From b756c8a94cc8026897e86867dfdaf6a68f202306 Mon Sep 17 00:00:00 2001 From: HyungKyu Song Date: Sat, 16 Feb 2013 00:55:02 +0900 Subject: [PATCH] Tizen 2.0 Release --- CMakeLists.txt | 51 ++++ LICENSE.APLv2 | 202 +++++++++++++++ NOTICE | 3 + data/.readme | 0 icons/screen-density-xhigh/mainmenu.png | Bin 0 -> 13745 bytes inc/CertificateService.h | 114 +++++++++ inc/PrivilegeService.h | 71 ++++++ inc/SecurityService.h | 64 +++++ manifest.xml | 27 ++ osp-security-service.manifest | 12 + packaging/osp-security-service.spec | 64 +++++ res/.readme | 0 src/CertificateService.cpp | 424 ++++++++++++++++++++++++++++++++ src/PrivilegeService.cpp | 307 +++++++++++++++++++++++ src/SecurityService.cpp | 126 ++++++++++ src/SecurityServiceEntry.cpp | 80 ++++++ src/SecurityServiceMessage.cpp | 44 ++++ system-service-export.ver | 6 + 18 files changed, 1595 insertions(+) create mode 100755 CMakeLists.txt create mode 100755 LICENSE.APLv2 create mode 100755 NOTICE create mode 100644 data/.readme create mode 100644 icons/screen-density-xhigh/mainmenu.png create mode 100644 inc/CertificateService.h create mode 100644 inc/PrivilegeService.h create mode 100644 inc/SecurityService.h create mode 100644 manifest.xml create mode 100644 osp-security-service.manifest create mode 100755 packaging/osp-security-service.spec create mode 100644 res/.readme create mode 100644 src/CertificateService.cpp create mode 100644 src/PrivilegeService.cpp create mode 100644 src/SecurityService.cpp create mode 100644 src/SecurityServiceEntry.cpp create mode 100644 src/SecurityServiceMessage.cpp create mode 100755 system-service-export.ver diff --git a/CMakeLists.txt b/CMakeLists.txt new file mode 100755 index 0000000..3bae4d8 --- /dev/null +++ b/CMakeLists.txt @@ -0,0 +1,51 @@ +CMAKE_MINIMUM_REQUIRED(VERSION 2.6) + +SET (this_target osp-security-service) +SET (APPID q7097a278m) + +SET(CMAKE_EXECUTABLE_SUFFIX ".exe") +SET(EXECUTABLE_OUTPUT_PATH "${CMAKE_CURRENT_SOURCE_DIR}/output") + +INCLUDE_DIRECTORIES ( + /usr/include/glib-2.0 + /usr/lib/glib-2.0/include + /usr/include/osp + /usr/include/osp/app + /usr/include/osp/base + /usr/include/osp/io + /usr/include/chromium + /usr/include/osp/security + inc + ) + +SET (${this_target}_SOURCE_FILES + src/SecurityService.cpp + src/SecurityServiceEntry.cpp + src/SecurityServiceMessage.cpp +## PrivilegeService + src/PrivilegeService.cpp +## CertificateService + src/CertificateService.cpp + ) + +## SET EXTRA COMPILER FLAGS +SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} -pthread -g3 -fPIE" ) + +## SET C COMPILER FLAGS +SET(CMAKE_C_FLAGS "${OSP_DEBUG_FLAGS} ${OSP_OPT_FLAGS} ${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} ${OSP_COMPILER_FLAGS}") + +## SET CPP COMPILER FLAGS +SET(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fvisibility=hidden") +SET(CMAKE_CXX_FLAGS "${OSP_DEBUG_FLAGS} ${OSP_OPT_FLAGS} ${CMAKE_CXX_FLAGS} ${EXTRA_CFLAGS} ${OSP_COMPILER_FLAGS}") + +## Create Library +ADD_EXECUTABLE (${this_target} ${${this_target}_SOURCE_FILES}) + +TARGET_LINK_LIBRARIES(${this_target} -Xlinker --no-undefined -Xlinker --as-needed -pie) +TARGET_LINK_LIBRARIES(${this_target} -Xlinker --version-script=${CMAKE_CURRENT_SOURCE_DIR}/system-service-export.ver) +TARGET_LINK_LIBRARIES(${this_target} -L/usr/lib/osp -losp-appfw -lchromium) + +## Cory additional info +INSTALL(TARGETS ${this_target} DESTINATION ../usr/apps/${APPID}/bin) +INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/manifest.xml DESTINATION ../usr/apps/${APPID}/info) + diff --git a/LICENSE.APLv2 b/LICENSE.APLv2 new file mode 100755 index 0000000..d645695 --- /dev/null +++ b/LICENSE.APLv2 @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/NOTICE b/NOTICE new file mode 100755 index 0000000..cbdf92f --- /dev/null +++ b/NOTICE @@ -0,0 +1,3 @@ +Copyright (c) 2012-2013 Samsung Electronics Co., Ltd. All rights reserved. +Except as noted, this software is licensed under Apache License, Version 2. +Please, see the LICENSE.APLv2 file for Apache License terms and conditions. diff --git a/data/.readme b/data/.readme new file mode 100644 index 0000000..e69de29 diff --git a/icons/screen-density-xhigh/mainmenu.png b/icons/screen-density-xhigh/mainmenu.png new file mode 100644 index 0000000000000000000000000000000000000000..b0979b14aa60b43339ecf663ba0dc2db9db42334 GIT binary patch literal 13745 zcmV;iHBQQjP)KLZ*U+IBfRsybQWXdwQbLP>6pAqfylh#{fb6;Z(vMMVS~$e@S=j*ftg6;Uhf59&ghTmgWD0l;*T zI709Y^p6lP1rIRMx#05C~cW=H_Aw*bJ-5DT&Z2n+x)QHX^p z00esgV8|mQcmRZ%02D^@S3L16t`O%c004NIvOKvYIYoh62rY33S640`D9%Y2D-rV&neh&#Q1i z007~1e$oCcFS8neI|hJl{-P!B1ZZ9hpmq0)X0i`JwE&>$+E?>%_LC6RbVIkUx0b+_+BaR3cnT7Zv!AJxW zizFb)h!jyGOOZ85F;a?DAXP{m@;!0_IfqH8(HlgRxt7s3}k3K`kFu>>-2Q$QMFfPW!La{h336o>X zu_CMttHv6zR;&ZNiS=X8v3CR#fknUxHUxJ0uoBa_M6WNWeqIg~6QE69c9o#eyhGvpiOA@W-aonk<7r1(?fC{oI5N*U!4 zfg=2N-7=cNnjjOr{yriy6mMFgG#l znCF=fnQv8CDz++o6_Lscl}eQ+l^ZHARH>?_s@|##Rr6KLRFA1%Q+=*RRWnoLsR`7U zt5vFIcfW3@?wFpwUVxrVZ>QdQz32KIeJ}k~{cZZE^+ya? z2D1z#2HOnI7(B%_ac?{wFUQ;QQA1tBKtrWrm0_3Rgps+?Jfqb{jYbcQX~taRB;#$y zZN{S}1|}gUOHJxc?wV3fxuz+mJ4`!F$IZ;mqRrNsHJd##*D~ju=bP7?-?v~|cv>vB zsJ6IeNwVZxrdjT`yl#bBIa#GxRa#xMMy;K#CDyyGyQdMSxlWT#tDe?p!?5wT$+oGt z8L;Kp2HUQ-ZMJ=3XJQv;x5ci*?vuTfeY$;({XGW_huIFR9a(?@3)XSs8O^N5RyOM=TTmp(3=8^+zpz2r)C z^>JO{deZfso3oq3?Wo(Y?l$ge?uXo;%ru`Vo>?<<(8I_>;8Eq#KMS9gFl*neeosSB zfoHYnBQIkwkyowPu(zdms`p{<7e4kra-ZWq<2*OsGTvEV%s0Td$hXT+!*8Bnh2KMe zBmZRodjHV?r+_5^X9J0WL4jKW`}lf%A-|44I@@LTvf1rHjG(ze6+w@Jt%Bvjts!X0 z?2xS?_ve_-kiKB_KiJlZ$9G`c^=E@oNG)mWWaNo-3TIW8)$Hg0Ub-~8?KhvJ>$ z3*&nim@mj(aCxE5!t{lw7O5^0EIO7zOo&c6l<+|iDySBWCGrz@C5{St!X3hAA}`T4 z(TLbXTq+(;@<=L8dXnssyft|w#WSTW<++3>sgS%(4NTpeI-VAqb|7ssJvzNHgOZVu zaYCvgO_R1~>SyL=cFU|~g|hy|Zi}}s9+d~lYqOB71z9Z$wnC=pR9Yz4DhIM>Wmjgu z&56o6maCpC&F##y%G;1PobR9i?GnNg;gYtchD%p19a!eQtZF&3JaKv33gZ<8D~47E ztUS1iwkmDaPpj=$m#%)jCVEY4fnLGNg2A-`YwHVD3gv};>)hAvT~AmqS>Lr``i7kw zJ{5_It`yrBmlc25DBO7E8;5VoznR>Ww5hAaxn$2~(q`%A-YuS64wkBy=9dm`4cXeX z4c}I@?e+FW+b@^RDBHV(wnMq2zdX3SWv9u`%{xC-q*U}&`cyXV(%rRT*Z6MH?i+i& z_B8C(+grT%{XWUQ+f@NoP1R=AW&26{v-dx)iK^-Nmiuj8txj!m?Z*Ss1N{dh4z}01 z)YTo*JycSU)+_5r4#yw9{+;i4Ee$peRgIj+;v;ZGdF1K$3E%e~4LaI(jC-u%2h$&R z9cLXcYC@Xwnns&bn)_Q~Te?roKGD|d-g^8;+aC{{G(1^(O7m37Y1-+6)01cN&y1aw zoqc{T`P^XJqPBbIW6s}d4{z_f5Om?vMgNQEJG?v2T=KYd^0M3I6IZxbny)%vZR&LD zJpPl@Psh8QyPB@KTx+@RdcC!KX7}kEo;S|j^u2lU7XQ}Oo;f|;z4Ll+_r>@1-xl3| zawq-H%e&ckC+@AhPrP6BKT#_XdT7&;F71j}Joy zkC~6lh7E@6o;W@^IpRNZ{ptLtL(gQ-CY~4mqW;US7Zxvm_|@yz&e53Bp_lTPlfP|z zrTyx_>lv@x#=^!PzR7qqF<$gm`|ZJZ+;<)Cqu&ot2z=0000WV@Og>004R=004l4008;_004mL004C`008P>0026e000+nl3&F} z001i7NklDyY-m1<$9VW+@_66=Pxm-p`mShq#Vat{c7!WML_7@uh z1X?x(2iVXjLxT0i2@(uQ`XDI4wqVmDDA9qEMTtq4*IX{SkL2#Y-IwFcdy_*?hpKz8 zKiul>s_N>VnO$-o`qfNzbye57C!ha0C0=>umHX9dwQh_te2;#twG-Y1i=Fs60oV!0 z#XgXE#MtX+9dF%#HvZklT{~-k{PXGS*fIM7DTUnK-P`l3)oSDU=bx`?t-rs7Khq+e zNcyv1HkQtGemu|Pwbxz~o-sxTK|rt9dr!nZi3sDlGWM0v$a(#J zgL9v7T=LlDk(u8wArT-L!