SignatureValidator implementation

author Dongeup Ham <dongeup.ham@samsung.com>

Wed, 3 Apr 2013 15:07:10 +0000 (00:07 +0900)

committer Dongeup Ham <dongeup.ham@samsung.com>

Wed, 3 Apr 2013 15:07:10 +0000 (00:07 +0900)
author Dongeup Ham <dongeup.ham@samsung.com>
Wed, 3 Apr 2013 15:07:10 +0000 (00:07 +0900)
committer Dongeup Ham <dongeup.ham@samsung.com>
Wed, 3 Apr 2013 15:07:10 +0000 (00:07 +0900)
diff --git a/inc/InstallerDefs.h b/inc/InstallerDefs.h

index 1e26708..2da662b 100755 (executable)
--- a/inc/InstallerDefs.h
+++ b/inc/InstallerDefs.h
@@ -23,7 +23,7 @@
  
  #include "InstallerUtil.h"
  
-#define OSP_INSTALLER_VERSION "version=[20130403.1]"
+#define OSP_INSTALLER_VERSION "version=[20130404.1]"
  
  #define DIR_BIN                                L"/bin"
  #define DIR_INFO                       L"/info"
@@ -123,6 +123,7 @@
  #define INSTALLER_RDS_MODIFY_STR                               "modify"
  
  static const int BLOCK_SIZE = 4096;
+static const int SIGNATURE_FILE_NUMBER_DISTRIBUTOR = 1;
  
  #define OSP_INSTALLER  "osp-installer"
  
@@ -255,13 +256,27 @@ enum InstallerOperation
  
  enum RootCertificateType
  {
-       ROOT_CERTIFICATE_NONE,
+       ROOT_CERTIFICATE_NONE = 0,
         ROOT_CERTIFICATE_DEVELOPER,
         ROOT_CERTIFICATE_PUBLIC,
         ROOT_CERTIFICATE_PARTNER,
         ROOT_CERTIFICATE_PARTNER_OPERATOR,
         ROOT_CERTIFICATE_PARTNER_MANUFACTURER,
  
+       ROOT_CERTIFICATE_CERT_SVC_PUBLIC = (1 << 6),
+       ROOT_CERTIFICATE_CERT_SVC_PARTNER = (1 << 7),
+       ROOT_CERTIFICATE_CERT_SVC_PARTNER_OPERATOR = (1 << 8),
+       ROOT_CERTIFICATE_CERT_SVC_PARTNER_MANUFACTURER = (1 << 9),
+       ROOT_CERTIFICATE_CERT_SVC_PLATFORM = (1 << 10),
+
+};
+
+enum SignatureFileType
+{
+       SIGNATURE_FILE_TYPE_NONE,
+       SIGNATURE_FILE_TYPE_AUTHOR,
+       SIGNATURE_FILE_TYPE_DISTRIBUTOR,
+
  };
  
  enum
diff --git a/src/Context/InstallationContext.cpp b/src/Context/InstallationContext.cpp

index 541176f..4f0a6b9 100755 (executable)
--- a/src/Context/InstallationContext.cpp
+++ b/src/Context/InstallationContext.cpp
@@ -62,6 +62,8 @@ InstallationContext::InstallationContext(void)
  ,__pContentDataList(null)
  ,__pAuthorCertPath(null)
  ,__pDistributorCertPath(null)
+,__pAuthorCertList(null)
+,__pDistributorCertList(null)
  ,__certType(0)
  {
  }
@@ -106,6 +108,20 @@ InstallationContext::~InstallationContext(void)
                 __pAppDataList->RemoveAll();
                 delete __pAppDataList;
         }
+
+       if (__pAuthorCertList)
+       {
+               __pAuthorCertList->RemoveAll();
+               delete __pAuthorCertList;
+               __pAuthorCertList = null;
+       }
+
+       if (__pDistributorCertList)
+       {
+               __pDistributorCertList->RemoveAll();
+               delete __pDistributorCertList;
+               __pDistributorCertList = null;
+       }
  }
  
  InstallerError
@@ -114,6 +130,12 @@ InstallationContext::Construct(void)
         __pAppDataList = new (std::nothrow) ArrayListT<AppData*>;
         TryReturn(__pAppDataList, INSTALLER_ERROR_OUT_OF_MEMORY, "__pAppDataList is null");
  
+       __pAuthorCertList = new (std::nothrow) ArrayListT<String*>;
+       TryReturn(__pAuthorCertList, INSTALLER_ERROR_OUT_OF_MEMORY, "__pAuthorCertList is null.");
+
+       __pDistributorCertList = new (std::nothrow) ArrayListT<String*>;
+       TryReturn(__pDistributorCertList, INSTALLER_ERROR_OUT_OF_MEMORY, "__pDistributorCertList is null.");
+
         return INSTALLER_ERROR_NONE;
  }
  
@@ -317,26 +339,3 @@ InstallationContext::SetContentDataList(ArrayList* pContentDataList)
         __pContentDataList = pContentDataList;
  }
  
-X509CertificatePath*
-InstallationContext::GetAuthorCertPath(void) const
-{
-       return __pAuthorCertPath;
-}
-
-void
-InstallationContext::SetAuthorCertPath(X509CertificatePath* pAuthorCertPath)
-{
-       __pAuthorCertPath = pAuthorCertPath;
-}
-
-X509CertificatePath*
-InstallationContext::GetDistributorCertPath(void) const
-{
-       return __pDistributorCertPath;
-}
-
-void
-InstallationContext::SetDistributorCertPath(X509CertificatePath* pDistributorCertPath)
-{
-       __pDistributorCertPath = pDistributorCertPath;
-}
diff --git a/src/Context/InstallationContext.h b/src/Context/InstallationContext.h

index 3947501..bcf2281 100755 (executable)
--- a/src/Context/InstallationContext.h
+++ b/src/Context/InstallationContext.h
@@ -81,12 +81,6 @@ public:
         Tizen::Base::Collection::ArrayList* GetContentDataList(void) const;
         void SetContentDataList(Tizen::Base::Collection::ArrayList* pContentDataList);
  
-       Tizen::Security::Cert::X509CertificatePath* GetAuthorCertPath(void) const;
-       void SetAuthorCertPath(Tizen::Security::Cert::X509CertificatePath* pAuthorCertPath);
-
-       Tizen::Security::Cert::X509CertificatePath* GetDistributorCertPath(void) const;
-       void SetDistributorCertPath(Tizen::Security::Cert::X509CertificatePath* pDistributorCertPath);
-
  private:
         InstallationContext(const InstallationContext& value);
         InstallationContext& operator =(const InstallationContext& source);
@@ -124,6 +118,9 @@ public:
         Tizen::Security::Cert::X509CertificatePath* __pAuthorCertPath;
         Tizen::Security::Cert::X509CertificatePath* __pDistributorCertPath;
  
