* @brief Encrypts web application data with internal key(APP DEK: Application Data Encryption Key).
*
* @since_tizen 3.0
- * @param[in] pPkgId The package id of an application.
- * @param[in] appType The application type.
- * @param[in] pData The data block to be encrypted.
- * @param[in] dataLen The length of the data block.
- * @param[out] ppEncryptedData The data block contaning encrypted data block. Memory allocated for ppEncryptedData. Has to be freed by free() function.
- * @param[out] pEncDataLen The length of the encrypted data block.
+ * @param[in] pkg_id The package id of an application
+ * @param[in] app_type The application type
+ * @param[in] data The data block to be encrypted
+ * @param[in] data_len The length of @a data
+ * @param[out] pencrypted_data The data block contaning encrypted data block which must be freed by free()
+ * @param[out] pencrypted_data_len The length of data pointed by @a pencrypted_data
*
* @return #WAE_ERROR_NONE on success, otherwise a negative error value
* @retval #WAE_ERROR_INVALID_PARAMETER Invalid input parameter
*
* @see wae_decrypt_web_application()
*/
-int wae_encrypt_web_application(const char *pPkgId, wae_app_type_e appType, const unsigned char *pData, size_t dataLen, unsigned char **ppEncryptedData, size_t *pEncDataLen);
+int wae_encrypt_web_application(const char *pkg_id, wae_app_type_e app_type,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pencrypted_data, size_t *pencrypted_data_len);
/**
* @brief Encrypts web application data with internal key.
*
* @since_tizen 3.0
- * @param[in] pPkgId The package id of an application.
- * @param[in] appType The application type.
- * @param[in] pData The data block to be decrypted.
- * @param[in] dataLen The length of the data block.
- * @param[out] ppDecryptedData Data block contaning decrypted data block. Memory allocated for ppEncryptedData. Has to be freed by free() function.
- * @param[out] pDecDataLen The length of the decrypted data block.
+ * @param[in] pkg_id The package id of an application
+ * @param[in] app_type The application type
+ * @param[in] data The data block to be decrypted
+ * @param[in] data_len The length of @a data
+ * @param[out] pdecrypted_data Data block contaning decrypted data block which must be freed by free()
+ * @param[out] pdecrypted_data_len The length of data pointed by @a pdecrypted_data
*
* @return #WAE_ERROR_NONE on success, otherwise a negative error value
* @retval #WAE_ERROR_INVALID_PARAMETER Invalid input parameter
*
* @see wae_encrypt_web_application()
*/
-int wae_decrypt_web_application(const char *pPkgId, wae_app_type_e appType, const unsigned char *pData, size_t dataLen, unsigned char **ppDecryptedData, size_t *pDecDataLen);
+int wae_decrypt_web_application(const char *pkg_id, wae_app_type_e app_type,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pdecrypted_data, size_t *pdecrypted_data_len);
/**
* @brief Remove a APP DEK(Application Data Encryption Key) used for encrytpion and decryption of a web application.
*
* @since_tizen 3.0
- * @param[in] pPkgId The package id of an application.
- * @param[in] appType The application type.
+ * @param[in] pkg_id The package id of an application
+ * @param[in] app_type The application type
*
* @return #WAE_ERROR_NONE on success, otherwise a negative error value
* @retval #WAE_ERROR_INVALID_PARAMETER Invalid input parameter
* @retval #WAE_ERROR_UNKNOWN Failed with unknown reason
*
*/
-int wae_remove_app_dek(const char *pPkgId, wae_app_type_e appType);
+int wae_remove_app_dek(const char *pkg_id, wae_app_type_e app_type);
/**
* @}
}
}
-int encrypt_app_dek(const unsigned char *rsaPublicKey, size_t pubKeyLen,
- const unsigned char *dek, size_t dekLen,
- unsigned char **encryptedDek, size_t *encryptedDekLen)
+int encrypt_app_dek(const unsigned char *pubkey, size_t pubkey_len,
+ const unsigned char *dek, size_t dek_len,
+ unsigned char **pencrypted_dek, size_t *pencrypted_dek_len)
{
int ret = WAE_ERROR_NONE;
- EVP_PKEY *pKey = NULL;
+ EVP_PKEY *key = NULL;
BIO *bio = NULL;
EVP_PKEY_CTX *ctx = NULL;
unsigned char *out = NULL;
- size_t outLen = 0;
+ size_t out_len = 0;
_initialize();
bio = BIO_new(BIO_s_mem());
- BIO_write(bio, rsaPublicKey, pubKeyLen);
- pKey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
+ BIO_write(bio, pubkey, pubkey_len);
+ key = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL);
- if (pKey == NULL) {
+ if (key == NULL) {
BIO_reset(bio);
- BIO_write(bio, rsaPublicKey, pubKeyLen);
- pKey = d2i_PUBKEY_bio(bio, NULL);
+ BIO_write(bio, pubkey, pubkey_len);
+ key = d2i_PUBKEY_bio(bio, NULL);
}
- if (pKey == NULL) {
+ if (key == NULL) {
ret = WAE_ERROR_FILE;
WAE_SLOGE("Failt to convert to public key.");
goto error;
}
- ctx = EVP_PKEY_CTX_new(pKey, NULL);
+ ctx = EVP_PKEY_CTX_new(key, NULL);
if (ctx == NULL) {
WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_CTX_new failed");
}
/* Determine buffer length */
- if (EVP_PKEY_encrypt(ctx, NULL, &outLen, dek, dekLen) <= 0) {
+ if (EVP_PKEY_encrypt(ctx, NULL, &out_len, dek, dek_len) <= 0) {
WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt failed");
ret = WAE_ERROR_CRYPTO;
goto error;
}
- out = OPENSSL_malloc(outLen);
+ out = OPENSSL_malloc(out_len);
if (out == NULL) {
WAE_SLOGE("Encrypt APP DEK Failed. OPENSSL_malloc failed");
goto error;
}
- if (EVP_PKEY_encrypt(ctx, out, &outLen, dek, dekLen) <= 0) {
+ if (EVP_PKEY_encrypt(ctx, out, &out_len, dek, dek_len) <= 0) {
WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt failed");
ret = WAE_ERROR_CRYPTO;
goto error;
}
- *encryptedDek = out;
- *encryptedDekLen = outLen;
+ *pencrypted_dek = out;
+ *pencrypted_dek_len = out_len;
error:
if (bio != NULL)
BIO_free(bio);
- if (pKey != NULL)
- EVP_PKEY_free(pKey);
+ if (key != NULL)
+ EVP_PKEY_free(key);
if (ctx != NULL)
EVP_PKEY_CTX_free(ctx);
return ret;
}
-int decrypt_app_dek(const unsigned char *rsaPrivateKey, size_t priKeyLen,
- const char *priKeyPassword,
- const unsigned char *encryptedDek, size_t dencryptedDekLen,
- unsigned char **decryptedDek, size_t *decryptedDekLen)
+int decrypt_app_dek(const unsigned char *prikey, size_t prikey_len,
+ const char *prikey_pass,
+ const unsigned char *encrypted_dek, size_t encrypted_dek_len,
