platform/core/security/key-manager.git
5 years agoRefactor RawBuffer hex dumps 17/214617/2
Konrad Lipinski [Tue, 24 Sep 2019 14:36:36 +0000 (16:36 +0200)]
Refactor RawBuffer hex dumps

Change-Id: I2d52c63c908e3a69c8de5f20e275fecda0165a66

5 years agockmc_alias_new: replace str* calls with memcpy 18/214618/2
Konrad Lipinski [Tue, 24 Sep 2019 13:11:32 +0000 (15:11 +0200)]
ckmc_alias_new: replace str* calls with memcpy

Change-Id: I7b8d340f7ce2ce1f5867065cf65650733ef1c44a

5 years ago[ocsp] Fix static string length calculation 20/214620/1
Konrad Lipinski [Tue, 24 Sep 2019 12:40:58 +0000 (14:40 +0200)]
[ocsp] Fix static string length calculation

Change-Id: I13d6c6f825a9340bfd54462d7d6c9cbd46008dd2

5 years agoImprove ckm deserialization errors detection 63/213463/4
Alicja Kluczek [Tue, 3 Sep 2019 10:10:13 +0000 (12:10 +0200)]
Improve ckm deserialization errors detection

Add a check to TZSerializableBinary::Deserialize making sure
that deserialized buffer has adequate size.
    * In case of fixed-size data, buffer size should be equal to the
      size given in constructor.
    * In case of variable-size data, buffer size should be less or equal
      to the size given in constructor.

Change-Id: Ie0f80169adb8b758cb7aa2370551bd30410dc8b0

5 years agoTreat pwd data deserialization as an error 60/213260/1
Krzysztof Jackiewicz [Tue, 3 Sep 2019 09:33:13 +0000 (11:33 +0200)]
Treat pwd data deserialization as an error

The KM_PwdData structure keeps an authentication data needed to access
an item on the TA side. As such it should only be transferred from
key-manager to the TA.

Expecting such structure in an output buffer of the TA command
execution is a programmer error. It is now dealt with accordingly.

Change-Id: I209957a05700052eefc694d82b881c8aae96abb5

5 years agoRelease 0.1.32 41/212841/1 accepted/tizen_5.5_unified accepted/tizen_5.5_unified_mobile_hotfix accepted/tizen_5.5_unified_wearable_hotfix tizen_5.5_mobile_hotfix tizen_5.5_tv tizen_5.5_wearable_hotfix accepted/tizen/5.5/unified/20191031.022623 accepted/tizen/5.5/unified/mobile/hotfix/20201027.090416 accepted/tizen/5.5/unified/wearable/hotfix/20201027.113058 accepted/tizen/unified/20190830.052632 submit/tizen/20190827.083251 submit/tizen_5.5/20191031.000004 submit/tizen_5.5_mobile_hotfix/20201026.185104 submit/tizen_5.5_wearable_hotfix/20201026.184304 tizen_5.5.m2_release
Tomasz Swierczek [Tue, 27 Aug 2019 08:23:55 +0000 (10:23 +0200)]
Release 0.1.32

* Change serialization in TZ backend to match km-ta changes
* Refactoring central-key-manager.service and central-key-manager-OOO.socket
* Assume http if no protocol is given in proxy url

Change-Id: I6ee197d13561231aed8f584463397b088456e1f1

5 years agoChange serialization in TZ backend to match km-ta changes 24/211824/7
Tomasz Swierczek [Mon, 5 Aug 2019 14:47:47 +0000 (16:47 +0200)]
Change serialization in TZ backend to match km-ta changes

Changed functions:

* CMD_GENERATE_KEY
* CMD_ENCRYPT
* CMD_DECRYPT
* CMD_SIGN
* CMD_VERIFY
* CMD_GENERATE_IV
* CMD_GENERATE_KEY_PWD
* CMD_DESTROY_KEY

Change-Id: I3d4789b895ca66245f1e700a98f177f56e7a3e28

5 years agoRefactoring central-key-manager.service and central-key-manager-OOO.socket 54/210654/3
INSUN PYO [Tue, 23 Jul 2019 11:11:59 +0000 (20:11 +0900)]
Refactoring central-key-manager.service and central-key-manager-OOO.socket

 - "central-key-manager.target" is a typo mistaken for "central-key-manager.service"
 - All four sockets are required for central-key-manager.service. So, "Requires=OOO.socket" must be in central-key-manager.service.
 - "Sockets=" in the central-key-manager.service is replaced by "Requires=OOO.socket".

Change-Id: I547431abead19ae5a0f9ae3680318a476de269dd

5 years agoAssume http if no protocol is given in proxy url 92/211392/2
Krzysztof Jackiewicz [Fri, 2 Aug 2019 09:11:02 +0000 (11:11 +0200)]
Assume http if no protocol is given in proxy url

Change-Id: I080f5afe373e23376b07518485a41d62edd4a130

5 years agoRelease 0.1.31 03/209303/1 accepted/tizen/unified/20190708.052439 submit/tizen/20190705.101352
Dariusz Michaluk [Thu, 4 Jul 2019 14:00:47 +0000 (16:00 +0200)]
Release 0.1.31

* Migrate tz_backend to openssl 1.1
* Make GStore members pure virtual
* Remove unnecessary settings on central-key-manager.target
* Turn backends into Decider members
* Build key-manager with openssl-1.1
* Adapt key-manager to work with OpenSSL 1.1 preserving 1.0 compatibility
* Add minor fixes for listing aliases from db

Change-Id: Ie9814d7505077f37246a76f405238fb5064d6cf4

5 years agoMigrate tz_backend to openssl 1.1 30/208130/3
Konrad Lipinski [Tue, 18 Jun 2019 15:05:40 +0000 (17:05 +0200)]
Migrate tz_backend to openssl 1.1

