X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=src%2Fjobs%2Fwidget_install%2Ftask_certify.cpp;h=128f022a865077d2700aa711ba0d0f65a208343f;hb=7318f9524c8f477b402ad3951496bfc2e27095b3;hp=8670d019dee50e9ad839bf73a3c40113ace617e6;hpb=bd5ca46b9d838004edc0e0667c8a1cbdd6f258ae;p=framework%2Fweb%2Fwrt-installer.git diff --git a/src/jobs/widget_install/task_certify.cpp b/src/jobs/widget_install/task_certify.cpp index 8670d01..128f022 100644 --- a/src/jobs/widget_install/task_certify.cpp +++ b/src/jobs/widget_install/task_certify.cpp @@ -40,7 +40,6 @@ #include #include #include -#include #include #include @@ -51,10 +50,6 @@ using namespace ValidationCore; using namespace WrtDB; namespace { -const std::string LABEL_NEW_LINE = "
"; -const std::string LABEL_NEW_LINE_2 = "

"; -const std::string UNTRUSTED_WIDGET = "It is an Untrusted Widget"; -const char *QUESTION = "Do you wanto to install?"; WidgetCertificateData toWidgetCertificateData(const SignatureData &data, bool root) @@ -127,25 +122,13 @@ namespace Jobs { namespace WidgetInstall { TaskCertify::TaskCertify(InstallerContext &inCont) : DPL::TaskDecl(this), - WidgetInstallPopup(inCont), m_contextData(inCont) { AddStep(&TaskCertify::stepSignature); // certi comparison determines whether the update. - if (true == m_contextData.existingWidgetInfo.isExist) { + if (true == m_contextData.isUpdateMode) { AddStep(&TaskCertify::stepVerifyUpdate); } - - // Block until fixed popup issues - if (!GlobalSettings::PopupsTestModeEnabled() - && !m_installContext.m_quiet && !isTizenWebApp()) - { - AddStep(&TaskCertify::stepWarningPopup); - AddStep(&TaskCertify::stepWarningPopupAnswer); - AddStep(&TaskCertify::stepAuthorInfoPopup); - AddStep(&TaskCertify::stepAuthorInfoPopupAnswer); - AddStep(&TaskCertify::StepDeletePopupWin); - } AddStep(&TaskCertify::stepFinalize); } @@ -155,10 +138,6 @@ void TaskCertify::processDistributorSignature(const SignatureData &data) // no point in check domain WAC_ROOT and WAC_RECOGNIZED m_contextData.wacSecurity.setDistributorSigned(true); - if (data.getStorageType().contains(CertStoreId::WAC_ROOT)) { - m_contextData.wacSecurity.setWacSigned(true); - } - CertificateCollection collection; collection.load(data.getCertList()); Assert(collection.sort() && @@ -234,15 +213,13 @@ void TaskCertify::stepSignature() SignatureFinder signatureFinder(widgetPath); if (SignatureFinder::NO_ERROR != signatureFinder.find(signatureFiles)) { LogError("Error in Signature Finder"); - ThrowMsg(Exceptions::InvalidPackage, + ThrowMsg(Exceptions::SignatureNotFound, "Error openig temporary widget directory"); } SignatureFileInfoSet::reverse_iterator iter = signatureFiles.rbegin(); LogInfo("Number of signatures: " << signatureFiles.size()); - bool testCertificate = false; - bool complianceMode = GlobalDAOReadOnly::getComplianceMode(); for (; iter != signatureFiles.rend(); ++iter) { @@ -258,7 +235,7 @@ void TaskCertify::stepSignature() WrtSignatureValidator::AppType appType = WrtSignatureValidator::WAC20; - if (m_installContext.widgetConfig.webAppType == + if (m_contextData.widgetConfig.webAppType == APP_TYPE_TIZENWEBAPP) { appType = WrtSignatureValidator::TIZEN; @@ -277,7 +254,9 @@ void TaskCertify::stepSignature() result = validator.check(data, widgetPath); if (m_contextData.widgetConfig.packagingType - == WrtDB::PKG_TYPE_DIRECTORY_WEB_APP) + == WrtDB::PKG_TYPE_DIRECTORY_WEB_APP || + m_contextData.job->getInstallerStruct().m_installMode + == InstallMode::INSTALL_MODE_PRELOAD) { // In