+       Tizen::Base::Collection::ArrayListT<Tizen::Base::String *>* __pAuthorCertList;
+       Tizen::Base::Collection::ArrayListT<Tizen::Base::String *>* __pDistributorCertList;
+
         Tizen::Base::String __coreXmlPath;
         Tizen::Base::String __inputPath;
         Tizen::Base::String __packagePath;
diff --git a/src/Installer/Installer.cpp b/src/Installer/Installer.cpp

index 53a561e..17d2d8e 100755 (executable)
--- a/src/Installer/Installer.cpp
+++ b/src/Installer/Installer.cpp
@@ -30,6 +30,7 @@
  #include "ConfigurationManager.h"
  #include "DatabaseManager.h"
  #include "InstallerUtil.h"
+#include "SignatureManager.h"
  
  using namespace Tizen::Base;
  using namespace Tizen::Base::Collection;
@@ -134,6 +135,8 @@ Installer::OnEnd(void)
  
         InstallerOperation operation = pContext->GetInstallerOperation();
         ConfigurationManager configurationManager;
+       SignatureManager sigManager;
+       sigManager.Construct(pContext);
  
         pContext->SetContinue(false);
  
@@ -151,16 +154,16 @@ Installer::OnEnd(void)
                 res = configurationManager.PostInstall(pContext, false);
                 TryReturn(res, INSTALLER_ERROR_INTERNAL_STATE, "PostInstall() failed.");
  
-               res = configurationManager.UnregisterCertInfo(pContext);
+               res = sigManager.UnregisterCertInfo();
                 TryReturn(res, INSTALLER_ERROR_DATABASE, "UnregisterCertInfo() failed.");
  
-               res = configurationManager.RegisterCertInfo(pContext);
+               res = sigManager.RegisterCertInfo();
                 TryReturn(res, INSTALLER_ERROR_DATABASE, "RegisterCertInfo() failed.");
         }
         else if (operation == INSTALLER_OPERATION_UNINSTALL)
         {
                 configurationManager.RemoveFile(pContext);
-               configurationManager.UnregisterCertInfo(pContext);
+               sigManager.UnregisterCertInfo();
                 configurationManager.PostUninstall(pContext);
         }
  
diff --git a/src/Manager/ConfigurationManager.cpp b/src/Manager/ConfigurationManager.cpp

index 415e900..807f478 100755 (executable)
--- a/src/Manager/ConfigurationManager.cpp
+++ b/src/Manager/ConfigurationManager.cpp
@@ -334,151 +334,6 @@ ConfigurationManager::RemoveFile(InstallationContext* pContext)
  }
  
  bool
-ConfigurationManager::RegisterCertInfo(InstallationContext* pContext) const
-{
-       if (pContext->__isHybridService == true)
-       {
-               AppLog("Skip - HybridService");
-               return true;
-       }
-
-       AppLog("START");
-
-       int res = 0;
-       bool result = true;
-       pkgmgr_instcertinfo_h handle = null;
-       String appId = pContext->__packageId;
-       X509CertificatePath* pAuthorCertPath = pContext->GetAuthorCertPath();
-       X509CertificatePath* pDistributorCertPath = pContext->GetDistributorCertPath();
-
-       char* pAppId = _StringConverter::CopyToCharArrayN(appId);
-       TryCatch(pAppId, result = false, "pAppId is null");
-
-       res = pkgmgr_installer_create_certinfo_set_handle(&handle);
-       TryCatch(res == 0, result = false, "pkgmgr_installer_create_certinfo_set_handle() failed.[%d]", res);
-
-       if (pAuthorCertPath)
-       {
-               AppLog("[AuthorCert]");
-               result = SetCertHashValue(handle, pAuthorCertPath, PM_SET_AUTHOR_SIGNER_CERT);
-               TryCatch(result == true, , "RegisterCertHashValue() failed. [pAuthorCertPath]");
-       }
-
-       if (pDistributorCertPath)
-       {
-               AppLog("[DistributorCert]");
-               result = SetCertHashValue(handle, pDistributorCertPath, PM_SET_DISTRIBUTOR_SIGNER_CERT);
-               TryCatch(result == true, , "RegisterCertHashValue() failed. [pDistributorCertPath]");
-       }
-
-       res = pkgmgr_installer_save_certinfo(pAppId, handle);
-       TryCatch(res == 0, result = false, "pkgmgr_installer_save_certinfo(%s) failed.[%d]", pAppId, res);
-
-       AppLog("RegisterCertInfo - END");
-       AppLog("------------------------------------------");
-
-CATCH:
-       if (handle)
-       {
-               pkgmgr_installer_destroy_certinfo_set_handle(handle);
-       }
-
-       delete[] pAppId;
-       return result;
-}
-
-bool
-ConfigurationManager::SetCertHashValue(void* pHandle, X509CertificatePath* pCertPath, int certType) const
-{
-       TryReturn(pCertPath, false, "pCertPath is null.");
-
-       int res = 0;
-       bool result = true;
-       ICertificate* pCert = null;
-       char* pCertValue = null;
-
-       for (int i = 0; i < pCertPath->GetLength(); i++)
-       {
-               pCert = pCertPath->GetCertificateN(i);
-               TryCatch(pCert, result = false, "pCert is null.[%i]", i);
-
-               pCertValue = GetCertValueN(pCert);
-               TryCatch(pCertValue, result = false, "pCertValue is null.[%i]", i);
-
-               AppLog("------------------------------------------");
-               AppLog("CertValue(%d), certType[%d]", i, certType);
-               AppLog("[%s]", pCertValue);
-
-               res = pkgmgr_installer_set_cert_value(pHandle, (pkgmgr_instcert_type)certType, pCertValue);
-               TryCatch(res == 0, result = false, "pkgmgr_installer_set_cert_value(%d) failed.[%d]", i, res);
-
-               delete pCert;
-               pCert = null;
-               delete[] pCertValue;
-               pCertValue = null;
-
-               certType--;
-       }
-
-CATCH:
-       delete pCert;
-       delete[] pCertValue;
-
-       return result;
-}
-
-char*
-ConfigurationManager::GetCertValueN(ICertificate* pCert) const
-{
-       result r = E_SUCCESS;
-       ByteBuffer* pEncodedData = null;
-       String base64Value;
-       char* pEncodedValue = null;
-
-       pEncodedData = pCert->GetEncodedDataN();
-       TryCatch(pEncodedData, , "pEncodedData is null.");
-
-       r = StringUtil::EncodeToBase64String(*pEncodedData, base64Value);
-       TryCatch(!IsFailed(r), , "StringUtil::EncodeToBase64String is failed.");
-
-       pEncodedValue = _StringConverter::CopyToCharArrayN(base64Value);
-       TryCatch(pEncodedValue, , "pEncodedValue is null");
-
-CATCH:
-       delete pEncodedData;
-
-       return pEncodedValue;
-}
-
-bool
-ConfigurationManager::UnregisterCertInfo(InstallationContext* pContext) const
-{
-       if (pContext->__isHybridService == true)
-       {
-               AppLog("Skip - HybridService");
-               return true;
-       }
-
-       AppLog("START");
-       int res = 0;
-       bool result = true;
-       String appId = pContext->__packageId;
-
-       char* pAppId = _StringConverter::CopyToCharArrayN(appId);
-       TryCatch(pAppId, result = false, "pAppId is null");
-
-       res = pkgmgr_installer_delete_certinfo(pAppId);
-       TryCatch(res == 0, result = false, "pkgmgr_installer_delete_certinfo(%s) failed.[%d]", pAppId, res);
-
-       AppLog("UnregisterCertInfo - END");
-       AppLog("------------------------------------------");
-
-CATCH:
-       delete[] pAppId;
-       return result;
-}
-
-bool
  ConfigurationManager::PostInstall(InstallationContext* pContext, bool error) const
  {
         app2ext_handle* pHandle = (app2ext_handle*)pContext->__pApp2ExtHandle;
diff --git a/src/Manager/ConfigurationManager.h b/src/Manager/ConfigurationManager.h

