Konrad Lipinski [Tue, 24 Sep 2019 14:36:36 +0000 (16:36 +0200)]
Refactor RawBuffer hex dumps
Change-Id: I2d52c63c908e3a69c8de5f20e275fecda0165a66
Konrad Lipinski [Tue, 24 Sep 2019 13:11:32 +0000 (15:11 +0200)]
ckmc_alias_new: replace str* calls with memcpy
Change-Id: I7b8d340f7ce2ce1f5867065cf65650733ef1c44a
Konrad Lipinski [Tue, 24 Sep 2019 12:40:58 +0000 (14:40 +0200)]
[ocsp] Fix static string length calculation
Change-Id: I13d6c6f825a9340bfd54462d7d6c9cbd46008dd2
Alicja Kluczek [Tue, 3 Sep 2019 10:10:13 +0000 (12:10 +0200)]
Improve ckm deserialization errors detection
Add a check to TZSerializableBinary::Deserialize making sure
that deserialized buffer has adequate size.
* In case of fixed-size data, buffer size should be equal to the
size given in constructor.
* In case of variable-size data, buffer size should be less or equal
to the size given in constructor.
Change-Id: Ie0f80169adb8b758cb7aa2370551bd30410dc8b0
Krzysztof Jackiewicz [Tue, 3 Sep 2019 09:33:13 +0000 (11:33 +0200)]
Treat pwd data deserialization as an error
The KM_PwdData structure keeps an authentication data needed to access
an item on the TA side. As such it should only be transferred from
key-manager to the TA.
Expecting such structure in an output buffer of the TA command
execution is a programmer error. It is now dealt with accordingly.
Change-Id: I209957a05700052eefc694d82b881c8aae96abb5
Tomasz Swierczek [Tue, 27 Aug 2019 08:23:55 +0000 (10:23 +0200)]
Release 0.1.32
* Change serialization in TZ backend to match km-ta changes
* Refactoring central-key-manager.service and central-key-manager-OOO.socket
* Assume http if no protocol is given in proxy url
Change-Id: I6ee197d13561231aed8f584463397b088456e1f1
Tomasz Swierczek [Mon, 5 Aug 2019 14:47:47 +0000 (16:47 +0200)]
Change serialization in TZ backend to match km-ta changes
Changed functions:
* CMD_GENERATE_KEY
* CMD_ENCRYPT
* CMD_DECRYPT
* CMD_SIGN
* CMD_VERIFY
* CMD_GENERATE_IV
* CMD_GENERATE_KEY_PWD
* CMD_DESTROY_KEY
Change-Id: I3d4789b895ca66245f1e700a98f177f56e7a3e28
INSUN PYO [Tue, 23 Jul 2019 11:11:59 +0000 (20:11 +0900)]
Refactoring central-key-manager.service and central-key-manager-OOO.socket
- "central-key-manager.target" is a typo mistaken for "central-key-manager.service"
- All four sockets are required for central-key-manager.service. So, "Requires=OOO.socket" must be in central-key-manager.service.
- "Sockets=" in the central-key-manager.service is replaced by "Requires=OOO.socket".
Change-Id: I547431abead19ae5a0f9ae3680318a476de269dd
Krzysztof Jackiewicz [Fri, 2 Aug 2019 09:11:02 +0000 (11:11 +0200)]
Assume http if no protocol is given in proxy url
Change-Id: I080f5afe373e23376b07518485a41d62edd4a130
Dariusz Michaluk [Thu, 4 Jul 2019 14:00:47 +0000 (16:00 +0200)]
Release 0.1.31
* Migrate tz_backend to openssl 1.1
* Make GStore members pure virtual
* Remove unnecessary settings on central-key-manager.target
* Turn backends into Decider members
* Build key-manager with openssl-1.1
* Adapt key-manager to work with OpenSSL 1.1 preserving 1.0 compatibility
* Add minor fixes for listing aliases from db
Change-Id: Ie9814d7505077f37246a76f405238fb5064d6cf4
Konrad Lipinski [Tue, 18 Jun 2019 15:05:40 +0000 (17:05 +0200)]
Migrate tz_backend to openssl 1.1
Change-Id: Ib6b50de235f00c268e423cd5fd05f1b49ae0e902
Konrad Lipinski [Wed, 5 Jun 2019 12:55:16 +0000 (14:55 +0200)]
Make GStore members pure virtual
Change-Id: I88347d7c7fcab49e97398d3d4878a4d448123a54
INSUN PYO [Mon, 29 Apr 2019 00:11:42 +0000 (09:11 +0900)]
Remove unnecessary settings on central-key-manager.target
Change-Id: I62a5d6f857de9874323a18b8772fcb509f94a443
Konrad Lipinski [Wed, 5 Jun 2019 12:41:20 +0000 (14:41 +0200)]
Turn backends into Decider members
Change-Id: If42fff63e2946f299cac23e81d2edb4b663db644
Dariusz Michaluk [Fri, 23 Feb 2018 12:07:14 +0000 (13:07 +0100)]
Build key-manager with openssl-1.1
Change-Id: I3b928d509d88479b0a2c37f2c05fe9316544b1c4
Dariusz Michaluk [Fri, 23 Feb 2018 12:04:02 +0000 (13:04 +0100)]
Adapt key-manager to work with OpenSSL 1.1 preserving 1.0 compatibility
Change-Id: Ia62003a44d3dcb6d8c076706387e88399bf6cfb1
Tomasz Swierczek [Tue, 4 Jun 2019 06:55:09 +0000 (08:55 +0200)]
Add minor fixes for listing aliases from db
* update list out pointer to null if there are no aliases to list
This is in accordance to official header documentation; in such case, the code
returns CKMC_ERROR_DB_ALIAS_UNKNOWN but also the list should be properly null'ed.
