ADD_DEFINITIONS("-Werror")
SET(TARGET_VCORE_LIB "cert-svc-vcore")
+SET(TARGET_TRANSEC_LIB "cert-svc-transec")
SET(TARGET_CERT_SERVER "cert-server")
ADD_DEFINITIONS("-DSIGNATURE_SCHEMA_PATH=\"${CERT_SVC_RO_PATH}/schema.xsd\"")
%_unitdir/cert-server.socket
%_unitdir/sockets.target.wants/cert-server.socket
%_libdir/libcert-svc-vcore.so.*
+%_libdir/libcert-svc-transec.so.*
%bin_dir/cert-server
%dir %attr(-, %{user_name}, %{group_name}) %cert_svc_path
%dir %attr(-, %{user_name}, %{group_name}) %cert_svc_pkcs12
%_includedir/*
%_libdir/pkgconfig/*
%_libdir/libcert-svc-vcore.so
+%_libdir/libcert-svc-transec.so
%if 0%{?certsvc_test_build}
%files test
cert-svc/cstring.h
DESTINATION ${INCLUDEDIR}/cert-svc/cert-svc
)
+
+ADD_SUBDIRECTORY(transec)
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file AppCustomTrustAnchor.cpp
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version 0.1
+ * @brief Implementation of App custom trust anchor
+ */
+#include "AppCustomTrustAnchor.h"
+
+namespace transec {
+
+class AppCustomTrustAnchor::Impl {
+public:
+ explicit Impl(const std::string &packageId,
+ const std::string &certsDir,
+ uid_t uid);
+ explicit Impl(const std::string &packageId, const std::string &certsDir);
+ virtual ~Impl(void) = default;
+
+ int install(bool withSystemCerts);
+ int uninstall(void);
+ int launch(bool withSystemCerts);
+
+private:
+ std::string m_packageId;
+ std::string m_certsDir;
+ uid_t m_uid;
+};
+
+AppCustomTrustAnchor::Impl::Impl(const std::string &packageId,
+ const std::string &certsDir,
+ uid_t uid) :
+ m_packageId(packageId), m_certsDir(certsDir), m_uid(uid) {}
+
+AppCustomTrustAnchor::Impl::Impl(const std::string &packageId,
+ const std::string &certsDir) :
+ m_packageId(packageId), m_certsDir(certsDir) {}
+
+int AppCustomTrustAnchor::Impl::install(bool withSystemCerts)
+{
+ if (withSystemCerts)
+ return 0;
+ else
+ return -1;
+}
+
+int AppCustomTrustAnchor::Impl::uninstall(void)
+{
+ return 0;
+}
+
+int AppCustomTrustAnchor::Impl::launch(bool withSystemCerts)
+{
+ if (withSystemCerts)
+ return 0;
+ else
+ return -1;
+}
+
+AppCustomTrustAnchor::AppCustomTrustAnchor(const std::string &packageId,
+ const std::string &certsDir,
+ uid_t uid) noexcept :
+ m_pImpl(new Impl(packageId, certsDir, uid)) {}
+
+AppCustomTrustAnchor::AppCustomTrustAnchor(const std::string &packageId,
+ const std::string &certsDir) noexcept :
+ m_pImpl(new Impl(packageId, certsDir)) {}
+
+AppCustomTrustAnchor::~AppCustomTrustAnchor(void) = default;
+
+int AppCustomTrustAnchor::install(bool withSystemCerts) noexcept
+{
+ if (this->m_pImpl == nullptr)
+ return -1;
+
+ return this->m_pImpl->install(withSystemCerts);
+}
+
+int AppCustomTrustAnchor::uninstall(void) noexcept
+{
+ if (this->m_pImpl == nullptr)
+ return -1;
+
+ return this->m_pImpl->uninstall();
+}
+
+int AppCustomTrustAnchor::launch(bool withSystemCerts) noexcept
+{
+ if (this->m_pImpl == nullptr)
+ return -1;
+
+ return this->m_pImpl->launch(withSystemCerts);
+}
+
+} // namespace transec
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file AppCustomTrustAnchor.h
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version 0.1
+ * @brief App custom trust anchor C++ API header
+ */
+#pragma once
+
+#include <sys/types.h>
+#include <string>
+#include <memory>
+
+namespace transec {
+
+class AppCustomTrustAnchor {
+public:
+ explicit AppCustomTrustAnchor(const std::string &packageId,
+ const std::string &certsDir,
+ uid_t uid) noexcept;
+ explicit AppCustomTrustAnchor(const std::string &packageId,
+ const std::string &certsDir) noexcept;
+ virtual ~AppCustomTrustAnchor(void);
+
+ AppCustomTrustAnchor(const AppCustomTrustAnchor &) = delete;
+ AppCustomTrustAnchor(AppCustomTrustAnchor &&) = delete;
+ AppCustomTrustAnchor &operator=(const AppCustomTrustAnchor &) = delete;
+ AppCustomTrustAnchor &operator=(AppCustomTrustAnchor &&) = delete;
+
+ int install(bool withSystemCerts) noexcept;
+ int uninstall(void) noexcept;
+ int launch(bool withSystemCerts) noexcept;
+
+private:
+ class Impl;
+ std::unique_ptr<Impl> m_pImpl;
+};
+
+} // namespace transec
--- /dev/null
+# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author Sangwan Kwon (sangwan.kwon@samsung.com)
+# @breif Make trasnport security library
+#
+SET(${TARGET_TRANSEC_LIB}_SRCS
+ AppCustomTrustAnchor.cpp
+)
+
+INCLUDE_DIRECTORIES(
+ SYSTEM
+ .
+ ${${TARGET_TRANSEC_LIB}_DEP_INCLUDE_DIRS}
+)
+
+ADD_LIBRARY(${TARGET_TRANSEC_LIB} SHARED ${${TARGET_TRANSEC_LIB}_SRCS})
+
+# TODO(sangwan.kwon) visibility needed to be hidden
+SET_TARGET_PROPERTIES(${TARGET_TRANSEC_LIB}
+ PROPERTIES
+ COMPILE_FLAGS "-D_GNU_SOURCE -fPIC -fvisibility=default"
+ SOVERSION ${SO_VERSION}
+ VERSION ${VERSION}
+)
+
+INSTALL(TARGETS ${TARGET_TRANSEC_LIB} DESTINATION ${LIB_INSTALL_DIR})
+INSTALL(FILES
+ AppCustomTrustAnchor.h
+ DESTINATION
+ ${INCLUDEDIR}/cert-svc/transec
+)