[KeyManager] Check if data name and package id exists.

[Feature] Before allowing access data name and package id
has to be checked if they are correct.

[Verification] Code compiles. Related tests pass.

Change-Id: Iffd26ebec36ae26bff713652e6d8394334f3e31c
Signed-off-by: Tomasz Marciniak <t.marciniak@samsung.com>

diff --git a/src/keymanager/keymanager.gyp b/src/keymanager/keymanager.gyp
index 99ae7ffcf62c8b5ad78668c5da889fb5351bfb72..156413541e5c464c209d41be511a999ecdd18845 100644 (file)
--- a/src/keymanager/keymanager.gyp
+++ b/src/keymanager/keymanager.gyp
@@ -21,6 +21,7 @@
           'variables': {
             'packages': [
               'key-manager',
+              'pkgmgr-info',
             ]
           },
         }],

diff --git a/src/keymanager/keymanager_api.js b/src/keymanager/keymanager_api.js
index e4690e49d16eeb9cf2463f7bcb3ccf077a6edc51..860e85e54acc18df9fa54fc06b5322ed7bdc3fa3 100755 (executable)
--- a/src/keymanager/keymanager_api.js
+++ b/src/keymanager/keymanager_api.js
@@ -552,6 +552,12 @@ KeyManager.prototype.allowAccessControl = function() {
       nullable: true
     }
   ]);
+
+  var ret = native.callSync('KeyManager_isDataNameFound', {dataName : args.dataName});
+  if (native.isFailure(ret)) {
+    throw native.getErrorObject(ret);
+  }
+
   native.call('KeyManager_allowAccessControl', {
     dataName: args.dataName,
     id: args.id,
@@ -588,6 +594,12 @@ KeyManager.prototype.denyAccessControl = function() {
       nullable: true
     }
   ]);
+
+  var ret = native.callSync('KeyManager_isDataNameFound', {dataName : args.dataName});
+  if (native.isFailure(ret)) {
+    throw native.getErrorObject(ret);
+  }
+
   native.call('KeyManager_denyAccessControl', {
     dataName: args.dataName,
     id: args.id

diff --git a/src/keymanager/keymanager_instance.cc b/src/keymanager/keymanager_instance.cc
index 87a6c16082565b8f32d1263160a3158d8abd7b43..e9a1af08c2c71b99e87523db8b78cb1bf1b1ba16 100755 (executable)
--- a/src/keymanager/keymanager_instance.cc
+++ b/src/keymanager/keymanager_instance.cc
@@ -18,6 +18,7 @@
 
 #include <ckmc/ckmc-manager.h>
 #include <glib.h>
+#include <pkgmgr-info.h>
 
 #include "common/logger.h"
 #include "common/optional.h"
@@ -199,7 +200,6 @@ void GetGenericAliasList(AliasListFunction func, picojson::object* out) {
     common::tools::ReportError(PlatformResult(ErrorCode::UNKNOWN_ERR, "Failed to get alias list"), out);
   }
 }
-
 }  // namespace
 
 KeyManagerInstance::KeyManagerInstance() {
@@ -241,6 +241,8 @@ KeyManagerInstance::KeyManagerInstance() {
       std::bind(&KeyManagerInstance::AllowAccessControl, this, _1, _2));
   RegisterSyncHandler("KeyManager_denyAccessControl",
       std::bind(&KeyManagerInstance::DenyAccessControl, this, _1, _2));
+  RegisterSyncHandler("KeyManager_isDataNameFound",
+      std::bind(&KeyManagerInstance::IsDataNameFound, this, _1, _2));
 }
 
 KeyManagerInstance::~KeyManagerInstance() {
@@ -1014,7 +1016,19 @@ void KeyManagerInstance::AllowAccessControl(const picojson::value& args,
   }
 
   auto allow = [data_name, id, granted](const std::shared_ptr<picojson::value>& response) -> void {
-    int ret = ckmc_allow_access(data_name.c_str(), id.c_str(), granted);
+    //as ckmc_allow_access does not check if package id exists
+    //it has to be done before allowing access
+    pkgmgrinfo_pkginfo_h handle = nullptr;
+    int ret = pkgmgrinfo_pkginfo_get_pkginfo(id.c_str(), &handle);
+    if (PMINFO_R_OK != ret) {
+      LoggerE("Package id not found.");
+      common::tools::ReportError(PlatformResult(
+          ErrorCode::NOT_FOUND_ERR, "Package id not found."), &response->get<picojson::object>());
+      return;
+    }
+    pkgmgrinfo_pkginfo_destroy_pkginfo(handle);
+
+    ret = ckmc_allow_access(data_name.c_str(), id.c_str(), granted);
     if (CKMC_ERROR_NONE != ret) {
       PlatformResult result = PlatformResult(ErrorCode::NO_ERROR);
       if (CKMC_ERROR_DB_ALIAS_UNKNOWN == ret) {
@@ -1075,5 +1089,47 @@ void KeyManagerInstance::DenyAccessControl(const picojson::value& args,
       std::shared_ptr<picojson::value>(new picojson::value(picojson::object())));
 }
 
+void KeyManagerInstance::IsDataNameFound(const picojson::value& args,
+                                           picojson::object& out){
+  LoggerD("Entered");
+
+  const std::string& data_name = args.get("dataName").get<std::string>();
+  bool data_found = false;
+  ckmc_alias_list_s* alias_list = nullptr;
+
+  int ret = ckmc_get_data_alias_list(&alias_list);
+  if (CKMC_ERROR_NONE != ret) {
+    LoggerE("Failed to get data list [%d]", ret);
+    PlatformResult result = PlatformResult(ErrorCode::UNKNOWN_ERR, "Failed to get data list.");
+    if (CKMC_ERROR_DB_ALIAS_UNKNOWN == ret) {
+      result = PlatformResult(ErrorCode::NOT_FOUND_ERR, "Data name not found.");
+    }
+
+    common::tools::ReportError(result, &out);
+    return;
+  }
+
+  ckmc_alias_list_s* head = alias_list;
+  while (head) {
+    if (!strcmp(head->alias, data_name.c_str())) {
+      data_found = true;
+      break;
+    }
+    head = head->next;
+  }
+
+  if (alias_list) {
+    ckmc_alias_list_all_free(alias_list);
+  }
+
+  LoggerD("Data name found: %d", data_found);
+  if (data_found) {
+    common::tools::ReportSuccess(out);
+  } else {
+    common::tools::ReportError(
+        PlatformResult(ErrorCode::NOT_FOUND_ERR, "Data name not found."), &out);
+  }
+}
+
 } // namespace keymanager
 } // namespace extension

diff --git a/src/keymanager/keymanager_instance.h b/src/keymanager/keymanager_instance.h
index dfc1a235d557434c2f0636de9c6a0053b6da79f6..17d2f7b4f673fb1c04f4d3a1ba12a94ab6b7df76 100755 (executable)
--- a/src/keymanager/keymanager_instance.h
+++ b/src/keymanager/keymanager_instance.h
@@ -47,6 +47,8 @@ class KeyManagerInstance : public common::ParsedInstance {
   void LoadFromPKCS12File(const picojson::value& args, picojson::object& out);
   void AllowAccessControl(const picojson::value& args, picojson::object& out);
   void DenyAccessControl(const picojson::value& args, picojson::object& out);
+
+  void IsDataNameFound(const picojson::value& args, picojson::object& out);
 };
 
 } // namespace keymanager