From d6794c55722eb02b1c4263c81a4b33aea7c6bb35 Mon Sep 17 00:00:00 2001 From: Manasij Sur Roy Date: Thu, 28 Apr 2016 12:47:31 +0530 Subject: [PATCH 01/16] Added Tizen Facet ID rule check Change-Id: If05ee666ad04228b0989507ca88a1a1d5a3185c7 Signed-off-by: Manasij Sur Roy --- packaging/fido-client.spec | 1 + server/CMakeLists.txt | 2 + server/fido_app_id_handler.c | 134 ++++++++++++++++++++++++++++++++++++++++++- 3 files changed, 134 insertions(+), 3 deletions(-) diff --git a/packaging/fido-client.spec b/packaging/fido-client.spec index fbd40ae..98a4fe2 100644 --- a/packaging/fido-client.spec +++ b/packaging/fido-client.spec @@ -37,6 +37,7 @@ BuildRequires: pkgconfig(json-glib-1.0) BuildRequires: pkgconfig(gobject-2.0) ##BuildRequires: pkgconfig(capi-appfw-application) BuildRequires: pkgconfig(capi-appfw-app-manager) +BuildRequires: pkgconfig(capi-appfw-package-manager) BuildRequires: pkgconfig(libsoup-2.4) BuildRequires: pkgconfig(elementary) BuildRequires: pkgconfig(efl-extension) diff --git a/server/CMakeLists.txt b/server/CMakeLists.txt index 41cbd57..904fb9b 100755 --- a/server/CMakeLists.txt +++ b/server/CMakeLists.txt @@ -14,6 +14,7 @@ pkg_check_modules(SERVER_pkgs REQUIRED aul libsoup-2.4 capi-appfw-app-manager + capi-appfw-package-manager openssl bundle cynara-client @@ -32,6 +33,7 @@ pkg_check_modules(SERVER_pkgs REQUIRED aul libsoup-2.4 capi-appfw-app-manager + capi-appfw-package-manager openssl bundle ) diff --git a/server/fido_app_id_handler.c b/server/fido_app_id_handler.c index 58a9f5c..70e347d 100644 --- a/server/fido_app_id_handler.c +++ b/server/fido_app_id_handler.c @@ -25,6 +25,8 @@ #include #include #include +#include +#include #include "fido_internal_types.h" #include "fido_json_handler.h" @@ -37,6 +39,9 @@ #define _MAX_NW_TIME_OUT 20 +#define FIDO_APP_ID_KEY_TIZEN "tizen" +#define FIDO_APP_ID_KEY_PKG_HASH "pkg-key-hash" + typedef struct _app_id_cb_data { char *caller_app_id; char *real_app_id; @@ -44,6 +49,12 @@ typedef struct _app_id_cb_data { void *user_data; } _app_id_cb_data_t; +typedef struct _cert_match_info { + const char *cert_str; + bool is_matched; +} cert_match_info_s; + + static inline int __read_proc(const char *path, char *buf, int size) { @@ -143,6 +154,114 @@ __get_appid_of_dbus_caller(GDBusMethodInvocation *invocation) return app_id; } +/*tizen:pkg-key-hash:*/ +const char* +__get_pub_key(const char *json_id_str) +{ + _INFO("__get_pub_key starting"); + + RET_IF_FAIL(json_id_str != NULL, NULL); + + + char *save_ptr; + char *os = strtok_r(strdup(json_id_str), ":", &save_ptr); + + RET_IF_FAIL(os != NULL, NULL); + + if (strcmp(os, FIDO_APP_ID_KEY_TIZEN) != 0) { + _ERR("[%s] is not supported", os); + return NULL; + } + + char *type = strtok_r(NULL, ":", &save_ptr); + RET_IF_FAIL(type != NULL, NULL); + + if (strcmp(type, FIDO_APP_ID_KEY_PKG_HASH) != 0) { + _ERR("[%s] is not supported", type); + return NULL; + } + + char *pub_key = strtok_r(NULL, ":", &save_ptr); + RET_IF_FAIL(pub_key != NULL, NULL); + + _INFO("__get_pub_key end"); + + return pub_key; +} + +static bool +__cert_cb(package_info_h handle, package_cert_type_e cert_type, const char *cert_value, void *user_data) +{ + _INFO("__cert_cb start"); + + cert_match_info_s *cert_match_info = user_data; + + + _INFO("cert type = [%d]", cert_type); + _INFO("cert value = [%s]", cert_value); + + if (strcmp(cert_value, cert_match_info->cert_str) == 0) { + cert_match_info->is_matched = true; + _INFO("Comparison success"); + return false; + } + + return true; +} + +static bool +__verify_caller_id_with_author_cert(const char *caller_app_id, const char *json_id_str) +{ + _INFO("__verify_caller_id_with_author_cert start"); + + RET_IF_FAIL(caller_app_id != NULL, false); + RET_IF_FAIL(json_id_str != NULL, false); + + app_info_h app_info = NULL; + int ret = app_info_create(caller_app_id, &app_info); + if (ret != APP_MANAGER_ERROR_NONE) { + _ERR("app_info_create failed [%d]", ret); + return false; + } + + package_info_h pkg_info = NULL; + char *pkg_name = NULL; + + cert_match_info_s cert_match_info; + cert_match_info.is_matched = false; + + cert_match_info.cert_str = __get_pub_key(json_id_str); + CATCH_IF_FAIL(cert_match_info.cert_str != NULL); + + + _INFO("Before app_info_get_package"); + + ret = app_info_get_package(app_info, &pkg_name); + CATCH_IF_FAIL(ret == APP_MANAGER_ERROR_NONE); + + _INFO("Before package_info_create [%s]", pkg_name); + ret = package_info_create(pkg_name, &pkg_info); + CATCH_IF_FAIL(ret == APP_MANAGER_ERROR_NONE); + + _INFO("Before package_info_foreach_cert_info"); + package_info_foreach_cert_info(pkg_info, __cert_cb, &cert_match_info); + + _INFO("After foreach_cert_info"); + +CATCH : + app_info_destroy(app_info); + _INFO("After app_info_destroy"); + + package_info_destroy(pkg_info); + _INFO("After package_info_destroy"); + + SAFE_DELETE(pkg_name); + + _INFO("Before return"); + + return cert_match_info.is_matched; +} + static void __soup_cb(SoupSession *session, SoupMessage *msg, gpointer user_data) { @@ -176,14 +295,23 @@ __soup_cb(SoupSession *session, SoupMessage *msg, gpointer user_data) GList *app_id_list_iter = app_id_list; while (app_id_list_iter != NULL) { char *id = (char *)(app_id_list_iter->data); - SoupURI *parsed_uri = soup_uri_new(id); - if (parsed_uri == NULL) + + /*Try Rule = tizen:pkg-key-hash:*/ + bool is_cert_matched = + __verify_caller_id_with_author_cert(cb_data->caller_app_id, id); + if (is_cert_matched == true) { + real_app_id = strdup(id); + error_code = FIDO_ERROR_NONE; + break; + } else { + /*Try Rule = String comparison*/ if (strcmp(cb_data->caller_app_id, id) == 0) { real_app_id = strdup(id); error_code = FIDO_ERROR_NONE; break; } - soup_uri_free(parsed_uri); + } + app_id_list_iter = app_id_list_iter->next; } -- 2.7.4 From 5610355dd5bc4db4e7d196919bd6dde32e4bf8b9 Mon Sep 17 00:00:00 2001 From: Manasij Sur Roy Date: Fri, 13 May 2016 20:41:15 +0530 Subject: [PATCH 02/16] Random Build Error Fix : Made common lib Change-Id: I1c882ed115edef60e57066791d9bb7951bef20b0 Signed-off-by: Manasij Sur Roy --- CMakeLists.txt | 9 ++++++--- client/CMakeLists.txt | 26 +++++++++--------------- common/CMakeLists.txt | 50 ++++++++++++++++++++++++++++++++++++++++++++++ fido_svc_ui/CMakeLists.txt | 11 ++-------- packaging/fido-client.spec | 2 +- server/CMakeLists.txt | 15 ++------------ 6 files changed, 70 insertions(+), 43 deletions(-) create mode 100644 common/CMakeLists.txt diff --git a/CMakeLists.txt b/CMakeLists.txt index d434402..5668f87 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -7,13 +7,16 @@ SET(INCLUDEDIR "\${prefix}/include ") SET(VERSION_MAJOR 0) SET(VERSION "${VERSION_MAJOR}.0.1") -ADD_SUBDIRECTORY(client) +ADD_SUBDIRECTORY(common) ADD_SUBDIRECTORY(fido_svc_ui) ADD_SUBDIRECTORY(server) -ADD_DEPENDENCIES(fido-service fido-ui-service) +ADD_SUBDIRECTORY(client) +ADD_DEPENDENCIES(fido-service fido-client-common) +ADD_DEPENDENCIES(org.tizen.fidosvcui fido-client-common) +ADD_DEPENDENCIES(fido-client fido-client-common) #INSTALL(DIRECTORY lib/fido/asm/ DESTINATION lib/fido/asm/) ADD_SUBDIRECTORY(test/Dummy_ASM_DBUS) -ADD_SUBDIRECTORY(test/shell_tc) +##ADD_SUBDIRECTORY(test/shell_tc) MESSAGE( STATUS "USE_JSON_BUILDER: " ${USE_JSON_BUILDER} ) if(NOT USE_JSON_BUILDER) ADD_SUBDIRECTORY(test/Fido_Sample_RPM) diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt index c732b74..45dd751 100644 --- a/client/CMakeLists.txt +++ b/client/CMakeLists.txt @@ -1,11 +1,9 @@ +SET(CLIENT_LIB fido-client) + SET(CLIENT_SRCS fido_uaf_client.c fido_uaf_authenticator.c - ../common/fido_json_handler.c - ../common/fido_b64_util.c - ../common/fido_tlv_util.c - ../common/fido_uaf_utils.c ) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) @@ -37,26 +35,20 @@ if(USE_JSON_BUILDER) add_definitions(-DWITH_JSON_BUILDER) endif() -ADD_CUSTOM_COMMAND(OUTPUT ${CMAKE_SOURCE_DIR}/common/fido-stub.c ${CMAKE_SOURCE_DIR}/common/fido-stub.h -WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/common/ -COMMAND gdbus-codegen --interface-prefix org.tizen. --generate-c-code fido-stub ${CMAKE_SOURCE_DIR}/common/dbus_interfaces/fido.xml -COMMENT "Generating FIDO GDBus stubs........................") +ADD_LIBRARY(${CLIENT_LIB} SHARED ${CLIENT_SRCS}) -ADD_LIBRARY(${PROJECT_NAME} SHARED ${CLIENT_SRCS} ${CMAKE_SOURCE_DIR}/common/fido-stub.c) -ADD_DEPENDENCIES(${PROJECT_NAME} ${CMAKE_SOURCE_DIR}/common/fido-stub.h) -ADD_DEPENDENCIES(${PROJECT_NAME} ${CMAKE_SOURCE_DIR}/common/fido-stub.c) -SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES SOVERSION ${VERSION_MAJOR}) -SET_TARGET_PROPERTIES(${PROJECT_NAME} PROPERTIES VERSION ${VERSION}) +SET_TARGET_PROPERTIES(${CLIENT_LIB} PROPERTIES SOVERSION ${VERSION_MAJOR}) +SET_TARGET_PROPERTIES(${CLIENT_LIB} PROPERTIES VERSION ${VERSION}) -TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${CLIENT_PKGS_LDFLAGS}) +TARGET_LINK_LIBRARIES(${CLIENT_LIB} ${CLIENT_PKGS_LDFLAGS} fido-client-common) -INSTALL(TARGETS ${PROJECT_NAME} DESTINATION ${LIBDIR}) +INSTALL(TARGETS ${CLIENT_LIB} DESTINATION ${LIBDIR}) INSTALL(FILES ${CMAKE_SOURCE_DIR}/include/fido.h DESTINATION include) INSTALL(FILES ${CMAKE_SOURCE_DIR}/include/fido_uaf_authenticator.h DESTINATION include) INSTALL(FILES ${CMAKE_SOURCE_DIR}/include/fido_uaf_client.h DESTINATION include) INSTALL(FILES ${CMAKE_SOURCE_DIR}/common/fido_uaf_types.h DESTINATION include) -CONFIGURE_FILE(${CMAKE_SOURCE_DIR}/client/${PROJECT_NAME}.pc.in ${CMAKE_SOURCE_DIR}/client/${PROJECT_NAME}.pc @ONLY) -INSTALL(FILES ${CMAKE_SOURCE_DIR}/client/${PROJECT_NAME}.pc DESTINATION ${LIBDIR}/pkgconfig) +CONFIGURE_FILE(${CMAKE_SOURCE_DIR}/client/${CLIENT_LIB}.pc.in ${CMAKE_SOURCE_DIR}/client/${CLIENT_LIB}.pc @ONLY) +INSTALL(FILES ${CMAKE_SOURCE_DIR}/client/${CLIENT_LIB}.pc DESTINATION ${LIBDIR}/pkgconfig) diff --git a/common/CMakeLists.txt b/common/CMakeLists.txt new file mode 100644 index 0000000..4770bc2 --- /dev/null +++ b/common/CMakeLists.txt @@ -0,0 +1,50 @@ + +SET(FIDO_COMMON fido-client-common) + +SET(FIDO_COMMON_SRCS + fido_json_handler.c + fido_b64_util.c + fido_tlv_util.c + fido_uaf_utils.c +) + +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) +INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/common) + +INCLUDE(FindPkgConfig) +pkg_check_modules(FIDO_COMMON_PKGS REQUIRED + dlog + glib-2.0 + gio-unix-2.0 + gobject-2.0 + capi-base-common + json-glib-1.0 + openssl +) + +FOREACH(flag ${FIDO_COMMON_PKGS_CFLAGS}) + SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") +ENDFOREACH(flag) + +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -Wall -Werror") +SET(CMAKE_LDFLAGS "-Wl,-zdefs") + +ADD_DEFINITIONS("-DPREFIX=\"${CMAKE_INSTALL_PREFIX}\"") +ADD_DEFINITIONS("-DFACTORYFS=\"$ENV{FACTORYFS}\"") +ADD_DEFINITIONS("-DSLP_DEBUG") + +if(USE_JSON_BUILDER) +add_definitions(-DWITH_JSON_BUILDER) +endif() + +ADD_CUSTOM_COMMAND(OUTPUT ${CMAKE_SOURCE_DIR}/common/fido-stub.c ${CMAKE_SOURCE_DIR}/common/fido-stub.h +WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/common/ +COMMAND gdbus-codegen --interface-prefix org.tizen. --generate-c-code fido-stub ${CMAKE_SOURCE_DIR}/common/dbus_interfaces/fido.xml +COMMENT "Generating FIDO GDBus stubs........................") + +ADD_LIBRARY(${FIDO_COMMON} STATIC ${FIDO_COMMON_SRCS} ${CMAKE_SOURCE_DIR}/common/fido-stub.c) +ADD_DEPENDENCIES(${FIDO_COMMON} ${CMAKE_SOURCE_DIR}/common/fido-stub.h) +ADD_DEPENDENCIES(${FIDO_COMMON} ${CMAKE_SOURCE_DIR}/common/fido-stub.c) + + +TARGET_LINK_LIBRARIES(${FIDO_COMMON} ${FIDO_COMMON_PKGS_LDFLAGS}) diff --git a/fido_svc_ui/CMakeLists.txt b/fido_svc_ui/CMakeLists.txt index a58e072..c0c312c 100644 --- a/fido_svc_ui/CMakeLists.txt +++ b/fido_svc_ui/CMakeLists.txt @@ -54,16 +54,9 @@ FOREACH(flag ${UI_PKGS_CFLAGS}) SET(EXTRA_CFLGAS "${EXTRA_CFLGAS} ${flag}") ENDFOREACH(flag) -ADD_CUSTOM_COMMAND(OUTPUT ${CMAKE_SOURCE_DIR}/common/fido-stub.c ${CMAKE_SOURCE_DIR}/common/fido-stub.h -WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/common/ -COMMAND gdbus-codegen --interface-prefix org.tizen. --generate-c-code fido-stub ${CMAKE_SOURCE_DIR}/common/dbus_interfaces/fido.xml -COMMENT "Generating FIDO GDBus stubs........................") - SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fPIE ${EXTRA_CFLGAS}") -ADD_EXECUTABLE(${UI_PACKAGE_NAME} ${UI_SRCS} ${CMAKE_SOURCE_DIR}/common/fido-stub.c) -ADD_DEPENDENCIES(${UI_PACKAGE_NAME} ${CMAKE_SOURCE_DIR}/common/fido-stub.h) -ADD_DEPENDENCIES(${UI_PACKAGE_NAME} ${CMAKE_SOURCE_DIR}/common/fido-stub.c) -TARGET_LINK_LIBRARIES(${UI_PACKAGE_NAME} "-pie" ${UI_PKGS_LDFLAGS}) +ADD_EXECUTABLE(${UI_PACKAGE_NAME} ${UI_SRCS}) +TARGET_LINK_LIBRARIES(${UI_PACKAGE_NAME} "-pie" ${UI_PKGS_LDFLAGS} fido-client-common) CONFIGURE_FILE(${UI_PACKAGE_NAME}.xml.in ${UI_PACKAGE_NAME}.xml) if(USE_JSON_BUILDER) diff --git a/packaging/fido-client.spec b/packaging/fido-client.spec index 98a4fe2..2100daf 100644 --- a/packaging/fido-client.spec +++ b/packaging/fido-client.spec @@ -184,7 +184,7 @@ chsmack -a '_' %{_libdir}/fido/asm/ %{_libdir}/*.so %{_libdir}/pkgconfig/*.pc %{_includedir}/*.h -/opt/usr/devel/fido/tc/* +##/opt/usr/devel/fido/tc/* ################################################################################# diff --git a/server/CMakeLists.txt b/server/CMakeLists.txt index 904fb9b..4f78439 100755 --- a/server/CMakeLists.txt +++ b/server/CMakeLists.txt @@ -48,29 +48,18 @@ SET(SERVER_SRCS fido_asm_plugin_manager.c fido_uaf_policy_checker.c fido_selection_ui_adaptor.c - ../common/fido_uaf_utils.c - ../common/fido_json_handler.c - ../common/fido_tlv_util.c fido_app_id_handler.c - ../common/fido_b64_util.c fido_privilege_checker.c ) INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/common) -ADD_CUSTOM_COMMAND(OUTPUT ${CMAKE_SOURCE_DIR}/common/fido-stub.c ${CMAKE_SOURCE_DIR}/common/fido-stub.h -WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/common/ -COMMAND gdbus-codegen --interface-prefix org.tizen. --generate-c-code fido-stub ${CMAKE_SOURCE_DIR}/common/dbus_interfaces/fido.xml -COMMENT "Generating FIDO GDBus stubs........................") - SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -Wall -Werror") SET(CMAKE_LDFLAGS "-Wl,-zdefs") -ADD_EXECUTABLE(${SVC_DAEMON} ${SERVER_SRCS} ${CMAKE_SOURCE_DIR}/common/fido-stub.c) -ADD_DEPENDENCIES(${SVC_DAEMON} ${CMAKE_SOURCE_DIR}/common/fido-stub.h) -ADD_DEPENDENCIES(${SVC_DAEMON} ${CMAKE_SOURCE_DIR}/common/fido-stub.c) +ADD_EXECUTABLE(${SVC_DAEMON} ${SERVER_SRCS}) -TARGET_LINK_LIBRARIES(${SVC_DAEMON} ${SERVER_pkgs_LDFLAGS}) +TARGET_LINK_LIBRARIES(${SVC_DAEMON} ${SERVER_pkgs_LDFLAGS} fido-client-common) INSTALL(TARGETS ${SVC_DAEMON} DESTINATION bin) -- 2.7.4 From 8f38291c998ef064ad20770ec7c3cf655ca014f1 Mon Sep 17 00:00:00 2001 From: Manasij Sur Roy Date: Mon, 16 May 2016 15:55:10 +0530 Subject: [PATCH 03/16] SVACE issue fix Change-Id: I608bc336a8cb8f76b259a1a1886bf802038b7177 Signed-off-by: Manasij Sur Roy --- server/fido_server.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/server/fido_server.c b/server/fido_server.c index fa7285b..c940e7d 100755 --- a/server/fido_server.c +++ b/server/fido_server.c @@ -837,6 +837,14 @@ _discover_response_cb_for_process(int tz_error_code, int error_code, GList *avai return; } + if (cb_data->uaf_req->header->operation == NULL) { + _ERR("op field missing in uaf json message"); + + _send_process_response(cb_data, FIDO_ERROR_PROTOCOL_ERROR, NULL); + + return; + } + _INFO("cb_data->type = [%d]", cb_data->type); GList *available_authenticators_full = g_list_first(available_authenticators); @@ -845,10 +853,7 @@ _discover_response_cb_for_process(int tz_error_code, int error_code, GList *avai _INFO("_PROCESS_TYPE_CHECK_POLICY"); - if (cb_data->uaf_req->header->operation != NULL) - _INFO("operation = [%s]", cb_data->uaf_req->header->operation); - else - _ERR("operation = [NULL]"); + _INFO("operation = [%s]", cb_data->uaf_req->header->operation); if ((strcmp(cb_data->uaf_req->header->operation, _UAF_OPERATION_NAME_KEY_REG) == 0) || ((strcmp(cb_data->uaf_req->header->operation, _UAF_OPERATION_NAME_KEY_AUTH) == 0))) { -- 2.7.4 From 151c71ce94b2d5e2ae141c58c7c0f6068b2ef45f Mon Sep 17 00:00:00 2001 From: Manasij Sur Roy Date: Wed, 18 May 2016 16:13:00 +0530 Subject: [PATCH 04/16] Removed Cynara based privilege checking Change-Id: I8c4eb96d22d3c91b9e8c9a6073379d708be83bd8 Signed-off-by: Manasij Sur Roy --- packaging/fido-client.spec | 3 - server/CMakeLists.txt | 3 - server/fido_privilege_checker.c | 173 ---------------------------------------- 3 files changed, 179 deletions(-) diff --git a/packaging/fido-client.spec b/packaging/fido-client.spec index 2100daf..1b5bb74 100644 --- a/packaging/fido-client.spec +++ b/packaging/fido-client.spec @@ -26,9 +26,6 @@ BuildRequires: pkgconfig(gio-unix-2.0) %if "%{?tizen_version}" == "3.0" BuildRequires: pkgconfig(libtzplatform-config) -BuildRequires: pkgconfig(cynara-client) -BuildRequires: pkgconfig(cynara-session) -BuildRequires: pkgconfig(cynara-creds-gdbus) %endif BuildRequires: pkgconfig(pkgmgr-info) diff --git a/server/CMakeLists.txt b/server/CMakeLists.txt index 4f78439..7dd8eda 100755 --- a/server/CMakeLists.txt +++ b/server/CMakeLists.txt @@ -17,9 +17,6 @@ pkg_check_modules(SERVER_pkgs REQUIRED capi-appfw-package-manager openssl bundle - cynara-client - cynara-session - cynara-creds-gdbus libtzplatform-config ) else() diff --git a/server/fido_privilege_checker.c b/server/fido_privilege_checker.c index d6e88d2..352efff 100644 --- a/server/fido_privilege_checker.c +++ b/server/fido_privilege_checker.c @@ -18,181 +18,8 @@ #include "fido_privilege_checker.h" #include "fido_logs.h" -#ifdef WITH_JSON_BUILDER -#include -#include -#include -static cynara *__cynara = NULL; -#endif - -#define _DISABLE_PRIV_CHECK - -#ifdef WITH_JSON_BUILDER - -static guint -_get_client_pid(GDBusMethodInvocation* invoc) -{ - const char *name = NULL; - name = g_dbus_method_invocation_get_sender(invoc); - if (name == NULL) { - _ERR("g_dbus_method_invocation_get_sender failed"); - return -1; - } - _INFO("sender=[%s]", name); - - - guint pid = -1; - GError *error = NULL; - GVariant *_ret; - - _INFO("calling GetConnectionUnixProcessID"); - - GDBusConnection* conn = g_dbus_method_invocation_get_connection(invoc); - _ret = g_dbus_connection_call_sync(conn, - "org.freedesktop.DBus", - "/org/freedesktop/DBus", - "org.freedesktop.DBus", - "GetConnectionUnixProcessID", - g_variant_new("(s)", name), - NULL, - G_DBUS_CALL_FLAGS_NONE, - -1, - NULL, - &error); - - if (_ret != NULL) { - g_variant_get(_ret, "(u)", &pid); - g_variant_unref(_ret); - } - - _INFO("process Id = [%u]", pid); - return pid; -} - -static int -__check_privilege_by_cynara(const char *client, const char *session, const char *user, const char *privilege) -{ -#ifdef WITH_JSON_BUILDER - int ret; - char err_buf[128] = {0,}; - - ret = cynara_check(__cynara, client, session, user, privilege); - switch (ret) { - case CYNARA_API_ACCESS_ALLOWED: - _DBG("cynara_check success"); - return FIDO_ERROR_NONE; - - case CYNARA_API_ACCESS_DENIED: - _ERR("cynara_check permission deined, privilege=%s, error = CYNARA_API_ACCESS_DENIED", privilege); - return FIDO_ERROR_PERMISSION_DENIED; - - default: - cynara_strerror(ret, err_buf, sizeof(err_buf)); - _ERR("cynara_check error : %s, privilege=%s, ret = %d", err_buf, privilege, ret); - return FIDO_ERROR_PERMISSION_DENIED; - } - - return FIDO_ERROR_NONE; -#endif - - return FIDO_ERROR_NONE; -} - -static int -__get_information_for_cynara_check(GDBusMethodInvocation *invocation, char **client, char **user, char **session) -{ -#ifdef WITH_JSON_BUILDER - GDBusConnection *gdbus_conn = NULL; - char* sender = NULL; - int ret = -1; - - gdbus_conn = g_dbus_method_invocation_get_connection(invocation); - if (gdbus_conn == NULL) { - _ERR("g_dbus_method_invocation_get_connection failed"); - return -1; - } - - sender = (char*) g_dbus_method_invocation_get_sender(invocation); - if (sender == NULL) { - _ERR("g_dbus_method_invocation_get_sender failed"); - return -1; - } - - ret = cynara_creds_gdbus_get_user(gdbus_conn, sender, USER_METHOD_DEFAULT, user); - if (ret != CYNARA_API_SUCCESS) { - _ERR("cynara_creds_gdbus_get_user failed, ret = %d", ret); - return -1; - } - - ret = cynara_creds_gdbus_get_client(gdbus_conn, sender, CLIENT_METHOD_DEFAULT, client); - if (ret != CYNARA_API_SUCCESS) { - _ERR("cynara_creds_gdbus_get_client failed, ret = %d", ret); - return -1; - } - - guint pid = _get_client_pid(invocation); - _INFO("client Id = [%u]", pid); - - *session = cynara_session_from_pid(pid); - if (*session == NULL) { - _ERR("cynara_session_from_pid failed"); - return -1; - } - return FIDO_ERROR_NONE; - #endif - - return FIDO_ERROR_NONE; -} -#endif - bool is_allowed_to_call(GDBusMethodInvocation *invocation, const char* privilege) { -#ifdef WITH_JSON_BUILDER - - int ret = -1; - - if (__cynara == NULL) { - ret = cynara_initialize(&__cynara, NULL); - if (ret != CYNARA_API_SUCCESS) { - _ERR("CYNARA Initialization fail"); - return false; - } - } - - char *client = NULL; - char *session = NULL; - char *user = NULL; - - ret = __get_information_for_cynara_check(invocation, &client, &user, &session); - if (ret != FIDO_ERROR_NONE) { - _ERR("__get_information_for_cynara_check failed"); - g_free(client); - g_free(user); - SAFE_DELETE(session); - - return false; - } - - ret = __check_privilege_by_cynara(client, session, user, privilege); - - /*TODO enable after smack is defined*/ -#ifndef _DISABLE_PRIV_CHECK - if (ret != FIDO_ERROR_NONE) { - _ERR("__check_privilege_by_cynara failed, ret = %d", ret); - g_free(client); - g_free(user); - SAFE_DELETE(session); - - return false; - } -#endif - g_free(client); - g_free(user); - SAFE_DELETE(session); - - return true; - #endif - return true; } -- 2.7.4 From 7e8155afbb265301d6f32a08317f705e1c1c1aef Mon Sep 17 00:00:00 2001 From: Manasij Sur Roy Date: Wed, 25 May 2016 20:40:46 +0530 Subject: [PATCH 05/16] Refactored Tizen Facet ID Rule Verification Change-Id: I55806b520645f14f0d670630732f2c271099ea0a Signed-off-by: Manasij Sur Roy --- packaging/fido-client.spec | 3 +- server/CMakeLists.txt | 2 + server/fido_app_id_handler.c | 447 +++++++++++---- test/3_0_Sample_App/FIDOSample/.cproject | 576 +++++++++++++++++++ test/3_0_Sample_App/FIDOSample/.exportMap | 4 + test/3_0_Sample_App/FIDOSample/.package-stamp | 1 + test/3_0_Sample_App/FIDOSample/.project | 26 + test/3_0_Sample_App/FIDOSample/.sdk_delta.info | 0 test/3_0_Sample_App/FIDOSample/.sign/.manifest.tmp | 7 + .../FIDOSample/.sign/author-signature.xml | 78 +++ .../3_0_Sample_App/FIDOSample/.sign/signature1.xml | 80 +++ test/3_0_Sample_App/FIDOSample/.tproject | 12 + test/3_0_Sample_App/FIDOSample/inc/fidosample.h | 37 ++ test/3_0_Sample_App/FIDOSample/project_def.prop | 11 + test/3_0_Sample_App/FIDOSample/res/auth_req.json | 49 ++ test/3_0_Sample_App/FIDOSample/res/dereg_req.json | 17 + test/3_0_Sample_App/FIDOSample/res/reg_req.json | 32 ++ .../FIDOSample/shared/res/fidosample.png | Bin 0 -> 57662 bytes test/3_0_Sample_App/FIDOSample/src/fidosample.c | 638 +++++++++++++++++++++ test/3_0_Sample_App/FIDOSample/tizen-manifest.xml | 12 + 20 files changed, 1913 insertions(+), 119 deletions(-) create mode 100644 test/3_0_Sample_App/FIDOSample/.cproject create mode 100644 test/3_0_Sample_App/FIDOSample/.exportMap create mode 100644 test/3_0_Sample_App/FIDOSample/.package-stamp create mode 100644 test/3_0_Sample_App/FIDOSample/.project create mode 100644 test/3_0_Sample_App/FIDOSample/.sdk_delta.info create mode 100644 test/3_0_Sample_App/FIDOSample/.sign/.manifest.tmp create mode 100644 test/3_0_Sample_App/FIDOSample/.sign/author-signature.xml create mode 100644 test/3_0_Sample_App/FIDOSample/.sign/signature1.xml create mode 100644 test/3_0_Sample_App/FIDOSample/.tproject create mode 100644 test/3_0_Sample_App/FIDOSample/inc/fidosample.h create mode 100644 test/3_0_Sample_App/FIDOSample/project_def.prop create mode 100644 test/3_0_Sample_App/FIDOSample/res/auth_req.json create mode 100644 test/3_0_Sample_App/FIDOSample/res/dereg_req.json create mode 100644 test/3_0_Sample_App/FIDOSample/res/reg_req.json create mode 100644 test/3_0_Sample_App/FIDOSample/shared/res/fidosample.png create mode 100644 test/3_0_Sample_App/FIDOSample/src/fidosample.c create mode 100644 test/3_0_Sample_App/FIDOSample/tizen-manifest.xml diff --git a/packaging/fido-client.spec b/packaging/fido-client.spec index 1b5bb74..90ce681 100644 --- a/packaging/fido-client.spec +++ b/packaging/fido-client.spec @@ -35,6 +35,7 @@ BuildRequires: pkgconfig(gobject-2.0) ##BuildRequires: pkgconfig(capi-appfw-application) BuildRequires: pkgconfig(capi-appfw-app-manager) BuildRequires: pkgconfig(capi-appfw-package-manager) +BuildRequires: pkgconfig(pkgmgr-info) BuildRequires: pkgconfig(libsoup-2.4) BuildRequires: pkgconfig(elementary) BuildRequires: pkgconfig(efl-extension) @@ -270,7 +271,7 @@ This is a dummy ASM for testing FIDO client. %{_libdir}/fido/asm/dummy_asm.json %endif -%if "%{?tizen_version}" == "2.3.1" +%if "%{?tizen_version}" == "230" || "%{?tizen_version}" == "2.3.1" ################################################################################# ## Fido Sample App diff --git a/server/CMakeLists.txt b/server/CMakeLists.txt index 7dd8eda..2a18b24 100755 --- a/server/CMakeLists.txt +++ b/server/CMakeLists.txt @@ -15,6 +15,7 @@ pkg_check_modules(SERVER_pkgs REQUIRED libsoup-2.4 capi-appfw-app-manager capi-appfw-package-manager + pkgmgr-info openssl bundle libtzplatform-config @@ -31,6 +32,7 @@ pkg_check_modules(SERVER_pkgs REQUIRED libsoup-2.4 capi-appfw-app-manager capi-appfw-package-manager + pkgmgr-info openssl bundle ) diff --git a/server/fido_app_id_handler.c b/server/fido_app_id_handler.c index 70e347d..9aa01c0 100644 --- a/server/fido_app_id_handler.c +++ b/server/fido_app_id_handler.c @@ -27,6 +27,14 @@ #include #include #include +#include +#include +#include +#include +#include +#include +#include +#include #include "fido_internal_types.h" #include "fido_json_handler.h" @@ -54,6 +62,9 @@ typedef struct _cert_match_info { bool is_matched; } cert_match_info_s; +#ifdef WITH_JSON_BUILDER +static uid_t __get_uid_of_dbus_caller(GDBusMethodInvocation *invocation); +#endif static inline int __read_proc(const char *path, char *buf, int size) @@ -85,6 +96,29 @@ __read_proc(const char *path, char *buf, int size) return ret; } + +static char* +__get_appid(GDBusMethodInvocation *invocation, pid_t pid) +{ + char *app_id = calloc(1024, sizeof(char)); + +#ifdef WITH_JSON_BUILDER + uid_t uid = __get_uid_of_dbus_caller(invocation); + int ret = aul_app_get_appid_bypid_for_uid(pid, app_id, 1023, uid); +#else + int ret = aul_app_get_appid_bypid(pid, app_id, 1023); +#endif + + if (ret != AUL_R_OK) { + _ERR("AUL Get App ID failed [%d]", ret); + free(app_id); + + return NULL; + } + + return app_id; +} + static char* __get_appid_of_dbus_caller(GDBusMethodInvocation *invocation) { @@ -128,33 +162,47 @@ __get_appid_of_dbus_caller(GDBusMethodInvocation *invocation) g_variant_unref(response); - char *app_id = NULL; - int ret = app_manager_get_app_id(remote_pid, &app_id); + return __get_appid(invocation, remote_pid); +} - if (app_id == NULL) { - _ERR("app_manager_get_app_id for %d failed = %d", remote_pid, ret); +#ifdef WITH_JSON_BUILDER +static uid_t +__get_uid_of_dbus_caller(GDBusMethodInvocation *invocation) +{ + GError *error = NULL; + GDBusConnection *connection = NULL; + const gchar *sender = NULL; + + sender = g_dbus_method_invocation_get_sender(invocation); + if (!sender) { + _ERR("Failed to get sender"); + return 0; + } - /* Exception case : Daemons will not have app-ids, for them path will be set : /usr/bin/sample-service */ - char buf[128]; - int ret = 0; + connection = g_dbus_method_invocation_get_connection(invocation); + if (connection == NULL) { + _ERR("Failed to open connection for the invocation"); + return 0; + } - snprintf(buf, sizeof(buf), "/proc/%d/cmdline", upid); - ret = __read_proc(buf, buf, sizeof(buf)); - if (ret <= 0) { - _ERR("No proc directory (%d)\n", upid); - return NULL; - } + GVariant *result = g_dbus_connection_call_sync(connection, + "org.freedesktop.DBus", "/org/freedesktop/DBus", "org.freedesktop.DBus", + "GetConnectionUnixUser", g_variant_new("(s)", sender), G_VARIANT_TYPE("(u)"), + G_DBUS_CALL_FLAGS_NONE, -1, NULL, &error); - _INFO("Caller=[%s]", buf); + if (result != NULL) { + uid_t uid; + g_variant_get(result, "(u)", &uid); + g_variant_unref(result); - app_id = strdup(buf); + return uid; } - - return app_id; + return 0; } +#endif -/*tizen:pkg-key-hash:*/ +/*"tizen:pkg-key-hash:B64Encode(Sha256Digest())"*/ const char* __get_pub_key(const char *json_id_str) { @@ -189,79 +237,6 @@ __get_pub_key(const char *json_id_str) return pub_key; } -static bool -__cert_cb(package_info_h handle, package_cert_type_e cert_type, const char *cert_value, void *user_data) -{ - _INFO("__cert_cb start"); - - cert_match_info_s *cert_match_info = user_data; - - - _INFO("cert type = [%d]", cert_type); - _INFO("cert value = [%s]", cert_value); - - if (strcmp(cert_value, cert_match_info->cert_str) == 0) { - cert_match_info->is_matched = true; - _INFO("Comparison success"); - return false; - } - - return true; -} - -static bool -__verify_caller_id_with_author_cert(const char *caller_app_id, const char *json_id_str) -{ - _INFO("__verify_caller_id_with_author_cert start"); - - RET_IF_FAIL(caller_app_id != NULL, false); - RET_IF_FAIL(json_id_str != NULL, false); - - app_info_h app_info = NULL; - int ret = app_info_create(caller_app_id, &app_info); - if (ret != APP_MANAGER_ERROR_NONE) { - _ERR("app_info_create failed [%d]", ret); - return false; - } - - package_info_h pkg_info = NULL; - char *pkg_name = NULL; - - cert_match_info_s cert_match_info; - cert_match_info.is_matched = false; - - cert_match_info.cert_str = __get_pub_key(json_id_str); - CATCH_IF_FAIL(cert_match_info.cert_str != NULL); - - - _INFO("Before app_info_get_package"); - - ret = app_info_get_package(app_info, &pkg_name); - CATCH_IF_FAIL(ret == APP_MANAGER_ERROR_NONE); - - _INFO("Before package_info_create [%s]", pkg_name); - ret = package_info_create(pkg_name, &pkg_info); - CATCH_IF_FAIL(ret == APP_MANAGER_ERROR_NONE); - - _INFO("Before package_info_foreach_cert_info"); - package_info_foreach_cert_info(pkg_info, __cert_cb, &cert_match_info); - - _INFO("After foreach_cert_info"); - -CATCH : - app_info_destroy(app_info); - _INFO("After app_info_destroy"); - - package_info_destroy(pkg_info); - _INFO("After package_info_destroy"); - - SAFE_DELETE(pkg_name); - - _INFO("Before return"); - - return cert_match_info.is_matched; -} - static void __soup_cb(SoupSession *session, SoupMessage *msg, gpointer user_data) { @@ -295,24 +270,15 @@ __soup_cb(SoupSession *session, SoupMessage *msg, gpointer user_data) GList *app_id_list_iter = app_id_list; while (app_id_list_iter != NULL) { char *id = (char *)(app_id_list_iter->data); - - /*Try Rule = tizen:pkg-key-hash:*/ - bool is_cert_matched = - __verify_caller_id_with_author_cert(cb_data->caller_app_id, id); - if (is_cert_matched == true) { + _INFO("%s", id); + /*Rule = tizen:pkg-key-hash:*/ + if (strcmp(cb_data->caller_app_id, id) == 0) { real_app_id = strdup(id); error_code = FIDO_ERROR_NONE; + + _INFO("Match found"); break; - } else { - /*Try Rule = String comparison*/ - if (strcmp(cb_data->caller_app_id, id) == 0) { - real_app_id = strdup(id); - error_code = FIDO_ERROR_NONE; - break; - } } - - app_id_list_iter = app_id_list_iter->next; } @@ -355,6 +321,233 @@ __timer_expired(gpointer data) return FALSE; } +static char* +__b64_encode(unsigned char *input, int ip_len) +{ + RET_IF_FAIL(input != NULL, NULL); + RET_IF_FAIL(ip_len > 0, NULL); + + unsigned char *output = calloc(ip_len * 1.5, sizeof(char)); + + BIO *bmem = NULL; + BIO *b64 = NULL; + BUF_MEM *bptr = NULL; + b64 = BIO_new(BIO_f_base64()); + if (b64 == NULL) { + _ERR("BIO_new failed \n"); + free(output); + return NULL; + } + + BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); + + bmem = BIO_new(BIO_s_mem()); + b64 = BIO_push(b64, bmem); + BIO_write(b64, input, ip_len); + BIO_flush(b64); + BIO_get_mem_ptr(b64, &bptr); + + memcpy(output, bptr->data, bptr->length); + output[bptr->length] = 0; + + if(b64) + BIO_free_all(b64); + + return (char*)output; +} + +static int +__b64_decode(const char *encoded_data, int encoded_size, unsigned char **decoded_data, int *decoded_size) +{ + RET_IF_FAIL(encoded_data != NULL, -1); + + //_INFO("%s", encoded_data); + + int len = 0; + *decoded_size = encoded_size; + + (*decoded_data) = (unsigned char *) calloc((*decoded_size) * 1.5, sizeof(char)); + + BIO *bmem = BIO_new_mem_buf((void *) encoded_data, (*decoded_size)); + + BIO *bioCmd = BIO_new(BIO_f_base64()); + + BIO_set_flags(bioCmd, BIO_FLAGS_BASE64_NO_NL); + + bmem = BIO_push(bioCmd, bmem); + + len = BIO_read(bmem, (void *) (*decoded_data), (*decoded_size)); + _INFO("%d", len); + + *decoded_size = len; + + BIO_free_all(bmem); + + _INFO(""); + + return 0; +} + +static char* +__get_pub_key_from_cert(const char *cert_b64) +{ + RET_IF_FAIL(cert_b64 != NULL, NULL); + + unsigned char pubkey_der_digest[SHA256_DIGEST_LENGTH] = {0, }; + + unsigned char* cert_raw = NULL;//calloc(strlen(cert_b64) * 1.5, sizeof(char)); + + int cert_raw_len = 0; + + int ret = __b64_decode(cert_b64, strlen(cert_b64), &cert_raw, &cert_raw_len); + if (ret != 0) { + _ERR("__b64_decode failed"); + free(cert_raw); + + return NULL; + } + + X509 *x509 = d2i_X509(NULL, (const unsigned char **)(&cert_raw), cert_raw_len); + if (x509 == NULL) { + _ERR("d2i_X509 failed"); + free(cert_raw); + return NULL; + } + + int der_len = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), NULL); + if (der_len <= 0) { + _ERR("i2d_X509_PUBKEY failed"); + free(cert_raw); + return NULL; + } + + unsigned char* der_pubkey = NULL; + + unsigned char* der_pubkey_temp = NULL; + + int hashed_len = 0; + + der_pubkey_temp = der_pubkey = (unsigned char*)OPENSSL_malloc(der_len); + + i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), (unsigned char **)&der_pubkey_temp); + + ret = EVP_Digest(der_pubkey, der_len, pubkey_der_digest, (unsigned int*)&hashed_len, EVP_sha256(), NULL); + + if (ret != 1 ) { + _ERR("EVP_Digest failed"); + OPENSSL_free(der_pubkey); + + return NULL; + } + + char *pub_key = __b64_encode(pubkey_der_digest, (int)hashed_len); + + OPENSSL_free(der_pubkey); + + return pub_key; +} + +/*tizen:pkg-key-hash:*/ +static char* +__get_tz_facet_id_of_caller(const char *caller_app_id, GDBusMethodInvocation *invocation) +{ + RET_IF_FAIL(caller_app_id != NULL, NULL); + +#ifdef WITH_JSON_BUILDER + uid_t uid = __get_uid_of_dbus_caller(invocation); + _INFO("Caller uid =[%d]", uid); +#endif + + pkgmgrinfo_pkginfo_h handle = NULL; + +#ifdef WITH_JSON_BUILDER + int ret = pkgmgrinfo_pkginfo_get_usr_pkginfo(caller_app_id, uid, &handle); +#else + int ret = pkgmgrinfo_pkginfo_get_pkginfo(caller_app_id, &handle); +#endif + + if (ret < 0) { + _ERR("Get Pkg Info Failed failed [%d]", ret); + return NULL; + } + + _INFO(""); + + char *pkgid = NULL; + ret = pkgmgrinfo_pkginfo_get_pkgid(handle, &pkgid); + if (ret != PMINFO_R_OK) { + + _ERR("pkgmgrinfo_pkginfo_get_pkgid failed [%d]", ret); + pkgmgrinfo_pkginfo_destroy_pkginfo(handle); + return NULL; + } + + _INFO(""); + + pkgmgrinfo_certinfo_h cert_handle; + const char *author_cert = NULL; + ret = pkgmgrinfo_pkginfo_create_certinfo(&cert_handle); + if (ret != PMINFO_R_OK) { + _ERR(""); + pkgmgrinfo_pkginfo_destroy_pkginfo(handle); + return NULL; + } + + _INFO(""); + +#ifdef WITH_JSON_BUILDER + ret = pkgmgrinfo_pkginfo_load_certinfo(pkgid, cert_handle, uid); +#else + ret = pkgmgrinfo_pkginfo_load_certinfo(pkgid, cert_handle); +#endif + + if (ret != PMINFO_R_OK) { + _ERR(""); + pkgmgrinfo_pkginfo_destroy_certinfo(cert_handle); + pkgmgrinfo_pkginfo_destroy_pkginfo(handle); + return NULL; + } + + _INFO(""); + + ret = pkgmgrinfo_pkginfo_get_cert_value(cert_handle, PMINFO_AUTHOR_ROOT_CERT, &author_cert); + if (ret != PMINFO_R_OK) { + pkgmgrinfo_pkginfo_destroy_certinfo(cert_handle); + _ERR(""); + pkgmgrinfo_pkginfo_destroy_pkginfo(handle); + return NULL; + } + + /*_INFO("Author Root Cert=%s", author_cert);*/ + + _INFO(""); + + char *author_cert_hash = NULL; + char *tz_facet_id = NULL; + int tz_facet_id_max_len = -1; + + + author_cert_hash = __get_pub_key_from_cert(author_cert); + _INFO(""); + CATCH_IF_FAIL(author_cert_hash != NULL); + + tz_facet_id_max_len = strlen(author_cert_hash) + 128; + tz_facet_id = (char*)(calloc(1, tz_facet_id_max_len)); + snprintf(tz_facet_id, tz_facet_id_max_len, "%s:%s", "tizen:pkg-key-hash", + author_cert_hash); + _INFO(""); + + +CATCH : + + _INFO("Before return"); + + pkgmgrinfo_pkginfo_destroy_certinfo(cert_handle); + pkgmgrinfo_pkginfo_destroy_pkginfo(handle); + _INFO(""); + return tz_facet_id; +} + int _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocation, _facet_id_cb cb, void *user_data) { @@ -369,31 +562,49 @@ _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocati if (cb_data == NULL) return FIDO_ERROR_OUT_OF_MEMORY; - cb_data->caller_app_id = app_id; + /* Tizen Facet Id is: + * "tizen:pkg-key-hash:B64Encode(Sha256Digest())" + */ + cb_data->caller_app_id = __get_tz_facet_id_of_caller(app_id, invocation); + if (cb_data->caller_app_id == NULL) { + SAFE_DELETE(cb_data); + return FIDO_ERROR_PERMISSION_DENIED; + } + _INFO("Caller's Facet Id=%s", cb_data->caller_app_id); + cb_data->cb = cb; cb_data->user_data = user_data; + /*Case 1: UAF JSON does not have appID, so no check is required, put facetid*/ if (uaf_app_id == NULL) { - cb_data->real_app_id = strdup(app_id); - g_timeout_add(2, __timer_expired, cb_data); - return FIDO_ERROR_NONE; + _INFO("UAF msg does not have appID"); + cb_data->real_app_id = __get_tz_facet_id_of_caller(app_id, invocation); + g_timeout_add(2, __timer_expired, cb_data); + return FIDO_ERROR_NONE; } + /*Case 2: Try assuming UAF JSON is not URL, so string comparison check is required*/ + if (strcmp(cb_data->caller_app_id, uaf_app_id) == 0) { + _INFO("UAF msg has direct appID"); - SoupURI *parsed_uri = soup_uri_new(uaf_app_id); + cb_data->real_app_id = strdup(uaf_app_id); + g_timeout_add(2, __timer_expired, cb_data); + return FIDO_ERROR_NONE; + } + + SoupURI *parsed_uri = soup_uri_new(uaf_app_id); if (parsed_uri == NULL) { - if (strcmp(app_id, uaf_app_id) == 0) { - cb_data->real_app_id = strdup(uaf_app_id); - g_timeout_add(2, __timer_expired, cb_data); - return FIDO_ERROR_NONE; - } else { - _free_app_id_cb_data(cb_data); - return FIDO_ERROR_PERMISSION_DENIED; - } + _INFO("soup_uri_new failed"); + _free_app_id_cb_data(cb_data); + return FIDO_ERROR_PERMISSION_DENIED; } + _INFO("UAF msg has appID url"); + /* Case 3: UAF JSON is URL, so fetch the json from this url, then look for + * tizen:pkg-key-hash in "ids" array, allow only if its matched with the caller's value. + */ const char *scheme = soup_uri_get_scheme(parsed_uri); if (scheme == NULL) { _free_app_id_cb_data(cb_data); diff --git a/test/3_0_Sample_App/FIDOSample/.cproject b/test/3_0_Sample_App/FIDOSample/.cproject new file mode 100644 index 0000000..66188ab --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/.cproject @@ -0,0 +1,576 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/test/3_0_Sample_App/FIDOSample/.exportMap b/test/3_0_Sample_App/FIDOSample/.exportMap new file mode 100644 index 0000000..43e310e --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/.exportMap @@ -0,0 +1,4 @@ +{ + global: main; + local: *; +}; diff --git a/test/3_0_Sample_App/FIDOSample/.package-stamp b/test/3_0_Sample_App/FIDOSample/.package-stamp new file mode 100644 index 0000000..40cbe59 --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/.package-stamp @@ -0,0 +1 @@ +TPK \ No newline at end of file diff --git a/test/3_0_Sample_App/FIDOSample/.project b/test/3_0_Sample_App/FIDOSample/.project new file mode 100644 index 0000000..606d4fa --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/.project @@ -0,0 +1,26 @@ + + + FIDOSample + + + + + + org.eclipse.cdt.managedbuilder.core.genmakebuilder + + + + + org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder + full,incremental, + + + + + + org.eclipse.cdt.core.cnature + org.eclipse.cdt.core.ccnature + org.eclipse.cdt.managedbuilder.core.managedBuildNature + org.eclipse.cdt.managedbuilder.core.ScannerConfigNature + + diff --git a/test/3_0_Sample_App/FIDOSample/.sdk_delta.info b/test/3_0_Sample_App/FIDOSample/.sdk_delta.info new file mode 100644 index 0000000..e69de29 diff --git a/test/3_0_Sample_App/FIDOSample/.sign/.manifest.tmp b/test/3_0_Sample_App/FIDOSample/.sign/.manifest.tmp new file mode 100644 index 0000000..bbf5cfa --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/.sign/.manifest.tmp @@ -0,0 +1,7 @@ +bin/fidosample__DEL__WgEhVSg9CcEzEcnArIp4RnttTZSJLY8JtuzjawtTMjk= +res/auth_req.json__DEL__+VGOAwyOy463TeKoSBSvfJ5VI2Ia3Mph3MM+AO7CHgQ= +res/dereg_req.json__DEL__ZDmm6IvrmTiIUD1eBplxELwAvl7QZq/zgHzsWWdv1IU= +res/reg_req.json__DEL__5tGbcOSBn3LIbI0yLSbPYLB/25zDzUnw4Kf34csq9U4= +shared/res/fidosample.png__DEL__1d0oEZHqPn+QzNzGIHwj9ODby6x9ggFs9uOsav6jPNs= +tizen-manifest.xml__DEL__SztCZl9ir1jfrq9evt5W6XsJvDCfK7aEw4rWyS4/YA8= +author-signature.xml__DEL__JmdZWtHNu+p3bArd3tN6tW057xgoaLOGpAbYKDzQqKM= diff --git a/test/3_0_Sample_App/FIDOSample/.sign/author-signature.xml b/test/3_0_Sample_App/FIDOSample/.sign/author-signature.xml new file mode 100644 index 0000000..900db8f --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/.sign/author-signature.xml @@ -0,0 +1,78 @@ + + + + + + +WgEhVSg9CcEzEcnArIp4RnttTZSJLY8JtuzjawtTMjk= + + + ++VGOAwyOy463TeKoSBSvfJ5VI2Ia3Mph3MM+AO7CHgQ= + + + +ZDmm6IvrmTiIUD1eBplxELwAvl7QZq/zgHzsWWdv1IU= + + + +5tGbcOSBn3LIbI0yLSbPYLB/25zDzUnw4Kf34csq9U4= + + + +1d0oEZHqPn+QzNzGIHwj9ODby6x9ggFs9uOsav6jPNs= + + + +SztCZl9ir1jfrq9evt5W6XsJvDCfK7aEw4rWyS4/YA8= + + + + + + +lpo8tUDs054eLlBQXiDPVDVKfw30ZZdtkRs1jd7H5K8= + + + +cqfDRPjCXXaU1E04ZxNJl3rRdQnUh3G8Vk5+TmfzkmZYDyGxnTUoWPhOR7SJTfw8X99nyIvBhh73 +Kodr3bcDk6tnLC9gTwpfNLtVED2iaf/x6xeVhr5SHy8zzLjp8+sCwJSTopF+4NTH4CaTQSXozcbX +KmqJ86Rx8ZMpg6gNUW4= + + + + +MIIClTCCAX2gAwIBAgIGAVS+MxueMA0GCSqGSIb3DQEBBQUAMFYxGjAYBgNVBAoMEVRpemVuIEFz +c29jaWF0aW9uMRowGAYDVQQLDBFUaXplbiBBc3NvY2lhdGlvbjEcMBoGA1UEAwwTVGl6ZW4gRGV2 +ZWxvcGVycyBDQTAeFw0xMjExMDEwMDAwMDBaFw0xOTAxMDEwMDAwMDBaMBExDzANBgNVBAMMBmF1 +dGhvcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAl7bGdyZXMKz7qjMuDZ7jyYsib6xtlTgi +X6tVTwFoKF+NFAhhe6PDGOkQORdzSTXa0JbDNr58M2VbR1hA0ZMu4WOvrp0WQ/F9hm+DGKOrp7M1 +nIxSlI+mZc29ihoP5VV1BwB+Ua//7tE8dy3TdMgd+ynvIAC1H1Pct4ZbfHf+tIcCAwEAAaMyMDAw +DAYDVR0TAQH/BAIwADALBgNVHQ8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcN +AQEFBQADggEBAEpEhLMr7bbrHev5xc1YdTUUbA21iBSvcSDKo1iOUWIM0LlAYe2TVKbFWD5yR7ax +ICBpsjHAPVyWHavEPHMYKK2ML3/vZp+i4kZ/PI04hK3wAeRdmlFOsnfIAIKy+4TnJREU7YhmUWsn +8lmt6xfpDwwFZXo1Nu35U/raHw/vCAjQhtkcoUmzstl8UAsjihhGFRG3Zf3wh/gZU3M2bAMgAJdw +uaoMpWSe7SbhGY+xUD27sN0xPZUE7iqT9L/jS2SfklwoSgj7bB8UR9wNlQ1p+47YH7pkdsO8jlZ9 +B1VCzUBgSK1/4kiO4ReI4oAkPrJixa8C2cTasHEFww1Eo2lqyVM= + + +MIIDOTCCAiGgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMRowGAYDVQQKDBFUaXplbiBBc3NvY2lh +dGlvbjEaMBgGA1UECwwRVGl6ZW4gQXNzb2NpYXRpb24xHjAcBgNVBAMMFVRpemVuIERldmVsb3Bl +cnMgUm9vdDAeFw0xMjAxMDEwMDAwMDBaFw0yNzAxMDEwMDAwMDBaMFYxGjAYBgNVBAoMEVRpemVu +IEFzc29jaWF0aW9uMRowGAYDVQQLDBFUaXplbiBBc3NvY2lhdGlvbjEcMBoGA1UEAwwTVGl6ZW4g +RGV2ZWxvcGVycyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANVGhRGmMIUyBA7o +PCz8Sxut6z6HNkF4oDIuzuKaMzRYPeWodwe9O0gmqAkToQHfwg2giRhE5GoPld0fq+OYMMwSasCu +g8dwODx1eDeSYVuOLWRxpAmbTXOsSFi6VoWeyaPEm18JBHvZBsU5YQtgZ6Kp7MqzvQg3pXOxtajj +vyHxiatJl+xXrHgcXC1wgyG3buty7u/Fi2mvKXJ0PRJcCjjK81dqe/Vr20sRUCrbk02zbm5ggFt/ +jIEhV8wbFRQpliobc7J4dSTKhFfrqGM8rdd54LYhD7gSI1CFSe16pUXfcVR7FhJztRaiGLnCrwBE +dyTZ248+D4L/qR/D0axb3jcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC +AQEAnOXXQ/1O/QTDHyrmQDtFziqPY3xWlJBqJtEqXiT7Y+Ljpe66e+Ee/OjQMlZe8gu21/8cKklH +95RxjopMWCVedXDUbWdvS2+CdyvVW/quT2E0tjqIzXDekUTYwwhlPWlGxvfj3VsxqSFq3p8Brl04 +1Gx5RKAGyKVsMfTLhbbwSWwApuBUxYfcNpKwLWGPXkysu+HctY03OKv4/xKBnVWiN8ex/Sgesi0M ++OBAOMdZMPK32uJBTeKFx1xZgTLIhk45V0hPOomPjZloiv0LSS11eyd451ufjW0iHRE7WlpR6EvI +W6TFyZgMpQq+kg4hWl2SBTf3s2VI8Ygz7gj8TMlClg== + + + + + \ No newline at end of file diff --git a/test/3_0_Sample_App/FIDOSample/.sign/signature1.xml b/test/3_0_Sample_App/FIDOSample/.sign/signature1.xml new file mode 100644 index 0000000..919c9c2 --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/.sign/signature1.xml @@ -0,0 +1,80 @@ + + + + + + +JmdZWtHNu+p3bArd3tN6tW057xgoaLOGpAbYKDzQqKM= + + + +WgEhVSg9CcEzEcnArIp4RnttTZSJLY8JtuzjawtTMjk= + + + ++VGOAwyOy463TeKoSBSvfJ5VI2Ia3Mph3MM+AO7CHgQ= + + + +ZDmm6IvrmTiIUD1eBplxELwAvl7QZq/zgHzsWWdv1IU= + + + +5tGbcOSBn3LIbI0yLSbPYLB/25zDzUnw4Kf34csq9U4= + + + +1d0oEZHqPn+QzNzGIHwj9ODby6x9ggFs9uOsav6jPNs= + + + +SztCZl9ir1jfrq9evt5W6XsJvDCfK7aEw4rWyS4/YA8= + + + + + + +u/jU3U4Zm5ihTMSjKGlGYbWzDfRkGphPPHx3gJIYEJ4= + + + +iWznpDhncdeAURt1FwyK7CQyy8KyO5lEba/rUrzZVoYJwkgAM209CQS50LlXU+PkMiHXsBX3h/yy +WbWzZqAhCtpluG4pD6PdINeHlBzgvppAIwOq9e/M5ff5QDKdiIa1WzWEaPDXAEb11Jsb7D53iZJW +MR2VefMT89GBwcfJweQ= + + + + +MIICmzCCAgQCCQDXI7WLdVZwiTANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCS1IxDjAMBgNV +BAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6ZW4gVGVzdCBDQTEiMCAGA1UE +CwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwbVGl6ZW4gUHVibGljIERpc3Ry +aWJ1dG9yIENBMB4XDTEyMTAyOTEzMDMwNFoXDTIyMTAyNzEzMDMwNFowgZMxCzAJBgNVBAYTAktS +MQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3QgQ0Ex +IjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKDAmBgNVBAMMH1RpemVuIFB1Ymxp +YyBEaXN0cmlidXRvciBTaWduZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtMvlc5hENK +90ZdA+y66+Sy0enD1gpZDBh5T9RP0oRsptJv5jjNTseQbQi0SZOdOXb6J7iQdlBCtR343RpIEz8H +mrBy7mSY7mgwoU4EPpp4CTSUeAuKcmvrNOngTp5Hv7Ngf02TTHOLK3hZLpGayaDviyNZB5PdqQdB +hokKjzAzAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvGp1gxxAIlFfhJH1efjb9BJK/rtRkbYn9+Ez +GEbEULg1svsgnyWisFimI3uFvgI/swzr1eKVY3Sc8MQ3+Fdy3EkbDZ2+WAubhcEkorTWjzWz2fL1 +vKaYjeIsuEX6TVRUugHWudPzcEuQRLQf8ibZWjbQdBmpeQYBMg5x+xKLCJc= + + +MIICtDCCAh2gAwIBAgIJAMDbehElPNKvMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYDVQQGEwJLUjEO +MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSMw +IQYDVQQLDBpUVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEpMCcGA1UEAwwgVGl6ZW4gUHVibGlj +IERpc3RyaWJ1dG9yIFJvb3QgQ0EwHhcNMTIxMDI5MTMwMjUwWhcNMjIxMDI3MTMwMjUwWjCBjzEL +MAkGA1UEBhMCS1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6 +ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwb +VGl6ZW4gUHVibGljIERpc3RyaWJ1dG9yIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe +OTS/3nXvkDEmsFCJIvRlQ3RKDcxdWJJp625pFqHdmoJBdV+x6jl1raGK2Y1sp2Gdvpjc/z92yzAp +bE/UVLPh/tRNZPeGhzU4ejDDm7kzdr2f7Ia0U98K+OoY12ucwg7TYNItj9is7Cj4blGfuMDzd2ah +2AgnCGlwNwV/pv+uVQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACqJ +KO33YdoGudwanZIxMdXuxnnD9R6u72ltKk1S4zPfMJJv482CRGCI4FK6djhlsI4i0Lt1SVIJEed+ +yc3qckGm19dW+4xdlkekon7pViEBWuyHw8OWv3RXtTum1+PGHjBJ2eYY4ZKIpz73U/1NC16sTB/0 +VhfnkHwPltmrpYVe + + + + + \ No newline at end of file diff --git a/test/3_0_Sample_App/FIDOSample/.tproject b/test/3_0_Sample_App/FIDOSample/.tproject new file mode 100644 index 0000000..56660b2 --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/.tproject @@ -0,0 +1,12 @@ + + + + + mobile-3.0 + + + + + + + diff --git a/test/3_0_Sample_App/FIDOSample/inc/fidosample.h b/test/3_0_Sample_App/FIDOSample/inc/fidosample.h new file mode 100644 index 0000000..f38f214 --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/inc/fidosample.h @@ -0,0 +1,37 @@ +#ifndef __fidosample_H__ +#define __fidosample_H__ + +#include +#include +#include +#include +#include +#include + +#ifdef LOG_TAG +#undef LOG_TAG +#endif +#define LOG_TAG "fidosample" + +#if !defined(PACKAGE) +#define PACKAGE "org.example.fidosample" +#endif + +typedef struct appdata { + Evas_Object *win; + Evas_Object *conform; + Evas_Object *layout; + Evas_Object *nf; + Evas_Object *datetime; + Evas_Object *popup; + Evas_Object *button; + struct tm saved_time; +} appdata_s; + +void start_discover(void *data, Evas_Object *obj, void *event_info); +void start_check_policy(void *data, Evas_Object *obj, void *event_info); +void start_registration(void *data, Evas_Object *obj, void *event_info); +void start_auth(void *data, Evas_Object *obj, void *event_info); +void start_de_registration(void *data, Evas_Object *obj, void *event_info); + +#endif /* __fidosample_H__ */ diff --git a/test/3_0_Sample_App/FIDOSample/project_def.prop b/test/3_0_Sample_App/FIDOSample/project_def.prop new file mode 100644 index 0000000..eb187b9 --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/project_def.prop @@ -0,0 +1,11 @@ +APPNAME = fidosample + +type = app +profile = mobile-3.0 + +USER_SRCS = src/fidosample.c +USER_DEFS = +USER_INC_DIRS = inc +USER_OBJS = +USER_LIBS = +USER_EDCS = diff --git a/test/3_0_Sample_App/FIDOSample/res/auth_req.json b/test/3_0_Sample_App/FIDOSample/res/auth_req.json new file mode 100644 index 0000000..a88c287 --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/res/auth_req.json @@ -0,0 +1,49 @@ +[ + { + "header": { + "upv": { + "major": 1, + "minor": 0 + }, + "op": "Auth", + "serverData": "emKubKMS8RxYOth7J8enT_x7dQWBaO1CiC0fGmSEhX56kq2RYo1LRpwvfHlzYRI3p9Ay-l4zJcV3lX6rQ0CYNWi5nNDabClFm3k0pPj0kX5V-db9ejN_05y2J6wqztSD" + }, + "challenge": "1AM2yZY4-9SG4Ns7-hMdB8IV_FTDKFFiUqNJNVbsVoo", + "transaction": [ + { + "contentType": "text/plain", + "content": "VHJhbnNhY3Rpb24gQ29udGVudCBmb3IgVGVzdC4", + "tcDisplayPNGCharacteristics": [ + { + "width": 320, + "height": 240, + "bitDepth": 16, + "colorType": 2, + "compression": 0, + "filter": 0, + "interlace": 0 + } + ] + } + ], + "policy": { + "accepted": [ + [ + { + "aaid": [ + "0001#8001" + ] + } + ], + [ + { + "aaid": [ + "DDDD#F001" + ] + } + ] + ] + } + } +] + diff --git a/test/3_0_Sample_App/FIDOSample/res/dereg_req.json b/test/3_0_Sample_App/FIDOSample/res/dereg_req.json new file mode 100644 index 0000000..97e5ce7 --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/res/dereg_req.json @@ -0,0 +1,17 @@ +[ + { + "header": { + "upv": { + "major": "1", + "minor": "0" + }, + "op": "Dereg" + }, + "authenticators": [ + { + "aaid": "0001#8001", + "keyID": "uWrbo_8JI1HmPESrNAStTVV8ZbBrzLsf_kZu1QKX2YY" + } + ] + } +] diff --git a/test/3_0_Sample_App/FIDOSample/res/reg_req.json b/test/3_0_Sample_App/FIDOSample/res/reg_req.json new file mode 100644 index 0000000..954e0e7 --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/res/reg_req.json @@ -0,0 +1,32 @@ +[ + { + "header": { + "upv": { + "major": 1, + "minor": 0 + }, +"op":"Reg", + "serverData": "nwV8EPqS5raZdAgH3GD9Z-ytCA9MkiiWaCsr1GHHNJ2yUh3HaV1HHxd4Z67FefJOD5sQYZvipfg5BavhdWPMecD2SH39aJixoXN9ZaNwRlcftJe9WbtPNDC9q5V9WX7Z5jCwkAwehcI" + }, + "challenge": "9pIcUwwrY5eD9o3OwfhkeHLnoIl0vaeJUbxSHMe_XgE", +"username":"ryan", + "policy": { + "accepted": [ + [ + { + "aaid": [ + "0001#8001" + ] + } + ], + [ + { + "aaid": [ + "DDDD#F001" + ] + } + ] + ] + } + } +] diff --git a/test/3_0_Sample_App/FIDOSample/shared/res/fidosample.png b/test/3_0_Sample_App/FIDOSample/shared/res/fidosample.png new file mode 100644 index 0000000000000000000000000000000000000000..9765b1bda7e5bddf0925555ab204b887a873bf24 GIT binary patch literal 57662 zcmdU&2Y{Bv)wXAQhoyJerGpfaq9DE5J1S~atXN|Avn3kQ*!`l$D2ie%v3Ct9iU9$! zARxVWkS4wCvh_dLJny{>uV6_upZ~zTGjrz5nKS2}_RLfEz7vl>A}6zMrgJXms3ZHI zY~lal(^KvD>g2b^T99$|k!M`zTvj!Ff*bL4ZRavixU^rt6HmP4s_U=1?vksn&O54K zzr3rjz3Spie}9p4H!U1_%FscltgqRlVCl}j$J~4S-;TNJ8N(x+7h3`nl`#k2P&{pByWKUm|WHre-Q&QDvN|NLL>eBs{vzbanwhZioN zJGS84sb!<)^<4YLj*;(APaB_}{rHg`PwISo_N#pxR#|@M=aVL{SlzDou*{}cyWI5m zFU-HLv`K<1ysdlpgBp)d`cVb&Nq{W}Uo#k#HS@`5165LsT%de5} z>?1C(+C}&Fcb6RQ-k5&c{R7 zy7#VDF8L2`$QMnT+~ofJq^mw~`{~`c9rRZ2+SX>NC*SKnrfJs!!_G=?drjKur?+d^ za@tX~4yxYeyu|ZH^lmrd<|peMGOSbO`OD}^=eFH2 zF15Vz`RA`HTQmLjt9v`Q;`-ZWl(lL9e%;#-Prdz$vgey^PQK)vtY`nH;DL+ZtK55( zdv^W8(|25rZ3aB|@R$V))~sGV|L945&pPj`({C*sI^o>$rQvN1Z=raO>);PO5s%U;2-D zaK|ApHomX#Ut4|FY-ag|E0?t?PU^X=vwP>Vo(X?=r0pwbUy!u>m=?K%uOGj%z`5-o zU-jwimgz~iUvlS)={J^d=~a5fv(4P?7a#T4Yn(f$f75n@zIwmc=jqP%e|A{wcly-Z z`DyJo<5TN@nzH!Qtdb#J{@l0eqzQd<`(|Evd;M#Nw0h%?zAf*b`c8w^L)y>o-JsL> zlP9wA`t1$o5 zBa^E>&@}JMd#j(+_?SmJAKBsL`v>KndSrv`J+4jcde83$e)P!UU${f=D7ky=5gqMx?DE{&Z(hHo^1_FD_WS(c z@#|`*b)5A3gWFA>*!SJT+GIR>!IXC!zmfg=7-QI$QDYM*~dhkFJe z*`~?dst;9bpZkY<`%OBuY1RAs9nxaV!-+?|`;S30tIixa^U9N(tZ(z`Q=N{i+vL$N z7hZVzdud(&)+Xtyw@>iD~U1v@1noes{ zFM8sTKBvAg;^ZZ-JU6IH=ZDVh`{r|_Pk#HPdtRy5>3>FaoqA`@qmFs;&F3GRRriuw zmlRz3_PXmosH)iMDUE|Kr?;YB*&QrD1Y7eb*W9_$} zIQFGFvmU7P`JjUj?XdBQwNF-l@~Tq@w;tX4k2N0oD)X_UA8Y(m{mP8syjtLL0@>std)?Rd(nS2Jcm{`#q}jXZJVDfLbn`s(4Y-1FMdSFRe=>mRqB zQF>qM85574ctXE_ob>Fw=dKz%IWOyiI`7}qCjauB*YEzHVVx&6e|PGFKi<&#<0ncR zeEdL<*Is?DYrl?1cRc<5lXv{>;$CU1p17v)>FbZrSljaD;X7`-e`)nCtyZ?G_fn^0 z$8@;pcbC8R`0&REzkcNFC%t~e#!tGuwdv)NFMTrL<1>nfRqFHk(Jg-0;)tOSO-mWM z_LK#uEO|Ne<(kL!=(g*vcCTIjV!h`+?tkOBD_`FH#54ao=k{lgz3SzqH-ECWsQ#_( zO9z!+QS|bzBeDmlzMtJRby4=T+TB0ve9cwe8?^s?(YBNNojtL4zZcJY?7ZPC{`|<8 z8Qou)Gw^>0R(|l($-i6Gbk!A;ubBKo^VH_~&5t>5!*QEOoP6Avms-7a__2o{`}x$b zr#?S*?vtIL>d|4|A#0yn`_#OrmVGef%$v?^Gy0X$A6|6Sd#lfU>5R>z$6k5YnO)C# zaqy{Up8fv7H%GqNZ0^Tze*AKkm&Y9c=<%;VGk563ceaiGa`dYo)Olyk{M1EnjlN>^ zt>+Crzt+$XK6`88=0`ty^wy7V{om3aX*u^SsPuY+GaKA?-9N9b-tDw*OGiw5dULN^ zKim2E`u0NyPtTn`zvHUW)uyzXbm_=bo|<*U&{{*sTzBV=dmp&(m^-Gl8{V_sQ}re< z`Qnq+M_<3|nzL8jGIQ6+r`~^R!lqXiy}h~1=1Vu_SwSx1u)atpr=e2)d)pJ$% zLzf=1^o(=AK6LyCUwkm-go#%@bM9Ts`u(X%`Gw`Tl+SQ4-`*@?XwrSd`V2cOvAFP- zKjx47ORsK=F53Oxf=zuMe0EHq8hswR*juwcHXz=JuvaM>=t+3bJyv2_xj7#_YST*qr>pdH_lkx@499Ei~2v_f9X?0JDkw< z?Y2jEZr$^>c9(Tuc<4u+KI%2O-Nk2oJ!kO9!AJf6nEGAYwSKG1mB0VjvXV_Z?pZl< zW!9=c)Ow=*7iV96^K;WC?7Zvcny3_{09TwNGyAS86`kY(vBH+}v7SBoA#^yw{s zFW*#kLe&+29sT0n$DH1_!QgK{dE>IK?{&ZC=0%ySYNQ-=_i3qbbpP=F(XFqTbHeMJ zP9Of(ZJ#v1<+#g-o%88ecYHc3;qr}Hr)I9X>(-5n=WROsgu(64ST^dsqPs`d>sjNz z``@a*sMhcrf12NN@l9*$-E-AfnL*e;B*F(|2*KGPcX=YMsT9Znn=Z%>?r@_n~gHC>E?m-)msPuWGf0d2ga%0<^E;*=WtUaHYRgBt*RPm4p!|WghmSpc+V8f1c>VVG7Okmv`iG~Fc)Q!VS8TX`L-(>r zXPxl*$4`Ge;;k{iyL`;%TRs`}hl>l=*L&vBX-jr~a`U#D<#Xpe)3wKvPj=jLRl#Qk zyOz~la@(~nN~cZvc)^V=HorOcgt6!D?7gYaf__WxnbYg6vc>baEdJAF<8OR+$Be~C z6r|pD=k&5ic0E+NU&=#IJ~ZX-oVzzZb6C%=U03$Hwsd{T%l)QbIKBBZwaT6^oAOqz zn(c2ZoU?J>v>8v#cy9Ri;g62H;*T$uZWzC@&fAM7Png{BUtiwTvBNn#Pb=Q^>5YqT zY_R2pWtC4@{l~mNwJg76&%3)$`R3)~N9#QLXnAtd6FW*S=-76V?Kkr-IP&D4Mz_yQf&Wh47dMTpt?0I)agY+wM0#Qez+jqzAB7t5&&n>(x6tB{`*gQc}_( ziHV8LQd3hiGcqzOS@QdeADY`(-57430* z_7u6o!a`S2P+;kz-Nv`bc&3$`b6HuL9-!U3cY8qg>;arT9xMaH;jz7d3;|9~ zPIh=YKw4T_h0n~)^c`UPjva3IuHBAs`}Xa{CTn(SNy)fv+qORc#TQ>Nl1t1p;{Q*l z>fbb|rktkMl&J`)CsmG_KrnRVAB{!jJ)v7K#JKK+>UAuNU{0=iXz~LB` zfXAqm3)93y2VY1F1KC8UvH*HKj+-p1rfOvaYdF*}F=WDk;^fRdY7CnlZOBTHMZ^JN>j74-RR8 z5`ro|(ZnNq7>b8!Su-mJBM!(pIXSL!<;pHMH`nyo<-Xgr$!*!P*|04dZyoHRi4!J_ zH+jY88NL6tsrferY6xcEe*Mn0Dey|$@U*K{tEOXA0^%k!+_r7oDhw+SFmk*TV1(o| zas|}>8g5{C5n&$u;1SA#DdZuK5nR1`br1BW&70l&^&6Zm0W%8=3jX@ZCu3i-BL6jT zL*0CX(D%RCseGNLgr?b)zWw?SPEAX_!PdxD_3G7iSvJjW*s#HEHbY@NbPJUhND4#U z#YY~Vv}kH9p~^}=BQu`v3HBqNP>$-9{2DcCcz~Inzg@eIX?p&iJ%#s;{rKZoOa$Qm zs?&0)oAmy#f@%t|;HC8H-Mg!e$_KKtvpY3xP~Wk8UAuOz2NRuhb>QUL}A zf*pW}<8hi&mFJ1}gW&}xG?iBks8y?$v!=S$tJk>o8#b)B9o4O4$A0|0@&2NtHr^)a@~eSrmHE-xq)C%X&0Dm1 zDl;?dr2PE61iRLAD_5@ch6_g+29cAopot#R5G}gO5W>USrfHKf_t+sWvuPW*@ui1d z*`~GrdenBo?cCDl7S<|A2v4T4ToK=jG?KLtHR_z6VrgX$xMXiZ}{}MuwM>fX6_}qm0TyXR2jgCJt|T z%R^nI8%DUq{5Gz{4tI-7t)Ai{FJH3*b>XE4Ax=6F;^61hNp(Zl`VLKWbu{u-R(V{O z*$8#mA-{2cquksoAKG$srHM~9-d`RAHO9B#Km0*K+XSWe?%n5awzD15v}u!sEp~ar zW(XJGa2l`r$sT8mOFVX{OF8Tqmt>~0gMF7`qckbWoUoC}Tr-`X7`Gv57pYvM~BAZ@~v>esKI)23~^S1VPnG_Y}Ao?EeEg+B$N2%yLi zq)|o+g@%v;#KR~F4Wu$`hB#p&O_|c#Os(T;28NU!Ae7sPGGMLS_n5Z%z7_Tk8+oiu^LqE`TYt{%S*IEA4&#k3nkDex z41W<&O`#;)5LId3qUGos)vI^5%N4hH@ghGJY822w8b>3E%Mr&g&~X?;Wk?f;CSyUv zDBMxOF@lOZ9_7l8xzvx&a+_+sDC`*YeLDg0MulHSrcOMvaneh=D1?p|KcN7mocM@K zSK{y}FO5Yugv9n&hc(F6P z8DC;&Q**5G547^%8Sj4t?0*ERDUj5xS+lAQ8|96uQKM!%c9nMDu>u$jL?hK80R)Xa z8Z90g99}|Te9|&9an?^9#w@Pi$}K(eI+tw+7)ds@h9fh?2O!WxP)W!4VrZIr$&)cC&y*`elplJ$Tik7k zOEtT*yNwM+2BtatF%?jwyo^!GShY@6V)~dI*5ds+>8(70DV<4&U=qix+>h~v?V()) zoAS$-FL!x)c~srblA~;CVZ?4XzF+~7W6Zedgolb z4nr{<3dc7X#nosUg9kj($cM)Ch$F2KV{*w-0r2rxxi31N8-Zzn`b!qVQoEe7uvj!( zTS-HQ=JAfnmOg}`mtKT&)Gt6)PI-jrOgqG6*jCX90h`Xsh^=I&UDc{q?cDmH zgWkZtR^Pvc&(AIttB6DS$8vKk_v6}Y*|KF`Pa3U}20=zpgUEx14;zmWLqm!m8M^gG ze9y@@xk)v;yQ~BoHP(p*pdHQFRXn4%%(2S_%!)8ZXS`CsyZ}_1kb0pLk|r*F6_OXm z(MxGU%HVP0rL8#faiLt*3oiqMJ&9fN^y}TH&*R3LVr70dMn7x%wF=NGxnIBjSJ~45 z=Wr(6CTH9-8!qE?&h6aqvpVh!XvV{Nke>(8Hxh_8KwE4T)RK}u<>zTOe=qq`&pox#H60RdiTi4%ovuRmzQ97A1Xi$d!Op3 z@i+lXTn&&RNsEts8VU`gvHlU(ZFi`9u}WX-PR1JpG*Ud8R<$u=e6W66H$s$miX}2V zbNLgyIZh_VmO}^9p)SfJBrnuGzHG=N0K@VJiqk$hfz0KO0h_RR$&z6`di0z&apHvW z#zTmJCN4UeV*r?cLBM zxNkaNVDqp&R+3ugifn`$wg%l^#{}iK6wyHS8ziIn{{(EHY)1C_pp)v{E8&M@@T(na z7h&j>Ry)ExXaY~2L43%?QC_wo&BFpVaMG77UHWw6#*I5!K0D&Qy%44YxSs^738V!n z&6+oV%5I%C;xWqb)>f3gx95|_qqvkO#5mAVp0o^wZjvE>MihK4I(2j7wwanKHqxw9 z+gP&s&k7JXpoCp=%*GrtMANX<51;WE$#KO@{oxvBqzWfvLy!&?nHEu-pdm*9s14Ge z{7{zC)Qep4iAS>FLl$&+ctVng-)h#V*~kixusb_v7`@13(CQy_H2bHxq&|K7o|BVP z>BK5_Zn<$I570$UKq*8ayc&R#`}6R_BM*=CB~*HAO?xS`pv2B`t+CK;SIY*e*gCD> zAX&ULw$o*EWV39v>-F*2VSX$woe8CrXy}8-`0QwPP{H*wUTL1v;Ov;R07Zt{p*SN` zqZ51JNULqCpAZ+ORTewvn$mpJgxkB(GRDADHks>w;och;+0 zCxIPWIPD^u#;E~eRZpy)KGLEqR9=`St~6zk ziA_{Ld9o2Sbiq!cEm`IoG-!~pd*`lU7QSWmY_)PfI1T?Gs3rj0q%_LQd$eY)nzi&m zn3N)0U`ctU389Hjqi~d^TqJt0aiZMl7eL|5$f<1Lm{IM2q8Zz7h)iQz#58PMLd!E1 z{jN7E3j`iW1Df|OBIp4%mLKR8ubcFWr$;3tUCC4DAjAt8_>jTKW;EkMS&GwXv>J(vKXc%}H(e>&#aNA4m;C{D(oXQ$$9tdLWIloUJm> zXGiOq^rLR-#CRAPAL`?aSsUUV?NT0b%7o>R4-neu3E;3^$)rQ5yz*rS)dMd#02(!F zWH~l*=JuEdGEGa0%PF;K{cUhpOT)D{y^P2brM&vUR_aC3ZRf0MkZ+# z1vGf1pg>e!sIY_rB91bW*{or0w=>6p*|f(c7THC;X~eo}OQ`jXXtb7FJ;heWH1Xw= zEYI(DEuTpWR&sWiC%arL8yegfupjhR2c&*E(nr&i|?A$#qyRsQO z)0Jdbv-)g$-?7#0+Op9V?u^cvEJZUPGQIro&N~#g$Nm=61aVQ=->ca5IXjn7X zmDR{}Im_&Nb$0}6GzUi|Y@9?>u?LnBV{%z84NTtwVzN2yEi+J&iF_Qo$YX4b&Zr`e zBThS^bIOCOTsha5shv^c(lc`0)E&9*>+%L}?5<3=-Q<;}*}Y%uoQ*QeU7L+lotycI z+q!tRZ!2|k#lVAabRgP|eCV=)Yyu4jT{LWB4~x63?5xA=H1G6J$B%!}SoVAEx?fOD z7?w`4(Q{Mv>ecLtxYb@bMj(qyiOUgJuU1H&=xPK&OG%ZD54lf@{Hj%|xbl=NcX;z^ zuEV_DZo-;ES1r{>r4=Z3cHC$PmKsndkonv;P!nq9q#&Q(X5=^WC9s zTDp39OXce{t?rn<4)D@AqXSWjZ6 zNyMCqZi#ikCE16&w0_-P=Z-U7+QgS!!HW4_4v*b%sY0iT%)GaQQ@`vZT|)b?w%TZA zI=f2T3U)d(_1~mJ^!z7-G!qHT(Nbq zjG9(khTS4eNp_{?%V@hjN0V&RL<-Ztb*M?X2fN%;4t5=A#?Z?t|7R1+4B(v*}dc|nOM;N)Zg(y)bIG!)v5SiO3~( z>(;Hez1Px)Ib01DD1-olCoZ}`QW{0Yhgk6=4<16rm8Y_VfLf(Wt}84xgJx#Cdrxj= z#@JmHYEPX;F0+L%;iexIGk=-@7!fi&U6`d>}BU%1JraZ161?T2#o->mU|#0Kt0Cb>;X>3KCoGP3Xi|q6&`n` z9eYOCxGZtlnq9JH2#rkiL=O!DLf!@hAH&H$_hlQ5IJXbM8j@(Q;MYt}N$yi(2GUeO zna~haNJXM6uIWm2LMap)6N8CIa-qdu&G*-2j1s1%RGZ?g?beB$8-8AUH*U^Gw{Gn= zSF27XS7fURl9+ZAjVaL;xn>LBa;?hOyDU4-_1~ zU$e*$64p!Fjm^+iI--trmumJJhqLco^tR{2YR;WImo+k)pDhw0BTlnj&04iCvzL5Q z=sEivRiZH}soX1XA#w5u$rGPw3ROnsM3)NCc{Y~DF$E$k+14~%)tof<=GC2D$<_i_ zu)WYF+qA`qO)1>tDs5ZtI)3q>Ym@k$FU#?o0F`Vy9mc^cP8i0OPZ>JgMI)xUZ`T#L zI`wQVH{I9_mHIW*OlR1XgO<_hT!0mgOp6=A$32(=H_A75pO;jpkxRd3xJ&JQYK0E0 zv)Y_WZ^95@(yXmEqovfSS@SYW?t^1R!U~~Ra#CXAi5L=tsKE%KfuUE=0VJG2L=1d{ zc;&;RIHC9zl8+;gZ9CI%xUNLG&UJ5D!`*UfGq-ug77u2!=~-{n7p~{(H(g6Rte|cV z!qr(+Cv*X}KM+G2N2~BZ_Tggp^1oKP+D)tZvt|xD%9(OKsMbzPmw}x9-wR?4z&bovvG&UPOBybGt_g!b** zH&04RZn4{X3x(tq$3PMGk@2Yz8eTjqLkJyX32104BRLAWE~F7mxjZ+_D}lNbLOD73 z|9n~-H*WSuH*4xL*EV~qYmrspa_xYC>uKtf!w~2tK&6Z7Bn;zGIWEJ}+~;%GyDMIp z<0{z*O|;9EBBoith8kKnI?JuBzr}|P`^S{4sWuv|q|FAFzc)`b=&?NV&8Kzj6dy{9v&K0S{j|ej6A=k z>ss=v2NXWL-?-20B15QN((3gZm86NwlTNjB#+`P=chhs@Y`bcY(d4Asp#~$8O%dxU zQ?N#9)HVRB7^yxU0p%}mJa`d^6>F}67>!neYvoNyN~J2U&gJ*Gs>hsDp;M@L7)Mv0 zfzGX5DIqf}>l`yrg<->yYW7aH&)V!IVNg86WE_mksDg$g1Q3k^z+l>>9AyYmAar3` z@(BT)sh4+6xU>j$p*-cv?4Y5zxX`s|RKpD!GQ>Ui+;d(BMm2TEJIWvzU5FFn4iuIe zPWRq>udBOqnQNBS!R>O<5ur6CHaZC-a2c&8$OGitYH>y#WPrx+LpOrxCN7HmFh;jb zz^#4CP`7#1^M0nnuAvLVp{;hz+t16_6k}a#>s5i z!Bs!<43}K9eg&vh$Rf{rz_yz>yp)$iN%-U$!8`WEB(?xf6~* z&b4aU(w`M;=PaJE9^$kM8S>B+55rL(e&klITH{|B?v^muHD39e-&HfSX$`HojPW2E zIMzHr3M~Y*eMe*rJOS-_qG>;xt|LIBj$j>c!)mwn&EfuIA)2k!DY3siwxO-enr5rE z_Q*@FnZ;_^dySK5>)25_m2#5x78#ioqVXY^&=J(?hDZHlm{m`?-0fOA$L*T^h1)fK zqAOgz7#2S|kfo>UxrhfSWZ@KIPyhi?p73Xb#Me*4Q7WJa;oqCKFIC@svpe(5Gd*Zb zN0h|~ICwR!tE|tk9~p(TbYaK;!V51{?4H?$w@xc|IrB!iMNLn1>(g7o9f2F$^?CqV zQ$4`3(2xb(c-r0#(!RjEb<14Q+|S+a#WP%z#kqk{Xfr1IOE-nI4LXiEOQ78(NVa3u zqihL!-pHkzYpwo-p7wb-x4meaFQ6X@lOT-4)VOW-6lY7cf21VIuD7xqv~(Fqp6iO% zEO&+TzH)^#Cc2_!v;AHh1G4r~7I`|s(MZ(vZFlzl)Tv1O})LZ4%LCGVIBQD;1?zzXe4H-BNEm+^1)~V*Iu6oza-MYxlJLpt!rC@AS zS{NIl-vbh0_sIiH|1e(xYEoiSaz}0D#jGBWAPfTt2*i*(CXI4Q%?|OS)juj?orh;*f=0>f%h3(QrORAC!)30T?NXObca@8GdLXMbZs2udx!`sh`k^QFX&^~o z(rPm_Iq8PJ#I3DOEzi1=t*J&#Xn*j*O|5VSJvH7*Acb*+_+&eeEnGCiB{b_01JW)J z3{Xa`)e!+~VEZThpjD~s%DSB3$~vFm%C~KFiA$!rw3+{MDJ$ogylDMC%&rNu?PHR1 zD69I_Xwmi;UVr`d?y}1+^ZGHu7zvbrvu2*L6&Wy<4tjy6IMozm0+ zADx9WWoCh@1?yeI*>Ah5*>)+l#n#{1<6ON7e|HU+PI7rE#jZikYTjlH7RoRxnckU6 z@W@oCHYm-k2~D21h)3~|m$nxb6;HJX)4pN)1+mu2w%FRD;@d+*C;*tm5k?$gqy>EO z%t@~N*vtG$vIoxd9$=*U={Xw7jA%{Od$MY{g!X;imragv&wX&MTe|97*Ry9&$2v(5 zSEJM*=@X`*;h^>C(ZemUk7kS?Ki=z%@!6QMvyOKke)ypueHaiv^?dk{i46pT%F>~s zV*?u*&OZ3%Hroh(XVmMiR`sf`RQ$Q+ zS2;p^OvTD3&}*aTFHBIrJ=a?yM8XtOk>Uywlv-@3NvjsR(t6GO)a!x57_n)%V(K-U zn_e*>8M%093Z1KxQRHUS?c-|9ALHiCnd3JthaY~pJLHfg`aoU{Mz0GmywJ^< zF~i@^f}a_NkrFx%{6F~M1HUN?4^se)k%c^5SRcFcu3fu&-=|NXip|*e4d1#ZxoK|L zW6${STxfSsd2A>?2*MSoX1e0M_8z2Y>WzUG12Lijs7;5l&6Ee#@|lh`H3M*AZY`Jg z$us`e8`p^6e*3MPJbAKv@4fe&eFo02L!35YG#V=dD2z0Uewl8^jvec-IpOCpd)b}0Vv(U8yo~Pof{{l$%u^c()i#C7ql}#LNRyv#=K$80t+rl2$Mll|STuSHi{L%X1Mqf7|Zs7 z~>zPG#0BHaG9(YOR~&HzgQ_HH~@zgiR0+HACaNl2OLm zi{YC$Z|*w)`a)+UGFoH^?mt530$-g3K-F%(BWQQ2DyDmF3PU?c7IlOUo6rI6sLspR zwJmkwB!jxbj&UG)DnrMhOlWg2(0)`_p`T$4N2&u<7_xP(6iZk1UeXA~hf@=ZQlYPO z#&}m;tGUIa>2$xqDvw^ZPkb-HiT0Sv)>>`d9t-)X6>A;9pc@SY1nT9;5hHSG!L-Ws z4A20ZmzU?JO`GOY^3!PfYF`N*riLCik&g?@iJCeUh()mY=fTY)TvV^_wmOc z`|{{4JE<&n;*g;@JUG<q?l#FfE$OQ$KYXlmF}gT7^p-5l9mv~NlPGM z;=IXjPrr-(+u9|XPHi*-F6$=k(8x4WG*t&9*_82*qa>MP3HD^*wpuM+)%ElI8pr-8)*fnX-cZA#9r>qKC$8%H_?rL|cS+Rc}+#aC*CT zyVNU3BbY+T7r@+Qfi69{AlEKb`?q53bM>naq`MA-Di7?8Cz=|eeq?M0Rp_hNR z+HL7@oZD$ryX_Gx)=fWZ%|5&+Ox*ta2d@D$iAOyRNbh5553GFxAbrDJms}8mL~o}K zdMCY~=@(;R5Yf@eo`iJ$`t|c8mFXFN>8UmlQU*F}E@>`Xn8I<;Lyy7Y)1oQ#1?@+& z*_17}vtr2?sNzE&&f5)xm{T1-5lc(YkfyTKjhBNLv)i|n@AV_q8ee3iEd!b94({hbRI(G>f1&UHqN<_Jl$5CJg93kXtT;sF^t9f3_2?c|H$6AQ- zC*Z<3d2+}FD0E~NvBUL>vdB_7Lb*_;Xp|REd>kINA(Thwu!qA7tql)G8>NKAokq-t zSx!PpV;JSB5n;Y)8TRr>-ziVHH(FlgN(|UUdygb~*M-qZJO-*YI05hsOr~2O0=DJj z6KoW(v`+-*WY|M!yVrV_ z=?KgOY?xSE(T`arv>7@AylAp7bmHO66!M4ykWG&dkW&GqQk)um@epGX&o(uq*|kSE987e)s44iW80;Ino;uUJL<^2iii% zLB$CtoZ#Ml_gybnmmjo)wzIRw0We33fCN}?zx}owHoc+i&~&BiZF=@^TitbSUflqT z-Y?2ZXJ&}5Sy=+ufYDjdgE*mViC)x4h!dR1Q3QoNz3tk4^!XnZ^pUK+26Rs+8yPVl~;3{%5vOyyAs?s12M_|v}JCR zUHsdtVD)NeyDp9Dxo*v>xZbU++f(OzHxy+h_C$aQw(sFueNhdeK4D`O=LP^%D*6Kg zvkxOS+$2fYbIv)(KQGJ_iSgiPG|3k5(NQ_IV!fsAwYlwGc8w}-(&_>?asFa=_oyYV zeZxwwXUl5t*!HztzjpjZsa#i7xZ7pe?7}9FQLfIS8IUv{nF3IH5z-zU`S{Q&Egte> zc-f*Afok2wEr%F-F`@)?fgLXhKIOrO<2DzYkA(6fw{h&#u2ai4u4CIauGF5@Ey=8I zH0gX;FgKs7EU{L=2r>c=<6ZuQbO;?zq$gkd`5=Q4&fVT}lMrw0R;bc0`U z!W(bA(VchRd49U11F#m#@S$wt)L-7HgG)$HbG0+mT|%vF8`WiQ#->6y?Vros!(&#s zfi`llAK1VRI4Ik7Xk5#!S=+$h>*QKpQ?TR;%+RLFQz+Y#Mqkp>A3G>+WbCrc*vkA7 zlKolBde)ndR{ExTZTA4NzRxaLL2Qg*x!aKwm~Nnpp0`T1KdfLQ+P^t&uViH8*c4qY%cWD%c6tfkc-Emi@Yb;4|U^255q7I9@6#(9N&Z(X%DYW_n_L}jVZCu z%U-It%U}!}9vXtUfE0)dRfh8L&=VOw>@F+kWVyKu7Q5wZzq7|so!hw89_z4UiX?k1 z)in3Ys~*bZXb3L85uO#Hl3ni2C8e%+UWTiZR_4B* z_DzLe*h^0OE3LNv)U-MVwzjt4YG>Z-?Te}9<@Pk);*!#m0vaDyLYzt{sKQjHv_g1f zAo68Q;y4V(LtBj69lHzsMfvR6v;7ke-24W3Mgzt}htQz|@+3b@i^h`@T;t~D2>#pcg9zP+KnMrk9h#K0>xUt(WliPEX|%?FF8rMg1fSh?&B zSFNdi?$0K|(tV> z`Gox_Pi@4;<`$Xv^SO2?hH1$(6W9*rB@9j+4UVTl$0!&~`BIWJj!^mJAsa(+UzAZx zdd!$H{-U01MW#WfNG>68OoKQ9hz^QFN9KbMKInTZGXZ%x_{2*GQJc^Q9`Q*}(fGS; z7him_8$Nuv*PY86^rxO}b=tb3tmvktuOV`)>afEO^N00ZQ$iQel{vONs2j-CO-zP{of0*CG7MJwE1ET z=iUjqW$x1*iEc>$6WyFo-tl0?Mwg`dy68aYfSx#b(4G3_$b%NPi8`#T;kWNdE!(_l z(+BoNmJ$>owY}Q*Y(ixSUmGW36yH|ka@eoEW z2LL!Vma| zwc(7Ghs^{o`8W@Zg~Nso^I&U~`pj59apY4c9S4V6v;%!`((6FsJ$K#Zet+eao{w)1 zCuUai@8GL_e129fB~-KZwKaQ*)#t;{h-GKIDJ##%(T#Ogve1Wip|5E0NLTVjCoTs+ z1IaqwEPIM@i_yJGnttIcwH@%d%%qGCtV5wd3JV12q;aYUg+jo{g9lz26&em&$O|8G z*l_|VhvE1yzx>iqgFK$e2C8x6CieZJs{Tcz`)njJnpsEVN9DhaT#9KZnDNEseX|hpt#o;1-y4VA3&5TAZXO1#yk+QX8#BnU!57TT)76 zyL8!+`eiTVNe}EoTzRrLG&yD<+t`h_bj2vy2UP3z&)aKpe4EFf3*NgqB90)0$|F?9 zpi(IaT~7H*6RNxvi!aB92@tiBV$`l!zRVrb{V>;~O*8km4<`C!H?Bw3SjmmAhcxxz zciE0MHN}j_*V1CN9||dZ?X}ms$usA<`SztW|K^%aG#)q)8itL~gNE~AkO%0>D@e1? z*cySUTr-Adz<97^6Z9jG(8~|(Pg(41e-)#A=gwWvTmF7QEuTMc-a>mCZh@^)EfFl? z3gbb74oyn=nu8xdLTq}#g*@?!k}t)HGgGi;ax0AE#sv!(xtTL(xrb^ua*J#V+t}#> zn@epY5xZyWKViqIlz+rG}V zKBS8qYtM7ptAh4NVysg`kAbC87y%dMS(P!TksSeBU?$Jl^_`sw7x+B@)9-Q`>sC!<}n%Cp_FlZW{!+?1=Z zo^QGRL>7qY9upQbO9gL&P2Z{O*Vt)$bdQ&{5Jy`DB5g(|<&h5!Cp(ibXEjUA*{-C~LDqh1His=@g)Qn`G;)oOVzGSXu_kBk zSnEn{wqVmo{j`lR)J672pyHv;iQ_3#Y@emGPXCy(R!qH=+Xqx*wlA_JY_N^Wcr(ZV z3di>%3W-J>9vsHPQCWPxKq6l~PyF#T%6o;)xEL7zlBS(pV(&BkO?LPr9t#DmZGZre zO;Gf)ji_Vs5lFtffU5{&dU|5)M_|%<_?v6oisKp>hYq*~Z{6Mt%)^4jE zR0S<&h%8|`M3E>oHfEKYc2!np5540glep}G9c2^I6p}}qLr2;$9dG(>Kunmo52&$> z65CBZWTSNeT2YaJix&((`BH{-$U`|s9Lf=AgopVm7f#P=2&XRaCZ?vl;&bou7NcF> zQ%|fe)6PDWGqb>CG;7bD6~e?8PN%5b4J)EwIbXfyFK?JmBcEtfv~8lyr&?Wm>5AJEhIToVFmKX6oj=khvSk>@ zR-q>^w3*W2V+Z)-EWOVtCI5RP)r@JjNGP_E@@QgG(v$YAi|?sw9EEVCF^u8@&=X?$ ziW5rFkQN_@hY^ZgI!D4`$Jv)CI{InXV`l{-Y#4X+|0qo!0P-a=WJF&ki$cGq+P%h9 zzRPM(qk+-MG{}3Z8ll`|;4M22Lo`K(?V=M@n)s3{Yu3q?)ylJu=S4=-t{}PCQpb(Bz7KH72ahm_+5S-@u{OlCfFpAI8>!@!+Dp4H6z$o=b0JJf;(P2=U~{)51LEV`$bjWS7;>cS)ySk9c3d2he^1uwtaf(&Uj5eTfV( zZG%S|fH|kLQB*lCYO3nsT9~zS=FFM?wjIE73B{cxc%&b?$TLNAB$@K}oA?`;u@P!v zI6{eAy^P$7QCqm(KC#2MEuw=2wO6*0{Rr{YCmV-0r=yW)ooj*J-Fm@Vz0U>-GvM|M zstE>tJL508M{5!5o<^HODWOpGut)h?><1n-LbNa>pDB-!hGbp-a5NGD&KTL~AeXoW zQCw*WGK2E%T@R=km8rMLu3xil{%cf)NvXuIot#E-50(eHM~@!uM<$m|j9Ti)`MQuF z=K;2gO{d8(-{E)09=zmes%58~VsRf@+)v8}aMGL!el0~7P94T4Vn5U?51--+VUsS_ z>1>n1Sw>9Rm<$E`1vQpgYQ6Z?l9J-D!%G+`rV2u^C6rM401c1Ip@;HBgP&;^M}u?D z`GZT$@$b(XFS2}A4A2;`MuJSru=5E&Au~FS;DNP*yY`g12368rp8b`IBKw;$Tz_)8 z!U$!DtBsHVML!vxc)Ujw%2ZxsBX8EH(J1vJ)2=VAUS7fUe;6SaXSBN66Dd~V;yX8; zSWfoAZa9V5inxu|FKo~As%7mh~Ld~Z!vmI*hz__g&019hwk^tGS>6;L@ODWP(N zAy~wfR!F0CuM~c!733l-?ckm+z1wmAc_1t5K})cc9J7%J*W>49Ml`fauy=2umviES zZZVJSQu`8Uqk8tYZIX-Kf+gSDBQ=Zs8p?fKZXmD$!iNt1)HdRwgO0w0g)iLUD&@C! z2~}!ED}2Q|N@s{ll@-}d|M^o~5|6!@EZQg+pN5W&LXhE+4XtdEbtu-P1CCN;{Ln}x zpPlgJJw-)tQW5jHCt5{R22FJG!i}+Ck-F@tZ&52>`q9v%O3D`01`lY zFoD+M&?-W>AP|t}<3s>AMxd}gQgTSWG`DNxN;hrBEH`D!6#pFw9ya5&iYZ@4Q>dAR zH1TjY5)b;48omN-H8tT{6Xieo)b?F9ZC{r@f9gyV(vhoRW3e83@*gk;o z3GLg{JlEcz9|YAZqgxekSik=FCXkEViV9RwsDNlPgz~}$scJPu>nQ0u*VsC0?FiRT zK%!}k#Yi4HM0(hTlJAv19TV)QU?Tu*L9sn~P%YcFOW)`|`{HYVo;B zr*@F1HZU^rO4BBEubya!B>x;yv5qqRde8c5@siKp^VjF_Q(mEDk!E>Qs5(`j^6WjC zwe}9~4VM3dqm=SL2r3L_>@r(#Hd`6Sda;uuwY zHBY_VrRN_M1JKIHWO(3Wz%uYi`#hg7a0wxp$5}|as4&$HsA)Uat&811?CuWhCP#Ga za2XZxo}#ozBS!Hs4NY`r9e_>za+E7yHq(z(ZIT$ZNqg*-%LP*r>&y5^>__b;#3?N> zL%L;`+v(At>{4sH)%}B`6j?tCDoo}|Z43Rpf$$CqRV*M0L!|&R-V0FmJPdLN`9_Gq^y7Fhrp9j%ExMena@Rd&nH&Dee_ge1-P((d^rO?RFK9nM2~?P^5)S*f+In=M#osqW_y>nj z2BRFv(EtpJ3wcqR#X$in&Lq?r=oI>L0g)VYo92)7ctkTLO9s#Sm4|-lD<0CJgO9wB zpL{^U(|Hp}0_9#H6X1f!Rm-haa0R>e=6cBQL5C=m5r z5q>PRN*R_Z_RYYjY}0YJjDQ@xlqJMNLvh~N=BYq7Dk=6^*~M$t+Fxa==IUK_mmL;l z`Fo+fdCsTqz^KGdf{6322v0XT#r9cJfaE>bVzU@w(7ROuGl%9ED{mkNer6`a%Y*DV=UF)xKw&j(%#q6ebKSBhII2XoQTwI;%%N zHIh_b@?v!n>|+elG#t4R2}`umSIJ(X z_{fy$Oc`Xw%Oj1lfJ*Phljb@Rh4S+9_L=ga$%lFfX!4LL9y$cm9+wuJ3=xti7q5@# zKNS8@`LKRuOTI$n#?zIjk*T&w2k4^N#%Rjw)vE^DF8wE6zJ$6;-oG_cD+(thB-v40 zReKnFtc}=q&{0s05FeqG7L9b+7&VxDKu6h7VWp9+xMYQ)@EoIP%3$s0NDpLu6t^bsE(n5a2yf`FMJKTJ;Dd z(yB{&Y9DmP4==aP%^}$Q2B%*2&Bam)&c!MP5_}dWkY$&lO6&Ry7yP2&&gegBgi2S{t2E&+0;(5ez}gy{W8l7K$_@w{K|T$VF+)X&hiQ0m zG+J~TuQ+*OoHP#E(8F@#BUIfHcl3)+;wO{~`NbnZkOQyyp{pLzkRyK4lva6o$g@q+ z$98OanysNbEd8?pMTY7oF87Opia@Kt{*Z4cW6%zuM9F0}O zp@quI5SpS@=7&O+C!~Dn!g}KMA{~~cTsU=ya)?V7q3RKhe90G0`dFIl(C6%~%jI?n z^rO36WbMyM*D&uF1r@1|@bOT=FfL=M0O?Sc=#<$X zUHJ;(k$lDXSC%}1p|WA9x)dreJ`Ek3IBF8VC((5ItTEMwxg+k|%noWK3p7S<*64C@;Rufzm3YeCmvM@BpYl zjqh0ES3YUU32D$NtM*&oO1sg0p^eZ_EsHlIe(*Y!@;~HMXUOxbfJy~c8J0@27o95G zCC^hfb)IOA^Yzi_P?-b8WqcWww0Ma_S6YoyI^98#-M+l(g*@40a+YsG0bLNa^jr<=? zx5y2h+OQ7|<$i5v75h)FT5s3%*4E!ev`3XLRvC?=&9O5ZR~{Dc@Xo)ab&y4LC9i7xGCmoe0{MD!5urgm^q=g69ZU~%imq0h0 zFZ2!4Ot9BIRaYKmR{oN3@*X{2^C5O$DP8HE&8W8hI-bfv}r zLm?dqClFOubrXh8^{FoLS^1eJ>rn&qMdJs|Uwo2!1ic#Vf?b-djrddQ~P z@y7aJ0~5V)`)m9EIjE6pUO5nCT29W(%d2Uh+WEa1@I+I(nS~L$K_g`J5D3ZoPeU1s z5cx_Y*XlJ=`63J7wzuLQTfTfbkIwQS&96GmQuqE`sGIVCGoVT#LQ@oQnVOTEHf`F% zHdQ=f(Z}d*jOItM8iUb8Z}}A?4*G$d%7-CwdC7^%U_{O~AjjFw?|;~{!