summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Dariusz Michaluk [Thu, 28 May 2020 13:42:11 +0000 (15:42 +0200)]
Add one boost-based binary with all tests
Change-Id: I23e3cf160e2e4fdf0f7dd95dafd366a0a35babd4
Dariusz Michaluk [Thu, 28 May 2020 12:20:57 +0000 (14:20 +0200)]
Move all sources to src/ directory
Change-Id: I0ffe64f5cc8b3591d1951503f46011173f173ab3
Dariusz Michaluk [Thu, 28 May 2020 11:55:34 +0000 (13:55 +0200)]
Move example app to documentation
Change-Id: I73832e912bc78ed55c9a4a57550b76173f06d861
Dariusz Michaluk [Thu, 28 May 2020 10:53:12 +0000 (12:53 +0200)]
Set project version in one place only
Change-Id: I4e39f86e922f650c611ce41683dc6e16f77dc83b
Dariusz Michaluk [Thu, 28 May 2020 09:40:20 +0000 (11:40 +0200)]
Change code formatting in shared/protobuf_asio
Change-Id: I1fb44ed5992955dc18f340407fccdfc2169a518a
Dariusz Michaluk [Wed, 27 May 2020 21:00:32 +0000 (23:00 +0200)]
Support C API only, hide C++ symbols
Change-Id: I9977834917c6d28b99fa34fc22150f1b221b4f5e
Dariusz Michaluk [Wed, 27 May 2020 20:02:33 +0000 (22:02 +0200)]
Remove unneeded spec dependencies
Change-Id: I46756d3749085a16fa843da57698a37678ad6ba3
Dariusz Michaluk [Tue, 26 May 2020 12:09:00 +0000 (14:09 +0200)]
Rewrite cmake infrastructure
Change-Id: Ic5a94dc9c188e5e26a6b0c42647c77f03ab2d59e
Dariusz Michaluk [Wed, 27 May 2020 12:36:28 +0000 (14:36 +0200)]
Remove interprocedural optimization flags
Change-Id: Ie87b2d481a9e5442e1c146e4c75667b8127ed589
Dariusz Michaluk [Tue, 26 May 2020 10:35:01 +0000 (12:35 +0200)]
Systemd is always available
DCM is not used outside Tizen,
we can rely on systemd being always available.
Additionally not used boost::filesystem dependency was removed.
Change-Id: I61d932dfe9481f8345b3c36f4f5dc7390770260e
Dariusz Michaluk [Tue, 26 May 2020 09:52:49 +0000 (11:52 +0200)]
Cynara framework is always available
DCM is not used outside Tizen,
we can rely on cynara framework being always available.
Change-Id: Ib5e4bdeccf9a99b1dbfd935e3d5b2f32eae5877f
Dariusz Michaluk [Wed, 20 May 2020 11:47:11 +0000 (13:47 +0200)]
Replace protobuf with protobuf-lite
The "lite" library is much smaller than the full library,
and is more appropriate for resource-constrained systems such as mobile phones.
Change-Id: I4625bc971cdb509ce5a22ca2b5d98bcba69ac46a
Dariusz Michaluk [Tue, 26 May 2020 07:49:10 +0000 (09:49 +0200)]
Fix installation paths
This commit allows build/install without GBS.
Change-Id: Ie80a0baa50b868db01c7d00faad82a91de996ddf
Dariusz Michaluk [Tue, 26 May 2020 07:39:26 +0000 (09:39 +0200)]
Remove unneeded compilation flags
gcc 9 was complaining about out-of-bounds accesses in auto-generated
boost 1.66 code, since boost was upgraded to 1.71 version,
these flags are unnecessary.
Change-Id: Ifadd67f82129a00229b1b07233093ea31f7c821d
Dariusz Michaluk [Tue, 26 May 2020 07:31:05 +0000 (09:31 +0200)]
Remove unused openssl dependency
Change-Id: Ie28f2c12b2dea4be4e51aad425a330eed5e858c2
Dariusz Michaluk [Tue, 26 May 2020 07:13:00 +0000 (09:13 +0200)]
Dlog logging framework is always available
DCM is not used outside Tizen, we can use Tizen dlog framework.
In the future commits, all BOOST_LOG_* macros
should be replaced with unified logging mechanism.
