SignatureData &data,
const std::string &widgetContentPath) = 0;
+
+ virtual SignatureValidator::Result setPartialHashList(std::list<std::string>& targetUri) = 0;
+ virtual bool setNoHash(bool noHash) = 0;
+
explicit ImplSignatureValidator(bool ocspEnable,
bool crlEnable,
bool complianceMode)
: m_ocspEnable(ocspEnable)
, m_crlEnable(crlEnable)
, m_complianceModeEnabled(complianceMode)
+ , m_noHash(false)
+ ,m_partialHash(false)
{}
virtual ~ImplSignatureValidator(){}
bool m_ocspEnable;
bool m_crlEnable;
bool m_complianceModeEnabled;
+ bool m_noHash; // sign, cert, no hash
+ bool m_partialHash; //partialHash
};
class ImplTizenSignatureValidator : public SignatureValidator::ImplSignatureValidator
SignatureValidator::Result check(SignatureData &data,
const std::string &widgetContentPath);
+ bool setNoHash(bool noHash){
+ LogDebug("setNoHash : noHash >>");
+ m_noHash = noHash; }
+
+ SignatureValidator::Result setPartialHashList(std::list<std::string>& targetUri);
+
explicit ImplTizenSignatureValidator(bool ocspEnable,
bool crlEnable,
bool complianceMode)
virtual ~ImplTizenSignatureValidator() {}
};
+SignatureValidator::Result
+ImplTizenSignatureValidator::setPartialHashList(std::list<std::string>& targetUri)
+{
+ LogDebug("setPartialHashList start >>");
+
+ m_partialHash = true;
+ if (XmlSec::NO_ERROR != XmlSecSingleton::Instance().setPartialHashList(targetUri)) {
+ LogWarning("Installation break - setPartialHashList fail!");
+ LogDebug("setPartialHashList end : fail >>");
+ return SignatureValidator::SIGNATURE_INVALID;
+ }
+
+ LogDebug("setPartialHashList end : success >>");
+ return SignatureValidator::SIGNATURE_VALID;
+}
+
+
SignatureValidator::Result ImplTizenSignatureValidator::check(
SignatureData &data,
const std::string &widgetContentPath)
//context.allowBrokenChain = true;
// end
- if (XmlSec::NO_ERROR != XmlSecSingleton::Instance().validate(&context)) {
+
+ if(m_noHash == true)
+ {
+ LogDebug("noHash : validateNoHash >>");
+ if (XmlSec::NO_ERROR != XmlSecSingleton::Instance().validateNoHash(&context)) {
+ LogWarning("Installation break - invalid package!");
+ return SignatureValidator::SIGNATURE_INVALID;
+ }
+ }
+ else if(m_partialHash == true)
+ {
+ LogDebug("partialHash : validatePartialHash >>");
+ if (XmlSec::NO_ERROR != XmlSecSingleton::Instance().validatePartialHash(&context)) {
+ LogWarning("Installation break - invalid package!");
+ return SignatureValidator::SIGNATURE_INVALID;
+ }
+ }
+ else if (XmlSec::NO_ERROR != XmlSecSingleton::Instance().validate(&context)) {
LogWarning("Installation break - invalid package!");
return SignatureValidator::SIGNATURE_INVALID;
}
public:
SignatureValidator::Result check(SignatureData &data,
const std::string &widgetContentPath);
+
+ SignatureValidator::Result setPartialHashList(std::list<std::string>& targetUri){}
+ bool setNoHash(bool noHash){}
explicit ImplWacSignatureValidator(bool ocspEnable,
bool crlEnable,
bool complianceMode)
: m_impl(0)
{
- if (appType == TIZEN)
- m_impl = new ImplTizenSignatureValidator(ocspEnable,crlEnable,complianceMode);
- else
+ if (appType == TIZEN_NO_HASH || appType == TIZEN)
+ {
+ m_impl = new ImplTizenSignatureValidator(ocspEnable,crlEnable,complianceMode);
+ if(appType == TIZEN_NO_HASH)
+ {
+ m_impl->setNoHash(true);
+ LogDebug( "m_impl->setNoHash(true)");
+ }
+ }
+ else
m_impl = new ImplWacSignatureValidator(ocspEnable,crlEnable,complianceMode);