+ unsigned char **pdecrypted_dek, size_t *pdecrypted_dek_len)
{
int ret = WAE_ERROR_NONE;
- EVP_PKEY *pKey = NULL;
+ EVP_PKEY *key = NULL;
BIO *bio = NULL;
EVP_PKEY_CTX *ctx = NULL;
unsigned char *out = NULL;
- size_t outLen = 0;
+ size_t out_len = 0;
_initialize();
bio = BIO_new(BIO_s_mem());
- BIO_write(bio, rsaPrivateKey, priKeyLen);
- pKey = PEM_read_bio_PrivateKey(bio, NULL, NULL, (void *)priKeyPassword);
+ BIO_write(bio, prikey, prikey_len);
+ key = PEM_read_bio_PrivateKey(bio, NULL, NULL, (void *)prikey_pass);
- if (pKey == NULL) {
+ if (key == NULL) {
BIO_reset(bio);
- BIO_write(bio, rsaPrivateKey, priKeyLen);
- pKey = d2i_PrivateKey_bio(bio, NULL);
+ BIO_write(bio, prikey, prikey_len);
+ key = d2i_PrivateKey_bio(bio, NULL);
}
- if (pKey == NULL) {
+ if (key == NULL) {
ret = WAE_ERROR_FILE;
WAE_SLOGE("Failt to convert to public key.");
goto error;
}
- ctx = EVP_PKEY_CTX_new(pKey, NULL);
+ ctx = EVP_PKEY_CTX_new(key, NULL);
if (ctx == NULL) {
WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_CTX_new failed");
}
/* Determine buffer length */
- if (EVP_PKEY_decrypt(ctx, NULL, &outLen, encryptedDek, dencryptedDekLen) <= 0) {
+ if (EVP_PKEY_decrypt(ctx, NULL, &out_len, encrypted_dek, encrypted_dek_len) <= 0) {
WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_decrypt failed");
ret = WAE_ERROR_CRYPTO;
goto error;
}
- out = OPENSSL_malloc(outLen);
+ out = OPENSSL_malloc(out_len);
if (out == NULL) {
WAE_SLOGE("Decrypt APP DEK Failed. OPENSSL_malloc failed");
goto error;
}
- if (EVP_PKEY_decrypt(ctx, out, &outLen, encryptedDek, dencryptedDekLen) <= 0) {
+ if (EVP_PKEY_decrypt(ctx, out, &out_len, encrypted_dek, encrypted_dek_len) <= 0) {
WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_decrypt failed");
ret = WAE_ERROR_CRYPTO;
goto error;
}
- *decryptedDek = out;
- *decryptedDekLen = outLen;
+ *pdecrypted_dek = out;
+ *pdecrypted_dek_len = out_len;
error:
if (bio != NULL)
BIO_free(bio);
- if (pKey != NULL)
- EVP_PKEY_free(pKey);
+ if (key != NULL)
+ EVP_PKEY_free(key);
if (ctx != NULL)
EVP_PKEY_CTX_free(ctx);
}
-int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppEncryptedData, size_t *pEncDataLen)
+int encrypt_aes_cbc(const unsigned char *key, size_t key_len,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pencrypted_data, size_t *pencrypted_data_len)
{
EVP_CIPHER_CTX *ctx;
int len;
_initialize();
- WAE_SLOGI("Encryption Started. size=%d", dataLen);
+ WAE_SLOGI("Encryption Started. size=%d", data_len);
/* check input paramter */
- if (keyLen != 32) {
- WAE_SLOGE("Encryption Failed. Invalid Key Length. keyLen=%d", keyLen);
+ if (key_len != 32) {
+ WAE_SLOGE("Encryption Failed. Invalid Key Length. key_len=%d", key_len);
return WAE_ERROR_INVALID_PARAMETER;
}
// assing a enough memory for decryption.
- ciphertext = (unsigned char *) malloc(dataLen + 32);
+ ciphertext = (unsigned char *) malloc(data_len + 32);
/* Create and initialise the context */
if (!(ctx = EVP_CIPHER_CTX_new())) {
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits */
- if (1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, pKey, iv)) {
+ if (1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) {
WAE_SLOGE("Encryption Failed. EVP_EncryptInit_ex failed");
ret = WAE_ERROR_CRYPTO;
goto error;
/* Provide the message to be encrypted, and obtain the encrypted output.
* EVP_EncryptUpdate can be called multiple times if necessary
*/
- if (1 != EVP_EncryptUpdate(ctx, ciphertext, &len, pData, dataLen)) {
+ if (1 != EVP_EncryptUpdate(ctx, ciphertext, &len, data, data_len)) {
WAE_SLOGE("Encryption Failed. EVP_EncryptUpdate failed");
ret = WAE_ERROR_CRYPTO;
goto error;
ciphertext_len += len;
- *ppEncryptedData = ciphertext;
- *pEncDataLen = ciphertext_len;
+ *pencrypted_data = ciphertext;
+ *pencrypted_data_len = ciphertext_len;
ret = WAE_ERROR_NONE;
WAE_SLOGI("Encryption Ended Successfully. encrypted_len", ciphertext_len);
return ret;
}
-int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppDecryptedData, size_t *pDecDataLen)
+int decrypt_aes_cbc(const unsigned char *key, size_t key_len,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pdecrypted_data, size_t *pdecrypted_data_len)
{
EVP_CIPHER_CTX *ctx;
int len;
_initialize();
- WAE_SLOGI("Decryption Started. size=%d", dataLen);
+ WAE_SLOGI("Decryption Started. size=%d", data_len);
/* check input paramter */
- if (keyLen != 32) {
- WAE_SLOGE("Decryption Failed. Invalid Key Length. keyLen=%d", keyLen);
+ if (key_len != 32) {
+ WAE_SLOGE("Decryption Failed. Invalid Key Length. key_len=%d", key_len);
return WAE_ERROR_INVALID_PARAMETER;
}
// assing a enough memory for decryption.
- plaintext = (unsigned char *) malloc(dataLen);
+ plaintext = (unsigned char *) malloc(data_len);
/* Create and initialise the context */
if (!(ctx = EVP_CIPHER_CTX_new())) {
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits */
- if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, pKey, iv)) {
+ if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) {
WAE_SLOGE("Decryption Failed. EVP_DecryptInit_ex failed");
ret = WAE_ERROR_CRYPTO;
goto error;
/* Provide the message to be decrypted, and obtain the plaintext output.
* EVP_DecryptUpdate can be called multiple times if necessary
*/
- if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, pData, dataLen)) {
+ if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, data, data_len)) {
WAE_SLOGE("Decryption Failed. EVP_DecryptUpdate failed");
ret = WAE_ERROR_CRYPTO;
goto error;
plaintext_len += len;
- *ppDecryptedData = plaintext;
- *pDecDataLen = plaintext_len;
+ *pdecrypted_data = plaintext;
+ *pdecrypted_data_len = plaintext_len;
ret = WAE_ERROR_NONE;
WAE_SLOGI("Decryption Ended Successfully. decrypted_len", plaintext_len);
#include <stddef.h>
-int encrypt_app_dek(const unsigned char *rsaPublicKey, size_t pubKeyLen,
- const unsigned char *dek, size_t dekLen,
+int encrypt_app_dek(const unsigned char *pubkey, size_t pubkey_len,
+ const unsigned char *dek, size_t dek_len,
unsigned char **encryptedDek, size_t *encryptedDekLen);
-int decrypt_app_dek(const unsigned char *rsaPrivateKey, size_t priKeyLen,
- const char *priKeyPassword,
- const unsigned char *encryptedDek, size_t dencryptedDekLen,
- unsigned char **decryptedDek, size_t *decryptedDekLen);
