2 // Copyright (c) 2013 Samsung Electronics Co., Ltd.
4 // Licensed under the Apache License, Version 2.0 (the License);
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
8 // http://www.apache.org/licenses/LICENSE-2.0
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
18 * @file FSec_PrivilegeManagerServer.cpp
19 * @brief This is the implementation for the _PrivilegeManagerServer class.
24 #include <unique_ptr.h>
27 #include <FAppPkg_PackageInfoImpl.h>
28 #include <FAppPkg_PackageManagerImpl.h>
29 #include <FBaseString.h>
30 #include <FBaseSysLog.h>
31 #include <FSec_AccessControlTypes.h>
32 #include <FSec_PrivilegeManager.h>
33 #include <FSecSecretKey.h>
34 #include <FSecCryptoAesCipher.h>
35 #include <FSecCryptoSha1Hmac.h>
36 #include <FBase_StringConverter.h>
37 #include <FBaseInternalTypes.h>
39 #include "FSec_PrivilegeManagerServer.h"
41 using namespace Tizen::App;
42 using namespace Tizen::App::Package;
43 using namespace Tizen::Base;
44 using namespace Tizen::Base::Utility;
45 using namespace Tizen::Base::Collection;
46 using namespace Tizen::Io;
47 using namespace Tizen::Security;
48 using namespace Tizen::Security::Crypto;
50 namespace Tizen { namespace Security
53 _PrivilegeManagerServer::_PrivilegeManagerServer(void)
58 _PrivilegeManagerServer::~_PrivilegeManagerServer(void)
64 _PrivilegeManagerServer::RetrievePrivilege(const AppId& appId, String* pEncryptedBitwise, String* pHmac, ArrayList*& pPrivilegeList)
67 String encryptedBitwise;
69 ArrayList* pPrivilegeStringList = null;
71 r = _PrivilegeManager::RetrieveCipherPrivilegeExN(appId, encryptedBitwise, hmac, pPrivilegeStringList);
72 SysTryReturnResult(NID_SEC, r == E_SUCCESS, r, "Propagating.");
74 pEncryptedBitwise->Append(encryptedBitwise);
77 if (pPrivilegeStringList != null)
79 IEnumerator* pEnum = null;
80 pEnum = pPrivilegeStringList->GetEnumeratorN();
81 while (pEnum->MoveNext() == E_SUCCESS)
83 String* tempString = static_cast<String*>(pEnum->GetCurrent());
84 pPrivilegeList->Add(new String(*tempString));
89 pPrivilegeStringList->RemoveAll(true);
90 delete pPrivilegeStringList;
98 _PrivilegeManagerServer::GenerateVisibilityString(AppId appId, String* pEncryptedVisibility, String* pHmac)
100 _PackageInfoImpl infoImpl;
101 result r = E_SUCCESS;
104 String encryptedVisibility;
107 r = infoImpl.Construct(appId);
108 if (r == E_PKG_NOT_INSTALLED)
110 SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist.");
111 return E_DATA_NOT_FOUND;
113 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
115 visibility = infoImpl.GetApiVisibility();
116 SysTryReturnResult(NID_SEC, visibility >= 0, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
118 r = GetEncryptedVisibility(visibility, encryptedVisibility);
119 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
121 r = GetChecksum(appId, visibility, checksum);
122 SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
124 pEncryptedVisibility->Append(encryptedVisibility);
125 pHmac->Append(checksum);
131 _PrivilegeManagerServer::GetEncryptedVisibility(int visibility, String& encryptedVisibility)
133 result r = E_SUCCESS;
134 ISecretKey* pKey = null;
136 ByteBuffer* pEncryptedVisibility = null;
137 ByteBuffer* pTempVisibility = null;
139 const byte ivector[_IV_LEN] = { 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B};
141 pTempVisibility = new (std::nothrow) ByteBuffer();
142 SysTryReturnResult(NID_SEC, pTempVisibility != null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
144 r = pTempVisibility->Construct(sizeof(int));
145 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
147 r = ivByte.Construct(_IV_LEN);
148 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
150 r = ivByte.SetArray(ivector, 0, _IV_LEN);
151 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