Change-Id: Ibc4c9287925268c99c62c386a8ebbc9688b941a5
Dariusz Michaluk [Mon, 18 May 2020 12:49:46 +0000 (14:49 +0200)]
Simplify compile flags settings
Set C++14 and C11 as default. Add release & debug flags.
Change-Id: I1706cc8581d33f53362a557162c6e5d9bf5dddf5
Dariusz Michaluk [Mon, 25 May 2020 10:54:30 +0000 (12:54 +0200)]
Boost unit test framework is always available
Boost is widely used framework, we can assume that
unit test component is always available.
Additionally test/CMakeLists.txt file was rewritten a bit.
Change-Id: I0efba0b1e042cd8f87d327f3ad15d3bccb7fdb78
Dariusz Michaluk [Mon, 25 May 2020 09:06:13 +0000 (11:06 +0200)]
Remove boost-based cmd line program options
Available options were 'version' and 'help' only.
Checking package metadata (change-id) on platform image can be used instead.
Change-Id: I4861509f5983db6a8fcd3d3f0a615017129a7df8
Dariusz Michaluk [Tue, 16 Jun 2020 09:23:58 +0000 (11:23 +0200)]
Remove mbedtls dependency from daemon
Input validation was done on client side,
mbedtls error code replaced with system error.
Change-Id: Ie1bb4fd09079c37387a70cbcef897496c4644793
Dariusz Michaluk [Tue, 16 Jun 2020 08:50:49 +0000 (10:50 +0200)]
Remove certificate chain utilities
Reordering of certificate chain is not the role of dcm-daemon.
dcm-backend must return a certificate chain with correct order.
Change-Id: Id6d4adfa9c17d3f05501966c40e5dbf82eca40db
Sangjung Woo [Fri, 3 Jul 2020 10:11:35 +0000 (19:11 +0900)]
[Protobuf] Use ByteSizeLong() instead of deprecated ByteSize()
After bumping up to protobuffer v3.12.3, a below compile-time error
occurs.
* error: 'int google::protobuf::MessageLite::ByteSize() const' is
deprecated: Please use ByteSizeLong() instead [-Werror=deprecated-declarations]
In order to fix this bug, this patch uses the ByteSizeLong() instead of
deprecated ByteSize().
Change-Id: I8bd6c9eb951521af1ae08ff60c7bb81cf8f2c0cd
Signed-off-by: Sangjung Woo <sangjung.woo@samsung.com>
Tomasz Swierczek [Wed, 15 Jan 2020 08:06:37 +0000 (09:06 +0100)]
Add gcc 9 fixes
Gcc 9 complais about out-of-bounds items in auto-generated source code
Change-Id: I20c4378bc5cb5b21c467cc7ca1f8fe4dc158e26f
Dongsun Lee [Fri, 13 Dec 2019 02:38:58 +0000 (11:38 +0900)]
Fix buig in link address
Change-Id: Id39c443b80a80858c25a7e042e4b1bee9d9eb1b2
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dongsun Lee [Fri, 13 Dec 2019 01:49:45 +0000 (10:49 +0900)]
Change developer.tizen.org to docs.tizen.org
Change-Id: I5ef281d4c9c600ecc4ce19b75c435a8b224580bc
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dongsun Lee [Mon, 9 Dec 2019 06:51:30 +0000 (15:51 +0900)]
Fix build failure in case of boost upgrade(1.66.0->1.71.0)
Change-Id: Ia5a0688c7712ead820fae1e5231eeb11fc3fde43
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Tomasz Swierczek [Mon, 23 Sep 2019 10:26:37 +0000 (12:26 +0200)]
Moved boost_log_dlog_sink.h to dcm-daemon subdirectory
This file is not re-used between client & daemon.
This change should improve SAM score.
Change-Id: I6826839da1e37cf9d85813e7de7a13dcc651cf85
Pawel Kowalski [Thu, 4 Jul 2019 14:17:02 +0000 (16:17 +0200)]
Fix build break for the x86_64 architecture
In printf function, types of printed variables were adjusted.
Change-Id: I3fda0b37dc6d29338eced9415cd983c58756499c
Tomasz Swierczek [Fri, 28 Jun 2019 12:28:31 +0000 (14:28 +0200)]
Add additional GCC definitions for more warnings
Removed new warnings/fixed raised issues too.