+int decrypt_app_dek(const unsigned char *prikey, size_t prikey_len,
+ const char *prikey_pass,
+ const unsigned char *encrypted_dek, size_t encrypted_dek_len,
+ unsigned char **pdecrypted_dek, size_t *pdecrypted_dek_len);
-int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppEncryptedData, size_t *pEncDataLen);
+int encrypt_aes_cbc(const unsigned char *key, size_t key_len,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pencrypted_data, size_t *pencrypted_data_len);
-int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppDecryptedData, size_t *pDecDataLen);
+int decrypt_aes_cbc(const unsigned char *key, size_t key_len,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pdecrypted_data, size_t *pdecrypted_data_len);
#ifdef __cplusplus
}
#define MAX_CACHE_SIZE 100
typedef struct _dek_cache_element {
- char pkgId[MAX_PKGID_LEN];
+ char pkg_id[MAX_PKGID_LEN];
unsigned char dek[DEK_LEN];
} dek_cache_element;
void _initialize_cache()
{
NEXT_CACHE_IDX = 0;
- memset(APP_DEK_CACHE, 0, sizeof(dek_cache_element)*MAX_CACHE_SIZE);
+ memset(APP_DEK_CACHE, 0, sizeof(dek_cache_element) * MAX_CACHE_SIZE);
}
-unsigned char *_get_app_dek_from_cache(const char *pkgId)
+const unsigned char *_get_app_dek_from_cache(const char *pkg_id)
{
if (NEXT_CACHE_IDX < 0)
_initialize_cache();
- for (int i = 0; i < MAX_CACHE_SIZE; i++) {
- //WAE_SLOGI("CACHED APP_DEK[%d]=%s", i, APP_DEK_CACHE[i].pkgId);
- if (strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) &&
- strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) {
+ for (size_t i = 0; i < MAX_CACHE_SIZE; i++) {
+ //WAE_SLOGI("CACHED APP_DEK[%d]=%s", i, APP_DEK_CACHE[i].pkg_id);
+ if (strncmp(pkg_id, APP_DEK_CACHE[i].pkg_id, MAX_PKGID_LEN) == 0)
return APP_DEK_CACHE[i].dek;
- }
}
return NULL;
}
-void _add_app_dek_to_cache(const char *pkgId, unsigned char *dek)
+void _add_app_dek_to_cache(const char *pkg_id, const unsigned char *dek)
{
if (NEXT_CACHE_IDX < 0)
_initialize_cache();
// if existing one has the same pkgid
- for (int i = 0; i < MAX_CACHE_SIZE; i++) {
- if (strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) &&
- strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) {
+ for (size_t i = 0; i < MAX_CACHE_SIZE; i++) {
+ if (strncmp(pkg_id, APP_DEK_CACHE[i].pkg_id, MAX_PKGID_LEN) == 0) {
memcpy(APP_DEK_CACHE[i].dek, dek, DEK_LEN);
return;
}
}
// for new pkgid
- strncpy(APP_DEK_CACHE[NEXT_CACHE_IDX].pkgId, pkgId, strlen(pkgId));
+ strncpy(APP_DEK_CACHE[NEXT_CACHE_IDX].pkg_id, pkg_id, MAX_PKGID_LEN - 1);
memcpy(APP_DEK_CACHE[NEXT_CACHE_IDX].dek, dek, DEK_LEN);
- NEXT_CACHE_IDX++;
+ ++NEXT_CACHE_IDX;
if (NEXT_CACHE_IDX >= MAX_CACHE_SIZE)
NEXT_CACHE_IDX = 0;
}
-void _remove_app_dek_from_cache(const char *pkgId)
+void _remove_app_dek_from_cache(const char *pkg_id)
{
- for (int i = 0; i < MAX_CACHE_SIZE; i++) {
- if (strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) &&
- strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) {
- memset(APP_DEK_CACHE[i].pkgId, 0, sizeof(APP_DEK_CACHE[i].pkgId));
+ for (size_t i = 0; i < MAX_CACHE_SIZE; i++) {
+ if (strncmp(pkg_id, APP_DEK_CACHE[i].pkg_id, MAX_PKGID_LEN) == 0) {
+ memset(APP_DEK_CACHE[i].pkg_id, 0, MAX_PKGID_LEN);
return;
}
}
int _get_random(size_t length, unsigned char *random)
{
- FILE *f = NULL;
- size_t i = 0;
- int ch = 0;
+ FILE *f = fopen(RANDOM_FILE, "r");
- //read random file
- if ((f = fopen(RANDOM_FILE, "r")) != NULL) {
- while (i < length) {
- if ((ch = fgetc(f)) == EOF) {
- break;
- }
-
- random[i] = (unsigned char) ch;
- i++;
- }
+ if (f == NULL) {
+ WAE_SLOGE("Failed to open random file source: %s", RANDOM_FILE);
+ return WAE_ERROR_FILE;
}
- if (f != NULL)
- fclose(f);
+ size_t i = 0;
+ int ch = 0;
+ while (i < length && (ch = fgetc(f) != EOF))
+ random[i++] = (unsigned char)ch;
+
+ fclose(f);
return WAE_ERROR_NONE;
}
-void _get_alias(const char *pPkgId, wae_app_type_e appType, bool forSave, char *alias, size_t buff_len)
+void _get_alias(const char *pkg_id, wae_app_type_e app_type, bool forSave, char *alias, size_t buff_len)
{
- if (appType == WAE_DOWNLOADED_NORMAL_APP) {
+ if (app_type == WAE_DOWNLOADED_NORMAL_APP) {
if (forSave) {
snprintf(alias, buff_len, "%s%s",
APP_DEK_ALIAS_PFX,
- pPkgId);
+ pkg_id);
} else {
snprintf(alias, buff_len, "%c%s%s%s%s",
'/', INSTALLER_LABEL,
ckmc_owner_id_separator,
APP_DEK_ALIAS_PFX,
- pPkgId);
+ pkg_id);
}
} else { // system alias
snprintf(alias, buff_len, "%s%s%s%s",
ckmc_owner_id_system,
ckmc_owner_id_separator,
APP_DEK_ALIAS_PFX,
- pPkgId);
+ pkg_id);
}
}
return tzplatform_mkpath3(TZ_SYS_SHARE, "wae", "app_dek");
}
-int _add_dek_to_key_manager(const char *pPkgId, wae_app_type_e appType, const unsigned char *pDek, size_t len)
+int _add_dek_to_key_manager(const char *pkg_id, wae_app_type_e app_type, const unsigned char *dek, size_t dek_len)
{
int ret = WAE_ERROR_NONE;
- char alias[MAX_ALIAS_LEN] = {0,};
+ char alias[MAX_ALIAS_LEN] = {0, };
ckmc_raw_buffer_s buff;
ckmc_policy_s policy;
- buff.data = (unsigned char *)pDek;
- buff.size = len;
+ buff.data = (unsigned char *)dek;
+ buff.size = dek_len;
policy.password = NULL;
policy.extractable = true;
- // save app_dek in key_manager
- _get_alias(pPkgId, appType, true, alias, sizeof(alias));
+ _get_alias(pkg_id, app_type, true, alias, sizeof(alias));
// even if it fails to remove, ignore it.
- ret = _to_wae_error(ckmc_remove_alias(alias));
+ ckmc_remove_alias(alias);
ret = _to_wae_error(ckmc_save_data(alias, buff, policy));
-
if (ret != WAE_ERROR_NONE) {
- WAE_SLOGE("WAE: Fail to add APP_DEK to key-manager. pkgId=%s, alias=%s, ret=%d", pPkgId, alias, ret);
+ WAE_SLOGE("WAE: Fail to add APP_DEK to key-manager. pkg_id=%s, alias=%s, ret=%d", pkg_id, alias, ret);
return ret;
}
// share app_dek for web app laucher to use app_dek
- ret = _to_wae_error(ckmc_set_permission(alias, pPkgId, CKMC_PERMISSION_READ));
-
+ ret = _to_wae_error(ckmc_set_permission(alias, pkg_id, CKMC_PERMISSION_READ));
if (ret != WAE_ERROR_NONE) {
- WAE_SLOGE("WAE: Fail to set_permission to APP_DEK. pkgId=%s, ret=%d", pPkgId, ret);
+ WAE_SLOGE("WAE: Fail to set_permission to APP_DEK. pkg_id=%s, ret=%d", pkg_id, ret);
return ret;
}
- WAE_SLOGI("WAE: Success to add APP_DEK to key-manager. pkgId=%s, alias=%s", pPkgId, alias);