index c56950b..ddc24aa 100755 (executable)
--- a/src/Manager/ConfigurationManager.h
+++ b/src/Manager/ConfigurationManager.h
@@ -42,9 +42,6 @@ public:
         bool CreateFile(InstallationContext* pContext);
         bool RemoveFile(InstallationContext* pContext);
  
-       bool RegisterCertInfo(InstallationContext* pContext) const;
-       bool UnregisterCertInfo(InstallationContext* pContext) const;
-
         bool PostInstall(InstallationContext* pContext, bool error) const;
         bool PostUninstall(InstallationContext* pContext) const;
  
@@ -55,8 +52,6 @@ private:
  
         bool CreateImeSymlink(const Tizen::Base::String& binaryPath, const Tizen::Base::String& packageName);
         bool FindPrivilege(InstallationContext* pContext, const Tizen::Base::String& privilege) const;
-       bool SetCertHashValue(void* pHandle, Tizen::Security::Cert::X509CertificatePath* pCertPath, int certType) const;
-       char* GetCertValueN(Tizen::Security::Cert::ICertificate* pCert) const;
  
  }; // ConfigurationManager
  
diff --git a/src/Manager/SignatureManager.cpp b/src/Manager/SignatureManager.cpp

index e56a864..86e16fe 100755 (executable)
--- a/src/Manager/SignatureManager.cpp
+++ b/src/Manager/SignatureManager.cpp
@@ -19,7 +19,11 @@
   * @brief      This is the implementation file for %SignatureManager class.
   */
  
+#include <pkgmgr_parser.h>
+#include <pkgmgr_installer.h>
+
  #include <FBase_StringConverter.h>
+#include <FBaseInternalTypes.h>
  
  #include "SignatureManager.h"
  
@@ -61,6 +65,246 @@ SignatureManager::Construct(InstallationContext* pContext)
  }
  
