SET(SRCS
step/configuration/step_merge_tpk_config.cc
+ step/configuration/step_merge_tpk_privileges.cc
step/configuration/step_stash_tpk_config.cc
step/encryption/step_encrypt_resources.cc
+ step/security/step_hybrid_check_signature.cc
hybrid_installer.cc
)
ADD_LIBRARY(${TARGET_LIBNAME_HYBRID} STATIC ${SRCS})
#include <common/step/pkgmgr/step_update_app.h>
#include <common/step/pkgmgr/step_update_pkg_disable_info.h>
#include <common/step/recovery/step_open_recovery_file.h>
-#include <common/step/security/step_check_signature.h>
#include <common/step/security/step_privilege_compatibility.h>
#include <common/step/security/step_recover_security.h>
#include <common/step/security/step_register_security.h>
#include "hybrid/hybrid_backend_data.h"
#include "hybrid/step/configuration/step_merge_tpk_config.h"
+#include "hybrid/step/configuration/step_merge_tpk_privileges.h"
#include "hybrid/step/configuration/step_stash_tpk_config.h"
#include "hybrid/step/encryption/step_encrypt_resources.h"
+#include "hybrid/step/security/step_hybrid_check_signature.h"
#include "wgt/step/configuration/step_parse.h"
#include "wgt/step/encryption/step_remove_encryption_data.h"
#include "wgt/step/filesystem/step_copy_preview_icons.h"
AddStep<ci::configuration::StepParsePreload>();
AddStep<ci::pkgmgr::StepCheckRestriction>();
AddStep<ci::configuration::StepCheckTizenVersion>();
- AddStep<ci::security::StepCheckSignature>();
+ AddStep<hybrid::security::StepHybridCheckSignature>();
+ AddStep<hybrid::configuration::StepMergeTpkPrivileges>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
AddStep<hybrid::configuration::StepMergeTpkConfig>();
AddStep<ci::configuration::StepParsePreload>();
AddStep<ci::configuration::StepCheckTizenVersion>();
- AddStep<ci::security::StepCheckSignature>();
+ AddStep<hybrid::security::StepHybridCheckSignature>();
+ AddStep<hybrid::configuration::StepMergeTpkPrivileges>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
wgt::configuration::StepParse::ConfigLocation::RESOURCE_WGT, true);
AddStep<hybrid::configuration::StepMergeTpkConfig>();
AddStep<ci::configuration::StepCheckTizenVersion>();
- AddStep<ci::security::StepCheckSignature>();
+ AddStep<hybrid::security::StepHybridCheckSignature>();
+ AddStep<hybrid::configuration::StepMergeTpkPrivileges>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
AddStep<ci::configuration::StepParsePreload>();
AddStep<ci::pkgmgr::StepCheckRestriction>();
AddStep<ci::configuration::StepCheckTizenVersion>();
- AddStep<ci::security::StepCheckSignature>();
+ AddStep<hybrid::security::StepHybridCheckSignature>();
+ AddStep<hybrid::configuration::StepMergeTpkPrivileges>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
AddStep<hybrid::configuration::StepMergeTpkConfig>();
AddStep<ci::configuration::StepParsePreload>();
AddStep<ci::configuration::StepCheckTizenVersion>();
- AddStep<ci::security::StepCheckSignature>();
+ AddStep<hybrid::security::StepHybridCheckSignature>();
+ AddStep<hybrid::configuration::StepMergeTpkPrivileges>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
AddStep<hybrid::configuration::StepMergeTpkConfig>();
AddStep<ci::configuration::StepParsePreload>();
AddStep<ci::configuration::StepCheckTizenVersion>();
- AddStep<ci::security::StepCheckSignature>();
+ AddStep<hybrid::security::StepHybridCheckSignature>();
+ AddStep<hybrid::configuration::StepMergeTpkPrivileges>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
AddStep<hybrid::configuration::StepMergeTpkConfig>();
AddStep<ci::configuration::StepParsePreload>();
AddStep<ci::configuration::StepCheckTizenVersion>();
- AddStep<ci::security::StepCheckSignature>();
+ AddStep<hybrid::security::StepHybridCheckSignature>();
+ AddStep<hybrid::configuration::StepMergeTpkPrivileges>();
AddStep<ci::security::StepPrivilegeCompatibility>();
AddStep<wgt::security::StepCheckSettingsLevel>();
AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
g_list_concat(wgt_data->application, tpk_data->application);
tpk_data->application = nullptr;
- wgt_data->privileges =
- g_list_concat(wgt_data->privileges, tpk_data->privileges);
- tpk_data->privileges = nullptr;
-
return Status::OK;
}
* \brief MergeTpkConfig
* Merges information from tpk manifest into information from widget
* configuration for hybrid package.