`TV0&yb?@!dOsB((87$*T1+i=2V>YUI{Pe3go*{Ig^NQ z)4DbOSBmqq^}Wql2%A_4UqE0C-#)T*j9ZMsjoQ%#vm{kRrtyst(vEPx&0Z+mm$I~) zNuNKy-zFr-`(Ek$iN_`+V$AZz_Gjw!{udUOJI9tUY)fvm1^;NV$GM^asYZ<7s2a&2 z%{Wyvk&9#8oKQRCRZjd`j`_@Z6_iEjliagY8CE++>!j4n2;W$X5|9&?ukKiW_o-wj z6ij)7<8DAtSaPM(i2fbb3>lo9rD`%&Y?`~XBqigX#%%j?>%Aw!PbBs!+`KU!PI_Nn z!qbl7e{2f=WLMHNkXK*;V>DrC@cXJFgWE^#&KQ?*Qml}%O?Wz)uIqTCEUf#k-n-}e z2?S1X^eKG%1k(<0ObRFpxYg49@_oT~j|64U5kIsRZDm~fkLY4+o$sE>$#&=&iAbdg zvKA_GTd`mTF^4SE%OQTXaq`tHU?uNooY$AfE4p zYG*_`Vhdx9JHk74K4qN$eu6}t&bN1jlaZnQ(x&0x-i5ozf|BQa<j2EjZLr@hrwb zh;W3*f^gCzBNb(=9fj5FJPyu z`S-UBzq>9lSV~HuZH(?NyMVwVB4Zd@F-$RJ27jZz{diX~&E+QtRjC!pSfugWiGkQz z2>)(_s{Zd1=!GHw=BD8{9|)v`q6dL-{z+m5qQ5N`B?O`AhchR+jN@I!vHtv6Ntuvn z8z&t$?G6uZ$%(n3ah!gl%9)r}7{2cb!+%}3{N@A4@k&_7*?nKxQGD>dMT~%<6=TxD zrwG6%svJ%cRAnXH?3itGU(6Rs8sSr=4^F}LrATVI13w(y>5eeOD0d0wL`zin5X5~jXb1ES-!}&cReq0K?_f#yg<5i12MFmQ0 z&6jr6$Z3s*&?MA8A|?raT@)HIl-z*?k1Ljp7EMl{bo(9>ez0`~Fz=+|$#~-1Ov$j; zW+b~tB}ZDr!=r$wJq3a>i{SDRB4q>m5)cjoo-rOvX4HGKeR$Wt{TUW(;02|1|Jk_y z1PPdcB9KON`v|r=21IsQLfdF1Qr?h_{?^vIw{5BpF~PS#O)6n>`EinOf65egEN<~m zU7`2+0de4L&%v#lv;u!r>^>U^B#_f75+QFcvym-~(10w9yf=BO+-3 zveGS@l*+lb0+f_s1yV^@TlRel((vkoU4H*wz$>i+x5FGgsX$6r3Wg7r1O7rS;74l# zB?(1fd3LKl{BK{LWpAsa5bxIgFARAqHUx0#Ftu z;p>NaZgqWrqTc0a=8tH4maY*Qp4fz3l8sbqCMv?l5DRh1Ncr3G0>y}z(2q#tsDbFh z#<&cAxm*IEUM})aUML}ZUC;)pHBuXdF$im;bVRg(M(|=?@r$z?yzt#eQws2e%g}~a@Y%f*zwo5at1Tae z`>rT_)`0#weoXzu^Fn{~N`+6qSf;bz zW>y-0_M+xz)OXo?`#Poi3?Ka9%goHqfDjm?2j5v6gVq|Y``h8mnBnhW>GVSW#pmAP zLC2y>d1r8?#6%QLbH9vKkCZVr)c;+&{hok|GVE%P-#VD(v&VH>26B-~8nvIPlH`aR z6;C;eF^JShK}i>mBxv+MK^~ zjm5=9JkP@#8UwddeBxJ}4!{{R7UA z7DGg8ND6@@DHWcy1W3Nzsc~pL{&IeodD%tB055%7_AlebbLg3B!%hIDjsw8jY{xXz z8qZVYa{h<}7^CS0nu;&@#UH8i=U@9K$DYrNAAFg5tp-A1jY+t6gYVl{Kh{L>@_zcr z5mrh;x7*{*w{D_aA&WC*o>+ya6h=n6U&;~Vt0YJ%BE9dp-;1jw=@vps22$Zmi!UuV zOqr*>JfHA)`Jg;R5JO_eVJTT?;=amIQCwuAoR}RVl9F(5F$sG)1UzXSQZAQWR2sK0 z#$vR=XhRqp3VDw!&p%HgSD;)jIpf;b<5>WwNChRlps1iDgaDzqbMHQ1`|6juTCeht zUwDyUTQBi;M@4~KGU)5a6B5Vyj>CsWSPGmct`bj9skx7gX<=GwJu1Mlnn`SX-374F`?%?FOY%1h@z zz^}K@^NoEEFhn`Hq2J%<{AhJM2E_pUDk?K?zIE~mYqQIsAKu!HcTnOm7?XtQ-+V%EEh}t zVmbsy5XM|uAp~I*aPd6TuZb4*QDBRHTzNXh*CJf%{Jdw1@#_x7uNdU1;!Q9+zbi7HZ+e*32 zm8(~IQmyjn{vCe2yv@tYFY~L1OKf!Acc1a$ToEp-Bi?T|sqa6b{p=CFc8fjXQ7D&L zyYL*fMx9crgzx#0v_|)3O=kDZ7+A{CC(q~d6mvNi!+oawS&jmO6m}qvISW-EIw9lQi)Id}OAQc70@PvvGT;QJn{tE*Hh6>i_UN$tj0_~&ac@b$)d zic)Y{Z_?O%2zy)X9UQPD6}4uQxy5B_wHl=;s_&~v=hc}cIy#Nkj;(-~);~6O6RJ>R zw!Ov&v1LLN zL0%e-I?uoG0{0(2go7viWTVT*!w0lm2ON3@N|g%duUw;Et5GZz@q9mKOl>Sc%&Nqs zh|d5^j~7oDB=GgdQY@G09v`tJJKUB9gwf6z*;pWAB6rM!jLLU-f>0ZdLiolueB+to z=bmfw0~>$FH^22QYV|tj&z)oK+#1zt72kJa+qb{Q#MDw>3bZD$#znPJ5#Pq*mVTO} z)jQ_SojWWoEmE)7UE8T0&0F;sdf?^?C{-(b^rIi8-l$;(eDmvhj$17n^#+AvVNld@ zi)}Ldh_gUmiIPeGJBvghmhIb@iY2zKj6|X=T2vmg2l)^@?n%he3AY@lqjEHI~ z(iz)7d?xv+YcEn+f6V6gHrHQ&o!4G_jk)=G78VwmnVF_pZy=;Z2%V@L^?!n1fVGxl zp@2XjrR4D7fX9y?(`Y!u_vqmxip3%e3yaRLPt|PugwiHjOy4J8$Wtj-s8mYi@;P#z zLQ2WiYgbr*yg|su(#W2!pE{K7no zOUo1rd6ZHZW1W%h2aCqgZnr7q3rH!+`99A!Hn?~9E`>sYscMxgSFhsvQQjz>m9z#a zCB1mLjveCf!k!E z);Mmp*xuP;^Vuf1ZrdY@LP@Sq#tyJ)Yhm?}d&1V>6IJdTjF@|Qd$%jAm zVfOa-IX-SNGdoMUR2~rD#NrX9B)(rD=ldv6Ip5q`f*`;ch3CmAgqCO>QYw|GR4N?o z@8kP^im2m3UL*BiM(u!&lANARml9J+vRpn-PDvK^K4ou~b|_HNqK#8OQVOKCQBumH z%`kxJ15jNe$#8vNu-*!pDJyhTa4i%H6bl9F^#-des~jF3vKL9ljkj(fgrHn1Gdnj& z&iC2a*xc^P;rTpriKJXc1hz;sK7^wE(3& zn$rz-cXx+`I;rqJ)-EJJBO;sYWpy3Jb1lmA@QNj7JG;!~XL%5&xIfC9cml$HQYw-F zBOr`|4o_Ha>{;#|OXf?O5H(0h^`{Nwayh1_r)e}AEU&C^+&XrPv9-y=2MWxMw5=};iJO~4{u?TAr$f(81qK!sLg))xlQprS}VvszH^i3c_8qGTSd;t@N&Yhi9 zc(>Vj_AK?(|KA&hrH@+iQmIV0^_0~@hexsi7(8RqQbf96Af?4Kj&rnd=rV~#MsB2M zEv>HM^<8+mt`VM!T)^xmhkPzaK9{3bn__8snWNSbMjNK4s*%TJG7-mG8#9jjh@a4{-V^y&*3<-k3y?SmNh9O}X#@-L3eHx<;jYbV2U1D$&ym8bn*pUv& zw2hD>k#HJTVVtNIOC@SYo1D*U3?eF4#7lG{ksnvMMUglUNf=iry|WKD_YD%AL=dE| zO_V>;+7L$d-TpRyd>ZZ{q~ze>fZMlkb9~&63M;5rrH$~AAz7+tFym-o0lqk+)+(>HZsBq zNf_Dy%}@>X|0!!Z>S+Fa!}8L!p_>rEcbcw%8 zwZfD2C)~Sxk4m*dqtT$*oTgr{qdXNQ01YDQFEGZ{BRtPb;5hr}3gtFqnbJXhnD136SbQXq|ua5L6Ph6JOB=rR*o zexnW7pILS>(ov{H(Q7S`7Nu$x= z{V%@A!NCFBTiZN)w#k#nkMVOk8jU6k3k#IWW%4;cDwT$VMX|AZsvF~G5kfLmtC26{ z33`E(sLVFiQG=U=&f3_pj(DFiX&mP$Qcg(0?A$Exy!l<;U%17?!c}g!TvOc$WFvYF zTT5M<@F~$UVGy6$&0>&p94}Ua=u5-&qYR&$k;l2(Eq#B?Q*ccPrY6nR@;DF zJ_kb3X}3{AQmt00R4UBP&e7?1*x%o0Yipa`-CZ6(dPJd+r#U@MqtRq$W|~6YcO}uD z8RVpF3};j<6=~G#JbAp1%FAruJ}Vf@Z1!`IOWRMzCDXrI>1juVVzJ2F(h3jm-R4v0 ze5#dmeCtqRFi6?wd?y83xWzHT(zBLMXsKXWC|W+cq*$18#8=A0^IU;kN;yc-4F+WN z8}x+W__)oRZ@fXVP^8glLdmK zWOsLuotT1lAmOg&oC$tQ zBBX>ihA>Ld4O;&_$EnYrZGvG?KOo_OxN{bYMM}j2`>i&2-f;T<;jZTP<}qJ*qs?ON zkdK}(^5Y+$`l_-tJyzyHjRAS}G2K>fE{WOjWDg zxpS9?uYaA@xmjMU*Eu{sB}q5 zc=L@nn46uW(QJ$~IS};^yU#org95%`vt_xr9g_1L^u)^vjD-ig zn!DRaeDSRopL%|upZdXh&dpcZ$oYgpI0*KVG0Yh5A0r7~5@u*8=eYZ)jt1p5o70rb z6`pRabNAjow)PHLSz84xTlHKF`YPDpR#O z_aEHn&h6XOYIWx4=jn9X^m@I4H1vr-0DdWzSb&kOFxZaGv#rBZbZILIF*d$fkN7csya6^jMt z=Vp2Gc-{3HAQE$&6`FSr1vgZU_N=0-1XigCpcT#a)Ed9tCD-YaYaMfZ+~ZfjywA^n zs>Esy3}Q4pVKYp#9mP&XUJ%LomnZbbj*|{+Ts?MSVV-KW%Hzk6c=+%k`}_MWE-fL1 zfMR~$uL?ib#a=#GP(5_je*5r?lDeWB)Y##8x-|X@CKkh{lc}7r{ zG6(5}=^yLG%LZeI6HS`6kV@oPYblkAT)cRZMx(*qyLY*B>lQO}v()Piy1gDj5V#tv z9UW63q8q>Q_S@(%WOaGf8FG`-t0JC*8P<_w(71u5%uLVF>-Olh+k=#{!m``7d?Tn5 z7V=mxf+qI;`+-QhMH9vne*`Z;kq9KOdvzbFSNKR1i8=yf&ETz|( z;D(+&N5>9w>dj`8a=F6B#ya=z-D7umkA=lWiiHC0R-1ewKhjzxmEzfxb+$G)x%}L7 zE(fH|$T$E7Dkwg9++d81q#zkoHk(bJtgmCD;*rprr=iDpf)e-&BS!(c@up2@8ziBp zI9i_LiBi1r^eLaLg6>aK97#Q-32#Rx(|F^!c^r&mqI4t-kRw(u=d-f9O1<9T!Grre zymybOdY$?CIf5`C3eY9YnB;^}LbfTb5TeDir;K zj7WloPBW~+o;dUqY@qC}4=kl;$Yfm9OfiK1oJ>6>=YvS)!3v>$= z!tfb*g)v6>6cXU}#PDXPoD_1_$s)#Dl#@~<814r-ZtD_x87~?o zB_O>|#MHO1B+_@+&bGLxkbogF&cuoc->>;NLvAhcFs$lU-n6(z$K4vwqIp}!g;_<^so01rj z1S_BnOqq^@u%yz+b{yeTsfb}55E+s0C-IXJwM7a^v(cnnEYmsKE?>^-m_^PMCLN(
D|76m zkl217&F3B~zP_*UOOjA4Y!G4tklG-{aBf8QA~-0?ai>kYJ>>j2@uidqDS79{4a$`Y z7cX3Jb1H;nX?cbFw{P-er8n8Fe2Dd)hbPR5s>mRCi7kT8F|}rsaZ|_Aj_F8zVAJq) zJ9*esHiRpCR%T{o7~AV%_|lfguRbWy%V~rsA(R-UFiN6=5EV#_(0DpT=in*E6>W#* z)GSG`z?3vBx3}>&eLjwJ3DM`Zn3(u%+k^l%JVS& zg^VO|W@d(?)*-cr*ZH9f(|pa$;4xH1>EJj(a!Ix*9Bq*=S2JOqb`sYoY*>F<%2|AS zOZ<5WvF+)IFLCwZ-`Jeu?XW<;;Gun=Fz3_D

