start = start + strlen(APP_DEK_FILE_PFX) + 1;
char *end = strstr(file_name, ".adek");
- if (start == NULL) {
+ if (end == NULL) {
WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. file_name=%s", file_name);
return WAE_ERROR_FILE;
}
return _write_to_file(path, encrypted);
}
+int _load_preloaded_app_dek(
+ const raw_buffer_s *prikey, const char *filepath, const char *pkg_id)
+{
+ raw_buffer_s *encrypted_dek = NULL;
+ raw_buffer_s *dek = NULL;
+ raw_buffer_s *iv = NULL;
+ crypto_element_s *ce = NULL;
+
+ int ret = _read_from_file(filepath, &encrypted_dek);
+ if (ret != WAE_ERROR_NONE) {
+ WAE_SLOGW("Failed to read file. It will be ignored. file=%s", filepath);
+ return ret;
+ }
+
+ ret = decrypt_app_dek(prikey, APP_DEK_KEK_PRIKEY_PASSWORD, encrypted_dek, &dek);
+ if (ret != WAE_ERROR_NONE) {
+ WAE_SLOGW("Failed to decrypt dek. It will be ignored. file=%s", filepath);
+ goto finish;
+ }
+
+ iv = buffer_create(IV_LEN);
+ if (iv == NULL) {
+ ret = WAE_ERROR_MEMORY;
+ goto finish;
+ }
+
+ memcpy(iv->buf, AES_CBC_IV, iv->size);
+
+ ce = crypto_element_create(dek, iv);
+ if (ce == NULL) {
+ ret = WAE_ERROR_MEMORY;
+ goto finish;
+ }
+
+ ret = save_to_key_manager(pkg_id, pkg_id, WAE_PRELOADED_APP, ce);
+ if (ret == WAE_ERROR_KEY_EXISTS) {
+ WAE_SLOGI("Key Manager already has dek. It will be ignored. file=%s", filepath);
+ } else if (ret != WAE_ERROR_NONE) {
+ WAE_SLOGW("Fail to add APP DEK to key-manager. file=%s", filepath);
+ }
+
+finish:
+ buffer_destroy(encrypted_dek);
+
+ if (ce == NULL) {
+ buffer_destroy(dek);
+ buffer_destroy(iv);
+ } else {
+ crypto_element_destroy(ce);
+ }
+
+ return ret;
+}
+
int get_app_ce(uid_t uid, const char *pkg_id, wae_app_type_e app_type,
bool create_for_migrated_app, const crypto_element_s **pce)
{
}
// store APP_DEK in cache
- _add_app_ce_to_cache(pkg_id, ce);
+ ret = _add_app_ce_to_cache(pkg_id, ce);
if (ret != WAE_ERROR_NONE) {
WAE_SLOGE("Failed to add ce to cache for pkg_id(%s) ret(%d)", pkg_id, ret);
goto error;
int ret = WAE_ERROR_NONE;
char pkg_id[MAX_PKGID_LEN] = {0, };
-
char file_path_buff[MAX_PATH_LEN];
- raw_buffer_s *encrypted_dek = NULL;
- raw_buffer_s *dek = NULL;
- raw_buffer_s *iv = NULL;
- raw_buffer_s *prikey = NULL;
- crypto_element_s *ce = NULL;
-
- int error_during_loading = 0;
if (!reload) {
// check if all deks were already loaded into key-manager.
return ret;
}
+ raw_buffer_s *prikey = NULL;
ret = _get_app_dek_kek(&prikey);
if (ret != WAE_ERROR_NONE) {
if (dir == NULL) {
WAE_SLOGE("Fail to open dir. dir=%s", _get_dek_store_path());
+ buffer_destroy(prikey);
return WAE_ERROR_FILE;
}
struct dirent *result = NULL;
while (true) {
- int error = readdir_r(dir, &entry, &result);
-
- if (error != 0) {
+ if (readdir_r(dir, &entry, &result) != 0) {
ret = WAE_ERROR_FILE;
- goto error;
+ break;
}
// readdir_r returns NULL in *result if the end
if (ret < 0) {
WAE_SLOGE("Failed to make file path by snprintf.");
ret = WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */
- goto error;
+ break;
}
ret = _extract_pkg_id_from_file_name(entry.d_name, pkg_id);
continue;
}
- ret = _read_from_file(file_path_buff, &encrypted_dek);
-
- if (ret != WAE_ERROR_NONE || encrypted_dek == NULL) {
- ++error_during_loading;
- WAE_SLOGW("Failed to read file. It will be ignored. file=%s", file_path_buff);
- continue;
- }
-
- ret = decrypt_app_dek(prikey, APP_DEK_KEK_PRIKEY_PASSWORD, encrypted_dek, &dek);
-
- buffer_destroy(encrypted_dek);
- encrypted_dek = NULL;
-
- if (ret != WAE_ERROR_NONE || dek == NULL) {
- ++error_during_loading;
- WAE_SLOGW("Failed to decrypt dek. It will be ignored. file=%s",
- file_path_buff);
- continue;
- }
- iv = buffer_create(IV_LEN);
- if (iv == NULL) {
- ++error_during_loading;
- buffer_destroy(dek);
- dek = NULL;
- continue;
- }
-
- memcpy(iv->buf, AES_CBC_IV, iv->size);
-
- ce = crypto_element_create(dek, iv);
- if (ce == NULL) {
- ++error_during_loading;
- buffer_destroy(iv);
- iv = NULL;
- buffer_destroy(dek);
- dek = NULL;
- continue;
- }
-
- ret = save_to_key_manager(pkg_id, pkg_id, WAE_PRELOADED_APP, ce);
-
- if (ret == WAE_ERROR_KEY_EXISTS) {
- WAE_SLOGI("Key Manager already has dek. It will be ignored. file=%s",
- file_path_buff);
- } else if (ret != WAE_ERROR_NONE) {
- ++error_during_loading;
- WAE_SLOGW("Fail to add APP DEK to key-manager. file=%s", file_path_buff);
- }
-
- crypto_element_destroy(ce);
- ce = NULL;
- }
-
- ret = set_app_deks_loaded_to_key_manager();
-
-error:
- if (ret != WAE_ERROR_NONE) {
- if (ce) {
- crypto_element_destroy(ce);
+ ret = _load_preloaded_app_dek(prikey, file_path_buff, pkg_id);
+ if (ret != WAE_ERROR_NONE && ret != WAE_ERROR_KEY_EXISTS) {
+ WAE_SLOGW("Failed to load app dek(%s) ret(%d)", file_path_buff, ret);
} else {
- buffer_destroy(dek);
- buffer_destroy(iv);
+ WAE_SLOGI("Successfully load app dek(%s)", file_path_buff);
+ ret = WAE_ERROR_NONE;
}
}
buffer_destroy(prikey);
closedir(dir);
- return ret;
+ if (ret != WAE_ERROR_NONE)
+ return ret;
+ else
+ return set_app_deks_loaded_to_key_manager();
}
int remove_app_ce(uid_t uid, const char *pkg_id, wae_app_type_e app_type)
projects / platform / core / security / libwebappenc.git / commitdiff