Check author-signature when updating application

Change-Id: Id075fcaa779f309d74cffc69b17bf47c66c53bfc
Signed-off-by: Duyoung Jang <duyoung.jang@samsung.com>

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9572ea4..4ef0bb9 100755 (executable)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -84,7 +84,7 @@ SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fexceptions -fvisibility=hidden")
 SET(CMAKE_CXX_FLAGS "${OSP_DEBUG_FLAGS} ${OSP_OPT_FLAGS} ${CMAKE_CXX_FLAGS} ${EXTRA_CFLAGS} ${OSP_COMPILER_FLAGS}")
 
 TARGET_LINK_LIBRARIES(${this_target} "-L/usr/lib/osp -losp-appfw -lxml2 -lpkgmgr_installer -lpkgmgr_parser -lglib-2.0 -lapp2ext -ldl" -Wl,--allow-shlib-undefined)
-TARGET_LINK_LIBRARIES(${this_target} "-L/usr/lib -lcert-svc-vcore -ldpl-efl -lcert-svc -lcapi-system-info -lappcore-common -lpkgmgr-info -lvconf -lcap")
+TARGET_LINK_LIBRARIES(${this_target} "-L/usr/lib -lcert-svc-vcore -ldpl-efl -lcert-svc -lcapi-system-info -lappcore-common -lpkgmgr-info -lpkgmgr-client -lvconf -lcap")
 
 ADD_SUBDIRECTORY(plugin)
 

diff --git a/inc/InstallerDefs.h b/inc/InstallerDefs.h
index 427e7b5..d950161 100755 (executable)
--- a/inc/InstallerDefs.h
+++ b/inc/InstallerDefs.h
@@ -23,7 +23,7 @@
 
 #include "InstallerUtil.h"
 
-#define OSP_INSTALLER_VERSION "version=[20130812.1]"
+#define OSP_INSTALLER_VERSION "version=[20130813.1]"
 
 #define DIR_BIN                                L"/bin"
 #define DIR_INFO                       L"/info"

diff --git a/src/Manager/SignatureManager.cpp b/src/Manager/SignatureManager.cpp
index e8cfd8c..395c51c 100755 (executable)
--- a/src/Manager/SignatureManager.cpp
+++ b/src/Manager/SignatureManager.cpp
@@ -21,6 +21,8 @@
 
 #include <pkgmgr_parser.h>
 #include <pkgmgr_installer.h>
+#include <package-manager.h>
+#include <pkgmgr-info.h>
 
 #include <FBase_StringConverter.h>
 #include <FBaseInternalTypes.h>
@@ -213,6 +215,73 @@ SignatureManager::ValidateSignatures()
        }
 
        AppLog("ValidateSignatures done successfully <<");
+
+       if (__pContext->__isUpdated == true)
+       {
+               res = ValidateUpdate();
+               TryReturn(res, false, "ValidateUpdate() is failed.");
+       }
+
+       return true;
+}
+
+bool
+SignatureManager::ValidateUpdate()
+{
+       TryReturn(__pContext, false, "__pContext is null.");
+       TryReturn(__pContext->__isUpdated, false, "It's not update.");
+
+       if (InstallerUtil::IsAuthorSignatureVerificationEnabled() == false)
+       {
+               AppLog("ValidateUpdate() skip.");
+               return true;
+       }
+
+       std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(__pContext->__packageId));
+       TryReturn(pPackageId, false, "pPackageId is null.");
+
+       result r = E_SUCCESS;
+       String oldCertificate;
+       String* pNewCertificate = null;
+       const char* pValue = null;
+       pkgmgr_certinfo_h handle = null;
+
+       int res = pkgmgr_pkginfo_create_certinfo(&handle);
+       if (res == PMINFO_R_OK)
+       {
+               res = pkgmgr_pkginfo_load_certinfo(pPackageId.get(), handle);
+               if (res == PMINFO_R_OK)
+               {
+                       pkgmgr_pkginfo_get_cert_value(handle, PM_AUTHOR_SIGNER_CERT, &pValue);
+                       oldCertificate = pValue;
+               }
+
+               pkgmgr_pkginfo_destroy_certinfo(handle);
+       }
+
+       if (oldCertificate.IsEmpty() == true)
+       {
+               AppLog("oldCert is empty.");
+               return true;
+       }
+       else
+       {
+               r = __pContext->__pAuthorCertList->GetAt(0, pNewCertificate);
+               TryReturn(r == E_SUCCESS, false, "GetAt() failed.");
+
+               AppLog("------------------------------------------");
+               AppLog("oldCert = [%ls]", oldCertificate.GetPointer());
+               AppLog("newCert = [%ls]", pNewCertificate->GetPointer());
+               AppLog("------------------------------------------");
+
+               if (oldCertificate.Equals(*pNewCertificate, true) == false)
+               {
+                       AppLog("oldCert, newCert is different.");
+                       return false;
+               }
+       }
+
+       AppLog("oldCert, newCert is the same.");
        return true;
 }
 

diff --git a/src/Manager/SignatureManager.h b/src/Manager/SignatureManager.h
index 6ba94b8..83d9fdd 100755 (executable)
--- a/src/Manager/SignatureManager.h
+++ b/src/Manager/SignatureManager.h
@@ -69,6 +69,7 @@ private:
        bool PrintCertValue(const Tizen::Base::String& certValue) const;
        //
        bool Validate(Tizen::Security::Cert::X509CertificatePath* pCertPath);
+       bool ValidateUpdate();
        //bool AddCertificate(Tizen::Security::Cert::X509CertificatePath* pCertPath, Tizen::Base::Collection::IList* pCertChain);
        //bool AddDistributorRootCert(Tizen::Security::Cert::X509CertificatePath* pCertPath);
        //bool AddAuthorRootCert(Tizen::Security::Cert::X509CertificatePath* pCertPath);

diff --git a/src/Util/InstallerUtil.cpp b/src/Util/InstallerUtil.cpp
index 5e71acd..4686eae 100755 (executable)
--- a/src/Util/InstallerUtil.cpp
+++ b/src/Util/InstallerUtil.cpp
@@ -1207,3 +1207,28 @@ InstallerUtil::IsSignatureVerificationEnabled()
 
        return false;
 }
+
+bool
+InstallerUtil::IsAuthorSignatureVerificationEnabled()
+{
+       result r;
+       Registry reg;
+       String section(L"feature");
+       String entry(L"author-signature");
+       String value;
+
+       r = reg.Construct(CONFIG_PATH, "r");
+       TryReturn(!IsFailed(r), false, "CONFIG file is not found.");
+
+       r = reg.GetValue(section, entry, value);
+       TryReturn(!IsFailed(r), false, "GetValue is failed. entry = [%ls]", entry.GetPointer());
+
+       AppLog("[%ls is %ls.]", entry.GetPointer(), value.GetPointer());
+
+       if (value == L"on")
+       {
+               return true;
+       }
+
+       return false;
+}

diff --git a/src/Util/InstallerUtil.h b/src/Util/InstallerUtil.h
index 253a52b..7a016cd 100755 (executable)
--- a/src/Util/InstallerUtil.h
+++ b/src/Util/InstallerUtil.h
@@ -94,6 +94,7 @@ public:
 
        static bool IsDefaultExternalStorage();
        static bool IsSignatureVerificationEnabled();
+       static bool IsAuthorSignatureVerificationEnabled();
 
 private:
        static char LogChangeHexToStr(int hex);