Mandatorily check signature verification for preloaded app

author Duyoung Jang <duyoung.jang@samsung.com>

Mon, 26 Aug 2013 02:23:59 +0000 (11:23 +0900)

committer Duyoung Jang <duyoung.jang@samsung.com>

Mon, 26 Aug 2013 02:23:59 +0000 (11:23 +0900)
author Duyoung Jang <duyoung.jang@samsung.com>
Mon, 26 Aug 2013 02:23:59 +0000 (11:23 +0900)
committer Duyoung Jang <duyoung.jang@samsung.com>
Mon, 26 Aug 2013 02:23:59 +0000 (11:23 +0900)
diff --git a/inc/InstallerDefs.h b/inc/InstallerDefs.h

index 6526a3c..5e5c5dd 100755 (executable)
--- a/inc/InstallerDefs.h
+++ b/inc/InstallerDefs.h
@@ -23,7 +23,7 @@
  
  #include "InstallerUtil.h"
  
-#define OSP_INSTALLER_VERSION "version=[20130822.1]"
+#define OSP_INSTALLER_VERSION "version=[20130826.1]"
  
  #define DIR_BIN                                L"/bin"
  #define DIR_INFO                       L"/info"
diff --git a/src/Manager/SignatureManager.cpp b/src/Manager/SignatureManager.cpp

index 0be9055..d33f5ef 100755 (executable)
--- a/src/Manager/SignatureManager.cpp
+++ b/src/Manager/SignatureManager.cpp
@@ -39,7 +39,6 @@
  using namespace Tizen::Base;
  using namespace Tizen::Base::Collection;
  using namespace Tizen::Base::Utility;
-using namespace Tizen::Security::Cert;
  
  SignatureManager::SignatureManager(void)
  :__pContext(null)
@@ -593,20 +592,6 @@ SignatureManager::SetDistributorCertValue(void* pHandle, IListT<String *>* pCert
  }
  
  bool
-SignatureManager::GetCertValue(ICertificate* pCert, String& value) const
-{
-       result r = E_SUCCESS;
-
-       std::unique_ptr<ByteBuffer> pEncodedData(pCert->GetEncodedDataN());
-       TryReturn(pEncodedData, false, "pEncodedData is null.");
-
-       r = StringUtil::EncodeToBase64String(*pEncodedData.get(), value);
-       TryReturn(!IsFailed(r), false, "StringUtil::EncodeToBase64String() is failed.");
-
-       return true;
-}
-
-bool
  SignatureManager::CompareReferences(HashMap* pDistributorRefMap, HashMap* pAuthorRefMap)
  {
         TryReturn(__pContext, false, "__pContext is null.");
@@ -664,35 +649,3 @@ SignatureManager::PrintCertValue(const String& certValue) const
  
         return true;
  }
-
-bool
-SignatureManager::Validate(X509CertificatePath* pCertPath)
-{
-       TryReturn(pCertPath, false, "pCertPath is null.");
-
-       AppLog("------------------------------------------");
-       AppLog("# signature.xml");
-       ValidationResult valResult = VALIDATION_SUCCESS;
-       valResult = pCertPath->Validate();
-
-       if (valResult != VALIDATION_SUCCESS)
-       {
-               AppLog("Validate() fail! - ValidationResult = [%d]", valResult);
-               AppLog("------------------------------------------");
-               return false;
-       }
-       else
-       {
-               int depth = pCertPath->GetLength();
-               if (depth == 0)
-               {
-                       AppLog("depth = 0");
-                       return false;
-               }
-
-               AppLog("Validate() success!");
-               AppLog("------------------------------------------");
-       }
-
-       return true;
-}
diff --git a/src/Manager/SignatureManager.h b/src/Manager/SignatureManager.h

index 68f1360..2d76320 100755 (executable)
--- a/src/Manager/SignatureManager.h
+++ b/src/Manager/SignatureManager.h
@@ -58,12 +58,9 @@ private:
         bool SetAuthorCertValue(void* pHandle, Tizen::Base::Collection::IListT<Tizen::Base::String *>* pCertList) const;
         bool SetDistributorCertValue(void* pHandle, Tizen::Base::Collection::IListT<Tizen::Base::String *>* pCertList, int sigFileNumber) const;
  