directory installation mode, the validation is skipped. @@ -286,14 +265,14 @@ void TaskCertify::stepSignature() if (result == WrtSignatureValidator::SIGNATURE_REVOKED) { LogWarning("Certificate is REVOKED"); - ThrowMsg(Exceptions::InvalidPackage, + ThrowMsg(Exceptions::CertificateExpired, "Certificate is REVOKED"); } if (result == WrtSignatureValidator::SIGNATURE_INVALID) { LogWarning("Signature is INVALID"); // TODO change exception name - ThrowMsg(Exceptions::InvalidPackage, + ThrowMsg(Exceptions::SignatureInvalid, "Invalid Package"); } @@ -308,56 +287,14 @@ void TaskCertify::stepSignature() continue; } } else { - if (result == WrtSignatureValidator::SIGNATURE_DISREGARD) { - continue; - } // now signature _must_ be verified processDistributorSignature(data); } - - bool developerMode = GlobalDAOReadOnly::GetDeveloperMode(); - - std::string realMEID; - /* - TapiHandle *tapiHandle = tel_init(NULL); - char *meid = tel_get_misc_me_sn_sync(tapiHandle); - if (meid) { - realMEID = meid; - free(meid); - } - tel_deinit(tapiHandle); - */ - - DeveloperModeValidator developerModeValidator( - complianceMode, - developerMode, - GlobalDAOReadOnly::getComplianceFakeImei(), - GlobalDAOReadOnly::getComplianceFakeMeid(), - realMEID); - - developerModeValidator.check(data); - - testCertificate |= - data.getStorageType().contains(CertStoreId::DEVELOPER); - - if (testCertificate && !developerMode) { - LogError("Widget signed by test certificate, " - "but developer mode is off."); - ThrowMsg(Exceptions::InvalidPackage, - "Widget signed by test certificate, " - "but developer mode is off."); - } - m_contextData.widgetConfig.isTestWidget = testCertificate; } Catch(ParserSchemaException::Base) { LogError("Error occured in ParserSchema."); - ReThrowMsg(Exceptions::InvalidPackage, + ReThrowMsg(Exceptions::SignatureInvalid, "Error occured in ParserSchema."); } - Catch(DeveloperModeValidator::Exception::Base) { - LogError("Cannot validate developer certificate."); - ReThrowMsg(Exceptions::InvalidPackage, - "Cannot validate developer certificate."); - } } if (signatureFiles.empty()) { @@ -371,99 +308,6 @@ void TaskCertify::stepSignature() "Widget Signature checked"); } -void TaskCertify::createInstallPopup(PopupType type, const std::string &label) -{ - m_contextData.job->Pause(); - if (m_popup) { - destroyPopup(); - } - bool ret = createPopup(); - if (ret) { - loadPopup(type, label); - showPopup(); - } -} -void TaskCertify::StepDeletePopupWin() -{ - destroyPopup(); -} - -void TaskCertify::stepWarningPopup() -{ - LogInfo("Step:: <>"); - // SP-2151: If widget is not recognized (OCSP status of any of certificates - // it is signed with is not recognized) WRT must notify user that - // widget cannot be installed as a trusted application, and let the - // user decide whether it should be installed as an untrusted - // application. - if (!m_contextData.wacSecurity.isDistributorSigned()) { - std::string label = UNTRUSTED_WIDGET + - LABEL_NEW_LINE_2 + - QUESTION; - createInstallPopup(PopupType::WIDGET_UNRECOGNIZED, label); - } -} - -std::string TaskCertify::createAuthorWidgetInfo() const -{ - std::string authorInfo; - if (m_contextData.wacSecurity.isRecognized()) { - //authorInfo += _("IDS_IM_WIDGET_RECOGNISED"); - authorInfo += _("WIDGET RECOGNISED"); - } else { - //authorInfo += _("IDS_IM_WIDGET_UNRECOGNISED"); - authorInfo += _("WIDGET UNRECOGNISED"); - } - - authorInfo += LABEL_NEW_LINE_2; - ValidationCore::CertificatePtr authorCert = - m_contextData.wacSecurity.getAuthorCertificatePtr(); - if (!!authorCert) { - DPL::Optional < DPL::String > organizationName = - authorCert->getOrganizationName(); - - //authorInfo += _("IDS_IM_WIDGET_AUTHOR_ORGANIZATION_NAME"); - authorInfo += _("AUTHOR ORGANIZATION NAME"); - authorInfo += LABEL_NEW_LINE; - - if (!organizationName.IsNull()) { - authorInfo += DPL::ToUTF8String(*organizationName); - } else { - //authorInfo += _("IDS_IM_WIDGET_ORGANIZATION_UNKNOWN"); - authorInfo += _("WIDGET ORGANIZATION UNKNOWN"); - } - - authorInfo += LABEL_NEW_LINE_2; - - DPL::Optional < DPL::String > countryName = - authorCert->getCountryName(); - - //authorInfo += _("IDS_IM_WIDGET_COUNTRY_NAME"); - authorInfo += _("WIDGET COUNTRY NAME"); - authorInfo += LABEL_NEW_LINE; - - if (!countryName.IsNull()) { - authorInfo += DPL::ToUTF8String(*countryName); - } else { - //authorInfo += _("IDS_IM_WIDGET_COUNTRY_UNKNOWN"); - authorInfo += _("WIDGET COUNTRY UNKNOWN"); - } - } else { - authorInfo += - //_("IDS_IM_WIDGET_DOES_NOT_CONTAIN_RECOGNIZED_AUTHOR_SIGNATURE"); - _("Widget does not contain recognized author signature"); - } - return authorInfo; -} - -void TaskCertify::stepAuthorInfoPopup() -{ - LogInfo("Step:: <>"); - std::string label - = createAuthorWidgetInfo() + LABEL_NEW_LINE_2 + QUESTION; - createInstallPopup(PopupType::WIDGET_AUTHOR_INFO, label); -} - void TaskCertify::stepFinalize() { LogInfo("Step: <>"); @@ -473,34 +317,10 @@ void TaskCertify::stepFinalize() "Widget Certification Check Finished"); } -void TaskCertify::stepWarningPopupAnswer() -{ - LogInfo("Step: <>"); - if (false == m_contextData.wacSecurity.isDistributorSigned() && - WRT_POPUP_BUTTON_CANCEL == m_installCancel) - { - LogWarning("User does not agreed to install unsigned widgets!"); - m_installCancel = WRT_POPUP_BUTTON; - destroyPopup(); - ThrowMsg(Exceptions::NotAllowed, "Widget not allowed"); - } -} - -void TaskCertify::stepAuthorInfoPopupAnswer() -{ - LogInfo("Step: <>"); - if (WRT_POPUP_BUTTON_CANCEL == m_installCancel) { - LogWarning("User does not agreed to install widget!"); - m_installCancel = WRT_POPUP_BUTTON; - destroyPopup(); - ThrowMsg(Exceptions::NotAllowed, "Widget not allowed"); - } -} - bool TaskCertify::isTizenWebApp() const { bool ret = FALSE; - if (m_installContext.widgetConfig.webAppType.appType + if (m_contextData.widgetConfig.webAppType.appType == WrtDB::AppType::APP_TYPE_TIZENWEBAPP) { ret = TRUE; @@ -515,7 +335,7 @@ void TaskCertify::stepVerifyUpdate() CertificatePtr newCertificate = m_contextData.wacSecurity.getAuthorCertificatePtr(); CertificatePtr oldCertificate = - getOldAuthorSignerCertificate(m_installContext.widgetConfig.tzAppid); + getOldAuthorSignerCertificate(m_contextData.widgetConfig.tzAppid); if (!!newCertificate && !!oldCertificate) { if (0 != newCertificate->getBase64().compare(oldCertificate->getBase64())) { @@ -523,13 +343,13 @@ void TaskCertify::stepVerifyUpdate() oldCertificate->getBase64()); LogDebug("new widget's author signer certificate : " << newCertificate->getBase64()); - ThrowMsg(Exceptions::InvalidPackage, + ThrowMsg(Exceptions::NotMatchedCertification, "Author signer certificates doesn't match \ between old widget and installing widget"); } } else { if (!(NULL == newCertificate.Get() && NULL == oldCertificate.Get())) { - ThrowMsg(Exceptions::InvalidPackage, + ThrowMsg(Exceptions::NotMatchedCertification, "Author signer certificates doesn't match \ between old widget and installing widget"); }