Change-Id: I44fd371d85ded5335874c4ecb707787c0cab6f1d
Tomasz Swierczek [Thu, 27 Jun 2019 11:38:24 +0000 (13:38 +0200)]
Fix compilation warnings
Change-Id: Iaf31217dc685ca339e75ead1cfd8a5e0f7afd02a
Pawel Kowalski [Fri, 14 Jun 2019 07:49:09 +0000 (09:49 +0200)]
Add the README.md file
Change-Id: I54ed9ddcceba5aeb032945344c6c76a19937c186
Pawel Kowalski [Fri, 14 Jun 2019 13:02:38 +0000 (15:02 +0200)]
Migrate to openssl1.1
Change-Id: I6082cd4b30ae68264f5ba5524d671c07155bf4b1
Tomasz Swierczek [Mon, 3 Jun 2019 11:56:25 +0000 (13:56 +0200)]
Simplify dllresolver caching & actually use it
Change-Id: I8e6f0e18984fc8106ac48f35178e6550b91c74d8
Pawel Kowalski [Wed, 24 Apr 2019 12:34:11 +0000 (14:34 +0200)]
Move backends to the separate repository
The plugin architecture was implemented. From this commit, the backends
are loaded using the dlopen. They are libs that provide the internal
common API for requesting the certificate chain and signing the data.
The implementation depends on the device used. Also the dummy backend
may be used.
The backends are available in the repository:
platform/core/security/device-certificate-manager-backend.
Change-Id: Id69b8763e2997c3d0f3747aafd0d6cd9eeaa9d5c
Dongsun Lee [Mon, 22 Apr 2019 08:34:53 +0000 (17:34 +0900)]
Add KONAI SE plugin
Change-Id: I1fb423ae44f5df1dad3bf3fadfd7e8e6fd308875
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dariusz Michaluk [Thu, 18 Apr 2019 08:02:59 +0000 (10:02 +0200)]
LOG_TAG names unification, use DCM_SERVER/DCM_CLIENT.
Change-Id: I4b66931e10dd22a508c88f46f3d31a231fe38bdf
MyungJoo Ham [Tue, 26 Mar 2019 06:25:36 +0000 (15:25 +0900)]
packaging: do not hardcode protobuf package soname.
Protobuf is way too old and is being upgraded.
The version name is to be changed.
Change-Id: I6d9f102ee7ab264d4822ce637afabd00dec51897
Signed-off-by: MyungJoo Ham <myungjoo.ham@samsung.com>
Tomasz Swierczek [Mon, 17 Dec 2018 09:14:04 +0000 (10:14 +0100)]
Adjust build to new dlog
Change-Id: I91b4fc5045c7ca4b10b44fd6e364206e7c6c2640
Dariusz Michaluk [Mon, 26 Nov 2018 10:59:29 +0000 (11:59 +0100)]
Fix C++Test defects
Destructor in a class 'dcm_client_connection' should be public and virtual or protected and nonvirtual
Unreachable code detected after 'switch' statement
Change-Id: I6fe82c3bb231691b693e13f964c8ddc34cf26a78
Dariusz Michaluk [Mon, 29 Oct 2018 10:16:05 +0000 (11:16 +0100)]
Fix SVACE defects
Change-Id: I03562c56c60d3df9c5401c4d9e55f8f1342df8c0
Dariusz Michaluk [Tue, 28 Aug 2018 14:07:13 +0000 (16:07 +0200)]
Minor fixes and improvements
- start device-certificate-manager service on demand,
- stop device-certificate-manager when no requests,
- cleanup security manifests,
- unify socket path,
- remove unused build variables,
- add boost-test dependency,
- unify service/socket names,
- restart/stop service/socket together,
- remove device-certificate-manager target.