IS!eXAF5WR{8w=d_TeJ|>2kFuEp z%D$n~>C)+R=yW=?+ifb93Y*WKv9rCybC)i%va*6wL$q|fA6hEO;^Hzk2>9r;S9v+t z0x9t&_|X^wKlaK=!3DidDQM$IGmpkSw8)N048{AcJu-T--nBbA5u9qHCm?A)e^}=8 zhc$|MgEfLsM}-<~uv((6LoORnp@R?=742=W=bE5{5VS!_Xcj|`I~|VOE)J+vDm;Gl z7-KY7uU(~9s|_V}1SaU3yz}`SOKWR9zI&UGRNmrA?IRp(ffr4V=x4dD6_k}>`CuLV z9DcmUF^TXQvB1CxkDYn>eHdu!qq)`f`210woG%bY67)wF8-WoLEiJ-mtW+4^L;4yW z1Q_2#`yQUx!}J1Fr%Op%ntq4Fqhs=g0!n#2e)O1PvB2fa&rvQ{QUkNcRIRW~)oL8g zF0l9D4L)&gnm_d~j7+pLQn0`=)9o$1d;uxM5dNNJAtyZeuAe#fhEodc#MzgOtC~$D ze60Fq4Le%!8way&*&G$m5EubQA*DrVLD+vLfOaG7rLhQ4A$^4oG|F@8O82^0p?I<0 zA!zMVu2hgx@$kU|W@e^YJ9mykzA)@LP5@=?hsjJM zg-+w!+f%mc480>|HLv!n{Bd`hqOuqp5#IzIRsBQ9Nfj+vQRRMe81p42t5aV`dLEEWsQEv>Ne;0`}nsq^LOm+2T6 zCohR(yu)n@>_>K57R=XU&%J_@i)! zP$~-O!C-FL52vC;iiis9B5Jk}BASjHRjI6ySR+_1hy3)^Q?_p1re_3~uUw(oXb#Jk zHdz3-skxmZtC=D;z_nhl(>j{v@a}hcp|Zg1g;f-mh0ZR8-VuI%F>#NRh)))hJt+aB zlTvKvL(0ZPv|}q~j*uM#UkRr<#HS(+0j|SR^am;li!>r4`cNudK!WP~o26WcJ`O zNDn_6mv$22Py9Ra2opO>%&`wE6aCzL*0URv`SAZ|rnycXUmC)wxm!f}d}*wk!xPP` z8a~Tc4BQW4!3e>W(0r=2%O_fI(7E*%<>nmcFPx`PC}53AJX|fF;T01rRT)67=stYk zXL)s%d$(?K>CtO6S3f}U;3B%Oem6Mq!L7gu;!JM<50?(MUw11jsb*F z%+Jj;J2Q(EBAe?+eb33nA3ziPZs^#tlqu+V#;gUK?mmv)-0a*e)oRt10mUdtDa*JE z0lw$E6mT?zTgmt|5|fygaxw%^WOlGH>GKJynuwXyXxjNCBb-6_kvL!y7mt5HWyTlH zct(qql2SAyI{Q%~DI1b9j)^&@Dc}BNl|%A5k4%z)G53_ReJA<$lZZd=$4hXNN!`#X z9$Gf`IlE(UL}MQT!sz%+#^LKv3jxd^*rYNc?=q-5iSUy~T6>u_*9@T5$3s-wEA>lRTEOO%A7k z0A@C8?T7sB{SAvVJsvExddC&0Z=2LYU%1e>UGCi(fN z@a@kqMZb>=N_I((LrIT#L6b(bOqdjsZ8*mmSIb1THW2`oLDb2Fe~-TX83;dE03n3( zq6tybL={RA3*!69^2nnTRzzEeDeYr5MGSHcB1%)Zt@~9(pAk`>NQ`{0f8Kr%t*|0C zJUn%L>>2N(pB}+R@5eq*e@^Z2sog_#*RVM59uP$G@AxxpZ1Qm`@pGn5b*i7JNkw_P zySuyBuYcS2dR=2o8jd!aS{`eV?YrRolf0dAK~<)|e-__9!&sj&mopA9cG@2ygzR)W bd;fm`MUDJsOv@Tf00000NkvXXu0mjfc@}m4 literal 0 HcmV?d00001 diff --git a/inc/CertificateService.h b/inc/CertificateService.h new file mode 100644 index 0000000..a33878e --- /dev/null +++ b/inc/CertificateService.h @@ -0,0 +1,114 @@ +// +// Open Service Platform +// Copyright (c) 2012-2013 Samsung Electronics Co., Ltd. +// +// Licensed under the Apache License, Version 2.0 (the License); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +/** + * @file OspCerMgrServiceD.h + * @brief This is the header file of the Certificate Manger daemon. + */ + +#ifndef _CERTMGR_SERVICE_H_ +#define _CERTMGR_SERVICE_H_ + +#include +#include +#include +#include + +namespace Tizen { namespace Security { namespace Cert +{ + +class _CertServiceStub; + +} } } + +//opt/share/cert-svc/certs/ +class FileEventListenerCerts + : public Tizen::Io::IFileEventListener +{ +public: + virtual void OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId); +}; + +//opt/share/cert-svc/certs/sim/ +class FileEventListenerCertsSim + : public Tizen::Io::IFileEventListener +{ +public: + virtual void OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId); +}; + +//opt/share/cert-svc/certs/sim/operator/ +class FileEventListenerCertsSimOperator + : public Tizen::Io::IFileEventListener +{ +public: + virtual void OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId); +}; + +//opt/share/cert-svc/certs/sim/thirdparty/ +class FileEventListenerCertsSimThirdparty + : public Tizen::Io::IFileEventListener +{ +public: + virtual void OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId); +}; + +//opt/share/cert-svc/certs/ssl/ +class FileEventListenerCertsSsl + : public Tizen::Io::IFileEventListener +{ +public: + virtual void OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId); +}; + +//usr/share/cert-svc/ca-certs/ +class FileEventListenerUsrCaCerts + : public Tizen::Io::IFileEventListener +{ +public: + virtual void OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId); +}; + +/** + * [CertificateService] Manages Certificate privilege API calls + */ +class CertificateService +{ +public: + CertificateService(); + ~CertificateService(); + result Construct(void); + +private: + Tizen::Security::Cert::_CertServiceStub* __pCertMgrServer; + Tizen::Io::FileEventManager __fileEventManagerCerts; + Tizen::Io::FileEventManager __fileEventManagerCertsSim; + Tizen::Io::FileEventManager __fileEventManagerCertsSimOperator; + Tizen::Io::FileEventManager __fileEventManagerCertsSimThirdparty; + Tizen::Io::FileEventManager __fileEventManagerCertsSsl; + Tizen::Io::FileEventManager __fileEventManagerUsrCaCerts; + Tizen::Io::FileEventManager __fileEventManagerUsrCaCertsSsl; + + FileEventListenerCerts* __pFileEventListenerCerts; + FileEventListenerCertsSim* __pFileEventListenerCertsSim; + FileEventListenerCertsSimOperator* __pFileEventListenerCertsSimOperator; + FileEventListenerCertsSimThirdparty* __pFileEventListenerCertsSimThirdparty; + FileEventListenerCertsSsl* __pFileEventListenerCertsSsl; + FileEventListenerUsrCaCerts* __pFileEventListenerUsrCaCerts; +}; + +#endif // _CERTMGR_SERVICE_H_ diff --git a/inc/PrivilegeService.h b/inc/PrivilegeService.h new file mode 100644 index 0000000..e40fd7e --- /dev/null +++ b/inc/PrivilegeService.h @@ -0,0 +1,71 @@ +// +// Open Service Platform +// Copyright (c) 2012-2013 Samsung Electronics Co., Ltd. +// +// Licensed under the Apache License, Version 2.0 (the License); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +/** + * @file PrivilegeService.h + * @brief This is the header file of the Privilege Manger daemon. + */ + +#ifndef _PRIVILEGE_SERVICE_H_ +#define _PRIVILEGE_SERVICE_H_ + +#include + +namespace Tizen { namespace Io +{ + class _IpcServer; +}} + +namespace IPC +{ + class Message; +} + +namespace Tizen { namespace Base +{ + class String; +}} + +class _OSP_EXPORT_ PrivilegeService + : public Tizen::Io::_IIpcServerEventListener +{ + +public: + PrivilegeService(void); + ~PrivilegeService(void); + result Construct(void); + +public: + + virtual void OnIpcServerStarted(const Tizen::Io::_IpcServer& server); + virtual void OnIpcServerStopped(const Tizen::Io::_IpcServer& server); + virtual void OnIpcClientConnected(const Tizen::Io::_IpcServer& server, int clientId); + virtual void OnIpcClientDisconnected(const Tizen::Io::_IpcServer& server, int clientId); + virtual void OnIpcRequestReceived(Tizen::Io::_IpcServer& server, const IPC::Message& message); + + bool