}
return m_impl->check(data, widgetContentPath);
}
+
+SignatureValidator::Result SignatureValidator::setPartialHashList(std::list<std::string>& targetUri)
+{
+ return m_impl->setPartialHashList(targetUri);
+}
+
} // namespace ValidationCore
#include <xmlsec/crypto.h>
#include <xmlsec/io.h>
#include <xmlsec/keyinfo.h>
+#include <xmlsec/errors.h>
#include <dpl/assert.h>
#include <dpl/log/log.h>
int output = xmlFileRead(fw->file, buffer, len);
if (output == 0) {
fw->released = true;
+ LogDebug("Xmlsec close: ");
xmlFileClose(fw->file);
}
+ LogDebug("Xmlsec reading: ");
return output;
}
{
FileWrapper *fw = static_cast<FileWrapper*>(context);
int output = 0;
+ LogDebug("Xmlsec closeing: ");
if (!(fw->released)) {
output = xmlFileClose(fw->file);
}
}
}
+void LogDebugPrint(const char* file,
+ int line,
+ const char* func,
+ const char* errorObject,
+ const char* errorSubject,
+ int reason,
+ const char* msg)
+{
+// std::string strTemp = msg;
+ //LogDebug("func: " << (char*)func);
+ //LogDebug("reason: " << reason);
+ LogDebug("msg: " << msg);
+}
+
+
XmlSec::XmlSec() :
m_initialized(false)
{
xmlSecDSigCtxPtr dsigCtx = NULL;
int size, res = -1;
+ LogDebug("XmlSec::validateFile: start >> ");
fileExtractPrefix(context);
LogDebug("Prefix path: " << s_prefixPath);
}
done:
+ xmlSecDSigSetNoHash(0); //set gNoHash(default : 0)
/* cleanup */
if (dsigCtx != NULL) {
xmlSecDSigCtxDestroy(dsigCtx);
XmlSec::Result XmlSec::validate(XmlSecContext *context)
{
+ LogDebug("XmlSec::validate: start >> ");
+
+ xmlSecErrorsSetCallback(LogDebugPrint);
Assert(context);
Assert(!(context->signatureFile.empty()));
Assert(context->certificatePtr.Get() || !(context->certificatePath.empty()));
return validateFile(context, mngr.get());
}
+
+XmlSec::Result XmlSec::validateNoHash(XmlSecContext *context)
+{
+ LogDebug("XmlSec::validateNoHash start >>");
+
+ xmlSecDSigSetNoHash(1);
+ return validate(context);
+}
+
+XmlSec::Result XmlSec::validatePartialHash(XmlSecContext *context)
+{
+ LogDebug("XmlSec::validatePartialHash start >>");
+
+ return validate(context);
+}
+
+
+XmlSec::Result XmlSec::setPartialHashList(std::list<std::string>& targetUri)
+{
+ char *uri;
+ int len;
+ std::string tmpString;
+ HashUriList* pTmp =(HashUriList*)malloc(sizeof(HashUriList));
+ std::list<std::string>::const_iterator iter = targetUri.begin();
+ char* strange = NULL;
+
+ LogDebug("XmlSec::setPartialHashList start >>");
+ xmlSecErrorsSetCallback(LogDebugPrint);
+
+ for (iter; iter != targetUri.end(); ++iter)
+ {
+ //tmpString.append(*iter);
+ tmpString = (*iter);
+ uri = (char*)tmpString.c_str();
+ len = tmpString.size();
+
+ LogDebug("setPartialHashList: uri :" << uri);
+ LogDebug("setPartialHashList: len :" << len);
+
+
+ strange = strstr(uri, "/i");
+ if( strange != NULL)
+ {
+ LogDebug("setPartialHashList: r-strange :" << strange);
+ uri = strange+1;
+ LogDebug("setPartialHashList: r-uri :" << uri);
+ len = strlen(uri);
+ }
+
+ pTmp->uri = (char*)malloc(len+1);
+ memcpy(pTmp->uri, uri, len);
+ pTmp->uri[len] = '\0';
+
+ LogDebug("setPartialHashList: " << pTmp->uri);
+
+ pTmp->pNext = (HashUriList*)malloc(sizeof(HashUriList));
+ pTmp = pTmp->pNext;
+
+ }
+
+ pTmp->pNext = NULL;
+
+ xmlSecDSigSetPartialHash(pTmp);
+
+ LogDebug("XmlSec::setPartialHashList end >>");
+
+ return NO_ERROR;
+}
+
+
+
} // namespace ValidationCore
projects / platform / core / security / cert-svc.git / commitdiff