}Bd4Aemyn zzb!scrN07Q`iG)_lb}jLQd`!VcPK4UMIq`6?FY>(F@k_}g5RW$5yke+hYkW}9Kd?XEQzUukRQ0^7NMWv|@x zwG+T&6#DSD0;1`&kBdyQ56LC)MX~>1olS!p$pSkJiQ^PTspwbpG9e!D!m!-zBA%$k kZ}gYfNaCF}xV$|1>H6z0+kD + +#define _REG_REQ_FILE_NAME "/home/owner/apps_rw/org.example.fidosample/res/reg_req.json" +#define _AUTH_REQ_FILE_NAME "/home/owner/apps_rw/org.example.fidosample/res/auth_req.json" +#define _DEREG_REQ_FILE_NAME "/home/owner/apps_rw/org.example.fidosample/res/dereg_req.json" + +static char *json_reg = NULL; +static char *json_auth = NULL; +static char *json_dereg = NULL; + +static char* +__read(const char *file_name) +{ + FILE *file = fopen(file_name, "rb"); + if (file == NULL) + return NULL; + + fseek(file, 0, SEEK_END); + long size = ftell(file); + if (size <= 0) { + fclose(file); + return NULL; + } + + fseek(file, 0, SEEK_SET); + + char *json = calloc(1, size + 1); + int num_bytes = fread(json, size, 1, file); + if (num_bytes <= 0) { + free(json); + fclose(file); + return NULL; + } + + json[size] = 0; + + fclose(file); + + return json; + +} + +static void _response_cb(void *data, Evas_Object *obj, void *event_info) +{ + evas_object_del(data); +} + +static void create_popup(char *popup_str, appdata_s *ad) +{ + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido %s", popup_str); + + Evas_Object *popup = elm_popup_add(ad->win); + Evas_Object *btn; + + elm_popup_align_set(popup, ELM_NOTIFY_ALIGN_FILL, 1.0); + evas_object_size_hint_weight_set(popup, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND); + elm_object_text_set(popup, popup_str); + + btn = elm_button_add(popup); + elm_object_style_set(btn, "popup"); + evas_object_size_hint_weight_set(btn, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND); + elm_object_text_set(btn, "OK"); + elm_object_part_content_set(popup, "button1", btn); + eext_object_event_callback_add(popup, EEXT_CALLBACK_BACK, eext_popup_back_cb, NULL); + evas_object_smart_callback_add(btn, "clicked", _response_cb, popup); + evas_object_show(popup); + + return; +} + +char *get_error_code(fido_error_e error_code) +{ + + char *error_str = calloc(1,128); + + if(error_code == FIDO_ERROR_NONE) + strcpy(error_str, "SUCCESS"); + else if (error_code == FIDO_ERROR_OUT_OF_MEMORY) + strcpy(error_str, "FIDO_ERROR_OUT_OF_MEMORY"); + else if (error_code == FIDO_ERROR_INVALID_PARAMETER) + strcpy(error_str, "FIDO_ERROR_INVALID_PARAMETER"); + else if (error_code == FIDO_ERROR_NO_DATA) + strcpy(error_str, "FIDO_ERROR_NO_DATA"); + else if (error_code == FIDO_ERROR_PERMISSION_DENIED) + strcpy(error_str, "FIDO_ERROR_PERMISSION_DENIED"); + else if (error_code == FIDO_ERROR_NOT_SUPPORTED) + strcpy(error_str, "FIDO_ERROR_NOT_SUPPORTED"); + else if (error_code == FIDO_ERROR_USER_ACTION_IN_PROGRESS) + strcpy(error_str, "FIDO_ERROR_USER_ACTION_IN_PROGRESS"); + else if (error_code == FIDO_ERROR_USER_CANCELLED) + strcpy(error_str, "FIDO_ERROR_USER_CANCELLED"); + else if (error_code == FIDO_ERROR_UNSUPPORTED_VERSION) + strcpy(error_str, "FIDO_ERROR_UNSUPPORTED_VERSION"); + else if (error_code == FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR) + strcpy(error_str, "FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR"); + else if (error_code == FIDO_ERROR_PROTOCOL_ERROR) + strcpy(error_str, "FIDO_ERROR_PROTOCOL_ERROR"); + else if (error_code == FIDO_ERROR_UNTRUSTED_FACET_ID) + strcpy(error_str, "FIDO_ERROR_UNTRUSTED_FACET_ID"); + else + strcpy(error_str, "FIDO_ERROR_UNKNOWN"); + return error_str; +} + +static void +__show_error(int tizen_error_code, appdata_s *app_data) +{ + char *error_string = get_error_code(tizen_error_code); + create_popup(error_string, app_data); + free(error_string); +} + +void fido_attestation_type_cb_list(fido_auth_attestation_type_e att_type, void *user_data) +{ + char *str = (char *) user_data; + + char tmp[1024] = {0,}; + sprintf(tmp, " | Attestation Type = [%d]", att_type); + strcat(str, tmp); +} + +static void +__print_authinfo(const fido_authenticator_h auth, appdata_s *ad) +{ + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido __print_authinfo"); + + char str[5000] = {0,}; + str[0] = '\0'; + strcpy(str, "DISCOVER RESPONSE"); + char tmp[1024] = {0,}; + + char *title = NULL; + fido_authenticator_get_title(auth, &title); + if(title) { + sprintf(tmp, " | Title = [%s]", title); + strcat(str, tmp); + } + free(title); + + char *aaid = NULL; + fido_authenticator_get_aaid(auth, &aaid); + if(aaid) { + sprintf(tmp, " | AAID = [%s]", aaid); + strcat(str, tmp); + } + free(aaid); + + char *description = NULL; + fido_authenticator_get_description(auth, &description); + if(description) { + sprintf(tmp, " | Description = [%s]", description); + strcat(str, tmp); + } + free(description); + + char *scheme = NULL; + fido_authenticator_get_assertion_scheme(auth, &scheme); + if(scheme) { + sprintf(tmp, " | Scheme = [%s]", scheme); + strcat(str, tmp); + } + free(scheme); + + fido_authenticator_foreach_attestation_type(auth, fido_attestation_type_cb_list, str); + + fido_auth_algo_e get_algo = -1; + fido_authenticator_get_algorithm(auth, &get_algo); + if(get_algo != -1) { + sprintf(tmp, " | Algo = [%d]", get_algo); + strcat(str, tmp); + } + + fido_auth_user_verify_type_e user_ver = -1; + fido_authenticator_get_verification_method(auth, &user_ver); + if(user_ver != -1) { + sprintf(tmp, " | Verification = [%d]", user_ver); + strcat(str, tmp); + } + + fido_auth_key_protection_type_e key_protection = -1; + fido_authenticator_get_key_protection_method(auth, &key_protection); + if(key_protection != -1) { + sprintf(tmp, " | Key Protection = [%d]", key_protection); + strcat(str, tmp); + } + + fido_auth_matcher_protection_type_e matcher_protection = -1; + fido_authenticator_get_matcher_protection_method(auth, &matcher_protection); + if(matcher_protection != -1) { + sprintf(tmp, " | Matcher Protection = [%d]", matcher_protection); + strcat(str, tmp); + } + + fido_auth_attachment_hint_e attachment_hint = -1; + fido_authenticator_get_attachment_hint(auth, &attachment_hint); + if(attachment_hint != -1) { + sprintf(tmp, " | Attachment Hint = [%d]", attachment_hint); + strcat(str, tmp); + } + + fido_auth_tc_display_type_e tc_discplay = -1; + fido_authenticator_get_tc_discplay(auth, &tc_discplay); + if(tc_discplay != -1) { + sprintf(tmp, " | Tc Display = [%d]", tc_discplay); + strcat(str, tmp); + } + + char *tc_display_type = NULL; + fido_authenticator_get_tc_display_type(auth, &tc_display_type); + if(tc_display_type) { + sprintf(tmp, " | Tc Display Type = [%s]", tc_display_type); + strcat(str, tmp); + } + free(tc_display_type); + + char *icon = NULL; + fido_authenticator_get_icon(auth, &icon); + if(icon) { + sprintf(tmp, " | Icon = [%s]", icon); + strcat(str, tmp); + } + free(icon); + + create_popup(str, ad); +} + +static void +auth_list_cb(const fido_authenticator_h auth, void *user_data) +{ + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido auth_list_cb"); + + appdata_s *ad = user_data; + __print_authinfo(auth, ad); +} + +void +start_discover(void *data, Evas_Object *obj, void *event_info) +{ + int ret = fido_foreach_authenticator(auth_list_cb, data); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_get_available_authenticators = [%d]", ret); + + if (ret != FIDO_ERROR_NONE) + __show_error(ret, (appdata_s *)data); + +} + +void +start_check_policy(void *data, Evas_Object *obj, void *event_info) +{ + bool is_supported = false; + int ret = fido_uaf_is_supported(json_reg, &is_supported); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_uaf_is_supported = [%d]", ret); + + char str[2048] = {0,}; + str[0] = '\0'; + + strcpy(str, "CHECK POLICY RESPONSE | "); + + if (ret != FIDO_ERROR_NONE) { + char *error_string = get_error_code(ret); + + sprintf(str, "[%s]", error_string); + create_popup(str, (appdata_s *) data); + free(error_string); + } + else { + if (is_supported == true) + sprintf(str, "TRUE"); + else + sprintf(str, "FALSE"); + + create_popup(str, (appdata_s *) data); + } +} + +static void +_process_cb(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) +{ + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "process response = [%d]", tizen_error_code); + + if (tizen_error_code == 0 && uaf_response != NULL) { + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "uaf response = %s", uaf_response); + + const int max_popup_str_len = strlen(uaf_response) + 500; + char *popup_str = calloc(1, max_popup_str_len); + + snprintf(popup_str, max_popup_str_len - 1, "UAF Response =%s", uaf_response); + + create_popup(popup_str, (appdata_s *) user_data); + free(popup_str); + } + else { + __show_error(tizen_error_code, (appdata_s *)user_data); + } +} + +void +start_registration(void *data, Evas_Object *obj, void *event_info) +{ + if (json_reg != NULL) { + int ret = fido_uaf_get_response_message(json_reg, NULL, _process_cb, data); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_request_get_registration_response = [%d]", ret); + if (ret != FIDO_ERROR_NONE) + __show_error(ret, (appdata_s *)data); + } +} + +void +start_auth(void *data, Evas_Object *obj, void *event_info) +{ + if (json_auth != NULL) { + int ret = fido_uaf_get_response_message(json_auth, NULL, _process_cb, data); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_request_get_authentication_response = [%d]", ret); + + if (ret != FIDO_ERROR_NONE) + __show_error(ret, (appdata_s *)data); + } +} + +static void +_process_dereg_cb(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) +{ + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "process response = [%d]", tizen_error_code); + + if (uaf_response) + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "uaf_response = [%s]", uaf_response); + else + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "uaf_response = [NULL]"); + + char *error_string = get_error_code(tizen_error_code); + create_popup(error_string, (appdata_s *) user_data); + free(error_string); +} + +void +start_de_registration(void *data, Evas_Object *obj, void *event_info) +{ + if (json_reg != NULL) { + int ret = fido_uaf_get_response_message(json_dereg, NULL, _process_dereg_cb, data); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_request_get_deregistration_response = [%d]", ret); + + if (ret != FIDO_ERROR_NONE) + __show_error(ret, (appdata_s *)data); + } +} + +static void +_process_cb_for_notify_pos(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) +{ + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "process response = [%d]", tizen_error_code); + + if (tizen_error_code == 0) { + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "uaf response = %s", uaf_response); + + int ret = fido_uaf_set_server_result(FIDO_SERVER_STATUS_CODE_OK, uaf_response); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_uaf_set_server_result =[%d]", ret); + + char *error_string = get_error_code(tizen_error_code); + create_popup(error_string, (appdata_s *) user_data); + free(error_string); + } + else { + __show_error(tizen_error_code, (appdata_s *)user_data); + } +} + +static void +_process_cb_for_notify_neg(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) +{ + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "process response = [%d]", tizen_error_code); + + if (tizen_error_code == 0) { + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "uaf response = %s", uaf_response); + + int ret = fido_uaf_set_server_result(0, uaf_response); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_uaf_set_server_result =[%d]", ret); + + char *error_string = get_error_code(tizen_error_code); + create_popup(error_string, (appdata_s *) user_data); + free(error_string); + } + else { + __show_error(tizen_error_code, (appdata_s *)user_data); + } +} + +void +start_notify_pos(void *data, Evas_Object *obj, void *event_info) +{ + if (json_reg != NULL) { + int ret = fido_uaf_get_response_message(json_reg, NULL, _process_cb_for_notify_pos, data); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_request_get_registration_response = [%d]", ret); + } +} + +void +start_notify_neg(void *data, Evas_Object *obj, void *event_info) +{ + if (json_reg != NULL) { + int ret = fido_uaf_get_response_message(json_reg, NULL, _process_cb_for_notify_neg, data); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_request_get_registration_response = [%d]", ret); + } +} + +static void +win_delete_request_cb(void *data, Evas_Object *obj, void *event_info) +{ + /* To make your application go to background, + Call the elm_win_lower() instead + Evas_Object *win = (Evas_Object *) data; + elm_win_lower(win); */ + ui_app_exit(); +} + +static void +list_selected_cb(void *data, Evas_Object *obj, void *event_info) +{ + Elm_Object_Item *it = event_info; + elm_list_item_selected_set(it, EINA_FALSE); +} + +static Eina_Bool +naviframe_pop_cb(void *data, Elm_Object_Item *it) +{ + ui_app_exit(); + return EINA_FALSE; +} + +static void +create_list_view(appdata_s *ad) +{ + Evas_Object *list; + Evas_Object *btn; + Evas_Object *nf = ad->nf; + Elm_Object_Item *nf_it; + + /* List */ + list = elm_list_add(nf); + elm_list_mode_set(list, ELM_LIST_COMPRESS); + evas_object_smart_callback_add(list, "selected", list_selected_cb, NULL); + + /* Main Menu Items Here */ + elm_list_item_append(list, "Find Authenticator", NULL, NULL, start_discover, ad); + elm_list_item_append(list, "Check UAF Message Supported", NULL, NULL, start_check_policy, ad); + elm_list_item_append(list, "Registration", NULL, NULL, start_registration, ad); + elm_list_item_append(list, "Authentication", NULL, NULL, start_auth, ad); + elm_list_item_append(list, "De-Registration", NULL, NULL, start_de_registration, ad); + elm_list_item_append(list, "Set Server Result with Success", NULL, NULL, start_notify_pos, ad); + elm_list_item_append(list, "Set Server Result with Failure", NULL, NULL, start_notify_neg, ad); + + elm_list_go(list); + + /* This button is set for devices which doesn't have H/W back key. */ + btn = elm_button_add(nf); + elm_object_style_set(btn, "naviframe/end_btn/default"); + nf_it = elm_naviframe_item_push(nf, "FIDO Test App", btn, NULL, list, NULL); + elm_naviframe_item_pop_cb_set(nf_it, naviframe_pop_cb, ad->win); +} + +static void +create_base_gui(appdata_s *ad) +{ + /* + * Widget Tree + * Window + * - conform + * - layout main + * - naviframe */ + + /* Window */ + ad->win = elm_win_util_standard_add(PACKAGE, PACKAGE); + elm_win_conformant_set(ad->win, EINA_TRUE); + elm_win_autodel_set(ad->win, EINA_TRUE); + + if (elm_win_wm_rotation_supported_get(ad->win)) { + int rots[4] = { 0, 90, 180, 270 }; + elm_win_wm_rotation_available_rotations_set(ad->win, (const int *)(&rots), 4); + } + + evas_object_smart_callback_add(ad->win, "delete,request", win_delete_request_cb, NULL); + + /* Conformant */ + ad->conform = elm_conformant_add(ad->win); + evas_object_size_hint_weight_set(ad->conform, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND); + elm_win_resize_object_add(ad->win, ad->conform); + evas_object_show(ad->conform); + + /* Indicator */ + /* elm_win_indicator_mode_set(ad->win, ELM_WIN_INDICATOR_SHOW); */ + + /* Base Layout */ + ad->layout = elm_layout_add(ad->conform); + evas_object_size_hint_weight_set(ad->layout, EVAS_HINT_EXPAND, EVAS_HINT_EXPAND); + elm_layout_theme_set(ad->layout, "layout", "application", "default"); + evas_object_show(ad->layout); + + elm_object_content_set(ad->conform, ad->layout); + + /* Naviframe */ + ad->nf = elm_naviframe_add(ad->layout); + create_list_view(ad); + elm_object_part_content_set(ad->layout, "elm.swallow.content", ad->nf); + eext_object_event_callback_add(ad->nf, EEXT_CALLBACK_BACK, eext_naviframe_back_cb, NULL); + eext_object_event_callback_add(ad->nf, EEXT_CALLBACK_MORE, eext_naviframe_more_cb, NULL); + + /* Show window after base gui is set up */ + evas_object_show(ad->win); +} + +static bool +app_create(void *data) +{ + /* Hook to take necessary actions before main event loop starts + Initialize UI resources and application's data + If this function returns true, the main loop of application starts + If this function returns false, the application is terminated */ + appdata_s *ad = data; + + elm_app_base_scale_set(1.8); + create_base_gui(ad); + + json_reg = __read(_REG_REQ_FILE_NAME); + json_auth = __read(_AUTH_REQ_FILE_NAME); + json_dereg = __read(_DEREG_REQ_FILE_NAME); + + return true; +} + +static void +app_control(app_control_h app_control, void *data) +{ + /* Handle the launch request. */ +} + +static void +app_pause(void *data) +{ + /* Take necessary actions when application becomes invisible. */ +} + +static void +app_resume(void *data) +{ + /* Take necessary actions when application becomes visible. */ +} + +static void +app_terminate(void *data) +{ + /* Release all resources. */ +} + +static void +ui_app_lang_changed(app_event_info_h event_info, void *user_data) +{ + /*APP_EVENT_LANGUAGE_CHANGED*/ + char *locale = NULL; + system_settings_get_value_string(SYSTEM_SETTINGS_KEY_LOCALE_LANGUAGE, &locale); + elm_language_set(locale); + free(locale); + return; +} + +static void +ui_app_orient_changed(app_event_info_h event_info, void *user_data) +{ + /*APP_EVENT_DEVICE_ORIENTATION_CHANGED*/ + return; +} + +static void +ui_app_region_changed(app_event_info_h event_info, void *user_data) +{ + /*APP_EVENT_REGION_FORMAT_CHANGED*/ +} + +static void +ui_app_low_battery(app_event_info_h event_info, void *user_data) +{ + /*APP_EVENT_LOW_BATTERY*/ +} + +static void +ui_app_low_memory(app_event_info_h event_info, void *user_data) +{ + /*APP_EVENT_LOW_MEMORY*/ +} + +int +main(int argc, char *argv[]) +{ + dlog_print(DLOG_ERROR, LOG_TAG, "Launching fido sample"); + + appdata_s ad = {0,}; + int ret = 0; + + ui_app_lifecycle_callback_s event_callback = {0,}; + app_event_handler_h handlers[5] = {NULL, }; + + event_callback.create = app_create; + event_callback.terminate = app_terminate; + event_callback.pause = app_pause; + event_callback.resume = app_resume; + event_callback.app_control = app_control; + + ui_app_add_event_handler(&handlers[APP_EVENT_LOW_BATTERY], APP_EVENT_LOW_BATTERY, ui_app_low_battery, &ad); + ui_app_add_event_handler(&handlers[APP_EVENT_LOW_MEMORY], APP_EVENT_LOW_MEMORY, ui_app_low_memory, &ad); + ui_app_add_event_handler(&handlers[APP_EVENT_DEVICE_ORIENTATION_CHANGED], APP_EVENT_DEVICE_ORIENTATION_CHANGED, ui_app_orient_changed, &ad); + ui_app_add_event_handler(&handlers[APP_EVENT_LANGUAGE_CHANGED], APP_EVENT_LANGUAGE_CHANGED, ui_app_lang_changed, &ad); + ui_app_add_event_handler(&handlers[APP_EVENT_REGION_FORMAT_CHANGED], APP_EVENT_REGION_FORMAT_CHANGED, ui_app_region_changed, &ad); + ui_app_remove_event_handler(handlers[APP_EVENT_LOW_MEMORY]); + + ret = ui_app_main(argc, argv, &event_callback, &ad); + if (ret != APP_ERROR_NONE) { + dlog_print(DLOG_ERROR, LOG_TAG, "app_main() is failed. err = %d", ret); + } + + return ret; +} diff --git a/test/3_0_Sample_App/FIDOSample/tizen-manifest.xml b/test/3_0_Sample_App/FIDOSample/tizen-manifest.xml new file mode 100644 index 0000000..cc6c2e4 --- /dev/null +++ b/test/3_0_Sample_App/FIDOSample/tizen-manifest.xml @@ -0,0 +1,12 @@ + + + + + + fidosample.png + + + http://tizen.org/privilege/account.read + http://tizen.org/privilege/account.write + + -- 2.7.4 From 817effec3ffad0e2313c5718436f095c4d0b3167 Mon Sep 17 00:00:00 2001 From: Manasij Sur Roy Date: Wed, 8 Jun 2016 16:32:28 +0530 Subject: [PATCH 06/16] Coding idiom fixes Change-Id: Ib8b21d94e3ca137d01182564543721f69ea95a5c Signed-off-by: Manasij Sur Roy --- client/fido_uaf_client.c | 4 +- common/fido_b64_util.c | 2 +- common/fido_json_handler.c | 59 ++++++++++--------------- fido_svc_ui/fido_ui_server.c | 7 ++- server/fido_app_id_handler.c | 10 ++--- server/fido_selection_ui_adaptor.c | 3 +- server/fido_server.c | 20 +++------ test/3_0_Sample_App/FIDOSample/src/fidosample.c | 52 ++++++++++------------ test/Dummy_ASM_DBUS/dummy_asm_server.c | 21 +++------ test/FIDOSample/src/main.c | 3 +- test/shell_tc/fido_shell_tc.c | 6 +-- test/shell_tc/fido_shell_tc_util.c | 16 +++---- 12 files changed, 84 insertions(+), 119 deletions(-) diff --git a/client/fido_uaf_client.c b/client/fido_uaf_client.c index 1b1ca27..ce9cef0 100755 --- a/client/fido_uaf_client.c +++ b/client/fido_uaf_client.c @@ -346,9 +346,9 @@ fido_uaf_set_server_result(int response_code, const char *uaf_response_json) if (is_success == FALSE) { _ERR("fido_call_fido_uaf_notify_result_sync failed [%d]", tizen_error_code); - if (dbus_err) { + if (dbus_err) _ERR("GError = [%s]", dbus_err->message); - } + return FIDO_ERROR_PROTOCOL_ERROR; } diff --git a/common/fido_b64_util.c b/common/fido_b64_util.c index 0599c29..32f8100 100644 --- a/common/fido_b64_util.c +++ b/common/fido_b64_util.c @@ -50,7 +50,7 @@ _fido_b64url_encode(const unsigned char *input, int inlen, unsigned char *outpu *outlen = bptr->length; int i; - for (i =0; i < *outlen ; i++) { + for (i = 0; i < *outlen ; i++) { if (output[i] == '+') output[i] = '-'; diff --git a/common/fido_json_handler.c b/common/fido_json_handler.c index e1d9d7a..130c36b 100644 --- a/common/fido_json_handler.c +++ b/common/fido_json_handler.c @@ -183,7 +183,7 @@ __uaf_composer_compose_asm_init(JsonGenerator **generator, JsonObject **root_obj return TRUE; - CATCH: +CATCH: if (generator != NULL && *generator != NULL) { g_object_unref(*generator); *generator = NULL; @@ -248,7 +248,7 @@ __uaf_composer_compose_asm_response_init(JsonGenerator **generator, JsonObject * return TRUE; - CATCH: +CATCH: if (generator != NULL && *generator != NULL) { g_object_unref(*generator); *generator = NULL; @@ -299,8 +299,8 @@ __uaf_composer_compose_asm_version(_version_t *version, JsonNode **node) return TRUE; - CATCH: - if ((node !