RetrievePrivilege(Tizen::Base::String* pEncryptedBitwise, Tizen::Base::String* pHmac, result* pRes); + bool RetrieveVisibility(Tizen::Base::String* pEncryptedVisibility, Tizen::Base::String* pHmac, result* pRes); + + result GenerateVisibilityString(Tizen::App::AppId appId, Tizen::Base::String* pEncryptedVisibility, Tizen::Base::String* pHmac); + result GetEncryptedVisibility(int visibility, Tizen::Base::String& encryptedVisibility); + result GetChecksum(Tizen::App::AppId appId, int visibility, Tizen::Base::String& checksum); + +private: + Tizen::Io::_IpcServer* __pIpcServer; +}; // PrivilegeService + +#endif // _PRIVILEGE_SERVICE_H_ diff --git a/inc/SecurityService.h b/inc/SecurityService.h new file mode 100644 index 0000000..1155d8d --- /dev/null +++ b/inc/SecurityService.h @@ -0,0 +1,64 @@ +// +// Open Service Platform +// Copyright (c) 2012-2013 Samsung Electronics Co., Ltd. +// +// Licensed under the Apache License, Version 2.0 (the License); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +/** + * @file SecurityService.h + * @brief This is the header file of the Security service. + */ + +#ifndef _SECURITY_SERVICE_H_ +#define _SECURITY_SERVICE_H_ + +#include + +namespace Tizen { namespace App +{ + class AppRegistry; +}} + +namespace Tizen { namespace Base { namespace Collection +{ + class IList; +}}} + +class PrivilegeService; +class CertificateService; + +class _OSP_EXPORT_ SecurityService + : public Tizen::App::Service +{ +public: + static Tizen::App::Service* CreateInstance(void); + +public: + SecurityService(void); + ~SecurityService(void); + +public: + bool OnAppInitializing(Tizen::App::AppRegistry& appRegistry); + bool OnAppTerminating(Tizen::App::AppRegistry& appRegistry, bool forcedTermination = false); + void OnLowMemory(void); + void OnBatteryLevelChanged(Tizen::System::BatteryLevel batteryLevel); + void OnUserEventReceivedN(RequestId requestId, Tizen::Base::Collection::IList *pArgs); + +private: + PrivilegeService* __pPrivilegeService; + CertificateService* __pCertificateService; + +}; // SecurityService + +#endif // _SECURITY_SERVICE_H_ diff --git a/manifest.xml b/manifest.xml new file mode 100644 index 0000000..1f95f54 --- /dev/null +++ b/manifest.xml @@ -0,0 +1,27 @@ + + + q7097a278m + 1.0.0 + C++App + + Samsung Electronics + 삼성전자 + + + Security service. + + + AA43CFC79D2AF5A3F7064553C8BF2B2F + + 2.1 + + + osp-security-service + + + + + + + + diff --git a/osp-security-service.manifest b/osp-security-service.manifest new file mode 100644 index 0000000..4001eed --- /dev/null +++ b/osp-security-service.manifest @@ -0,0 +1,12 @@ + + + + + + + + + + + + \ No newline at end of file diff --git a/packaging/osp-security-service.spec b/packaging/osp-security-service.spec new file mode 100755 index 0000000..f655fb6 --- /dev/null +++ b/packaging/osp-security-service.spec @@ -0,0 +1,64 @@ +Name: osp-security-service +Summary: osp security service +Version: 1.2.0.0 +Release: 2 +Group: TO_BE/FILLED_IN +License: TO_BE/FILLED_IN +Source0: %{name}-%{version}.tar.gz +BuildRequires: cmake +BuildRequires: pkgconfig(chromium) +BuildRequires: pkgconfig(capi-system-media-key) +BuildRequires: pkgconfig(capi-network-bluetooth) +BuildRequires: pkgconfig(pkgmgr) +BuildRequires: pkgconfig(glib-2.0) +BuildRequires: pkgconfig(osp-appfw) +BuildRequires: osp-appfw-internal-devel + +# runtime requires +Requires: osp-appfw +Requires: osp-installer +Requires: osp-app-service +Requires: osp-channel-service + +%description +osp security service + +%prep +%setup -q + +%build +MAJORVER=`echo %{version} | awk 'BEGIN {FS="."}{print $1}'` +%ifarch %{ix86} +CXXFLAGS="$CXXFLAGS -D_OSP_DEBUG_ -D_OSP_X86_ -D_OSP_EMUL_" cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} +%else +CXXFLAGS="-O2 -g -pipe -Wall -fno-exceptions -Wformat -Wformat-security -Wl,--as-needed -fmessage-length=0 -march=armv7-a -mtune=cortex-a8 -mlittle-endian -mfpu=neon -mfloat-abi=softfp -D__SOFTFP__ -mthumb -Wa,-mimplicit-it=thumb -funwind-tables -D_OSP_DEBUG_ -D_OSP_ARMEL_" cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} +%endif + +# Call make instruction with smp support +make %{?jobs:-j%jobs} + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}/usr/share/license +cp %{_builddir}/%{name}-%{version}/LICENSE.APLv2 %{buildroot}/usr/share/license/%{name} + +%make_install + +%post + +/bin/rm -fr /opt/apps/q7097a278m + +/usr/etc/package-manager/backend/tpk -i /usr/apps/q7097a278m +cp -f %{_libdir}/osp/osp-system-service-loader /usr/apps/q7097a278m/bin/osp-security-service +if [ -f /usr/lib/rpm-plugins/msm.so ] +then + chsmack -a osp-security-service /usr/apps/q7097a278m/bin/osp-security-service + chsmack -e osp-security-service /usr/apps/q7097a278m/bin/osp-security-service +fi + +#%postun -p /sbin/ldconfig + +%files +%manifest osp-security-service.manifest +/usr/share/license/%{name} +/usr/apps/* diff --git a/res/.readme b/res/.readme new file mode 100644 index 0000000..e69de29 diff --git a/src/CertificateService.cpp b/src/CertificateService.cpp new file mode 100644 index 0000000..c75b18e --- /dev/null +++ b/src/CertificateService.cpp @@ -0,0 +1,424 @@ +// +// Open Service Platform +// Copyright (c) 2012-2013 Samsung Electronics Co., Ltd. +// +// Licensed under the Apache License, Version 2.0 (the License); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +/** + * @file CertificateService.cpp + * @brief This is the implementation file for CertificateService class. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "CertificateService.h" + +using namespace Tizen::App; +using namespace Tizen::Base; +using namespace Tizen::System; +using namespace Tizen::Io; +using namespace Tizen::Security::Cert; + +const String __CERT_MGR_DIR_CERTS__(L"/opt/share/cert-svc/certs/"); +const String __CERT_MGR_DIR_CERTS_SIM__(L"/opt/share/cert-svc/certs/sim/"); +const String __CERT_MGR_DIR_CERTS_SIM_OPERATOR__(L"/opt/share/cert-svc/certs/sim/operator/"); +const String __CERT_MGR_DIR_CERTS_SIM_THIRDPARTY__(L"/opt/share/cert-svc/certs/sim/thirdparty/"); +const String __CERT_MGR_DIR_CERTS_SSL__(L"/opt/share/cert-svc/certs/ssl/"); +const String __CERT_MGR_DIR_CA_CERTS__(L"/usr/share/cert-svc/ca-certs/"); + +CertificateService::CertificateService() + : __pCertMgrServer(null) + , __pFileEventListenerCerts(null) + , __pFileEventListenerCertsSim(null) + , __pFileEventListenerCertsSimOperator(null) + , __pFileEventListenerCertsSimThirdparty(null) + , __pFileEventListenerCertsSsl(null) + , __pFileEventListenerUsrCaCerts(null) +{ +} +result +CertificateService::Construct() +{ + result r = E_SUCCESS; + String certsDir(__CERT_MGR_DIR_CERTS__); + String certsSimDir(__CERT_MGR_DIR_CERTS_SIM__); + String certsSimOperatorDir(__CERT_MGR_DIR_CERTS_SIM_OPERATOR__); + String certsSimThirdPartyDir(__CERT_MGR_DIR_CERTS_SIM_THIRDPARTY__); + String certsSslDir(__CERT_MGR_DIR_CERTS_SSL__); + String caCertsDir(__CERT_MGR_DIR_CA_CERTS__); + + __pCertMgrServer = new (std::nothrow) Tizen::Security::Cert::_CertServiceStub(); + SysTryReturnResult(NID_SEC_CERT, __pCertMgrServer != null, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to initialize cert mgr server."); + + r = __pCertMgrServer->Construct(); + if (IsFailed(r)) + { + delete __pCertMgrServer; + __pCertMgrServer = null; + + SysTryReturnResult(NID_SEC_CERT, false, E_SYSTEM, "[E_SYSTEM] Failed constructed certificate manager service."); + } + + __pFileEventListenerCerts = new (std::nothrow) FileEventListenerCerts(); + SysTryCatch(NID_SEC_CERT, __pFileEventListenerCerts != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory."); + + __pFileEventListenerCertsSim = new (std::nothrow) FileEventListenerCertsSim(); + SysTryCatch(NID_SEC_CERT, __pFileEventListenerCertsSim != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory."); + + __pFileEventListenerCertsSimOperator = new (std::nothrow) FileEventListenerCertsSimOperator(); + SysTryCatch(NID_SEC_CERT, __pFileEventListenerCertsSimOperator != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory."); + + __pFileEventListenerCertsSimThirdparty = new (std::nothrow) FileEventListenerCertsSimThirdparty(); + SysTryCatch(NID_SEC_CERT, __pFileEventListenerCertsSimThirdparty != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory."); + + __pFileEventListenerCertsSsl = new (std::nothrow) FileEventListenerCertsSsl(); + SysTryCatch(NID_SEC_CERT, __pFileEventListenerCertsSsl != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory."); + + __pFileEventListenerUsrCaCerts = new (std::nothrow) FileEventListenerUsrCaCerts(); + SysTryCatch(NID_SEC_CERT, __pFileEventListenerUsrCaCerts != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Failed to allocate memory."); + + r = __fileEventManagerCerts.Construct(*__pFileEventListenerCerts); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed constructed file event manager."); + + r = __fileEventManagerCerts.AddPath(certsDir, FILE_EVENT_TYPE_CLOSE_WRITE); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed add path in file event manager."); + + r = __fileEventManagerCertsSim.Construct(*__pFileEventListenerCertsSim); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed constructed file event manager."); + + r = __fileEventManagerCertsSim.AddPath(certsSimDir, FILE_EVENT_TYPE_CLOSE_WRITE); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed add path in file event manager."); + + r = __fileEventManagerCertsSimOperator.Construct(*__pFileEventListenerCertsSimOperator); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed constructed file event manager."); + + r = __fileEventManagerCertsSimOperator.AddPath(certsSimOperatorDir, FILE_EVENT_TYPE_CLOSE_WRITE); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed add path in file event manager."); + + r = __fileEventManagerCertsSimThirdparty.Construct(*__pFileEventListenerCertsSimThirdparty); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed constructed file event manager."); + + r = __fileEventManagerCertsSimThirdparty.AddPath(certsSimThirdPartyDir, FILE_EVENT_TYPE_CLOSE_WRITE); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed add path in file event manager."); + + r = __fileEventManagerCertsSsl.Construct(*__pFileEventListenerCertsSsl); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed constructed file event manager."); + + r = __fileEventManagerCertsSsl.AddPath(certsSslDir, FILE_EVENT_TYPE_CLOSE_WRITE); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed add path in file event manager."); + + r = __fileEventManagerUsrCaCerts.Construct(*__pFileEventListenerUsrCaCerts); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed constructed file event manager."); + + r = __fileEventManagerUsrCaCerts.AddPath(caCertsDir, FILE_EVENT_TYPE_CLOSE_WRITE); + SysTryCatch(NID_SEC_CERT, !(IsFailed(r) && r != E_FILE_NOT_FOUND), r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] Failed add path in file event manager."); + +CATCH: + return r; +} +CertificateService::~CertificateService() +{ + delete __pFileEventListenerCerts; + delete __pFileEventListenerCertsSim; + delete __pFileEventListenerCertsSimOperator; + delete __pFileEventListenerCertsSimThirdparty; + delete __pFileEventListenerCertsSsl; + delete __pFileEventListenerUsrCaCerts; + delete __pCertMgrServer; +} + + +void +FileEventListenerCerts::OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId) +{ + result r = E_SUCCESS; + String fileName(path); + String dirPath; + FileAttributes attr; + File file; + long long size; + int readCnt; + int certBuffLength = 0; + + dirPath.Append(__CERT_MGR_DIR_CERTS__); + dirPath.Append(fileName); + + r = file.Construct(dirPath, L"r"); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to construct file."); + + r = File::GetAttributes(dirPath, attr); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to get file attributes."); + + size = attr.GetFileSize(); + + std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + SysTryReturnVoidResult(NID_SEC_CERT, pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); + + readCnt = file.Read(pCertBuffer.get(), size); + r = GetLastResult(); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to read file."); + + certBuffLength = static_cast< int >(readCnt); + SysTryReturnVoidResult(NID_SEC_CERT, certBuffLength > 0, E_SYSTEM, "[E_SYSTEM] Failed to read file."); + + switch (events) + { + case FILE_EVENT_TYPE_CLOSE_WRITE: + r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); + break; + + default: + break; + } +} + +void +FileEventListenerCertsSim::OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId) +{ + result r = E_SUCCESS; + String fileName(path); + String dirPath; + FileAttributes attr; + File file; + long long size; + int readCnt; + int certBuffLength = 0; + + dirPath.Append(__CERT_MGR_DIR_CERTS_SIM__); + dirPath.Append(fileName); + + r = file.Construct(dirPath, L"r"); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to construct file."); + + r = File::GetAttributes(dirPath, attr); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to get file attributes."); + + size = attr.GetFileSize(); + + std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + SysTryReturnVoidResult(NID_SEC_CERT, pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); + + readCnt = file.Read(pCertBuffer.get(), size); + r = GetLastResult(); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to read file."); + + certBuffLength = static_cast< int >(readCnt); + + switch (events) + { + case FILE_EVENT_TYPE_CLOSE_WRITE: + r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); + break; + + default: + break; + } +} + +void +FileEventListenerCertsSimOperator::OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId) +{ + result r = E_SUCCESS; + String fileName(path); + String dirPath; + FileAttributes attr; + File file; + long long size; + int readCnt; + int certBuffLength = 0; + + dirPath.Append(__CERT_MGR_DIR_CERTS_SIM_OPERATOR__); + dirPath.Append(fileName); + + r = file.Construct(dirPath, L"r"); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to construct file."); + + r = File::GetAttributes(dirPath, attr); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to get file attributes."); + + size = attr.GetFileSize(); + + std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + SysTryReturnVoidResult(NID_SEC_CERT, pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); + + readCnt = file.Read(pCertBuffer.get(), size); + r = GetLastResult(); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to read file."); + + certBuffLength = static_cast< int >(readCnt); + + switch (events) + { + case FILE_EVENT_TYPE_CLOSE_WRITE: + r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); + break; + + default: + break; + } +} + +void +FileEventListenerCertsSimThirdparty::OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId) +{ + result r = E_SUCCESS; + String fileName(path); + String dirPath; + FileAttributes attr; + File file; + long long size; + int readCnt; + int certBuffLength = 0; + + dirPath.Append(__CERT_MGR_DIR_CERTS_SIM_THIRDPARTY__); + dirPath.Append(fileName); + + r = file.Construct(dirPath, L"r"); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to construct file."); + + r = File::GetAttributes(dirPath, attr); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to get file attributes."); + + size = attr.GetFileSize(); + + std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + SysTryReturnVoidResult(NID_SEC_CERT, pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); + + readCnt = file.Read(pCertBuffer.get(), size); + r = GetLastResult(); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to read file."); + + certBuffLength = static_cast< int >(readCnt); + + switch (events) + { + case FILE_EVENT_TYPE_CLOSE_WRITE: + r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); + break; + + default: + break; + } +} + +void +FileEventListenerCertsSsl::OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId) +{ + result r = E_SUCCESS; + String fileName(path); + String dirPath; + FileAttributes attr; + File file; + long long size; + int readCnt; + int certBuffLength = 0; + + dirPath.Append(__CERT_MGR_DIR_CERTS_SSL__); + dirPath.Append(fileName); + + r = file.Construct(dirPath, L"r"); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to construct file."); + + r = File::GetAttributes(dirPath, attr); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to get file attributes."); + + size = attr.GetFileSize(); + + std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + SysTryReturnVoidResult(NID_SEC_CERT, pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); + + readCnt = file.Read(pCertBuffer.get(), size); + r = GetLastResult(); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to read file."); + + certBuffLength = static_cast< int >(readCnt); + + switch (events) + { + case FILE_EVENT_TYPE_CLOSE_WRITE: + r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); + break; + + default: + break; + } +} + +void +FileEventListenerUsrCaCerts::OnFileEventOccured(const unsigned long events, const Tizen::Base::String& path, const unsigned int eventId) +{ + result r = E_SUCCESS; + String fileName(path); + String dirPath; + FileAttributes attr; + File file; + long long size; + int readCnt; + int certBuffLength = 0; + + dirPath.Append(__CERT_MGR_DIR_CA_CERTS__); + dirPath.Append(fileName); + + r = file.Construct(dirPath, L"r"); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to construct file."); + + r = File::GetAttributes(dirPath, attr); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to get file attributes."); + + size = attr.GetFileSize(); + + std::unique_ptr pCertBuffer(new (std::nothrow) byte[size]); + SysTryReturnVoidResult(NID_SEC_CERT, pCertBuffer != null, E_SYSTEM, "[E_SYSTEM] Failed to allocate buffer."); + + readCnt = file.Read(pCertBuffer.get(), size); + r = GetLastResult(); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to read file."); + + certBuffLength = static_cast< int >(readCnt); + + switch (events) + { + case FILE_EVENT_TYPE_CLOSE_WRITE: + r = _CertService::InsertCaCertificate(_CERT_TYPE_ROOT_CA, _CERT_X509, pCertBuffer.get(), certBuffLength); + SysTryReturnVoidResult(NID_SEC_CERT, !IsFailed(r), E_SYSTEM, "[E_SYSTEM] Failed to insert root certificate."); + break; + + default: + break; + } +} diff --git a/src/PrivilegeService.cpp b/src/PrivilegeService.cpp new file mode 100644 index 0000000..451243e --- /dev/null +++ b/src/PrivilegeService.cpp @@ -0,0 +1,307 @@ +// +// Open Service Platform +// Copyright (c) 2012-2013 Samsung Electronics Co., Ltd. +// +// Licensed under the Apache License, Version 2.0 (the License); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +/** + * @file PrivilegeService.cpp + * @brief This is the implementation file for PrivilegeService class. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "PrivilegeService.h" + +using namespace Tizen::Base; +using namespace Tizen::Base::Runtime; +using namespace Tizen::System; +using namespace Tizen::App; +using namespace Tizen::App::Package; +using namespace Tizen::Io; +using namespace Tizen::Base::Collection; +using namespace Tizen::Security; +using namespace Tizen::Security::Crypto; +using namespace Tizen::Base::Utility; + +PrivilegeService::PrivilegeService(void) + : __pIpcServer(null) +{ + +} + +PrivilegeService::~PrivilegeService(void) +{ + SysLog(NID_SEC, "Enter."); + + delete __pIpcServer; + + SysLog(NID_SEC, "Exit."); +} + + +result +PrivilegeService::Construct(void) +{ + result r = E_SUCCESS; + + SysLog(NID_SEC, "Enter."); + __pIpcServer = new (std::nothrow) _IpcServer(); + SysTryReturn(NID_SEC, __pIpcServer != null, false, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); + + r = __pIpcServer->Construct("osp.security.ipcserver.privilegemanager", *this); + SysTryReturn(NID_SEC, r == E_SUCCESS, false, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + SysLog(NID_SEC, "Exit."); + return r; +} + +void +PrivilegeService::OnIpcServerStarted(const _IpcServer& server) +{ + +} + +void +PrivilegeService::OnIpcServerStopped(const _IpcServer& server) +{ + +} + +void +PrivilegeService::OnIpcClientConnected(const _IpcServer& server, int clientId) +{ + +} + +void +PrivilegeService::OnIpcClientDisconnected(const _IpcServer&server, int clientId) +{ + +} + +bool +PrivilegeService::RetrievePrivilege(String* pEncryptedBitwise, String* pHmac, result* pRes) +{ + String encryptedBitwise; + String hmac; + AppId appId; + + SysLog(NID_SEC, "Enter."); + + __pIpcServer->GetClientAppId().SubString(0, MAX_APP_ID_SIZE, appId); + + *pRes = _PrivilegeManager::RetrieveCipherPrivilegeEx(appId, encryptedBitwise, hmac); + if (*pRes == E_SUCCESS) + { + pEncryptedBitwise->Append(encryptedBitwise); + pHmac->Append(hmac); + } + + SysLog(NID_SEC, "Exit."); + return true; +} + +bool +PrivilegeService::RetrieveVisibility(String* pEncryptedVisibility, String* pHmac, result* pRes) +{ + String encryptedVisibility; + String hmac; + AppId appId; + + SysLog(NID_SEC, "Enter."); + + __pIpcServer->GetClientAppId().SubString(0, MAX_APP_ID_SIZE, appId); + + *pRes = GenerateVisibilityString(appId, pEncryptedVisibility, pHmac); + + SysLog(NID_SEC, "Exit."); + return true; +} + +result +PrivilegeService::GenerateVisibilityString(AppId appId, String* pEncryptedVisibility, String* pHmac) +{ + _PackageInfoImpl infoImpl; + result r = E_SUCCESS; + int visibility = 0; + + String encryptedVisibility; + String checksum; + + SysLog(NID_SEC, "Enter."); + + r = infoImpl.Construct(appId); + if (r == E_APP_NOT_INSTALLED) + { + SysLogException(NID_SEC, E_DATA_NOT_FOUND, "[E_DATA_NOT_FOUND] The privilege information does not exist."); + return E_DATA_NOT_FOUND; + } + SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); + + visibility = infoImpl.GetApiVisibility(); + SysTryReturnResult(NID_SEC, visibility >= 0, E_SYSTEM, "An unexpected system error occurred."); + + r = GetEncryptedVisibility(visibility, encryptedVisibility); + SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); + + r = GetChecksum(appId, visibility, checksum); + SysTryReturnResult(NID_SEC, r == E_SUCCESS, E_SYSTEM, "An unexpected system error occurred."); + + pEncryptedVisibility->Append(encryptedVisibility); + pHmac->Append(checksum); + + SysLog(NID_SEC, "Exit."); + return r; +} + +result +PrivilegeService::GetEncryptedVisibility(int visibility, String& encryptedVisibility) +{ + result r = E_SUCCESS; + ISecretKey* pKey = null; + ByteBuffer ivByte; + ByteBuffer* pEncryptedVisibility = null; + ByteBuffer* pTempVisibility = null; + AesCipher cipherEnc; + const byte ivector[_IV_LEN] = { 0x3E, 0xB5, 0x01, 0x45, 0xE4, 0xF8, 0x75, 0x3F, 0x08, 0x9D, 0x9F, 0x57, 0x3B, 0x63, 0xEF, 0x4B}; + + SysLog(NID_SEC, "Enter."); + + pTempVisibility = new (std::nothrow) ByteBuffer(); + SysTryReturnResult(NID_SEC, pTempVisibility != null, E_OUT_OF_MEMORY, "Memory allocation is failed."); + + r = pTempVisibility->Construct(sizeof(int)); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + r = ivByte.Construct(_IV_LEN); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + r = ivByte.SetArray(ivector, 0, _IV_LEN); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + ivByte.Flip(); + + r = pTempVisibility->SetArray((byte*)(&visibility), 0, sizeof(int)); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + pTempVisibility->Flip(); + + r = cipherEnc.Construct(L"CBC/128/PKCS7PADDING", CIPHER_ENCRYPT); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + pKey = _DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN); + SysTryCatch(NID_SEC, pKey != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + r = cipherEnc.SetKey(*pKey); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + r = cipherEnc.SetInitialVector(ivByte); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + pEncryptedVisibility = cipherEnc.EncryptN(*pTempVisibility); + SysTryCatch(NID_SEC, pTempVisibility != null, r = E_SYSTEM, E_SYSTEM, + "[E_SYSTEM] An unexpected system error occurred."); + + r = StringUtil::EncodeToBase64String(*pEncryptedVisibility, encryptedVisibility); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + // fall through + +CATCH: + + delete pTempVisibility; + delete pKey; + delete pEncryptedVisibility; + + SysLog(NID_SEC, "Exit."); + return r; +} + +result +PrivilegeService::GetChecksum(AppId appId, int visibility, String& checksum) +{ + result r = E_SUCCESS; + byte tempChecksumString[sizeof(int) + MAX_APP_ID_SIZE]; + + ISecretKey* pKey = null; + ByteBuffer ivByte; + ByteBuffer input; + IHmac* pHmac = null; + ByteBuffer* pChecksumByteBuffer = null; + char* pAppId = null; + + SysLog(NID_SEC, "Enter."); + + pAppId = (char*) _StringConverter::CopyToCharArrayN(appId); + SysTryCatch(NID_SEC, pAppId != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + memcpy(tempChecksumString, pAppId, MAX_APP_ID_SIZE); + memcpy(tempChecksumString + MAX_APP_ID_SIZE, (byte*)(&visibility), sizeof(int)); + + delete[] pAppId; + pAppId = null; + + r = input.Construct(MAX_APP_ID_SIZE + sizeof(int)); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + r = input.SetArray(tempChecksumString, 0, MAX_APP_ID_SIZE + sizeof(int)); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + input.Flip(); + + pHmac = new (std::nothrow) Sha1Hmac(); + SysTryCatch(NID_SEC, pHmac != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] Memory allocation is failed."); + + pKey = _DeviceKeyGenerator::GenerateDeviceKeyN(_KEY_LEN); + SysTryCatch(NID_SEC, pKey != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + r = pHmac->SetKey(*pKey); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + pChecksumByteBuffer = pHmac->GetHmacN(input); + SysTryCatch(NID_SEC, pChecksumByteBuffer != null, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + r = StringUtil::EncodeToBase64String(*pChecksumByteBuffer, checksum); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + // fall through + +CATCH: + + delete pKey; + delete pHmac; + delete pChecksumByteBuffer; + + SysLog(NID_SEC, "Exit."); + return r; +} + +void +PrivilegeService::OnIpcRequestReceived(_IpcServer& server, const IPC::Message& message) +{ + IPC_BEGIN_MESSAGE_MAP(PrivilegeService, message) + IPC_MESSAGE_HANDLER_EX(PrivilegeManagerMsg_retrieve, &server, RetrievePrivilege) + IPC_MESSAGE_HANDLER_EX(PrivilegeManagerMsg_retrieveEx, &server, RetrieveVisibility) + IPC_END_MESSAGE_MAP() +} + diff --git a/src/SecurityService.cpp b/src/SecurityService.cpp new file mode 100644 index 0000000..bd2ebed --- /dev/null +++ b/src/SecurityService.cpp @@ -0,0 +1,126 @@ +// +// Open Service Platform +// Copyright (c) 2012-2013 Samsung Electronics Co., Ltd. +// +// Licensed under the Apache License, Version 2.0 (the License); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +/** + * @file SecurityService.cpp + * @brief This is the implementation file for SecurityService class. + */ + +#include +#include +#include + +#include "SecurityService.h" +#include "PrivilegeService.h" +#include "CertificateService.h" + +using namespace Tizen::System; +using namespace Tizen::App; +using namespace Tizen::Base::Collection; + + +static SecurityService* __pSecurityService = null; + +SecurityService::SecurityService(void) + : __pPrivilegeService(null) + , __pCertificateService(null) +{ + +} + +SecurityService::~SecurityService(void) +{ + +} + +Service* +SecurityService::CreateInstance(void) +{ + result r = E_SUCCESS; + + ClearLastResult(); + + if (__pSecurityService == null) + { + __pSecurityService = new (std::nothrow) SecurityService(); + if (__pSecurityService == null) + { + AppLogException("[E_OUT_OF_MEMORY] The memory is insufficient."); + r = E_OUT_OF_MEMORY; + } + } + + SetLastResult(r); + + return __pSecurityService; +} + +bool +SecurityService::OnAppInitializing(AppRegistry& appRegistry) +{ + result r = E_SUCCESS; + + AppLog("Enter"); + __pPrivilegeService = new (std::nothrow) PrivilegeService(); + SysTryReturn(NID_SEC, __pPrivilegeService != null, false, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); + + r = __pPrivilegeService->Construct(); + SysTryReturn(NID_SEC, r == E_SUCCESS, false, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + __pCertificateService = new (std::nothrow) CertificateService(); //return true even if error occured + //because privilege must be running. + SysTryCatch(NID_SEC, __pCertificateService != null, r = E_OUT_OF_MEMORY, E_OUT_OF_MEMORY, "[E_OUT_OF_MEMORY] The memory is insufficient."); + + r = __pCertificateService->Construct(); + SysTryCatch(NID_SEC, r == E_SUCCESS, r = E_SYSTEM, E_SYSTEM, "[E_SYSTEM] An unexpected system error occurred."); + + AppLog("Exit"); +CATCH: + return true; +} + +bool +SecurityService::OnAppTerminating(AppRegistry& appRegistry, bool forcedTermination) +{ + AppLog("Enter"); + + delete __pPrivilegeService; + delete __pCertificateService; + + AppLog("Exit"); + return true; +} + +void +SecurityService::OnLowMemory(void) +{ + +} + +void +SecurityService::OnBatteryLevelChanged(BatteryLevel batteryLevel) +{ + +} + +void +SecurityService::OnUserEventReceivedN(RequestId requestId, Tizen::Base::Collection::IList *pArgs) +{ + +} + + diff --git a/src/SecurityServiceEntry.cpp b/src/SecurityServiceEntry.cpp new file mode 100644 index 0000000..a589912 --- /dev/null +++ b/src/SecurityServiceEntry.cpp @@ -0,0 +1,80 @@ +// +// Open Service Platform +// Copyright (c) 2012-2013 Samsung Electronics Co., Ltd. +// +// Licensed under the Apache License, Version 2.0 (the License); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +/** + * @file SecurirtyServiceEntry.cpp + * @brief This is the implementation file for SecurirtyService entry point. + */ + +#include +#include +#include + +#include "SecurityService.h" + +using namespace Tizen::Base; +using namespace Tizen::Base::Collection; + +#ifdef __cplusplus +extern "C" +{ +#endif // __cplusplus + +_OSP_EXPORT_ int OspMain(int argc, char *pArgv[]); +#ifdef _PROFILE +extern void start_profile (void); +extern void end_profile (void); +#else +#define start_profile(void) +#define end_profile(void) +#endif + + +/** + * The entry function of Tizen application called by the operating system. + */ +int +OspMain(int argc, char *pArgv[]) +{ + result r = E_SUCCESS; + + AppLog("Application started."); + ArrayList* pArgs = new ArrayList(); + pArgs->Construct(); + for (int i = 0; i < argc; i++) + { + pArgs->Add(*(new String(pArgv[i]))); + } + + start_profile(); + r = Tizen::App::ServiceApp::Execute(SecurityService::CreateInstance, pArgs); + if (IsFailed(r)) + { + AppLogException("Application execution failed-[%s].", GetErrorMessage(r)); + r &= 0x0000FFFF; + } + end_profile(); + + pArgs->RemoveAll(true); + delete pArgs; + AppLog("Application finished."); + + return static_cast(r); +} +#ifdef __cplusplus +} +#endif // __cplusplus diff --git a/src/SecurityServiceMessage.cpp b/src/SecurityServiceMessage.cpp new file mode 100644 index 0000000..8cfd574 --- /dev/null +++ b/src/SecurityServiceMessage.cpp @@ -0,0 +1,44 @@ +// +// Open Service Platform +// Copyright (c) 2012-2013 Samsung Electronics Co., Ltd. +// +// Licensed under the Apache License, Version 2.0 (the License); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + +/** + * @file PrivilegeServiceMessage.cpp + * @brief This is the message type of the IPC communication of PrivilegeService daemon. + */ + +#define IPC_MESSAGE_IMPL +#include + +// Generate constructors. +#include +#include +// Generate destructors. + +#include +#include + +// Generate param traits write methods. +#include +namespace IPC { +#include +} // namespace IPC + +// Generate param traits read methods. +#include +namespace IPC { +#include +} // namespace IPC diff --git a/system-service-export.ver b/system-service-export.ver new file mode 100755 index 0000000..68c06a8 --- /dev/null +++ b/system-service-export.ver @@ -0,0 +1,6 @@ +{ +global: + OspMain; +local: + *; +}; -- 2.7.4