Change-Id: Iade35e34a143300ba07c5958003dad53758f7f8e
Dongsun Lee [Thu, 4 Oct 2018 01:23:48 +0000 (10:23 +0900)]
Fix Build Warning
Change-Id: Ie5e737100aaa44a72d75376b69a15a0325bdd62e
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dongsun Lee [Wed, 12 Sep 2018 04:14:00 +0000 (13:14 +0900)]
Fix SVACE defects
- 325773 : ignoring return value of 'fread', declared with attribute warn_unused_result
- 347249 : format '%ld' expects argument of type 'long int'
Change-Id: I8ec62253afb4649cc7d8a4c810bcba5b5b03ad84
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Pawel Kowalski [Mon, 20 Aug 2018 07:31:12 +0000 (09:31 +0200)]
Add Apache 2.0 license headers
Change-Id: I514199642ec446c7c33fe5ff3d4d2a8a132aebd3
Tomasz Swierczek [Fri, 27 Jul 2018 05:41:06 +0000 (07:41 +0200)]
Release 2.0.2 version
Change-Id: If733dc27827c1fe71316a08ad3425a32ee30f7c4
Tomasz Swierczek [Thu, 26 Jul 2018 08:06:15 +0000 (10:06 +0200)]
Add CMake options to build position-independent code (pie)
Change-Id: I35a8635d7dd42d3fa801440dfc72691ad44201c9
Dariusz Michaluk [Thu, 14 Jun 2018 14:49:20 +0000 (16:49 +0200)]
Release 2.0.1 version
Change-Id: I5455988328e7c9d90b7b0e28ce1c0fd29714f940
Dariusz Michaluk [Wed, 23 May 2018 11:16:06 +0000 (13:16 +0200)]
Fix: replace strdup with memcpy
Change-Id: Ie8923d089b5cce03b5d9a354a7ed6d0a173fc509
Dariusz Michaluk [Wed, 13 Jun 2018 13:13:00 +0000 (15:13 +0200)]
DCM API tests refactoring
Rename dcm_hw_api_test to dcm_api_test.
Remove RSA tests (not supported by device).
Fix warnings.
Change-Id: Id0143b229c3c371aadb7a30eef8d3bc209fdc430
Dariusz Michaluk [Mon, 7 May 2018 14:06:47 +0000 (16:06 +0200)]
Release 2.0 version
Change-Id: I8f7a6834aad1f21872051eb05a0173632d6d5d2d
Dongsun Lee [Mon, 26 Mar 2018 02:16:57 +0000 (11:16 +0900)]
Make dcm APIs as public API
Change-Id: I12dc1e3961f3842275c6cdcf54c0396bcec35a21
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Signed-off-by: Dariusz Michaluk <d.michaluk@samsung.com>
Jaroslaw Pelczar [Mon, 18 Dec 2017 05:33:16 +0000 (06:33 +0100)]
SVACE fix for strerror
WID:
39508479 Use of vulnerable function 'strerror' at
serviceadapter.cpp:99. strerror makes no guaranteee of thread safety.
Use strerror_r function instead.
Change-Id: I050aea535c0caddc4baebb945d70b29766255fe9
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
(cherry picked from commit
80a151491507a7dd8ffa4dca1064581026ba710f)
Dongsun Lee [Wed, 20 Dec 2017 00:31:12 +0000 (09:31 +0900)]
fix dependency error for libprotobuf9
Change-Id: Ie67771cbcd08487e835bf1581d72486a721533cc
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
(cherry picked from commit
fa707323feafd524fd1c53440c8c9a198d6cf7b5)
Dongsun Lee [Mon, 18 Dec 2017 07:12:08 +0000 (16:12 +0900)]
Add libraries to Requires in spec file
- protobuf and boost libraries are not loaded on tizen image by default.
- these libraries should be listed in Requires to load on tizen image with DCM.
Change-Id: Ie7ba34bfc5402610fcc472fc2fca4a9b581d13b0
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
(cherry picked from commit
3142cdd52fcfae16dedfa9d4dfd7012b70494467)
Jaroslaw Pelczar [Wed, 20 Dec 2017 08:37:37 +0000 (09:37 +0100)]
Fix systemd service script
This commit fixes service load error after installation and
service reload after reinstallation.
Change-Id: I8d66540028cd3eb78f9db9fe08992a9070685edb
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 19 Dec 2017 05:21:16 +0000 (06:21 +0100)]
Use new privilege for client
New privilege is required by server:
http://tizen.org/privilege/devicecertificate
Change-Id: I1c4a39ad201b8fefc9eabf0dc70f083d4014a33b
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Thu, 14 Dec 2017 07:14:42 +0000 (08:14 +0100)]
Bump DCM release to 2 in spec
Change-Id: I38d4bfbb795042c8090109f72f73b7d9a1d0a6bf
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Dong Sun Lee [Wed, 27 Dec 2017 05:21:51 +0000 (05:21 +0000)]
Merge "Always rewrite certificate chain from backend" into tizen
Dong Sun Lee [Wed, 27 Dec 2017 05:20:19 +0000 (05:20 +0000)]
Merge "Add test case for certificate rewriter" into tizen
Dong Sun Lee [Wed, 27 Dec 2017 05:20:15 +0000 (05:20 +0000)]
Merge "Implement x509 certificate rewriter" into tizen
Jaroslaw Pelczar [Thu, 14 Dec 2017 06:37:18 +0000 (07:37 +0100)]
Always rewrite certificate chain from backend
Change-Id: Ia76a36d75a802a97f4cf58f8b4826504451e87bc
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Thu, 14 Dec 2017 10:46:31 +0000 (11:46 +0100)]
Add test case for certificate rewriter
Change-Id: I10a3746c12ba922becb1e92b8e746d6c01b57338
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Thu, 14 Dec 2017 06:30:47 +0000 (07:30 +0100)]
Implement x509 certificate rewriter
This class will rewrite broken x509 chains into correct order.
