summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Kyungwook Tak [Wed, 7 Dec 2016 08:22:40 +0000 (17:22 +0900)]
Remove reload option to wae initializer service
Reload option is not needed anymore.
To be secure, remove all KEKs from dek store (also adek) after loading
preloaded adeks once. Loaded adeks are stored in key-manager so they're
useless.
Related test cases are added. (load preloaded app deks)
(TODO) To use key-manager initial value feature is highly considered
to store KEK private key more securely.
Change-Id: I2f6c645398277968cd7d480236d1802a07fa33df
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Bartlomiej Kunikowski [Mon, 5 Dec 2016 07:49:59 +0000 (08:49 +0100)]
Fix for wae_initializer
There is a bug in if statement, it don't allow to properly work
of this initializer if there are no --reload flag.
Other way to do it is simply use wae_initializer always as it
is with --reload flag.
Change-Id: I9622373c914f8c0f1f22d3f810417251cced81ba
Signed-off-by: Bartlomiej Kunikowski <b.kunikowski@partner.samsung.com>
(cherry picked from commit
1fcac8945420537f89d24a0e8e52ec99cc432674)
Kyungwook Tak [Mon, 5 Dec 2016 08:13:40 +0000 (17:13 +0900)]
Use cp instead of mv in upgrade script
RO partition shouldn't be modified
Change-Id: I70b8de4051cd4295b5431b77fd5eb82f1e518731
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Mon, 5 Dec 2016 08:10:20 +0000 (17:10 +0900)]
Numbering upgrade script
wae-upgrade.sh -> 200.wae.sh
Change-Id: I77f59c43be20cdb7eb808ca5e7a754287bcdfcb0
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Mon, 28 Nov 2016 11:25:03 +0000 (20:25 +0900)]
Fix svace defects
1) Missing returned value checking.
2) variable misused (start -> end).
3) Dead code exist in preloaded app dek loading while loop.
Make subroutine to simplify loop codes/resource managed.
Change-Id: Ic775e336e6480dfb56539e382edf292f2101ec8b
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Tue, 6 Sep 2016 06:55:08 +0000 (15:55 +0900)]
Add upgrade script
Change-Id: I4d38443cf3880b50215aa36e084445cc8bbb60be
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
sangwan.kwon [Thu, 11 Aug 2016 06:15:12 +0000 (15:15 +0900)]
[HOTFIX] Fix build break on 64bit arch
[Problem]
* EVP_Digest parameter type is unsigned int
* size_t is differ between 32bit and 64bit
[Solution]
* Use unsigned int instead of size_t
Change-Id: Ib398532c7148bcd9d736c7282e0b74c8042a2ede
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
Kyungwook Tak [Wed, 27 Jul 2016 07:54:50 +0000 (16:54 +0900)]
[API changed] Add uid parameter
Installer will be run as system (from user) so we cannot retrieve user
id from client credential(by key-manager).
Change-Id: I1e091bfc0b88fce418cd209a7a1adab021b6c0d2
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Wed, 3 Aug 2016 04:17:17 +0000 (13:17 +0900)]
Set uid/gid to wae initializer service
Change-Id: I15ee0cb42c05cf19d875b4b9acf96e78939a240f
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Thu, 21 Jul 2016 07:46:00 +0000 (16:46 +0900)]
Add data structures
For migrated web app, we need to more fields in cache e.g., IV and
is_migrated flag to handle it separately.
Because cipher algorithm, iv and key size could be different between old
secure storage, it depends on product implementation. So this
architecture needs more flexibility.
A lot of code changed because of the principle data structure is added
from the bottom.
Change-Id: Id6a10b9f707f4da25016dd928ab4049be619a610
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Yunjin Lee [Wed, 20 Jul 2016 10:24:34 +0000 (19:24 +0900)]
Set SmackProcessLabel to System
Change-Id: I685a98780fde45ad0975a0a80dcabd68760f9244
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Kyungwook Tak [Tue, 19 Jul 2016 07:21:51 +0000 (16:21 +0900)]
Fix memory leak on decrypt migrated wgt
Change-Id: I300a887e7e633af858e102797c500d1266566355
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Tue, 19 Jul 2016 07:16:10 +0000 (16:16 +0900)]
Logging openssl log on crypto error cases
Change-Id: I60d574d8813637077fa1e278a3d72dbfed07333c
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Mon, 18 Jul 2016 03:54:40 +0000 (12:54 +0900)]
Support platform upgrade case
secure-storage is removed since Tizen platform version 3.0.
downloaded web apps encryption works based on different key from lower
than 3.0. secure-storage used DUK(device unique key with seed(pkgid)) as DEK.
If downloaded app cannot find DEK when decrypt, it's considered as
encrypted lower than 3.0 case. So webappenc creates DEK and uses algorithm
which had been used lower than 3.0 in secure-storage.
For now it's hard to save newly created old key in key-manager because
migrated web app is considered as global app and the case would be found
in decryption time (by web app launcher) who don't have permission to save
in system db of key-manager with "/System" label.