-       bool GetCertValue(Tizen::Security::Cert::ICertificate* pCert, Tizen::Base::String& value) const;
-
         bool CompareReferences(Tizen::Base::Collection::HashMap* pDistributorRefMap, Tizen::Base::Collection::HashMap* pAuthorRefMap);
         bool PrintCertValue(const Tizen::Base::String& certValue) const;
  
-       bool Validate(Tizen::Security::Cert::X509CertificatePath* pCertPath);
         bool ValidateUpdate();
  
  private:
diff --git a/src/Step/SignatureStep.cpp b/src/Step/SignatureStep.cpp

index 798bd81..b98c7f0 100755 (executable)
--- a/src/Step/SignatureStep.cpp
+++ b/src/Step/SignatureStep.cpp
@@ -121,32 +121,24 @@ SignatureStep::OnStateSignerInit(void)
  
         res = __pSignatureManager->ValidateSignatures();
         AppLog("  ## __pSignatureManager->ValidateSignatures() result = [%s]", res?"true":"false");
-       fprintf(stderr, "  ## __pSignatureManager->ValidateSignatures() result = [%s]\n", res?"true":"false");
  
-       if (res == true)
+       if (res == false)
         {
-//             res = __pSignatureManager->ValidatePartialReferences();
-//             AppLog("  ## __pSignatureManager->ValidatePartialReferences() result = [%s]", res?"true":"false");
-//             fprintf(stderr, "  ## __pSignatureManager->ValidatePartialReferences() result = [%s]\n", res?"true":"false");
-       }
-       else
-       {
-               if (__pContext->__isPreloaded == false)
+               fprintf(stderr, "  ## __pSignatureManager->ValidateSignatures() result = [%s]\n", res?"true":"false");
+
+               if (InstallerUtil::IsSignatureVerificationEnabled() == true)
                 {
-                       if (InstallerUtil::IsSignatureVerificationEnabled() == true)
-                       {
-                               AppLog("_pSignatureManager->ValidateSignatures() is failed.");
-                               error = INSTALLER_ERROR_SIGNATURE_VERIFICATION_FAILED;
+                       AppLog("_pSignatureManager->ValidateSignatures() is failed.");
+                       error = INSTALLER_ERROR_SIGNATURE_VERIFICATION_FAILED;
  
-                               __pContext->__rootCertType = ROOT_CERTIFICATE_NONE;
-                               __pContext->__pAuthorCertList->RemoveAll();
-                               __pContext->__pDistributorCertList->RemoveAll();
-                               __pContext->__pDistributorCertList2->RemoveAll();
-                       }
-                       else
-                       {
-                               AppLog("ValidateSignatures() failed, but it's ok. [SignatureVerification is off.]");
-                       }
+                       __pContext->__rootCertType = ROOT_CERTIFICATE_NONE;
+                       __pContext->__pAuthorCertList->RemoveAll();
+                       __pContext->__pDistributorCertList->RemoveAll();
+                       __pContext->__pDistributorCertList2->RemoveAll();
+               }
+               else
+               {
+                       AppLog("ValidateSignatures() failed, but it's ok. [SignatureVerification is off.]");
                 }
         }
author	Duyoung Jang <duyoung.jang@samsung.com>
	Mon, 26 Aug 2013 02:23:59 +0000 (11:23 +0900)
committer	Duyoung Jang <duyoung.jang@samsung.com>
	Mon, 26 Aug 2013 02:23:59 +0000 (11:23 +0900)
inc/InstallerDefs.h		patch \| blob \| history
src/Manager/SignatureManager.cpp		patch \| blob \| history
src/Manager/SignatureManager.h		patch \| blob \| history
src/Step/SignatureStep.cpp		patch \| blob \| history