src/trust-anchor.cpp

   1 /*
   2  *  Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *  Licensed under the Apache License, Version 2.0 (the "License");
   5  *  you may not use this file except in compliance with the License.
   6  *  You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *  Unless required by applicable law or agreed to in writing, software
  11  *  distributed under the License is distributed on an "AS IS" BASIS,
  12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *  See the License for the specific language governing permissions and
  14  *  limitations under the License
  15  */
  16 /*
  17  * @file        trust-anchor.cpp
  18  * @author      Sangwan Kwon (sangwan.kwon@samsung.com)
  19  * @version     1.0
  20  * @brief       Implementation of trust anchor
  21  */
  22 #include "tanchor/trust-anchor.hxx"
  23
  24 #include "logic.hxx"
  25 #include "logger.hxx"
  26 #include "exception.hxx"
  27 #include "environment.hxx"
  28
  29 namespace tanchor {
  30
  31 class TrustAnchor::Impl {
  32 public:
  33         explicit Impl(const std::string &packageId, uid_t uid) noexcept;
  34         virtual ~Impl(void) = default;
  35
  36         int install(const std::string &pkgCertsPath, bool withSystemCerts) noexcept;
  37         int uninstall(void) const noexcept;
  38         int launch(void) noexcept;
  39         int rollback(void) const noexcept;
  40
  41 private:
  42         void preInstall(void);
  43         void preLaunch(void);
  44
  45         Logic m_logic;
  46 };
  47
  48 TrustAnchor::Impl::Impl(const std::string &packageId, uid_t uid) noexcept :
  49         m_logic(path::BASE_PKG_PATH + "/" +
  50                         std::to_string(static_cast<int>(uid)) + "/" +
  51                         packageId)
  52 {
  53         INFO(SINK, "Start tanchor about uid[" << uid <<
  54                            "], pkg[" << packageId << "]");
  55 }
  56
  57 void TrustAnchor::Impl::preInstall(void)
  58 {
  59         this->m_logic.init();
  60         DEBUG(SINK, "Success to pre-install stage.");
  61 }
  62
  63 int TrustAnchor::Impl::install(const std::string &pkgCertsPath,
  64                                                            bool withSystemCerts) noexcept
  65 {
  66         EXCEPTION_GUARD_START
  67
  68         this->preInstall();
  69
  70         this->m_logic.setPkgCertsPath(pkgCertsPath);
  71         if (withSystemCerts)
  72                 this->m_logic.setSystemCertsUsed();
  73
  74         this->m_logic.makeCustomCerts();
  75         this->m_logic.makeCustomBundle();
  76
  77         INFO(SINK, "Success to install.");
  78         return TRUST_ANCHOR_ERROR_NONE;
  79
  80         EXCEPTION_GUARD_END
  81 }
  82
  83 int TrustAnchor::Impl::rollback(void) const noexcept
  84 {
  85         EXCEPTION_GUARD_START
  86
  87         this->m_logic.deinit(true);
  88
  89         INFO(SINK, "Success to rollback.");
  90         return TRUST_ANCHOR_ERROR_NONE;
  91
  92         EXCEPTION_GUARD_END
  93 }
  94
  95 int TrustAnchor::Impl::uninstall(void) const noexcept
  96 {
  97         EXCEPTION_GUARD_START
  98
  99         this->m_logic.deinit(false);
 100
 101         INFO(SINK, "Success to uninstall.");
 102         return TRUST_ANCHOR_ERROR_NONE;
 103
 104         EXCEPTION_GUARD_END
 105 }
 106
 107 void TrustAnchor::Impl::preLaunch(void)
 108 {
 109         if (!this->m_logic.isCustomBaseValid())
 110                 ThrowExc(TRUST_ANCHOR_ERROR_NOT_INSTALLED, "Tanchor is not installed before.");
 111
 112         if (!this->m_logic.isSystemCertsUsed())
 113                 return;
 114
 115         DEBUG(SINK, "This package uses system certificates.");
 116         if (this->m_logic.isSystemCertsModified()) {
 117                 WARN(SINK, "System certificates be changed. Do re-install for refresh.");
 118                 this->install(this->m_logic.getPkgCertsPath(), true);
 119         }
 120         DEBUG(SINK, "Success to pre-launch stage.");
 121 }
 122
 123 int TrustAnchor::Impl::launch() noexcept
 124 {
 125         EXCEPTION_GUARD_START
 126
 127         this->preLaunch();
 128
 129         this->m_logic.disassociateNS();
 130         this->m_logic.mountCustomCerts();
 131         this->m_logic.mountCustomBundle();
 132
 133         INFO(SINK, "Success to launch.");
 134         return TRUST_ANCHOR_ERROR_NONE;
 135
 136         EXCEPTION_GUARD_END
 137 }
 138
 139 TrustAnchor::TrustAnchor(const std::string &packageId, uid_t uid) noexcept :
 140         m_pImpl(new Impl(packageId, uid)) {}
 141
 142 TrustAnchor::~TrustAnchor(void) = default;
 143
 144 int TrustAnchor::install(const std::string &pkgCertsPath,
 145                                                  bool withSystemCerts) noexcept
 146 {
 147         if (this->m_pImpl == nullptr)
 148                 return TRUST_ANCHOR_ERROR_OUT_OF_MEMORY;
 149
 150         int ret = this->m_pImpl->install(pkgCertsPath, withSystemCerts);
 151
 152         if (ret != TRUST_ANCHOR_ERROR_NONE) {
 153                 ERROR(SINK, "Failed to intall ACTA. Remove custom directory for rollback.");
 154                 if (this->m_pImpl->rollback() != TRUST_ANCHOR_ERROR_NONE)
 155                         ERROR(SINK, "Failed to rollback ACTA.");
 156         }
 157
 158         return ret;
 159 }
 160
 161 int TrustAnchor::uninstall(void) noexcept
 162 {
 163         if (this->m_pImpl == nullptr)
 164                 return TRUST_ANCHOR_ERROR_OUT_OF_MEMORY;
 165
 166         return this->m_pImpl->uninstall();
 167 }
 168
 169 int TrustAnchor::launch(void) noexcept
 170 {
 171         if (this->m_pImpl == nullptr)
 172                 return TRUST_ANCHOR_ERROR_OUT_OF_MEMORY;
 173
 174         return this->m_pImpl->launch();
 175 }
 176
 177 } // namespace tanchor