From c1e41188f24af1e4a771d6a2d10d0a4754c53af3 Mon Sep 17 00:00:00 2001 From: kyungwook tak Date: Mon, 2 Jun 2014 16:44:38 +0900 Subject: [PATCH] key provider version alpha push use ckm-key-provider-dummy instead of SKMM library. dummy library uses xor to unwrap/wrap KEK/DEKs It's for testing other modules, so it will be improved. ckm-key-provider.h : SKMM header. ckm-key-provider-dummy.c : implementation of SKMM dummy key-provider.cpp : implementation of key-provider key-aes empty constructor empty implementation added for key-provider one of key-provider API member function name changed (decryptDEK -> unwrapDEK) please feedback at any points. Change-Id: I5dea33d9bacc2c944ae14e77fd0c00c35bd136e1 Signed-off-by: kyungwook tak --- CMakeLists.txt | 3 +++ packaging/key-manager.spec | 11 ++++++++--- src/CMakeLists.txt | 4 ++++ src/manager/CMakeLists.txt | 19 +++++++++++++++++++ src/manager/service/key-aes.h | 4 ++-- src/manager/service/key-provider.h | 20 +++++++++++++++----- 6 files changed, 51 insertions(+), 10 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index e5647df..53604e0 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -61,6 +61,9 @@ SET(TARGET_KEY_MANAGER "key-manager") SET(TARGET_KEY_MANAGER_CLIENT "key-manager-client") SET(TARGET_KEY_MANAGER_COMMON "key-manager-commons") +SET(TARGET_KEY_MANAGER_KEY_PROVIDER "key-manager-key-provider") + + INSTALL(FILES ${CMAKE_SOURCE_DIR}/packaging/libkey-manager-client.manifest ${CMAKE_SOURCE_DIR}/packaging/key-manager.manifest diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec index 508c71c..af5d2dc 100644 --- a/packaging/key-manager.spec +++ b/packaging/key-manager.spec @@ -47,6 +47,7 @@ Central Key Manager (Development) %prep %setup -q + %build %if 0%{?sec_build_binary_debug_enable} export CFLAGS="$CFLAGS -DTIZEN_DEBUG_ENABLE" @@ -54,11 +55,12 @@ Central Key Manager (Development) export FFLAGS="$FFLAGS -DTIZEN_DEBUG_ENABLE" %endif -export LDFLAGS+="-Wl,--rpath=%{_libdir}" + +export LDFLAGS+="-Wl,--rpath=%{_libdir} " %cmake . -DVERSION=%{version} \ -DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:RELEASE} \ - -DCMAKE_VERBOSE_MAKEFILE=ON + -DCMAKE_VERBOSE_MAKEFILE=ON make %{?jobs:-j%jobs} %install @@ -67,8 +69,8 @@ mkdir -p %{buildroot}/usr/share/license cp LICENSE %{buildroot}/usr/share/license/%{name} cp LICENSE %{buildroot}/usr/share/license/libkey-manager-client mkdir -p %{buildroot}/etc/security/ -%make_install +%make_install mkdir -p %{buildroot}/usr/lib/systemd/system/multi-user.target.wants mkdir -p %{buildroot}/usr/lib/systemd/system/sockets.target.wants ln -s ../central-key-manager.service %{buildroot}/usr/lib/systemd/system/multi-user.target.wants/central-key-manager.service @@ -76,6 +78,7 @@ ln -s ../central-key-manager-echo.socket %{buildroot}/usr/lib/systemd/system/soc ln -s ../central-key-manager-api-control.socket %{buildroot}/usr/lib/systemd/system/sockets.target.wants/central-key-manager-api-control.socket ln -s ../central-key-manager-api-storage.socket %{buildroot}/usr/lib/systemd/system/sockets.target.wants/central-key-manager-api-storage.socket + %clean rm -rf %{buildroot} @@ -112,6 +115,8 @@ fi %manifest %{_datadir}/key-manager.manifest %attr(755,root,root) /usr/bin/key-manager %{_libdir}/libkey-manager-commons.so.* +%{_libdir}/libkey-manager-key-provider.so.