=NULL) && (*node != NULL)) { +CATCH: + if ((node != NULL) && (*node != NULL)) { json_node_free(*node); *node = NULL; } @@ -349,7 +349,7 @@ __uaf_composer_compose_asm_reg_in(_fido_asm_reg_in_t *reg_in, JsonNode **node) return TRUE; - CATCH: +CATCH: if (node != NULL && *node != NULL) { json_node_free(*node); *node = NULL; @@ -390,9 +390,8 @@ __uaf_composer_compose_asm_auth_in(_fido_asm_auth_in_t *auth_in, JsonNode **node if (auth_in->key_ids) { JsonArray *ids = json_array_new(); - for (iter = auth_in->key_ids; iter != NULL; iter = g_list_next(iter)) { - json_array_add_string_element(ids, (char *)iter->data); - } + for (iter = auth_in->key_ids; iter != NULL; iter = g_list_next(iter)) + json_array_add_string_element(ids, (char *)iter->data); json_object_set_array_member(obj, _JSON_KEY_KEY_IDS, ids); } @@ -457,7 +456,7 @@ __uaf_composer_compose_asm_auth_in(_fido_asm_auth_in_t *auth_in, JsonNode **node return TRUE; - CATCH: +CATCH: if (*node != NULL) { json_node_free(*node); *node = NULL; @@ -631,19 +630,16 @@ _uaf_parser_parse_match(JsonObject *match_obj) _match_criteria_t *match_criteria = (_match_criteria_t*)calloc(1, sizeof(_match_criteria_t)); JsonArray *aaid_arr = json_object_get_array_member(match_obj, _JSON_KEY_AAID); - if (aaid_arr != NULL) { + if (aaid_arr != NULL) match_criteria->aaid_list = __get_string_list_from_json_array(aaid_arr); - } JsonArray *vendor_arr = json_object_get_array_member(match_obj, _JSON_KEY_VENDOR_ID); - if (vendor_arr != NULL) { + if (vendor_arr != NULL) match_criteria->vendor_list = __get_string_list_from_json_array(vendor_arr); - } JsonArray *key_id_arr = json_object_get_array_member(match_obj, _JSON_KEY_KEY_IDS); - if (key_id_arr != NULL) { + if (key_id_arr != NULL) match_criteria->key_id_list = __get_string_list_from_json_array(key_id_arr); - } match_criteria->user_verification = __get_int_from_json_object(match_obj, _JSON_KEY_USER_VERIFICATION); @@ -662,14 +658,12 @@ _uaf_parser_parse_match(JsonObject *match_obj) } JsonArray *assertion_schm_arr = json_object_get_array_member(match_obj, _JSON_KEY_ASSERT_SCHEMES); - if (assertion_schm_arr) { + if (assertion_schm_arr) match_criteria->assertion_scheme_list = __get_string_list_from_json_array(assertion_schm_arr); - } JsonArray *att_type_arr = json_object_get_array_member(match_obj, _JSON_KEY_ATT_TYPES); - if (att_type_arr) { + if (att_type_arr) match_criteria->attestation_type_list = __get_string_list_from_json_array(att_type_arr); - } match_criteria->auth_version = __get_int_from_json_object(match_obj, _JSON_KEY_AUTH_VERSION); @@ -1040,9 +1034,9 @@ _uaf_parser_parse_asm_response_discover(GList *asm_response_list, int *error_cod _INFO("ASM Response = %s", asm_resp->asm_response_json); } - if (asm_resp->error_code == FIDO_ERROR_NONE + if ((asm_resp->error_code == FIDO_ERROR_NONE) && - asm_resp->asm_response_json != NULL) { + (asm_resp->asm_response_json != NULL)) { JsonParser *parser = json_parser_new(); CATCH_IF_FAIL(parser != NULL); @@ -1505,7 +1499,7 @@ _uaf_composer_compose_asm_reg_request(_version_t *version, int auth_index, _fido return 0; - CATCH: +CATCH: if (generator != NULL) { g_object_unref(generator); generator = NULL; @@ -1918,9 +1912,8 @@ _uaf_composer_compose_final_challenge(const char *app_id, const char *challenge, GError *chb_err = NULL; bool chb_parsed = json_parser_load_from_data(chb_parser, ch_bin, -1, &chb_err); - if (chb_parsed == FALSE) { + if (chb_parsed == FALSE) return NULL; - } JsonNode *chb_root = json_parser_get_root(chb_parser); RET_IF_FAIL(chb_root != NULL, NULL); @@ -2012,19 +2005,16 @@ _uaf_composer_compose_final_challenge(const char *app_id, const char *challenge, GError *chb_err = NULL; bool chb_parsed = json_parser_load_from_data(chb_parser, ch_bin, -1, &chb_err); - if (chb_parsed == FALSE) { + if (chb_parsed == FALSE) return NULL; - } JsonNode *chb_root = json_parser_get_root(chb_parser); - if (chb_root == NULL) { + if (chb_root == NULL) return NULL; - } JsonObject *chb_root_obj = json_node_get_object(chb_root); - if (chb_root_obj == NULL) { + if (chb_root_obj == NULL) return NULL; - } char *end_pt = (char*)json_object_get_string_member(chb_root_obj, _JSON_KEY_SERVER_END_POINT); char *cert = (char*)json_object_get_string_member(chb_root_obj, _JSON_KEY_TLS_SERVER_CERT); @@ -2802,9 +2792,8 @@ __get_transaction_list(JsonObject *uaf_obj) /*tcDisplayPNGCharacteristics*/ JsonObject *tc_disp_obj = json_object_get_object_member(tr_obj, _JSON_KEY_TC_DISP_PNG_CHARS); - if (tc_disp_obj != NULL) { + if (tc_disp_obj != NULL) trans->display_charac = __get_png_data(tr_obj); - } trans_list = g_list_append(trans_list, trans); } @@ -2860,9 +2849,8 @@ __parse_uaf_dereg_message(JsonObject *uaf_object) _dereg_request_t *dereg_req_temp = (_dereg_request_t *)calloc(1, sizeof(_dereg_request_t)); JsonArray *auth_arr = json_object_get_array_member(uaf_object, _JSON_KEY_AUTHENTICATORS_SMALL); - if (auth_arr != NULL) { + if (auth_arr != NULL) json_array_foreach_element(auth_arr, __dereg_auth_parser, dereg_req_temp); - } return dereg_req_temp; } @@ -3030,9 +3018,8 @@ _uaf_parser_parse_trusted_facets(const char *json) int idx = 0; for (; idx < id_arr_len; idx++) { const char *id = json_array_get_string_element(id_arr, idx); - if (id != NULL) { + if (id != NULL) app_id_list = g_list_append(app_id_list, strdup(id)); - } } } } diff --git a/fido_svc_ui/fido_ui_server.c b/fido_svc_ui/fido_ui_server.c index 2515b60..083080d 100644 --- a/fido_svc_ui/fido_ui_server.c +++ b/fido_svc_ui/fido_ui_server.c @@ -457,7 +457,7 @@ _parse_json_ui_in(const char *ui_auth_json) json_array_foreach_element(auth_data_arr, _auth_arr_cb, NULL); - CATCH: +CATCH: if (parser != NULL) { g_object_unref(parser); parser = NULL; @@ -466,7 +466,7 @@ _parse_json_ui_in(const char *ui_auth_json) if (parse_err != NULL) { g_error_free(parse_err); parse_err = NULL; - } + } SAFE_DELETE(ui_auth); @@ -674,9 +674,8 @@ main(int argc, char *argv[]) ui_app_remove_event_handler(handlers[APP_EVENT_LOW_MEMORY]); ret = ui_app_main(argc, argv, &event_callback, &ad); - if (ret != APP_ERROR_NONE) { + if (ret != APP_ERROR_NONE) _INFO("app_main() is failed. err = %d", ret); - } return ret; } diff --git a/server/fido_app_id_handler.c b/server/fido_app_id_handler.c index 9aa01c0..290a034 100644 --- a/server/fido_app_id_handler.c +++ b/server/fido_app_id_handler.c @@ -350,7 +350,7 @@ __b64_encode(unsigned char *input, int ip_len) memcpy(output, bptr->data, bptr->length); output[bptr->length] = 0; - if(b64) + if (b64) BIO_free_all(b64); return (char*)output; @@ -433,7 +433,7 @@ __get_pub_key_from_cert(const char *cert_b64) ret = EVP_Digest(der_pubkey, der_len, pubkey_der_digest, (unsigned int*)&hashed_len, EVP_sha256(), NULL); - if (ret != 1 ) { + if (ret != 1) { _ERR("EVP_Digest failed"); OPENSSL_free(der_pubkey); @@ -538,8 +538,7 @@ __get_tz_facet_id_of_caller(const char *caller_app_id, GDBusMethodInvocation *in _INFO(""); -CATCH : - +CATCH: _INFO("Before return"); pkgmgrinfo_pkginfo_destroy_certinfo(cert_handle); @@ -554,9 +553,8 @@ _verify_and_get_facet_id(const char *uaf_app_id, GDBusMethodInvocation *invocati _INFO("_verify_and_get_facet_id"); char *app_id = __get_appid_of_dbus_caller(invocation); - if (app_id == NULL) { + if (app_id == NULL) return FIDO_ERROR_PERMISSION_DENIED; - } _app_id_cb_data_t *cb_data = (_app_id_cb_data_t*)calloc(1, sizeof(_app_id_cb_data_t)); if (cb_data == NULL) diff --git a/server/fido_selection_ui_adaptor.c b/server/fido_selection_ui_adaptor.c index 4c4e1fd..01f3200 100644 --- a/server/fido_selection_ui_adaptor.c +++ b/server/fido_selection_ui_adaptor.c @@ -83,9 +83,8 @@ _get_ui_queue(void) return _ui_q; _ui_q = g_queue_new(); - if (_ui_q == NULL) { + if (_ui_q == NULL) _ERR("Out of memory"); - } return _ui_q; } diff --git a/server/fido_server.c b/server/fido_server.c index c940e7d..c0c5986 100755 --- a/server/fido_server.c +++ b/server/fido_server.c @@ -227,9 +227,8 @@ _discover_response_intermediate_cb(GList *asm_response_list, void *user_data) if (asm_response_list == NULL) _ERR("Discover response failed"); - else { + else asm_auth_list = _uaf_parser_parse_asm_response_discover(asm_response_list, &error); - } (cb_data->cb)(error, 0, asm_auth_list, cb_data->user_data); @@ -884,12 +883,10 @@ _discover_response_cb_for_process(int tz_error_code, int error_code, GList *avai GList *allowed_auth_list = _policy_checker_get_matched_auth_list(policy, available_authenticators_full); g_list_free_full(available_authenticators_full, _free_asm_auth_list); - if ((allowed_auth_list != NULL) && g_list_length(allowed_auth_list) > 0) { - + if ((allowed_auth_list != NULL) && g_list_length(allowed_auth_list) > 0) _send_process_response(cb_data, FIDO_ERROR_NONE, NULL); - } else { + else _send_process_response(cb_data, FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR, NULL); - } if (allowed_auth_list != NULL) g_list_free_full(allowed_auth_list, _free_matched_auth_data); @@ -906,12 +903,10 @@ _discover_response_cb_for_process(int tz_error_code, int error_code, GList *avai available_authenticators_full); g_list_free_full(available_authenticators_full, _free_asm_auth_list); - if ((matched_auth_list != NULL) && g_list_length(matched_auth_list) > 0) { - + if ((matched_auth_list != NULL) && g_list_length(matched_auth_list) > 0) _send_process_response(cb_data, FIDO_ERROR_NONE, NULL); - } else { + else _send_process_response(cb_data, FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR, NULL); - } if (matched_auth_list != NULL) g_list_free_full(matched_auth_list, __free_matched_dereg_auth_data_list_item); @@ -1108,9 +1103,8 @@ __facet_id_cb(int err, const char *facet_id, void *user_data) error_code = _handle_process_message(cb_data); - if (error_code != FIDO_ERROR_NONE) { + if (error_code != FIDO_ERROR_NONE) _send_process_response(cb_data, error_code, NULL); - } } gboolean @@ -1164,7 +1158,7 @@ _dbus_on_fido_discover(Fido *object, GDBusMethodInvocation *invocation) } gboolean -_dbus_handle_process_or_check_policy(Fido *object, GDBusMethodInvocation *invocation, +_dbus_handle_process_or_check_policy(Fido *object, GDBusMethodInvocation *invocation, const gchar *uaf_request_json, const gchar *channel_binding, _process_type_t type) { diff --git a/test/3_0_Sample_App/FIDOSample/src/fidosample.c b/test/3_0_Sample_App/FIDOSample/src/fidosample.c index 3f22bca..dfa4839 100644 --- a/test/3_0_Sample_App/FIDOSample/src/fidosample.c +++ b/test/3_0_Sample_App/FIDOSample/src/fidosample.c @@ -87,12 +87,13 @@ static void create_popup(char *popup_str, appdata_s *ad) return; } -char *get_error_code(fido_error_e error_code) +char* +get_error_code(fido_error_e error_code) { - char *error_str = calloc(1,128); + char *error_str = calloc(1, 128); - if(error_code == FIDO_ERROR_NONE) + if (error_code == FIDO_ERROR_NONE) strcpy(error_str, "SUCCESS"); else if (error_code == FIDO_ERROR_OUT_OF_MEMORY) strcpy(error_str, "FIDO_ERROR_OUT_OF_MEMORY"); @@ -150,7 +151,7 @@ __print_authinfo(const fido_authenticator_h auth, appdata_s *ad) char *title = NULL; fido_authenticator_get_title(auth, &title); - if(title) { + if (title != NULL) { sprintf(tmp, " | Title = [%s]", title); strcat(str, tmp); } @@ -158,7 +159,7 @@ __print_authinfo(const fido_authenticator_h auth, appdata_s *ad) char *aaid = NULL; fido_authenticator_get_aaid(auth, &aaid); - if(aaid) { + if (aaid != NULL) { sprintf(tmp, " | AAID = [%s]", aaid); strcat(str, tmp); } @@ -166,7 +167,7 @@ __print_authinfo(const fido_authenticator_h auth, appdata_s *ad) char *description = NULL; fido_authenticator_get_description(auth, &description); - if(description) { + if (description != NULL) { sprintf(tmp, " | Description = [%s]", description); strcat(str, tmp); } @@ -174,7 +175,7 @@ __print_authinfo(const fido_authenticator_h auth, appdata_s *ad) char *scheme = NULL; fido_authenticator_get_assertion_scheme(auth, &scheme); - if(scheme) { + if (scheme != NULL) { sprintf(tmp, " | Scheme = [%s]", scheme); strcat(str, tmp); } @@ -184,7 +185,7 @@ __print_authinfo(const fido_authenticator_h auth, appdata_s *ad) fido_auth_algo_e get_algo = -1; fido_authenticator_get_algorithm(auth, &get_algo); - if(get_algo != -1) { + if (get_algo != -1) { sprintf(tmp, " | Algo = [%d]", get_algo); strcat(str, tmp); } @@ -198,35 +199,35 @@ __print_authinfo(const fido_authenticator_h auth, appdata_s *ad) fido_auth_key_protection_type_e key_protection = -1; fido_authenticator_get_key_protection_method(auth, &key_protection); - if(key_protection != -1) { + if (key_protection != -1) { sprintf(tmp, " | Key Protection = [%d]", key_protection); strcat(str, tmp); } fido_auth_matcher_protection_type_e matcher_protection = -1; fido_authenticator_get_matcher_protection_method(auth, &matcher_protection); - if(matcher_protection != -1) { + if (matcher_protection != -1) { sprintf(tmp, " | Matcher Protection = [%d]", matcher_protection); strcat(str, tmp); } fido_auth_attachment_hint_e attachment_hint = -1; fido_authenticator_get_attachment_hint(auth, &attachment_hint); - if(attachment_hint != -1) { + if (attachment_hint != -1) { sprintf(tmp, " | Attachment Hint = [%d]", attachment_hint); strcat(str, tmp); } fido_auth_tc_display_type_e tc_discplay = -1; fido_authenticator_get_tc_discplay(auth, &tc_discplay); - if(tc_discplay != -1) { + if (tc_discplay != -1) { sprintf(tmp, " | Tc Display = [%d]", tc_discplay); strcat(str, tmp); } char *tc_display_type = NULL; fido_authenticator_get_tc_display_type(auth, &tc_display_type); - if(tc_display_type) { + if (tc_display_type != NULL) { sprintf(tmp, " | Tc Display Type = [%s]", tc_display_type); strcat(str, tmp); } @@ -234,7 +235,7 @@ __print_authinfo(const fido_authenticator_h auth, appdata_s *ad) char *icon = NULL; fido_authenticator_get_icon(auth, &icon); - if(icon) { + if (icon != NULL) { sprintf(tmp, " | Icon = [%s]", icon); strcat(str, tmp); } @@ -281,8 +282,7 @@ start_check_policy(void *data, Evas_Object *obj, void *event_info) sprintf(str, "[%s]", error_string); create_popup(str, (appdata_s *) data); free(error_string); - } - else { + } else { if (is_supported == true) sprintf(str, "TRUE"); else @@ -295,7 +295,7 @@ start_check_policy(void *data, Evas_Object *obj, void *event_info) static void _process_cb(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) { - dlog_print(DLOG_INFO, "org.tizen.Fidosample", "process response = [%d]", tizen_error_code); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "process response = [%d]", tizen_error_code); if (tizen_error_code == 0 && uaf_response != NULL) { dlog_print(DLOG_INFO, "org.tizen.Fidosample", "uaf response = %s", uaf_response); @@ -307,8 +307,7 @@ _process_cb(fido_error_e tizen_error_code, const char *uaf_response, void *user_ create_popup(popup_str, (appdata_s *) user_data); free(popup_str); - } - else { + } else { __show_error(tizen_error_code, (appdata_s *)user_data); } } @@ -372,13 +371,12 @@ _process_cb_for_notify_pos(fido_error_e tizen_error_code, const char *uaf_respon dlog_print(DLOG_INFO, "org.tizen.Fidosample", "uaf response = %s", uaf_response); int ret = fido_uaf_set_server_result(FIDO_SERVER_STATUS_CODE_OK, uaf_response); - dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_uaf_set_server_result =[%d]", ret); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_uaf_set_server_result =[%d]", ret); char *error_string = get_error_code(tizen_error_code); create_popup(error_string, (appdata_s *) user_data); free(error_string); - } - else { + } else { __show_error(tizen_error_code, (appdata_s *)user_data); } } @@ -386,19 +384,18 @@ _process_cb_for_notify_pos(fido_error_e tizen_error_code, const char *uaf_respon static void _process_cb_for_notify_neg(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) { - dlog_print(DLOG_INFO, "org.tizen.Fidosample", "process response = [%d]", tizen_error_code); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "process response = [%d]", tizen_error_code); if (tizen_error_code == 0) { dlog_print(DLOG_INFO, "org.tizen.Fidosample", "uaf response = %s", uaf_response); int ret = fido_uaf_set_server_result(0, uaf_response); - dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_uaf_set_server_result =[%d]", ret); + dlog_print(DLOG_INFO, "org.tizen.Fidosample", "fido_uaf_set_server_result =[%d]", ret); char *error_string = get_error_code(tizen_error_code); create_popup(error_string, (appdata_s *) user_data); free(error_string); - } - else { + } else { __show_error(tizen_error_code, (appdata_s *)user_data); } } @@ -630,9 +627,8 @@ main(int argc, char *argv[]) ui_app_remove_event_handler(handlers[APP_EVENT_LOW_MEMORY]); ret = ui_app_main(argc, argv, &event_callback, &ad); - if (ret != APP_ERROR_NONE) { + if (ret != APP_ERROR_NONE) dlog_print(DLOG_ERROR, LOG_TAG, "app_main() is failed. err = %d", ret); - } return ret; } diff --git a/test/Dummy_ASM_DBUS/dummy_asm_server.c b/test/Dummy_ASM_DBUS/dummy_asm_server.c index 14be180..183c25f 100644 --- a/test/Dummy_ASM_DBUS/dummy_asm_server.c +++ b/test/Dummy_ASM_DBUS/dummy_asm_server.c @@ -191,21 +191,16 @@ _dbus_on_asm_request(Dummyasm *object, GDBusMethodInvocation *invocation, const _INFO("request type=[%s]", req_type); - if (strcmp(req_type, "GetInfo") == 0) { + if (strcmp(req_type, "GetInfo") == 0) dummyasm_complete_asm_request(object, invocation, 0, _GET_INFO_RESPONSE); - } - if (strcmp(req_type, "Register") == 0) { + if (strcmp(req_type, "Register") == 0) dummyasm_complete_asm_request(object, invocation, 0, _REG_RESPONSE); - } - if (strcmp(req_type, "Authenticate") == 0) { + if (strcmp(req_type, "Authenticate") == 0) dummyasm_complete_asm_request(object, invocation, 0, _AUTH_RESPONSE); - } - if (strcmp(req_type, "Deregister") == 0) { + if (strcmp(req_type, "Deregister") == 0) dummyasm_complete_asm_request(object, invocation, 0, _DEREG_RESPONSE); - } - if (strcmp(req_type, "GetRegistrations") == 0) { + if (strcmp(req_type, "GetRegistrations") == 0) dummyasm_complete_asm_request(object, invocation, 0, _GET_REGISTRATIONS_RESPONSE); - } return true; } @@ -217,14 +212,12 @@ on_bus_acquired(GDBusConnection *connection, const gchar *name, gpointer user_da GDBusInterfaceSkeleton* interface = NULL; __dbus_obj = dummyasm_skeleton_new(); - if (__dbus_obj == NULL) { + if (__dbus_obj == NULL) return; - } interface = G_DBUS_INTERFACE_SKELETON(__dbus_obj); - if (!g_dbus_interface_skeleton_export(interface, connection, _DUMMY_ASM_SERVICE_DBUS_PATH, NULL)) { + if (!g_dbus_interface_skeleton_export(interface, connection, _DUMMY_ASM_SERVICE_DBUS_PATH, NULL)) return; - } _INFO("before g_signal_connect"); g_signal_connect(__dbus_obj, "handle_asm_request", diff --git a/test/FIDOSample/src/main.c b/test/FIDOSample/src/main.c index 7691096..e7ffcf7 100755 --- a/test/FIDOSample/src/main.c +++ b/test/FIDOSample/src/main.c @@ -669,9 +669,8 @@ main(int argc, char *argv[]) ui_app_remove_event_handler(handlers[APP_EVENT_LOW_MEMORY]); ret = ui_app_main(argc, argv, &event_callback, &ad); - if (ret != APP_ERROR_NONE) { + if (ret != APP_ERROR_NONE) dlog_print(DLOG_ERROR, LOG_TAG, "app_main() is failed. err = %d", ret); - } return ret; } diff --git a/test/shell_tc/fido_shell_tc.c b/test/shell_tc/fido_shell_tc.c index 7546d6a..0dac8c1 100644 --- a/test/shell_tc/fido_shell_tc.c +++ b/test/shell_tc/fido_shell_tc.c @@ -205,9 +205,9 @@ find_auth(void) { int ret = fido_foreach_authenticator(auth_list_cb, NULL); - if (ret != FIDO_ERROR_NONE) { + if (ret != FIDO_ERROR_NONE) __show_error(ret); - } + get_user_choice(); } @@ -362,7 +362,7 @@ get_user_choice(void) { int sel_opt = 0; const int options[8] = { 1, 2, 3, 4, 5, 6, 7, 8 }; - const char *names[8] = { "Find Authenticator", + const char *names[8] = { "Find Authenticator", "Check UAF Message Supported", "Registration", "Authentication", diff --git a/test/shell_tc/fido_shell_tc_util.c b/test/shell_tc/fido_shell_tc_util.c index 060b5ae..0f092b1 100644 --- a/test/shell_tc/fido_shell_tc_util.c +++ b/test/shell_tc/fido_shell_tc_util.c @@ -33,7 +33,7 @@ print_fail_result( action_name); } -void +void print_done_result(const char *action_name) { printf(TEXT_YELLOW @@ -42,7 +42,7 @@ print_done_result(const char *action_name) action_name); } -void +void print_success_result(const char *action_name) { printf(TEXT_GREEN @@ -51,7 +51,7 @@ print_success_result(const char *action_name) "\n", action_name); } -void +void print_action_result( const char *action_name, int action_return_value, @@ -77,7 +77,7 @@ print_action_result( } } -int +int input_string(const char *prompt, size_t max_len, char **string) { printf("\n"); @@ -104,7 +104,7 @@ input_string(const char *prompt, size_t max_len, char **string) return strlen(*string); } -int +int input_size(const char *prompt, size_t max_size, size_t *size) { printf("\n"); @@ -142,7 +142,7 @@ input_int(const char *prompt, int min_value, int max_value, int *value) return (*value < min_value || *value > max_value ? -1 : 0); } -int +int input_double( const char *prompt, double min_value, @@ -165,7 +165,7 @@ input_double( return (*value < min_value || *value > max_value ? -1 : 0); } -bool +bool show_confirm_dialog(const char *title) { const int options[2] = {1, 2}; @@ -193,7 +193,7 @@ show_confirm_dialog(const char *title) return answer; } -int +int show_menu( const char *title, const int *options, -- 2.7.4 From 296c04997ea7e3ab2e44d76a54565f67dc326955 Mon Sep 17 00:00:00 2001 From: jkjo92 Date: Thu, 16 Jun 2016 10:35:11 +0900 Subject: [PATCH 07/16] Fix Coding Rule Change-Id: Ia277d135e7baceee3c05b4438dfb45a0c16464f4 Signed-off-by: jkjo92 --- test/3_0_Sample_App/FIDOSample/src/fidosample.