+ WAE_SLOGI("WAE: Success to add APP_DEK to key-manager. pkg_id=%s, alias=%s", pkg_id, alias);
return ret;
}
-int _get_preloaded_app_dek_file_path(const char *pPkgId, size_t size, char *path)
+int _get_preloaded_app_dek_file_path(const char *pkg_id, size_t size, char *path)
{
int ret = snprintf(path, size, "%s/%s_%s.adek",
- _get_dek_store_path(), APP_DEK_FILE_PFX, pPkgId);
+ _get_dek_store_path(), APP_DEK_FILE_PFX, pkg_id);
if (ret < 0)
return WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */
return WAE_ERROR_NONE;
}
-int _extract_pkg_id_from_file_name(const char *fileName, char *pkgId)
+int _extract_pkg_id_from_file_name(const char *file_name, char *pkg_id)
{
- char *start = strstr(fileName, APP_DEK_FILE_PFX);
+ char *start = strstr(file_name, APP_DEK_FILE_PFX);
if (start == NULL) {
- WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. fileName=%s", fileName);
+ WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. file_name=%s", file_name);
return WAE_ERROR_FILE;
}
start = start + strlen(APP_DEK_FILE_PFX) + 1;
- char *end = strstr(fileName, ".adek");
+ char *end = strstr(file_name, ".adek");
if (start == NULL) {
- WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. fileName=%s", fileName);
+ WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. file_name=%s", file_name);
return WAE_ERROR_FILE;
}
- strncpy(pkgId, start, end - start);
- pkgId[end - start] = 0; //terminate string
+ strncpy(pkg_id, start, end - start);
+ pkg_id[end - start] = 0; //terminate string
return WAE_ERROR_NONE;
}
-int _read_encrypted_app_dek_from_file(const char *pPkgId, unsigned char **encrypted_app_dek, size_t *len)
+int _read_encrypted_app_dek_from_file(const char *pkg_id, unsigned char **pencrypted_app_dek, size_t *pencrypted_app_dek_len)
{
char path[MAX_PATH_LEN] = {0,};
- _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path);
- return _read_from_file(path, encrypted_app_dek, len);
+ _get_preloaded_app_dek_file_path(pkg_id, sizeof(path), path);
+ return _read_from_file(path, pencrypted_app_dek, pencrypted_app_dek_len);
}
-int _write_encrypted_app_dek_to_file(const char *pPkgId, const unsigned char *encrypted_app_dek, size_t len)
+int _write_encrypted_app_dek_to_file(const char *pkg_id, const unsigned char *encrypted_app_dek, size_t encrypted_app_dek_len)
{
char path[MAX_PATH_LEN] = {0,};
- _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path);
- return _write_to_file(path, encrypted_app_dek, len);
+ _get_preloaded_app_dek_file_path(pkg_id, sizeof(path), path);
+ return _write_to_file(path, encrypted_app_dek, encrypted_app_dek_len);
}
-int _read_from_file(const char *path, unsigned char **data, size_t *len)
+int _read_from_file(const char *path, unsigned char **pdata, size_t *pdata_len)
{
int ret = WAE_ERROR_NONE;
- int file_len = -1;
unsigned char *file_contents = NULL;
int ch = 0;
int i = 0;
}
fseek(f, 0, SEEK_END); // move to the end of a file
- file_len = ftell(f);
+ int file_len = ftell(f);
if (file_len <= 0) {
WAE_SLOGE("WAE: Failed to get file size by ftell. ret: %d", file_len);
fseek(f, 0, SEEK_SET); // move to the start of a file
- file_contents = (unsigned char *) malloc(file_len);
+ file_contents = (unsigned char *)malloc(file_len);
if (file_contents == NULL) {
WAE_SLOGE("WAE: Fail to allocate memory for encrypted_app_dek");
memset(file_contents, 0x00, file_len);
- while ((ch = fgetc(f)) != EOF) {
+ while ((ch = fgetc(f)) != EOF)
file_contents[i++] = (char)ch;
- }
- *data = file_contents;
- *len = file_len;
+ *pdata = file_contents;
+ *pdata_len = file_len;
error:
- if (f != NULL)
- fclose(f);
+ fclose(f);
- if (ret != WAE_ERROR_NONE && file_contents != NULL)
+ if (ret != WAE_ERROR_NONE)
free(file_contents);
return ret;
}
-int _write_to_file(const char *path, const unsigned char *data, size_t len)
+int _write_to_file(const char *path, const unsigned char *data, size_t data_len)
{
- int ret = WAE_ERROR_NONE;
-
- int write_len = -1;
-
FILE *f = fopen(path, "w");
if (f == NULL) {
return WAE_ERROR_FILE;
}
- write_len = fwrite(data, 1, len, f);
+ int write_len = fwrite(data, 1, data_len, f);
+
+ fclose(f);
- if (write_len != (int) len) {
+ if (write_len != (int)data_len) {
WAE_SLOGE("WAE: Fail to write a file. file=%s", path);
- ret = WAE_ERROR_FILE;
- goto error;
+ return WAE_ERROR_FILE;
}
-error:
- if (f != NULL)
- fclose(f);
-
- return ret;
+ return WAE_ERROR_NONE;
}
-int get_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen)
+int get_app_dek(const char *pkg_id, wae_app_type_e app_type, unsigned char **pdek, size_t *pdek_len)
{
int ret = WAE_ERROR_NONE;
- char *password = NULL;
- ckmc_raw_buffer_s *pDekBuffer = NULL;
- char alias[MAX_ALIAS_LEN] = {0,};
- unsigned char *pDek = NULL;
+ ckmc_raw_buffer_s *dek_buffer = NULL;
+ char alias[MAX_ALIAS_LEN] = {0, };
- unsigned char *cached_dek = _get_app_dek_from_cache(pPkgId);
+ const unsigned char *cached_dek = _get_app_dek_from_cache(pkg_id);
if (cached_dek == NULL) {
// get APP_DEK from system database
- _get_alias(pPkgId, appType, false, alias, sizeof(alias));
+ _get_alias(pkg_id, app_type, false, alias, sizeof(alias));
- ret = _to_wae_error(ckmc_get_data(alias, password, &pDekBuffer));
+ ret = _to_wae_error(ckmc_get_data(alias, NULL, &dek_buffer));
if (ret != WAE_ERROR_NONE) {
- WAE_SLOGE("WAE: Fail to get APP_DEK from key-manager. pkgId=%s, alias=%s, ret=%d",
- pPkgId, alias, ret);
+ WAE_SLOGE("Failed to get APP_DEK from key-manager. pkg_id=%s, alias=%s, ret=%d",
+ pkg_id, alias, ret);
+ goto error;
+ } else if (dek_buffer == NULL || dek_buffer->data == NULL) {
+ WAE_SLOGE("key-manager success but buffer is null for getting dek of pkg_id=%s",
+ pkg_id);
+ ret = WAE_ERROR_KEY_MANAGER;
+ goto error;
+ } else if (dek_buffer->size != DEK_LEN) {
+ WAE_SLOGE("DEK's length which has been saved in key-manager is not valid!");
+ ret = WAE_ERROR_KEY_MANAGER;
goto error;
}
+
+ WAE_SLOGD("Successfully get dek from key-manager for pkgid=%s", pkg_id);
+ cached_dek = dek_buffer->data;
}
- pDek = (unsigned char *)malloc(DEK_LEN);
+ unsigned char *dek = (unsigned char *)malloc(DEK_LEN);
- if (pDek == NULL) {
+ if (dek == NULL) {
WAE_SLOGE("Fail to allocate a memory");
ret = WAE_ERROR_MEMORY;
goto error;
}