* +%{_libdir}/libkey-manager-key-provider.so %attr(-,root,root) /usr/lib/systemd/system/multi-user.target.wants/central-key-manager.service %attr(-,root,root) /usr/lib/systemd/system/central-key-manager.service %attr(-,root,root) /usr/lib/systemd/system/central-key-manager.target diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 54b2781..d5a1dfe 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -17,6 +17,7 @@ SET(KEY_MANAGER_SOURCES ${KEY_MANAGER_PATH}/service/echo.cpp ${KEY_MANAGER_PATH}/service/ckm-service.cpp ${KEY_MANAGER_PATH}/service/ckm-logic.cpp + ${KEY_MANAGER_PATH}/service/key-provider.cpp ) SET_SOURCE_FILES_PROPERTIES( @@ -42,8 +43,11 @@ ADD_EXECUTABLE(${TARGET_KEY_MANAGER} ${KEY_MANAGER_SOURCES}) TARGET_LINK_LIBRARIES(${TARGET_KEY_MANAGER} ${KEY_MANAGER_DEP_LIBRARIES} ${TARGET_KEY_MANAGER_COMMON} + ${TARGET_KEY_MANAGER_KEY_PROVIDER} ) + + ################################################################################ SET(KEY_MANAGER_CLIENT_VERSION_MAJOR 1) diff --git a/src/manager/CMakeLists.txt b/src/manager/CMakeLists.txt index fada944..2c8a19b 100644 --- a/src/manager/CMakeLists.txt +++ b/src/manager/CMakeLists.txt @@ -31,6 +31,7 @@ INCLUDE_DIRECTORIES( ${COMMON_PATH}/common ${COMMON_PATH}/dpl/core/include ${COMMON_PATH}/dpl/log/include + ${COMMON_PATH}/service ) ADD_LIBRARY(${TARGET_KEY_MANAGER_COMMON} SHARED ${COMMON_SOURCES}) @@ -47,7 +48,25 @@ TARGET_LINK_LIBRARIES(${TARGET_KEY_MANAGER_COMMON} ${COMMON_DEP_LIBRARIES} ) +########################################################################### +SET(KEY_PROVIDER_SOURCES + ${COMMON_PATH}/service/ckm-key-provider-dummy.c + ) + +ADD_LIBRARY(${TARGET_KEY_MANAGER_KEY_PROVIDER} SHARED ${KEY_PROVIDER_SOURCES}) +SET_TARGET_PROPERTIES( + ${TARGET_KEY_MANAGER_KEY_PROVIDER} + PROPERTIES + COMPILE_FLAGS "-fPIC -c" + SOVERSION 1.0.0 + VERSION 1.0.0 + ) + +########################################################################## + ################################################################################ INSTALL(TARGETS ${TARGET_KEY_MANAGER_COMMON} DESTINATION lib) +INSTALL(TARGETS ${TARGET_KEY_MANAGER_KEY_PROVIDER} DESTINATION lib) + diff --git a/src/manager/service/key-aes.h b/src/manager/service/key-aes.h index 17f664e..938e7b3 100644 --- a/src/manager/service/key-aes.h +++ b/src/manager/service/key-aes.h @@ -13,7 +13,7 @@ public: // we may not be able to set up iv in constructor. // For example KeyProvider will not know the iv, it may set only the // key information. - KeyAES(); + KeyAES(){}; KeyAES(const RawData &key, const RawData &iv = RawData()); KeyAES(const KeyAES &key); @@ -33,4 +33,4 @@ private: // TODO: should we keep key in plain text RawBuffer or in AES_KEY structure. }; -} // namespace CKM \ No newline at end of file +} // namespace CKM diff --git a/src/manager/service/key-provider.h b/src/manager/service/key-provider.h index 949f9d9..c16db6e 100644 --- a/src/manager/service/key-provider.h +++ b/src/manager/service/key-provider.h @@ -1,6 +1,8 @@ #pragma once -struct KeyMaterial; +#include +#include +#include namespace CKM { @@ -26,7 +28,9 @@ class KeyProvider { // EncryptedKey key extracted from database. Used to encrypt application data. // This key will be used to decrypt/encrypt data in ROW - KeyAES decryptDEK(const RawData &encrypedDEKInWrapForm); + // [tak] modify method name more appropriately + // decryptDEK -> unwrapDEK + KeyAES unwrapDEK(const RawData &DEKInWrapForm); // Returns WRAPPED DEK. This will be written to datbase. // This key will be used to encrypt all application information. @@ -41,13 +45,19 @@ class KeyProvider { static RawData generateDomainKEK(const std::string &user, const RawData &userPassword); // This will be called by framework at the begin of the program - static initializeLibrary(); + // [tak] need to declare return type + static int initializeLibrary(); // This will be called by framework at the end of the program - static closeLibrary(); + // [tak] need to declare return type + static int closeLibrary(); virtual ~KeyProvider(); private: - KeyMaterial* m_dkek; + // [tak] modify variable name + // m_dkek -> m_rawDKEK + KeyMaterial* m_rawDKEK; + + static int s_isInitialized; }; } // namespace CKM -- 2.7.4