Change-Id: I2861e67ae80fe0ce73b0e2e180aba393f66e255c
Tomasz Swierczek [Mon, 20 May 2019 09:08:27 +0000 (11:08 +0200)]
Release 0.1.30
* Forbid HashAlgorithm::NONE for DSA & ECDSA signatures
* Setup verification algorithm if not provided
* Be prepared for no data from TA
* tz-backend: Implement asymmetric operations
* tz-backend: Add serialization wrapper
* decider: Allow multiple policies for more complex logic
Change-Id: Ie09953ce89557b32fe036855f65329b1ed307996
Krzysztof Jackiewicz [Wed, 15 May 2019 15:46:58 +0000 (17:46 +0200)]
Forbid HashAlgorithm::NONE for DSA & ECDSA signatures
Openssl uses SHA1 if no hash algorithm is provided for DSA & ECDSA
signatures. TZ does not support that option at all. It's better to
forbid it.
This commit changes the API behavior and may lead to errors in clients
that used HashAlgorithm::NONE with DSA or ECDSA which is highly
unlikely.
Change-Id: I8522e8f157b5ef2d6599bb672ef790ee8ea48644
Krzysztof Jackiewicz [Fri, 5 Apr 2019 09:44:10 +0000 (11:44 +0200)]
Setup verification algorithm if not provided
Verification API has no knowledge about the algorithm type. It has to be derived
from the key type.
Change-Id: I2e0d094372e4bf8c28275544204e431c4023e391
Krzysztof Jackiewicz [Thu, 21 Mar 2019 14:21:02 +0000 (15:21 +0100)]
Be prepared for no data from TA
Deserialization may return an empty buffer with no error. Adjust code to handle
that case.
Change-Id: Ife80b4d35914eda700798e0515812b3b638e735e
Lukasz Kostyra [Wed, 20 Feb 2019 11:27:33 +0000 (12:27 +0100)]
tz-backend: Implement asymmetric operations
Change-Id: Ie98b4e72addb257c2a8de1de57097fe077fff380
Krzysztof Jackiewicz [Fri, 1 Mar 2019 16:11:55 +0000 (17:11 +0100)]
tz-backend: Add serialization wrapper
Change-Id: I304452444887de48d808a6aa11eb42a1de385bf0
Lukasz Kostyra [Tue, 5 Feb 2019 11:13:56 +0000 (12:13 +0100)]
decider: Allow multiple policies for more complex logic
When generating asymmetric keys, ckm-logic selected less restrictive
policy out of two provided and selected key store this way. Now, both
policies are supplied to Decider, which will allow for more complex
backend selection logic.
Change-Id: Id2b845326cae7bbf5d90bb575645c8af36c20d0f
Tomasz Swierczek [Wed, 15 May 2019 12:22:54 +0000 (14:22 +0200)]
Release 0.1.29
* Get rid of misleading SCHEMA_INFO error
* Adjust to boost 1.65
* Fix file name in file header
* Fix svace defects
* Check fs errors before saving the file
Change-Id: Ic90ecdd256a23cec9f9356a7e59c85be982cd8e9
Krzysztof Jackiewicz [Wed, 20 Feb 2019 11:40:21 +0000 (12:40 +0100)]
Get rid of misleading SCHEMA_INFO error
During startup the key-manager attempts to read a table SCHEMA_INFO to get the
information about the database version. In older versions of the database that
table is missing. Key-manager properly handles that case but produces 3 lines of
error log which may suggest that something went wrong.
This commit checks the existence of the table before attempting to use it. Whole
operation is enclosed in a transaction.
