From: sangwan.kwon Date: Mon, 26 Sep 2016 02:33:02 +0000 (+0900) Subject: Add static db for refine build performance X-Git-Tag: accepted/tizen/common/20161010.145719~2 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=d7e2f7b9d58f60d0006fd9d78d543183ab233854;p=platform%2Fcore%2Fsecurity%2Fcert-svc.git Add static db for refine build performance * certs-meta.db is not modified until ca-certificates be updated. * So, check ca-certificates digest and install static db. Change-Id: I99f217afffae70bd3d657de8109abdb10c0b0db1 Signed-off-by: sangwan.kwon --- diff --git a/etc/CMakeLists.txt b/etc/CMakeLists.txt index d145ae9..e463be2 100644 --- a/etc/CMakeLists.txt +++ b/etc/CMakeLists.txt @@ -1,44 +1,28 @@ -SET(ETC_DIR ${CMAKE_CURRENT_SOURCE_DIR}) - -INSTALL(FILES - ${ETC_DIR}/schema.xsd - DESTINATION ${CERT_SVC_RO_PATH} - ) - -MESSAGE("Add ssl table to certs-meta.db") - -EXECUTE_PROCESS( - COMMAND - ${ETC_DIR}/cert_svc_create_clean_store_db.sh - ${ETC_DIR}/cert_svc_store_db.sql - ${ETC_DIR}/certs-meta.db - RESULT_VARIABLE ERROR_CODE - ) +# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Kyungwook tak (k.tak@samsung.com) +# @author Sangwan Kwon (sangwan.kwon@samsung.com) +# -IF (ERROR_CODE) - MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to create clean store db") -ENDIF (ERROR_CODE) - -EXECUTE_PROCESS( - COMMAND - ${ETC_DIR}/initialize_store_db.sh - ${ETC_DIR}/certs-meta.db - ${TZ_SYS_CA_CERTS} - RESULT_VARIABLE ERROR_CODE - ) - -IF (ERROR_CODE) - MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to initialize store db") -ENDIF (ERROR_CODE) - -INSTALL(FILES - ${ETC_DIR}/certs-meta.db - DESTINATION ${CERT_SVC_DB_PATH} - ) +SET(ETC_DIR ${CMAKE_CURRENT_SOURCE_DIR}) INSTALL(FILES - ${ETC_DIR}/certs-meta.db - DESTINATION ${UPGRADE_DATA_PATH} - ) + ${ETC_DIR}/schema.xsd + DESTINATION ${CERT_SVC_RO_PATH} +) +ADD_SUBDIRECTORY(db) ADD_SUBDIRECTORY(upgrade) diff --git a/etc/db/CMakeLists.txt b/etc/db/CMakeLists.txt new file mode 100644 index 0000000..58e0525 --- /dev/null +++ b/etc/db/CMakeLists.txt @@ -0,0 +1,83 @@ +# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Kyungwook tak (k.tak@samsung.com) +# @author Sangwan Kwon (sangwan.kwon@samsung.com) +# + +SET(PWD ${CMAKE_CURRENT_SOURCE_DIR}) +SET(CA_BUNDLE_DIGEST "c1518dfd686541282f9095c48d297413") + +EXECUTE_PROCESS( + COMMAND + ${PWD}/check_ca_bundle_digest.sh + ${TZ_SYS_CA_BUNDLE} + OUTPUT_VARIABLE CURRENT_DIGEST + ) + +IF (${CURRENT_DIGEST} STREQUAL ${CA_BUNDLE_DIGEST}) + MESSAGE("ca-certificate digest is match with static db.") + + INSTALL(FILES + resource/certs-meta-0.0.3.db + DESTINATION ${CERT_SVC_DB_PATH} + RENAME certs-meta.db + ) + + INSTALL(FILES + resource/certs-meta-0.0.3.db + DESTINATION ${UPGRADE_DATA_PATH} + RENAME certs-meta.db + ) + +ELSE (${CURRENT_DIGEST} STREQUAL ${CA_BUNDLE_DIGEST}) + MESSAGE("${CURRENT_DIGEST} digest is not match with static db.") + MESSAGE("Add ssl table to certs-meta.db") + + EXECUTE_PROCESS( + COMMAND + ${PWD}/cert_svc_create_clean_store_db.sh + ${PWD}/cert_svc_store_db.sql + ${PWD}/certs-meta.db + RESULT_VARIABLE ERROR_CODE + ) + + IF (ERROR_CODE) + MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to create clean store db") + ENDIF (ERROR_CODE) + + EXECUTE_PROCESS( + COMMAND + ${PWD}/initialize_store_db.sh + ${PWD}/certs-meta.db + ${TZ_SYS_CA_CERTS} + RESULT_VARIABLE ERROR_CODE + ) + + IF (ERROR_CODE) + MESSAGE(FATAL_ERROR "[${ERROR_CODE}] Failed to initialize store db") + ENDIF (ERROR_CODE) + + INSTALL(FILES + ${PWD}/certs-meta.db + DESTINATION ${CERT_SVC_DB_PATH} + ) + + INSTALL(FILES + ${PWD}/certs-meta.db + DESTINATION ${UPGRADE_DATA_PATH} + ) + +ENDIF (${CURRENT_DIGEST} STREQUAL ${CA_BUNDLE_DIGEST}) diff --git a/etc/cert_svc_create_clean_store_db.sh b/etc/db/cert_svc_create_clean_store_db.sh similarity index 100% rename from etc/cert_svc_create_clean_store_db.sh rename to etc/db/cert_svc_create_clean_store_db.sh diff --git a/etc/cert_svc_store_db.sql b/etc/db/cert_svc_store_db.sql similarity index 100% rename from etc/cert_svc_store_db.sql rename to etc/db/cert_svc_store_db.sql diff --git a/etc/db/check_ca_bundle_digest.sh b/etc/db/check_ca_bundle_digest.sh new file mode 100755 index 0000000..e435656 --- /dev/null +++ b/etc/db/check_ca_bundle_digest.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +CA_BUNDLE=$1 +openssl md5 $CA_BUNDLE | cut -f 2 -d ' ' | tr -d '\n' diff --git a/etc/initialize_store_db.sh b/etc/db/initialize_store_db.sh similarity index 100% rename from etc/initialize_store_db.sh rename to etc/db/initialize_store_db.sh diff --git a/etc/db/resource/certs-meta-0.0.3.db b/etc/db/resource/certs-meta-0.0.3.db new file mode 100644 index 0000000..b77ba03 Binary files /dev/null and b/etc/db/resource/certs-meta-0.0.3.db differ