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/3_0_Sample_App/FIDOSample/src/fidosample.c b/test/3_0_Sample_App/FIDOSample/src/fidosample.c index dfa4839..bff9d25 100644 --- a/test/3_0_Sample_App/FIDOSample/src/fidosample.c +++ b/test/3_0_Sample_App/FIDOSample/src/fidosample.c @@ -192,7 +192,7 @@ __print_authinfo(const fido_authenticator_h auth, appdata_s *ad) fido_auth_user_verify_type_e user_ver = -1; fido_authenticator_get_verification_method(auth, &user_ver); - if(user_ver != -1) { + if (user_ver != -1) { sprintf(tmp, " | Verification = [%d]", user_ver); strcat(str, tmp); } -- 2.7.4 From 329a4eee407abbe674fa4bf7ba28f9d66b6048ec Mon Sep 17 00:00:00 2001 From: "sajal.j" Date: Wed, 22 Jun 2016 11:38:32 +0530 Subject: [PATCH 08/16] Fix for svace Signed-off-by: sajal.j Change-Id: I846f0cf5cfb8755836521862187f83da8a907dee --- server/fido_asm_plugin_manager.c | 3 +++ server/fido_uaf_policy_checker.c | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/server/fido_asm_plugin_manager.c b/server/fido_asm_plugin_manager.c index d8e2e58..7b2255b 100644 --- a/server/fido_asm_plugin_manager.c +++ b/server/fido_asm_plugin_manager.c @@ -292,6 +292,9 @@ _asm_plugin_mgr_discover_all(_asm_plugin_discover_response_cb cb, void *user_dat cb_data->user_data = user_data; + if(cb_data->asm_proxy_list_iter == NULL) + return FIDO_ERROR_NOT_SUPPORTED; + _fido_asm_proxy_t *asm_proxy = (_fido_asm_proxy_t*)(cb_data->asm_proxy_list_iter->data); return _asm_ipc_send(asm_proxy->asm_id, _GET_INFO_ASM_REQUEST_JSON, __discover_cb_internal, cb_data); diff --git a/server/fido_uaf_policy_checker.c b/server/fido_uaf_policy_checker.c index 7d1c3f6..efd57e5 100644 --- a/server/fido_uaf_policy_checker.c +++ b/server/fido_uaf_policy_checker.c @@ -50,7 +50,7 @@ _int_cmp(gconstpointer a, gconstpointer b) bool _policy_checker_is_matched(_match_criteria_t *match_criteria, fido_authenticator_s *auth_info) { - _INFO("_policy_checker_is_matched"); + _INFO("_policy_checker_is_matched::start"); /* -1 means the int value is not present, so we should ignore that. */ @@ -91,7 +91,7 @@ _policy_checker_is_matched(_match_criteria_t *match_criteria, fido_authenticator SAFE_DELETE(auth_aaid); } - _INFO("keyid matching"); + _INFO("keyid matching start"); /* 3. If any Key ID is mentioned in match_criteria, then atleast one Key ID should match */ GList *key_id_list = match_criteria->key_id_list; -- 2.7.4 From bbea825a399d372b5a4d2fff9d13027145b6eef6 Mon Sep 17 00:00:00 2001 From: "sajal.j" Date: Tue, 28 Jun 2016 17:14:58 +0530 Subject: [PATCH 09/16] Deleted shell_tc Signed-off-by: sajal.j Change-Id: Ife6e4f7a0df45efea0da3e51900ef5e860e01f54 --- test/shell_tc/CMakeLists.txt | 33 --- test/shell_tc/fido_shell_tc.c | 421 ------------------------------------- test/shell_tc/fido_shell_tc_util.c | 256 ---------------------- test/shell_tc/fido_shell_tc_util.h | 175 --------------- 4 files changed, 885 deletions(-) delete mode 100644 test/shell_tc/CMakeLists.txt delete mode 100644 test/shell_tc/fido_shell_tc.c delete mode 100644 test/shell_tc/fido_shell_tc_util.c delete mode 100644 test/shell_tc/fido_shell_tc_util.h diff --git a/test/shell_tc/CMakeLists.txt b/test/shell_tc/CMakeLists.txt deleted file mode 100644 index 0609e1b..0000000 --- a/test/shell_tc/CMakeLists.txt +++ /dev/null @@ -1,33 +0,0 @@ -SET(FIDO_SHELL_TC fido-shell-tc) - -INCLUDE(FindPkgConfig) -pkg_check_modules(FIDO_SHELL_TC_PKGS REQUIRED - dlog - glib-2.0 - gio-unix-2.0 - capi-base-common -) - -FOREACH(flag ${FIDO_SHELL_TC_PKGS_CFLAGS}) - SET(EXTRA_CFLAGS "${EXTRA_CFLAGS} ${flag}") -ENDFOREACH(flag) - -INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/test/shell_tc) -INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/include) -INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/common) - - -SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -Wall -Werror -Wno-unused-result") -SET(CMAKE_LDFLAGS "-Wl,-zdefs") - -SET(FIDO_SHELL_TC_SRCS - fido_shell_tc_util.c - fido_shell_tc.c -) - -ADD_EXECUTABLE(${FIDO_SHELL_TC} ${FIDO_SHELL_TC_SRCS}) - -TARGET_LINK_LIBRARIES(${FIDO_SHELL_TC} ${FIDO_SHELL_TC_LDFLAGS}) -TARGET_LINK_LIBRARIES(${FIDO_SHELL_TC} fido-client) - -INSTALL(TARGETS ${FIDO_SHELL_TC} DESTINATION /opt/usr/devel/fido/tc) diff --git a/test/shell_tc/fido_shell_tc.c b/test/shell_tc/fido_shell_tc.c deleted file mode 100644 index 0dac8c1..0000000 --- a/test/shell_tc/fido_shell_tc.c +++ /dev/null @@ -1,421 +0,0 @@ - -#include "fido_shell_tc_util.h" -#include "fido.h" - -#include -#include -#include - -static char *json_reg = "[ { \"header\": { \"upv\": { \"major\": 1, \"minor\": 0 },\"op\":\"Reg\", \"serverData\": \"nwV8EPqS5raZdAgH3GD9Z-ytCA9MkiiWaCsr1GHHNJ2yUh3HaV1HHxd4Z67FefJOD5sQYZvipfg5BavhdWPMecD2SH39aJixoXN9ZaNwRlcftJe9WbtPNDC9q5V9WX7Z5jCwkAwehcI\" }, \"challenge\": \"9pIcUwwrY5eD9o3OwfhkeHLnoIl0vaeJUbxSHMe_XgE\", \"username\":\"ryan\", \"policy\": { \"accepted\": [ [ { \"aaid\": [ \"0001#8001\" ] } ], [ { \"aaid\": [ \"DDDD#F001\" ] } ] ] } } ]"; -static char *json_auth = "[ { \"header\": { \"upv\": { \"major\": 1, \"minor\": 0 }, \"op\": \"Auth\", \"serverData\": \"emKubKMS8RxYOth7J8enT_x7dQWBaO1CiC0fGmSEhX56kq2RYo1LRpwvfHlzYRI3p9Ay-l4zJcV3lX6rQ0CYNWi5nNDabClFm3k0pPj0kX5V-db9ejN_05y2J6wqztSD\" }, \"challenge\": \"1AM2yZY4-9SG4Ns7-hMdB8IV_FTDKFFiUqNJNVbsVoo\", \"transaction\": [ { \"contentType\": \"text/plain\", \"content\": \"VHJhbnNhY3Rpb24gQ29udGVudCBmb3IgVGVzdC4\", \"tcDisplayPNGCharacteristics\": [ { \"width\": 320, \"height\": 240, \"bitDepth\": 16, \"colorType\": 2, \"compression\": 0, \"filter\": 0, \"interlace\": 0 } ] } ], \"policy\": { \"accepted\": [ [ { \"aaid\": [ \"0001#8001\" ] } ], [ { \"aaid\": [ \"DDDD#F001\" ] } ] ] } } ]"; -static char *json_dereg = "[ { \"header\": { \"upv\": { \"major\": \"1\", \"minor\": \"0\" }, \"op\": \"Dereg\" }, \"authenticators\": [ { \"aaid\": \"0001#8001\", \"keyID\": \"uWrbo_8JI1HmPESrNAStTVV8ZbBrzLsf_kZu1QKX2YY\" } ] } ]"; - -void get_user_choice(void); - -static char * -__get_error_code(fido_error_e error_code) -{ - - char *error_str = calloc(1, 128); - - if (error_code == FIDO_ERROR_NONE) - strcpy(error_str, "SUCCESS"); - else if (error_code == FIDO_ERROR_OUT_OF_MEMORY) - strcpy(error_str, "FIDO_ERROR_OUT_OF_MEMORY"); - else if (error_code == FIDO_ERROR_INVALID_PARAMETER) - strcpy(error_str, "FIDO_ERROR_INVALID_PARAMETER"); - else if (error_code == FIDO_ERROR_NO_DATA) - strcpy(error_str, "FIDO_ERROR_NO_DATA"); - else if (error_code == FIDO_ERROR_PERMISSION_DENIED) - strcpy(error_str, "FIDO_ERROR_PERMISSION_DENIED"); - else if (error_code == FIDO_ERROR_NOT_SUPPORTED) - strcpy(error_str, "FIDO_ERROR_NOT_SUPPORTED"); - else if (error_code == FIDO_ERROR_USER_ACTION_IN_PROGRESS) - strcpy(error_str, "FIDO_ERROR_USER_ACTION_IN_PROGRESS"); - else if (error_code == FIDO_ERROR_USER_CANCELLED) - strcpy(error_str, "FIDO_ERROR_USER_CANCELLED"); - else if (error_code == FIDO_ERROR_UNSUPPORTED_VERSION) - strcpy(error_str, "FIDO_ERROR_UNSUPPORTED_VERSION"); - else if (error_code == FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR) - strcpy(error_str, "FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR"); - else if (error_code == FIDO_ERROR_PROTOCOL_ERROR) - strcpy(error_str, "FIDO_ERROR_PROTOCOL_ERROR"); - else if (error_code == FIDO_ERROR_UNTRUSTED_FACET_ID) - strcpy(error_str, "FIDO_ERROR_UNTRUSTED_FACET_ID"); - else - strcpy(error_str, "FIDO_ERROR_UNKNOWN"); - return error_str; -} - -static void -__show_error(int tizen_error_code) -{ - char *error_string = __get_error_code(tizen_error_code); - printf("%s\n", error_string); - fflush(stdout); - free(error_string); -} - -static void -__process_cb(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) -{ - if (tizen_error_code == 0 && uaf_response != NULL) { - - const int max_str_len = strlen(uaf_response) + 500; - char *display_str = calloc(1, max_str_len); - - snprintf(display_str, max_str_len - 1, "UAF Response =%s", uaf_response); - - printf("%s\n", uaf_response); - free(display_str); - } else { - __show_error(tizen_error_code); - } - get_user_choice(); -} - -#define STRING_SIZE_1024 1024 -#define STRING_SIZE_5000 5000 - -void fido_attestation_type_cb_list(fido_auth_attestation_type_e att_type, void *user_data) -{ - char *str = (char *) user_data; - - char tmp[STRING_SIZE_1024] = {0,}; - if (att_type != -1) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Attestation Type = [%d]", att_type); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } -} - -static char * -__get_authinfo_string(const fido_authenticator_h auth) -{ - char str[STRING_SIZE_5000] = {0,}; - str[0] = '\0'; - strcpy(str, "DISCOVER RESPONSE"); - char tmp[STRING_SIZE_1024] = {0,}; - - char *title = NULL; - fido_authenticator_get_title(auth, &title); - if (title) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Title = [%s]", title); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - free(title); - - char *aaid = NULL; - fido_authenticator_get_aaid(auth, &aaid); - if (aaid) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | AAID = [%s]", aaid); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - free(aaid); - - char *description = NULL; - fido_authenticator_get_description(auth, &description); - if (description) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Description = [%s]", description); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - free(description); - - char *scheme = NULL; - fido_authenticator_get_assertion_scheme(auth, &scheme); - if (scheme) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Scheme = [%s]", scheme); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - free(scheme); - - fido_authenticator_foreach_attestation_type(auth, fido_attestation_type_cb_list, str); - - fido_auth_algo_e get_algo = -1; - fido_authenticator_get_algorithm(auth, &get_algo); - if (get_algo != -1) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Algo = [%d]", get_algo); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - - fido_auth_user_verify_type_e user_ver = -1; - fido_authenticator_get_verification_method(auth, &user_ver); - if (user_ver != -1) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Verification = [%d]", user_ver); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - - fido_auth_key_protection_type_e key_protection = -1; - fido_authenticator_get_key_protection_method(auth, &key_protection); - if (key_protection != -1) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Key Protection = [%d]", key_protection); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - - fido_auth_matcher_protection_type_e matcher_protection = -1; - fido_authenticator_get_matcher_protection_method(auth, &matcher_protection); - if (matcher_protection != -1) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Matcher Protection = [%d]", matcher_protection); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - - fido_auth_attachment_hint_e attachment_hint = -1; - fido_authenticator_get_attachment_hint(auth, &attachment_hint); - if (attachment_hint != -1) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Attachment Hint = [%d]", attachment_hint); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - - fido_auth_tc_display_type_e tc_discplay = -1; - fido_authenticator_get_tc_discplay(auth, &tc_discplay); - if (tc_discplay != -1) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Tc Display = [%d]", tc_discplay); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - - char *tc_display_type = NULL; - fido_authenticator_get_tc_display_type(auth, &tc_display_type); - if (tc_display_type) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Tc Display Type = [%s]", tc_display_type); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - free(tc_display_type); - - char *icon = NULL; - fido_authenticator_get_icon(auth, &icon); - if (icon) { - snprintf(tmp, STRING_SIZE_1024 - 1, " | Icon = [%s]", icon); - strncat(str, tmp, STRING_SIZE_1024 - 1); - } - free(icon); - - return strdup(str); -} - -static void -auth_list_cb(const fido_authenticator_h auth, void *user_data) -{ - char *auth_info_str = __get_authinfo_string(auth); - if (auth_info_str != NULL) - printf("%s", auth_info_str); - -} - -void -find_auth(void) -{ - int ret = fido_foreach_authenticator(auth_list_cb, NULL); - - if (ret != FIDO_ERROR_NONE) - __show_error(ret); - - get_user_choice(); -} - -void -check_supported(void) -{ - bool is_supported = false; - int ret = fido_uaf_is_supported(json_reg, &is_supported); - - if (ret != FIDO_ERROR_NONE) { - char *error_string = __get_error_code(ret); - - printf("Check policy resonse: %s\n", error_string); - fflush(stdout); - free(error_string); - } else { - if (is_supported == true) { - printf("Check policy resonse: TRUE\n"); - fflush(stdout); - } else { - printf("Check policy resonse: FALSE\n"); - fflush(stdout); - } - } - get_user_choice(); -} - -void -registration(void) -{ - int ret = fido_uaf_get_response_message(json_reg, NULL, __process_cb, NULL); - if (ret != FIDO_ERROR_NONE) { - __show_error(ret); - get_user_choice(); - } -} - -static void -_process_cb(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) -{ - if (tizen_error_code == 0 && uaf_response != NULL) { - fflush(stdout); - printf("UAF Response =%s\n", uaf_response); - fflush(stdout); - } else { - __show_error(tizen_error_code); - } - get_user_choice(); -} - -void -authentication(void) -{ - if (json_auth != NULL) { - int ret = fido_uaf_get_response_message(json_auth, NULL, _process_cb, NULL); - - if (ret != FIDO_ERROR_NONE) { - __show_error(ret); - get_user_choice(); - } - } -} - -static void -_process_dereg_cb(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) -{ - char *str = __get_error_code(tizen_error_code); - printf("%s\n", str); - fflush(stdout); - free(str); - get_user_choice(); -} - -void -dereg(void) -{ - if (json_reg != NULL) { - int ret = fido_uaf_get_response_message(json_dereg, NULL, _process_dereg_cb, NULL); - - if (ret != FIDO_ERROR_NONE) { - __show_error(ret); - get_user_choice(); - } - } -} - -static void -_process_cb_for_notify_pos(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) -{ - if (tizen_error_code == 0) { - - int ret = fido_uaf_set_server_result(FIDO_SERVER_STATUS_CODE_OK, uaf_response); - - char *str = __get_error_code(ret); - printf("%s\n", str); - fflush(stdout); - free(str); - } else { - __show_error(tizen_error_code); - } - get_user_choice(); -} - -void -set_result_success(void) -{ - if (json_reg != NULL) { - int ret = fido_uaf_get_response_message(json_reg, NULL, _process_cb_for_notify_pos, NULL); - - if (ret != FIDO_ERROR_NONE) { - __show_error(ret); - get_user_choice(); - } - } -} - -static void -_process_cb_for_notify_neg(fido_error_e tizen_error_code, const char *uaf_response, void *user_data) -{ - if (tizen_error_code == 0) { - - int ret = fido_uaf_set_server_result(0, uaf_response); - if (ret == FIDO_ERROR_NONE) { - printf("SUCCESS\n"); - } else { - char *str = __get_error_code(ret); - printf("Error Code = %s\n", str); - free(str); - } - fflush(stdout); - } else { - __show_error(tizen_error_code); - } - get_user_choice(); -} - -void -set_result_failure(void) -{ - if (json_reg != NULL) { - int ret = fido_uaf_get_response_message(json_reg, NULL, _process_cb_for_notify_neg, NULL); - - if (ret != FIDO_ERROR_NONE) { - __show_error(ret); - get_user_choice(); - } - } -} - -void -get_user_choice(void) -{ - int sel_opt = 0; - const int options[8] = { 1, 2, 3, 4, 5, 6, 7, 8 }; - const char *names[8] = { "Find Authenticator", - "Check UAF Message Supported", - "Registration", - "Authentication", - "De-Registration", - "Set Server Result with Success", - "Set Server Result with Failure", - "Exit"}; - - sel_opt = show_menu("Select action:", options, names, 8); - switch (sel_opt) { - case 1: - find_auth(); - break; - - case 2: - check_supported(); - break; - - case 3: - registration(); - break; - - case 4: - authentication(); - break; - - case 5: - dereg(); - break; - - case 6: - set_result_success(); - break; - - case 7: - set_result_failure(); - break; - - default: - exit(1); - } -} - -int -main(void) -{ - GMainLoop *mainloop = NULL; - - mainloop = g_main_loop_new(NULL, FALSE); - - get_user_choice(); - - g_main_loop_run(mainloop); - - return 0; -} diff --git a/test/shell_tc/fido_shell_tc_util.c b/test/shell_tc/fido_shell_tc_util.c deleted file mode 100644 index 0f092b1..0000000 --- a/test/shell_tc/fido_shell_tc_util.c +++ /dev/null @@ -1,256 +0,0 @@ -/** - * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "fido_shell_tc_util.h" -#include "fido.h" - -#include -#include -#include - -void -print_fail_result( - const char *action_name, - int action_return_value) -{ - printf(TEXT_RED - "Error with code %i was occurred during action '%s'" - TEXT_RESET "\n", - action_return_value, - action_name); -} - -void -print_done_result(const char *action_name) -{ - printf(TEXT_YELLOW - "Action '%s' was finished" - TEXT_RESET "\n", - action_name); -} - -void -print_success_result(const char *action_name) -{ - printf(TEXT_GREEN - "Action '%s' was finished successfully" - TEXT_RESET - "\n", action_name); -} - -void -print_action_result( - const char *action_name, - int action_return_value, - notification_type_e notification_type_e) -{ - switch (notification_type_e) { - case FAIL_OR_SUCCESSS: - if (FIDO_ERROR_NONE != action_return_value) - print_fail_result(action_name, action_return_value); - else - print_success_result(action_name); - - break; - case FAIL_OR_DONE: - if (FIDO_ERROR_NONE != action_return_value) - print_fail_result(action_name, action_return_value); - else - print_done_result(action_name); - - break; - default: - print_done_result(action_name); - } -} - -int -input_string(const char *prompt, size_t max_len, char **string) -{ - printf("\n"); - printf("%s ", prompt); - - if (scanf("\n") != 0) - return -1; - - char buffer[max_len]; - int last_char = 0; - buffer[last_char] = '\0'; - buffer[sizeof(buffer) - 1] = ~'\0'; - if (NULL == fgets(buffer, sizeof(buffer), stdin)) - return -1; - - size_t real_string_len = strlen(buffer); - buffer[real_string_len - 1] = '\0'; - *string = (char*)malloc(real_string_len * sizeof(char)); - if (*string == NULL) - return -1; - - strncpy(*string, buffer, real_string_len); - - return strlen(*string); -} - -int -input_size(const char *prompt, size_t max_size, size_t *size) -{ - printf("\n"); - printf("%s ", prompt); - - if (scanf("%20zu", size) == 0) { - if (scanf("%*[^\n]%*c") != 0) { - printf("ERROR: Reading the input line error.\n"); - return -1; - } - printf("ERROR: Incorrect input.\n"); - return -1; - } - scanf("%*[^\n]%*c"); - - return (*size > max_size ? -1 : 0); -} - -int -input_int(const char *prompt, int min_value, int max_value, int *value) -{ - printf("\n"); - printf("%s ", prompt); - - if (scanf("%20i", value) == 0) { - if (scanf("%*[^\n]%*c") != 0) { - printf("ERROR: Reading the input line error.\n"); - return -1; - } - printf("ERROR: Incorrect input.\n"); - return -1; - } - scanf("%*[^\n]%*c"); - - return (*value < min_value || *value > max_value ? -1 : 0); -} - -int -input_double( - const char *prompt, - double min_value, - double max_value, - double *value) -{ - printf("\n"); - printf("%s ", prompt); - - if (scanf("%20lf", value) == 0) { - if (scanf("%*[^\n]%*c") != 0) { - printf("ERROR: Reading the input line error.\n"); - return -1; - } - printf("ERROR: Incorrect input.\n"); - return -1; - } - scanf("%*[^\n]%*c"); - - return (*value < min_value || *value > max_value ? -1 : 0); -} - -bool -show_confirm_dialog(const char *title) -{ - const int options[2] = {1, 2}; - const char *names[2] = { "No", "Yes" }; - - bool answer = false; - - int sel = -1; - while (sel == -1) { - sel = show_menu(title, options, names, 2); - switch (sel) { - case 1: - answer = false; - break; - case 2: - answer = true; - break; - default: - sel = -1; - printf("ERROR: Incorrect input.\n"); - continue; - } - } - - return answer; -} - -int -show_menu( - const char *title, - const int *options, - const char **names, - int number_of_option) -{ - if (NULL == title || NULL == options || NULL == names || 0 >= number_of_option) - return -1; - - int number_size = 1; - - int tn_counter = number_of_option; - while (tn_counter /= 10) - ++number_size; - - int max_len = strlen(title) - number_size - 2; - - int i = 0; - for (i = 0; i < number_of_option; ++i) { - const int temp_len = strlen(names[i]); - if (max_len < temp_len) - max_len = temp_len; - } - - const int full_size = number_size + 2 + max_len; - - printf("\n**"); - for (i = 0; i < full_size; ++i) - printf("*"); - printf("**\n"); - - printf("* %-*s *\n", full_size, title); - - printf("*-"); - for (i = 0; i < full_size; ++i) - printf("-"); - printf("-*\n"); - - for (i = 0; i < number_of_option; ++i) - printf("* %0*i. %-*s *\n", number_size, options[i], max_len, names[i]); - - printf("**"); - for (i = 0; i < full_size; ++i) - printf("*"); - printf("**\n\n"); - - int selection = 0; - printf("Your choice: "); - if (scanf("%25i", &selection) == 0) { - if (scanf("%*[^\n]%*c") != 0) - printf("ERROR: Reading the input line error.\n"); - - printf("ERROR: Incorrect input.\n"); - return -1; - } - scanf("%*[^\n]%*c"); - - return selection; -} - diff --git a/test/shell_tc/fido_shell_tc_util.h b/test/shell_tc/fido_shell_tc_util.h deleted file mode 100644 index e306b6f..0000000 --- a/test/shell_tc/fido_shell_tc_util.h +++ /dev/null @@ -1,175 +0,0 @@ - -#ifndef __FIDO_SHELL_TC_UTIL_H_ -#define __FIDO_SHELL_TC_UTIL_H_ - -#include -#include -#include - -#define TEXT_RED "\x1b[31m" -#define TEXT_GREEN "\x1b[32m" -#define TEXT_YELLOW "\x1b[33m" -#define TEXT_BLUE "\x1b[34m" -#define TEXT_MAGENTA "\x1b[35m" -#define TEXT_CYAN "\x1b[36m" -#define TEXT_RESET "\x1b[0m" - -#ifdef ROOTSTRAP_OUT - -#define LOGD(...) \ -do { \ - printf("<%s:%d>", __FUNCTION__, __LINE__); \ - printf(TEXT_CYAN); \ - printf(__VA_ARGS__); \ - printf(TEXT_RESET "\n"); \ -} while (0) - -#define LOGI(...) \ -do { \ - printf("<%s:%d>", __FUNCTION__, __LINE__); \ - printf(TEXT_GREEN); \ - printf(__VA_ARGS__); \ - printf(TEXT_RESET "\n"); \ -} while (0) - -#define LOGW(...) \ -do { \ - printf("<%s:%d>", __FUNCTION__, __LINE__); \ - printf(TEXT_YELLOW); \ - printf(__VA_ARGS__); \ - printf(TEXT_RESET "\n"); \ -} while (0) - -#define LOGE(...) \ -do { \ - printf("<%s:%d>", __FUNCTION__, __LINE__); \ - printf(TEXT_RED); \ - printf(__VA_ARGS__); \ - printf(TEXT_RESET "\n"); \ -} while (0) - -#endif - - -typedef enum { - FAIL_OR_SUCCESSS, - FAIL_OR_DONE -} notification_type_e; - -/** - * @brief Prints success result of action. - * - * @since_tizen 3.0 - * @param [in] action_name Name of action which result will be printed - * @param [in] action_return_value Return value of action - */ -void print_fail_result( - const char *action_name, - int action_return_value); - -/** - * @brief Prints success result of action. - * - * @since_tizen 3.0 - * @param [in] action_name Name of action which result will be printed - */ -void print_done_result(const char *action_name); - -/** - * @brief Prints success result of action. - * - * @since_tizen 3.0 - * @param [in] action_name Name of action which result will be printed - */ -void print_success_result(const char *action_name); - -/** - * @brief Prints action result. - * - * @since_tizen 3.0 - * @param [in] action_name Name of action which result will be printed - * @param [in] action_return_value Return value of action - * @param [in] notification_type_e Type of notification - */ -void print_action_result( - const char *action_name, - int action_return_value, - notification_type_e notification_type_e); - -/** - * @brief Gets srting from console. - * - * @since_tizen 3.0 - * @param [in] prompt The prompt before getting string value - * @param [in] max_len Maximum length of the string which will be got - * @param [out] string Output string which was got from console - * @return Length of the output string on success, otherwise a negative error value - */ -int input_string(const char *prompt, size_t max_len, char **string); - -/** - * @brief Gets unsigned integer from console. - * - * @since_tizen 3.0 - * @param [in] prompt The prompt before getting unsigned integer value - * @param [in] max_size The thresold for maximum possible value - * @param [out] size The output unsigned integer which was got from console - * @return @c 0 on success, otherwise a negative error value - */ -int input_size(const char *prompt, size_t max_size, size_t *size); - -/** - * @brief Gets integer from console. - * - * @since_tizen 3.0 - * @param [in] prompt The prompt before getting integer value - * @param [in] min_value The thresold for minimum possible value - * @param [in] max_value The thresold for maximum possible value - * @param [out] value The output integer which was got from console - * @return @c 0 on success, otherwise a negative error value - */ -int input_int(const char *prompt, int min_value, int max_value, int *value); - -/** - * @brief Gets double from console. - * - * @since_tizen 3.0 - * @param [in] prompt The prompt before getting double value - * @param [in] min_value The thresold for minimum possible value - * @param [in] max_value