage(r));
791
792         r = pTempValue->SetArray(reinterpret_cast <byte*>(pUniqueKey), 0, _KEY_LEN);
793         SysTryCatch(NID_SEC, r == E_SUCCESS, , r, "[%s] Failed to generate device unique key.", GetErrorMessage(r));
794
795         pTempValue->Flip();
796
797         pKey = new (std::nothrow) SecretKey();
798         SysTryCatch(NID_SEC, pKey != null, , E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
799
800         r = pKey->SetKey(*pTempValue);
801         SysTryCatch(NID_SEC, r == E_SUCCESS, , r, "[%s] Failed to generate device unique key.", GetErrorMessage(r));
802
803         if (pUniqueKey != null)
804         {
805                 free(pUniqueKey);
806         }
807         delete pTempValue;
808
809         return pKey;
810
811 CATCH:
812         if (pUniqueKey != null)
813         {
814                 free(pUniqueKey);
815         }
816         delete pTempValue;
817         delete pKey;
818
819         return null;
820 }
821
822 int
823 _PrivilegeInfo::GetPrivilegeLevel(const String& privilegeLevel)
824 {
825         if(privilegeLevel.Equals(String(L"platform"), true))
826         {
827                 return _API_VISIBILITY_PLATFORM;
828         }
829         else if(privilegeLevel.Equals(String(L"partner"), true))
830         {
831                 return _API_VISIBILITY_PARTNER;
832         }
833
834         return _API_VISIBILITY_PUBLIC;
835 }
836
837 }} //Tizen::Security
Domain: App Framework / Uncategorized;