2 // Open Service Platform
3 // Copyright (c) 2013 Samsung Electronics Co., Ltd.
5 // Licensed under the Apache License, Version 2.0 (the License);
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 * @file FSec_PrivilegeManagerServer.cpp
20 * @brief This is the implementation for the _PrivilegeManagerServer class.
25 #include <unique_ptr.h>
26 #include <FAppPkg_PackageInfoImpl.h>
27 #include <FAppPkg_PackageManagerImpl.h>
28 #include <FBaseString.h>
29 #include <FBaseSysLog.h>
30 #include <FSec_AccessControlTypes.h>
31 #include <FSec_PrivilegeManager.h>
32 #include <FSecCryptoAesCipher.h>
33 #include <FSecCryptoSha1Hmac.h>
34 #include <FBase_StringConverter.h>
35 #include <FBaseInternalTypes.h>
36 #include <FSec_DeviceKeyGenerator.h>
37 #include "FSec_PrivilegeManagerServer.h"
39 using namespace Tizen::App;
40 using namespace Tizen::App::Package;
41 using namespace Tizen::Base;
42 using namespace Tizen::Base::Utility;
43 using namespace Tizen::Base::Collection;
44 using namespace Tizen::Io;
45 using namespace Tizen::Security;
46 using namespace Tizen::Security::Crypto;
48 namespace Tizen { namespace Security
51 _PrivilegeManagerServer::_PrivilegeManagerServer(void)
56 _PrivilegeManagerServer::~_PrivilegeManagerServer(void)
62 _PrivilegeManagerServer::RetrievePrivilege(const AppId& appId, String* pEncryptedBitwise, String* pHmac, ArrayList*& pPrivilegeList)
65 String encryptedBitwise;
67 ArrayList* pPrivilegeStringList = null;
69 r = _PrivilegeManager::RetrieveCipherPrivilegeExN(appId, encryptedBitwise, hmac, pPrivilegeStringList);
70 SysTryReturnResult(NID_SEC, r == E_SUCCESS, r, "Propagating.");
72 pEncryptedBitwise->Append(encryptedBitwise);
75 if (pPrivilegeStringList != null)
77 IEnumerator* pEnum = null;
78 pEnum = pPrivilegeStringList->GetEnumeratorN();
79 while (pEnum->MoveNext() == E_SUCCESS)
81 String* tempString = static_cast<String*>(pEnum->GetCurrent());
82 pPrivilegeList->Add(new String(*tempString));
87 pPrivilegeStringList->RemoveAll(true);
88 delete pPrivilegeStringList;
96 _PrivilegeManagerServer::GenerateVisibilityString(AppId appId, String* pEncryptedVisibility, String* pHmac)
98 _PackageInfoImpl infoImpl;
102 String encryptedVisibility;
105 r = infoImpl.Construct(appId);
106 if (r == E_PKG_NOT_INSTALLED)
108 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
109 return E_DATA_NOT_FOUND;
111 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
113 visibility = infoImpl.GetApiVisibility();
114 SysTryReturnResult(NID_SEC, visibility >= 0, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
116 r = GetEncryptedVisibility(visibility, encryptedVisibility);
117 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
119 r = GetChecksum(appId, visibility, checksum);
120 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
122 pEncryptedVisibility->Append(encryptedVisibility);
123 pHmac->Append(checksum);
129 _PrivilegeManagerServer::GetEncryptedVisibility(int visibility, String& encryptedVisibility)
131 result r = E_SUCCESS;
132 ISecretKey* pKey = null;
134 ByteBuffer* pEncryptedVisibility = null;
135 ByteBuffer* pTempVisibility = null;
137 const byte ivector[_IV_LEN] = { 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B};
139 pTempVisibility = new (std::nothrow) ByteBuffer();
140 SysTryReturnResult(NID_SEC, pTempVisibility != null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
142 r = pTempVisibility->Construct(sizeof(int));
143 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
145 r = ivByte.Construct(_IV_LEN);
146 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
148 r = ivByte.SetArray(ivector, 0, _IV_LEN);
149 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
152 r = pTempVisibility->SetArray((byte*)(&visibility), 0, sizeof(int));
153 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
154 pTempVisibility->Flip();
156 r = cipherEnc.Construct(L"CBC/128/PKCS7PADDING", CIPHER_ENCRYPT);
157 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
159 pKey = _DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN);
160 SysTryCatch(NID_SEC, pKey != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
162 r = cipherEnc.SetKey(*pKey);
163 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
165 r = cipherEnc.SetInitialVector(ivByte);
166 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
168 pEncryptedVisibility = cipherEnc.EncryptN(*pTempVisibility);
169 SysTryCatch(NID_SEC, pTempVisibility != null, r = E_SYSTEM, E_SYSTEM,
170 "[E_SYSTEM] An unexpected system error occurred.");
172 r = StringUtil::EncodeToBase64String(*pEncryptedVisibility, encryptedVisibility);
173 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
179 delete pTempVisibility;
181 delete pEncryptedVisibility;
187 _PrivilegeManagerServer::GetChecksum(AppId appId, int visibility, String& checksum)
189 result r = E_SUCCESS;
190 byte tempChecksumString[sizeof(int) + MAX_APP_ID_SIZE];
192 ISecretKey* pKey = null;
196 ByteBuffer* pChecksumByteBuffer = null;
199 pAppId = (char*) _StringConverter::CopyToCharArrayN(appId);
200 SysTryCatch(NID_SEC, pAppId != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
202 memcpy(tempChecksumString, pAppId, MAX_APP_ID_SIZE);
203 memcpy(tempChecksumString + MAX_APP_ID_SIZE, (byte*)(&visibility), sizeof(int));
208 r = input.Construct(MAX_APP_ID_SIZE + sizeof(int));
209 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
211 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + sizeof(int));
212 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
215 pHmac = new (std::nothrow) Sha1Hmac();
216 SysTryCatch(NID_SEC, pHmac != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
218 pKey = _DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN);
219 SysTryCatch(NID_SEC, pKey != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
221 r = pHmac->SetKey(*pKey);
222 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
224 pChecksumByteBuffer = pHmac->GetHmacN(input);
225 SysTryCatch(NID_SEC, pChecksumByteBuffer != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
227 r = StringUtil::EncodeToBase64String(*pChecksumByteBuffer, checksum);
228 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
236 delete pChecksumByteBuffer;