Change-Id: Ib6b50de235f00c268e423cd5fd05f1b49ae0e902

5 years agoMake GStore members pure virtual
Konrad Lipinski [Wed, 5 Jun 2019 12:55:16 +0000 (14:55 +0200)]
Make GStore members pure virtual

Change-Id: I88347d7c7fcab49e97398d3d4878a4d448123a54

5 years agoRemove unnecessary settings on central-key-manager.target 49/204849/2
INSUN PYO [Mon, 29 Apr 2019 00:11:42 +0000 (09:11 +0900)]
Remove unnecessary settings on central-key-manager.target

Change-Id: I62a5d6f857de9874323a18b8772fcb509f94a443

5 years agoTurn backends into Decider members 28/208128/1
Konrad Lipinski [Wed, 5 Jun 2019 12:41:20 +0000 (14:41 +0200)]
Turn backends into Decider members

Change-Id: If42fff63e2946f299cac23e81d2edb4b663db644

5 years agoBuild key-manager with openssl-1.1 75/194375/7
Dariusz Michaluk [Fri, 23 Feb 2018 12:07:14 +0000 (13:07 +0100)]
Build key-manager with openssl-1.1

Change-Id: I3b928d509d88479b0a2c37f2c05fe9316544b1c4

5 years agoAdapt key-manager to work with OpenSSL 1.1 preserving 1.0 compatibility 97/172597/9
Dariusz Michaluk [Fri, 23 Feb 2018 12:04:02 +0000 (13:04 +0100)]
Adapt key-manager to work with OpenSSL 1.1 preserving 1.0 compatibility

Change-Id: Ia62003a44d3dcb6d8c076706387e88399bf6cfb1

5 years agoAdd minor fixes for listing aliases from db 93/207393/3
Tomasz Swierczek [Tue, 4 Jun 2019 06:55:09 +0000 (08:55 +0200)]
Add minor fixes for listing aliases from db

* update list out pointer to null if there are no aliases to list

This is in accordance to official header documentation; in such case, the code
returns CKMC_ERROR_DB_ALIAS_UNKNOWN but also the list should be properly null'ed.

Change-Id: I2861e67ae80fe0ce73b0e2e180aba393f66e255c

5 years agoRelease 0.1.30 76/206476/1 accepted/tizen/unified/20190602.221856 submit/tizen/20190520.091210 submit/tizen/20190522.051353 submit/tizen/20190529.045654
Tomasz Swierczek [Mon, 20 May 2019 09:08:27 +0000 (11:08 +0200)]
Release 0.1.30

* Forbid HashAlgorithm::NONE for DSA & ECDSA signatures
* Setup verification algorithm if not provided
* Be prepared for no data from TA
* tz-backend: Implement asymmetric operations
* tz-backend: Add serialization wrapper
* decider: Allow multiple policies for more complex logic

Change-Id: Ie09953ce89557b32fe036855f65329b1ed307996

5 years agoForbid HashAlgorithm::NONE for DSA & ECDSA signatures 65/206265/3
Krzysztof Jackiewicz [Wed, 15 May 2019 15:46:58 +0000 (17:46 +0200)]
Forbid HashAlgorithm::NONE for DSA & ECDSA signatures

Openssl uses SHA1 if no hash algorithm is provided for DSA & ECDSA
signatures. TZ does not support that option at all. It's better to
forbid it.

This commit changes the API behavior and may lead to errors in clients
that used HashAlgorithm::NONE with DSA or ECDSA which is highly
unlikely.

Change-Id: I8522e8f157b5ef2d6599bb672ef790ee8ea48644

5 years agoSetup verification algorithm if not provided 73/202873/3
Krzysztof Jackiewicz [Fri, 5 Apr 2019 09:44:10 +0000 (11:44 +0200)]
Setup verification algorithm if not provided

Verification API has no knowledge about the algorithm type. It has to be derived
from the key type.

Change-Id: I2e0d094372e4bf8c28275544204e431c4023e391

5 years agoBe prepared for no data from TA 37/202337/5
Krzysztof Jackiewicz [Thu, 21 Mar 2019 14:21:02 +0000 (15:21 +0100)]
Be prepared for no data from TA

Deserialization may return an empty buffer with no error. Adjust code to handle
that case.

Change-Id: Ife80b4d35914eda700798e0515812b3b638e735e

5 years agotz-backend: Implement asymmetric operations 10/200310/9
Lukasz Kostyra [Wed, 20 Feb 2019 11:27:33 +0000 (12:27 +0100)]
tz-backend: Implement asymmetric operations

Change-Id: Ie98b4e72addb257c2a8de1de57097fe077fff380

5 years agotz-backend: Add serialization wrapper 07/201207/7
Krzysztof Jackiewicz [Fri, 1 Mar 2019 16:11:55 +0000 (17:11 +0100)]
tz-backend: Add serialization wrapper

Change-Id: I304452444887de48d808a6aa11eb42a1de385bf0

5 years agodecider: Allow multiple policies for more complex logic 44/199144/9
Lukasz Kostyra [Tue, 5 Feb 2019 11:13:56 +0000 (12:13 +0100)]
decider: Allow multiple policies for more complex logic

When generating asymmetric keys, ckm-logic selected less restrictive
policy out of two provided and selected key store this way. Now, both
policies are supplied to Decider, which will allow for more complex
backend selection logic.