Change-Id: Ie7f1fbe1182c2add5965f8e5ddada262ffcb42fe
Krzysztof Jackiewicz [Wed, 15 May 2019 12:23:57 +0000 (12:23 +0000)]
Merge "Increase backlog for listening sockets" into tizen
Tomasz Swierczek [Wed, 15 May 2019 08:05:49 +0000 (10:05 +0200)]
Adjust to boost 1.65
Change-Id: I43e986a010030db949053a8e1b3669495fa1a986
Dariusz Michaluk [Tue, 14 May 2019 13:53:58 +0000 (15:53 +0200)]
Increase backlog for listening sockets
When systemd's socket activaction is utilized, the default backlog
parameter passed to the listen() function is set to SOMAXCONN,
which is equal to 128. In distributions where systemd is not used
for socket activation, the default UNIX socket
implementation sets the backlog value to 5.
This may lead to rare overflow of an internal connection queue.
This manifests itself as the -EAGAIN error returned by connect().
To mitigate the issue, the backlog parameter has been set
to SOMAXCONN, which is a default value used by systemd.
Change-Id: I906cd4de478b0dac0eaf860550fccd2f9cd6e184
Tomasz Swierczek [Mon, 13 May 2019 09:14:00 +0000 (11:14 +0200)]
Fix file name in file header
Change-Id: I3e087729762d16b84327863317643387c304ef88
Konrad Lipinski [Mon, 6 May 2019 18:24:55 +0000 (20:24 +0200)]
Fix svace defects
va_start / va_end must be called in the same function
Change-Id: I5176fc2686a62eb0a21e6eb9a5f737dbc3880056
Krzysztof Jackiewicz [Mon, 11 Feb 2019 16:04:46 +0000 (17:04 +0100)]
Check fs errors before saving the file
GetFd(os) on a non-existing file causes segfault.
Change-Id: I8365dfbddace160ae99b1e7d1f6070ee1032f6cd
Tomasz Swierczek [Mon, 11 Mar 2019 10:42:02 +0000 (11:42 +0100)]
Release 0.1.28
* Change contact information to Dongsun Lee
* Fix since_tizen tag in ckmc-type.h
* Replace time(NULL) with monotonic clock usage
* Fix memory leak/corruption
* Add API for CKM return code descriptions
* Add test for listing aliases with password protection statuses on old database schema
* CKMC API: Add option to list aliases with information about password protection
* Add option to list aliases with password protection statuses
* replace strcpy with strncpy for fixing SVACE(WGID=411075,411076)
Change-Id: If1b53e3dc88bcadbb32b40b8d89e5bc781d71e32
Tomasz Swierczek [Mon, 11 Mar 2019 10:40:35 +0000 (11:40 +0100)]
Change contact information to Mr Dongsun Lee
bj.im@samsung.com is no longer a valid email address.
Change-Id: I81103542e0d23e80a71d5f1e86cc263f92ab78b0
Tomasz Swierczek [Tue, 5 Mar 2019 09:34:36 +0000 (10:34 +0100)]
Replace time(NULL) with monotonic clock usage
Calculating timeout for socket connections should
use monotonic clock.
Change-Id: If9c3d573b70d1faa1cf46b9215048a5853abbaaa
Ernest Borowski [Thu, 7 Mar 2019 10:39:16 +0000 (11:39 +0100)]
Fix since_tizen tag in ckmc-type.h
Change-Id: Ib8fd0260527ed87bf0801e3cb7a24d2ca97f4c90
Signed-off-by: Ernest Borowski <e.borowski@partner.samsung.com>
Dariusz Michaluk [Thu, 31 Jan 2019 13:41:09 +0000 (14:41 +0100)]
Fix memory leak/corruption
Change-Id: I8f9bed07752fde26f629cca6931231dab5fd8980
Tomasz Swierczek [Wed, 20 Feb 2019 09:08:14 +0000 (10:08 +0100)]
Add API for CKM return code descriptions
In rare case when DB tool was used for db inspection,
and db could not be opened, the commandline interface
returned raw error code, without any explanation.
