From 5f91ceafc48c23588c8336c515f556881dcc459a Mon Sep 17 00:00:00 2001 From: SeungminYu Date: Mon, 25 Mar 2013 13:19:09 +0900 Subject: [PATCH] Revert "Implement seperated server-so model" This reverts commit e2bdbca382bd9df4f5a1b733cbb630722f42d58e --- src/security/inc/FSec_AccessControlTypes.h | 8 - src/security/inc/FSec_PrivilegeManager.h | 6 +- src/server/CMakeLists.txt | 2 - src/server/inc/FSec_PrivilegeManagerServer.h | 76 ------- .../security/FSec_PrivilegeManagerServer.cpp | 242 --------------------- 5 files changed, 4 insertions(+), 330 deletions(-) delete mode 100644 src/server/inc/FSec_PrivilegeManagerServer.h delete mode 100644 src/server/security/FSec_PrivilegeManagerServer.cpp diff --git a/src/security/inc/FSec_AccessControlTypes.h b/src/security/inc/FSec_AccessControlTypes.h index fc8c885..fd33720 100644 --- a/src/security/inc/FSec_AccessControlTypes.h +++ b/src/security/inc/FSec_AccessControlTypes.h @@ -130,8 +130,6 @@ enum _Privilege _PRV_PRIVILEGEMANAGER_READ, _PRV_PRIVACYMANAGER_READ, _PRV_PRIVACYMANAGER_WRITE, - _PRV_INTERNET, - _PRV_ANTIVIRUS, _MAX_PRIVILEGE_ENUM }; @@ -242,8 +240,6 @@ const static _PrivilegeStringList privilegeListTable[_MAX_PRIVILEGE_ENUM] = {L"privilegemanager.read", _PRV_PRIVILEGEMANAGER_READ}, {L"privacymanager.read", _PRV_PRIVACYMANAGER_READ}, {L"privacymanager.write", _PRV_PRIVACYMANAGER_WRITE}, - {L"internet", _PRV_INTERNET}, - {L"antivirus", _PRV_ANTIVIRUS}, }; enum _PrivilegeApiVersion @@ -352,8 +348,6 @@ const static Tizen::Base::_ApiVisibility visibilityLevelListTable[_MAX_PRIVILEGE { Tizen::Base::_API_VISIBILITY_PARTNER }, // privilegemanager.read { Tizen::Base::_API_VISIBILITY_PARTNER_MANUFACTURER }, // privacymanager.read { Tizen::Base::_API_VISIBILITY_PARTNER_MANUFACTURER }, // privacymanager.write - { Tizen::Base::_API_VISIBILITY_PUBLIC }, // internet - { Tizen::Base::_API_VISIBILITY_PARTNER_MANUFACTURER }, // antivirus }; enum _PrivilegeLevel @@ -462,8 +456,6 @@ const static _PrivilegeLevel privilegeLevelListTable[_MAX_PRIVILEGE_ENUM][_PRV_A { _PRV_LEVEL_SYSTEM }, // privilegemanager.read { _PRV_LEVEL_SYSTEM }, // privacymanager.read { _PRV_LEVEL_SYSTEM }, // privacymanager.write - { _PRV_LEVEL_USER }, // internet - { _PRV_LEVEL_SYSTEM }, // antivirus }; const int MAX_BITWISE_PRIV_SIZE = (((_MAX_PRIVILEGE_ENUM - 1) / 32) + 1) * 4; diff --git a/src/security/inc/FSec_PrivilegeManager.h b/src/security/inc/FSec_PrivilegeManager.h index fe0a099..b25ddb9 100644 --- a/src/security/inc/FSec_PrivilegeManager.h +++ b/src/security/inc/FSec_PrivilegeManager.h @@ -39,7 +39,9 @@ namespace Tizen { namespace Base class String; }} - namespace Tizen { namespace Security +class PrivilegeService; + +namespace Tizen { namespace Security { class _PrivilegeCache; @@ -103,7 +105,7 @@ private: _PrivilegeCache* __pPrivilegeCache; static _PrivilegeManager* __pPrivilegeManagerInstance; - friend class _PrivilegeManagerServer; + friend class ::PrivilegeService; friend class _AccessController; friend class AccessController; diff --git a/src/server/CMakeLists.txt b/src/server/CMakeLists.txt index 4ef4f23..66fd485 100755 --- a/src/server/CMakeLists.txt +++ b/src/server/CMakeLists.txt @@ -7,7 +7,6 @@ INCLUDE_DIRECTORIES ( ${CMAKE_SOURCE_DIR}/src/io/inc ${CMAKE_SOURCE_DIR}/src/system/inc ${CMAKE_SOURCE_DIR}/src/security/inc - ${CMAKE_SOURCE_DIR}/src/security ${CMAKE_SOURCE_DIR}/src/security/cert ${CMAKE_SOURCE_DIR}/src/app/inc inc @@ -17,7 +16,6 @@ SET (${this_target}_SOURCE_FILES app/FApp_AulServer.cpp io/FIo_IpcServer.cpp security/FSec_CertServer.cpp - security/FSec_PrivilegeManagerServer.cpp ) ## SET EXTRA COMPILER FLAGS diff --git a/src/server/inc/FSec_PrivilegeManagerServer.h b/src/server/inc/FSec_PrivilegeManagerServer.h deleted file mode 100644 index 384c9cc..0000000 --- a/src/server/inc/FSec_PrivilegeManagerServer.h +++ /dev/null @@ -1,76 +0,0 @@ -// -// Open Service Platform -// Copyright (c) 2013 Samsung Electronics Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the License); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// - -/** - * @file