Change-Id: Id2b845326cae7bbf5d90bb575645c8af36c20d0f

5 years agoRelease 0.1.29 58/206258/2 submit/tizen/20190517.091823
Tomasz Swierczek [Wed, 15 May 2019 12:22:54 +0000 (14:22 +0200)]
Release 0.1.29

* Get rid of misleading SCHEMA_INFO error
* Adjust to boost 1.65
* Fix file name in file header
* Fix svace defects
* Check fs errors before saving the file

Change-Id: Ic90ecdd256a23cec9f9356a7e59c85be982cd8e9

5 years agoGet rid of misleading SCHEMA_INFO error 44/200244/9
Krzysztof Jackiewicz [Wed, 20 Feb 2019 11:40:21 +0000 (12:40 +0100)]
Get rid of misleading SCHEMA_INFO error

During startup the key-manager attempts to read a table SCHEMA_INFO to get the
information about the database version. In older versions of the database that
table is missing. Key-manager properly handles that case but produces 3 lines of
error log which may suggest that something went wrong.

This commit checks the existence of the table before attempting to use it. Whole
operation is enclosed in a transaction.

Change-Id: Ie7f1fbe1182c2add5965f8e5ddada262ffcb42fe

5 years agoMerge "Increase backlog for listening sockets" into tizen
Krzysztof Jackiewicz [Wed, 15 May 2019 12:23:57 +0000 (12:23 +0000)]
Merge "Increase backlog for listening sockets" into tizen

5 years agoAdjust to boost 1.65 30/206230/1
Tomasz Swierczek [Wed, 15 May 2019 08:05:49 +0000 (10:05 +0200)]
Adjust to boost 1.65

Change-Id: I43e986a010030db949053a8e1b3669495fa1a986

5 years agoIncrease backlog for listening sockets 38/206138/1
Dariusz Michaluk [Tue, 14 May 2019 13:53:58 +0000 (15:53 +0200)]
Increase backlog for listening sockets

When systemd's socket activaction is utilized, the default backlog
parameter passed to the listen() function is set to SOMAXCONN,
which is equal to 128. In distributions where systemd is not used
for socket activation, the default UNIX socket
implementation sets the backlog value to 5.
This may lead to rare overflow of an internal connection queue.
This manifests itself as the -EAGAIN error returned by connect().

To mitigate the issue, the backlog parameter has been set
to SOMAXCONN, which is a default value used by systemd.

Change-Id: I906cd4de478b0dac0eaf860550fccd2f9cd6e184

5 years agoFix file name in file header 24/206024/1
Tomasz Swierczek [Mon, 13 May 2019 09:14:00 +0000 (11:14 +0200)]
Fix file name in file header

Change-Id: I3e087729762d16b84327863317643387c304ef88

5 years agoFix svace defects 82/205482/4
Konrad Lipinski [Mon, 6 May 2019 18:24:55 +0000 (20:24 +0200)]
Fix svace defects

va_start / va_end must be called in the same function

Change-Id: I5176fc2686a62eb0a21e6eb9a5f737dbc3880056

5 years agoCheck fs errors before saving the file 61/199461/7
Krzysztof Jackiewicz [Mon, 11 Feb 2019 16:04:46 +0000 (17:04 +0100)]
Check fs errors before saving the file

GetFd(os) on a non-existing file causes segfault.

Change-Id: I8365dfbddace160ae99b1e7d1f6070ee1032f6cd

5 years agoRelease 0.1.28 22/201222/5 accepted/tizen/unified/20190314.220513 submit/tizen/20190313.095740 submit/tizen/20190314.052726
Tomasz Swierczek [Mon, 11 Mar 2019 10:42:02 +0000 (11:42 +0100)]
Release 0.1.28

* Change contact information to Dongsun Lee
* Fix since_tizen tag in ckmc-type.h
* Replace time(NULL) with monotonic clock usage
* Fix memory leak/corruption
* Add API for CKM return code descriptions
* Add test for listing aliases with password protection statuses on old database schema
* CKMC API: Add option to list aliases with information about password protection
* Add option to list aliases with password protection statuses
* replace strcpy with strncpy for fixing SVACE(WGID=411075,411076)

Change-Id: If1b53e3dc88bcadbb32b40b8d89e5bc781d71e32

5 years agoChange contact information to Mr Dongsun Lee 21/201221/4
Tomasz Swierczek [Mon, 11 Mar 2019 10:40:35 +0000 (11:40 +0100)]
Change contact information to Mr Dongsun Lee

bj.im@samsung.com is no longer a valid email address.

Change-Id: I81103542e0d23e80a71d5f1e86cc263f92ab78b0

5 years agoReplace time(NULL) with monotonic clock usage 82/200882/3
Tomasz Swierczek [Tue, 5 Mar 2019 09:34:36 +0000 (10:34 +0100)]
Replace time(NULL) with monotonic clock usage

Calculating timeout for socket connections should
use monotonic clock.

Change-Id: If9c3d573b70d1faa1cf46b9215048a5853abbaaa

5 years agoFix since_tizen tag in ckmc-type.h 38/201038/1
Ernest Borowski [Thu, 7 Mar 2019 10:39:16 +0000 (11:39 +0100)]
Fix since_tizen tag in ckmc-type.h

Change-Id: Ib8fd0260527ed87bf0801e3cb7a24d2ca97f4c90
Signed-off-by: Ernest Borowski <e.borowski@partner.samsung.com>
5 years agoFix memory leak/corruption 97/198997/3
Dariusz Michaluk [Thu, 31 Jan 2019 13:41:09 +0000 (14:41 +0100)]
Fix memory leak/corruption

Change-Id: I8f9bed07752fde26f629cca6931231dab5fd8980

5 years agoAdd API for CKM return code descriptions 29/200229/4
Tomasz Swierczek [Wed, 20 Feb 2019 09:08:14 +0000 (10:08 +0100)]
Add API for CKM return code descriptions

In rare case when DB tool was used for db inspection,
and db could not be opened, the commandline interface
returned raw error code, without any explanation.

