Delete unusable visibility cases 45/58445/3 accepted/tizen/ivi/20160218.023930 accepted/tizen/mobile/20160202.114917 accepted/tizen/tv/20160202.114948 accepted/tizen/wearable/20160202.115008 submit/tizen/20160202.051416 submit/tizen_common/20160218.142243 submit/tizen_ivi/20160217.000000 submit/tizen_ivi/20160217.000003
authorsangwan.kwon <sangwan.kwon@samsung.com>
Mon, 1 Feb 2016 02:22:20 +0000 (11:22 +0900)
committersangwan.kwon <sangwan.kwon@samsung.com>
Mon, 1 Feb 2016 08:59:01 +0000 (17:59 +0900)
1. Modified visibility list
 * VISIBILITY_PARTNER_OPERATOR (completely)
 * VISIBILITY_PARTNER_MANUFACTURER (completely)
 * VISIBILITY_TEST (partially)

2. Added Testcases
 * platform

Change-Id: Ia03d921f979abe49d88bff041dc55ea534354f6c
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
14 files changed:
packaging/cert-svc.spec
tests/vcore/CMakeLists.txt
tests/vcore/resource/wgt_platform/author-signature.xml [moved from tests/vcore/resource/wgt_partner_operator/author-signature.xml with 100% similarity]
tests/vcore/resource/wgt_platform/config.xml [moved from tests/vcore/resource/wgt_partner_operator/config.xml with 100% similarity]
tests/vcore/resource/wgt_platform/index.html [moved from tests/vcore/resource/wgt_partner_operator/index.html with 100% similarity]
tests/vcore/resource/wgt_platform/signature1.xml [moved from tests/vcore/resource/wgt_partner_operator/signature1.xml with 100% similarity]
tests/vcore/test-common.cpp
tests/vcore/test-common.h
tests/vcore/test-signature-validator.cpp
vcore/cert-svc/ccert.h
vcore/vcore/CertStoreType.cpp
vcore/vcore/CertStoreType.h
vcore/vcore/CertificateConfigReader.cpp
vcore/vcore/SignatureData.cpp

index aadda44..d2550c3 100644 (file)
@@ -2,7 +2,7 @@
 
 Name:    cert-svc
 Summary: Certification service
-Version: 2.0.3
+Version: 2.0.4
 Release: 0
 Group:   Security/Libraries
 License: Apache-2.0
index 6fb77c6..2dc7622 100644 (file)
@@ -61,7 +61,7 @@ INSTALL(
         resource/wgt_negative_signature
         resource/wgt_negative_certificate
         resource/wgt_partner
-        resource/wgt_partner_operator
+        resource/wgt_platform
         resource/tpk
         resource/attacked-tpk
         resource/tpk-with-userdata
index 34fdfb5..33a83ce 100644 (file)
@@ -22,7 +22,7 @@ const std::string TestData::widget_negative_hash_path = std::string(TESTAPP_RES_
 const std::string TestData::widget_negative_signature_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_negative_signature";
 const std::string TestData::widget_negative_certificate_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_negative_certificate";
 const std::string TestData::widget_partner_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_partner";
-const std::string TestData::widget_partner_operator_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_partner_operator";
+const std::string TestData::widget_platform_path = std::string(TESTAPP_RES_DIR) + "apps/wgt_platform";
 
 const std::string TestData::tpk_path = std::string(TESTAPP_RES_DIR) + "apps/tpk";
 const std::string TestData::attacked_tpk_path = std::string(TESTAPP_RES_DIR) + "apps/attacked-tpk";
index e567e02..ab6154d 100644 (file)
@@ -25,7 +25,7 @@ extern const std::string widget_negative_hash_path;
 extern const std::string widget_negative_signature_path;
 extern const std::string widget_negative_certificate_path;
 extern const std::string widget_partner_path;
-extern const std::string widget_partner_operator_path;
+extern const std::string widget_platform_path;
 
 extern const std::string tpk_path;
 extern const std::string attacked_tpk_path;
index 0ac06cd..f507328 100644 (file)
@@ -241,6 +241,59 @@ RUNNER_TEST(T00108_distributor_disregard_check)
     }
 }
 
+RUNNER_TEST(T00109_positive_platform_check_ref)
+{
+    SignatureFileInfoSet signatureSet;
+    SignatureFinder signatureFinder(TestData::widget_platform_path);
+    RUNNER_ASSERT_MSG(
+        SignatureFinder::NO_ERROR == signatureFinder.find(signatureSet),
+        "SignatureFinder failed");
+
+    for (auto &sig : signatureSet) {
+        SignatureValidator validator(sig);
+        SignatureData data;
+        VCerr result = validator.check(
+                TestData::widget_platform_path,
+                true,
+                true,
+                data);
+
+        RUNNER_ASSERT_MSG(result == E_SIG_NONE,
+            "sig validation should be success: "
+            << validator.errorToString(result));
+
+        if (!data.isAuthorSignature())
+            RUNNER_ASSERT_MSG(data.getVisibilityLevel() == CertStoreId::VIS_PLATFORM,
+                "visibility check failed.");
+    }
+}
+
+RUNNER_TEST(T00110_positive_platform_uncheck_ref)
+{
+    SignatureFileInfoSet signatureSet;
+    SignatureFinder signatureFinder(TestData::widget_platform_path);
+    RUNNER_ASSERT_MSG(
+        SignatureFinder::NO_ERROR == signatureFinder.find(signatureSet),
+        "SignatureFinder failed");
+
+    for (auto &sig : signatureSet) {
+        SignatureValidator validator(sig);
+        SignatureData data;
+        VCerr result = validator.check(
+                TestData::widget_platform_path,
+                true,
+                false,
+                data);
+
+        RUNNER_ASSERT_MSG(result == E_SIG_NONE,
+            "sig validation should be success: "
+            << validator.errorToString(result));
+
+        if (!data.isAuthorSignature())
+            RUNNER_ASSERT_MSG(data.getVisibilityLevel() == CertStoreId::VIS_PLATFORM,
+                "visibility check failed.");
+    }
+}
 RUNNER_TEST(T00151_negative_hash_check_ref)
 {
     SignatureFileInfoSet signatureSet;
index 494e344..282e9e8 100644 (file)
@@ -108,11 +108,8 @@ typedef enum CertSvcCertificateField_t {
 
