Init transec library about app custom trust anchor

* Add AppCustomTrustAnchor header draft

Change-Id: Iff710eaece8ba54a1ffad57589f02857b6b325ff
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>

diff --git a/CMakeLists.txt b/CMakeLists.txt
index f55fc49..6bbd96f 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -25,6 +25,7 @@ ADD_DEFINITIONS("-Wextra")
 ADD_DEFINITIONS("-Werror")
 
 SET(TARGET_VCORE_LIB "cert-svc-vcore")
+SET(TARGET_TRANSEC_LIB "cert-svc-transec")
 SET(TARGET_CERT_SERVER "cert-server")
 
 ADD_DEFINITIONS("-DSIGNATURE_SCHEMA_PATH=\"${CERT_SVC_RO_PATH}/schema.xsd\"")

diff --git a/packaging/cert-svc.spec b/packaging/cert-svc.spec
index fd50ddd..f65e7d9 100644 (file)
--- a/packaging/cert-svc.spec
+++ b/packaging/cert-svc.spec
@@ -161,6 +161,7 @@ fi
 %_unitdir/cert-server.socket
 %_unitdir/sockets.target.wants/cert-server.socket
 %_libdir/libcert-svc-vcore.so.*
+%_libdir/libcert-svc-transec.so.*
 %bin_dir/cert-server
 %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_path
 %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_pkcs12
@@ -178,6 +179,7 @@ fi
 %_includedir/*
 %_libdir/pkgconfig/*
 %_libdir/libcert-svc-vcore.so
+%_libdir/libcert-svc-transec.so
 
 %if 0%{?certsvc_test_build}
 %files test

diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 94a9a59..6f93734 100644 (file)
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -165,3 +165,5 @@ INSTALL(FILES
     cert-svc/cstring.h
     DESTINATION ${INCLUDEDIR}/cert-svc/cert-svc
     )
+
+ADD_SUBDIRECTORY(transec)

diff --git a/src/transec/AppCustomTrustAnchor.cpp b/src/transec/AppCustomTrustAnchor.cpp
new file mode 100644 (file)
index 0000000..0bc1d02
--- /dev/null
+++ b/src/transec/AppCustomTrustAnchor.cpp
@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *    Licensed under the Apache License, Version 2.0 (the "License");
+ *    you may not use this file except in compliance with the License.
+ *    You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS,
+ *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *    See the License for the specific language governing permissions and
+ *    limitations under the License.
+ */
+/*
+ * @file        AppCustomTrustAnchor.cpp
+ * @author      Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version     0.1
+ * @brief       Implementation of App custom trust anchor
+ */
+#include "AppCustomTrustAnchor.h"
+
+namespace transec {
+
+class AppCustomTrustAnchor::Impl {
+public:
+       explicit Impl(const std::string &packageId,
+                                 const std::string &certsDir,
+                                 uid_t uid);
+       explicit Impl(const std::string &packageId, const std::string &certsDir);
+       virtual ~Impl(void) = default;
+
+       int install(bool withSystemCerts);
+       int uninstall(void);
+       int launch(bool withSystemCerts);
+
+private:
+       std::string m_packageId;
+       std::string m_certsDir;
+       uid_t m_uid;
+};
+
+AppCustomTrustAnchor::Impl::Impl(const std::string &packageId,
+                                                                const std::string &certsDir,
+                                                                uid_t uid) :
+       m_packageId(packageId), m_certsDir(certsDir), m_uid(uid) {}
+
+AppCustomTrustAnchor::Impl::Impl(const std::string &packageId,
+                                                                const std::string &certsDir) :
+       m_packageId(packageId), m_certsDir(certsDir) {}
+
+int AppCustomTrustAnchor::Impl::install(bool withSystemCerts)
+{
+       if (withSystemCerts)
+               return 0;
+       else
+               return -1;
+}
+
+int AppCustomTrustAnchor::Impl::uninstall(void)
+{
+       return 0;
+}
+
+int AppCustomTrustAnchor::Impl::launch(bool withSystemCerts)
+{
+       if (withSystemCerts)
+               return 0;
+       else
+               return -1;
+}
+
+AppCustomTrustAnchor::AppCustomTrustAnchor(const std::string &packageId,
+                                                                                  const std::string &certsDir,
+                                                                                  uid_t uid) noexcept :
+       m_pImpl(new Impl(packageId, certsDir, uid)) {}
+
+AppCustomTrustAnchor::AppCustomTrustAnchor(const std::string &packageId,
+                                                                                  const std::string &certsDir) noexcept :
+       m_pImpl(new Impl(packageId, certsDir)) {}
+
+AppCustomTrustAnchor::~AppCustomTrustAnchor(void) = default;
+
+int AppCustomTrustAnchor::install(bool withSystemCerts) noexcept
+{
+       if (this->m_pImpl == nullptr)
+               return -1;
+
+       return this->m_pImpl->install(withSystemCerts);
+}
+
+int AppCustomTrustAnchor::uninstall(void) noexcept
+{
+       if (this->m_pImpl == nullptr)
+               return -1;
+
+       return this->m_pImpl->uninstall();
+}
+
+int AppCustomTrustAnchor::launch(bool withSystemCerts) noexcept
+{
+       if (this->m_pImpl == nullptr)
+               return -1;
+
+       return this->m_pImpl->launch(withSystemCerts);
+}
+
+} // namespace transec