Change-Id: If7a29842ae5a7fc2e99a2d991545539704647f3c

5 years agoAdd test for listing aliases with password protection 92/185892/18
Ernest Borowski [Thu, 2 Aug 2018 10:19:31 +0000 (12:19 +0200)]
Add test for listing aliases with password protection
statuses on old database schema

Change-Id: I2e9e409a385744a0ed694023872cbd4b37cce523

5 years agoCKMC API: Add option to list aliases with information about password protection 17/171217/21
Ernest Borowski [Tue, 27 Feb 2018 14:38:34 +0000 (15:38 +0100)]
CKMC API: Add option to list aliases with information about password protection

Change-Id: I02ff75a9f6c60bdcd4b3450a135a4047bbbc05f0
Signed-off-by: Ernest Borowski <e.borowski@partner.samsung.com>
5 years agoAdd option to list aliases with password protection statuses 91/170391/24
Ernest Borowski [Mon, 19 Feb 2018 18:52:07 +0000 (19:52 +0100)]
Add option to list aliases with password protection statuses

Change-Id: I045174602edd51dc7efcc8d79eb1beed76215b10
Signed-off-by: Ernest Borowski <e.borowski@partner.samsung.com>
5 years agoreplace strcpy with strncpy for fixing SVACE(WGID=411075,411076) 48/200348/1 accepted/tizen/unified/20190222.134051 submit/tizen/20190222.041951
Dongsun Lee [Fri, 22 Feb 2019 04:15:36 +0000 (13:15 +0900)]
replace strcpy with strncpy for fixing SVACE(WGID=411075,411076)

Change-Id: I26207f412d5aeee68f6c90131d6c62978233c5f5
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
5 years agoRelease 0.1.27 71/200171/1 accepted/tizen/unified/20190220.071637 submit/tizen/20190219.163203
Tomasz Swierczek [Tue, 19 Feb 2019 16:20:50 +0000 (17:20 +0100)]
Release 0.1.27

* Encode blobs with Base64 in ckm tools
* Refactor PKEK2 related functions
* Add a common function for zeroing sensitive data
* Free the context in case of openssl failure
* Add helpers for domain KEK encryption/decryption
* Add helper randomization function in key-provider.cpp
* Make encrypt/decrypt local functions of key-provider.cpp
* Use common function for PKEK1&2 generation
* Make username shorter in KeyProvider tests
* Remove outdated tz_backend test
* Validate encrypted DKEK
* Fix SVACE and C++ issues
* Add gbs option to enable the TZ backend support
* Update log formatter in tests
* Fix internal migration tests
* Fix internal scheme tests
* Remove secret key for software backend
* Some TZ backend fixes.
* Remove unnecessary BSD license
* Add allowed values for -b option of initial values tool
* Add RO location for initial values
* Overwrite existing initial values
* Initial values tool
* Support for encrypted initial-values
* Reduce number of import methods in tz-backend
* Unification of import methods in gstore
* Add parser support of new schema version
* Add backend attribute in xml schema
* Introduce Key class in tz backend
* Add support for TrustZone backend data storage
* Simplify key related functions in tz-backend
* Fix buildbreak caused by improper rebase
* Add log for invalid system service owner id
* Unify alias naming
* Fix TYPO in key-manager_doc.h
* Make spec compliant with gbs --incremental
* Add protection against memory leaking during deserialization
* Add Apache 2.0 license headers

Change-Id: I05a9b6bdf376f6bdc58542fb023528ac122f619f

5 years agoEncode blobs with Base64 in ckm tools 17/199917/4
Krzysztof Jackiewicz [Fri, 15 Feb 2019 12:40:39 +0000 (13:40 +0100)]
Encode blobs with Base64 in ckm tools

If an unprintable data is returned as a result of sqlite query
execution it will be encoded in base64 and prefixed with "b64:". This
is to make binary data readable in ckm_db_tool/merge.

Also extend the maximum size of printed row to 64 characters.

Change-Id: I4471090977b19ded9b1bea76f26ff1b98d5ba826

5 years agoRefactor PKEK2 related functions 39/200139/1
Krzysztof Jackiewicz [Tue, 19 Feb 2019 11:39:17 +0000 (12:39 +0100)]
Refactor PKEK2 related functions

PKEK2 is used to derive both DB DEK and APP DEK. Currently, variable names and
comments are a bit misleading.

This commit refactors the variable names and comments to better describe the
actual purpose of this key.

Change-Id: If8ee266ec2da63c929f498f1ed009df5d79c134f

5 years agoAdd a common function for zeroing sensitive data 14/199814/3
Krzysztof Jackiewicz [Thu, 14 Feb 2019 14:30:48 +0000 (15:30 +0100)]
Add a common function for zeroing sensitive data

Encryption keys and passwords are sensitive data and as such should be cleared
when no longer used to prevent memory attacks.

According to the "as-if" rule, the compiler is allowed to perform any changes to
the program as long as the observable behavior of the program is not
changed. Since the contents of unused memory are not considered an observable
behavior the compiler is allowed to optimize out the call to memset(). The
following solutions were considered:
- Reading the memory after overwriting it with memset(). Since reading the
memory has no observable effects it's perfectly legal for the compiler to
remove both operations.
- Using volatile asembly code to prevent optimization. It may prevent some
compilers from optimizing but there's no guarantee.
- Using volatile funtion pointer to memset. Apparently, it can be optimized as
well during LTO.
- Using memcpy_s(). The function is not widely available yet. It may be missing
so we still need a fallback solution.
- Locally disabling optimization with #pragma GCC optimize("O0"). It's GCC
specific and it's not clear whether GCC will try to optimize it with
"O0". Empirical test showed that memset() call is not removed.

This commit applies the last solution adding a new unoptimized wrapper for
memset().

Note that this commit will not prevent the processor from creating another copy
of the sensitive data in registers, on the stack, in swap or in cache memory. It
will only limit the number of places in memory where the secret data can be
found.

