Name: cert-svc
Summary: Certification service
-Version: 2.0.3
+Version: 2.0.4
Release: 0
Group: Security/Libraries
License: Apache-2.0
resource/wgt_negative_signature
resource/wgt_negative_certificate
resource/wgt_partner
- resource/wgt_partner_operator
+ resource/wgt_platform
resource/tpk
resource/attacked-tpk
resource/tpk-with-userdata
const std::string TestData::widget_negative_signature_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_negative_signature";
const std::string TestData::widget_negative_certificate_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_negative_certificate";
const std::string TestData::widget_partner_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_partner";
-const std::string TestData::widget_partner_operator_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_partner_operator";
+const std::string TestData::widget_platform_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_platform";
const std::string TestData::tpk_path = std::string(TESTAPP_RES_DIR) + "apps/tpk";
const std::string TestData::attacked_tpk_path = std::string(TESTAPP_RES_DIR) + "apps/attacked-tpk";
extern const std::string widget_negative_signature_path;
extern const std::string widget_negative_certificate_path;
extern const std::string widget_partner_path;
-extern const std::string widget_partner_operator_path;
+extern const std::string widget_platform_path;
extern const std::string tpk_path;
extern const std::string attacked_tpk_path;
}
}
+RUNNER_TEST(T00109_positive_platform_check_ref)
+{
+ SignatureFileInfoSet signatureSet;
+ SignatureFinder signatureFinder(TestData::widget_platform_path);
+ RUNNER_ASSERT_MSG(
+ SignatureFinder::NO_ERROR == signatureFinder.find(signatureSet),
+ "SignatureFinder failed");
+
+ for (auto &sig : signatureSet) {
+ SignatureValidator validator(sig);
+ SignatureData data;
+ VCerr result = validator.check(
+ TestData::widget_platform_path,
+ true,
+ true,
+ data);
+
+ RUNNER_ASSERT_MSG(result == E_SIG_NONE,
+ "sig validation should be success: "
+ << validator.errorToString(result));
+
+ if (!data.isAuthorSignature())
+ RUNNER_ASSERT_MSG(data.getVisibilityLevel() == CertStoreId::VIS_PLATFORM,
+ "visibility check failed.");
+ }
+}
+
+RUNNER_TEST(T00110_positive_platform_uncheck_ref)
+{
+ SignatureFileInfoSet signatureSet;
+ SignatureFinder signatureFinder(TestData::widget_platform_path);
+ RUNNER_ASSERT_MSG(
+ SignatureFinder::NO_ERROR == signatureFinder.find(signatureSet),
+ "SignatureFinder failed");
+
+ for (auto &sig : signatureSet) {
+ SignatureValidator validator(sig);
+ SignatureData data;
+ VCerr result = validator.check(
+ TestData::widget_platform_path,
+ true,
+ false,
+ data);
+
+ RUNNER_ASSERT_MSG(result == E_SIG_NONE,
+ "sig validation should be success: "
+ << validator.errorToString(result));
+
+ if (!data.isAuthorSignature())
+ RUNNER_ASSERT_MSG(data.getVisibilityLevel() == CertStoreId::VIS_PLATFORM,
+ "visibility check failed.");
+ }
+}
RUNNER_TEST(T00151_negative_hash_check_ref)
{
SignatureFileInfoSet signatureSet;
typedef enum CertSvcVisibility_t {
CERTSVC_VISIBILITY_DEVELOPER = 1,
- CERTSVC_VISIBILITY_TEST = 1 << 1,
CERTSVC_VISIBILITY_PUBLIC = 1 << 6,
CERTSVC_VISIBILITY_PARTNER = 1 << 7,
- CERTSVC_VISIBILITY_PARTNER_OPERATOR = 1 << 8,
- CERTSVC_VISIBILITY_PARTNER_MANUFACTURER = 1 << 9,
CERTSVC_VISIBILITY_PLATFORM = 1 << 10
} CertSvcVisibility;
{
Type visType = VIS_PUBLIC;
visType |= VIS_PARTNER;
- visType |= VIS_PARTNER_OPERATOR;
- visType |= VIS_PARTNER_MANUFACTURER;
visType |= VIS_PLATFORM;
visType &= m_certificateStorage;
ret += "VIS_PUBLIC ";
if (m_certificateStorage & VIS_PARTNER)
ret += "VIS_PARTNER ";
- if (m_certificateStorage & VIS_PARTNER_OPERATOR)
- ret += "VIS_PARTNER_OPERATOR ";
- if (m_certificateStorage & VIS_PARTNER_MANUFACTURER)
- ret += "VIS_PARTNER_MANUFACTURER ";
if (m_certificateStorage & VIS_PLATFORM)
ret += "VIS_PLATFORM ";
const Type VIS_PUBLIC = 1 << 6;
// RootCA's visibility level : partner
const Type VIS_PARTNER = 1 << 7;
-// RootCA's visibility level : partner-operator
-const Type VIS_PARTNER_OPERATOR = 1 << 8;
-// RootCA's visibility level : partner-manufacturer
-const Type VIS_PARTNER_MANUFACTURER = 1 << 9;
// RootCA's visibility level : platform
const Type VIS_PLATFORM = 1 << 10;
const std::string TOKEN_VALUE_TIZEN_STORE = "tizen-store";
const std::string TOKEN_VALUE_VISIBILITY_PUBLIC = "tizen-public";
const std::string TOKEN_VALUE_VISIBILITY_PARTNER = "tizen-partner";
-const std::string TOKEN_VALUE_VISIBILITY_PARTNER_OPERATOR = "tizen-partner-operator";
-const std::string TOKEN_VALUE_VISIBILITY_PARTNER_MANUFACTURER = "tizen-partner-manufacturer";
const std::string TOKEN_VALUE_VISIBILITY_PLATFORM = "tizen-platform";
int hexCharToInt(char c)
m_certificateDomain = CertStoreId::VIS_PUBLIC;
} else if (name == TOKEN_VALUE_VISIBILITY_PARTNER) {
m_certificateDomain = CertStoreId::VIS_PARTNER;
- } else if (name == TOKEN_VALUE_VISIBILITY_PARTNER_OPERATOR) {
- m_certificateDomain = CertStoreId::VIS_PARTNER_OPERATOR;
- } else if (name == TOKEN_VALUE_VISIBILITY_PARTNER_MANUFACTURER) {
- m_certificateDomain = CertStoreId::VIS_PARTNER_MANUFACTURER;
} else if (name == TOKEN_VALUE_VISIBILITY_PLATFORM) {
m_certificateDomain = CertStoreId::VIS_PLATFORM;
} else {
if (m_storeIdSet.contains(CertStoreId::VIS_PLATFORM))
return CertStoreId::VIS_PLATFORM;
- else if (m_storeIdSet.contains(CertStoreId::VIS_PARTNER_MANUFACTURER))
- return CertStoreId::VIS_PLATFORM;
- else if (m_storeIdSet.contains(CertStoreId::VIS_PARTNER_OPERATOR))
- return CertStoreId::VIS_PLATFORM;
else if (m_storeIdSet.contains(CertStoreId::VIS_PARTNER))
return CertStoreId::VIS_PARTNER;
else