FSec_PrivilegeManagerServer.h - * @brief This is the header file for the _PrivilegeManagerServer. - * This header file contains the declarations of the _PrivilegeManagerServer. - */ - -#ifndef _FSEC_INTERNAL_PRIVILEGE_MANAGER_SERVER_H_ -#define _FSEC_INTERNAL_PRIVILEGE_MANAGER_SERVER_H_ - -#include - -#include "FSec_AccessControlTypes.h" - -namespace Tizen { namespace Base { namespace Collection -{ -class IList; -}}} - -namespace Tizen { namespace Base -{ -class String; -}} - -class PrivilegeService; - -namespace Tizen { namespace Security -{ - -/** - * @class _PrivilegeManagerServer - * @brief This class provides a way to manage the privilege information. - * @since 2.1 - * - * This class provides a way to manage the privilege information for privilege service. - * - */ - -class _OSP_EXPORT_ _PrivilegeManagerServer -{ - -private: - - _PrivilegeManagerServer(void); - virtual ~_PrivilegeManagerServer(void); - - static result RetrievePrivilege(const Tizen::App::AppId& appId, Tizen::Base::String* pEncryptedBitwise, Tizen::Base::String* pHmac, Tizen::Base::Collection::ArrayList*& pPrivilegeList); - static result GenerateVisibilityString(Tizen::App::AppId appId, Tizen::Base::String* pEncryptedVisibility, Tizen::Base::String* pHmac); - static result GetEncryptedVisibility(int visibility, Tizen::Base::String& encryptedVisibility); - static result GetChecksum(Tizen::App::AppId appId, int visibility, Tizen::Base::String& checksum); - -private: - - friend class ::PrivilegeService; - -}; // _PrivilegeManagerServer - -}} // Tizen::Security - -#endif // _FSEC_INTERNAL_PRIVILEGE_MANAGER_SERVER_H_ diff --git a/src/server/security/FSec_PrivilegeManagerServer.cpp b/src/server/security/FSec_PrivilegeManagerServer.cpp deleted file mode 100644 index 652458e..0000000 --- a/src/server/security/FSec_PrivilegeManagerServer.cpp +++ /dev/null @@ -1,242 +0,0 @@ -// -// Open Service Platform -// Copyright (c) 2013 Samsung Electronics Co., Ltd. -// -// Licensed under the Apache License, Version 2.0 (the License); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. -// - -/** - * @file FSec_PrivilegeManagerServer.cpp - * @brief This is the implementation for the _PrivilegeManagerServer class. - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "FSec_PrivilegeManagerServer.h" - -using namespace Tizen::App; -using namespace Tizen::App::Package; -using namespace Tizen::Base; -using namespace Tizen::Base::Utility; -using namespace Tizen::Base::Collection; -using namespace Tizen::Io; -using namespace Tizen::Security; -using namespace Tizen::Security::Crypto; - -namespace Tizen { namespace Security -{ - -_PrivilegeManagerServer::_PrivilegeManagerServer(void) -{ - return; -} - -_PrivilegeManagerServer::~_PrivilegeManagerServer(void) -{ - return; -} - -result -_PrivilegeManagerServer::RetrievePrivilege(const AppId& appId, String* pEncryptedBitwise, String* pHmac, ArrayList*& pPrivilegeList) -{ - result r = E_SUCCESS; - String encryptedBitwise; - String hmac; - ArrayList* pPrivilegeStringList = null; - - r = _PrivilegeManager::RetrieveCipherPrivilegeExN(appId, encryptedBitwise, hmac, pPrivilegeStringList); - SysTryReturnResult(NID_SEC, r == E_SUCCESS, r, "Propagating."); - - pEncryptedBitwise->Append(encryptedBitwise); - pHmac->Append(hmac); - - if (pPrivilegeStringList != null) - { - IEnumerator* pEnum = null; - pEnum = pPrivilegeStringList->GetEnumeratorN(); - while (pEnum->MoveNext() == E_SUCCESS) - { - String* tempString = static_cast(pEnum->GetCurrent()); - pPrivilegeList->Add(new String(*tempString)); - } - - delete pEnum; - - pPrivilegeStringList->RemoveAll(true); - delete pPrivilegeStringList; - } - - return r; -} - - -result -_PrivilegeManagerServer::GenerateVisibilityString(AppId appId, String* pEncryptedVisibility, String* pHmac) -{ - _PackageInfoImpl infoImpl; - result r = E_SUCCESS; - int visibility = 0; - - String encryptedVisibility; - String checksum; - - r = infoImpl.Construct(appId); - if (r == E_PKG_NOT_INSTALLED) - { - SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist."); - return