2 * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 * @file injected_bundle_decryption_support.cpp
18 * @author Jihoon Chung (jihoon.chung@samsung.com)
22 #include "injected_bundle_decryption_support.h"
28 #include <ss_manager.h>
29 #include <openssl/sha.h>
30 #include <openssl/hmac.h>
31 #include <openssl/evp.h>
32 #include <openssl/bio.h>
33 #include <openssl/buffer.h>
35 #include <dpl/assert.h>
36 #include <dpl/string.h>
37 #include <dpl/wrt-dao-ro/widget_dao_read_only.h>
38 #include <dpl/wrt-dao-ro/global_config.h>
39 #include <dpl/utils/mime_type_utils.h>
41 #include <dpl/log/secure_log.h>
43 namespace InjectedBundle {
45 const char * const SCHEME_FILE_SLASH = "file://";
46 const char * const DATA_STRING = "data:";
47 const char * const BASE64_STRING = ";base64,";
48 const char QUESTION_MARK = '?';
49 const char ASTERISK_MARK = '#';
52 //Implementation class
53 class DecryptionSupportImplementation
58 WrtDB::TizenAppId m_appId;
59 WrtDB::EncryptedFileList m_encryptedFiles;
61 std::set<WrtDB::EncryptedFileInfo>::iterator m_targetIt;
63 WrtDB::TizenPkgId m_pkgId;
66 std::string getFilePath(const std::string& url)
68 std::string filePath = url;
70 size_t pos = filePath.find_first_not_of(SCHEME_FILE_SLASH);
71 if (pos != std::string::npos) {
72 filePath = filePath.substr(pos - 1);
75 pos = filePath.find_first_of(ASTERISK_MARK);
76 if (pos != std::string::npos) {
77 filePath = filePath.substr(0, pos);
80 pos = filePath.find_first_of(QUESTION_MARK);
81 if (pos != std::string::npos) {
82 filePath = filePath.substr(0, pos);
88 int ssmDecrypt(const std::string pkgId, const char* inBuf, int inSize, char** outBuf, int* outSize)
91 return ssm_decrypt_preloaded_application(inBuf, inSize, outBuf,
94 return ssm_decrypt(pkgId.c_str(), pkgId.length(), inBuf, inSize, outBuf, outSize);
98 std::string doDecrypt(std::string filePath, int size)
101 if (0 == stat(filePath.c_str(), &buf)) {
102 const std::size_t fileSize = buf.st_size;
103 std::unique_ptr<unsigned char[]> inChunk;
105 FILE* fp = fopen(filePath.c_str(), "rb");
107 _E("Couldnot open file : %s", filePath.c_str());
108 return std::string();
111 std::unique_ptr<unsigned char[]> DecryptedString(new unsigned
113 std::string pkgid(DPL::ToUTF8String(m_pkgId));
117 unsigned char getDecSize[4];
118 memset(getDecSize, 0x00, sizeof(getDecSize));
120 size_t readSize = fread(getDecSize, sizeof(unsigned char), sizeof(getDecSize), fp);
122 unsigned int readBufSize = 0;
123 std::istringstream(std::string((char*)getDecSize)) >> readBufSize;
124 inChunk.reset(new unsigned char[readBufSize]);
126 size_t decReadSize = fread(inChunk.get(), sizeof(unsigned char), readBufSize, fp);
128 if (0 != decReadSize) {
129 char *outChunk = NULL;
131 if (0 != ssmDecrypt(pkgid, (char*)inChunk.get(), (int)decReadSize, &outChunk, &outSize))
133 _E("Failed to get decrypted resource");
135 return std::string();
137 memcpy(DecryptedString.get() + writeCount, outChunk, outSize);
138 writeCount += outSize;
141 } while( 0 == std::feof(fp));
143 memset(DecryptedString.get() + size, '\n', fileSize - size);
148 b64 = BIO_new(BIO_f_base64());
149 bmem = BIO_new(BIO_s_mem());
150 b64 = BIO_push(b64, bmem);
151 BIO_write(b64, DecryptedString.get(), fileSize);
153 BIO_get_mem_ptr(b64, &bptr);
155 std::string base64Enc((char *)bptr->data, bptr->length - 1);
160 return std::string();
164 DecryptionSupportImplementation() :
165 m_initialized(false),
166 m_isEncrypted(false),
171 void initialize(WrtDB::TizenAppId appId)
176 WrtDB::WidgetDAOReadOnly dao(m_appId);
177 dao.getEncryptedFileList(m_encryptedFiles);
178 if (!m_encryptedFiles.empty()) {
179 m_isEncrypted = true;
180 _D("encrypted application");
182 m_pkgId = dao.getTzPkgId();
184 std::string installedPath =
185 DPL::ToUTF8String(*dao.getWidgetInstalledPath());
186 std::string preloadPath(WrtDB::GlobalConfig::GetUserPreloadedWidgetPath());
187 if (0 == installedPath.compare(0, preloadPath.length(), preloadPath)) {
189 _D("preload application");
192 m_initialized = true;
195 void deinitialize(void)
199 m_encryptedFiles.clear();
200 m_targetIt = m_encryptedFiles.end();
201 m_isEncrypted = false;
202 m_appId = DPL::String(L"");
203 m_initialized = false;
206 bool isNeedDecryption(std::string url)
208 if (!m_initialized) {
209 _E("not initialized");
213 if (0 != strncmp(url.c_str(), SCHEME_FILE_SLASH, strlen(SCHEME_FILE_SLASH))) {
217 std::set<WrtDB::EncryptedFileInfo>::iterator it;
218 WrtDB::EncryptedFileInfo info;
219 std::string filePath = getFilePath(url);
220 info.fileName = DPL::FromUTF8String(filePath);
221 if (m_encryptedFiles.end() != (it = m_encryptedFiles.find(info))) {
222 _D(" info file name : %s", DPL::ToUTF8String(it->fileName).c_str());
223 _D(" info file size : %d", it->fileSize);
230 std::string decryptResource(std::string url)
232 if (!m_initialized) {
233 _E("not initialized");
234 return std::string();
237 std::string filePath = getFilePath(url);
238 if (filePath != DPL::ToUTF8String(m_targetIt->fileName)) {
239 if (!isNeedDecryption(filePath)) {
240 return std::string();
244 std::string decryptString =
245 doDecrypt(DPL::ToUTF8String(m_targetIt->fileName),
246 m_targetIt->fileSize);
247 if (!decryptString.empty()) {
248 std::string destString = DATA_STRING;
250 std::string mimeString =
252 MimeTypeUtils::identifyFileMimeType(
253 DPL::FromUTF8String(url)));
255 destString += mimeString;
256 destString += BASE64_STRING;
258 decryptString.insert(0, destString);
260 return decryptString;
264 DecryptionSupport::DecryptionSupport() :
265 m_impl(new DecryptionSupportImplementation)
269 DecryptionSupport::~DecryptionSupport()
273 void DecryptionSupport::initialize(WrtDB::TizenAppId appId)
275 m_impl->initialize(appId);
278 void DecryptionSupport::deinitialize(void)
280 m_impl->deinitialize();
283 bool DecryptionSupport::isNeedDecryption(std::string url)
285 return m_impl->isNeedDecryption(url);
288 std::string DecryptionSupport::decryptResource(std::string url)
290 return m_impl->decryptResource(url);
292 } // namespace InjectedBundle