From: hb.min Date: Tue, 9 Jul 2013 05:51:10 +0000 (+0900) Subject: Separate the information of external privilege X-Git-Tag: submit/tizen/20131210.080830^2^2~282 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=085993c3e1f9bff1618e7ce52e5e6065fa1c561f;p=platform%2Fframework%2Fnative%2Fappfw.git Separate the information of external privilege Change-Id: Ida7649eb5911c46494809fd83cfad80cf7c59bc6 Signed-off-by: hb.min --- diff --git a/src/security/FSec_PrivilegeInfo.cpp b/src/security/FSec_PrivilegeInfo.cpp index f97f0ed..53e6fac 100644 --- a/src/security/FSec_PrivilegeInfo.cpp +++ b/src/security/FSec_PrivilegeInfo.cpp @@ -32,6 +32,8 @@ #include #include #include +#include +#include #include "FSec_PrivilegeInfo.h" @@ -76,7 +78,7 @@ _PrivilegeInfo::Construct(const AppId& appId, const byte* pBitwisePrivilege, con std::unique_ptr pEnum(null); - r = __privilegeList.Construct(); + r = __privilegeList.Construct(32, 0.75); SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); pEnum.reset(pPrivilegeList->GetEnumeratorN()); @@ -84,8 +86,18 @@ _PrivilegeInfo::Construct(const AppId& appId, const byte* pBitwisePrivilege, con while (pEnum->MoveNext() == E_SUCCESS) { - String* tempString = static_cast< String* >(pEnum->GetCurrent()); - __privilegeList.Add(new String(*tempString)); + int ret = PRVMGR_ERR_NONE; + char* pPrivilegeLevel = null; + std::unique_ptr pPrivilegeId(null); + String* pTempString = static_cast< String* >(pEnum->GetCurrent()); + + pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(*pTempString)); + SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred."); + + ret = privilege_info_get_external_privilege_level(static_cast(pPrivilegeId.get()), &pPrivilegeLevel); + SysTryReturnResult(NID_SEC, ret == PRVMGR_ERR_NONE, E_SYSTEM, "An unexpected system error occurred."); + + __privilegeList.Add((new String(*pTempString)), (new String(pPrivilegeLevel))); } return r; @@ -133,7 +145,7 @@ _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, SysTryReturnResult(NID_SEC, __apiVisibility >= 0, E_SYSTEM, "An unexpected system error occurred."); std::unique_ptr pEnum(null); - r = __privilegeList.Construct(); + r = __privilegeList.Construct(32, 0.75); SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); pEnum.reset(pPrivilegeList->GetEnumeratorN()); @@ -141,8 +153,18 @@ _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, while (pEnum->MoveNext() == E_SUCCESS) { - String* tempString = static_cast< String* >(pEnum->GetCurrent()); - __privilegeList.Add(new String(*tempString)); + int ret = PRVMGR_ERR_NONE; + char* pPrivilegeLevel = null; + std::unique_ptr pPrivilegeId(null); + String* pTempString = static_cast< String* >(pEnum->GetCurrent()); + + pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(*pTempString)); + SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred."); + + ret = privilege_info_get_external_privilege_level(static_cast(pPrivilegeId.get()), &pPrivilegeLevel); + SysTryReturnResult(NID_SEC, ret == PRVMGR_ERR_NONE, E_SYSTEM, "An unexpected system error occurred."); + + __privilegeList.Add((new String(*pTempString)), (new String(pPrivilegeLevel))); } return r; @@ -223,7 +245,7 @@ _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, __apiVisibility = visibility; std::unique_ptr pEnum(null); - r = __privilegeList.Construct(); + r = __privilegeList.Construct(32, 0.75); SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); pEnum.reset(pPrivilegeList->GetEnumeratorN()); @@ -231,8 +253,18 @@ _PrivilegeInfo::Construct(const AppId& appId, const String& encryptedPrivileges, while (pEnum->MoveNext() == E_SUCCESS) { - String* tempString = static_cast< String* >(pEnum->GetCurrent()); - __privilegeList.Add(new String(*tempString)); + int ret = PRVMGR_ERR_NONE; + char* pPrivilegeLevel = null; + std::unique_ptr pPrivilegeId(null); + String* pTempString = static_cast< String* >(pEnum->GetCurrent()); + + pPrivilegeId.reset(_StringConverter::CopyToCharArrayN(*pTempString)); + SysTryReturnResult(NID_SEC, pPrivilegeId != null, E_SYSTEM, "An unexpected system error occurred."); + + ret = privilege_info_get_external_privilege_level(static_cast(pPrivilegeId.get()), &pPrivilegeLevel); + SysTryReturnResult(NID_SEC, ret == PRVMGR_ERR_NONE, E_SYSTEM, "An unexpected system error occurred."); + + __privilegeList.Add((new String(*pTempString)), (new String(pPrivilegeLevel))); } return r; @@ -256,19 +288,21 @@ _PrivilegeInfo::CloneN(void) const pPrivilegeInfo->__appId.Append(this->__appId); memcpy(pPrivilegeInfo->__bitwisePrivilege, this->__bitwisePrivilege, pPrivilegeInfo->__bitwiseLength); - std::unique_ptr pEnum(null); - r = pPrivilegeInfo->__privilegeList.Construct(); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + std::unique_ptr pEnum(null); + pEnum.reset(this->__privilegeList.GetMapEnumeratorN()); + SysTryCatch(NID_SEC, pEnum != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - pEnum.reset(this->__privilegeList.GetEnumeratorN()); + r = pPrivilegeInfo->__privilegeList.Construct(32, 0.75); SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); while (pEnum->MoveNext() == E_SUCCESS) { - String* tempString = static_cast< String* >(pEnum->GetCurrent()); - pPrivilegeInfo->__privilegeList.Add(new String(*tempString)); + String* pTempString = static_cast< String* >(pEnum->GetKey()); + String* pTempLevel = static_cast< String* >(pEnum->GetValue()); + pPrivilegeInfo->__privilegeList.Add((new String(*pTempString)), (new String(*pTempLevel))); } + pPrivilegeInfo->__apiVisibility = this->__apiVisibility; return pPrivilegeInfo; CATCH: @@ -293,16 +327,20 @@ _PrivilegeInfo::Construct(const _PrivilegeInfo& privilegeInfo) __apiVisibility = privilegeInfo.__apiVisibility; - __privilegeList.Construct(); + std::unique_ptr pEnum(null); + pEnum.reset(privilegeInfo.__privilegeList.GetMapEnumeratorN()); + SysTryReturnResult(NID_SEC, pEnum != null, E_SYSTEM, "An unexpected system error occurred."); + + r = __privilegeList.Construct(32, 0.75); + SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); - IEnumerator* pEnum = privilegeInfo.__privilegeList.GetEnumeratorN(); while (pEnum->MoveNext() == E_SUCCESS) { - String* tempString = static_cast< String* >(pEnum->GetCurrent()); - __privilegeList.Add(new String(*tempString)); + String* pTempString = static_cast< String* >(pEnum->GetKey()); + String* pTempLevel = static_cast< String* >(pEnum->GetValue()); + __privilegeList.Add((new String(*pTempString)), (new String(*pTempLevel))); } - delete pEnum; return r; } @@ -515,13 +553,25 @@ _PrivilegeInfo::HasPrivilege(const String& privilege) const if (validStringFlag) { ret = HasPrivilege(privilegeListTable[index].privilege); - } else { - ret = __privilegeList.Contains(privilege); + ret = __privilegeList.ContainsKey(privilege); if (ret) { + if (__apiVisibility != _API_VISIBILITY_NONE) // To be removed + { + const String* pPrivilegeLevel = static_cast< const String* >(__privilegeList.GetValue(privilege)); + SysTryReturn(NID_SEC, pPrivilegeLevel != null, E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + int privilegeLevel = GetPrivilegeLevel(*pPrivilegeLevel); + if (privilegeLevel > __apiVisibility) + { + SysLog(NID_SEC, "Result : FALSE [Visibility]"); + return false; + } + } + SysLog(NID_SEC, "Result : TRUE"); } else @@ -769,4 +819,19 @@ CATCH: return null; } +int +_PrivilegeInfo::GetPrivilegeLevel(const String& privilegeLevel) +{ + if(privilegeLevel.Equals(String(L"platform"), true)) + { + return _API_VISIBILITY_PLATFORM; + } + else if(privilegeLevel.Equals(String(L"partner"), true)) + { + return _API_VISIBILITY_PARTNER; + } + + return _API_VISIBILITY_PUBLIC; +} + }} //Tizen::Security diff --git a/src/security/FSec_PrivilegeInfo.h b/src/security/FSec_PrivilegeInfo.h index d7fd311..0263d0d 100644 --- a/src/security/FSec_PrivilegeInfo.h +++ b/src/security/FSec_PrivilegeInfo.h @@ -196,6 +196,7 @@ private: result VerifyIntegrity(const Tizen::App::AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length, int visibility, const Tizen::Base::String& storedVisibilityChecksum); result VerifyIntegrityEx(const Tizen::App::AppId& appId, const byte* targetBitwisePrivilege, const Tizen::Base::String& storedChecksum, int length); + static int GetPrivilegeLevel(const Tizen::Base::String& privilegeLevel); static ISecretKey* GetDeviceUniqueKeyN(void); _PrivilegeInfo(const _PrivilegeInfo& rhs); @@ -206,7 +207,7 @@ private: int __apiVisibility; byte __bitwisePrivilege[MAX_BITWISE_PRIV_SIZE]; int __bitwiseLength; - Tizen::Base::Collection::ArrayList __privilegeList; + Tizen::Base::Collection::HashMap __privilegeList; }; // _PrivilegeInfo