#include "dcm_session.h"
#include "dcm_server.h"
+#include "../dcm-client/device_certificate_manager_ext_types.h"
#include "log.h"
#define DCM_DEFAULT_PRIVILEGE "http://tizen.org/privilege/devicecertificate"
case RequestMessage::kSignData:
handle_sign_request(requestMessage.sign_data());
break;
+ case RequestMessage::kExtCall:
+ handle_ext_call_request(requestMessage.ext_call());
+ break;
default:
LOGE("Incorrect request message type");
// This will terminate connection
signingResponse->set_result(error);
reply(msg);
-}
\ No newline at end of file
+}
+
+void dcm_session::handle_ext_call_request(const ExtCallRequest& message)
+{
+ LOGD("Request EXT API call from backend");
+ ResponseMessage msg;
+ auto* extCallResponse = msg.mutable_ext_call();
+ std::string privilege;
+
+ try {
+ if(fSoResolver->invoke<int, const std::string&, std::string&>(
+ "dcm_ext_backend_get_api_privilege", message.method_name(), privilege)) {
+ LOGE("Invalid method name for EXT API call - method name: " << message.method_name());
+ extCallResponse->set_result(DCM_EXT_ERROR_INVALID_PARAMETER);
+ reply(msg);
+ return;
+ }
+ } catch (std::runtime_error&) {
+ LOGE("Couldn't call backend EXT API - backend doesn't support this functionality");
+ extCallResponse->set_result(DCM_EXT_ERROR_NOT_SUPPORTED);
+ reply(msg);
+ return;
+ }
+
+ if(!privilege.empty()) {
+ if(!verify_privileges(fSocket.native_handle(), privilege.c_str())) {
+ LOGE("Client privilege check failure - access denied for method " << message.method_name()
+ << " and privilege " << privilege);
+ extCallResponse->set_result(DCM_EXT_ERROR_PERMISSION_DENIED);
+ reply(msg);
+ return;
+ }
+ } else {
+ LOGD("Access to method " << message.method_name() << " granted, no privilege check required");
+ }
+
+ try {
+ int error = fSoResolver->invoke<int, const std::string&, const std::string&, std::string&>(
+ "dcm_ext_backend_call_api", message.method_name(), message.input_data(), *extCallResponse->mutable_output_data());
+
+ if(error) {
+ LOGE("Error in dcm_ext_backend_call_api for method " << message.method_name() << " , error: " << error);
+ }
+ extCallResponse->set_result(error ? DCM_EXT_ERROR_UNKNOWN : DCM_EXT_ERROR_NONE);
+ } catch (std::runtime_error&) {
+ LOGE("Couldn't call backend EXT API - backend doesn't support this functionality");
+ extCallResponse->set_result(DCM_EXT_ERROR_NOT_SUPPORTED);
+ }
+ reply(msg);
+}
projects / platform / core / security / device-certificate-manager.git / commitdiff