- memcpy(pDek, (cached_dek != NULL) ? cached_dek : pDekBuffer->data, DEK_LEN);
+ memcpy(dek, cached_dek, DEK_LEN);
+
+ *pdek = dek;
+ *pdek_len = DEK_LEN;
- *ppDek = pDek;
- *dekLen = DEK_LEN;
- WAE_SLOGI("WAE: Success to get APP_DEK from key-manager. pkgId=%s, alias=%s", pPkgId, alias);
+ WAE_SLOGI("WAE: Success to get APP_DEK from key-manager. pkg_id=%s, alias=%s",
+ pkg_id, alias);
error:
- if (pDekBuffer != NULL)
- ckmc_buffer_free(pDekBuffer);
+ ckmc_buffer_free(dek_buffer);
- if (ret != WAE_ERROR_NONE && pDek != NULL)
- free(pDek);
+ if (ret != WAE_ERROR_NONE)
+ free(dek);
return ret;
}
-int create_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen)
+int create_app_dek(const char *pkg_id, wae_app_type_e app_type, unsigned char **pdek, size_t *pdek_len)
{
- unsigned char *dek = (unsigned char *) malloc(DEK_LEN);
+ unsigned char *dek = (unsigned char *)malloc(DEK_LEN);
if (dek == NULL)
return WAE_ERROR_MEMORY;
int ret = _get_random(DEK_LEN, dek);
if (ret != WAE_ERROR_NONE) {
- WAE_SLOGE("WAE: Fail to get random for APP_DEK. pkgId=%s, ret=%d", pPkgId, ret);
+ WAE_SLOGE("WAE: Fail to get random for APP_DEK. pkg_id=%s, ret=%d", pkg_id, ret);
goto error;
}
// save app_dek in key_manager
- ret = _add_dek_to_key_manager(pPkgId, appType, dek, DEK_LEN);
+ ret = _add_dek_to_key_manager(pkg_id, app_type, dek, DEK_LEN);
if (ret != WAE_ERROR_NONE) {
goto error;
}
// store APP_DEK in cache
- _add_app_dek_to_cache(pPkgId, dek);
+ _add_app_dek_to_cache(pkg_id, dek);
- *ppDek = dek;
- *dekLen = DEK_LEN;
+ *pdek = dek;
+ *pdek_len = DEK_LEN;
- WAE_SLOGI("WAE: Success to create APP_DEK and store it in key-manager. pkgId=%s", pPkgId);
+ WAE_SLOGI("WAE: Success to create APP_DEK and store it in key-manager. pkg_id=%s", pkg_id);
+
+ return WAE_ERROR_NONE;
error:
- if (ret != WAE_ERROR_NONE && dek != NULL)
- free(dek);
+ free(dek);
return ret;
}
-int get_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen)
+int get_preloaded_app_dek(const char *pkg_id, unsigned char **pdek, size_t *pdek_len)
{
- int ret = WAE_ERROR_NONE;
-
- unsigned char *cached_dek = _get_app_dek_from_cache(pPkgId);
+ const unsigned char *cached_dek = _get_app_dek_from_cache(pkg_id);
if (cached_dek == NULL) {
WAE_SLOGE("WAE: Fail to get APP_DEK from cache for preloaded app");
return WAE_ERROR_NO_KEY;
}
- unsigned char *dek = (unsigned char *) malloc(DEK_LEN);
+ unsigned char *dek = (unsigned char *)malloc(DEK_LEN);
if (dek == NULL) {
WAE_SLOGE("WAE: Fail to allocate memory for preloaded app dek");
- ret = WAE_ERROR_MEMORY;
- goto error;
+ return WAE_ERROR_MEMORY;
}
memcpy(dek, cached_dek, DEK_LEN);
- *ppDek = dek;
- *dekLen = DEK_LEN;
-
-error:
- if (ret != WAE_ERROR_NONE && dek != NULL)
- free(dek);
+ *pdek = dek;
+ *pdek_len = DEK_LEN;
- return ret;
+ return WAE_ERROR_NONE;
}
-int create_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen)
+int create_preloaded_app_dek(const char *pkg_id, unsigned char **pdek, size_t *pdek_len)
{
unsigned char *encrypted_app_dek = NULL;
size_t encrypted_app_dek_len = 0;
- unsigned char *pubKey = NULL;
- size_t pubKeyLen = 0;
+ unsigned char *pubkey = NULL;
+ size_t pubkey_len = 0;
// create APP_DEK
unsigned char *dek = (unsigned char *)malloc(DEK_LEN);
goto error;
// encrypt APP_DEK with APP_DEK_KEK
- ret = _read_from_file(_get_dek_kek_pub_key_path(), &pubKey, &pubKeyLen);
+ ret = _read_from_file(_get_dek_kek_pub_key_path(), &pubkey, &pubkey_len);
if (ret != WAE_ERROR_NONE) {
WAE_SLOGE("WAE: Fail to read APP_DEK_KEK Public Key");
goto error;
}
- ret = encrypt_app_dek(pubKey, pubKeyLen, dek, DEK_LEN, &encrypted_app_dek, &encrypted_app_dek_len);
+ ret = encrypt_app_dek(pubkey, pubkey_len, dek, DEK_LEN, &encrypted_app_dek, &encrypted_app_dek_len);
if (ret != WAE_ERROR_NONE) {
WAE_SLOGE("WAE: Fail to encrypt APP_DEK with APP_DEK_KEK");
}
// write APP_DEK in a file
- ret = _write_encrypted_app_dek_to_file(pPkgId, encrypted_app_dek, encrypted_app_dek_len);
+ ret = _write_encrypted_app_dek_to_file(pkg_id, encrypted_app_dek, encrypted_app_dek_len);
if (ret != WAE_ERROR_NONE) {
- WAE_SLOGE("WAE: Fail to write encrypted APP_DEK. pkgId=%s", pPkgId);
+ WAE_SLOGE("WAE: Fail to write encrypted APP_DEK. pkg_id=%s", pkg_id);
goto error;
}
// store APP_DEK in cache
- _add_app_dek_to_cache(pPkgId, dek);
+ _add_app_dek_to_cache(pkg_id, dek);
- *ppDek = dek;
- *dekLen = DEK_LEN;
- WAE_SLOGI("WAE: Success to create preleaded APP_DEK and write it in initail value file. pkgId=%s", pPkgId);
+ *pdek = dek;
+ *pdek_len = DEK_LEN;
+ WAE_SLOGI("WAE: Success to create preleaded APP_DEK and write it in initail value file. pkg_id=%s", pkg_id);
error:
- if (pubKey != NULL)
- free(pubKey);
+ free(pubkey);
+ free(encrypted_app_dek);
- if (encrypted_app_dek != NULL)
- free(encrypted_app_dek);
-
- if (ret != WAE_ERROR_NONE && dek != NULL)
+ if (ret != WAE_ERROR_NONE)
free(dek);
return ret;
}
-int _get_app_dek_kek(unsigned char **ppDekKek, size_t *kekLen)
+int _get_app_dek_kek(unsigned char **pdek_kek, size_t *pdek_kek_len)
{
- int ret = _read_from_file(_get_dek_kek_pri_key_path(), ppDekKek, kekLen);
+ int ret = _read_from_file(_get_dek_kek_pri_key_path(), pdek_kek, pdek_kek_len);
if (ret != WAE_ERROR_NONE) {
WAE_SLOGE("WAE: Fail to read APP_DEK_KEK Private Key");
return ret;
}
- /*
- char* password = NULL;
- ckmc_raw_buffer_s *pKekBuffer = NULL;
- unsigned char* pKek = NULL;
-
- char dek_kek_alias[MAX_ALIAS_LEN] = {0, };
- _get_dek_kek_alias(dek_kek_alias, sizeof(dek_kek_alias));
-
- ret = _to_wae_error(ckmc_get_data(dek_kek_alias, password, &pKekBuffer));
- if(ret != WAE_ERROR_NONE) {
- WAE_SLOGE("Fail to get APP_DEK_KEK from key-manager. alias=%s, ret=%d", APP_DEK_KEK_ALIAS, ret);
- goto error;
- }
-
- pKek = (unsigned char*) malloc(pKekBuffer->size);
- if(pKek == NULL) {
- WAE_SLOGE("Fail to allocate a memory");
- ret = WAE_ERROR_MEMORY;
- goto error;
- }
- memcpy(pKek, pKekBuffer->data, pKekBuffer->size);
-
- *ppDekKek = pKek;
- *kekLen = pKekBuffer->size;
- WAE_SLOGI("Success to get APP_DEK_KEK from key-manager.");
- error:
- if(pKekBuffer != NULL)
- ckmc_buffer_free(pKekBuffer);
- if(ret != WAE_ERROR_NONE && pKek != NULL)
- free(pKek);
- */
+#if 0
+ ckmc_raw_buffer_s *kek_buffer = NULL;
+ unsigned char* kek = NULL;
+
+ char dek_kek_alias[MAX_ALIAS_LEN] = {0, };