Permission policy of system db of key-manager should be changed OR
migrated app should not be global app (it should be downloaded normal
app) to save created key in key-manager.
Change-Id: I9b8516184cce9f43b328e290c15127151e5c861e
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Mon, 18 Jul 2016 02:28:53 +0000 (11:28 +0900)]
Fix C code naming rules & minor fixes
- Remove some goto label which isn't needed
- Change 'num' param of strncmp / strncpy with meaningful value
(static buffer's size)
- Add const to unsigned char array input param
- Change param names (c string array and raw buffer array)
const char *pPkgId -> pkgId
unsigned char *pDek -> dek
unsigned char **ppDek -> pDek
- Change all camel naminges to underbar
- Remove null checking before call free()
free() does nothing if ptr is null pointer.
(refer: http://linux.die.net/man/3/free)
- Add missing closedir() after opendir()
Change-Id: I7e5888ed3dc77e5355cfc441f10dc0d6d916921c
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Fri, 15 Jul 2016 10:42:35 +0000 (19:42 +0900)]
Apply boost test framework
run with sdb root on : wae_tests --run_test=SYSTEM
run with sdb root off : wae_tests --run_test=USER
Change-Id: I0792e1e649f5e36c6f8715047f5ba5fd9ec48ecf
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Fri, 15 Jul 2016 06:01:54 +0000 (15:01 +0900)]
Add test manifest for exec labeling
Change-Id: Ib54e8558417b8f32782c7ada3d6bdda8999a5b0f
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Fri, 15 Jul 2016 04:27:01 +0000 (13:27 +0900)]
Apply coding style of tizen by astyle
Change-Id: I495bcdeae8705c2bb8b605762e31458919736926
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Fri, 15 Jul 2016 02:52:13 +0000 (11:52 +0900)]
Use stdbool instead of macro for boolean
Change-Id: I6d95a582cd8d2ec52adb314a167bd42dd386ac0b
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Dongsun Lee [Mon, 27 Jun 2016 01:09:00 +0000 (10:09 +0900)]
Revert "change installer smack label from User to System"
This reverts commit
d1da2aa31e64a93d1e1f5b3c7586c6a4186df4f3.
The smack labels of xxx-backend was changed into User label again.
Change-Id: Ic50ef8739d9e39914d518d1e063eec9a62a7831d
Dongsun Lee [Tue, 21 Jun 2016 04:04:32 +0000 (13:04 +0900)]
change installer smack label from User to System
Change-Id: I1522806cb2b7511455821134f8ae42a53a575e6e
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Kyungwook Tak [Fri, 11 Mar 2016 06:00:47 +0000 (15:00 +0900)]
Fix SVACE defects
Remove unused values in test code
Handle negative return value from ftell
Change-Id: I331e1335ad900ef9e5ec4523a832ec2c38dfb7f8
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Wed, 2 Mar 2016 11:45:52 +0000 (20:45 +0900)]
Use snprintf instead of sprintf to be safe
Change-Id: I664d9f039b09b576c4ebe84c29d8a7c459bc1384
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Wed, 2 Mar 2016 11:13:42 +0000 (20:13 +0900)]
Refine spec file
- Fix groups
- Remove non-used definition
- Use macros
Change-Id: I109ebe1280138c23bbd12f7f97e7665110cdd646
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Wed, 2 Mar 2016 11:06:36 +0000 (20:06 +0900)]
Add gitignore file
Change-Id: I79f9c4e40c72bcbe29fd1bb662566a7c614cb2ca
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Mon, 14 Dec 2015 07:00:28 +0000 (16:00 +0900)]
Remove tz platform config devel dependency
Change-Id: I37a0eb70b2a89f5deb86d312473d31533bb8a4a2
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Dongsun Lee [Tue, 22 Sep 2015 07:34:18 +0000 (16:34 +0900)]
change ckmc_owner_id_system to ckmc_owner_id_system
Change-Id: I80623a8502d4a443718e5ecf449818fc75e731c1
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dongsun Lee [Mon, 21 Sep 2015 10:43:09 +0000 (19:43 +0900)]
Change alias because wrt-installer backend runs with owner uid
Change-Id: Icee00ba20a651600bb64ed045910fddba9bf915b
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dongsun Lee [Thu, 13 Aug 2015 07:35:58 +0000 (16:35 +0900)]
change API signatures to support GLOBAL app and NORMAL app at the same time
Change-Id: Ic9a60b295bff13bb59c1c6990dfbad569e92c267
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dongsun Lee [Fri, 24 Jul 2015 05:17:54 +0000 (14:17 +0900)]
bug fix in test codes for 64bit build
Change-Id: If64499d0636ea6a08d9a96f73f83fa7d57d858e4
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Dongsun Lee [Tue, 26 May 2015 00:42:38 +0000 (09:42 +0900)]
initial version
Change-Id: Ibb7891bee67bdd82f34187f5da2fc3c4bbfa8fcd
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Jeonghoon Jeon [Tue, 17 Mar 2015 02:35:01 +0000 (19:35 -0700)]
Initial empty repository