  bool
+SignatureManager::ValidateSignatures()
+{
+       AppLog("ValidateSignatures start >>");
+
+       TryReturn(__pContext, false, "__pContext is null.");
+
+       bool res = false;
+       res = ValidationCore::VCoreInit(
+                       std::string("/usr/share/wrt-engine/fingerprint_list.xml"),
+                       std::string("/usr/share/wrt-engine/fingerprint_list.xsd"),
+                       std::string("/opt/dbspace/.cert_svc_vcore.db"));
+       TryReturn(res, false, "ValidationCore::VCoreInit() is failed.");
+       TryReturn(__pContext->__rootPath.IsEmpty() == false, false, "__pContext->__rootPath is empty.");
+       fprintf(stderr, "  ## sValidationCore::VCoreInit() is done\n");
+
+       std::unique_ptr<char[]> pRootPath(_StringConverter::CopyToCharArrayN(__pContext->__rootPath));
+       TryReturn(pRootPath, false, "__pRootPath is null.");
+
+       std::string rootPath = pRootPath.get();
+       rootPath += "/";
+       AppLog("rootPath=[%s]", rootPath.c_str());
+
+       ValidationCore::SignatureFinder::Result findRes = ValidationCore::SignatureFinder::NO_ERROR;
+       ValidationCore::SignatureFinder signatureFinder(rootPath);
+       ValidationCore::SignatureFileInfoSet signatureFiles;
+
+       findRes = signatureFinder.find(signatureFiles);
+       TryReturn(findRes == ValidationCore::SignatureFinder::NO_ERROR , false, "signatureFinder.find() is failed, findRes=[%d]", (int)findRes);
+
+       fprintf(stderr, "  ## signatureFinder.find() is done\n");
+       ValidationCore::SignatureFileInfoSet::reverse_iterator iter = signatureFiles.rbegin();
+       for (; iter != signatureFiles.rend(); ++iter)
+       {
+               int sigFileNumber = iter->getFileNumber();
+               AppLog("SignatureFiles: name=[%s]", iter->getFileName().c_str());
+               AppLog("SignatureFiles: number=[%d]", sigFileNumber);
+               ValidationCore::SignatureData data(rootPath + iter->getFileName(), iter->getFileNumber());
+
+               try {
+                       ValidationCore::SignatureReader xml;
+                       xml.initialize(data, "/usr/share/wrt-engine/schema.xsd");
+                       xml.read(data);
+                       AppLog("ValidationCore::SignatureReader() done");
+                       fprintf(stderr, "  ## ValidationCore::SignatureReader() is done\n");
+
+                       ValidationCore::CertificateList certList = data.getCertList();
+                       ValidationCore::CertificateList::iterator it = certList.begin();
+                       ValidationCore::CertificateList::iterator it_end = certList.end();
+                       for (; it != it_end; it++)
+                       {
+                               std::string value = (*it)->getBase64();
+
+                               if (data.isAuthorSignature() == true)
+                               {
+                                       __pContext->__pAuthorCertList->Add(new String(value.c_str()));
+                                       AppLog("Author cert value=[%s]", value.c_str());
+                               }
+                               else
+                               {
+                                       if (sigFileNumber == SIGNATURE_FILE_NUMBER_DISTRIBUTOR)
+                                       {
+                                               __pContext->__pDistributorCertList->Add(new String(value.c_str()));
+                                               AppLog("Default distributor cert value=[%s]", value.c_str());
+                                       }
+                               }
+                       }
+
+                       ValidationCore::SignatureValidator::Result valRes = ValidationCore::SignatureValidator::SIGNATURE_VALID;
+                       ValidationCore::SignatureValidator::AppType appType = ValidationCore::SignatureValidator::TIZEN;
+                       ValidationCore::SignatureValidator validator(appType, false, false, false);
+
+                       AppLog("validator.check() start >>");
+                       fprintf(stderr, "  ## validator.check() start\n");
+
+                       valRes = validator.check(data, rootPath);
+                       TryReturn(valRes == ValidationCore::SignatureValidator::SIGNATURE_VERIFIED, false, "validator.check() is failed, valRes=[%d]", (int)valRes);
+                       fprintf(stderr, "  ## validator.check() done\n");
+                       AppLog("validator.check() done <<");
+                       fprintf(stderr, "  ## Signature validator.check success, name=[%s], number=[%d]\n", iter->getFileName().c_str(), iter->getFileNumber());
+
+                       ValidationCore::CertificatePtr pRootCert = data.getRootCaCertificatePtr();
+                       TryReturn(pRootCert, false, "__pRootPath is null.");
+                       std::string value = pRootCert.Get()->getBase64();
+                       if (data.isAuthorSignature() == true)
+                       {
+                               __pContext->__pAuthorCertList->Add(new String(value.c_str()));
+                               AppLog("Author root cert value=[%s]", value.c_str());
+                       }
+                       else
+                       {
+                               if (sigFileNumber == SIGNATURE_FILE_NUMBER_DISTRIBUTOR)
+                               {
+                                       __pContext->__pDistributorCertList->Add(new String(value.c_str()));
+                                       AppLog("Default root distributor cert value=[%s]", value.c_str());
+
+                                       ValidationCore::CertStoreId::Type certStoreIdType = data.getVisibilityLevel();
+                                       AppLog("CertStoreIdType = [%d]", (int)certStoreIdType);
+                                       __pContext->__rootCertType = (RootCertificateType)certStoreIdType;
+                               }
+                       }
+               }
+               catch (ValidationCore::ParserSchemaException::Base)
+               {
+                       TryReturn(0, false, "ParserSchemaException::Base exception occurred.");
+               }
+               catch (DPL::Exception)
+               {
+                       TryReturn(0, false, "DPL::Exception exception occurred.");
+               }
+       }
+
+       AppLog("ValidateSignatures done successfully <<");
+       return true;
+}
+
+bool
+SignatureManager::RegisterCertInfo() const
+{
+       TryReturn(__pContext, false, "__pContext is null");
+
+       if (__pContext->__isHybridService == true)
+       {
+               AppLog("Skip - HybridService");
+               return true;
+       }
+
+       AppLog("START");
+
+       int error = 0;
+       bool res = false;
+       pkgmgr_instcertinfo_h handle = null;
+
+       std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(__pContext->__packageId));
+       TryReturn(pPackageId, false, "pPackageId is null");
+
+       error = pkgmgr_installer_create_certinfo_set_handle(&handle);
+       TryReturn(error == 0, false, "pkgmgr_installer_create_certinfo_set_handle() failed, error = [%d].", error);
+
+       if (__pContext->__pAuthorCertList)
+       {
+               AppLog("[AuthorCert]");
+               res = SetAuthorCertValue(handle, __pContext->__pAuthorCertList);
+               TryCatch(res == true, , "SetAuthorCertHashValue() is failed.");
+       }
+
+       if (__pContext->__pDistributorCertList)
+       {
+               AppLog("[DistributorCert]");
+               res = SetDistributorCertValue(handle, __pContext->__pDistributorCertList);
+               TryCatch(res == true, , "RegisterCertHashValue() is failed.");
+       }
+
+       error = pkgmgr_installer_save_certinfo(pPackageId.get(), handle);
+       TryCatch(error == 0, res = false, "pkgmgr_installer_save_certinfo(%s) failed, error = [%d]", pPackageId.get(), error);
+
+       AppLog("RegisterCertInfo - END");
+       AppLog("------------------------------------------");
+
+       res = true;
+
+CATCH:
+       if (handle)
+       {
+               pkgmgr_installer_destroy_certinfo_set_handle(handle);
+       }
+
+       return res;
+}
+
+bool
+SignatureManager::UnregisterCertInfo() const
+{
+       TryReturn(__pContext, false, "__pContext is null");
+
+       if (__pContext->__isHybridService == true)
+       {
+               AppLog("Skip - HybridService");
+               return true;
+       }
+
+       AppLog("START");
+       int error = 0;
+       std::unique_ptr<char[]> pPackageId(_StringConverter::CopyToCharArrayN(__pContext->__packageId));
+       TryReturn(pPackageId, false, "pPackageId is null");
+
+       error = pkgmgr_installer_delete_certinfo(pPackageId.get());
+       TryReturn(error == 0, false, "pkgmgr_installer_delete_certinfo(%s) failed, error = [%d]", pPackageId.get(), error);
+
+       AppLog("UnregisterCertInfo - END");
+       AppLog("------------------------------------------");
+
+       return true;
+}
+
+int
+SignatureManager::GetApiVisibility(RootCertificateType certType)
+{
+       int apiVisibility = _API_VISIBILITY_NONE;
+
+       if (certType == ROOT_CERTIFICATE_PUBLIC)
+       {
+               apiVisibility = _API_VISIBILITY_PUBLIC;
+       }
+       else if (certType == ROOT_CERTIFICATE_PARTNER)
+       {
+               apiVisibility = _API_VISIBILITY_PARTNER;
+       }
+       else if (certType == ROOT_CERTIFICATE_PARTNER_OPERATOR)
+       {
+               apiVisibility = _API_VISIBILITY_PARTNER_OPERATOR;
+       }
+       else if (certType == ROOT_CERTIFICATE_PARTNER_MANUFACTURER)
+       {
+               apiVisibility = _API_VISIBILITY_PARTNER_MANUFACTURER;
+       }
+       else if (certType == ROOT_CERTIFICATE_CERT_SVC_PUBLIC)
+       {
+               apiVisibility = _API_VISIBILITY_PUBLIC;
+       }
+       else if (certType == ROOT_CERTIFICATE_CERT_SVC_PARTNER)
+       {
+               apiVisibility = _API_VISIBILITY_PARTNER;
+       }
+       else if (certType == ROOT_CERTIFICATE_CERT_SVC_PARTNER_OPERATOR)
+       {
+               apiVisibility = _API_VISIBILITY_PARTNER_OPERATOR;
+       }
+       else if (certType == ROOT_CERTIFICATE_CERT_SVC_PARTNER_MANUFACTURER)
+       {
+               apiVisibility = _API_VISIBILITY_PARTNER_MANUFACTURER;
+       }
+       else if (certType == ROOT_CERTIFICATE_CERT_SVC_PLATFORM)
+       {
+               apiVisibility = _API_VISIBILITY_PARTNER_MANUFACTURER;
+       }
+
+       return apiVisibility;
+}
+
+bool
  SignatureManager::SetSignature()
  {
         TryReturn(__pContext, false, "__pContext is null.");
@@ -148,7 +392,7 @@ SignatureManager::VerifyChain()
         AppLog("AuthorCert Validate - END");
         TryCatch(ret == true, ret = false, "Validate(AuthorCert) is failed.");
  
-       __pContext->SetAuthorCertPath(__pAuthorCertPath);
+       SetCertificatePath(SIGNATURE_FILE_TYPE_AUTHOR, __pAuthorCertPath);
         __pAuthorCertPath = null;
  