Change-Id: If7a29842ae5a7fc2e99a2d991545539704647f3c
Ernest Borowski [Thu, 2 Aug 2018 10:19:31 +0000 (12:19 +0200)]
Add test for listing aliases with password protection
statuses on old database schema
Change-Id: I2e9e409a385744a0ed694023872cbd4b37cce523
Ernest Borowski [Tue, 27 Feb 2018 14:38:34 +0000 (15:38 +0100)]
CKMC API: Add option to list aliases with information about password protection
Change-Id: I02ff75a9f6c60bdcd4b3450a135a4047bbbc05f0
Signed-off-by: Ernest Borowski <e.borowski@partner.samsung.com>
Ernest Borowski [Mon, 19 Feb 2018 18:52:07 +0000 (19:52 +0100)]
Add option to list aliases with password protection statuses
Change-Id: I045174602edd51dc7efcc8d79eb1beed76215b10
Signed-off-by: Ernest Borowski <e.borowski@partner.samsung.com>
Dongsun Lee [Fri, 22 Feb 2019 04:15:36 +0000 (13:15 +0900)]
replace strcpy with strncpy for fixing SVACE(WGID=411075,411076)
Change-Id: I26207f412d5aeee68f6c90131d6c62978233c5f5
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Tomasz Swierczek [Tue, 19 Feb 2019 16:20:50 +0000 (17:20 +0100)]
Release 0.1.27
* Encode blobs with Base64 in ckm tools
* Refactor PKEK2 related functions
* Add a common function for zeroing sensitive data
* Free the context in case of openssl failure
* Add helpers for domain KEK encryption/decryption
* Add helper randomization function in key-provider.cpp
* Make encrypt/decrypt local functions of key-provider.cpp
* Use common function for PKEK1&2 generation
* Make username shorter in KeyProvider tests
* Remove outdated tz_backend test
* Validate encrypted DKEK
* Fix SVACE and C++ issues
* Add gbs option to enable the TZ backend support
* Update log formatter in tests
* Fix internal migration tests
* Fix internal scheme tests
* Remove secret key for software backend
* Some TZ backend fixes.
* Remove unnecessary BSD license
* Add allowed values for -b option of initial values tool
* Add RO location for initial values
* Overwrite existing initial values
* Initial values tool
* Support for encrypted initial-values
* Reduce number of import methods in tz-backend
* Unification of import methods in gstore
* Add parser support of new schema version
* Add backend attribute in xml schema
* Introduce Key class in tz backend
* Add support for TrustZone backend data storage
* Simplify key related functions in tz-backend
* Fix buildbreak caused by improper rebase
* Add log for invalid system service owner id
* Unify alias naming
* Fix TYPO in key-manager_doc.h
* Make spec compliant with gbs --incremental
* Add protection against memory leaking during deserialization
* Add Apache 2.0 license headers
Change-Id: I05a9b6bdf376f6bdc58542fb023528ac122f619f
Krzysztof Jackiewicz [Fri, 15 Feb 2019 12:40:39 +0000 (13:40 +0100)]
Encode blobs with Base64 in ckm tools
If an unprintable data is returned as a result of sqlite query
execution it will be encoded in base64 and prefixed with "b64:". This
is to make binary data readable in ckm_db_tool/merge.
Also extend the maximum size of printed row to 64 characters.
Change-Id: I4471090977b19ded9b1bea76f26ff1b98d5ba826
Krzysztof Jackiewicz [Tue, 19 Feb 2019 11:39:17 +0000 (12:39 +0100)]
Refactor PKEK2 related functions
PKEK2 is used to derive both DB DEK and APP DEK. Currently, variable names and
comments are a bit misleading.
This commit refactors the variable names and comments to better describe the
actual purpose of this key.
Change-Id: If8ee266ec2da63c929f498f1ed009df5d79c134f
Krzysztof Jackiewicz [Thu, 14 Feb 2019 14:30:48 +0000 (15:30 +0100)]
Add a common function for zeroing sensitive data
Encryption keys and passwords are sensitive data and as such should be cleared
when no longer used to prevent memory attacks.
According to the "as-if" rule, the compiler is allowed to perform any changes to
the program as long as the observable behavior of the program is not
changed. Since the contents of unused memory are not considered an observable
behavior the compiler is allowed to optimize out the call to memset(). The
following solutions were considered:
- Reading the memory after overwriting it with memset(). Since reading the
memory has no observable effects it's perfectly legal for the compiler to
remove both operations.
- Using volatile asembly code to prevent optimization. It may prevent some
compilers from optimizing but there's no guarantee.
- Using volatile funtion pointer to memset. Apparently, it can be optimized as
well during LTO.
- Using memcpy_s(). The function is not widely available yet. It may be missing
so we still need a fallback solution.
- Locally disabling optimization with #pragma GCC optimize("O0"). It's GCC
specific and it's not clear whether GCC will try to optimize it with
"O0". Empirical test showed that memset() call is not removed.
This commit applies the last solution adding a new unoptimized wrapper for
memset().
Note that this commit will not prevent the processor from creating another copy
of the sensitive data in registers, on the stack, in swap or in cache memory. It
will only limit the number of places in memory where the secret data can be
found.