E_DATA_NOT_FOUND; - } - SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - visibility = infoImpl.GetApiVisibility(); - SysTryReturnResult(NID_SEC, visibility >= 0, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - r = GetEncryptedVisibility(visibility, encryptedVisibility); - SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - r = GetChecksum(appId, visibility, checksum); - SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - pEncryptedVisibility->Append(encryptedVisibility); - pHmac->Append(checksum); - - return r; -} - -result -_PrivilegeManagerServer::GetEncryptedVisibility(int visibility, String& encryptedVisibility) -{ - result r = E_SUCCESS; - ISecretKey* pKey = null; - ByteBuffer ivByte; - ByteBuffer* pEncryptedVisibility = null; - ByteBuffer* pTempVisibility = null; - AesCipher cipherEnc; - const byte ivector[_IV_LEN] = { 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B}; - - pTempVisibility = new (std::nothrow) ByteBuffer(); - SysTryReturnResult(NID_SEC, pTempVisibility != null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed."); - - r = pTempVisibility->Construct(sizeof(int)); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - r = ivByte.Construct(_IV_LEN); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - r = ivByte.SetArray(ivector, 0, _IV_LEN); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - ivByte.Flip(); - - r = pTempVisibility->SetArray((byte*)(&visibility), 0, sizeof(int)); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - pTempVisibility->Flip(); - - r = cipherEnc.Construct(L"CBC/128/PKCS7PADDING", CIPHER_ENCRYPT); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - pKey = _DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN); - SysTryCatch(NID_SEC, pKey != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - r = cipherEnc.SetKey(*pKey); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - r = cipherEnc.SetInitialVector(ivByte); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - pEncryptedVisibility = cipherEnc.EncryptN(*pTempVisibility); - SysTryCatch(NID_SEC, pTempVisibility != null, r = E_SYSTEM, E_SYSTEM, - "[E_SYSTEM] An unexpected system error occurred."); - - r = StringUtil::EncodeToBase64String(*pEncryptedVisibility, encryptedVisibility); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - // fall through - -CATCH: - - delete pTempVisibility; - delete pKey; - delete pEncryptedVisibility; - - return r; -} - -result -_PrivilegeManagerServer::GetChecksum(AppId appId, int visibility, String& checksum) -{ - result r = E_SUCCESS; - byte tempChecksumString[sizeof(int) + MAX_APP_ID_SIZE]; - - ISecretKey* pKey = null; - ByteBuffer ivByte; - ByteBuffer input; - IHmac* pHmac = null; - ByteBuffer* pChecksumByteBuffer = null; - char* pAppId = null; - - pAppId = (char*) _StringConverter::CopyToCharArrayN(appId); - SysTryCatch(NID_SEC, pAppId != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - memcpy(tempChecksumString, pAppId, MAX_APP_ID_SIZE); - memcpy(tempChecksumString + MAX_APP_ID_SIZE, (byte*)(&visibility), sizeof(int)); - - delete[] pAppId; - pAppId = null; - - r = input.Construct(MAX_APP_ID_SIZE + sizeof(int)); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + sizeof(int)); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - input.Flip(); - - pHmac = new (std::nothrow) Sha1Hmac(); - SysTryCatch(NID_SEC, pHmac != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed."); - - pKey = _DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN); - SysTryCatch(NID_SEC, pKey != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - r = pHmac->SetKey(*pKey); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - pChecksumByteBuffer = pHmac->GetHmacN(input); - SysTryCatch(NID_SEC, pChecksumByteBuffer != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - r = StringUtil::EncodeToBase64String(*pChecksumByteBuffer, checksum); - SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); - - // fall through - -CATCH: - - delete pKey; - delete pHmac; - delete pChecksumByteBuffer; - - return r; -} - - -}} //Tizen::Security -- 2.7.4