         AppLog("DistributorCert Validate - START");
@@ -156,7 +400,7 @@ SignatureManager::VerifyChain()
         AppLog("DistributorCert Validate - END");
         TryCatch(ret == true, ret = false, "Validate(DistributorCert) is failed.");
  
-       __pContext->SetDistributorCertPath(__pDistributorCertPath);
+       SetCertificatePath(SIGNATURE_FILE_TYPE_DISTRIBUTOR, __pDistributorCertPath);
         __pDistributorCertPath = null;
  
  CATCH:
@@ -169,6 +413,158 @@ CATCH:
  }
  
  bool
+SignatureManager::SetAuthorCertValue(void* pHandle, IListT<String *>* pCertList) const
+{
+       TryReturn(pHandle, false, "pHandle is null.");
+       TryReturn(pCertList, false, "pCertPath is null.");
+
+       int res = 0;
+       result r = E_SUCCESS;
+       int certType = 0;
+
+       for (int i = 0; i < pCertList->GetCount(); i++)
+       {
+               String* pCert = null;
+               r = pCertList->GetAt(i, pCert);
+               TryReturn(!IsFailed(r), false, "pCertList->GetAt() is failed, [%d]", i);
+               TryReturn(pCert, false, "pCertList->GetAt() is failed, [%d]", i);
+
+               std::unique_ptr<char[]> pCertValue(_StringConverter::CopyToCharArrayN(*pCert));
+
+               if (i == 0)
+               {
+                       certType = PM_SET_AUTHOR_SIGNER_CERT;
+               }
+               else if (i == 1)
+               {
+                       certType = PM_SET_AUTHOR_INTERMEDIATE_CERT;
+               }
+               else if (i == 2)
+               {
+                       certType = PM_SET_AUTHOR_ROOT_CERT;
+               }
+               else
+               {
+                       AppLog("Invalid certificate type[%d]", i);
+                       break;
+               }
+
+               AppLog("------------------------------------------");
+               AppLog("Certificate type=[%d]", certType);
+               AppLog("[%s]", pCertValue.get());
+
+               res = pkgmgr_installer_set_cert_value(pHandle, (pkgmgr_instcert_type)certType, pCertValue.get());
+               TryReturn(res == 0, false, "pkgmgr_installer_set_cert_value(%d) failed.[%d]", i, res);
+       }
+
+       return true;
+}
+
+bool
+SignatureManager::SetDistributorCertValue(void* pHandle, IListT<String *>* pCertList) const
+{
+       TryReturn(pHandle, false, "pHandle is null.");
+       TryReturn(pCertList, false, "pCertPath is null.");
+
+       int res = 0;
+       result r = E_SUCCESS;
+       int certType = 0;
+
+       for (int i = 0; i < pCertList->GetCount(); i++)
+       {
+               String* pCert = null;
+               r = pCertList->GetAt(i, pCert);
+               TryReturn(!IsFailed(r), false, "pCertList->GetAt() is failed, [%d]", i);
+               TryReturn(pCert, false, "pCertList->GetAt() is failed, [%d]", i);
+
+               std::unique_ptr<char[]> pCertValue(_StringConverter::CopyToCharArrayN(*pCert));
+
+               if (i == 0)
+               {
+                       certType = PM_SET_DISTRIBUTOR_SIGNER_CERT;
+               }
+               else if (i == 1)
+               {
+                       certType = PM_SET_DISTRIBUTOR_INTERMEDIATE_CERT;
+               }
+               else if (i == 2)
+               {
+                       certType = PM_SET_DISTRIBUTOR_ROOT_CERT;
+               }
+               else
+               {
+                       AppLog("Invalid certificate type[%d]", i);
+                       break;
+               }
+
+               AppLog("------------------------------------------");
+               AppLog("Certificate type=[%d]", certType);
+               AppLog("[%s]", pCertValue.get());
+
+               res = pkgmgr_installer_set_cert_value(pHandle, (pkgmgr_instcert_type)certType, pCertValue.get());
+               TryReturn(res == 0, false, "pkgmgr_installer_set_cert_value(%d) failed.[%d]", i, res);
+       }
+
+       return true;
+}
+
+bool
+SignatureManager::SetCertificatePath(SignatureFileType type, X509CertificatePath* pCertPath)
+{
+       TryReturn(pCertPath, false, "pCertPath is null.");
+       TryReturn(__pContext, false, "__pContext is null.");
+
+       IListT<String *>* pList = null;
+
+       if (type == SIGNATURE_FILE_TYPE_AUTHOR)
+       {
+               pList = __pContext->__pAuthorCertList;
+       }
+       else if (type == SIGNATURE_FILE_TYPE_DISTRIBUTOR)
+       {
+               pList = __pContext->__pDistributorCertList;
+       }
+       else
+       {
+               TryReturn(0, false, "SignatureFileType is unknown, type = [%d]", (int)type);
+       }
+
+       for (int i = 0; i < pCertPath->GetLength(); i++)
+       {
+               std::unique_ptr<ICertificate> pCert(pCertPath->GetCertificateN(i));
+               TryReturn(pCert, false, "pCert is null, [%i].", i);
+
+               bool res = false;
+               String certValue;
+               res = GetCertValue(pCert.get(), certValue);
+               TryReturn(res == true, false, "GetCertValue() is failed, [%d].", i);
+
+               result r = pList->Add(new String(certValue));
+               TryReturn(!IsFailed(r), false, "pList->Add() is failed, [%d]", i);
+
+               AppLog("------------------------------------------");
+               AppLog("CertValue[%d], certType[%d]", i, (int)type);
+               AppLog("[%ls]", certValue.GetPointer());
+       }
+
+       return true;
+}
+
+bool
+SignatureManager::GetCertValue(ICertificate* pCert, String& value) const
+{
+       result r = E_SUCCESS;
+
+       std::unique_ptr<ByteBuffer> pEncodedData(pCert->GetEncodedDataN());
+       TryReturn(pEncodedData, false, "pEncodedData is null.");
+
+       r = StringUtil::EncodeToBase64String(*pEncodedData.get(), value);
+       TryReturn(!IsFailed(r), false, "StringUtil::EncodeToBase64String() is failed.");
+
+       return true;
+}
+
+bool
  SignatureManager::Validate(X509CertificatePath* pCertPath)
  {
         TryReturn(pCertPath, false, "pCertPath is null.");
@@ -237,6 +633,50 @@ CATCH:
  }
  