The thresold for maximum possible value - * @param [out] value The output double which was got from console - * @return @c 0 on success, otherwise a negative error value - */ -int input_double(const char *prompt, double min_value, double max_value, double *value); - -/** - * @brief Shows confirm dialog in console and gets answer (Yes/No). - * - * @since_tizen 3.0 - * @param [in] title The title for confirm dialog which will be printed - * before input of the answer - * @return false if answer is "No" and true if answer is "Yes" - */ -bool show_confirm_dialog(const char *title); - -/** - * @brief Shows menu in console and allows to get item from the array of options. - * - * @since_tizen 3.0 - * @param [in] title The title for show menu which will be printed - * before options - * @param [in] options The array with integer numbers of options - * which will be shown - * @param [in] names The array with names of options which will - * be shown - * @param [in] number_of_option The number of options which will be shown - * @return The selected item positive number from options array on success, - * otherwise a negative error value - */ -int show_menu( - const char *title, - const int *options, - const char **names, - int number_of_option); - -#endif /* __FIDO_SHELL_TC_UTIL_H_ */ -- 2.7.4 From de43ede1fd99bcfca46945994bcedadcc015a4ff Mon Sep 17 00:00:00 2001 From: "sajal.j" Date: Fri, 8 Jul 2016 12:26:44 +0530 Subject: [PATCH 10/16] Added ASLR for fido-service and DummyAsm Signed-off-by: sajal.j Change-Id: I4190e825c84f13142685215475ad56bbdaa0e1fd --- server/CMakeLists.txt | 4 ++-- test/Dummy_ASM_DBUS/CMakeLists.txt | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/server/CMakeLists.txt b/server/CMakeLists.txt index 2a18b24..69ad801 100755 --- a/server/CMakeLists.txt +++ b/server/CMakeLists.txt @@ -53,12 +53,12 @@ SET(SERVER_SRCS INCLUDE_DIRECTORIES(${CMAKE_SOURCE_DIR}/common) -SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -Wall -Werror") +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -Wall -Werror -fPIE") SET(CMAKE_LDFLAGS "-Wl,-zdefs") ADD_EXECUTABLE(${SVC_DAEMON} ${SERVER_SRCS}) -TARGET_LINK_LIBRARIES(${SVC_DAEMON} ${SERVER_pkgs_LDFLAGS} fido-client-common) +TARGET_LINK_LIBRARIES(${SVC_DAEMON} ${SERVER_pkgs_LDFLAGS} fido-client-common "-pie") INSTALL(TARGETS ${SVC_DAEMON} DESTINATION bin) diff --git a/test/Dummy_ASM_DBUS/CMakeLists.txt b/test/Dummy_ASM_DBUS/CMakeLists.txt index efc044e..2c389db 100755 --- a/test/Dummy_ASM_DBUS/CMakeLists.txt +++ b/test/Dummy_ASM_DBUS/CMakeLists.txt @@ -23,7 +23,7 @@ WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}/common/ COMMAND gdbus-codegen --interface-prefix org.tizen. --generate-c-code dummy-asm-stub ${CMAKE_SOURCE_DIR}/common/dbus_interfaces/dummyasm.xml COMMENT "Generating Dummy ASM GDBus stubs........................") -SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -Wall -Werror") +SET(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} ${EXTRA_CFLAGS} -Wall -Werror -fPIE") SET(CMAKE_LDFLAGS "-Wl,-zdefs") SET(DUMMY_ASM_SRCS @@ -34,7 +34,7 @@ ADD_EXECUTABLE(${ASM_DAEMON} ${DUMMY_ASM_SRCS} ${CMAKE_SOURCE_DIR}/common/dummy- ADD_DEPENDENCIES(${PROJECT_NAME} ${CMAKE_SOURCE_DIR}/common/dummy-asm-stub.h) ADD_DEPENDENCIES(${PROJECT_NAME} ${CMAKE_SOURCE_DIR}/common/dummy-asm-stub.c) -TARGET_LINK_LIBRARIES(${ASM_DAEMON} ${ASM_PKGS_LDFLAGS}) +TARGET_LINK_LIBRARIES(${ASM_DAEMON} ${ASM_PKGS_LDFLAGS} "-pie") INSTALL(TARGETS ${ASM_DAEMON} DESTINATION bin) -- 2.7.4 From 4e47ab2e0ab19ada33c536c1f7b35559f1895c40 Mon Sep 17 00:00:00 2001 From: Manasij Sur Roy Date: Tue, 12 Jul 2016 19:50:01 +0530 Subject: [PATCH 11/16] Changed FacetId rule to Signer certificate Change-Id: Ib638731120c018b91a264d15b53901c60511da0d Signed-off-by: Manasij Sur Roy --- common/fido_json_handler.c | 26 ++++++++++++++------------ server/fido_app_id_handler.c | 2 +- 2 files changed, 15 insertions(+), 13 deletions(-) diff --git a/common/fido_json_handler.c b/common/fido_json_handler.c index 130c36b..fc75258 100644 --- a/common/fido_json_handler.c +++ b/common/fido_json_handler.c @@ -2016,20 +2016,22 @@ _uaf_composer_compose_final_challenge(const char *app_id, const char *challenge, if (chb_root_obj == NULL) return NULL; - char *end_pt = (char*)json_object_get_string_member(chb_root_obj, _JSON_KEY_SERVER_END_POINT); - char *cert = (char*)json_object_get_string_member(chb_root_obj, _JSON_KEY_TLS_SERVER_CERT); - char *uni = (char*)json_object_get_string_member(chb_root_obj, _JSON_KEY_TLS_UNIQUE); - char *cid = (char*)json_object_get_string_member(chb_root_obj, _JSON_KEY_CID_PUB_KEY); + const gchar *end_pt = json_object_get_string_member(chb_root_obj, _JSON_KEY_SERVER_END_POINT); + const gchar *cert = json_object_get_string_member(chb_root_obj, _JSON_KEY_TLS_SERVER_CERT); + const gchar *uni = json_object_get_string_member(chb_root_obj, _JSON_KEY_TLS_UNIQUE); + const gchar *cid = json_object_get_string_member(chb_root_obj, _JSON_KEY_CID_PUB_KEY); - json_object_set_string_member(jsonObject, _JSON_KEY_SERVER_END_POINT, end_pt); - json_object_set_string_member(jsonObject, _JSON_KEY_TLS_SERVER_CERT, cert); - json_object_set_string_member(jsonObject, _JSON_KEY_TLS_UNIQUE, uni); - json_object_set_string_member(jsonObject, _JSON_KEY_CID_PUB_KEY, cid); + if (end_pt != NULL) + json_object_set_string_member(jsonObject, _JSON_KEY_SERVER_END_POINT, end_pt); - SAFE_DELETE(end_pt); - SAFE_DELETE(cert); - SAFE_DELETE(uni); - SAFE_DELETE(cid); + if (cert != NULL) + json_object_set_string_member(jsonObject, _JSON_KEY_TLS_SERVER_CERT, cert); + + if (uni != NULL) + json_object_set_string_member(jsonObject, _JSON_KEY_TLS_UNIQUE, uni); + + if (cid != NULL) + json_object_set_string_member(jsonObject, _JSON_KEY_CID_PUB_KEY, cid); g_object_unref(chb_parser); } diff --git a/server/fido_app_id_handler.c b/server/fido_app_id_handler.c index 290a034..ffd3bc0 100644 --- a/server/fido_app_id_handler.c +++ b/server/fido_app_id_handler.c @@ -510,7 +510,7 @@ __get_tz_facet_id_of_caller(const char *caller_app_id, GDBusMethodInvocation *in _INFO(""); - ret = pkgmgrinfo_pkginfo_get_cert_value(cert_handle, PMINFO_AUTHOR_ROOT_CERT, &author_cert); + ret = pkgmgrinfo_pkginfo_get_cert_value(cert_handle, PMINFO_AUTHOR_SIGNER_CERT, &author_cert); if (ret != PMINFO_R_OK) { pkgmgrinfo_pkginfo_destroy_certinfo(cert_handle); _ERR(""); -- 2.7.4 From bc0603b2f4c1b746663de835c0edf3c73e1aeb3d Mon Sep 17 00:00:00 2001 From: jkjo92 Date: Thu, 14 Jul 2016 15:35:25 +0900 Subject: [PATCH 12/16] fix for coding rule Change-Id: Icdf1da3467515ed832c7086982ffe29b6b08a607 Signed-off-by: jkjo92 --- server/fido_asm_plugin_manager.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/fido_asm_plugin_manager.c b/server/fido_asm_plugin_manager.c index 7b2255b..3f5e7f0 100644 --- a/server/fido_asm_plugin_manager.c +++ b/server/fido_asm_plugin_manager.c @@ -292,7 +292,7 @@ _asm_plugin_mgr_discover_all(_asm_plugin_discover_response_cb cb, void *user_dat cb_data->user_data = user_data; - if(cb_data->asm_proxy_list_iter == NULL) + if (cb_data->asm_proxy_list_iter == NULL) return FIDO_ERROR_NOT_SUPPORTED; _fido_asm_proxy_t *asm_proxy = (_fido_asm_proxy_t*)(cb_data->asm_proxy_list_iter->data); -- 2.7.4 From 5242b0263e040e09bb6de622ae0cedc3346009dc Mon Sep 17 00:00:00 2001 From: root Date: Fri, 15 Jul 2016 20:28:09 +0530 Subject: [PATCH 13/16] Selection UI adapter fix for 3.0 Signed-off-by: root Change-Id: Ib0bd8f8aa0d6c59fccff69804889cf9684c32b48 --- server/fido_selection_ui_adaptor.c | 41 ++++++++++++++++++++++++-------------- 1 file changed, 26 insertions(+), 15 deletions(-) diff --git a/server/fido_selection_ui_adaptor.c b/server/fido_selection_ui_adaptor.c index 01f3200..03f31af 100644 --- a/server/fido_selection_ui_adaptor.c +++ b/server/fido_selection_ui_adaptor.c @@ -33,13 +33,16 @@ #include "fido-stub.h" #include "fido_internal_types.h" -#define _UI_LAUNCH_RETRY_COUNT 5 +#define OWNER_UID 5001 + +#define _UI_LAUNCH_RETRY_COUNT 10 #define _UI_SVC_TERMINATE_TIMEOUT 2000 #define _FREEDESKTOP_SERVICE "org.freedesktop.DBus" #define _FREEDESKTOP_PATH "/org/freedesktop/DBus" #define _FREEDESKTOP_INTERFACE "org.freedesktop.DBus" +GMainLoop *__mainLoop; static GQueue *_ui_q = NULL; static int __ui_svc_pid = -1; @@ -270,7 +273,7 @@ __terminate_ui_svc(void) _INFO("Killing inactive UI Service [%d]", __ui_svc_pid); if (__ui_svc_pid > 0) - aul_terminate_pid(__ui_svc_pid); + aul_terminate_pid_for_uid(__ui_svc_pid, OWNER_UID); __ui_svc_pid = -1; } @@ -294,22 +297,29 @@ static int __launch_svc_ui(bundle *ui_req) { int i = 0; - for (; i < _UI_LAUNCH_RETRY_COUNT; i++) { - if (__ui_svc_pid < 0) - __ui_svc_pid = aul_launch_app(_UI_SVC_PACKAGE, ui_req); - else { - aul_terminate_pid(__ui_svc_pid); - __ui_svc_pid = -1; - - __ui_svc_pid = aul_launch_app(_UI_SVC_PACKAGE, ui_req); - } - _INFO("fido svc pid = [%d]", __ui_svc_pid); + int ui_pid = -1; - if (__ui_svc_pid > 0) - return FIDO_ERROR_NONE; + for(; i < _UI_LAUNCH_RETRY_COUNT; i++) { + ui_pid = aul_launch_app_for_uid(_UI_SVC_PACKAGE, ui_req, OWNER_UID); + if(ui_pid > 0) + break; } - return FIDO_ERROR_UNKNOWN; + + if(ui_pid < 0) + return FIDO_ERROR_UNKNOWN; + + __mainLoop = NULL; + + __mainLoop = g_main_loop_new(NULL, FALSE); + + g_main_loop_run(__mainLoop); + + _INFO(""); + + aul_terminate_pid_for_uid(ui_pid, OWNER_UID); + + return FIDO_ERROR_NONE; } static int @@ -508,5 +518,6 @@ CATCH: __start_ui_svc_term_timer(); } + g_main_loop_quit(__mainLoop); return true; } -- 2.7.4 From 82cce00087c34370de10123cca1a5c12a6e5370b Mon Sep 17 00:00:00 2001 From: Manasij Sur Roy Date: Thu, 28 Jul 2016 14:05:19 +0530 Subject: [PATCH 14/16] Disallowed list policy fix Change-Id: I01b849df7cf3233915265b921810240fbb069961 Signed-off-by: Manasij Sur Roy --- server/fido_uaf_policy_checker.c | 88 +++++++++++++++++++++++----------------- 1 file changed, 50 insertions(+), 38 deletions(-) diff --git a/server/fido_uaf_policy_checker.c b/server/fido_uaf_policy_checker.c index efd57e5..e0d3cd9 100644 --- a/server/fido_uaf_policy_checker.c +++ b/server/fido_uaf_policy_checker.c @@ -411,6 +411,20 @@ __copy_png_list(GList *src_list) return dest; } +gint +__compare_match(gconstpointer list_elem, gconstpointer supplied_elem) +{ + if ((list_elem == NULL) || (supplied_elem == NULL)) + return -1; + + bool ret = _policy_checker_is_matched((_match_criteria_t*)list_elem , + (fido_authenticator_s*)supplied_elem); + if (ret == true) + return 0; + + return -1; +} + /* Returns _matched_auth_data_t list*/ GList * _policy_checker_get_matched_auth_list(_policy_t *policy, GList *auth_list) @@ -426,8 +440,8 @@ _policy_checker_get_matched_auth_list(_policy_t *policy, GList *auth_list) RET_IF_FAIL(policy != NULL, NULL); RET_IF_FAIL(auth_list != NULL, NULL); - // _match_criteria_t *match_criteria_or = NULL; GList *allowed_list = NULL; + /*_match_criteria_t list*/ GList *disallowed_list = policy->disallowed_list; GList *accepted_list = policy->accepted_list; @@ -435,7 +449,7 @@ _policy_checker_get_matched_auth_list(_policy_t *policy, GList *auth_list) _INFO("accepted_list count = [%d]", g_list_length(accepted_list)); if (disallowed_list != NULL) - _INFO("allowed_list count = [%d]", g_list_length(disallowed_list)); + _INFO("disallowed_list count = [%d]", g_list_length(disallowed_list)); GList *accepted_list_iter = g_list_first(accepted_list); while (accepted_list_iter != NULL) { @@ -456,45 +470,43 @@ _policy_checker_get_matched_auth_list(_policy_t *policy, GList *auth_list) if (disallowed_list != NULL) { - GList *disallowed_list_iter = g_list_first(disallowed_list); - while (disallowed_list_iter != NULL) { - _match_criteria_t *disallowed_match_info = (_match_criteria_t *) disallowed_list_iter->data; - - if (!_policy_checker_is_matched(disallowed_match_info, authenticator)) { - _INFO("[%s] is not in disallowed list", authenticator->aaid); - _matched_auth_data_t *matched_auth_data = (_matched_auth_data_t*) calloc(1, sizeof(_matched_auth_data_t)); - RET_IF_FAIL(matched_auth_data, NULL); - - /*TODO : ASM must send auth index*/ - if (authenticator->auth_index != NULL) - matched_auth_data->auth_index = strdup(authenticator->auth_index); - else - _ERR("auth index missing"); - - matched_auth_data->att_type = _get_attestation_type(match_info, authenticator); - - if (authenticator->title != NULL) - matched_auth_data->label = strdup(authenticator->title); - else { - _ERR("title missing, putting ver method"); - /*If label is null, set verification method name instead*/ - matched_auth_data->label = __get_verification_method_string(authenticator->user_verification); - } - - if (authenticator->asm_id != NULL) - matched_auth_data->asm_id = strdup(authenticator->asm_id); - else - _ERR("Authenticator does not have any ASM ID!!"); - - matched_auth_data->key_ids = __copy_string_list(match_info->key_id_list); - /*fido_display_png_characteristics_descriptor_s list*/ - matched_auth_data->tc_display_png_characteristics = - __copy_png_list(authenticator->tc_display_png_characteristics); + if (g_list_find_custom(disallowed_list, authenticator, + __compare_match) == NULL) { + + _INFO("[%s] is not in disallowed list", authenticator->aaid); + _matched_auth_data_t *matched_auth_data = (_matched_auth_data_t*) calloc(1, sizeof(_matched_auth_data_t)); + RET_IF_FAIL(matched_auth_data, NULL); + + /*TODO : ASM must send auth index*/ + if (authenticator->auth_index != NULL) + matched_auth_data->auth_index = strdup(authenticator->auth_index); + else + _ERR("auth index missing"); + + matched_auth_data->att_type = _get_attestation_type(match_info, authenticator); + + if (authenticator->title != NULL) + matched_auth_data->label = strdup(authenticator->title); + else { + _ERR("title missing, putting ver method"); + /*If label is null, set verification method name instead*/ + matched_auth_data->label = __get_verification_method_string(authenticator->user_verification); + } + + if (authenticator->asm_id != NULL) + matched_auth_data->asm_id = strdup(authenticator->asm_id); + else + _ERR("Authenticator does not have any ASM ID!!"); + + matched_auth_data->key_ids = __copy_string_list(match_info->key_id_list); + /*fido_display_png_characteristics_descriptor_s list*/ + matched_auth_data->tc_display_png_characteristics = + __copy_png_list(authenticator->tc_display_png_characteristics); allowed_list = g_list_append(allowed_list, matched_auth_data); + } else { + _INFO("[%s] is in disallowed list", authenticator->aaid); } - disallowed_list_iter = disallowed_list_iter->next; - } } else { _INFO("[%s] adding since no disallowed list", authenticator->aaid); _matched_auth_data_t *matched_auth_data = (_matched_auth_data_t*) calloc(1, sizeof(_matched_auth_data_t)); -- 2.7.4 From dfa1e6f47a7713c28ec39f65920036b3114652d1 Mon Sep 17 00:00:00 2001 From: jkjo92 Date: Thu, 18 Aug 2016 16:45:43 +0900 Subject: [PATCH 15/16] fix coding rule Change-Id: I0a54dd6d1e1aaa163be716890ac329b204329201 Signed-off-by: jkjo92 --- server/fido_selection_ui_adaptor.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/server/fido_selection_ui_adaptor.c b/server/fido_selection_ui_adaptor.c index 03f31af..cf0ceab 100644 --- a/server/fido_selection_ui_adaptor.c +++ b/server/fido_selection_ui_adaptor.c @@ -300,13 +300,13 @@ __launch_svc_ui(bundle *ui_req) int ui_pid = -1; - for(; i < _UI_LAUNCH_RETRY_COUNT; i++) { + for (; i < _UI_LAUNCH_RETRY_COUNT; i++) { ui_pid = aul_launch_app_for_uid(_UI_SVC_PACKAGE, ui_req, OWNER_UID); - if(ui_pid > 0) + if (ui_pid > 0) break; } - if(ui_pid < 0) + if (ui_pid < 0) return FIDO_ERROR_UNKNOWN; __mainLoop = NULL; -- 2.7.4 From b6d0ebc501d2ebfa548d817d3a2107f81f3bf045 Mon Sep 17 00:00:00 2001 From: Manasij Sur Roy Date: Wed, 24 Aug 2016 09:16:19 +0530 Subject: [PATCH 16/16] Added fido.client privilege Change-Id: I15ea3e609b420ae8b5cf6e593f02ed299ee785e5 Signed-off-by: Manasij Sur Roy --- client/fido_uaf_client.c | 5 + include/fido_uaf_authenticator.h | 136 +++++++++-------- include/fido_uaf_client.h | 99 +++++++----- packaging/fido-client.spec | 3 + server/CMakeLists.txt | 3 + server/fido_privilege_checker.c | 175 ++++++++++++++++++++++ server/fido_privilege_checker.h | 2 +- test/3_0_Sample_App/FIDOSample/tizen-manifest.xml | 9 +- 8 files changed, 326 insertions(+), 106 deletions(-) diff --git a/client/fido_uaf_client.c b/client/fido_uaf_client.c index ce9cef0..6081e8d 100755 --- a/client/fido_uaf_client.c +++ b/client/fido_uaf_client.c @@ -157,6 +157,11 @@ fido_foreach_authenticator(fido_authenticator_cb callback, void *user_data) return FIDO_ERROR_PERMISSION_DENIED; } + if (tz_err != FIDO_ERROR_NONE) { + _ERR("Error = [%d]", tz_err); + return tz_err; + } + if (discovery_data_json == NULL || discovery_data_json_list_len <= 0) { _ERR("No Authenticators found"); return FIDO_ERROR_NOT_SUPPORTED; diff --git a/include/fido_uaf_authenticator.h b/include/fido_uaf_authenticator.h index d8b3dbb..02a35af 100755 --- a/include/fido_uaf_authenticator.h +++ b/include/fido_uaf_authenticator.h @@ -15,10 +15,15 @@ * */ -#ifndef _FIDO_UAF_AUTH_H_ -#define _FIDO_UAF_AUTH_H_ +#ifndef __TIZEN_FIDO_UAF_AUTHENTICATOR_H__ +#define __TIZEN_FIDO_UAF_AUTHENTICATOR_H__ -#include "fido_uaf_types.h" +#include + +#ifdef __cplusplus +extern "C" +{ +#endif /** * @file fido_uaf_authenticator.h @@ -35,8 +40,8 @@ * @brief Called once for each result of calling fido_foreach_authenticator() * @since_tizen 3.0 * - * @param[out] auth_info The Authenticator info handle. This param will be freed by framework. - * @param[out] user_data The user data that was attached during fido_foreach_authenticator() call. + * @param[in] auth_info The Authenticator info handle. This param will be freed by framework + * @param[in] user_data The user data that was attached during fido_foreach_authenticator() call * @see fido_foreach_authenticator() */ typedef void (*fido_authenticator_cb)(const fido_authenticator_h auth_info, void *user_data); @@ -45,28 +50,29 @@ typedef void (*fido_authenticator_cb)(const fido_authenticator_h auth_info, void * @brief Retrieves all the available FIDO authenticators supported by this Device. * @details fido_authenticator_cb() callback is called synchronously once for each authenticator. * @since_tizen 3.0 + * @privlevel public + * @privilege %http://tizen.org/privilege/fido.client * - * - * @param[in] cb The iteration callback handle. - * @param[in] user_data The user data handle. + * @param[in] cb The iteration callback handle + * @param[in] user_data The user data handle * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter - * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this API. + * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this function. * @retval #FIDO_ERROR_NOT_SUPPORTED FIDO is not supported on this device. */ -EXPORT_API int fido_foreach_authenticator(fido_authenticator_cb cb, void *user_data); +int fido_foreach_authenticator(fido_authenticator_cb cb, void *user_data); /** * @brief Gets the Authenticator title. * @since_tizen 3.0 * - * @remarks The application must free title using free(). - * @param[in] auth The Authenticator handle. - * @param[out] title The title. + * @remarks The @a title should be released using free(). + * @param[in] auth The Authenticator handle + * @param[out] title The title * * @return @c 0 on success, * otherwise a negative error value @@ -74,15 +80,15 @@ EXPORT_API int fido_foreach_authenticator(fido_authenticator_cb cb, void *user_d * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_title(const fido_authenticator_h auth, char **title); +int fido_authenticator_get_title(const fido_authenticator_h auth, char **title); /** - * @brief Retrieves the Authenticator AAID(Authenticator Attestation ID). + * @brief Retrieves the Authenticator AAID (Authenticator Attestation ID). * @since_tizen 3.0 * - * @remarks The application must free aaid using free(). - * @param[in] auth The Authenticator handle. - * @param[out] aaid The AAID. + * @remarks The @a aaid should be released using free(). + * @param[in] auth The Authenticator handle + * @param[out] aaid The AAID * * @return @c 0 on success, * otherwise a negative error value @@ -90,15 +96,15 @@ EXPORT_API int fido_authenticator_get_title(const fido_authenticator_h auth, cha * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_aaid(const fido_authenticator_h auth, char **aaid); +int fido_authenticator_get_aaid(const fido_authenticator_h auth, char **aaid); /** * @brief Retrieves the Authenticator description * @since_tizen 3.0 * - * @remarks The application must free desc using free(). - * @param[in] auth The Authenticator handle. - * @param[out] desc The description. + * @remarks The @a desc should be released using free(). + * @param[in] auth The Authenticator handle + * @param[out] desc The description * * @return @c 0 on success, * otherwise a negative error value @@ -106,15 +112,15 @@ EXPORT_API int fido_authenticator_get_aaid(const fido_authenticator_h auth, char * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_description(const fido_authenticator_h auth, char **desc); +int fido_authenticator_get_description(const fido_authenticator_h auth, char **desc); /** * @brief Retrieves the Authenticator assertion scheme. * @since_tizen 3.0 * - * @remarks The application must free scheme using free().Refer to FIDO UAF Registry document for more details. - * @param[in] auth The Authenticator handle. - * @param[out] scheme The assertion scheme. UAFV1TLV is the default assertion scheme. + * @remarks The @a scheme should be released using free(). Refer to FIDO UAF Registry document for more details. + * @param[in] auth The Authenticator handle + * @param[out] scheme The assertion scheme. UAFV1TLV is the default assertion scheme * * @return @c 0 on success, * otherwise a negative error value @@ -122,28 +128,28 @@ EXPORT_API int fido_authenticator_get_description(const fido_authenticator_h aut * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_assertion_scheme(const fido_authenticator_h auth, char **scheme); +int fido_authenticator_get_assertion_scheme(const fido_authenticator_h auth, char **scheme); /** - * @brief Retrieves the Authenticator algorithm + * @brief Retrieves the Authenticator algorithm. * @since_tizen 3.0 * - * @param[in] auth The Authenticator handle. - * @param[out] algo The authenitcation algorithm. + * @param[in] auth The Authenticator handle + * @param[out] algo The authentication algorithm * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_algorithm(const fido_authenticator_h auth, fido_auth_algo_e *algo); +int fido_authenticator_get_algorithm(const fido_authenticator_h auth, fido_auth_algo_e *algo); /** - * @brief Called once for each result of calling fido_authenticator_foreach_attestation_type() + * @brief Called once for each result