Change-Id: I80fe8ce8ce3d808b423858254d6fd23f491d2674
Krzysztof Jackiewicz [Tue, 29 Jan 2019 15:46:01 +0000 (16:46 +0100)]
Free the context in case of openssl failure
Change-Id: Ia2e387f70a50b090641f6bf6fb509d7d54dfdd8f
Krzysztof Jackiewicz [Tue, 29 Jan 2019 14:58:55 +0000 (15:58 +0100)]
Add helpers for domain KEK encryption/decryption
Change-Id: I048649f8a9a3450f6cefcbd9d2d75c8445f46277
Krzysztof Jackiewicz [Tue, 29 Jan 2019 14:56:52 +0000 (15:56 +0100)]
Add helper randomization function in key-provider.cpp
Change-Id: I657ac68ce8e9253ca63187132eef3fb769d8426a
Krzysztof Jackiewicz [Tue, 29 Jan 2019 14:43:32 +0000 (15:43 +0100)]
Make encrypt/decrypt local functions of key-provider.cpp
Change-Id: I0dfceda850c69b09a92d26254642357838ea7cb5
Krzysztof Jackiewicz [Tue, 29 Jan 2019 10:34:18 +0000 (11:34 +0100)]
Use common function for PKEK1&2 generation
Change-Id: Ic9c6286b3672836c2bde976adb1b79ba34793918
Krzysztof Jackiewicz [Wed, 9 Jan 2019 11:48:39 +0000 (12:48 +0100)]
Make username shorter in KeyProvider tests
USERNAME_LONG used in KeyProvider tests is 43 characters long while the
structure used for storing it has only 32 characters. After adding a size check
in WrappedKeyAndInfoContainer::setKeyInfoClient the tests started to fail.
This commit makes the passed string fit 32 characters and adds new test.
Change-Id: Ida8a574f805c9518d00ee810dbd3c2daed9ace55
Krzysztof Jackiewicz [Wed, 7 Nov 2018 15:04:06 +0000 (16:04 +0100)]
Remove outdated tz_backend test
TZ backend is now supported. The test is no longer valid and has been removed.
Change-Id: Ia36f684442a91edde924786944ebf4f926119344
Krzysztof Jackiewicz [Tue, 30 Oct 2018 13:26:12 +0000 (14:26 +0100)]
Validate encrypted DKEK
- Make sure that the length of the encrypted DKEK received in
WrapperKeyAndInfoContainer() does not exceed the size of the key
buffer.
- Check client id NULL termination.
- Get rid of unnecessary dynamic allocations.
- Update tests.
Change-Id: I9f5b494a8ea3d0d8f438a50bb49b55d57d1a3e67
Krzysztof Jackiewicz [Mon, 26 Nov 2018 16:16:51 +0000 (17:16 +0100)]
Fix SVACE and C++ issues
Change-Id: Idfed338ad6f632556585e5749817bb882cbe0251
Pawel Kowalski [Wed, 28 Nov 2018 10:39:49 +0000 (11:39 +0100)]
Add gbs option to enable the TZ backend support
To enable the TZ backend support add following option to the gbs build:
--define "tz_backend ON". If the option is not set or is set to value
different than ON, the TZ backend support is disabled (it is disabled by
default).
Change-Id: If6ebd2625ea7b559df52c8fc6da659a99e53a9f9
Krzysztof Jackiewicz [Wed, 7 Nov 2018 13:14:31 +0000 (14:14 +0100)]
Update log formatter in tests
Apparently the boost unit_test_log_formatter interface has changed. The
colour_log_formatter has been updated to match the new version. Thanks to that
it is now possible to properly observe uncaught exceptions in unit tests.
As a result the assert wrapper is no longer necessary and it has been removed.
Change-Id: Ifbf0b8b2f1234e1d77fa695b145c50d65e87624a
Krzysztof Jackiewicz [Fri, 21 Sep 2018 09:48:11 +0000 (11:48 +0200)]
Fix internal migration tests
Migration tests use existing databases so test alias names must not be changed
Change-Id: I4277125a9031d822d1666e51a8ee54466901e2a0
Krzysztof Jackiewicz [Wed, 17 Oct 2018 15:02:10 +0000 (17:02 +0200)]
Fix internal scheme tests
1. Regular std::exception is not reported as error by boost test.
Std::runtime_error is used because a part of the test code is also used in
a tool for database generation.
This commit replaces calls to boost test macros with calls to a wrapper macro
which is expanded to std::runtime_error or boost test assert depending on a
compilation flag.
2. Test binaries are modifying process labels which requires onlycap.
This commit modifies exec label and adds onlycap fixture to disable onlycap
for scheme tests.
Change-Id: Ibbe44c2bca6e12b5ade360b267c281ef18294258
Bartlomiej Grzelewski [Wed, 10 Oct 2018 10:00:58 +0000 (12:00 +0200)]
Remove "secret" key for software backend
This key was used by example software implementation of encrypted initial-values
feature which has been replaced by hardware backed implementation.