 typedef enum CertSvcVisibility_t {
        CERTSVC_VISIBILITY_DEVELOPER            = 1,
-       CERTSVC_VISIBILITY_TEST                 = 1 << 1,
        CERTSVC_VISIBILITY_PUBLIC               = 1 << 6,
        CERTSVC_VISIBILITY_PARTNER              = 1 << 7,
-       CERTSVC_VISIBILITY_PARTNER_OPERATOR     = 1 << 8,
-       CERTSVC_VISIBILITY_PARTNER_MANUFACTURER = 1 << 9,
        CERTSVC_VISIBILITY_PLATFORM             = 1 << 10
 } CertSvcVisibility;
 
index bced091..8bc001c 100644 (file)
@@ -48,8 +48,6 @@ bool Set::isContainsVis() const
 {
     Type visType = VIS_PUBLIC;
     visType |= VIS_PARTNER;
-    visType |= VIS_PARTNER_OPERATOR;
-    visType |= VIS_PARTNER_MANUFACTURER;
     visType |= VIS_PLATFORM;
 
     visType &= m_certificateStorage;
@@ -81,10 +79,6 @@ std::string Set::typeToString() const
         ret += "VIS_PUBLIC ";
     if (m_certificateStorage & VIS_PARTNER)
         ret += "VIS_PARTNER ";
-    if (m_certificateStorage & VIS_PARTNER_OPERATOR)
-        ret += "VIS_PARTNER_OPERATOR ";
-    if (m_certificateStorage & VIS_PARTNER_MANUFACTURER)
-        ret += "VIS_PARTNER_MANUFACTURER ";
     if (m_certificateStorage & VIS_PLATFORM)
         ret += "VIS_PLATFORM ";
 
index 4dec061..d2ca9af 100644 (file)
@@ -40,10 +40,6 @@ const Type TIZEN_STORE = 1 << 3;
 const Type VIS_PUBLIC = 1 << 6;
 // RootCA's visibility level : partner
 const Type VIS_PARTNER = 1 << 7;
-// RootCA's visibility level : partner-operator
-const Type VIS_PARTNER_OPERATOR = 1 << 8;
-// RootCA's visibility level : partner-manufacturer
-const Type VIS_PARTNER_MANUFACTURER = 1 << 9;
 // RootCA's visibility level : platform
 const Type VIS_PLATFORM = 1 << 10;
 
index 467e289..a41b7be 100644 (file)
@@ -40,8 +40,6 @@ const std::string TOKEN_VALUE_TIZEN_VERIFY = "tizen-verify";
 const std::string TOKEN_VALUE_TIZEN_STORE = "tizen-store";
 const std::string TOKEN_VALUE_VISIBILITY_PUBLIC = "tizen-public";
 const std::string TOKEN_VALUE_VISIBILITY_PARTNER = "tizen-partner";
-const std::string TOKEN_VALUE_VISIBILITY_PARTNER_OPERATOR = "tizen-partner-operator";
-const std::string TOKEN_VALUE_VISIBILITY_PARTNER_MANUFACTURER = "tizen-partner-manufacturer";
 const std::string TOKEN_VALUE_VISIBILITY_PLATFORM = "tizen-platform";
 
 int hexCharToInt(char c)
@@ -130,10 +128,6 @@ void CertificateConfigReader::tokenCertificateDomain(CertificateIdentifier &)
         m_certificateDomain = CertStoreId::VIS_PUBLIC;
     } else if (name == TOKEN_VALUE_VISIBILITY_PARTNER) {
         m_certificateDomain = CertStoreId::VIS_PARTNER;
-    } else if (name == TOKEN_VALUE_VISIBILITY_PARTNER_OPERATOR) {
-        m_certificateDomain = CertStoreId::VIS_PARTNER_OPERATOR;
-    } else if (name == TOKEN_VALUE_VISIBILITY_PARTNER_MANUFACTURER) {
-        m_certificateDomain = CertStoreId::VIS_PARTNER_MANUFACTURER;
     } else if (name == TOKEN_VALUE_VISIBILITY_PLATFORM) {
         m_certificateDomain = CertStoreId::VIS_PLATFORM;
     } else {
index d8accdf..e162142 100644 (file)
@@ -121,10 +121,6 @@ CertStoreId::Type SignatureData::getVisibilityLevel() const
 
     if (m_storeIdSet.contains(CertStoreId::VIS_PLATFORM))
         return CertStoreId::VIS_PLATFORM;
-    else if (m_storeIdSet.contains(CertStoreId::VIS_PARTNER_MANUFACTURER))
-        return CertStoreId::VIS_PLATFORM;
-    else if (m_storeIdSet.contains(CertStoreId::VIS_PARTNER_OPERATOR))
-        return CertStoreId::VIS_PLATFORM;
     else if (m_storeIdSet.contains(CertStoreId::VIS_PARTNER))
         return CertStoreId::VIS_PARTNER;
     else