SET(TARGET_CERT_SERVER "cert-server")
SET(CERT_SVC_PATH ${TZ_SYS_SHARE}/cert-svc)
-SET(CA_CERTS_PATH ${TZ_SYS_SHARE}/ca-certificates)
-
ADD_DEFINITIONS("-DSIGNATURE_SCHEMA_PATH=\"${CERT_SVC_PATH}/schema.xsd\"")
ADD_DEFINITIONS("-DCERTSVC_SYSTEM_STORE_DB=\"${CERT_SVC_PATH}/dbspace/certs-meta.db\"")
ADD_DEFINITIONS("-DCERTSVC_DIR=\"${CERT_SVC_PATH}/certs/\"")
ADD_DEFINITIONS("-DCERTSVC_PKCS12_STORAGE_DIR=\"${CERT_SVC_PATH}/pkcs12/\"")
-ADD_DEFINITIONS("-DSYSTEM_CERT_DIR=\"${TZ_SYS_CERTS}/\"")
+ADD_DEFINITIONS("-DTZ_SYS_CA_CERTS=\"${TZ_SYS_CA_CERTS}\"")
+ADD_DEFINITIONS("-DTZ_SYS_CA_CERTS_ORIG=\"${TZ_SYS_CA_CERTS_ORIG}\"")
+ADD_DEFINITIONS("-DTZ_SYS_CA_BUNDLE_RW=\"${TZ_SYS_CA_BUNDLE_RW}\"")
+
+SET(CA_CERTS_PATH ${TZ_SYS_SHARE}/ca-certificates)
+ADD_DEFINITIONS("-DTZ_SYS_CA_CERTS_TIZEN=\"${CA_CERTS_PATH}/tizen\"")
ADD_DEFINITIONS("-DFINGERPRINT_LIST_PATH=\"${CA_CERTS_PATH}/fingerprint/fingerprint_list.xml\"")
ADD_DEFINITIONS("-DFINGERPRINT_LIST_SCHEMA_PATH=\"${CA_CERTS_PATH}/fingerprint/fingerprint_list.xsd\"")
-ADD_DEFINITIONS("-DROOT_CA_CERTS_DIR=\"${CA_CERTS_PATH}/certs\"")
-ADD_DEFINITIONS("-DROOT_CA_CERTS_TIZEN_DIR=\"${CA_CERTS_PATH}/tizen/\"")
-ADD_DEFINITIONS("-DCERTSVC_CRT_FILE_PATH=\"${TZ_SYS_CONCATENATED_CERT}\"")
CONFIGURE_FILE(cert-svc-vcore.pc.in cert-svc-vcore.pc @ONLY)
INSTALL(FILES
COMMAND
${ETC_DIR}/initialize_store_db.sh
${ETC_DIR}/certs-meta.db
- ${TZ_SYS_CERTS}
+ ${TZ_SYS_CA_CERTS}
RESULT_VARIABLE ERROR_CODE
)
BuildRequires: pkgconfig(libtzplatform-config)
BuildRequires: pkgconfig(libsystemd-journal)
BuildRequires: pkgconfig(sqlite3)
+BuildRequires: ca-certificates-devel
BuildRequires: ca-certificates-tizen
BuildRequires: ca-certificates-mozilla
export FFLAGS="$FFLAGS -DTIZEN_EMULATOR_MODE"
%endif
-# concatenated cert path defined in ca-certificates package
-%define SYS_CONCATENATED_CERT /var/lib/ca-certificates/ca-bundle.pem
-%define SYS_CERTS %TZ_SYS_ETC/ssl/certs
-
%{!?build_type:%define build_type "Release"}
%cmake . -DVERSION=%version \
-DINCLUDEDIR=%_includedir \
-DTZ_SYS_SHARE=%TZ_SYS_SHARE \
-DTZ_SYS_BIN=%TZ_SYS_BIN \
- -DTZ_SYS_CERTS=%SYS_CERTS \
- -DTZ_SYS_CONCATENATED_CERT=%SYS_CONCATENATED_CERT \
+ -DTZ_SYS_CA_CERTS=%TZ_SYS_CA_CERTS \
+ -DTZ_SYS_CA_CERTS_ORIG=%TZ_SYS_CA_CERTS_ORIG \
+ -DTZ_SYS_CA_BUNDLE_RW=%TZ_SYS_CA_BUNDLE_RW \
%if 0%{?certsvc_test_build}
-DCERTSVC_TEST_BUILD=1 \
-DTZ_SYS_RO_APP=%TZ_SYS_RO_APP \
mkdir -p %buildroot%TZ_SYS_SHARE/cert-svc/pkcs12
mkdir -p %buildroot%TZ_SYS_SHARE/cert-svc/dbspace
-ln -s %SYS_CONCATENATED_CERT %buildroot%TZ_SYS_SHARE/cert-svc/ca-certificate.crt
+ln -s %TZ_SYS_CA_BUNDLE_RW %buildroot%TZ_SYS_SHARE/cert-svc/ca-certificate.crt
%preun
# erase
int ret = CERTSVC_SUCCESS;
/* find certificate which filehash name is gname in root ca certs path. */
- char *target = get_complete_path(ROOT_CA_CERTS_DIR, gname);
- char *link = get_complete_path(SYSTEM_CERT_DIR, gname);
+ char *target = get_complete_path(TZ_SYS_CA_CERTS_ORIG, gname);
+ char *link = get_complete_path(TZ_SYS_CA_CERTS, gname);
if (target == NULL || link == NULL) {
SLOGE("Failed to get complete path.");
int ret = CERTSVC_SUCCESS;
char *link = NULL;
- link = get_complete_path(SYSTEM_CERT_DIR, gname);
+ link = get_complete_path(TZ_SYS_CA_CERTS, gname);
if (!link) {
SLOGE("Failed to construct source file path.");
return CERTSVC_FAIL;
return CERTSVC_WRONG_ARGUMENT;
}
- if (!(fp = fopen(CERTSVC_CRT_FILE_PATH, mode))) {
- SLOGE("Failed to open the file for writing, [%s].", CERTSVC_CRT_FILE_PATH);
+ if (!(fp = fopen(TZ_SYS_CA_BUNDLE_RW, mode))) {
+ SLOGE("Failed to open the file for writing, [%s].", TZ_SYS_CA_BUNDLE_RW);
return CERTSVC_FAIL;
}
CertificatePtr getIssuerCertFromStore(const CertificatePtr &certPtr)
{
- CertificatePtr found = searchCert(ROOT_CA_CERTS_TIZEN_DIR, certPtr, false);
+ CertificatePtr found = searchCert(TZ_SYS_CA_CERTS_TIZEN, certPtr, false);
if (found.get() != NULL) {
LogDebug("Found issuer cert in tizen root CA dir");
return found;
}
- return searchCert(SYSTEM_CERT_DIR, certPtr, true);
+ return searchCert(TZ_SYS_CA_CERTS, certPtr, true);
}
} // namespace
goto free_memory;
}
- res = X509_STORE_load_locations(cert_store, NULL, SYSTEM_CERT_DIR);
+ res = X509_STORE_load_locations(cert_store, NULL, TZ_SYS_CA_CERTS);
if (res != 1) {
LogError("P12 load certificate store failed");
result = CERTSVC_FAIL;