+ *
+ * Expection is the information about native privileges. These are merged in
+ * \see StepMergeTpkPrivileges
*/
class StepMergeTpkConfig : public common_installer::Step {
public:
--- /dev/null
+// Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache 2.0 license that can be
+// found in the LICENSE file.
+
+#include "hybrid/step/configuration/step_merge_tpk_privileges.h"
+
+#include "hybrid/hybrid_backend_data.h"
+
+namespace ci = common_installer;
+
+namespace hybrid {
+namespace configuration {
+
+ci::Step::Status StepMergeTpkPrivileges::process() {
+ // merge privilege list for insertion into database
+ HybridBackendData* data =
+ static_cast<HybridBackendData*>(context_->backend_data.get());
+ manifest_x* tpk_data = data->tpk_manifest_data.get();
+ manifest_x* wgt_data = context_->manifest_data.get();
+ wgt_data->privileges =
+ g_list_concat(wgt_data->privileges, tpk_data->privileges);
+ tpk_data->privileges = nullptr;
+ return Status::OK;
+}
+
+} // namespace configuration
+} // namespace hybrid
--- /dev/null
+// Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache 2.0 license that can be
+// found in the LICENSE file.
+
+#ifndef HYBRID_STEP_CONFIGURATION_STEP_MERGE_TPK_PRIVILEGES_H_
+#define HYBRID_STEP_CONFIGURATION_STEP_MERGE_TPK_PRIVILEGES_H_
+
+#include <common/step/step.h>
+#include <manifest_parser/utils/logging.h>
+
+namespace hybrid {
+namespace configuration {
+
+/**
+ * @brief The StepMergeTpkPrivileges class
+ * Merges native privileges into web applicaiton privileges when
+ * installing hybrid app.
+ */
+class StepMergeTpkPrivileges : public common_installer::Step {
+ public:
+ using Step::Step;
+
+ Status process() override;
+ Status undo() override { return Status::OK; }
+ Status clean() override { return Status::OK; }
+ Status precheck() override { return Status::OK; }
+
+ STEP_NAME(MergeTpkPrivileges)
+};
+
+} // namespace configuration
+} // namespace hybrid
+
+#endif // HYBRID_STEP_CONFIGURATION_STEP_MERGE_TPK_PRIVILEGES_H_
--- /dev/null
+// Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache 2.0 license that can be
+// found in the LICENSE file.
+
+#include "hybrid/step/security/step_hybrid_check_signature.h"
+
+#include <common/certificate_validation.h>
+
+#include <string>
+
+#include "hybrid/hybrid_backend_data.h"
+
+namespace ci = common_installer;
+
+namespace {
+
+const char kNativePackageType[] = "tpk";
+
+} // namespace
+
+namespace hybrid {
+namespace security {
+
+ci::Step::Status StepHybridCheckSignature::CheckPrivilegeLevel(
+ ci::PrivilegeLevel level) {
+ auto status = StepCheckSignature::CheckPrivilegeLevel(level);
+ if (status != Status::OK)
+ return status;
+
+ HybridBackendData* data =
+ static_cast<HybridBackendData*>(context_->backend_data.get());
+ manifest_x* tpk_data = data->tpk_manifest_data.get();
+ if (tpk_data->privileges) {
+ std::string error_message;
+ if (!context_->is_preload_request.get()) {
+ if (!ci::ValidatePrivilegeLevel(level, kNativePackageType,
+ tpk_data->api_version, tpk_data->privileges, &error_message)) {
+ if (!error_message.empty()) {
+ LOG(ERROR) << "error_message: " << error_message;
+ on_error(Status::SIGNATURE_ERROR, error_message);
+ }
+ return Status::SIGNATURE_ERROR;
+ }
+ }
+ }
+
+ return Status::OK;
+}
+
+} // namespace security
+} // namespace hybrid
--- /dev/null
+// Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+// Use of this source code is governed by an apache 2.0 license that can be
+// found in the LICENSE file.
+
+#ifndef HYBRID_STEP_SECURITY_STEP_HYBRID_CHECK_SIGNATURE_H_
+#define HYBRID_STEP_SECURITY_STEP_HYBRID_CHECK_SIGNATURE_H_
+
+#include <common/step/security/step_check_signature.h>
+#include <common/step/step.h>
+
+namespace hybrid {
+namespace security {
+
+class StepHybridCheckSignature
+ : public common_installer::security::StepCheckSignature {
+ public:
+ using StepCheckSignature::StepCheckSignature;
+
+ Status CheckPrivilegeLevel(common_installer::PrivilegeLevel level) override;
+
+ STEP_NAME(HybridCheckSignature)
+};
+
+} // namespace security
+} // namespace hybrid
+
+#endif // HYBRID_STEP_SECURITY_STEP_HYBRID_CHECK_SIGNATURE_H_