Use dukgenerator instead of the _DeviceKeyGenerator for the PrivateKey encryption

Change-Id: Ic2da1109ffdeef9626cd1edaff9c7e89e41f8e19
Signed-off-by: so.yu <so.yu@samsung.com>

diff --git a/packaging/osp-appfw.spec b/packaging/osp-appfw.spec
index e1518da..6a734fd 100755 (executable)
--- a/packaging/osp-appfw.spec
+++ b/packaging/osp-appfw.spec
@@ -27,6 +27,7 @@ BuildRequires:  pkgconfig(dbus-1)
 BuildRequires:  pkgconfig(dbus-glib-1)
 BuildRequires:  pkgconfig(devman)
 BuildRequires:  pkgconfig(dlog)
+BuildRequires:  pkgconfig(dukgenerator)
 BuildRequires:  pkgconfig(ecore)
 BuildRequires:  pkgconfig(glib-2.0)
 BuildRequires:  pkgconfig(heynoti)

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 0a2b553..0604dd7 100755 (executable)
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -11,6 +11,7 @@ pkg_check_modules(pkgs REQUIRED
        devman
        dlog
        drm-service-core-intel
+       dukgenerator
        ecore
        glib-2.0
        haptic

diff --git a/src/io/FIo_SecureIoUtil.cpp b/src/io/FIo_SecureIoUtil.cpp
index eea2dfc..119165a 100644 (file)
--- a/src/io/FIo_SecureIoUtil.cpp
+++ b/src/io/FIo_SecureIoUtil.cpp
@@ -42,7 +42,6 @@
 
 #include <FBase_NativeError.h>
 #include <FBaseSysLog.h>
-#include <FSec_DeviceKeyGenerator.h>
 #include <FBase_StringConverter.h>
 #include <FIo_SecureIoUtil.h>
 #include <FIo_FileUtil.h>

diff --git a/src/security/cert/FSecCert_CertPrivateKeyInfo.cpp b/src/security/cert/FSecCert_CertPrivateKeyInfo.cpp
index 3486253..2dbf462 100644 (file)
--- a/src/security/cert/FSecCert_CertPrivateKeyInfo.cpp
+++ b/src/security/cert/FSecCert_CertPrivateKeyInfo.cpp
@@ -33,13 +33,13 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pkcs12.h>
+#include <dukgen.h>
 #include <FIoFile.h>
 #include <FIoFileAttributes.h>
 #include <FBaseByteBuffer.h>
 #include <FBaseString.h>
 #include <FBaseResult.h>
 #include <FBaseSysLog.h>
-#include <FSec_DeviceKeyGenerator.h>
 #include <FSecISecretKey.h>
 #include "FSecCert_CertPrivateKeyInfo.h"
 
@@ -96,13 +96,15 @@ _CertPrivateKeyInfo::GetEncDecPrivateKeyN(int& keyLen, byte** ppPrivKey, int enc
        result r = E_SUCCESS;
        byte uniqueKey[16] = {0};
        byte ivData[16] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f};
+       char certMgrInfo[16] = {0x09, 0x25, 0x19, 0x87, 0xBF, 0x02, 0x14, 0x19, 0x88, 0xDD, 0x12, 0x30, 0x19, 0x86, 0xAD, 0xED};
+       int certMgrInfoLen = 16;
        int aesBlockLen = 16;
        int outLength = 0;
        int lenData = 0;
        int err = 0;
        EVP_CIPHER_CTX ctx;
 
-       std::unique_ptr< ISecretKey > pSecKey(reinterpret_cast< ISecretKey* >(_DeviceKeyGenerator::GenerateDeviceKeyN(aesBlockLen)));
+       std::unique_ptr< ISecretKey > pSecKey(reinterpret_cast< ISecretKey* >(GetDeviceUniqueKey(certMgrInfo, certMgrInfoLen, aesBlockLen)));
        SysTryReturnResult(NID_SEC_CERT, pSecKey != null, E_SYSTEM, "Failed to generate secret key.");
 
        std::unique_ptr< ByteBuffer > pKeyBuf(pSecKey->GetEncodedN());
@@ -163,6 +165,8 @@ _CertPrivateKeyInfo::GetPkcs8EncDecKeyN(int& keyLen, byte** ppPrivKey, int encDe
 {
        result r = E_SUCCESS;
        byte uniqueKey[16] = {0};
+       char certMgrInfo[16] = {0x09, 0x25, 0x19, 0x87, 0xBF, 0x02, 0x14, 0x19, 0x88, 0xDD, 0x12, 0x30, 0x19, 0x86, 0xAD, 0xED};
+       int certMgrInfoLen = 16;
        int aesBlockLen = 16;
        const EVP_CIPHER* pCipher = null;
        X509_SIG* pPkcs8Key = null;
@@ -172,7 +176,7 @@ _CertPrivateKeyInfo::GetPkcs8EncDecKeyN(int& keyLen, byte** ppPrivKey, int encDe
        long tempkeyLen = 0;
        byte* pPrivKey = null;
 
-       std::unique_ptr< ISecretKey > pSecKey(reinterpret_cast< ISecretKey* >(_DeviceKeyGenerator::GenerateDeviceKeyN(aesBlockLen)));
+       std::unique_ptr< ISecretKey > pSecKey(reinterpret_cast< ISecretKey* >(GetDeviceUniqueKey(certMgrInfo, certMgrInfoLen, aesBlockLen)));
        SysTryReturnResult(NID_SEC_CERT, pSecKey != null, E_SYSTEM, "Failed to generate secret key.");
 
        std::unique_ptr< ByteBuffer > pKeyBuf(pSecKey->GetEncodedN());

diff --git a/src/security/crypto/FSecCrypto_TrustZoneService.cpp b/src/security/crypto/FSecCrypto_TrustZoneService.cpp
index c8a323b..7e77ff7 100755 (executable)
--- a/src/security/crypto/FSecCrypto_TrustZoneService.cpp
+++ b/src/security/crypto/FSecCrypto_TrustZoneService.cpp
@@ -29,7 +29,6 @@
 #include <FBase.h>
 #include <FIo_IpcCommonParamTraits.h>
 #include <FSecCryptoAesCipher.h>
-#include <FSec_DeviceKeyGenerator.h>
 #include "FSecCrypto_TrustZoneService.h"
 #include "FSecCrypto_TrustZoneServiceMessage.h"