Change-Id: I80fe8ce8ce3d808b423858254d6fd23f491d2674

5 years agoFree the context in case of openssl failure 96/198796/3
Krzysztof Jackiewicz [Tue, 29 Jan 2019 15:46:01 +0000 (16:46 +0100)]
Free the context in case of openssl failure

Change-Id: Ia2e387f70a50b090641f6bf6fb509d7d54dfdd8f

5 years agoAdd helpers for domain KEK encryption/decryption 95/198795/5
Krzysztof Jackiewicz [Tue, 29 Jan 2019 14:58:55 +0000 (15:58 +0100)]
Add helpers for domain KEK encryption/decryption

Change-Id: I048649f8a9a3450f6cefcbd9d2d75c8445f46277

5 years agoAdd helper randomization function in key-provider.cpp 94/198794/5
Krzysztof Jackiewicz [Tue, 29 Jan 2019 14:56:52 +0000 (15:56 +0100)]
Add helper randomization function in key-provider.cpp

Change-Id: I657ac68ce8e9253ca63187132eef3fb769d8426a

5 years agoMake encrypt/decrypt local functions of key-provider.cpp 93/198793/5
Krzysztof Jackiewicz [Tue, 29 Jan 2019 14:43:32 +0000 (15:43 +0100)]
Make encrypt/decrypt local functions of key-provider.cpp

Change-Id: I0dfceda850c69b09a92d26254642357838ea7cb5

5 years agoUse common function for PKEK1&2 generation 92/198792/5
Krzysztof Jackiewicz [Tue, 29 Jan 2019 10:34:18 +0000 (11:34 +0100)]
Use common function for PKEK1&2 generation

Change-Id: Ic9c6286b3672836c2bde976adb1b79ba34793918

5 years agoMake username shorter in KeyProvider tests 99/197099/6
Krzysztof Jackiewicz [Wed, 9 Jan 2019 11:48:39 +0000 (12:48 +0100)]
Make username shorter in KeyProvider tests

USERNAME_LONG used in KeyProvider tests is 43 characters long while the
structure used for storing it has only 32 characters. After adding a size check
in WrappedKeyAndInfoContainer::setKeyInfoClient the tests started to fail.

This commit makes the passed string fit 32 characters and adds new test.

Change-Id: Ida8a574f805c9518d00ee810dbd3c2daed9ace55

5 years agoRemove outdated tz_backend test 74/192674/7
Krzysztof Jackiewicz [Wed, 7 Nov 2018 15:04:06 +0000 (16:04 +0100)]
Remove outdated tz_backend test

TZ backend is now supported. The test is no longer valid and has been removed.

Change-Id: Ia36f684442a91edde924786944ebf4f926119344

5 years agoValidate encrypted DKEK 44/192144/6
Krzysztof Jackiewicz [Tue, 30 Oct 2018 13:26:12 +0000 (14:26 +0100)]
Validate encrypted DKEK

- Make sure that the length of the encrypted DKEK received in
  WrapperKeyAndInfoContainer() does not exceed the size of the key
  buffer.
- Check client id NULL termination.
- Get rid of unnecessary dynamic allocations.
- Update tests.

Change-Id: I9f5b494a8ea3d0d8f438a50bb49b55d57d1a3e67

5 years agoFix SVACE and C++ issues 27/193827/2
Krzysztof Jackiewicz [Mon, 26 Nov 2018 16:16:51 +0000 (17:16 +0100)]
Fix SVACE and C++ issues

Change-Id: Idfed338ad6f632556585e5749817bb882cbe0251

5 years agoAdd gbs option to enable the TZ backend support
Pawel Kowalski [Wed, 28 Nov 2018 10:39:49 +0000 (11:39 +0100)]
Add gbs option to enable the TZ backend support

To enable the TZ backend support add following option to the gbs build:
--define "tz_backend ON". If the option is not set or is set to value
different than ON, the TZ backend support is disabled (it is disabled by
default).

Change-Id: If6ebd2625ea7b559df52c8fc6da659a99e53a9f9

5 years agoUpdate log formatter in tests 73/192673/2
Krzysztof Jackiewicz [Wed, 7 Nov 2018 13:14:31 +0000 (14:14 +0100)]
Update log formatter in tests

Apparently the boost unit_test_log_formatter interface has changed. The
colour_log_formatter has been updated to match the new version. Thanks to that
it is now possible to properly observe uncaught exceptions in unit tests.

As a result the assert wrapper is no longer necessary and it has been removed.

Change-Id: Ifbf0b8b2f1234e1d77fa695b145c50d65e87624a

6 years agoFix internal migration tests 87/189887/5
Krzysztof Jackiewicz [Fri, 21 Sep 2018 09:48:11 +0000 (11:48 +0200)]
Fix internal migration tests

Migration tests use existing databases so test alias names must not be changed

Change-Id: I4277125a9031d822d1666e51a8ee54466901e2a0

6 years agoFix internal scheme tests 03/191503/2
Krzysztof Jackiewicz [Wed, 17 Oct 2018 15:02:10 +0000 (17:02 +0200)]
Fix internal scheme tests

1. Regular std::exception is not reported as error by boost test.
   Std::runtime_error is used because a part of the test code is also used in
   a tool for database generation.

   This commit replaces calls to boost test macros with calls to a wrapper macro
   which is expanded to std::runtime_error or boost test assert depending on a
   compilation flag.

2. Test binaries are modifying process labels which requires onlycap.

   This commit modifies exec label and adds onlycap fixture to disable onlycap
   for scheme tests.

Change-Id: Ibbe44c2bca6e12b5ade360b267c281ef18294258

6 years agoRemove "secret" key for software backend 07/191007/4
Bartlomiej Grzelewski [Wed, 10 Oct 2018 10:00:58 +0000 (12:00 +0200)]
Remove "secret" key for software backend

This key was used by example software implementation of encrypted initial-values
feature which has been replaced by hardware backed implementation.