of calling fido_authenticator_foreach_attestation_type(). * @since_tizen 3.0 * - * @param[out] att_type The Authenticator attestation type. - * @param[out] user_data The user data that was attached during fido_authenticator_foreach_attestation_type() call. + * @param[in] att_type The Authenticator attestation type + * @param[in] user_data The user data that was attached during fido_authenticator_foreach_attestation_type() call */ typedef void (*fido_attestation_type_cb)(fido_auth_attestation_type_e att_type, void *user_data); @@ -151,111 +157,111 @@ typedef void (*fido_attestation_type_cb)(fido_auth_attestation_type_e att_type, * @brief Retrieves all the available attestation types for this Authenticator. * @since_tizen 3.0 * - * @param[in] auth The Authenticator handle. - * @param[in] cb The iteration callback. - * @param[in] user_data The user data. + * @param[in] auth The Authenticator handle + * @param[in] cb The iteration callback + * @param[in] user_data The user data * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_foreach_attestation_type(const fido_authenticator_h auth, +int fido_authenticator_foreach_attestation_type(const fido_authenticator_h auth, fido_attestation_type_cb cb, void *user_data); /** * @brief Retrieves the user verification method of this Authenticator. * @since_tizen 3.0 * - * @param[in] auth The Authenticator handle. - * @param[out] user_verification The user verification method. + * @param[in] auth The Authenticator handle + * @param[out] user_verification The user verification method * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_verification_method(const fido_authenticator_h auth, +int fido_authenticator_get_verification_method(const fido_authenticator_h auth, fido_auth_user_verify_type_e *user_verification); /** * @brief Retrieves the key protection method of this Authenticator. * @since_tizen 3.0 * - * @param[in] auth The Authenticator handle. - * @param[out] key_protection The key protection method. + * @param[in] auth The Authenticator handle + * @param[out] key_protection The key protection method * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_key_protection_method(const fido_authenticator_h auth, +int fido_authenticator_get_key_protection_method(const fido_authenticator_h auth, fido_auth_key_protection_type_e *key_protection); /** * @brief Retrieves the matcher protection method of this Authenticator. * @since_tizen 3.0 * - * @param[in] auth The Authenticator handle. - * @param[out] matcher_protection The matcher protection method. + * @param[in] auth The Authenticator handle + * @param[out] matcher_protection The matcher protection method * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_matcher_protection_method(const fido_authenticator_h auth, +int fido_authenticator_get_matcher_protection_method(const fido_authenticator_h auth, fido_auth_matcher_protection_type_e *matcher_protection); /** * @brief Retrieves the attachment hint of this Authenticator. * @since_tizen 3.0 * - * @param[in] auth The Authenticator handle. - * @param[out] attachment_hint The matcher protection method. + * @param[in] auth The Authenticator handle + * @param[out] attachment_hint The matcher protection method * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_attachment_hint(const fido_authenticator_h auth, +int fido_authenticator_get_attachment_hint(const fido_authenticator_h auth, fido_auth_attachment_hint_e *attachment_hint); /** * @brief Checks if the Authenticator is Second factor only which is supported by U2F standards. * @since_tizen 3.0 * - * @param[in] auth The Authenticator handle. + * @param[in] auth The Authenticator handle * * @return @c true if its only second factor, * otherwise false. */ -EXPORT_API bool fido_authenticator_get_is_second_factor_only(const fido_authenticator_h auth); +bool fido_authenticator_get_is_second_factor_only(const fido_authenticator_h auth); /** * @brief Retrieves the Transaction Confirmation display type of this Authenticator. * @since_tizen 3.0 * - * @param[in] auth The Authenticator handle. - * @param[out] tc_display The TC display type. + * @param[in] auth The Authenticator handle + * @param[out] tc_display The TC display type * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_tc_discplay(const fido_authenticator_h auth, +int fido_authenticator_get_tc_discplay(const fido_authenticator_h auth, fido_auth_tc_display_type_e *tc_display); /** * @brief Retrieves the Transaction Confirmation display content type of this Authenticator. * @since_tizen 3.0 * - * @remarks The application must free tc_display_content_type using free(). - * @param[in] auth The Authenticator handle. - * @param[out] tc_display_content_type The TC display content type which is supported MIME type [RFC2049] such as text/plain or image/png. + * @remarks The @a tc_display_content_type should be released using free(). + * @param[in] auth The Authenticator handle + * @param[out] tc_display_content_type The TC display content type which is supported MIME type [RFC2049] such as text/plain or image/png * * @return @c 0 on success, * otherwise a negative error value @@ -263,15 +269,15 @@ EXPORT_API int fido_authenticator_get_tc_discplay(const fido_authenticator_h aut * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_tc_display_type(const fido_authenticator_h auth, char **tc_display_content_type); +int fido_authenticator_get_tc_display_type(const fido_authenticator_h auth, char **tc_display_content_type); /** * @brief Retrieves the icon of this Authenticator. * @since_tizen 3.0 * - * @remarks The application must free icon using free(). - * @param[in] auth The Authenticator handle. - * @param[out] icon The icon. Portable Network Graphic (PNG) format image file representing the icon encoded as a data: url[RFC2397]. + * @remarks The @a icon should be released using free(). + * @param[in] auth The Authenticator handle + * @param[out] icon The icon. Portable Network Graphic (PNG) format image file representing the icon encoded as a data: url[RFC2397] * * @return @c 0 on success, * otherwise a negative error value @@ -279,10 +285,14 @@ EXPORT_API int fido_authenticator_get_tc_display_type(const fido_authenticator_h * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_authenticator_get_icon(const fido_authenticator_h auth, char **icon); +int fido_authenticator_get_icon(const fido_authenticator_h auth, char **icon); /** * @} */ +#ifdef __cplusplus +} +#endif + #endif diff --git a/include/fido_uaf_client.h b/include/fido_uaf_client.h index b759d3c..d3c0e2a 100755 --- a/include/fido_uaf_client.h +++ b/include/fido_uaf_client.h @@ -15,11 +15,16 @@ * */ -#ifndef FIDO_UAF_CLIENT_H_ -#define FIDO_UAF_CLIENT_H_ +#ifndef __TIZEN_FIDO_UAF_CLIENT_H__ +#define __TIZEN_FIDO_UAF_CLIENT_H__ #include +#ifdef __cplusplus +extern "C" +{ +#endif + /** * @file fido_uaf_client.h * @brief The FIDO UAF Client APIs. @@ -34,8 +39,8 @@ * @brief Gets the FIDO client vendor name. * @since_tizen 3.0 * - * @remarks The application must free vendor_name using free(). - * @param[out] vendor_name The vendor name. + * @remarks The @a vendor_name should be released using free(). + * @param[out] vendor_name The vendor name * * @return @c 0 on success, * otherwise a negative error value @@ -43,14 +48,14 @@ * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_get_client_vendor(char **vendor_name); +int fido_get_client_vendor(char **vendor_name); /** * @brief Gets the FIDO client vendor version information. * @since_tizen 3.0 * - * @param[out] client_major_version The FIDO client major version. - * @param[out] client_minor_version The FIDO client minor version. + * @param[out] client_major_version The FIDO client major version + * @param[out] client_minor_version The FIDO client minor version * * @return @c 0 on success, * otherwise a negative error value @@ -58,7 +63,7 @@ EXPORT_API int fido_get_client_vendor(char **vendor_name); * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter */ -EXPORT_API int fido_get_client_version(int *client_major_version, int *client_minor_version); +int fido_get_client_version(int *client_major_version, int *client_minor_version); /** * @} @@ -72,32 +77,49 @@ EXPORT_API int fido_get_client_version(int *client_major_version, int *client_mi /** * @brief Checks whether the FIDO message can be processed. * @since_tizen 3.0 + * @privlevel public + * @privilege %http://tizen.org/privilege/fido.client * - * @param[in] uaf_message_json The FIDO message in json format which is recieved from the relying party server. - * @param[out] is_supported True if the message can be handled by the device, else false. + * @param[in] uaf_message_json The FIDO message in JSON format which is received from the relying party server + * @param[out] is_supported True if the message can be handled by the device, else false * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory - * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter + * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter * @retval #FIDO_ERROR_NOT_SUPPORTED FIDO is not supported - * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this API. - * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAFMessage does not specify a protocol version supported by this FIDO UAF Client. + * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this function. + * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAF Message does not specify a protocol version supported by this FIDO UAF Client. * @retval #FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR No suitable authenticators found. * @retval #FIDO_ERROR_PROTOCOL_ERROR The interaction may have timed out, or the UAF message is malformed. * @retval #FIDO_ERROR_UNTRUSTED_FACET_ID The caller's id is not allowed to use this operation. * */ -EXPORT_API int fido_uaf_is_supported(const char *uaf_message_json, bool *is_supported); +int fido_uaf_is_supported(const char *uaf_message_json, bool *is_supported); /** * @brief Called when fido_uaf_get_response_message() response comes. + * @details The following error codes can be delivered: + * 
+ * #FIDO_ERROR_NONE                        Successful
+ * #FIDO_ERROR_OUT_OF_MEMORY               Out of Memory
+ * #FIDO_ERROR_USER_ACTION_IN_PROGRESS     User action is in progress.
+ * #FIDO_ERROR_USER_CANCELLED              User has cancelled the operation.
+ * #FIDO_ERROR_PERMISSION_DENIED           The application does not have permission to call this
+ *                                         function.
+ * #FIDO_ERROR_UNSUPPORTED_VERSION         The UAF Message does not specify a protocol version
+ *                                         supported by this FIDO UAF Client.
+ * #FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR   No suitable authenticators found.
+ * #FIDO_ERROR_PROTOCOL_ERROR              The interaction may have timed out, or the UAF message
+ *                                         is malformed.
+ * #FIDO_ERROR_UNTRUSTED_FACET_ID          The caller's id is not allowed to use this operation.
+ *
* @since_tizen 3.0 * - * @param[in] tizen_error_code Tizen platform error code. - * @param[in] uaf_response_json FIDO resonse message in json format. - * @param[in] user_data The user data passed from the callback function. + * @param[in] tizen_error_code Tizen platform error code + * @param[in] uaf_response_json FIDO response message in JSON format + * @param[in] user_data The user data passed from the callback function * * @pre fido_uaf_get_response_message() must be called to get this callback invoked. * @see fido_uaf_get_response_message() @@ -106,43 +128,40 @@ typedef void (*fido_uaf_response_message_cb) (fido_error_e tizen_error_code, con /** * @brief Processes the given FIDO UAF message. - * @details The response is delivered via fido_uaf_response_message_cb(). Depending on the FIDO message type, this may involve user interactions. + * @details This function is asynchronous. The response is delivered via fido_uaf_response_message_cb(). + * Depending on the FIDO message type, this may involve user interactions. * * @since_tizen 3.0 + * @privlevel public + * @privilege %http://tizen.org/privilege/fido.client * - * @param[in] uaf_request_json The FIDO UAF message in json format which is recieved from the relying party server. - * @param[in] channel_binding The channel binding data in json format which is recieved from the relying party server. - * @param[in] callback The callback to receive response. - * @param[in] user_data The user data to be passed to the callback function. + * @param[in] uaf_request_json The FIDO UAF message in JSON format which is received from the relying party server + * @param[in] channel_binding The channel binding data in JSON format which is received from the relying party server + * @param[in] callback The callback to receive response + * @param[in] user_data The user data to be passed to the callback function * * @return @c 0 on success, * otherwise a negative error value * @retval #FIDO_ERROR_NONE Successful - * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter * @retval #FIDO_ERROR_NOT_SUPPORTED FIDO is not supported - * @retval #FIDO_ERROR_USER_ACTION_IN_PROGRESS User action is in progress. - * @retval #FIDO_ERROR_USER_CANCELLED User has canceled the operation. - * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this API. - * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAFMessage does not specify a protocol version supported by this FIDO UAF Client. - * @retval #FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR No suitable authenticators found. - * @retval #FIDO_ERROR_PROTOCOL_ERROR The interaction may have timed out, or the UAF message is malformed. - * @retval #FIDO_ERROR_UNTRUSTED_FACET_ID The caller's id is not allowed to use this operation. * * @see fido_uaf_response_message_cb() */ -EXPORT_API int fido_uaf_get_response_message(const char *uaf_request_json, const char *channel_binding, +int fido_uaf_get_response_message(const char *uaf_request_json, const char *channel_binding, fido_uaf_response_message_cb callback, void *user_data); /** - * @brief Notifies the server result to the FIDO client. FIDO Server sends the result of processing a UAF message to FIDO client. - * @remarks This is especially important as a new registration may be considered by the client to be in a pending state + * @brief Notifies the FIDO client about the server result. FIDO Server sends the result of processing a UAF message to FIDO client. + * @remarks This is especially important for cases when a new registration may be considered by the client to be in a pending state * until it is communicated that the server accepted it. * * @since_tizen 3.0 + * @privlevel public + * @privilege %http://tizen.org/privilege/fido.client * - * @param[in] response_code The status code received from Server, FIDO_SERVER_STATUS_CODE_OK implies success. - * @param[in] uaf_response_json The FIDO response message sent to server in json format. + * @param[in] response_code The status code received from Server, #FIDO_SERVER_STATUS_CODE_OK implies success + * @param[in] uaf_response_json The FIDO response message sent to server in JSON format * * @return @c 0 on success, * otherwise a negative error value @@ -150,18 +169,22 @@ EXPORT_API int fido_uaf_get_response_message(const char *uaf_request_json, const * @retval #FIDO_ERROR_OUT_OF_MEMORY Out of Memory * @retval #FIDO_ERROR_INVALID_PARAMETER Invalid parameter * @retval #FIDO_ERROR_NOT_SUPPORTED FIDO is not supported - * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this API. - * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAFMessage does not specify a protocol version supported by this FIDO UAF Client. + * @retval #FIDO_ERROR_PERMISSION_DENIED The application does not have permission to call this function. + * @retval #FIDO_ERROR_UNSUPPORTED_VERSION The UAF Message does not specify a protocol version supported by this FIDO UAF Client. * @retval #FIDO_ERROR_NO_SUITABLE_AUTHENTICATOR No suitable authenticators found. * @retval #FIDO_ERROR_PROTOCOL_ERROR The interaction may have timed out, or the UAF message is malformed. * @retval #FIDO_ERROR_UNTRUSTED_FACET_ID The caller's id is not allowed to use this operation. * * @see fido_uaf_response_message_cb() */ -EXPORT_API int fido_uaf_set_server_result(int response_code, const char *uaf_response_json); +int fido_uaf_set_server_result(int response_code, const char *uaf_response_json); /** * @} */ +#ifdef __cplusplus +} +#endif + #endif /* FIDO_UAF_CLIENT_H_ */ diff --git a/packaging/fido-client.spec b/packaging/fido-client.spec index 90ce681..1b573e8 100644 --- a/packaging/fido-client.spec +++ b/packaging/fido-client.spec @@ -26,6 +26,9 @@ BuildRequires: pkgconfig(gio-unix-2.0) %if "%{?tizen_version}" == "3.0" BuildRequires: pkgconfig(libtzplatform-config) +BuildRequires: pkgconfig(cynara-client) +BuildRequires: pkgconfig(cynara-session) +BuildRequires: pkgconfig(cynara-creds-gdbus) %endif BuildRequires: pkgconfig(pkgmgr-info) diff --git a/server/CMakeLists.txt b/server/CMakeLists.txt index 69ad801..e046016 100755 --- a/server/CMakeLists.txt +++ b/server/CMakeLists.txt @@ -18,6 +18,9 @@ pkg_check_modules(SERVER_pkgs REQUIRED pkgmgr-info openssl bundle + cynara-client + cynara-session + cynara-creds-gdbus libtzplatform-config ) else() diff --git a/server/fido_privilege_checker.c b/server/fido_privilege_checker.c index 352efff..59a9633 100644 --- a/server/fido_privilege_checker.c +++ b/server/fido_privilege_checker.c @@ -18,8 +18,183 @@ #include "fido_privilege_checker.h" #include "fido_logs.h" +#ifdef WITH_JSON_BUILDER + +#include +#include +#include +static cynara *__cynara = NULL; + +#endif + +/*#define _DISABLE_PRIV_CHECK*/ + +#ifdef WITH_JSON_BUILDER + +static guint +_get_client_pid(GDBusMethodInvocation* invoc) +{ + const char *name = NULL; + name = g_dbus_method_invocation_get_sender(invoc); + if (name == NULL) { + _ERR("g_dbus_method_invocation_get_sender failed"); + return -1; + } + _INFO("sender=[%s]", name); + + + guint pid = -1; + GError *error = NULL; + GVariant *_ret; + + _INFO("calling GetConnectionUnixProcessID"); + + GDBusConnection* conn = g_dbus_method_invocation_get_connection(invoc); + _ret = g_dbus_connection_call_sync(conn, + "org.freedesktop.DBus", + "/org/freedesktop/DBus", + "org.freedesktop.DBus", + "GetConnectionUnixProcessID", + g_variant_new("(s)", name), + NULL, + G_DBUS_CALL_FLAGS_NONE, + -1, + NULL, + &error); + + if (_ret != NULL) { + g_variant_get(_ret, "(u)", &pid); + g_variant_unref(_ret); + } + + _INFO("process Id = [%u]", pid); + return pid; +} + +static int +__check_privilege_by_cynara(const char *client, const char *session, const char *user, const char *privilege) +{ +#ifdef WITH_JSON_BUILDER + int ret; + char err_buf[128] = {0,}; + + ret = cynara_check(__cynara, client, session, user, privilege); + switch (ret) { + case CYNARA_API_ACCESS_ALLOWED: + _DBG("cynara_check success"); + return FIDO_ERROR_NONE; + + case CYNARA_API_ACCESS_DENIED: + _ERR("cynara_check permission deined, privilege=%s, error = CYNARA_API_ACCESS_DENIED", privilege); + return FIDO_ERROR_PERMISSION_DENIED; + + default: + cynara_strerror(ret, err_buf, sizeof(err_buf)); + _ERR("cynara_check error : %s, privilege=%s, ret = %d", err_buf, privilege, ret); + return FIDO_ERROR_PERMISSION_DENIED; + } + + return FIDO_ERROR_NONE; +#endif + + return FIDO_ERROR_NONE; +} + +static int +__get_information_for_cynara_check(GDBusMethodInvocation *invocation, char **client, char **user, char **session) +{ +#ifdef WITH_JSON_BUILDER + GDBusConnection *gdbus_conn = NULL; + char* sender = NULL; + int ret = -1; + + gdbus_conn = g_dbus_method_invocation_get_connection(invocation); + if (gdbus_conn == NULL) { + _ERR("g_dbus_method_invocation_get_connection failed"); + return -1; + } + + sender = (char*) g_dbus_method_invocation_get_sender(invocation); + if (sender == NULL) { + _ERR("g_dbus_method_invocation_get_sender failed"); + return -1; + } + + ret = cynara_creds_gdbus_get_user(gdbus_conn, sender, USER_METHOD_DEFAULT, user); + if (ret != CYNARA_API_SUCCESS) { + _ERR("cynara_creds_gdbus_get_user failed, ret = %d", ret); + return -1; + } + + ret = cynara_creds_gdbus_get_client(gdbus_conn, sender, CLIENT_METHOD_DEFAULT, client); + if (ret != CYNARA_API_SUCCESS) { + _ERR("cynara_creds_gdbus_get_client failed, ret = %d", ret); + return -1; + } + + guint pid = _get_client_pid(invocation); + _INFO("client Id = [%u]", pid); + + *session = cynara_session_from_pid(pid); + if (*session == NULL) { + _ERR("cynara_session_from_pid failed"); + return -1; + } + return FIDO_ERROR_NONE; + #endif + + return FIDO_ERROR_NONE; +} +#endif + bool is_allowed_to_call(GDBusMethodInvocation *invocation, const char* privilege) { +#ifdef WITH_JSON_BUILDER + + int ret = -1; + + if (__cynara == NULL) { + ret = cynara_initialize(&__cynara, NULL); + if (ret != CYNARA_API_SUCCESS) { + _ERR("CYNARA Initialization fail"); + return false; + } + } + + char *client = NULL; + char *session = NULL; + char *user = NULL; + + ret = __get_information_for_cynara_check(invocation, &client, &user, &session); + if (ret != FIDO_ERROR_NONE) { + _ERR("__get_information_for_cynara_check failed"); + g_free(client); + g_free(user); + SAFE_DELETE(session); + + return false; + } + + ret = __check_privilege_by_cynara(client, session, user, privilege); + + /*TODO enable after smack is defined*/ +#ifndef _DISABLE_PRIV_CHECK + if (ret != FIDO_ERROR_NONE) { + _ERR("__check_privilege_by_cynara failed, ret = %d", ret); + g_free(client); + g_free(user); + SAFE_DELETE(session); + + return false; + } +#endif + g_free(client); + g_free(user); + SAFE_DELETE(session); + + return true; + #endif + return true; } diff --git a/server/fido_privilege_checker.h b/server/fido_privilege_checker.h index b24447d..9009c23 100644 --- a/server/fido_privilege_checker.h +++ b/server/fido_privilege_checker.h @@ -21,7 +21,7 @@ #include #include "fido_internal_types.h" -#define _FIDO_CLIENT_PRIVILEGE "http://tizen.org/privilege/fido" +#define _FIDO_CLIENT_PRIVILEGE "http://tizen.org/privilege/fido.client" bool is_allowed_to_call(GDBusMethodInvocation *invocation, const char* privilege); diff --git a/test/3_0_Sample_App/FIDOSample/tizen-manifest.xml b/test/3_0_Sample_App/FIDOSample/tizen-manifest.xml index cc6c2e4..7cba4ee 100644 --- a/test/3_0_Sample_App/FIDOSample/tizen-manifest.xml +++ b/test/3_0_Sample_App/FIDOSample/tizen-manifest.xml @@ -2,11 +2,12 @@ - - fidosample.png + + fidosample.png - http://tizen.org/privilege/account.read - http://tizen.org/privilege/account.write + http://tizen.org/privilege/account.read + http://tizen.org/privilege/account.write + http://tizen.org/privilege/fido.client -- 2.7.4