diff --git a/src/transec/AppCustomTrustAnchor.h b/src/transec/AppCustomTrustAnchor.h
new file mode 100644 (file)
index 0000000..c9e1c92
--- /dev/null
+++ b/src/transec/AppCustomTrustAnchor.h
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *    Licensed under the Apache License, Version 2.0 (the "License");
+ *    you may not use this file except in compliance with the License.
+ *    You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS,
+ *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *    See the License for the specific language governing permissions and
+ *    limitations under the License.
+ */
+/*
+ * @file        AppCustomTrustAnchor.h
+ * @author      Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version     0.1
+ * @brief       App custom trust anchor C++ API header
+ */
+#pragma once
+
+#include <sys/types.h>
+#include <string>
+#include <memory>
+
+namespace transec {
+
+class AppCustomTrustAnchor {
+public:
+       explicit AppCustomTrustAnchor(const std::string &packageId,
+                                                                 const std::string &certsDir,
+                                                                 uid_t uid) noexcept;
+       explicit AppCustomTrustAnchor(const std::string &packageId,
+                                                                 const std::string &certsDir) noexcept;
+       virtual ~AppCustomTrustAnchor(void);
+
+       AppCustomTrustAnchor(const AppCustomTrustAnchor &) = delete;
+       AppCustomTrustAnchor(AppCustomTrustAnchor &&) = delete;
+       AppCustomTrustAnchor &operator=(const AppCustomTrustAnchor &) = delete;
+       AppCustomTrustAnchor &operator=(AppCustomTrustAnchor &&) = delete;
+
+       int install(bool withSystemCerts) noexcept;
+       int uninstall(void) noexcept;
+       int launch(bool withSystemCerts) noexcept;
+
+private:
+       class Impl;
+       std::unique_ptr<Impl> m_pImpl;
+};
+
+} // namespace transec

diff --git a/src/transec/CMakeLists.txt b/src/transec/CMakeLists.txt
new file mode 100644 (file)
index 0000000..36d751b
--- /dev/null
+++ b/src/transec/CMakeLists.txt
@@ -0,0 +1,44 @@
+# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+#
+# @file        CMakeLists.txt
+# @author      Sangwan Kwon (sangwan.kwon@samsung.com)
+# @breif       Make trasnport security library
+#
+SET(${TARGET_TRANSEC_LIB}_SRCS
+       AppCustomTrustAnchor.cpp
+)
+
+INCLUDE_DIRECTORIES(
+       SYSTEM
+       .
+       ${${TARGET_TRANSEC_LIB}_DEP_INCLUDE_DIRS}
+)
+
+ADD_LIBRARY(${TARGET_TRANSEC_LIB} SHARED ${${TARGET_TRANSEC_LIB}_SRCS})
+
+# TODO(sangwan.kwon) visibility needed to be hidden
+SET_TARGET_PROPERTIES(${TARGET_TRANSEC_LIB}
+       PROPERTIES
+               COMPILE_FLAGS "-D_GNU_SOURCE -fPIC -fvisibility=default"
+               SOVERSION ${SO_VERSION}
+               VERSION ${VERSION}
+)
+
+INSTALL(TARGETS ${TARGET_TRANSEC_LIB} DESTINATION ${LIB_INSTALL_DIR})
+INSTALL(FILES
+                       AppCustomTrustAnchor.h
+               DESTINATION
+                       ${INCLUDEDIR}/cert-svc/transec
+)