2 * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file trust-anchor.cpp
18 * @author Sangwan Kwon (sangwan.kwon@samsung.com)
20 * @brief Implementation of trust anchor
22 #include "tanchor/trust-anchor.hxx"
26 #include "exception.hxx"
27 #include "environment.hxx"
31 class TrustAnchor::Impl {
33 explicit Impl(const std::string &packageId, uid_t uid) noexcept;
34 virtual ~Impl(void) = default;
36 int install(const std::string &pkgCertsPath, bool withSystemCerts) noexcept;
37 int uninstall(void) const noexcept;
38 int launch(void) noexcept;
39 int rollback(void) const noexcept;
42 void preInstall(void);
48 TrustAnchor::Impl::Impl(const std::string &packageId, uid_t uid) noexcept :
49 m_logic(path::BASE_PKG_PATH + "/" +
50 std::to_string(static_cast<int>(uid)) + "/" +
53 INFO(SINK, "Start tanchor about uid[" << uid <<
54 "], pkg[" << packageId << "]");
57 void TrustAnchor::Impl::preInstall(void)
60 DEBUG(SINK, "Success to pre-install stage.");
63 int TrustAnchor::Impl::install(const std::string &pkgCertsPath,
64 bool withSystemCerts) noexcept
70 this->m_logic.setPkgCertsPath(pkgCertsPath);
72 this->m_logic.setSystemCertsUsed();
74 this->m_logic.makeCustomCerts();
75 this->m_logic.makeCustomBundle();
77 INFO(SINK, "Success to install.");
78 return TRUST_ANCHOR_ERROR_NONE;
83 int TrustAnchor::Impl::rollback(void) const noexcept
87 this->m_logic.deinit(true);
89 INFO(SINK, "Success to rollback.");
90 return TRUST_ANCHOR_ERROR_NONE;
95 int TrustAnchor::Impl::uninstall(void) const noexcept
99 this->m_logic.deinit(false);
101 INFO(SINK, "Success to uninstall.");
102 return TRUST_ANCHOR_ERROR_NONE;
107 void TrustAnchor::Impl::preLaunch(void)
109 if (!this->m_logic.isCustomBaseValid())
110 ThrowExc(TRUST_ANCHOR_ERROR_NOT_INSTALLED, "Tanchor is not installed before.");
112 if (!this->m_logic.isSystemCertsUsed())
115 DEBUG(SINK, "This package uses system certificates.");
116 if (this->m_logic.isSystemCertsModified()) {
117 WARN(SINK, "System certificates be changed. Do re-install for refresh.");
118 this->install(this->m_logic.getPkgCertsPath(), true);
120 DEBUG(SINK, "Success to pre-launch stage.");
123 int TrustAnchor::Impl::launch() noexcept
125 EXCEPTION_GUARD_START
129 this->m_logic.disassociateNS();
130 this->m_logic.mountCustomCerts();
131 this->m_logic.mountCustomBundle();
133 INFO(SINK, "Success to launch.");
134 return TRUST_ANCHOR_ERROR_NONE;
139 TrustAnchor::TrustAnchor(const std::string &packageId, uid_t uid) noexcept :
140 m_pImpl(new Impl(packageId, uid)) {}
142 TrustAnchor::~TrustAnchor(void) = default;
144 int TrustAnchor::install(const std::string &pkgCertsPath,
145 bool withSystemCerts) noexcept
147 if (this->m_pImpl == nullptr)
148 return TRUST_ANCHOR_ERROR_OUT_OF_MEMORY;
150 int ret = this->m_pImpl->install(pkgCertsPath, withSystemCerts);
152 if (ret != TRUST_ANCHOR_ERROR_NONE) {
153 ERROR(SINK, "Failed to intall ACTA. Remove custom directory for rollback.");
154 if (this->m_pImpl->rollback() != TRUST_ANCHOR_ERROR_NONE)
155 ERROR(SINK, "Failed to rollback ACTA.");
161 int TrustAnchor::uninstall(void) noexcept
163 if (this->m_pImpl == nullptr)
164 return TRUST_ANCHOR_ERROR_OUT_OF_MEMORY;
166 return this->m_pImpl->uninstall();
169 int TrustAnchor::launch(void) noexcept
171 if (this->m_pImpl == nullptr)
172 return TRUST_ANCHOR_ERROR_OUT_OF_MEMORY;
174 return this->m_pImpl->launch();
177 } // namespace tanchor