From 2585811e5ae1e2c13b62738486d60be4e1bb5663 Mon Sep 17 00:00:00 2001 From: "sangwan.kwon" Date: Fri, 14 Apr 2017 13:07:48 +0900 Subject: [PATCH] Add API examples about installer and launcher Change-Id: I2a839f5b56884fc0eed1f8db156357e07595f071 Signed-off-by: sangwan.kwon --- CMakeLists.txt | 1 + api/tanchor/trust-anchor.h | 1 + examples/CMakeLists.txt | 30 ++++++++++++++++++++ examples/installer.c | 56 +++++++++++++++++++++++++++++++++++++ examples/launcher.c | 51 +++++++++++++++++++++++++++++++++ packaging/trust-anchor.spec | 20 +++++++++++-- 6 files changed, 156 insertions(+), 3 deletions(-) create mode 100644 examples/CMakeLists.txt create mode 100644 examples/installer.c create mode 100644 examples/launcher.c diff --git a/CMakeLists.txt b/CMakeLists.txt index 313e990..a496720 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -83,3 +83,4 @@ ADD_SUBDIRECTORY(api) ADD_SUBDIRECTORY(lib) ADD_SUBDIRECTORY(src) ADD_SUBDIRECTORY(tests) +ADD_SUBDIRECTORY(examples) diff --git a/api/tanchor/trust-anchor.h b/api/tanchor/trust-anchor.h index 19c86eb..c32b90a 100644 --- a/api/tanchor/trust-anchor.h +++ b/api/tanchor/trust-anchor.h @@ -26,6 +26,7 @@ #include +#include #include diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt new file mode 100644 index 0000000..5a4373a --- /dev/null +++ b/examples/CMakeLists.txt @@ -0,0 +1,30 @@ +# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +# +# @file CMakeLists.txt +# @author Sangwan kwon (sangwan.kwon@samsung.com) +# + +INCLUDE_DIRECTORIES(SYSTEM ${TANCHOR_INCLUDE}) + +FUNCTION(BUILD_EXAMPLE EXAMPLE_NAME EXAMPLE_SRCS) + # just for build test + ADD_EXECUTABLE(${EXAMPLE_NAME} ${EXAMPLE_SRCS}) + TARGET_LINK_LIBRARIES(${EXAMPLE_NAME} ${TARGET_TANCHOR_LIB}) + INSTALL(FILES ${EXAMPLE_SRCS} + DESTINATION ${TANCHOR_EXAMPLE}) +ENDFUNCTION(BUILD_EXAMPLE) + +BUILD_EXAMPLE("tanchor-example-installer" installer.c) +BUILD_EXAMPLE("tanchor-example-launcher" launcher.c) diff --git a/examples/installer.c b/examples/installer.c new file mode 100644 index 0000000..71bb52d --- /dev/null +++ b/examples/installer.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file installer.c + * @author Sangwan Kwon (sangwan.kwon@samsung.com) + * @version 0.1 + * @brief Installer API example + */ + +#include +#include + +#include + +int main() +{ + /* + * When app installed trust_anchor_global_install() should be called once. + * If app is user-app, call trust_anchor_usr_install() with uid. + * + * [pre-condition] + * 1. Get with_sys_certs information from App configuration. + */ + bool with_sys = false; + + int ret = trust_anchor_global_install("pkgid", "/app_certs_path", with_sys); + if (ret != TRUST_ANCHOR_ERROR_NONE) { + printf("Failed to install operation"); + return -1; + } + + /* + * When app uninstalled trust_anchor_global_uninstall() should be called once. + * If app is user-app, call trust_anchor_usr_uninstall() with uid. + */ + ret = trust_anchor_global_uninstall("pkgid", "/app_certs_path"); + if (ret != TRUST_ANCHOR_ERROR_NONE) { + printf("Failed to uninstall operation"); + return -1; + } + + return 0; +} diff --git a/examples/launcher.c b/examples/launcher.c new file mode 100644 index 0000000..21df3ac --- /dev/null +++ b/examples/launcher.c @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file launcher.c + * @author Sangwan Kwon (sangwan.kwon@samsung.com) + * @version 0.1 + * @brief Launcher API example + */ + +#include +#include + +#include + +int main() +{ + /* + * When app launched trust_anchor_global_launch() should be called once. + * If app is user-app, call trust_anchor_usr_launch() with uid. + * + * [caution] + * Since trust anchor launch operation disassocaite namespace, + * other mount tasks should be done before trust_anchor_usr_launch() called. + * + * [pre-condition] + * 1. Launcher should have CAP_SYS_ADMIN. + * 2. Get with_sys_certs information.(It should be saved when app installed.) + */ + bool with_sys = false; + + int ret = trust_anchor_global_launch("pkgid", "/app_certs_path", with_sys); + if (ret != TRUST_ANCHOR_ERROR_NONE) { + printf("Failed to launch operation"); + return -1; + } + + return 0; +} diff --git a/packaging/trust-anchor.spec b/packaging/trust-anchor.spec index a809008..7a4d9ee 100644 --- a/packaging/trust-anchor.spec +++ b/packaging/trust-anchor.spec @@ -26,6 +26,7 @@ Requires(postun): /sbin/ldconfig %global tanchor_global %{tanchor_base}/global %global tanchor_bundle %{tanchor_base}/ca-bundle.pem %global tanchor_test %{tanchor_base}/test +%global tanchor_example %{tanchor_base}/example %description The package provides trust-anchor which the application can assign @@ -63,6 +64,7 @@ SSL root certificates for its HTTPS communication. -DTANCHOR_GLOBAL=%{tanchor_global} \ -DTANCHOR_BUNDLE=%{tanchor_bundle} \ -DTANCHOR_TEST=%{tanchor_test} \ + -DTANCHOR_EXAMPLE=%{tanchor_example} \ -DTZ_SYS_CA_CERTS=%{TZ_SYS_CA_CERTS} \ -DTZ_SYS_CA_BUNDLE=%{TZ_SYS_CA_BUNDLE} \ -DTZ_SYS_RO_CA_CERTS=%{TZ_SYS_RO_CA_CERTS} \ @@ -101,7 +103,7 @@ The package provides Trust Anchor API development files. ## Test Package ############################################################## %package -n trust-anchor-test Summary: Trust Anchor API test -Group: Development/Libraries +Group: Security/Development BuildRequires: pkgconfig(libcurl) %description -n trust-anchor-test @@ -113,5 +115,17 @@ Testcases for trust anchor library %{_bindir}/%{lib_name}-test-clauncher %{_bindir}/%{lib_name}-test-internal %{_bindir}/%{lib_name}-test-init.sh -%{TZ_SYS_DATA}/%{lib_name}/test -%{TZ_SYS_DATA}/%{lib_name}/test/certs +%{tanchor_test} +%{tanchor_test}/certs + +## Example Package ############################################################ +%package -n trust-anchor-example +Summary: Trust Anchor API example +Group: Security/Other + +%description -n trust-anchor-example +Examples for trust anchor library + +%files -n trust-anchor-example +%{tanchor_example}/installer.c +%{tanchor_example}/launcher.c -- 2.34.1