This key was used by example software implementation of encrypted initial-values
feature which has been replaced by hardware backed implementation.
Change-Id: Id8358a70459fb6ddd8ebb43fc8e987dc4d586f63
-# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2016-2018 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# @author Kyungwook Tak (k.tak@samsung.com)
# @brief
#
-INSTALL(FILES initial_values.xsd sw_key.xsd DESTINATION ${RO_DATA_DIR})
+INSTALL(FILES initial_values.xsd DESTINATION ${RO_DATA_DIR})
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<DeviceKey version="1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="sw_key.xsd ">
- <RSAPrivateKey>
- <DERBase64>
- MIIEpAIBAAKCAQEAyJjUHY2pJJUBRBCrlerrgcS7aBiWlY3594dufu3m4qy48b9hsw1R/AHSNUPU
- 11vzQ+kUcXkEZOby5SHRHBAXIJ1dLbTPtRwsVwgf1nmc/ZGGV/XOrOaKi7nSKgYHaglPgc9dLPuu
- osRHs/EdIWh3o59MdY6rA6y+QTJrQm3axRKdT7unX3kFS3SsId02GWBkLtrw+yQVtvhCYlY/n2/T
- uZBJpZN7vT2it0rJS4fQkfjcjAi8f/isZLrfUgDqxIDSWVbVyjlQOphIO+K3ABjev3ZbJMWl+w10
- pV0nbmF8lviEYft9mhERS9kUdQwzy3KIgyjyt+ewQG6hjyMJ/5y5KwIDAQABAoIBAQC3S06nIoZn
- su/RLhpbhqljjkxgNfeC+JRsJghFW0UZ4xGrdGDlp0o+p7tYiH63uoFykEvp09a8DHvt+xSEO/+m
- AaTe2tTgfLnXXMkaxU06Nfs37JfJTW9TdZwgYhnsPk20I7LUI7XTbN7IAY3ItRh9HlZTJOYHGZVP
- Ja70qES6xUOTaVOvKIbB2W9XeiMX6cNoHTLM9rl1I8bA13Er0M0acKRtF4Rfw4z43nJKzORCYKm3
- mA3zqtQja7z+zdQBib34RHZiKgvuJDqg89p7FTLT9z+lbXONH+K/3MldaYG1O8mtgt4zv6onH199
- QBOrww158Z6keH3tBz+xsrClfIpBAoGBAPkar4ugZYLRgyuythby3uHrlMBNajmJf2gFwngvfUgO
- JS45fLN2AIDrA5VYUiT8cFjVFfzEiu1xa33Juy8rfHlQuY8yOIVDnbdGJvOBYsrvlyYWY+9jEydd
- cLctQKquACLb3jNYbrC9m8cBBcSZelRAVSF4O1k8HdlcdV7IIVyjAoGBAM4mY5PNLr3I/pyyNizw
- 7cUmHdblU+sScwFdC/KDwfG5WOI3WorTLutD4EiEA3yQIDStuVJLiray4Pu+bqhUPAJumpRrpQJ4
- PCPxr/M98FhXvMmDWzGu/xK/6hLP5g1Ngp6qvVygnYNBkyqMzfM0rUAxQLS3qmocWk2xBKDEnjHZ
- AoGBAJkWgVO52yiuQYKVbbpkv/zvnpcf/GwnyBjRkVXzOXcS2l6yDaTsnBqeU7FweespCJJPQhf5
- YbfSwFCprVOr0e9sYN1T69BaYY7EmiOEHIbC/4z0ra3soVTL4/1u3hMGpCbIIKJFcqFDpXyDcFwG
- RluIvci37yFEBMQUQj1hmL8pAoGAJBHtfG/7TLO9cRdxiT2CrOs1b2Ni4o+w1b09GOra5XujxLkg
- u4el/v46YRXQMlxZdj4rXe3f0IXN/d5dKFDMyzQlEfEfxyXYiAWC3tGomxyG6M92BmRzNwmjYDVG
- MG+ueiqvxWRJCy1PHbPTWUmPQtsbUkOMqtJZLpzZjXO5pkkCgYA9uyQ8os9yfjALc1VDZ4HtGxaC
- Uq8zy0jJEJxchRn1JUNHop/skaRA65x613lWDygfNCuakozjP5x+GA5WEIuxIE8V7JPac1zpEZW4
- 5nwmxoR1l3HUDT8kRYkLzMIo55PpLG9arNLwH9mSRh/taG8020aGg3nFSNCJNDs12x/9RA==
- </DERBase64>
- </RSAPrivateKey>
-</DeviceKey>
+++ /dev/null
-<?xml version="1.0" encoding="UTF-8"?>
-<xsd:schema elementFormDefault="qualified" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
- <xsd:element name="DeviceKey" type="DeviceKeyType"></xsd:element>
-
- <xsd:complexType name="DeviceKeyType">
- <xsd:sequence maxOccurs="1" minOccurs="1">
- <xsd:choice maxOccurs="1" minOccurs="1">
- <xsd:element name="RSAPrivateKey" type="RSAPrivateKeyType"
- maxOccurs="1" minOccurs="1">
- </xsd:element>
- </xsd:choice>
