#include <pkgmgr_parser.h>
#include <pkgmgr_installer.h>
+#include <package-manager.h>
+#include <pkgmgr-info.h>
#include <FBase_StringConverter.h>
#include <FBaseInternalTypes.h>
}
AppLog("ValidateSignatures done successfully <<");
+
+ if (__pContext->__isUpdated == true)
+ {
+ res = ValidateUpdate();
+ TryReturn(res, false, "ValidateUpdate() is failed.");
+ }
+
+ return true;
+}
+
+bool
+SignatureManager::ValidateUpdate()
+{
+ TryReturn(__pContext, false, "__pContext is null.");
+ TryReturn(__pContext->__isUpdated, false, "It's not update.");
+
+ if (InstallerUtil::IsAuthorSignatureVerificationEnabled() == false)
+ {
+ AppLog("ValidateUpdate() skip.");
+ return true;
+ }
+
+ std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(__pContext->__packageId));
+ TryReturn(pPackageId, false, "pPackageId is null.");
+
+ result r = E_SUCCESS;
+ String oldCertificate;
+ String* pNewCertificate = null;
+ const char* pValue = null;
+ pkgmgr_certinfo_h handle = null;
+
+ int res = pkgmgr_pkginfo_create_certinfo(&handle);
+ if (res == PMINFO_R_OK)
+ {
+ res = pkgmgr_pkginfo_load_certinfo(pPackageId.get(), handle);
+ if (res == PMINFO_R_OK)
+ {
+ pkgmgr_pkginfo_get_cert_value(handle, PM_AUTHOR_SIGNER_CERT, &pValue);
+ oldCertificate = pValue;
+ }
+
+ pkgmgr_pkginfo_destroy_certinfo(handle);
+ }
+
+ if (oldCertificate.IsEmpty() == true)
+ {
+ AppLog("oldCert is empty.");
+ return true;
+ }
+ else
+ {
+ r = __pContext->__pAuthorCertList->GetAt(0, pNewCertificate);
+ TryReturn(r == E_SUCCESS, false, "GetAt() failed.");
+
+ AppLog("------------------------------------------");
+ AppLog("oldCert = [%ls]", oldCertificate.GetPointer());
+ AppLog("newCert = [%ls]", pNewCertificate->GetPointer());
+ AppLog("------------------------------------------");
+
+ if (oldCertificate.Equals(*pNewCertificate, true) == false)
+ {
+ AppLog("oldCert, newCert is different.");
+ return false;
+ }
+ }
+
+ AppLog("oldCert, newCert is the same.");
return true;
}
return false;
}
+
+bool
+InstallerUtil::IsAuthorSignatureVerificationEnabled()
+{
+ result r;
+ Registry reg;
+ String section(L"feature");
+ String entry(L"author-signature");
+ String value;
+
+ r = reg.Construct(CONFIG_PATH, "r");
+ TryReturn(!IsFailed(r), false, "CONFIG file is not found.");
+
+ r = reg.GetValue(section, entry, value);
+ TryReturn(!IsFailed(r), false, "GetValue is failed. entry = [%ls]", entry.GetPointer());
+
+ AppLog("[%ls is %ls.]", entry.GetPointer(), value.GetPointer());
+
+ if (value == L"on")
+ {
+ return true;
+ }
+
+ return false;
+}