From 77789f79b524622184408e6dda65e06c39eb46dc Mon Sep 17 00:00:00 2001 From: Sunghyun Kwon Date: Fri, 21 Aug 2015 20:45:48 +0900 Subject: [PATCH] Modified from secure-storage to key-manager Change-Id: I4671d6aab36d4a953c270b11e5f26a7c56a7f98b --- email-common-use/include/email-internal-types.h | 2 +- email-core/CMakeLists.txt | 7 +- email-core/email-core-account.c | 1 - email-core/email-core-key-manager.c | 160 ++++++++++++++++++++++++ email-core/email-storage/email-storage.c | 101 ++++++--------- email-core/include/email-core-key-manager.h | 38 ++++++ packaging/email-service.spec | 4 +- 7 files changed, 246 insertions(+), 67 deletions(-) create mode 100644 email-core/email-core-key-manager.c create mode 100644 email-core/include/email-core-key-manager.h diff --git a/email-common-use/include/email-internal-types.h b/email-common-use/include/email-internal-types.h index bf715ce..fd3fa44 100755 --- a/email-common-use/include/email-internal-types.h +++ b/email-common-use/include/email-internal-types.h @@ -48,7 +48,7 @@ extern "C" /* Feature definitions */ /* #define __FEATURE_USING_ACCOUNT_SVC_FOR_ACCOUNT_MANAGEMENT__ */ #define __FEATURE_USING_ACCOUNT_SVC_FOR_SYNC_STATUS__ -#define __FEATURE_BACKUP_ACCOUNT__ +// #define __FEATURE_BACKUP_ACCOUNT__ #define __FEATURE_MOVE_TO_OUTBOX_FIRST__ #define __FEATURE_PARTIAL_BODY_FOR_POP3__ /* #define __FEATURE_KEEP_CONNECTION__ */ diff --git a/email-core/CMakeLists.txt b/email-core/CMakeLists.txt index e98937f..9b5aa74 100755 --- a/email-core/CMakeLists.txt +++ b/email-core/CMakeLists.txt @@ -71,7 +71,7 @@ INCLUDE_DIRECTORIES( INCLUDE(FindPkgConfig) -pkg_check_modules(storage_pkgs REQUIRED glib-2.0 dlog openssl vconf secure-storage dbus-1 contacts-service2 libtzplatform-config) +pkg_check_modules(storage_pkgs REQUIRED glib-2.0 dlog openssl vconf dbus-1 contacts-service2 libtzplatform-config) set(EXTRA_CFLAGS "") FOREACH(flag ${storage_pkgs_CFLAGS}) @@ -218,6 +218,7 @@ SET(CORE-SRCS ${CMAKE_SOURCE_DIR}/email-core/email-core-signal.c ${CMAKE_SOURCE_DIR}/email-core/email-core-alarm.c ${CMAKE_SOURCE_DIR}/email-core/email-core-auto-download.c + ${CMAKE_SOURCE_DIR}/email-core/email-core-key-manager.c ) INCLUDE_DIRECTORIES( @@ -231,8 +232,8 @@ INCLUDE_DIRECTORIES( INCLUDE(FindPkgConfig) -SET(PKG_MODULES glib-2.0 dlog dbus-1 gthread-2.0 - uw-imap-toolkit vconf vconf-internal-keys contacts-service2 secure-storage +SET(PKG_MODULES glib-2.0 dlog dbus-1 gthread-2.0 key-manager + uw-imap-toolkit vconf vconf-internal-keys contacts-service2 openssl accounts-svc alarm-service notification libcurl libxml-2.0 feedback cert-svc cert-svc-vcore badge capi-appfw-application icu-i18n gmime-2.6 storage) diff --git a/email-core/email-core-account.c b/email-core/email-core-account.c index 6b3f1f1..0944488 100755 --- a/email-core/email-core-account.c +++ b/email-core/email-core-account.c @@ -866,7 +866,6 @@ INTERNAL_FUNC void emcore_duplicate_account(const email_account_t *account, emai } #ifdef __FEATURE_BACKUP_ACCOUNT__ -#include static int append_data_into_buffer(char **target_buffer, int *target_buffer_lenth, char *input_data, int input_data_length, int *error_code) { diff --git a/email-core/email-core-key-manager.c b/email-core/email-core-key-manager.c new file mode 100644 index 0000000..cb2b94e --- /dev/null +++ b/email-core/email-core-key-manager.c @@ -0,0 +1,160 @@ +/* +* email-service +* +* Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved. +* +* Contact: Sunghyun Kwon +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +* +*/ + +/* + * email-core-task-manager.c + * + * Created on: 2015. 