Change-Id: Id8358a70459fb6ddd8ebb43fc8e987dc4d586f63

6 years agoSome TZ backend fixes. 69/177269/7
r.tyminski [Thu, 26 Apr 2018 13:23:53 +0000 (15:23 +0200)]
Some TZ backend fixes.

- pass TEEC_Context by reference, not by value.
- print return origin from TEEC_InvokeCommand

Change-Id: Ib26415d0dfb454540c0f0b85d2dc50466f63ae14

6 years agoRemove unnecessary BSD license 05/190905/2
Krzysztof Jackiewicz [Mon, 8 Oct 2018 12:22:28 +0000 (14:22 +0200)]
Remove unnecessary BSD license

Base64 code licensed under BSD 2-clause has been removed. This license is no
longer necessary.

Change-Id: I91a3df5d282b81df19699afee9028c0dc27783d1

6 years agoAdd allowed values for -b option of initial values tool 76/190876/2
Krzysztof Jackiewicz [Mon, 8 Oct 2018 07:24:08 +0000 (09:24 +0200)]
Add allowed values for -b option of initial values tool

Change-Id: Ib52a86548462ef1c7e59ca446b0733e5291017f8

6 years agoAdd RO location for initial values 26/190826/3
Krzysztof Jackiewicz [Fri, 5 Oct 2018 15:24:01 +0000 (17:24 +0200)]
Add RO location for initial values

RO location will be processed before RW if a flag file is present. After import
the flag will be removed but xml files will be left untouched.

Change-Id: Id11c982ee4a055871e4af6841c23a11cbf139239

6 years agoOverwrite existing initial values 24/190824/3
Krzysztof Jackiewicz [Fri, 5 Oct 2018 14:17:44 +0000 (16:17 +0200)]
Overwrite existing initial values

Delete any existing values of given name before saving new one.

Change-Id: I4cf23efad7cff6ef453f1ed7e4bfcda76d2fdc69

6 years agoInitial values tool 94/190494/16
Krzysztof Jackiewicz [Tue, 2 Oct 2018 12:27:27 +0000 (14:27 +0200)]
Initial values tool

Add a tool able to create and/or update an initial values xml. It is also
possible to add encrypted ininial values.

Add rpm package for potential use in gbs buildroot during image creation.

Limitations:
- Hardcoded IV & tag length
- Hardcoded Data format

Testing:
dd if=/dev/random of=/tmp/key bs=32 count=1
dd if=/dev/random of=/tmp/data bs=32 count=1
ckm_initial_values -k /tmp/key -d /tmp/data -n name -t Key -s AES -p pass -e
-b hardware -a acc1,acc2,acc3

Change-Id: Id29d0eb58d9dba3e78b3437534cb566046a39877

6 years agoSupport for encrypted initial-values 70/190270/3
Bartlomiej Grzelewski [Fri, 28 Sep 2018 11:46:21 +0000 (13:46 +0200)]
Support for encrypted initial-values

Add tag attribute in xml schema

Change-Id: Idc058e756ab6053103e1477292cacbacf57a9879

6 years agoReduce number of import methods in tz-backend 87/189987/8
Bartlomiej Grzelewski [Tue, 25 Sep 2018 11:39:22 +0000 (13:39 +0200)]
Reduce number of import methods in tz-backend

Change-Id: I44fe9737dd34d8b61d2ab099c3f611903a5cc9a1

6 years agoUnification of import methods in gstore 05/189905/7
Bartlomiej Grzelewski [Fri, 21 Sep 2018 10:41:37 +0000 (12:41 +0200)]
Unification of import methods in gstore

Change-Id: I31dca502533360b759d6aea20e75a9e823eccc34

6 years agoAdd parser support of new schema version 60/189560/11
Bartlomiej Grzelewski [Tue, 18 Sep 2018 13:49:00 +0000 (15:49 +0200)]
Add parser support of new schema version

Version 1 of xml with initial values is not supported from now.
From now software backend will not support encrypted data.
Allow parser to accept xml version 2.
Initial values files will contain information about
type of backend that should be used to store data.

Change-Id: Ib3a73b14148a2476ab288ca364fffe9289400ebd

6 years agoAdd backend attribute in xml schema 32/189432/6
Bartlomiej Grzelewski [Mon, 17 Sep 2018 15:09:47 +0000 (17:09 +0200)]
Add backend attribute in xml schema

Initial values may be saved in two locations: software backend and
hardware backend. Until now there were no way to choose backend of
to store initial values.

Change-Id: Iaee057e8c78f6d3066e119adcf4e6fe174846990

6 years agoIntroduce Key class in tz backend 39/190039/1
Krzysztof Jackiewicz [Wed, 26 Sep 2018 15:14:20 +0000 (17:14 +0200)]
Introduce Key class in tz backend

Add an intermediate Key class that removes the need to keep
credentials from binary data object (BData).

Change-Id: I638de81aedf47bc51421a7c362459ced801fd650

6 years agoAdd support for TrustZone backend data storage 56/189656/12
Tomasz Swierczek [Wed, 26 Sep 2018 09:18:43 +0000 (11:18 +0200)]
Add support for TrustZone backend data storage

Change-Id: Idfd0909d03e40b7e5cd5aeb1116b844be1901cf1

6 years agoSimplify key related functions in tz-backend 82/189782/3
Krzysztof Jackiewicz [Thu, 20 Sep 2018 11:26:06 +0000 (13:26 +0200)]
Simplify key related functions in tz-backend

- Use proper parameter for tag length
- Move default param values to TrustZoneContext where possible
- Remove unnecessary arguments

Change-Id: I00f8909ede4f80b77a937b52a5bce5698d4516a5

6 years agoFix buildbreak caused by improper rebase 22/187822/1
Krzysztof Jackiewicz [Tue, 28 Aug 2018 15:16:36 +0000 (17:16 +0200)]
Fix buildbreak caused by improper rebase

Refactoring commit has been improperly rebased which led to buildbreak.