+ _get_dek_kek_alias(dek_kek_alias, sizeof(dek_kek_alias));
+
+ ret = _to_wae_error(ckmc_get_data(dek_kek_alias, NULL, &kek_buffer));
+ if (ret != WAE_ERROR_NONE) {
+ WAE_SLOGE("Fail to get APP_DEK_KEK from key-manager. alias=%s, ret=%d",
+ APP_DEK_KEK_ALIAS, ret);
+ goto error;
+ }
+
+ kek = (unsigned char *)malloc(kek_buffer->size);
+ if(kek == NULL) {
+ WAE_SLOGE("Fail to allocate a memory");
+ ret = WAE_ERROR_MEMORY;
+ goto error;
+ }
+ memcpy(kek, kek_buffer->data, kek_buffer->size);
+
+ *pdek_kek = kek;
+ *pdek_kek_len = kek_buffer->size;
+ WAE_SLOGI("Success to get APP_DEK_KEK from key-manager.");
+
+error:
+ ckmc_buffer_free(kek_buffer);
+ free(kek);
+#endif
+
return ret;
}
char loading_done_alias[MAX_ALIAS_LEN] = {0, };
_get_dek_loading_done_alias(loading_done_alias, sizeof(loading_done_alias));
- ckmc_raw_buffer_s *pBuffer = NULL;
- int ret = _to_wae_error(ckmc_get_data(loading_done_alias, NULL, &pBuffer));
+ ckmc_raw_buffer_s *buffer = NULL;
+ int ret = _to_wae_error(ckmc_get_data(loading_done_alias, NULL, &buffer));
if (ret == WAE_ERROR_NO_KEY)
WAE_SLOGI("WAE: APP_DEK_LOADING was not done");
else
WAE_SLOGE("WAE: Fail to get information from key-manager about APP_DEK_LOADING_DONE_ALIAS. ret=%d", ret);
- if (pBuffer != NULL)
- ckmc_buffer_free(pBuffer);
+ ckmc_buffer_free(buffer);
return ret;
}
{
ckmc_raw_buffer_s buff;
ckmc_policy_s policy;
- unsigned char dummyData[1] = {0};
+ unsigned char dummy_data[1] = {0};
- buff.data = dummyData;
- buff.size = sizeof(dummyData);
+ buff.data = dummy_data;
+ buff.size = sizeof(dummy_data);
policy.password = NULL;
policy.extractable = true;
{
int ret = WAE_ERROR_NONE;
- char pkgId[MAX_PKGID_LEN] = {0, };
+ char pkg_id[MAX_PKGID_LEN] = {0, };
- DIR *dir = NULL;
- struct dirent entry;
- struct dirent *result;
- int error;
char file_path_buff[MAX_PATH_LEN];
unsigned char *encrypted_app_dek = NULL;
size_t encrypted_app_dek_len = 0;
unsigned char *app_dek = NULL;
size_t app_dek_len = 0;
- unsigned char *priKey = NULL;
- size_t priKeyLen = 0;
+ unsigned char *prikey = NULL;
+ size_t prikey_len = 0;
int error_during_loading = 0;
return ret;
}
- ret = _get_app_dek_kek(&priKey, &priKeyLen);
+ ret = _get_app_dek_kek(&prikey, &prikey_len);
if (ret != WAE_ERROR_NONE) {
WAE_SLOGE("Fail to get APP_DEK_KEK Private Key");
return ret;
}
- dir = opendir(_get_dek_store_path());
+ DIR *dir = opendir(_get_dek_store_path());
if (dir == NULL) {
WAE_SLOGE("Fail to open dir. dir=%s", _get_dek_store_path());
- ret = WAE_ERROR_FILE;
- goto error;
+ return WAE_ERROR_FILE;
}
+ struct dirent entry;
+ struct dirent *result = NULL;
+
while (true) {
- error = readdir_r(dir, &entry, &result);
+ int error = readdir_r(dir, &entry, &result);
if (error != 0) {
ret = WAE_ERROR_FILE;
break;
// regular file && start with KEY_MANAGER_INITIAL_VALUE_FILE_PFX
- if (entry.d_type == DT_REG && strstr(entry.d_name, APP_DEK_FILE_PFX) != NULL) {
- memset(file_path_buff, 0, sizeof(file_path_buff));
- ret = snprintf(file_path_buff, sizeof(file_path_buff), "%s/%s",
- _get_dek_store_path(), entry.d_name);
-
- if (ret < 0) {
- WAE_SLOGE("Failed to make file path by snprintf.");
- ret = WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */
- goto error;
- }
-
- ret = _extract_pkg_id_from_file_name(entry.d_name, pkgId);
-
- if (ret != WAE_ERROR_NONE) {
- WAE_SLOGW("Fail to extract pkgid from file. It will be ignored. file=%s", file_path_buff);
- continue;
- }
-
- ret = _read_from_file(file_path_buff, &encrypted_app_dek, &encrypted_app_dek_len);
-
- if (ret != WAE_ERROR_NONE || encrypted_app_dek == NULL) {
- error_during_loading++;
- WAE_SLOGW("Fail to read file. It will be ignored. file=%s", file_path_buff);
- continue;
- }
-
- ret = decrypt_app_dek(priKey, priKeyLen, APP_DEK_KEK_PRIKEY_PASSWORD,
- encrypted_app_dek, encrypted_app_dek_len,
- &app_dek, &app_dek_len);
-
- if (ret != WAE_ERROR_NONE || app_dek == NULL) {
- error_during_loading++;
- WAE_SLOGW("Fail to decrypt APP DEK. It will be ignored. file=%s", file_path_buff);
- continue;
- }
-
- // save app_dek in key_manager
- ret = _add_dek_to_key_manager(pkgId, WAE_PRELOADED_APP, app_dek, app_dek_len);
- // free temp objects
- free(app_dek);
- free(encrypted_app_dek);
- app_dek = NULL;
- encrypted_app_dek = NULL;
-
- if (ret == WAE_ERROR_KEY_EXISTS) {
- WAE_SLOGI("Key Manager already has APP_DEK. It will be ignored. file=%s", file_path_buff);
- continue;
- } else if (ret != WAE_ERROR_NONE) {
- error_during_loading++;
- WAE_SLOGW("Fail to add APP DEK to key-manager. file=%s", file_path_buff);
- continue;
- }
+ if (entry.d_type != DT_REG || strstr(entry.d_name, APP_DEK_FILE_PFX) == NULL)
+ continue;
+
+ memset(file_path_buff, 0, sizeof(file_path_buff));
+ ret = snprintf(file_path_buff, sizeof(file_path_buff), "%s/%s",
+ _get_dek_store_path(), entry.d_name);
+
+ if (ret < 0) {
+ WAE_SLOGE("Failed to make file path by snprintf.");
+ ret = WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */
+ goto error;
+ }
+
+ ret = _extract_pkg_id_from_file_name(entry.d_name, pkg_id);
+
+ if (ret != WAE_ERROR_NONE) {
+ WAE_SLOGW("Fail to extract pkgid from file. It will be ignored. file=%s", file_path_buff);
+ continue;
+ }
+
+ ret = _read_from_file(file_path_buff, &encrypted_app_dek, &encrypted_app_dek_len);
+
+ if (ret != WAE_ERROR_NONE || encrypted_app_dek == NULL) {
+ error_during_loading++;
+ WAE_SLOGW("Fail to read file. It will be ignored. file=%s", file_path_buff);
+ continue;
+ }
+
+ ret = decrypt_app_dek(prikey, prikey_len, APP_DEK_KEK_PRIKEY_PASSWORD,
+ encrypted_app_dek, encrypted_app_dek_len,
+ &app_dek, &app_dek_len);
+
+ if (ret != WAE_ERROR_NONE || app_dek == NULL) {
+ error_during_loading++;
+ WAE_SLOGW("Fail to decrypt APP DEK. It will be ignored. file=%s", file_path_buff);
+ continue;
+ }
+
+ // save app_dek in key_manager
+ ret = _add_dek_to_key_manager(pkg_id, WAE_PRELOADED_APP, app_dek, app_dek_len);
+ // free temp objects
+ free(app_dek);
+ free(encrypted_app_dek);
+ app_dek = NULL;
+ encrypted_app_dek = NULL;
+
+ if (ret == WAE_ERROR_KEY_EXISTS) {
+ WAE_SLOGI("Key Manager already has APP_DEK. It will be ignored. file=%s", file_path_buff);
+ } else if (ret != WAE_ERROR_NONE) {
+ error_during_loading++;