  bool
+SignatureManager::AddAuthorRootCert(X509CertificatePath* pCertPath)
+{
+       TryReturn(pCertPath, false, "pCertPath is null.");
+
+       result r = E_SUCCESS;
+       bool ret = true;
+       ByteBuffer byteBuffer;
+       X509Certificate rootCert;
+       int length = 0;
+       const char* pAuthorRootCert = "MIICnzCCAggCCQCn+GGT4zh+BjANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMC"
+                                                                                                                               "S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6"
+                                                                                                                               "ZW4gVGVzdCBDQTElMCMGA1UECwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBD"
+                                                                                                                               "QTElMCMGA1UEAwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBDQTAeFw0xMjEw"
+                                                                                                                               "MjYwOTUwMTNaFw0yMjEwMjQwOTUwMTNaMIGTMQswCQYDVQQGEwJLUjEOMAwGA1UE"
+                                                                                                                               "CAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENB"
+                                                                                                                               "MSUwIwYDVQQLDBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMSUwIwYDVQQD"
+                                                                                                                               "DBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUA"
+                                                                                                                               "A4GNADCBiQKBgQDWT6ZH5JyGadTUK1QmNwU8j+py4WtuElJE+4/wPFP8/KBmvvmI"
+                                                                                                                               "rGVjhUbKXToKIo8N6C/0SLxGEWuRAIoZHhg5JVbw1Ay7smgJJHizDUAqMTmV6LI9"
+                                                                                                                               "yTFbBV+OlO2Dir4LVdQ/XDBiqqslr7pqXgsg1V2g7x+tOI/f3dn2kWoVZQIDAQAB"
+                                                                                                                               "MA0GCSqGSIb3DQEBBQUAA4GBADGJYMtzUBDK+KKLZQ6zYmrKb+OWLlmEr/t/c2af"
+                                                                                                                               "KjTKUtommcz8VeTPqrDBOwxlVPdxlbhisCYzzvwnWeZk1aeptxxU3kdW9N3/wocN"
+                                                                                                                               "5nBzgqkkHJnj/ptqjrH2v/m0Z3hBuI4/akHIIfCBF8mUHwqcxYsRdcCIrkgp2Aiv"
+                                                                                                                               "bSaM";
+
+       length = strlen(pAuthorRootCert);
+       byteBuffer.Construct(length);
+
+       r = byteBuffer.SetArray((byte*)pAuthorRootCert, 0, length);
+       TryCatch(!IsFailed(r), ret = false, "SetArray() is failed.");
+
+       byteBuffer.Flip();
+
+       r = rootCert.Construct(byteBuffer);
+       TryCatch(!IsFailed(r), ret = false, "rootCert.Construct() is failed.");
+
+       r = pCertPath->AddCertificate(rootCert);
+       TryCatch(!IsFailed(r), ret = false, "AddCertificate(AuthorRootCert) is failed.");
+
+CATCH:
+       return ret;
+}
+
+bool
  SignatureManager::AddDistributorRootCert(X509CertificatePath* pCertPath)
  {
         TryReturn(pCertPath, false, "pCertPath is null.");
@@ -375,127 +815,3 @@ CATCH:
         return ret;
  }
  
-bool
-SignatureManager::AddAuthorRootCert(X509CertificatePath* pCertPath)
-{
-       TryReturn(pCertPath, false, "pCertPath is null.");
-
-       result r = E_SUCCESS;
-       bool ret = true;
-       ByteBuffer byteBuffer;
-       X509Certificate rootCert;
-       int length = 0;
-       const char* pAuthorRootCert = "MIICnzCCAggCCQCn+GGT4zh+BjANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UEBhMC"
-                                                                                                                               "S1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6"
-                                                                                                                               "ZW4gVGVzdCBDQTElMCMGA1UECwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBD"
-                                                                                                                               "QTElMCMGA1UEAwwcVGl6ZW4gVGVzdCBEZXZlbG9wZXIgUm9vdCBDQTAeFw0xMjEw"
-                                                                                                                               "MjYwOTUwMTNaFw0yMjEwMjQwOTUwMTNaMIGTMQswCQYDVQQGEwJLUjEOMAwGA1UE"
-                                                                                                                               "CAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENB"
-                                                                                                                               "MSUwIwYDVQQLDBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMSUwIwYDVQQD"
-                                                                                                                               "DBxUaXplbiBUZXN0IERldmVsb3BlciBSb290IENBMIGfMA0GCSqGSIb3DQEBAQUA"
-                                                                                                                               "A4GNADCBiQKBgQDWT6ZH5JyGadTUK1QmNwU8j+py4WtuElJE+4/wPFP8/KBmvvmI"
-                                                                                                                               "rGVjhUbKXToKIo8N6C/0SLxGEWuRAIoZHhg5JVbw1Ay7smgJJHizDUAqMTmV6LI9"
-                                                                                                                               "yTFbBV+OlO2Dir4LVdQ/XDBiqqslr7pqXgsg1V2g7x+tOI/f3dn2kWoVZQIDAQAB"
-                                                                                                                               "MA0GCSqGSIb3DQEBBQUAA4GBADGJYMtzUBDK+KKLZQ6zYmrKb+OWLlmEr/t/c2af"
-                                                                                                                               "KjTKUtommcz8VeTPqrDBOwxlVPdxlbhisCYzzvwnWeZk1aeptxxU3kdW9N3/wocN"
-                                                                                                                               "5nBzgqkkHJnj/ptqjrH2v/m0Z3hBuI4/akHIIfCBF8mUHwqcxYsRdcCIrkgp2Aiv"
-                                                                                                                               "bSaM";
-
-       length = strlen(pAuthorRootCert);
-       byteBuffer.Construct(length);
-
-       r = byteBuffer.SetArray((byte*)pAuthorRootCert, 0, length);
-       TryCatch(!IsFailed(r), ret = false, "SetArray() is failed.");
-
-       byteBuffer.Flip();
-
-       r = rootCert.Construct(byteBuffer);
-       TryCatch(!IsFailed(r), ret = false, "rootCert.Construct() is failed.");
-
-       r = pCertPath->AddCertificate(rootCert);
-       TryCatch(!IsFailed(r), ret = false, "AddCertificate(AuthorRootCert) is failed.");
-
-CATCH:
-       return ret;
-}
-
-bool
-SignatureManager::ValidateSignatures()
-{
-       AppLog("ValidateSignatures start >>");
-
-       TryReturn(__pContext, false, "__pContext is null.");
-
-       bool res = false;
-       res = ValidationCore::VCoreInit(
-                       std::string("/usr/share/wrt-engine/fingerprint_list.xml"),
-                       std::string("/usr/share/wrt-engine/fingerprint_list.xsd"),
-                       std::string("/opt/dbspace/.cert_svc_vcore.db"));
-       TryReturn(res, false, "ValidationCore::VCoreInit() is failed.");
-       TryReturn(__pContext->__rootPath.IsEmpty() == false, false, "__pContext->__rootPath is empty.");
-       fprintf(stderr, "  ## sValidationCore::VCoreInit() is done\n");
-
-       std::unique_ptr<char[]> pRootPath(_StringConverter::CopyToCharArrayN(__pContext->__rootPath));
-       TryReturn(pRootPath, false, "__pRootPath is null.");
-
-       std::string rootPath = pRootPath.get();
-       rootPath += "/";
-       AppLog("rootPath=[%s]", rootPath.c_str());
-
-       ValidationCore::SignatureFinder::Result findRes = ValidationCore::SignatureFinder::NO_ERROR;
-       ValidationCore::SignatureFinder signatureFinder(rootPath);
-       ValidationCore::SignatureFileInfoSet signatureFiles;
-
-       findRes = signatureFinder.find(signatureFiles);
-       TryReturn(findRes == ValidationCore::SignatureFinder::NO_ERROR , false, "signatureFinder.find() is failed, findRes=[%d]", (int)findRes);
-
-       fprintf(stderr, "  ## signatureFinder.find() is done\n");
-       ValidationCore::SignatureFileInfoSet::reverse_iterator iter = signatureFiles.rbegin();
-       for (; iter != signatureFiles.rend(); ++iter)
-       {
-               AppLog("SignatureFiles: name=[%s]", iter->getFileName().c_str());
-               AppLog("SignatureFiles: number=[%d]", iter->getFileNumber());
-               ValidationCore::SignatureData data(rootPath + iter->getFileName(), iter->getFileNumber());
-
-               try {
-                       ValidationCore::SignatureReader xml;
-                       xml.initialize(data, "/usr/share/wrt-engine/schema.xsd");
-                       xml.read(data);
-                       AppLog("ValidationCore::SignatureReader() done");
-                       fprintf(stderr, "  ## ValidationCore::SignatureReader() is done\n");
-
-//                     ValidationCore::CertificateList certList = data.getCertList();
-//                     ValidationCore::CertificateList::iterator it = certList.begin();
-//                     ValidationCore::CertificateList::iterator it_end = certList.end();
-//                     for (; it != it_end; it++)
-//                     {
-//                             std::string value = (*it)->getBase64();
-//                             AppLog("cert value=[%s]", value.c_str());
-//                     }
-
-                       ValidationCore::SignatureValidator::Result valRes = ValidationCore::SignatureValidator::SIGNATURE_VALID;
-                       ValidationCore::SignatureValidator::AppType appType = ValidationCore::SignatureValidator::TIZEN;
-                       ValidationCore::SignatureValidator validator(appType, false, false, false);
-
-                       AppLog("validator.check() start >>");
-                       fprintf(stderr, "  ## validator.check() start\n");
-
-                       valRes = validator.check(data, rootPath);
-                       TryReturn(valRes == ValidationCore::SignatureValidator::SIGNATURE_VERIFIED, false, "validator.check() is failed, valRes=[%d]", (int)valRes);
-                       fprintf(stderr, "  ## validator.check() done\n");
-                       AppLog("validator.check() done <<");
-                       fprintf(stderr, "  ## Signature validator.check success, name=[%s], number=[%d]\n", iter->getFileName().c_str(), iter->getFileNumber());
-               }
-               catch (ValidationCore::ParserSchemaException::Base)
-               {
-                       TryReturn(0, false, "ParserSchemaException::Base exception occurred.");
-               }
-               catch (DPL::Exception)
-               {
-                       TryReturn(0, false, "DPL::Exception exception occurred.");
-               }
-       }
-
-       AppLog("ValidateSignatures done successfully <<");
-       return true;
-}
diff --git a/src/Manager/SignatureManager.h b/src/Manager/SignatureManager.h