Change-Id: I2d04143cf1eb929c8f8226826336b2e825996149

6 years agoAdd log for invalid system service owner id 19/184919/5
Krzysztof Jackiewicz [Tue, 24 Jul 2018 08:44:23 +0000 (10:44 +0200)]
Add log for invalid system service owner id

System services (uid < 5000) should always use "/System" owner id.
Eiter by explicitly adding it to the alias or by running with "System"
label. Add log to make the reason of the failure more apparent.

Change-Id: I1be9861eadcae6eadd6d682b4cc66972c93d1728

6 years agoUnify alias naming 21/184821/6
Krzysztof Jackiewicz [Thu, 19 Jul 2018 14:31:27 +0000 (16:31 +0200)]
Unify alias naming

Get rid of all references to smack labels except database scheme.
alias = owner_id + name
Simplify db permissions processing

Change-Id: I36c3dbb3ee605fb00e5e4e6bcbada6400a0cbcab

6 years agoFix TYPO in key-manager_doc.h 15/187715/1
Dongsun Lee [Tue, 28 Aug 2018 04:51:14 +0000 (13:51 +0900)]
Fix TYPO in key-manager_doc.h

Change-Id: I11dbc3468e8277f0cef978f722ecbe275e1048f6
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
6 years agoMake spec compliant with gbs --incremental 01/185801/2
Konrad Lipinski [Thu, 2 Aug 2018 10:44:44 +0000 (12:44 +0200)]
Make spec compliant with gbs --incremental

According to [1], %prep section of the spec file should contain a single
%setup macro, nothing else. According to [2], manifest %files are best
copied to %{buildroot}%{_datadir} in the %install section.

Moved manifest copy operations from %prep to %install accordingly.

References
[1] https://source.tizen.org/documentation/reference/git-build-system/usage/gbs-build
[2] https://wiki.tizen.org/Security/Application_installation_and_Manifest

Change-Id: Iacf755558636f939a540482f849e810780c19a51

6 years agoAdd protection against memory leaking during deserialization 05/184505/5
Tomasz Swierczek [Tue, 17 Jul 2018 12:14:18 +0000 (14:14 +0200)]
Add protection against memory leaking during deserialization

Change-Id: I1fbcd7daf1674dd1ad6b9eaffdba76263bda370b

6 years agoAdd Apache 2.0 license headers 84/186884/1
Pawel Kowalski [Thu, 16 Aug 2018 08:19:14 +0000 (10:19 +0200)]
Add Apache 2.0 license headers

Change-Id: Ia61efbc57ce93ed3714dafe9edada7cb244c54d3

6 years agoAdd RequiresMountsFor=/opt to central-key-manager.service. 27/186327/1 accepted/tizen_5.0_unified accepted/tizen/5.0/unified/20181102.021410 accepted/tizen/unified/20180810.132542 submit/tizen/20180810.004851 submit/tizen_5.0/20181101.000004
INSUN PYO [Thu, 9 Aug 2018 03:53:46 +0000 (12:53 +0900)]
Add RequiresMountsFor=/opt to central-key-manager.service.

In order to apply User/Group to .service, we need /opt/etc/{passwd,group}.

Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I0ff03a7bc65565605ac43754349979b351c16796

6 years agoTest version of ckm_db_merge 21/142121/10
Bartlomiej Grzelewski [Wed, 2 Aug 2017 12:21:44 +0000 (14:21 +0200)]
Test version of ckm_db_merge

ckm_db_merge allows to read database and copy it's contents
to other one. ckm_db_merge supports db since versions 0.1.14.

Please note: both databases will be automatically migrated to
the newest schema.

Change-Id: I5cec9dfdc2ab75a2ccd5156b0bb05cb46d134480

6 years agoMake key-manager build with boost 1.65 62/183562/1 accepted/tizen/unified/20180719.063028 submit/tizen/20180709.095722 submit/tizen/20180718.062500
Krzysztof Jackiewicz [Fri, 6 Jul 2018 13:13:50 +0000 (15:13 +0200)]
Make key-manager build with boost 1.65

Add dummy implementation of newly added abstract methods.

Change-Id: If491af391431a769a2e84360425852a53be25f16

6 years agoFix coverity defect 75/178075/1 accepted/tizen/unified/20180508.134803 submit/tizen/20180508.050430
Dongsun Lee [Tue, 8 May 2018 04:56:48 +0000 (13:56 +0900)]
Fix coverity defect

- 120541 : improper use of nagative value

Change-Id: Ic93d890a08def810a8f09ed6bbb8171e440438df
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
6 years agoDisable default build with tz-backend 44/176344/2 accepted/tizen/unified/20180502.111600 submit/tizen/20180419.050559 submit/tizen/20180430.063346 submit/tizen/20180502.043224
Tomasz Swierczek [Wed, 18 Apr 2018 11:25:37 +0000 (13:25 +0200)]
Disable default build with tz-backend

Migration to VD causes build breaks because of missing optee dependency.
Relation between key-manager and key-manager-ta needs to be re-worked.
For now it will be disabled.

Change-Id: I5312db283e3514d7c54dfa7caffd6738b5568e2f

6 years agoFix coverity defects 84/173584/2 submit/tizen/20180403.094824 submit/tizen/20180413.092019 submit/tizen/20180416.041718 submit/tizen/20180418.034402
Dongsun Lee [Thu, 22 Mar 2018 07:50:00 +0000 (16:50 +0900)]
Fix coverity defects

- 105284: Buffer not null terminated
- 108955: Big parameter passed by value
- 109815: Uncaught exception

Change-Id: I303a652d6ae0540f7d6daa833a30ef0fb691ffb8
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
6 years agoProperly detect the presence of TA
Krzysztof Jackiewicz [Fri, 2 Mar 2018 14:35:04 +0000 (15:35 +0100)]
Properly detect the presence of TA

Tef-simulator and optee use different TA file name formats. Key-manager was
detecting the presence of TA by checking the existence of TA file with
hardcoded format. It worked with tef-simulator but it failed to detect the TA
presence in case of optee.