154 r = pTempVisibility->SetArray((byte*)(&visibility), 0, sizeof(int));
155 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
156 pTempVisibility->Flip();
158 r = cipherEnc.Construct(L"CBC/128/PKCS7PADDING", CIPHER_ENCRYPT);
159 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
161 pKey = GetDeviceUniqueKeyN();
162 SysTryCatch(NID_SEC, pKey != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
164 r = cipherEnc.SetKey(*pKey);
165 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
167 r = cipherEnc.SetInitialVector(ivByte);
168 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
170 pEncryptedVisibility = cipherEnc.EncryptN(*pTempVisibility);
171 SysTryCatch(NID_SEC, pTempVisibility != null, r = E_SYSTEM, E_SYSTEM,
172 "[E_SYSTEM] An unexpected system error occurred.");
174 r = StringUtil::EncodeToBase64String(*pEncryptedVisibility, encryptedVisibility);
175 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
181 delete pTempVisibility;
183 delete pEncryptedVisibility;
189 _PrivilegeManagerServer::GetChecksum(AppId appId, int visibility, String& checksum)
191 result r = E_SUCCESS;
192 byte tempChecksumString[sizeof(int) + MAX_APP_ID_SIZE];
194 ISecretKey* pKey = null;
198 ByteBuffer* pChecksumByteBuffer = null;
200 std::unique_ptr<char[]> pAppId(null);
201 pAppId.reset(_StringConverter::CopyToCharArrayN(appId));
202 SysTryCatch(NID_SEC, pAppId != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
204 memcpy(tempChecksumString, pAppId.get(), MAX_APP_ID_SIZE);
205 memcpy(tempChecksumString + MAX_APP_ID_SIZE, (byte*)(&visibility), sizeof(int));
207 r = input.Construct(MAX_APP_ID_SIZE + sizeof(int));
208 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
210 r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + sizeof(int));
211 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
214 pHmac = new (std::nothrow) Sha1Hmac();
215 SysTryCatch(NID_SEC, pHmac != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed.");
217 pKey = GetDeviceUniqueKeyN();
218 SysTryCatch(NID_SEC, pKey != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
220 r = pHmac->SetKey(*pKey);
221 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
223 pChecksumByteBuffer = pHmac->GetHmacN(input);
224 SysTryCatch(NID_SEC, pChecksumByteBuffer != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
226 r = StringUtil::EncodeToBase64String(*pChecksumByteBuffer, checksum);
227 SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred.");
235 delete pChecksumByteBuffer;
241 _PrivilegeManagerServer::GetDeviceUniqueKeyN(void)
243 result r = E_SUCCESS;
244 ByteBuffer* pTempValue = null;
245 ISecretKey* pKey = null;
247 char uniqueInfo[_INFO_LEN] =
249 0x09, 0x25, 0x19, 0x87, 0xBF, 0x02, 0x14, 0x19,
250 0x88, 0xDD, 0x12, 0x30, 0x19, 0x86, 0xAD, 0xED
253 char* pUniqueKey = null;
254 pUniqueKey = GetDeviceUniqueKey(uniqueInfo, _INFO_LEN, _KEY_LEN);
255 SysTryCatch(NID_SEC, pUniqueKey != null, , E_SYSTEM, "[E_SYSTEM] Failed to generate the unique key.");
257 pTempValue = new (std::nothrow) ByteBuffer();
258 SysTryCatch(NID_SEC, pTempValue != null, , E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
260 r = pTempValue->Construct(_KEY_LEN);
261 SysTryCatch(NID_SEC, r == E_SUCCESS, , r, "[%s] Failed to generate device unique key.", GetErrorMessage(r));
263 r = pTempValue->SetArray(reinterpret_cast <byte*>(pUniqueKey), 0, _KEY_LEN);
264 SysTryCatch(NID_SEC, r == E_SUCCESS, , r, "[%s] Failed to generate device unique key.", GetErrorMessage(r));
268 pKey = new (std::nothrow) SecretKey();
269 SysTryCatch(NID_SEC, pKey != null, , E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory.");
271 r = pKey->SetKey(*pTempValue);
272 SysTryCatch(NID_SEC, r == E_SUCCESS, , r, "[%s] Failed to generate device unique key.", GetErrorMessage(r));
274 if (pUniqueKey != null)
283 if (pUniqueKey != null)