Change-Id: Id8358a70459fb6ddd8ebb43fc8e987dc4d586f63
r.tyminski [Thu, 26 Apr 2018 13:23:53 +0000 (15:23 +0200)]
Some TZ backend fixes.
- pass TEEC_Context by reference, not by value.
- print return origin from TEEC_InvokeCommand
Change-Id: Ib26415d0dfb454540c0f0b85d2dc50466f63ae14
Krzysztof Jackiewicz [Mon, 8 Oct 2018 12:22:28 +0000 (14:22 +0200)]
Remove unnecessary BSD license
Base64 code licensed under BSD 2-clause has been removed. This license is no
longer necessary.
Change-Id: I91a3df5d282b81df19699afee9028c0dc27783d1
Krzysztof Jackiewicz [Mon, 8 Oct 2018 07:24:08 +0000 (09:24 +0200)]
Add allowed values for -b option of initial values tool
Change-Id: Ib52a86548462ef1c7e59ca446b0733e5291017f8
Krzysztof Jackiewicz [Fri, 5 Oct 2018 15:24:01 +0000 (17:24 +0200)]
Add RO location for initial values
RO location will be processed before RW if a flag file is present. After import
the flag will be removed but xml files will be left untouched.
Change-Id: Id11c982ee4a055871e4af6841c23a11cbf139239
Krzysztof Jackiewicz [Fri, 5 Oct 2018 14:17:44 +0000 (16:17 +0200)]
Overwrite existing initial values
Delete any existing values of given name before saving new one.
Change-Id: I4cf23efad7cff6ef453f1ed7e4bfcda76d2fdc69
Krzysztof Jackiewicz [Tue, 2 Oct 2018 12:27:27 +0000 (14:27 +0200)]
Initial values tool
Add a tool able to create and/or update an initial values xml. It is also
possible to add encrypted ininial values.
Add rpm package for potential use in gbs buildroot during image creation.
Limitations:
- Hardcoded IV & tag length
- Hardcoded Data format
Testing:
dd if=/dev/random of=/tmp/key bs=32 count=1
dd if=/dev/random of=/tmp/data bs=32 count=1
ckm_initial_values -k /tmp/key -d /tmp/data -n name -t Key -s AES -p pass -e
-b hardware -a acc1,acc2,acc3
Change-Id: Id29d0eb58d9dba3e78b3437534cb566046a39877
Bartlomiej Grzelewski [Fri, 28 Sep 2018 11:46:21 +0000 (13:46 +0200)]
Support for encrypted initial-values
Add tag attribute in xml schema
Change-Id: Idc058e756ab6053103e1477292cacbacf57a9879
Bartlomiej Grzelewski [Tue, 25 Sep 2018 11:39:22 +0000 (13:39 +0200)]
Reduce number of import methods in tz-backend
Change-Id: I44fe9737dd34d8b61d2ab099c3f611903a5cc9a1
Bartlomiej Grzelewski [Fri, 21 Sep 2018 10:41:37 +0000 (12:41 +0200)]
Unification of import methods in gstore
Change-Id: I31dca502533360b759d6aea20e75a9e823eccc34
Bartlomiej Grzelewski [Tue, 18 Sep 2018 13:49:00 +0000 (15:49 +0200)]
Add parser support of new schema version
Version 1 of xml with initial values is not supported from now.
From now software backend will not support encrypted data.
Allow parser to accept xml version 2.
Initial values files will contain information about
type of backend that should be used to store data.
Change-Id: Ib3a73b14148a2476ab288ca364fffe9289400ebd
Bartlomiej Grzelewski [Mon, 17 Sep 2018 15:09:47 +0000 (17:09 +0200)]
Add backend attribute in xml schema
Initial values may be saved in two locations: software backend and
hardware backend. Until now there were no way to choose backend of
to store initial values.
Change-Id: Iaee057e8c78f6d3066e119adcf4e6fe174846990
Krzysztof Jackiewicz [Wed, 26 Sep 2018 15:14:20 +0000 (17:14 +0200)]
Introduce Key class in tz backend
Add an intermediate Key class that removes the need to keep
credentials from binary data object (BData).