+ WAE_SLOGW("Fail to add APP DEK to key-manager. file=%s", file_path_buff);
}
}
}
error:
- if (priKey != NULL)
- free(priKey);
+ free(prikey);
+ closedir(dir);
return ret;
}
-int remove_app_dek(const char *pPkgId, wae_app_type_e appType)
+int remove_app_dek(const char *pkg_id, wae_app_type_e app_type)
{
char alias[MAX_ALIAS_LEN] = {0,};
- _get_alias(pPkgId, appType, true, alias, sizeof(alias));
+ _get_alias(pkg_id, app_type, true, alias, sizeof(alias));
int ret = _to_wae_error(ckmc_remove_alias(alias));
if (ret != WAE_ERROR_NONE) {
- WAE_SLOGE("Fail to remove APP_DEK from key-manager. pkgId=%s, alias=%s, ret=%d", pPkgId, alias, ret);
+ WAE_SLOGE("Fail to remove APP_DEK from key-manager. pkg_id=%s, alias=%s, ret=%d", pkg_id, alias, ret);
return ret;
}
- _remove_app_dek_from_cache(pPkgId);
- WAE_SLOGI("Success to remove APP_DEK from key-manager. pkgId=%s", pPkgId);
+ _remove_app_dek_from_cache(pkg_id);
+ WAE_SLOGI("Success to remove APP_DEK from key-manager. pkg_id=%s", pkg_id);
return WAE_ERROR_NONE;
}
/* functions with "_" prefix are internal static functions but declared here for testing */
void _initialize_cache();
-unsigned char *_get_app_dek_from_cache(const char *pkgId);
-void _add_app_dek_to_cache(const char *pkgId, unsigned char *dek);
-void _remove_app_dek_from_cache(const char *pkgId);
+const unsigned char *_get_app_dek_from_cache(const char *pkg_id);
+void _add_app_dek_to_cache(const char *pkg_id, const unsigned char *dek);
+void _remove_app_dek_from_cache(const char *pkg_id);
int _get_random(size_t length, unsigned char *random);
-void _get_alias(const char *pPkgId, wae_app_type_e appType, bool forSave, char *alias, size_t buff_len);
+void _get_alias(const char *pkg_id, wae_app_type_e app_type, bool forSave, char *alias, size_t buff_len);
void _get_dek_kek_alias(char *alias, size_t buff_len);
void _get_dek_loading_done_alias(char *alias, size_t buff_len);
const char *_get_dek_kek_pub_key_path();
const char *_get_dek_kek_pri_key_path();
const char *_get_dek_store_path();
-int _add_dek_to_key_manager(const char *pPkgId, wae_app_type_e appType, const unsigned char *pDek, size_t len);
-int _get_preloaded_app_dek_file_path(const char *pPkgId, size_t size, char *path);
-int _extract_pkg_id_from_file_name(const char *fileName, char *pkgId);
-int _read_encrypted_app_dek_from_file(const char *pPkgId, unsigned char **encrypted_app_dek, size_t *len);
-int _write_encrypted_app_dek_to_file(const char *pPkgId, const unsigned char *encrypted_app_dek, size_t len);
-int _read_from_file(const char *path, unsigned char **data, size_t *len);
-int _write_to_file(const char *path, const unsigned char *data, size_t len);
+int _add_dek_to_key_manager(const char *pkg_id, wae_app_type_e app_type, const unsigned char *dek, size_t dek_len);
+int _get_preloaded_app_dek_file_path(const char *pkg_id, size_t size, char *path);
+int _extract_pkg_id_from_file_name(const char *file_name, char *pkg_id);
+int _read_encrypted_app_dek_from_file(const char *pkg_id, unsigned char **pencrypted_app_dek, size_t *pencrypted_app_dek_len);
+int _write_encrypted_app_dek_to_file(const char *pkg_id, const unsigned char *encrypted_app_dek, size_t encrypted_app_dek_len);
+int _read_from_file(const char *path, unsigned char **pdata, size_t *pdata_len);
+int _write_to_file(const char *path, const unsigned char *data, size_t data_len);
int _get_app_deks_loaded();
int _set_app_deks_loaded();
int _clear_app_deks_loaded();
/* functions for interface */
-int get_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen);
-int create_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen);
-int get_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen);
-int create_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen);
+int get_app_dek(const char *pkg_id, wae_app_type_e app_type, unsigned char **pdek, size_t *pdek_len);
+int create_app_dek(const char *pkg_id, wae_app_type_e app_type, unsigned char **pdek, size_t *pdek_len);
+int get_preloaded_app_dek(const char *pkg_id, unsigned char **pdek, size_t *pdek_len);
+int create_preloaded_app_dek(const char *pkg_id, unsigned char **pdek, size_t *pdek_len);
int load_preloaded_app_deks(bool reload);
-int remove_app_dek(const char *pPkgId, wae_app_type_e appType);
+int remove_app_dek(const char *pkg_id, wae_app_type_e app_type);
#ifdef __cplusplus
}
#include "web_app_enc.h"
#include "wae_log.h"
-#include <stdio.h>
-
int main(int argc, char *argv[])
{
- int ret = WAE_ERROR_NONE;
bool reload = false;
- if (argc == 2 && strcmp(argv[1], "--reload") == 0) {
+ if (argc == 2 && strcmp(argv[1], "--reload") == 0)
reload = true;
- }
- ret = load_preloaded_app_deks(reload);
+ int ret = load_preloaded_app_deks(reload);
if (ret == WAE_ERROR_NONE) {
- printf("WAE INITIALIZER was finished successfully.\n");
WAE_SLOGI("WAE INITIALIZER was finished successfully.");
return 0;
} else {
- printf("WAE INITIALIZER was finished with error. ret=%d\n", ret);
WAE_SLOGE("WAE INITIALIZER was finished with error. ret=%d", ret);
return -1;
}
#include "web_app_enc.h"
#include <stdlib.h>
-#include <stdio.h>
#include "key_handler.h"
#include "crypto_service.h"
#include "wae_log.h"
-int _wae_encrypt_downloaded_web_application(const char *pPkgId, wae_app_type_e appType,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppEncryptedData, size_t *pEncDataLen)
+int _wae_encrypt_downloaded_web_application(
+ const char *pkg_id, wae_app_type_e app_type,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pencrypted_data, size_t *pencrypted_data_len)
{
- int ret = WAE_ERROR_NONE;
- unsigned char *pDek = NULL;
- size_t dekLen = -1;
-
- if (pPkgId == NULL) {
- WAE_SLOGE("Invalid Parameter. pPkgId is NULL");
- ret = WAE_ERROR_INVALID_PARAMETER;
- goto error;
- }
-
- if (pData == NULL || dataLen <= 0) {
- WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen);
- ret = WAE_ERROR_INVALID_PARAMETER;
- goto error;
- }
-
- if (ppEncryptedData == NULL || pEncDataLen == NULL) {
- WAE_SLOGE("Invalid Parameter. ppEncryptedData or pEncDataLen is NULL");
- ret = WAE_ERROR_INVALID_PARAMETER;
- goto error;
- }
+ if (pkg_id == NULL || data == NULL || data_len == 0 || pencrypted_data == NULL ||
+ pencrypted_data_len == NULL)
+ return WAE_ERROR_INVALID_PARAMETER;
// get APP_DEK.
