From 311d0521dd83a34b1c8bcf9988c0023b3f75b164 Mon Sep 17 00:00:00 2001
From: "so.yu" <so.yu@samsung.com>
Date: Sun, 7 Apr 2013 16:39:29 +0900
Subject: [PATCH] Use dukgenerator instead of the _DeviceKeyGenerator for the
 PrivateKey encryption

Change-Id: Ic2da1109ffdeef9626cd1edaff9c7e89e41f8e19
Signed-off-by: so.yu <so.yu@samsung.com>
---
 packaging/osp-appfw.spec                            |  1 +
 src/CMakeLists.txt                                  |  1 +
 src/io/FIo_SecureIoUtil.cpp                         |  1 -
 src/security/cert/FSecCert_CertPrivateKeyInfo.cpp   | 10 +++++++---
 src/security/crypto/FSecCrypto_TrustZoneService.cpp |  1 -
 5 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/packaging/osp-appfw.spec b/packaging/osp-appfw.spec
index e1518da..6a734fd 100755
--- a/packaging/osp-appfw.spec
+++ b/packaging/osp-appfw.spec
@@ -27,6 +27,7 @@ BuildRequires:  pkgconfig(dbus-1)
 BuildRequires:  pkgconfig(dbus-glib-1)
 BuildRequires:  pkgconfig(devman)
 BuildRequires:  pkgconfig(dlog)
+BuildRequires:  pkgconfig(dukgenerator)
 BuildRequires:  pkgconfig(ecore)
 BuildRequires:  pkgconfig(glib-2.0)
 BuildRequires:  pkgconfig(heynoti)
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 0a2b553..0604dd7 100755
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -11,6 +11,7 @@ pkg_check_modules(pkgs REQUIRED
 	devman
 	dlog
 	drm-service-core-intel
+	dukgenerator
 	ecore
 	glib-2.0
 	haptic
diff --git a/src/io/FIo_SecureIoUtil.cpp b/src/io/FIo_SecureIoUtil.cpp
index eea2dfc..119165a 100644
--- a/src/io/FIo_SecureIoUtil.cpp
+++ b/src/io/FIo_SecureIoUtil.cpp
@@ -42,7 +42,6 @@
 
 #include <FBase_NativeError.h>
 #include <FBaseSysLog.h>
-#include <FSec_DeviceKeyGenerator.h>
 #include <FBase_StringConverter.h>
 #include <FIo_SecureIoUtil.h>
 #include <FIo_FileUtil.h>
diff --git a/src/security/cert/FSecCert_CertPrivateKeyInfo.cpp b/src/security/cert/FSecCert_CertPrivateKeyInfo.cpp
index 3486253..2dbf462 100644
--- a/src/security/cert/FSecCert_CertPrivateKeyInfo.cpp
+++ b/src/security/cert/FSecCert_CertPrivateKeyInfo.cpp
@@ -33,13 +33,13 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pkcs12.h>
+#include <dukgen.h>
 #include <FIoFile.h>
 #include <FIoFileAttributes.h>
 #include <FBaseByteBuffer.h>
 #include <FBaseString.h>
 #include <FBaseResult.h>
 #include <FBaseSysLog.h>
-#include <FSec_DeviceKeyGenerator.h>
 #include <FSecISecretKey.h>
 #include "FSecCert_CertPrivateKeyInfo.h"
 
@@ -96,13 +96,15 @@ _CertPrivateKeyInfo::GetEncDecPrivateKeyN(int& keyLen, byte** ppPrivKey, int enc
 	result r = E_SUCCESS;
 	byte uniqueKey[16] = {0};
 	byte ivData[16] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f};
+	char certMgrInfo[16] = {0x09, 0x25, 0x19, 0x87, 0xBF, 0x02, 0x14, 0x19, 0x88, 0xDD, 0x12, 0x30, 0x19, 0x86, 0xAD, 0xED};
+	int certMgrInfoLen = 16;
 	int aesBlockLen = 16;
 	int outLength = 0;
 	int lenData = 0;
 	int err = 0;
 	EVP_CIPHER_CTX ctx;
 
-	std::unique_ptr< ISecretKey > pSecKey(reinterpret_cast< ISecretKey* >(_DeviceKeyGenerator::GenerateDeviceKeyN(aesBlockLen)));
+	std::unique_ptr< ISecretKey > pSecKey(reinterpret_cast< ISecretKey* >(GetDeviceUniqueKey(certMgrInfo, certMgrInfoLen, aesBlockLen)));
 	SysTryReturnResult(NID_SEC_CERT, pSecKey != null, E_SYSTEM, "Failed to generate secret key.");
 
 	std::unique_ptr< ByteBuffer > pKeyBuf(pSecKey->GetEncodedN());
@@ -163,6 +165,8 @@ _CertPrivateKeyInfo::GetPkcs8EncDecKeyN(int& keyLen, byte** ppPrivKey, int encDe
 {
 	result r = E_SUCCESS;
 	byte uniqueKey[16] = {0};
+	char certMgrInfo[16] = {0x09, 0x25, 0x19, 0x87, 0xBF, 0x02, 0x14, 0x19, 0x88, 0xDD, 0x12, 0x30, 0x19, 0x86, 0xAD, 0xED};
+	int certMgrInfoLen = 16;
 	int aesBlockLen = 16;
 	const EVP_CIPHER* pCipher = null;
 	X509_SIG* pPkcs8Key = null;
@@ -172,7 +176,7 @@ _CertPrivateKeyInfo::GetPkcs8EncDecKeyN(int& keyLen, byte** ppPrivKey, int encDe
 	long tempkeyLen = 0;
 	byte* pPrivKey = null;
 
-	std::unique_ptr< ISecretKey > pSecKey(reinterpret_cast< ISecretKey* >(_DeviceKeyGenerator::GenerateDeviceKeyN(aesBlockLen)));
+	std::unique_ptr< ISecretKey > pSecKey(reinterpret_cast< ISecretKey* >(GetDeviceUniqueKey(certMgrInfo, certMgrInfoLen, aesBlockLen)));
 	SysTryReturnResult(NID_SEC_CERT, pSecKey != null, E_SYSTEM, "Failed to generate secret key.");
 
 	std::unique_ptr< ByteBuffer > pKeyBuf(pSecKey->GetEncodedN());
diff --git a/src/security/crypto/FSecCrypto_TrustZoneService.cpp b/src/security/crypto/FSecCrypto_TrustZoneService.cpp
index c8a323b..7e77ff7 100755
--- a/src/security/crypto/FSecCrypto_TrustZoneService.cpp
+++ b/src/security/crypto/FSecCrypto_TrustZoneService.cpp
@@ -29,7 +29,6 @@
 #include <FBase.h>
 #include <FIo_IpcCommonParamTraits.h>
 #include <FSecCryptoAesCipher.h>
-#include <FSec_DeviceKeyGenerator.h>
 #include "FSecCrypto_TrustZoneService.h"
 #include "FSecCrypto_TrustZoneServiceMessage.h"
 
-- 
2.7.4