index 81ca1cd..3898b4f 100755 (executable)
--- a/src/Manager/SignatureManager.h
+++ b/src/Manager/SignatureManager.h
@@ -44,16 +44,25 @@ public:
         virtual ~SignatureManager(void);
  
         bool Construct(InstallationContext *pConext);
+       bool ValidateSignatures();
+       bool RegisterCertInfo() const;
+       bool UnregisterCertInfo() const;
+       int GetApiVisibility(RootCertificateType certType);
+
         bool SetSignature();
         bool AddCert();
         bool VerifyChain();
-       //bool VerifySignature();
-       bool ValidateSignatures();
  
  private:
         SignatureManager(const SignatureManager& value);
         SignatureManager& operator =(const SignatureManager& source);
  
+       bool SetAuthorCertValue(void* pHandle, Tizen::Base::Collection::IListT<Tizen::Base::String *>* pCertList) const;
+       bool SetDistributorCertValue(void* pHandle, Tizen::Base::Collection::IListT<Tizen::Base::String *>* pCertList) const;
+
+       bool SetCertificatePath(SignatureFileType type, Tizen::Security::Cert::X509CertificatePath* pCertPath);
+       bool GetCertValue(Tizen::Security::Cert::ICertificate* pCert, Tizen::Base::String& value) const;
+
         bool Validate(Tizen::Security::Cert::X509CertificatePath* pCertPath);
         bool AddCertificate(Tizen::Security::Cert::X509CertificatePath* pCertPath, Tizen::Base::Collection::IList* pCertChain);
         bool AddDistributorRootCert(Tizen::Security::Cert::X509CertificatePath* pCertPath);
diff --git a/src/Manager/SmackManager.cpp b/src/Manager/SmackManager.cpp

index 993ea5c..3b93036 100755 (executable)
--- a/src/Manager/SmackManager.cpp
+++ b/src/Manager/SmackManager.cpp
@@ -33,6 +33,7 @@
  
  using namespace Tizen::App;
  using namespace Tizen::Base;
+using namespace Tizen::Base::Collection;
  using namespace Tizen::Base::Utility;
  using namespace Tizen::Security::Cert;
  using namespace Tizen::Security::Crypto;
@@ -145,14 +146,17 @@ SmackManager::AddLabelSharedDir(const PackageId& packageId, const String& dirPat
         {
                 Sha1Hash hash;
                 String base64Value;
+               result r = E_SUCCESS;
  
-               X509CertificatePath* pAuthorCertPath = __pContext->GetAuthorCertPath();
-               TryReturn(pAuthorCertPath, false, "pAuthorCertPath is null.");
+               IListT<String *>* pAuthorCertList = __pContext->__pAuthorCertList;
+               TryReturn(pAuthorCertList, false, "pAuthorCertList is null.");
  
-               std::unique_ptr<ICertificate> pEntity(pAuthorCertPath->GetCertificateN(0));
+               String *pEntity = null;
+               r = pAuthorCertList->GetAt(0, pEntity);
+               TryReturn(!IsFailed(r), false, "pAuthorCertList->GetAt() is failed.");
                 TryReturn(pEntity, false, "pEntity is null.");
  
-               std::unique_ptr<ByteBuffer> pEncodedData(pEntity->GetEncodedDataN());
+               std::unique_ptr<ByteBuffer> pEncodedData(StringUtil::DecodeBase64StringN(*pEntity));
                 TryReturn(pEncodedData, false, "pEncodedData is null.");
  
                 std::unique_ptr<ByteBuffer> pHashValue(hash.GetHashN(*pEncodedData.get()));
diff --git a/src/Step/SignatureStep.cpp b/src/Step/SignatureStep.cpp

index 0d9ac47..f604efc 100755 (executable)
--- a/src/Step/SignatureStep.cpp
+++ b/src/Step/SignatureStep.cpp
@@ -33,7 +33,7 @@ using namespace Tizen::Base::Collection;
  using namespace Tizen::Io;
  
