summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Dariusz Michaluk [Mon, 7 May 2018 14:06:47 +0000 (16:06 +0200)]
Release 2.0 version
Change-Id: I8f7a6834aad1f21872051eb05a0173632d6d5d2d
Dongsun Lee [Mon, 26 Mar 2018 02:16:57 +0000 (11:16 +0900)]
Make dcm APIs as public API
Change-Id: I12dc1e3961f3842275c6cdcf54c0396bcec35a21
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Signed-off-by: Dariusz Michaluk <d.michaluk@samsung.com>
Jaroslaw Pelczar [Mon, 18 Dec 2017 05:33:16 +0000 (06:33 +0100)]
SVACE fix for strerror
WID:
39508479 Use of vulnerable function 'strerror' at
serviceadapter.cpp:99. strerror makes no guaranteee of thread safety.
Use strerror_r function instead.
Change-Id: I050aea535c0caddc4baebb945d70b29766255fe9
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
(cherry picked from commit
80a151491507a7dd8ffa4dca1064581026ba710f)
Dongsun Lee [Wed, 20 Dec 2017 00:31:12 +0000 (09:31 +0900)]
fix dependency error for libprotobuf9
Change-Id: Ie67771cbcd08487e835bf1581d72486a721533cc
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
(cherry picked from commit
fa707323feafd524fd1c53440c8c9a198d6cf7b5)
Dongsun Lee [Mon, 18 Dec 2017 07:12:08 +0000 (16:12 +0900)]
Add libraries to Requires in spec file
- protobuf and boost libraries are not loaded on tizen image by default.
- these libraries should be listed in Requires to load on tizen image with DCM.
Change-Id: Ie7ba34bfc5402610fcc472fc2fca4a9b581d13b0
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
(cherry picked from commit
3142cdd52fcfae16dedfa9d4dfd7012b70494467)
Jaroslaw Pelczar [Wed, 20 Dec 2017 08:37:37 +0000 (09:37 +0100)]
Fix systemd service script
This commit fixes service load error after installation and
service reload after reinstallation.
Change-Id: I8d66540028cd3eb78f9db9fe08992a9070685edb
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 19 Dec 2017 05:21:16 +0000 (06:21 +0100)]
Use new privilege for client
New privilege is required by server:
http://tizen.org/privilege/devicecertificate
Change-Id: I1c4a39ad201b8fefc9eabf0dc70f083d4014a33b
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Thu, 14 Dec 2017 07:14:42 +0000 (08:14 +0100)]
Bump DCM release to 2 in spec
Change-Id: I38d4bfbb795042c8090109f72f73b7d9a1d0a6bf
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Dong Sun Lee [Wed, 27 Dec 2017 05:21:51 +0000 (05:21 +0000)]
Merge "Always rewrite certificate chain from backend" into tizen
Dong Sun Lee [Wed, 27 Dec 2017 05:20:19 +0000 (05:20 +0000)]
Merge "Add test case for certificate rewriter" into tizen
Dong Sun Lee [Wed, 27 Dec 2017 05:20:15 +0000 (05:20 +0000)]
Merge "Implement x509 certificate rewriter" into tizen
Jaroslaw Pelczar [Thu, 14 Dec 2017 06:37:18 +0000 (07:37 +0100)]
Always rewrite certificate chain from backend
Change-Id: Ia76a36d75a802a97f4cf58f8b4826504451e87bc
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Thu, 14 Dec 2017 10:46:31 +0000 (11:46 +0100)]
Add test case for certificate rewriter
Change-Id: I10a3746c12ba922becb1e92b8e746d6c01b57338
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Thu, 14 Dec 2017 06:30:47 +0000 (07:30 +0100)]
Implement x509 certificate rewriter
This class will rewrite broken x509 chains into correct order.
Change-Id: I58b7a312f39443d7740fcda2bef94b089ca24090
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Uladzislau Harbuz [Mon, 11 Dec 2017 13:47:36 +0000 (14:47 +0100)]
Add some simple unit tests for hw_api
Change-Id: If1fa9dfcec2afc437e00d2940378223c04ea6697
Dongsun Lee [Mon, 11 Dec 2017 07:10:14 +0000 (16:10 +0900)]
change user/group from key-manager to security_fw
Change-Id: I8854d29a2ce01f3ba0460492b904ed0f05228744
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 07:35:42 +0000 (08:35 +0100)]
Use Cynara for access control
Change-Id: I42e7aebfd0369301877e023ad5721547098b20df
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 06:18:30 +0000 (07:18 +0100)]
dcm-client: remove debug level logs, leave only error logs
Change-Id: I65f9f68274c5407ed6f51df2db81ca8298233d9e
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:43:59 +0000 (06:43 +0100)]
[cmake] Add missing include directory
Change-Id: I0d6be92ff596bee9eab05a0286b924335276ae33
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:37:32 +0000 (06:37 +0100)]
hw_api_test: use random test data
Also print data using boost::algorithm::hex
Change-Id: I57981550c4101e593916851073fa73f753f1a505
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:32:09 +0000 (06:32 +0100)]
Handle valid case for hash_size==0
If hash size is 0 then MD algorithm must not be NONE, in this
case hash_size is extracted from expected length for MD algorithm.
If MD algorithm is not NONE, then hash_size is validated against
the algorithm's expected input length.
Change-Id: Ib95d8138ce6a21c364a5d7f88910fde15e32a026
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:29:49 +0000 (06:29 +0100)]
hw_api_test: refactor to use C++ wrappers for mbedtls
Change-Id: I8b593f4a8ca3de9f4ac938cb65667bafccf71d06
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Tue, 5 Dec 2017 05:05:46 +0000 (06:05 +0100)]
Move mbedtls_wrapper.h to shared subdirectory
Change-Id: I7de8872bb943429ae38618a20f4e7f85248a75d1
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 10:59:29 +0000 (11:59 +0100)]
see backend: create mbedtls compatible ASN.1 ECDSA signature
Change-Id: I0dd2133f1c5d687221f9d5290713cc15a0e97744
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 10:20:32 +0000 (11:20 +0100)]
hw_api_test: show more errors and update signature verification
Change-Id: I4ba040beff40e16db60e5982525cac33d223ae6b
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 10:03:10 +0000 (11:03 +0100)]
hw_api_test: add hash signature verification
Change-Id: I56fcd9f41cdaad50728f0fb9226b06e4235f0fb3
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 09:07:23 +0000 (10:07 +0100)]
Added certificate reversing for broken libSEE API
Change-Id: I3ce62b70675feb4fa05a81ec357bea0c58a92bca
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 07:01:23 +0000 (08:01 +0100)]
dcm-client: add linker version script
Change-Id: I3536085c5c2c4786666b322210918e569864d860
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jaroslaw Pelczar [Mon, 4 Dec 2017 06:10:33 +0000 (07:10 +0100)]
Use artik security framework without external dependency
Change-Id: If6533199a1cbfc1f4b6f36abacb96b3bfabaecc0
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Jarek Pelczar [Tue, 21 Nov 2017 13:07:48 +0000 (14:07 +0100)]
Initial source commit
Change-Id: Ia5a0abd9f6b64e37aca07ecfb0b3b7476a0f7394
Signed-off-by: Jaroslaw Pelczar <j.pelczar@samsung.com>
Tizen Infrastructure [Wed, 15 Nov 2017 10:22:23 +0000 (10:22 +0000)]
Initial empty repository
projects / platform / core / security / device-certificate-manager.git / log