Change-Id: I638de81aedf47bc51421a7c362459ced801fd650
Tomasz Swierczek [Wed, 26 Sep 2018 09:18:43 +0000 (11:18 +0200)]
Add support for TrustZone backend data storage
Change-Id: Idfd0909d03e40b7e5cd5aeb1116b844be1901cf1
Krzysztof Jackiewicz [Thu, 20 Sep 2018 11:26:06 +0000 (13:26 +0200)]
Simplify key related functions in tz-backend
- Use proper parameter for tag length
- Move default param values to TrustZoneContext where possible
- Remove unnecessary arguments
Change-Id: I00f8909ede4f80b77a937b52a5bce5698d4516a5
Krzysztof Jackiewicz [Tue, 28 Aug 2018 15:16:36 +0000 (17:16 +0200)]
Fix buildbreak caused by improper rebase
Refactoring commit has been improperly rebased which led to buildbreak.
Change-Id: I2d04143cf1eb929c8f8226826336b2e825996149
Krzysztof Jackiewicz [Tue, 24 Jul 2018 08:44:23 +0000 (10:44 +0200)]
Add log for invalid system service owner id
System services (uid < 5000) should always use "/System" owner id.
Eiter by explicitly adding it to the alias or by running with "System"
label. Add log to make the reason of the failure more apparent.
Change-Id: I1be9861eadcae6eadd6d682b4cc66972c93d1728
Krzysztof Jackiewicz [Thu, 19 Jul 2018 14:31:27 +0000 (16:31 +0200)]
Unify alias naming
Get rid of all references to smack labels except database scheme.
alias = owner_id + name
Simplify db permissions processing
Change-Id: I36c3dbb3ee605fb00e5e4e6bcbada6400a0cbcab
Dongsun Lee [Tue, 28 Aug 2018 04:51:14 +0000 (13:51 +0900)]
Fix TYPO in key-manager_doc.h
Change-Id: I11dbc3468e8277f0cef978f722ecbe275e1048f6
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Konrad Lipinski [Thu, 2 Aug 2018 10:44:44 +0000 (12:44 +0200)]
Make spec compliant with gbs --incremental
According to [1], %prep section of the spec file should contain a single
%setup macro, nothing else. According to [2], manifest %files are best
copied to %{buildroot}%{_datadir} in the %install section.
Moved manifest copy operations from %prep to %install accordingly.
References
[1] https://source.tizen.org/documentation/reference/git-build-system/usage/gbs-build
[2] https://wiki.tizen.org/Security/Application_installation_and_Manifest
Change-Id: Iacf755558636f939a540482f849e810780c19a51
Tomasz Swierczek [Tue, 17 Jul 2018 12:14:18 +0000 (14:14 +0200)]
Add protection against memory leaking during deserialization
Change-Id: I1fbcd7daf1674dd1ad6b9eaffdba76263bda370b
Pawel Kowalski [Thu, 16 Aug 2018 08:19:14 +0000 (10:19 +0200)]
Add Apache 2.0 license headers
Change-Id: Ia61efbc57ce93ed3714dafe9edada7cb244c54d3
INSUN PYO [Thu, 9 Aug 2018 03:53:46 +0000 (12:53 +0900)]
Add RequiresMountsFor=/opt to central-key-manager.service.
In order to apply User/Group to .service, we need /opt/etc/{passwd,group}.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I0ff03a7bc65565605ac43754349979b351c16796
Bartlomiej Grzelewski [Wed, 2 Aug 2017 12:21:44 +0000 (14:21 +0200)]
Test version of ckm_db_merge
ckm_db_merge allows to read database and copy it's contents
to other one. ckm_db_merge supports db since versions 0.1.14.
Please note: both databases will be automatically migrated to
the newest schema.
Change-Id: I5cec9dfdc2ab75a2ccd5156b0bb05cb46d134480
Krzysztof Jackiewicz [Fri, 6 Jul 2018 13:13:50 +0000 (15:13 +0200)]
Make key-manager build with boost 1.65
Add dummy implementation of newly added abstract methods.
Change-Id: If491af391431a769a2e84360425852a53be25f16
Dongsun Lee [Tue, 8 May 2018 04:56:48 +0000 (13:56 +0900)]
Fix coverity defect
- 120541 : improper use of nagative value
Change-Id: Ic93d890a08def810a8f09ed6bbb8171e440438df
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Tomasz Swierczek [Wed, 18 Apr 2018 11:25:37 +0000 (13:25 +0200)]
Disable default build with tz-backend
Migration to VD causes build breaks because of missing optee dependency.
Relation between key-manager and key-manager-ta needs to be re-worked.
For now it will be disabled.
Change-Id: I5312db283e3514d7c54dfa7caffd6738b5568e2f
Dongsun Lee [Thu, 22 Mar 2018 07:50:00 +0000 (16:50 +0900)]
Fix coverity defects
- 105284: Buffer not null terminated
- 108955: Big parameter passed by value
- 109815: Uncaught exception
Change-Id: I303a652d6ae0540f7d6daa833a30ef0fb691ffb8
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Krzysztof Jackiewicz [Fri, 2 Mar 2018 14:35:04 +0000 (15:35 +0100)]
Properly detect the presence of TA
Tef-simulator and optee use different TA file name formats. Key-manager was
detecting the presence of TA by checking the existence of TA file with
hardcoded format. It worked with tef-simulator but it failed to detect the TA
presence in case of optee.