7. 24. + * Author: sh0701.kwon@samsung.com + */ + +#include + +#include "email-core-utils.h" +#include "email-debug-log.h" + +/* Adding '/' method for system daemon */ +static char *add_shared_owner_prefix(const char *name) +{ + EM_DEBUG_FUNC_BEGIN(); + char *ckm_alias = NULL; + + if (name == NULL) { + EM_DEBUG_EXCEPTION("Invalid parameter"); + return NULL; + } + + ckm_alias = g_strconcat(ckmc_label_shared_owner, ckmc_label_name_separator, name, NULL); + + EM_DEBUG_FUNC_END(); + return ckm_alias; +} + +/* Add new data */ +INTERNAL_FUNC int emcore_add_password_in_key_manager(char *data_name, char *stored_data) +{ + EM_DEBUG_FUNC_BEGIN(); + int err = EMAIL_ERROR_NONE; + int ckmc_ret = CKMC_ERROR_NONE; + char *alias = NULL; + ckmc_policy_s email_policy; + ckmc_raw_buffer_s email_data; + char errno_buf[ERRNO_BUF_SIZE] = {0}; + + if (data_name == NULL) { + EM_DEBUG_EXCEPTION("Invalid parameter"); + err = EMAIL_ERROR_INVALID_PARAM; + return err; + } + + alias = add_shared_owner_prefix(data_name); + EM_DEBUG_LOG("alias : [%s]", alias); + + email_policy.password = NULL; + email_policy.extractable = true; + + email_data.data = (unsigned char *)stored_data; + email_data.size = strlen(stored_data); + + ckmc_ret = ckmc_save_data(alias, email_data, email_policy); + if (ckmc_ret != CKMC_ERROR_NONE) { + EM_DEBUG_EXCEPTION("ckmc_save_data failed [%d][%s]", errno, EM_STRERROR(errno_buf)); + err = EMAIL_ERROR_SECURED_STORAGE_FAILURE; + goto FINISH_OFF; + } + +FINISH_OFF: + + EM_SAFE_FREE(alias); + + EM_DEBUG_FUNC_END(); + return err; +} + +/* Get the stored data */ +INTERNAL_FUNC int emcore_get_password_in_key_manager(char *data_name, char **stored_data) +{ + EM_DEBUG_FUNC_BEGIN(); + int err = EMAIL_ERROR_NONE; + int ckmc_ret = CKMC_ERROR_NONE; + char *alias = NULL; + ckmc_raw_buffer_s *email_data = NULL; + + if (data_name == NULL) { + EM_DEBUG_EXCEPTION("Invalid parameter"); + err = EMAIL_ERROR_INVALID_PARAM; + return err; + } + + alias = add_shared_owner_prefix(data_name); + EM_DEBUG_LOG("alias : [%s]", alias); + + ckmc_ret = ckmc_get_data(alias, NULL, &email_data); + if (ckmc_ret != CKMC_ERROR_NONE) { + EM_DEBUG_EXCEPTION("ckmc_get_data failed : [%d]", ckmc_ret); + err = EMAIL_ERROR_SECURED_STORAGE_FAILURE; + goto FINISH_OFF; + } + +FINISH_OFF: + + if (stored_data) + *stored_data = EM_SAFE_STRDUP(email_data->data); + + if (email_data) + ckmc_buffer_free(email_data); + + EM_SAFE_FREE(alias); + + EM_DEBUG_FUNC_END(); + return err; +} + +/* Remove the stored data */ +INTERNAL_FUNC int emcore_remove_password_in_key_manager(char *data_name) +{ + EM_DEBUG_FUNC_BEGIN(); + int err = EMAIL_ERROR_NONE; + int ckmc_ret = CKMC_ERROR_NONE; + char *alias = NULL; + + if (data_name == NULL) { + EM_DEBUG_EXCEPTION("Invalid parameter"); + err = EMAIL_ERROR_INVALID_PARAM; + return err; + } + + alias = add_shared_owner_prefix(data_name); + EM_DEBUG_LOG("alias : [%s]", alias); + + ckmc_ret = ckmc_remove_alias(alias); + if (ckmc_ret != CKMC_ERROR_NONE) { + EM_DEBUG_EXCEPTION("ckmc_remove_alias failed : [%d]", ckmc_ret); + err = EMAIL_ERROR_SECURED_STORAGE_FAILURE; + goto FINISH_OFF; + } + +FINISH_OFF: + + EM_SAFE_FREE(alias); + EM_DEBUG_FUNC_END(); + return err; +} diff --git a/email-core/email-storage/email-storage.c b/email-core/email-storage/email-storage.c index 85eeda1..5c0e2b6 100755 --- a/email-core/email-storage/email-storage.c +++ b/email-core/email-storage/email-storage.c @@ -45,7 +45,6 @@ #include #include #include -#include #include #include @@ -64,6 +63,7 @@ #include "email-core-signal.h" #include "email-core-event.h" #include "email-core-container.h" +#include "email-core-key-manager.h" #define DB_STMT sqlite3_stmt * @@ -3974,40 +3974,15 @@ static int _read_password_from_secure_storage(char *file_name, char **password) return EMAIL_ERROR_INVALID_PARAM; } - size_t buf_len = 0, read_len = 0; - ssm_file_info_t sfi; - char *temp_password = NULL; - int error_code_from_ssm = 0; int ret = EMAIL_ERROR_NONE; - if ( (error_code_from_ssm = ssm_getinfo(file_name, &sfi, SSM_FLAG_SECRET_OPERATION, NULL)) < 0) { - EM_DEBUG_EXCEPTION("ssm_getinfo() failed. [%d]", error_code_from_ssm); - ret = EMAIL_ERROR_SECURED_STORAGE_FAILURE; - goto FINISH_OFF; - } - - buf_len = sfi.originSize; - EM_DEBUG_LOG_DEV ("password buf_len[%d]", buf_len); - if ((temp_password = (char *)malloc(buf_len + 1)) == NULL) { - EM_DEBUG_EXCEPTION("malloc failed..."); - ret = EMAIL_ERROR_OUT_OF_MEMORY; - goto FINISH_OFF; - } - memset(temp_password, 0x00, buf_len + 1); - - if ( (error_code_from_ssm = ssm_read(file_name, temp_password, buf_len, &read_len, SSM_FLAG_SECRET_OPERATION, NULL)) < 0) { - EM_DEBUG_EXCEPTION("ssm_read() failed. [%d]", error_code_from_ssm); - ret = EMAIL_ERROR_SECURED_STORAGE_FAILURE; - goto FINISH_OFF; + ret = emcore_get_password_in_key_manager(file_name, password); + if (ret != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION("emcore_get_password_in_key_manager failed : [%d]", ret); + goto FINISH_OFF; } - EM_DEBUG_LOG_DEV("password_file_name[%s], password[%s], originSize[%d], read len[%d]", file_name, temp_password, sfi.originSize, read_len); - - *password = temp_password; - temp_password = NULL; - FINISH_OFF: - EM_SAFE_FREE(temp_password); EM_DEBUG_FUNC_END("ret [%d]", ret); return ret; @@ -4338,7 +4313,6 @@ INTERNAL_FUNC int emstorage_update_account_password(char *multi_user_name, int i EM_DEBUG_FUNC_BEGIN("input_account_id[%d], input_incoming_server_password[%p], input_outgoing_server_password[%p]", input_account_id, input_incoming_server_password, input_outgoing_server_password); int err = EMAIL_ERROR_NONE; - int err_from_ssm = 0; char recv_password_file_name[MAX_PW_FILE_NAME_LENGTH]; char send_password_file_name[MAX_PW_FILE_NAME_LENGTH]; @@ -4349,36 +4323,42 @@ INTERNAL_FUNC int emstorage_update_account_password(char *multi_user_name, int i } /* get password file name */ - if ((err = _get_password_file_name(multi_user_name, input_account_id, recv_password_file_name, send_password_file_name)) != EMAIL_ERROR_NONE) { + if ((err = _get_password_file_name(multi_user_name, + input_account_id, + recv_password_file_name, + send_password_file_name)) != EMAIL_ERROR_NONE) { EM_DEBUG_EXCEPTION("_get_password_file_name failed."); goto FINISH_OFF; } - EM_DEBUG_LOG_SEC("recv_password_file_name [%s] input_incoming_server_password [%s]", recv_password_file_name, input_incoming_server_password); - EM_DEBUG_LOG_SEC("send_password_file_name [%s] input_outgoing_server_password [%s]", send_password_file_name, input_outgoing_server_password); + EM_DEBUG_LOG_SEC("recv_password_file_name [%s] input_incoming_server_password [%s]", + recv_password_file_name, input_incoming_server_password); + EM_DEBUG_LOG_SEC("send_password_file_name [%s] input_outgoing_server_password [%s]", + send_password_file_name, input_outgoing_server_password); - if ((err_from_ssm = ssm_delete_file(recv_password_file_name, SSM_FLAG_SECRET_OPERATION, NULL)) < 0) { - EM_DEBUG_EXCEPTION_SEC(" ssm_delete_file failed -recv password : file[%s]", recv_password_file_name); - err = EMAIL_ERROR_SYSTEM_FAILURE; + err = emcore_remove_password_in_key_manager(recv_password_file_name); + if (err != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION_SEC("emcore_remove_password_in_key_manager: file[%s]", recv_password_file_name); goto FINISH_OFF; } - /* save passwords to the secure storage */ - if ((err_from_ssm = ssm_write_buffer(input_incoming_server_password, EM_SAFE_STRLEN(input_incoming_server_password), recv_password_file_name, SSM_FLAG_SECRET_OPERATION, NULL)) < 0) { - EM_DEBUG_EXCEPTION_SEC(" ssm_write_buffer failed [%d] -recv incoming_server_password : file[%s]", err_from_ssm, recv_password_file_name); - err = EMAIL_ERROR_SYSTEM_FAILURE; + /* save recv passwords to the secure storage */ + err = emcore_add_password_in_key_manager(recv_password_file_name, input_incoming_server_password); + if (err != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION("emcore_add_password_in_key_manager failed : [%d]", err); goto FINISH_OFF; } - if ((err_from_ssm = ssm_delete_file(send_password_file_name, SSM_FLAG_SECRET_OPERATION, NULL)) < 0) { - EM_DEBUG_EXCEPTION_SEC(" ssm_delete_file failed -send password : file[%s]", send_password_file_name); - err = EMAIL_ERROR_SYSTEM_FAILURE; + err = emcore_remove_password_in_key_manager(send_password_file_name); + if (err != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION_SEC("emcore_remove_password_in_key_manager: file[%s]", send_password_file_name); goto FINISH_OFF; } - if ((err_from_ssm = ssm_write_buffer(input_outgoing_server_password, EM_SAFE_STRLEN(input_outgoing_server_password), send_password_file_name, SSM_FLAG_SECRET_OPERATION, NULL)) < 0) { - EM_DEBUG_EXCEPTION_SEC(" ssm_write_buffer failed [%d] -send password : file[%s]", err_from_ssm, send_password_file_name); - err = EMAIL_ERROR_SYSTEM_FAILURE; + /* save send passwords to the secure storage */ + err = emcore_add_password_in_key_manager(send_password_file_name, input_outgoing_server_password); + if (err != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION("emcore_add_password_in_key_manager failed : [%d]", err); goto FINISH_OFF; } @@ -4780,7 +4760,6 @@ INTERNAL_FUNC int emstorage_add_account(char *multi_user_name, emstorage_account int rc = -1, ret = false; int error = EMAIL_ERROR_NONE; - int error_from_ssm = 0; DB_STMT hStmt = NULL; char sql_query_string[QUERY_SIZE] = {0, }; char recv_password_file_name[MAX_PW_FILE_NAME_LENGTH]; @@ -4966,14 +4945,15 @@ INTERNAL_FUNC int emstorage_add_account(char *multi_user_name, emstorage_account /* save passwords to the secure storage */ EM_DEBUG_LOG_SEC("save to the secure storage : recv_file[%s], send_file[%s]", recv_password_file_name, send_password_file_name); - if ( (error_from_ssm = ssm_write_buffer(account_tbl->incoming_server_password, EM_SAFE_STRLEN(account_tbl->incoming_server_password), recv_password_file_name, SSM_FLAG_SECRET_OPERATION, NULL)) < 0) { - EM_DEBUG_EXCEPTION_SEC("ssm_write_buffer failed [%d] - recv password : file[%s]", error_from_ssm, recv_password_file_name); - error = EMAIL_ERROR_SYSTEM_FAILURE; + error = emcore_add_password_in_key_manager(recv_password_file_name, account_tbl->incoming_server_password); + if (error != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION("emcore_add_password_in_key_manager failed : [%d]", error); goto FINISH_OFF; } - if ( (error_from_ssm = ssm_write_buffer(account_tbl->outgoing_server_password, EM_SAFE_STRLEN(account_tbl->outgoing_server_password), send_password_file_name, SSM_FLAG_SECRET_OPERATION, NULL)) < 0) { - EM_DEBUG_EXCEPTION_SEC("ssm_write_buffer failed [%d] - send password : file[%s]", error_from_ssm, send_password_file_name); - error = EMAIL_ERROR_SYSTEM_FAILURE; + + error = emcore_add_password_in_key_manager(send_password_file_name, account_tbl->outgoing_server_password); + if (error != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION("emcore_add_password_in_key_manager failed : [%d]", error); goto FINISH_OFF; } @@ -5050,14 +5030,15 @@ INTERNAL_FUNC int emstorage_delete_account(char *multi_user_name, int account_id } /* delete from secure storage */ - if (ssm_delete_file(recv_password_file_name, SSM_FLAG_SECRET_OPERATION, NULL) < 0) { - EM_DEBUG_EXCEPTION_SEC(" ssm_delete_file failed -recv password : file[%s]", recv_password_file_name); - error = EMAIL_ERROR_SYSTEM_FAILURE; + error = emcore_remove_password_in_key_manager(recv_password_file_name); + if (error != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION("emcore_remove_password_in_key_manager failed : [%d]", error); goto FINISH_OFF; } - if (ssm_delete_file(send_password_file_name, SSM_FLAG_SECRET_OPERATION, NULL) < 0) { - EM_DEBUG_EXCEPTION_SEC(" ssm_delete_file failed -send password : file[%s]", send_password_file_name); - error = EMAIL_ERROR_SYSTEM_FAILURE; + + error = emcore_remove_password_in_key_manager(send_password_file_name); + if (error != EMAIL_ERROR_NONE) { + EM_DEBUG_EXCEPTION("emcore_remove_password_in_key_manager failed : [%d]", error); goto FINISH_OFF; } diff --git a/email-core/include/email-core-key-manager.h b/email-core/include/email-core-key-manager.h new file mode 100644 index 0000000..5fc84c5 --- /dev/null +++ b/email-core/include/email-core-key-manager.h @@ -0,0 +1,38 @@ +/* +* email-service +* +* Copyright (c) 2015 Samsung Electronics Co., Ltd. All rights reserved. +* +* Contact: Sunghyun Kwon +* +* Licensed under the Apache License, Version 2.0 (the "License"); +* you may not use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. +* +*/ + +#ifndef __EMAIL_CORE_KEY_MANAGER_H__ +#define __EMAIL_CORE_KEY_MANAGER_H__ + +#ifdef __cplusplus +extern "C" { +#endif /* __cplusplus */ + +INTERNAL_FUNC int emcore_add_password_in_key_manager(char *data_name, char *stored_data); +INTERNAL_FUNC int emcore_get_password_in_key_manager(char *data_name, char **stored_data); +INTERNAL_FUNC int emcore_remove_password_in_key_manager(char *data_name); + +#ifdef __cplusplus +} +#endif /* __cplusplus */ + +#endif + diff --git a/packaging/email-service.spec b/packaging/email-service.spec index 243cbee..7af7c9f 100755 --- a/packaging/email-service.spec +++ b/packaging/email-service.spec @@ -2,7 +2,7 @@ Name: email-service Summary: E-mail Framework Middleware package -Version: 0.10.102 +Version: 0.10.103 Release: 1 Group: Messaging/Service License: Apache-2.0 @@ -35,7 +35,7 @@ BuildRequires: pkgconfig(contacts-service2) BuildRequires: pkgconfig(uw-imap-toolkit) BuildRequires: pkgconfig(openssl) BuildRequires: pkgconfig(alarm-service) -BuildRequires: pkgconfig(secure-storage) +BuildRequires: pkgconfig(key-manager) BuildRequires: pkgconfig(notification) BuildRequires: pkgconfig(accounts-svc) BuildRequires: pkgconfig(libsystemd-daemon) -- 2.7.4