- </xsd:sequence>
- <xsd:attribute name="version" type="xsd:int" use="required"></xsd:attribute>
- </xsd:complexType>
-
- <xsd:complexType name="RSAPrivateKeyType">
- <xsd:sequence maxOccurs="1" minOccurs="1">
- <xsd:choice maxOccurs="1" minOccurs="1">
- <xsd:element name="PEM"
- type="EncodingPemType" maxOccurs="1" minOccurs="1">
- </xsd:element>
- <xsd:element name="DERBase64"
- type="EncodingDerType" maxOccurs="1" minOccurs="1">
- </xsd:element>
- <xsd:element name="Base64"
- type="EncodingRawType" maxOccurs="1" minOccurs="1">
- </xsd:element>
- </xsd:choice>
- </xsd:sequence>
- </xsd:complexType>
-
- <xsd:simpleType name="EncodingDerType">
- <xsd:restriction base="xsd:string"></xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="EncodingPemType">
- <xsd:restriction base="xsd:string"></xsd:restriction>
- </xsd:simpleType>
- <xsd:simpleType name="EncodingRawType">
- <xsd:restriction base="xsd:string"></xsd:restriction>
- </xsd:simpleType>
-</xsd:schema>
${KEY_MANAGER_PATH}/initial-values/InitialValueHandler.cpp
${KEY_MANAGER_PATH}/initial-values/InitialValuesFile.cpp
${KEY_MANAGER_PATH}/initial-values/NoCharactersHandler.cpp
- ${KEY_MANAGER_PATH}/initial-values/SWKeyFile.cpp
${KEY_MANAGER_PATH}/initial-values/xml-utils.cpp
${KEY_MANAGER_PATH}/initial-values/initial-value-loader.cpp
${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp
#include <sw-backend/obj.h>
#include <sw-backend/store.h>
#include <sw-backend/internals.h>
-#include <SWKeyFile.h>
#include <dpl/log/log.h>
#include <message-buffer.h>
} // namespace anonymous
-namespace {
-const char *const DEVICE_KEY_XSD = RO_DATA_DIR "/sw_key.xsd";
-const char *const DEVICE_KEY_SW_FILE = RW_DATA_DIR "/device_key.xml";
-}
-
Store::Store(CryptoBackend backendId)
: GStore(backendId)
{
- // get the device key if present
- InitialValues::SWKeyFile keyFile(DEVICE_KEY_SW_FILE);
- int rc = keyFile.Validate(DEVICE_KEY_XSD);
-
- if (rc == XML::Parser::PARSE_SUCCESS) {
- rc = keyFile.Parse();
-
- if (rc == XML::Parser::PARSE_SUCCESS)
- m_deviceKey = keyFile.getPrivKey();
- else
- // do nothing, bypass encrypted elements
- LogWarning("invalid SW key file: " << DEVICE_KEY_SW_FILE << ", parsing code: "
- << rc);
- } else {
- LogWarning("invalid SW key file: " << DEVICE_KEY_SW_FILE <<
- ", validation code: " << rc);
- }
}
GObjUPtr Store::getObject(const Token &token, const Password &pass)
virtual Token generateSKey(const CryptoAlgorithm &, const Password &);
virtual Token import(const Data &data, const Password &, const EncryptionParams &);
virtual void destroy(const Token &) {}
-
-private:
- Crypto::GObjShPtr m_deviceKey;
};
} // namespace SW
+++ /dev/null
-/*
- * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- *
- *
- * @file SWKeyFile.cpp
- * @author Maciej Karpiuk (m.karpiuk2@samsung.com)
- * @version 1.0
- * @brief SWKeyFile class implementation.