This commit replaces the TA file presence checking with an attempt to open a
session using libteec. If an attempt succeeds the decider selects TZ backend.
Otherwise, it falls back to SW backend.
Change-Id: I840d6b58a1ffa39885a4b8ded0ff70f4147c3de0
Dariusz Michaluk [Wed, 7 Mar 2018 16:56:41 +0000 (17:56 +0100)]
Remove unnecessary dependencies
Do not expose unnecessary libraries to the program
that is linking with key-manager library.
If the program will not be using the symbols of the required library,
it should not be linking directly to that library.
Change-Id: I07264f35d023881be8b104307941565047813688
Dariusz Michaluk [Wed, 7 Mar 2018 16:49:11 +0000 (17:49 +0100)]
Remove redundant libcrypto dependency
openssl pkg-config requires libcrypto and libssl
Change-Id: I222e458a26e0dc15d82654d35fdccc126411000f
Tomasz Swierczek [Wed, 7 Mar 2018 10:50:22 +0000 (11:50 +0100)]
Updated documentation headers - typos fix
Change-Id: I8ad994a7164f6d85573030e0aeb340c1f0e50d14
Tomasz Swierczek [Thu, 11 Jan 2018 09:38:00 +0000 (10:38 +0100)]
Updated documentation to match supported features when key-manager-ta is present.
GP API specification has subtle impact on features supported by key-manager:
* passing data chunks bigger than TEEC_CONFIG_SHAREDMEM_MAX_SIZE is not supported by TEE
Subtracting few kB for passing keys, options/cipher, at least 500 kB is left for user-data
* GCM modes with tag lengths 32 and 64 bits are treated as insecure and are also not supported
Change-Id: I9634531dbbfea153a2f4f45bc790521eff014e83
Pawel Kowalski [Mon, 25 Sep 2017 08:36:02 +0000 (10:36 +0200)]
Add openssl error handling in key-manager
There was no distinction between different types of errors returned
by OpenSSL functions. Because of that the information returned to
a developer could be not complete and misleading.
In order to solve this problem, translator of OpenSSL errors to CKM
errors was written. Now, macro OPENSSL_ERROR_HANDLE may be used to
handle OpenSSL errors and provide full error information into log
system.
Change-Id: I63b54f76faaa5b36385bed167db03d97f034402f
Bartlomiej Grzelewski [Wed, 17 Jan 2018 15:21:28 +0000 (16:21 +0100)]
Fix out of bound access
Change-Id: I830cdc82351b18a670c4950a720f18433532a966
Bartlomiej Grzelewski [Wed, 29 Nov 2017 15:32:28 +0000 (16:32 +0100)]
Add backend field in policy
New field will allow user to force usage of software/hardwere backend
during runtime.
Change-Id: I6f3c575fa979807f456a32a70b278942cdb28b04
Lukasz Kostyra [Tue, 25 Jul 2017 12:59:49 +0000 (14:59 +0200)]
tz-backend: Implement symmetric encryption through TA
Change-Id: Id1b563f099e1671fb5fbcca9ca08757b34b1dfd8
Lukasz Kostyra [Thu, 26 Oct 2017 09:05:21 +0000 (11:05 +0200)]
Change GID of key-manager
Key-manager main group ID was changed to security_fw
to workaround the issue with TrustZone backend - client
application created shared memory segments inaccessible
by TEF Simulator Daemon.
Change-Id: I8da3dacfb5001cc4b230219820acc53b287f6cfb
Krzysztof Jackiewicz [Wed, 22 Nov 2017 10:37:53 +0000 (11:37 +0100)]
Merge branches 'tizen' and 'tizen_4.0'
Change-Id: I0e30db44df252ac6a5629542dfd9cea022a04971
Krzysztof Jackiewicz [Fri, 10 Nov 2017 12:53:17 +0000 (13:53 +0100)]
Fix SVACE defects
- Initialize required members in default Row ctor
- Remove unused Row objects
- Refactor string memcpy'ing so that SVACE stops complaining
- Fix memory leak in DescriptorSet
Change-Id: I8a22a3c5388b0c17b6f44ebaf89d32e9065526dd
Bartlomiej Grzelewski [Thu, 9 Nov 2017 13:21:13 +0000 (14:21 +0100)]
Add host parameter in HTTP header
Change-Id: Iacd8d8e244df289af8c4ab0fe87a26fcb91b5644