// if not exists, create APP_DEK
- ret = get_app_dek(pPkgId, appType, &pDek, &dekLen);
+ unsigned char *dek = NULL;
+ size_t dek_len = -1;
+ int ret = get_app_dek(pkg_id, app_type, &dek, &dek_len);
- if (ret == WAE_ERROR_NO_KEY) {
- ret = create_app_dek(pPkgId, appType, &pDek, &dekLen);
- }
+ if (ret == WAE_ERROR_NO_KEY)
+ ret = create_app_dek(pkg_id, app_type, &dek, &dek_len);
- if (ret != WAE_ERROR_NONE) {
+ if (ret != WAE_ERROR_NONE)
goto error;
- }
// encrypt
- ret = encrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppEncryptedData, pEncDataLen);
-
- if (ret != WAE_ERROR_NONE) {
- goto error;
- }
+ ret = encrypt_aes_cbc(dek, dek_len, data, data_len, pencrypted_data, pencrypted_data_len);
error:
- if (pDek != NULL)
- free(pDek);
+ free(dek);
return ret;
}
-int _wae_decrypt_downloaded_web_application(const char *pPkgId, wae_app_type_e appType,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppDecryptedData, size_t *pDecDataLen)
+int _wae_decrypt_downloaded_web_application(const char *pkg_id, wae_app_type_e app_type,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pdecrypted_data, size_t *pdecrypted_data_len)
{
- int ret = WAE_ERROR_NONE;
- unsigned char *pDek = NULL;
- size_t dekLen = -1;
- if (pPkgId == NULL) {
- WAE_SLOGE("Invalid Parameter. pPkgId is NULL");
- ret = WAE_ERROR_INVALID_PARAMETER;
- goto error;
- }
-
- if (pData == NULL || dataLen <= 0) {
- WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen);
- ret = WAE_ERROR_INVALID_PARAMETER;
- goto error;
- }
-
- if (ppDecryptedData == NULL || pDecDataLen == NULL) {
- WAE_SLOGE("Invalid Parameter. ppDecryptedData or pDecDataLen is NULL");
- ret = WAE_ERROR_INVALID_PARAMETER;
- goto error;
- }
+ if (pkg_id == NULL || data == NULL || data_len == 0 || pdecrypted_data == NULL ||
+ pdecrypted_data_len == NULL)
+ return WAE_ERROR_INVALID_PARAMETER;
- ret = get_app_dek(pPkgId, appType, &pDek, &dekLen);
+ unsigned char *dek = NULL;
+ size_t dek_len = -1;
+ int ret = get_app_dek(pkg_id, app_type, &dek, &dek_len);
- if (ret != WAE_ERROR_NONE) {
+ if (ret != WAE_ERROR_NONE)
goto error;
- }
// decrypt
- ret = decrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppDecryptedData, pDecDataLen);
-
- if (ret != WAE_ERROR_NONE) {
- goto error;
- }
+ ret = decrypt_aes_cbc(dek, dek_len, data, data_len, pdecrypted_data, pdecrypted_data_len);
error:
- if (pDek != NULL)
- free(pDek);
+ free(dek);
return ret;
}
-int _wae_encrypt_preloaded_web_application(const char *pPkgId,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppEncryptedData, size_t *pEncDataLen)
+int _wae_encrypt_preloaded_web_application(const char *pkg_id,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pencrypted_data, size_t *pencrypted_data_len)
{
+ if (pkg_id == NULL || data == NULL || data_len == 0 || pencrypted_data == NULL ||
+ pencrypted_data_len == NULL)
+ return WAE_ERROR_INVALID_PARAMETER;
- int ret = WAE_ERROR_NONE;
- unsigned char *pDek = NULL;
- size_t dekLen = -1;
+ unsigned char *dek = NULL;
+ size_t dek_len = -1;
+ int ret = get_preloaded_app_dek(pkg_id, &dek, &dek_len);
- if (pPkgId == NULL) {
- WAE_SLOGE("Invalid Parameter. pPkgId is NULL");
- ret = WAE_ERROR_INVALID_PARAMETER;
- goto error;
- }
+ if (ret == WAE_ERROR_NO_KEY)
+ ret = create_preloaded_app_dek(pkg_id, &dek, &dek_len);
- if (pData == NULL || dataLen <= 0) {
- WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen);
- ret = WAE_ERROR_INVALID_PARAMETER;
+ if (ret != WAE_ERROR_NONE)
goto error;
- }
-
- if (ppEncryptedData == NULL || pEncDataLen == NULL) {
- WAE_SLOGE("Invalid Parameter. ppEncryptedData or pEncDataLen is NULL");
- ret = WAE_ERROR_INVALID_PARAMETER;
- goto error;
- }
-
- ret = get_preloaded_app_dek(pPkgId, &pDek, &dekLen);
-
- if (ret == WAE_ERROR_NO_KEY) {
- ret = create_preloaded_app_dek(pPkgId, &pDek, &dekLen);
- }
-
- if (ret != WAE_ERROR_NONE) {
- goto error;
- }
// encrypt
- ret = encrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppEncryptedData, pEncDataLen);
-
- if (ret != WAE_ERROR_NONE) {
- goto error;
- }
+ ret = encrypt_aes_cbc(dek, dek_len, data, data_len, pencrypted_data, pencrypted_data_len);
error:
- if (pDek != NULL)
- free(pDek);
+ free(dek);
return ret;
}
-int _wae_decrypt_preloaded_web_application(const char *pPkgId, wae_app_type_e appType,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppDecryptedData, size_t *pDecDataLen)
+int _wae_decrypt_preloaded_web_application(const char *pkg_id, wae_app_type_e app_type,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pdecrypted_data, size_t *pdecrypted_data_len)
{
// same with the decryption of downloaded web application
- return _wae_decrypt_downloaded_web_application(pPkgId, appType,
- pData, dataLen, ppDecryptedData, pDecDataLen);
+ return _wae_decrypt_downloaded_web_application(pkg_id, app_type,
+ data, data_len, pdecrypted_data, pdecrypted_data_len);
}
-int wae_encrypt_web_application(const char *pPkgId, wae_app_type_e appType,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppEncryptedData, size_t *pEncDataLen)
+int wae_encrypt_web_application(const char *pkg_id, wae_app_type_e app_type,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pencrypted_data, size_t *pencrypted_data_len)
{
- int ret = WAE_ERROR_NONE;
-
- if (appType == WAE_PRELOADED_APP)
- ret = _wae_encrypt_preloaded_web_application(pPkgId,
- pData, dataLen, ppEncryptedData, pEncDataLen);
+ if (app_type == WAE_PRELOADED_APP)
+ return _wae_encrypt_preloaded_web_application(pkg_id,
+ data, data_len, pencrypted_data, pencrypted_data_len);
else
- ret = _wae_encrypt_downloaded_web_application(pPkgId, appType,
- pData, dataLen, ppEncryptedData, pEncDataLen);
-
- WAE_SLOGI("Encrypt Web App. pkgId=%s, appType=%d, dataLen=%d, ret=%d",
- pPkgId, appType, dataLen, ret);
- return ret;
+ return _wae_encrypt_downloaded_web_application(pkg_id, app_type,
+ data, data_len, pencrypted_data, pencrypted_data_len);
}
-int wae_decrypt_web_application(const char *pPkgId, wae_app_type_e appType,
- const unsigned char *pData, size_t dataLen,
- unsigned char **ppDecryptedData, size_t *pDecDataLen)
+int wae_decrypt_web_application(const char *pkg_id, wae_app_type_e app_type,
+ const unsigned char *data, size_t data_len,
+ unsigned char **pdecrypted_data, size_t *pdecrypted_data_len)
{
- int ret = WAE_ERROR_NONE;
-
- if (appType == WAE_PRELOADED_APP)
- ret = _wae_decrypt_preloaded_web_application(pPkgId, appType,
- pData, dataLen, ppDecryptedData, pDecDataLen);
+ if (app_type == WAE_PRELOADED_APP)
+ return _wae_decrypt_preloaded_web_application(pkg_id, app_type,
+ data, data_len, pdecrypted_data, pdecrypted_data_len);
else
- ret = _wae_decrypt_downloaded_web_application(pPkgId, appType,
- pData, dataLen, ppDecryptedData, pDecDataLen);
-
- WAE_SLOGI("Decrypt Web App. pkgId=%s, appType=%d, dataLen=%d, ret=%d",
- pPkgId, appType, dataLen, ret);
- return ret;
+ return _wae_decrypt_downloaded_web_application(pkg_id, app_type,
+ data, data_len, pdecrypted_data, pdecrypted_data_len);
}
-int wae_remove_app_dek(const char *pPkgId, wae_app_type_e appType)
+int wae_remove_app_dek(const char *pkg_id, wae_app_type_e app_type)
{
- int ret = remove_app_dek(pPkgId, appType);
- WAE_SLOGI("Remove APP DEK. pkgId=%s, appType=%d, ret=%d", pPkgId, appType, ret);
- return ret;
+ return remove_app_dek(pkg_id, app_type);
}
_add_app_dek_to_cache(pkg3, dek3.data());
size_t dek_len = 32;
- unsigned char *_cached = _get_app_dek_from_cache(pkg1);
+ const unsigned char *_cached = _get_app_dek_from_cache(pkg1);
auto cached = Wae::Test::bytearr_to_vec(_cached, dek_len);
BOOST_REQUIRE_MESSAGE(cached == dek1,
projects / platform / core / security / libwebappenc.git / commitdiff