Change-Id: I58b7a312f39443d7740fcda2bef94b089ca24090
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Uladzislau Harbuz [Mon, 11 Dec 2017 13:47:36 +0000 (14:47 +0100)]
Add some simple unit tests for hw_api
Change-Id: If1fa9dfcec2afc437e00d2940378223c04ea6697
Dongsun Lee [Mon, 11 Dec 2017 07:10:14 +0000 (16:10 +0900)]
change user/group from key-manager to security_fw
Change-Id: I8854d29a2ce01f3ba0460492b904ed0f05228744
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 07:35:42 +0000 (08:35 +0100)]
Use Cynara for access control
Change-Id: I42e7aebfd0369301877e023ad5721547098b20df
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 06:18:30 +0000 (07:18 +0100)]
dcm-client: remove debug level logs, leave only error logs
Change-Id: I65f9f68274c5407ed6f51df2db81ca8298233d9e
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:43:59 +0000 (06:43 +0100)]
[cmake] Add missing include directory
Change-Id: I0d6be92ff596bee9eab05a0286b924335276ae33
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:37:32 +0000 (06:37 +0100)]
hw_api_test: use random test data
Also print data using boost::algorithm::hex
Change-Id: I57981550c4101e593916851073fa73f753f1a505
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:32:09 +0000 (06:32 +0100)]
Handle valid case for hash_size==0
If hash size is 0 then MD algorithm must not be NONE, in this
case hash_size is extracted from expected length for MD algorithm.
If MD algorithm is not NONE, then hash_size is validated against
the algorithm's expected input length.
Change-Id: Ib95d8138ce6a21c364a5d7f88910fde15e32a026
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:29:49 +0000 (06:29 +0100)]
hw_api_test: refactor to use C++ wrappers for mbedtls
Change-Id: I8b593f4a8ca3de9f4ac938cb65667bafccf71d06
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:05:46 +0000 (06:05 +0100)]
Move mbedtls_wrapper.h to shared subdirectory
Change-Id: I7de8872bb943429ae38618a20f4e7f85248a75d1
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 10:59:29 +0000 (11:59 +0100)]
see backend: create mbedtls compatible ASN.1 ECDSA signature
Change-Id: I0dd2133f1c5d687221f9d5290713cc15a0e97744
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 10:20:32 +0000 (11:20 +0100)]
hw_api_test: show more errors and update signature verification
Change-Id: I4ba040beff40e16db60e5982525cac33d223ae6b
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 10:03:10 +0000 (11:03 +0100)]
hw_api_test: add hash signature verification
Change-Id: I56fcd9f41cdaad50728f0fb9226b06e4235f0fb3
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 09:07:23 +0000 (10:07 +0100)]
Added certificate reversing for broken libSEE API
Change-Id: I3ce62b70675feb4fa05a81ec357bea0c58a92bca
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 07:01:23 +0000 (08:01 +0100)]
dcm-client: add linker version script
Change-Id: I3536085c5c2c4786666b322210918e569864d860
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 06:10:33 +0000 (07:10 +0100)]
Use artik security framework without external dependency
Change-Id: If6533199a1cbfc1f4b6f36abacb96b3bfabaecc0
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jarek Pelczar [Tue, 21 Nov 2017 13:07:48 +0000 (14:07 +0100)]
Initial source commit
Change-Id: Ia5a0abd9f6b64e37aca07ecfb0b3b7476a0f7394
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Tizen Infrastructure [Wed, 15 Nov 2017 10:22:23 +0000 (10:22 +0000)]
Initial empty repository