/*
- * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
delete m_logic;
}
+void CKMService::Start() {
+ Create();
+}
+
+void CKMService::Stop() {
+ Join();
+}
+
GenericSocketService::ServiceDescriptionVector CKMService::GetServiceDescription()
{
return ServiceDescriptionVector {
- {SERVICE_SOCKET_CKM_CONTROL, "key-manager::api-control", SOCKET_ID_CONTROL},
- {SERVICE_SOCKET_CKM_STORAGE, "key-manager::api-storage", SOCKET_ID_STORAGE}
+ {SERVICE_SOCKET_CKM_CONTROL, "http://tizen.org/privilege/keymanager.admin", SOCKET_ID_CONTROL},
+ {SERVICE_SOCKET_CKM_STORAGE, "http://tizen.org/privilege/keymanager", SOCKET_ID_STORAGE}
};
}
+void CKMService::SetCommManager(CommMgr *manager)
+{
+ ThreadService::SetCommManager(manager);
+ Register(*manager);
+}
+
+// CKMService does not support security check
+// so 3rd parameter is not used
bool CKMService::ProcessOne(
const ConnectionID &conn,
- ConnectionInfo &info)
+ ConnectionInfo &info,
+ bool /*allowed*/)
{
LogDebug ("process One");
RawBuffer response;
int tmpDataType = 0;
Name name;
Label label, accessorLabel;
- std::string user;
buffer.Deserialize(command);
buffer.Deserialize(msgID);
+ // This is a workaround solution for locktype=None in Tizen 2.2.1
+ // When locktype is None, lockscreen app doesn't interfere with unlocking process.
+ // Therefor lockscreen app cannot notify unlock events to key-manager when locktype is None.
+ // So, to unlock user data when lock type is None, key-manager always try to unlock user data with null password.
+ // Even if the result is fail, it will be ignored.
+ Password nullPassword("");
+ m_logic->unlockUserKey(cred.clientUid, nullPassword);
+
LogDebug("Process storage. Command: " << command);
switch(static_cast<LogicCommand>(command)) {
msgID,
DataType(tmpDataType));
}
+ case LogicCommand::CREATE_KEY_AES:
+ {
+ int size = 0;
+ Name keyName;
+ Label keyLabel;
+ PolicySerializable policyKey;
+ buffer.Deserialize(size,
+ policyKey,
+ keyName,
+ keyLabel);
+ return m_logic->createKeyAES(
+ cred,
+ msgID,
+ size,
+ keyName,
+ keyLabel,
+ policyKey);
+ }
case LogicCommand::CREATE_KEY_PAIR:
{
CryptoAlgorithmSerializable keyGenAlgorithm;
RawBuffer certificate;
RawBufferVector untrustedVector;
RawBufferVector trustedVector;
- bool systemCerts;
+ bool systemCerts = false;
buffer.Deserialize(certificate, untrustedVector, trustedVector, systemCerts);
return m_logic->getCertificateChain(
cred,
RawBuffer certificate;
LabelNameVector untrustedVector;
LabelNameVector trustedVector;
- bool systemCerts;
+ bool systemCerts = false;
buffer.Deserialize(certificate, untrustedVector, trustedVector, systemCerts);
return m_logic->getCertificateChain(
cred,
}
}
+void CKMService::ProcessMessage(MsgKeyRequest msg)
+{
+ Crypto::GObjShPtr key;
+ int ret = m_logic->getKeyForService(msg.cred,
+ msg.name,
+ msg.label,
+ msg.password,
+ key);
+ MsgKeyResponse kResp(msg.id, key, ret);
+ try {
+ if (!m_commMgr->SendMessage(kResp))
+ LogError("No listener found"); // can't do much more
+ } catch (...) {
+ LogError("Uncaught exception in SendMessage. Check listeners.");
+ }
+}
+
+void CKMService::CustomHandle(const ReadEvent &event) {
+ LogDebug("Read event");
+ auto &info = m_connectionInfoMap[event.connectionID.counter];
+ info.buffer.Push(event.rawBuffer);
+ while(ProcessOne(event.connectionID, info, true));
+}
+
+void CKMService::CustomHandle(const SecurityEvent & /*event*/) {
+ LogError("This should not happend! SecurityEvent was called on CKMService!");
+}
+
} // namespace CKM