  SignatureStep::SignatureStep(void)
-:__state(STATE_SIGNER_CERT)
+:__state(STATE_SIGNER_INIT)
  ,__pContext(null)
  ,__pSignatureManager(null)
  {
@@ -62,6 +62,11 @@ SignatureStep::Run(InstallationContext* pContext)
         {
                 switch (__state)
                 {
+               case STATE_SIGNER_INIT:
+                       AppLog("[STATE_SIGNER_INIT]");
+                       error = OnStateSignerInit();
+                       break;
+
                 case STATE_SIGNER_CERT:
                         AppLog("[STATE_SIGNER_CERT]");
                         error = OnStateSignerCert();
@@ -108,24 +113,49 @@ SignatureStep::GoNextState(void)
  }
  
  InstallerError
-SignatureStep::OnStateSignerCert(void)
+SignatureStep::OnStateSignerInit(void)
  {
         InstallerError error = INSTALLER_ERROR_NONE;
         bool ret = true;
  
         __pSignatureManager = new (std::nothrow) SignatureManager();
-       TryCatch(__pSignatureManager, error = INSTALLER_ERROR_OUT_OF_MEMORY, "__pSignatureManager is null.");
+       TryReturn(__pSignatureManager, error = INSTALLER_ERROR_OUT_OF_MEMORY, "__pSignatureManager is null.");
  
         ret = __pSignatureManager->Construct(__pContext);
-       TryCatch(ret == true, error = INSTALLER_ERROR_INTERNAL_STATE, "Construct() failed");
-
-       ret = __pSignatureManager->SetSignature();
-       TryCatch(ret == true, error = INSTALLER_ERROR_SIGNATURE_INVALID, "SetSignature() failed");
+       TryReturn(ret == true, error = INSTALLER_ERROR_INTERNAL_STATE, "Construct() failed");
  
-       // test for signature validator
         ret = __pSignatureManager->ValidateSignatures();
         fprintf(stderr, "  ## __pSignatureManager->ValidateSignatures() result = [%d]\n", ret);
  
+       if (ret == true)
+       {
+               AppLog("_pSignatureManager->ValidateSignatures() is ok.");
+               __state = STATE_ROOT_CERT;
+       }
+       else
+       {
+               AppLog("_pSignatureManager->ValidateSignatures() does not be passed, using another validator.");
+
+               __pContext->__rootCertType = ROOT_CERTIFICATE_NONE;
+               __pContext->__pAuthorCertList->RemoveAll();
+               __pContext->__pDistributorCertList->RemoveAll();
+
+               GoNextState();
+       }
+
+       return error;
+}
+
+
+InstallerError
+SignatureStep::OnStateSignerCert(void)
+{
+       InstallerError error = INSTALLER_ERROR_NONE;
+       bool ret = true;
+
+       ret = __pSignatureManager->SetSignature();
+       TryCatch(ret == true, error = INSTALLER_ERROR_SIGNATURE_INVALID, "SetSignature() failed");
+
  CATCH:
         GoNextState();
         return error;
@@ -168,7 +198,7 @@ SignatureStep::OnStateRootCert(void)
         const ArrayList* pPrivilegeList = __pContext->GetPrivilegeList();
         RootCertificateType certType = __pContext->__rootCertType;
         PackageId packageId = __pContext->__packageId;
-       int apiVisibility = GetApiVisibility(certType);
+       int apiVisibility = __pSignatureManager->GetApiVisibility(certType);
  
         AppLog("PackageId = [%ls], CertType = [%d], ApiVisibility = [%d]", packageId.GetPointer(), certType, apiVisibility);
  
@@ -198,27 +228,3 @@ SignatureStep::OnStateDone(void)
         return error;
  }
  
-int
-SignatureStep::GetApiVisibility(RootCertificateType certType)
-{
-       int apiVisibility = _API_VISIBILITY_NONE;
-
-       if (certType == ROOT_CERTIFICATE_PUBLIC)
-       {
-               apiVisibility = _API_VISIBILITY_PUBLIC;
-       }
-       else if (certType == ROOT_CERTIFICATE_PARTNER)
-       {
-               apiVisibility = _API_VISIBILITY_PARTNER;
-       }
-       else if (certType == ROOT_CERTIFICATE_PARTNER_OPERATOR)
-       {
-               apiVisibility = _API_VISIBILITY_PARTNER_OPERATOR;
-       }
-       else if (certType == ROOT_CERTIFICATE_PARTNER_MANUFACTURER)
-       {
-               apiVisibility = _API_VISIBILITY_PARTNER_MANUFACTURER;
-       }
-
-       return apiVisibility;
-}
diff --git a/src/Step/SignatureStep.h b/src/Step/SignatureStep.h

index 610d888..4ff7c03 100755 (executable)
--- a/src/Step/SignatureStep.h
+++ b/src/Step/SignatureStep.h
@@ -46,6 +46,7 @@ public:
  private:
         enum
         {
+               STATE_SIGNER_INIT,
                 STATE_SIGNER_CERT,
                 STATE_CERT_CHAIN,
                 STATE_ROOT_CERT,
@@ -56,13 +57,12 @@ private:
         SignatureStep& operator =(const SignatureStep& source);
  
         void GoNextState(void);
+       InstallerError OnStateSignerInit(void);
         InstallerError OnStateSignerCert(void);
         InstallerError OnStateCertChain(void);
         InstallerError OnStateRootCert(void);
         InstallerError OnStateDone(void);
  
-       int GetApiVisibility(RootCertificateType certType);
-
  private:
         int __state;
         InstallationContext* __pContext;
author	Dongeup Ham <dongeup.ham@samsung.com>
	Wed, 3 Apr 2013 15:07:10 +0000 (00:07 +0900)
committer	Dongeup Ham <dongeup.ham@samsung.com>
	Wed, 3 Apr 2013 15:07:10 +0000 (00:07 +0900)
inc/InstallerDefs.h		patch \| blob \| history
src/Context/InstallationContext.cpp		patch \| blob \| history
src/Context/InstallationContext.h		patch \| blob \| history
src/Installer/Installer.cpp		patch \| blob \| history
src/Manager/ConfigurationManager.cpp		patch \| blob \| history
src/Manager/ConfigurationManager.h		patch \| blob \| history
src/Manager/SignatureManager.cpp		patch \| blob \| history
src/Manager/SignatureManager.h		patch \| blob \| history
src/Manager/SmackManager.cpp		patch \| blob \| history
src/Step/SignatureStep.cpp		patch \| blob \| history
src/Step/SignatureStep.h		patch \| blob \| history