This commit replaces the TA file presence checking with an attempt to open a
session using libteec. If an attempt succeeds the decider selects TZ backend.
Otherwise, it falls back to SW backend.

Change-Id: I840d6b58a1ffa39885a4b8ded0ff70f4147c3de0

6 years agoRemove unnecessary dependencies 46/171846/1
Dariusz Michaluk [Wed, 7 Mar 2018 16:56:41 +0000 (17:56 +0100)]
Remove unnecessary dependencies

Do not expose unnecessary libraries to the program
that is linking with key-manager library.
If the program will not be using the symbols of the required library,
it should not be linking directly to that library.

Change-Id: I07264f35d023881be8b104307941565047813688

6 years agoRemove redundant libcrypto dependency 45/171845/1
Dariusz Michaluk [Wed, 7 Mar 2018 16:49:11 +0000 (17:49 +0100)]
Remove redundant libcrypto dependency

openssl pkg-config requires libcrypto and libssl

Change-Id: I222e458a26e0dc15d82654d35fdccc126411000f

6 years agoUpdated documentation headers - typos fix 16/171816/1 submit/tizen/20180308.062734
Tomasz Swierczek [Wed, 7 Mar 2018 10:50:22 +0000 (11:50 +0100)]
Updated documentation headers - typos fix

Change-Id: I8ad994a7164f6d85573030e0aeb340c1f0e50d14

6 years agoUpdated documentation to match supported features when key-manager-ta is present. 49/166649/8
Tomasz Swierczek [Thu, 11 Jan 2018 09:38:00 +0000 (10:38 +0100)]
Updated documentation to match supported features when key-manager-ta is present.

GP API specification has subtle impact on features supported by key-manager:
* passing data chunks bigger than TEEC_CONFIG_SHAREDMEM_MAX_SIZE is not supported by TEE
  Subtracting few kB for passing keys, options/cipher, at least 500 kB is left for user-data
* GCM modes with tag lengths 32 and 64 bits are treated as insecure and are also not supported

Change-Id: I9634531dbbfea153a2f4f45bc790521eff014e83

6 years agoAdd openssl error handling in key-manager 03/152203/27
Pawel Kowalski [Mon, 25 Sep 2017 08:36:02 +0000 (10:36 +0200)]
Add openssl error handling in key-manager

There was no distinction between different types of errors returned
by OpenSSL functions. Because of that the information returned to
a developer could be not complete and misleading.

In order to solve this problem, translator of OpenSSL errors to CKM
errors was written. Now, macro OPENSSL_ERROR_HANDLE may be used to
handle OpenSSL errors and provide full error information into log
system.

Change-Id: I63b54f76faaa5b36385bed167db03d97f034402f

6 years agoFix out of bound access 44/167444/1
Bartlomiej Grzelewski [Wed, 17 Jan 2018 15:21:28 +0000 (16:21 +0100)]
Fix out of bound access

Change-Id: I830cdc82351b18a670c4950a720f18433532a966

6 years agoAdd backend field in policy 17/162217/1 accepted/tizen/unified/20171205.155557 submit/tizen/20171204.124944 submit/tizen/20180312.095815
Bartlomiej Grzelewski [Wed, 29 Nov 2017 15:32:28 +0000 (16:32 +0100)]
Add backend field in policy

New field will allow user to force usage of software/hardwere backend
during runtime.

Change-Id: I6f3c575fa979807f456a32a70b278942cdb28b04

6 years agotz-backend: Implement symmetric encryption through TA 17/118617/8
Lukasz Kostyra [Tue, 25 Jul 2017 12:59:49 +0000 (14:59 +0200)]
tz-backend: Implement symmetric encryption through TA

Change-Id: Id1b563f099e1671fb5fbcca9ca08757b34b1dfd8

6 years agoChange GID of key-manager 08/157808/3
Lukasz Kostyra [Thu, 26 Oct 2017 09:05:21 +0000 (11:05 +0200)]
Change GID of key-manager

Key-manager main group ID was changed to security_fw
to workaround the issue with TrustZone backend - client
application created shared memory segments inaccessible
by TEF Simulator Daemon.

Change-Id: I8da3dacfb5001cc4b230219820acc53b287f6cfb

6 years agoMerge branches 'tizen' and 'tizen_4.0' 67/161267/1 tizen_4.0_tv accepted/tizen/4.0/unified/20171207.070809 submit/tizen_4.0/20171206.144625 tizen_4.0.IoT.p2_release
Krzysztof Jackiewicz [Wed, 22 Nov 2017 10:37:53 +0000 (11:37 +0100)]
Merge branches 'tizen' and 'tizen_4.0'

Change-Id: I0e30db44df252ac6a5629542dfd9cea022a04971

6 years agoFix SVACE defects 80/159680/3
Krzysztof Jackiewicz [Fri, 10 Nov 2017 12:53:17 +0000 (13:53 +0100)]
Fix SVACE defects

- Initialize required members in default Row ctor
- Remove unused Row objects
- Refactor string memcpy'ing so that SVACE stops complaining
- Fix memory leak in DescriptorSet

Change-Id: I8a22a3c5388b0c17b6f44ebaf89d32e9065526dd

6 years agoAdd host parameter in HTTP header 57/159557/4
Bartlomiej Grzelewski [Thu, 9 Nov 2017 13:21:13 +0000 (14:21 +0100)]
Add host parameter in HTTP header

Change-Id: Iacd8d8e244df289af8c4ab0fe87a26fcb91b5644