- */
-
-#include <iostream>
-#include <SWKeyFile.h>
-#include <BufferHandler.h>
-#include <EncodingType.h>
-#include <sw-backend/obj.h>
-#include <dpl/log/log.h>
-
-namespace {
-const int XML_SW_KEY_CURRENT_VERSION = 1;
-const char *const XML_TAG_DEVICE_KEY = "DeviceKey";
-const char *const XML_TAG_RSA_KEY = "RSAPrivateKey";
-const char *const XML_TAG_PEM = "PEM";
-const char *const XML_TAG_DER = "DERBase64";
-const char *const XML_TAG_BASE64 = "Base64";
-const char *const XML_ATTR_VERSION = "version";
-}
-
-namespace CKM {
-namespace InitialValues {
-
-SWKeyFile::SWKeyFile(const std::string &XML_filename) :
- m_parser(XML_filename),
- m_header(std::make_shared<HeaderHandler>(*this)),
- m_RSAKeyHandler(std::make_shared<RSAKeyHandler>(*this))
-{
- m_parser.RegisterErrorCb(SWKeyFile::Error);
- m_parser.RegisterElementCb(XML_TAG_DEVICE_KEY,
- [this]() -> XML::Parser::ElementHandlerPtr {
- return m_header;
- },
- [this](const XML::Parser::ElementHandlerPtr &) {});
-}
-
-void SWKeyFile::registerElementListeners()
-{
- m_parser.RegisterElementCb(XML_TAG_RSA_KEY,
- [this]() -> XML::Parser::ElementHandlerPtr {
- return m_RSAKeyHandler;
- },
- [this](const XML::Parser::ElementHandlerPtr &) {
- m_deviceKey = m_RSAKeyHandler->getPrivKey();
- });
-}
-
-void SWKeyFile::Error(const XML::Parser::ErrorType errorType,
- const std::string &log_msg)
-{
- switch (errorType) {
- case XML::Parser::VALIDATION_ERROR:
- LogWarning("validating error: " << log_msg);
- break;
-
- case XML::Parser::PARSE_WARNING:
- LogWarning("parsing warning: " << log_msg);
- break;
-
- case XML::Parser::PARSE_ERROR:
- LogWarning("parsing error: " << log_msg);
- break;
- }
-}
-
-int SWKeyFile::Validate(const std::string &XSD_file)
-{
- return m_parser.Validate(XSD_file);
-}
-
-int SWKeyFile::Parse()
-{
- int ec = m_parser.Parse();
-
- if (!m_header || !m_header->isCorrectVersion()) {
- LogError("bypassing XML file: " << m_filename << " - wrong file version!");
- ec = XML::Parser::ERROR_INVALID_VERSION;
- }
-
- return ec;
-}
-
-
-
-SWKeyFile::RSAKeyHandler::RSAKeyHandler(SWKeyFile &parent)
- : m_parent(parent)
-{
-}
-
-void SWKeyFile::RSAKeyHandler::Characters(const std::string &data)
-{
- //m_encryptedKey.reserve(m_encryptedKey.size() + data.size());
- //m_encryptedKey.insert(m_encryptedKey.end(), data.begin(), data.end());
- std::copy(data.begin(), data.end(), std::back_inserter(m_encryptedKey));
-}
-
-void SWKeyFile::RSAKeyHandler::End()
-{
- // std::string trimmed = XML::trimEachLine(std::string(m_encryptedKey.begin(), m_encryptedKey.end()));
-
- Base64Decoder base64;
- base64.reset();
- base64.append(XML::removeWhiteChars(m_encryptedKey));
- base64.finalize();
- m_encryptedKey = base64.get();
-};
-
-Crypto::GObjShPtr SWKeyFile::RSAKeyHandler::getPrivKey()
-{
- return std::make_shared<Crypto::SW::AKey>(m_encryptedKey,
- DataType::KEY_RSA_PRIVATE);
-}
-
-SWKeyFile::HeaderHandler::HeaderHandler(SWKeyFile &parent) :
- m_version(-1), m_parent(parent)
-{
-}
-
-void SWKeyFile::HeaderHandler::Start(const XML::Parser::Attributes &attr)
-{
- // get key type
- if (attr.find(XML_ATTR_VERSION) != attr.end()) {
- m_version = atoi(attr.at(XML_ATTR_VERSION).c_str());
-
- if (isCorrectVersion())
- m_parent.registerElementListeners();
- }
-}
-
-bool SWKeyFile::HeaderHandler::isCorrectVersion() const
-{
- return m_version == XML_SW_KEY_CURRENT_VERSION;
-}
-
-}
-}
+++ /dev/null
-/*
- * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- *
- *
- * @file SWKeyFile.h
- * @author Maciej Karpiuk (m.karpiuk2@samsung.com)
- * @version 1.0
- * @brief SWKeyFile class.
- */
-
-#ifndef SWKEYFILE_H_
-#define SWKEYFILE_H_
-
-#include <parser.h>
-#include <InitialValueHandler.h>
-#include <ckm-logic.h>
-#include <string>
-#include <algorithm>
-#include <cctype>
-#include <xml-utils.h>
-#include <base64.h>
-#include <generic-backend/gobj.h>
-#include <dpl/log/log.h>
-
-namespace CKM {
-namespace InitialValues {
-
-class SWKeyFile {
-public:
- explicit SWKeyFile(const std::string &XML_filename);
-
- int Validate(const std::string &XSD_file);
- int Parse();
-
- Crypto::GObjShPtr getPrivKey()
- {
- return m_deviceKey;
- }
-
-private:
- class HeaderHandler : public XML::Parser::ElementHandler {
- public:
- explicit HeaderHandler(SWKeyFile &parent);
- virtual void Start(const XML::Parser::Attributes &attr);
- virtual void Characters(const std::string &) {}
- virtual void End() {}
-
- bool isCorrectVersion() const;
-
- private:
- int m_version;
- SWKeyFile &m_parent;
- };
-
- class RSAKeyHandler : public XML::Parser::ElementHandler {
- public:
- explicit RSAKeyHandler(SWKeyFile &parent);
- virtual void Start(const XML::Parser::Attributes &) {}
- virtual void Characters(const std::string &data);
- virtual void End();
-
- Crypto::GObjShPtr getPrivKey();
-
- private:
- CKM::RawBuffer m_encryptedKey;
- SWKeyFile &m_parent;
- };
-
- std::string m_filename;
- XML::Parser m_parser;
- typedef std::shared_ptr<HeaderHandler> HeaderHandlerPtr;
- typedef std::shared_ptr<RSAKeyHandler> RSAKeyHandlerPtr;
- HeaderHandlerPtr m_header;
- RSAKeyHandlerPtr m_RSAKeyHandler;
- Crypto::GObjShPtr m_deviceKey;
-
- void registerElementListeners();
- static void Error(const XML::Parser::ErrorType errorType,
- const std::string &logMsg);
-};
-
-}
-}
-#endif /* SWKEYFILE_H_ */
${KEY_MANAGER_PATH}/dpl/log/src/log.cpp
${KEY_MANAGER_PATH}/dpl/log/src/old_style_log_provider.cpp
${KEY_MANAGER_PATH}/initial-values/parser.cpp
- ${KEY_MANAGER_PATH}/initial-values/SWKeyFile.cpp
${KEY_MANAGER_PATH}/initial-values/xml-utils.cpp
${KEY_MANAGER_PATH}/service/crypto-logic.cpp
${KEY_MANAGER_PATH}/service/db-crypto.cpp
${KEY_MANAGER_PATH}/initial-values/NoCharactersHandler.cpp
${KEY_MANAGER_PATH}/initial-values/parser.cpp
${KEY_MANAGER_PATH}/initial-values/PermissionHandler.cpp
- ${KEY_MANAGER_PATH}/initial-values/SWKeyFile.cpp
${KEY_MANAGER_PATH}/initial-values/xml-utils.cpp
${KEY_MANAGER_PATH}/main/cynara.cpp
${KEY_MANAGER_PATH}/main/generic-socket-manager.cpp
projects / platform / core / security / key-manager.git / commitdiff