From ea03ca5af8628a05bd3c8b751a913ef0704be7e0 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Thu, 3 Mar 2016 12:08:04 +0900 Subject: [PATCH 01/16] Fix unsafe buffer usage - sprintf - strcpy Change-Id: I85716d6daabc149526146dfe375874a7057550a2 Signed-off-by: Kyungwook Tak --- src/manager/client/client-common.cpp | 2 +- src/manager/dpl/db/src/sql_connection.cpp | 2 +- src/manager/main/socket-manager.cpp | 2 +- tests/test_common.cpp | 28 +++++++++++++++++----------- tests/test_common.h | 1 + tests/test_sql.cpp | 12 ++++++++++++ 6 files changed, 33 insertions(+), 14 deletions(-) diff --git a/src/manager/client/client-common.cpp b/src/manager/client/client-common.cpp index 5aca5c5..02bbbcf 100644 --- a/src/manager/client/client-common.cpp +++ b/src/manager/client/client-common.cpp @@ -103,7 +103,7 @@ int SockRAII::connectWrapper(int sock, const char *interface) return CKM_API_ERROR_INPUT_PARAM; } - strcpy(clientAddr.sun_path, interface); + strncpy(clientAddr.sun_path, interface, sizeof(clientAddr.sun_path) - 1); LogDebug("ClientAddr.sun_path = " << interface); int retval = TEMP_FAILURE_RETRY(::connect(sock, (struct sockaddr*)&clientAddr, SUN_LEN(&clientAddr))); diff --git a/src/manager/dpl/db/src/sql_connection.cpp b/src/manager/dpl/db/src/sql_connection.cpp index 9b053a0..02a12c6 100644 --- a/src/manager/dpl/db/src/sql_connection.cpp +++ b/src/manager/dpl/db/src/sql_connection.cpp @@ -668,7 +668,7 @@ RawBuffer rawToHexString(const RawBuffer &raw) RawBuffer output; for (auto &e: raw) { char result[3]; - snprintf(result, sizeof(result), "%02X", static_cast(e)); + snprintf(result, sizeof(result), "%02X", (e & 0xff)); output.push_back(static_cast(result[0])); output.push_back(static_cast(result[1])); } diff --git a/src/manager/main/socket-manager.cpp b/src/manager/main/socket-manager.cpp index a8e884f..0b49378 100644 --- a/src/manager/main/socket-manager.cpp +++ b/src/manager/main/socket-manager.cpp @@ -561,7 +561,7 @@ int SocketManager::CreateDomainSocketHelp( sockaddr_un serverAddress; memset(&serverAddress, 0, sizeof(serverAddress)); serverAddress.sun_family = AF_UNIX; - strcpy(serverAddress.sun_path, desc.serviceHandlerPath.c_str()); + strncpy(serverAddress.sun_path, desc.serviceHandlerPath.c_str(), sizeof(serverAddress.sun_path) - 1); unlink(serverAddress.sun_path); mode_t originalUmask; diff --git a/tests/test_common.cpp b/tests/test_common.cpp index 53e12f0..b96e913 100644 --- a/tests/test_common.cpp +++ b/tests/test_common.cpp @@ -26,26 +26,32 @@ using namespace CKM; RawBuffer createDefaultPass() { - RawBuffer raw; - for(unsigned char i =0; i < RAW_PASS_SIZE; i++) - raw.push_back(i); - return raw; + return createPass(0, RAW_PASS_SIZE); } -RawBuffer createBigBlob(std::size_t size) { +RawBuffer createPass(std::size_t from, std::size_t to) { RawBuffer raw; - for(std::size_t i = 0; i < size; i++) { + + for (std::size_t i = from; i < to; i++) raw.push_back(static_cast(i)); - } + return raw; } +RawBuffer createBigBlob(std::size_t size) { + return createPass(0, size); +} + //raw to hex string conversion from SqlConnection std::string rawToHexString(const RawBuffer &raw) { - std::string dump(raw.size()*2, '0'); - for(std::size_t i = 0; i < raw.size(); i++){ - sprintf(&dump[2*i], "%02x", raw[i]); + std::string dump; + + for (auto &e : raw) { + char buf[3]; + snprintf(buf, sizeof(buf), "%02x", (e & 0xff)); + dump.push_back(buf[0]); + dump.push_back(buf[1]); } + return dump; } - diff --git a/tests/test_common.h b/tests/test_common.h index bf645d2..b9b70bf 100644 --- a/tests/test_common.h +++ b/tests/test_common.h @@ -30,6 +30,7 @@ #endif CKM::RawBuffer createDefaultPass(); +CKM::RawBuffer createPass(std::size_t from, std::size_t to); CKM::RawBuffer createBigBlob(std::size_t size); const CKM::RawBuffer defaultPass = createDefaultPass(); diff --git a/tests/test_sql.cpp b/tests/test_sql.cpp index d020fc7..a07329e 100644 --- a/tests/test_sql.cpp +++ b/tests/test_sql.cpp @@ -60,6 +60,18 @@ BOOST_AUTO_TEST_CASE(sqlTestConversion){ BOOST_CHECK(pass_check == pattern); } +BOOST_AUTO_TEST_CASE(sqlTestConversionBig){ + /* 192 ~ 208 in hex */ + const std::string tmppattern = "c0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0"; + + auto pass = createPass(192, 209); + BOOST_REQUIRE_MESSAGE(pass.size() == 17, "Password size should be 17"); + + auto pass_hex = rawToHexString(pass); + BOOST_REQUIRE_MESSAGE(pass_hex.length() == 34, "Hexed password size should be 34"); + BOOST_CHECK(pass_hex == tmppattern); +} + BOOST_AUTO_TEST_CASE(sqlTestSetKeyTooShort) { using namespace CKM::DB; BOOST_CHECK(unlink(encrypt_me_not) == 0 || errno == ENOENT); -- 2.7.4 From a8ea5575cd79ab7f080f72bbc4f89a5a9c5feb45 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Fri, 4 Mar 2016 15:32:48 +0900 Subject: [PATCH 02/16] Add description of changed priv on ocsp check API Change-Id: I8247cd2fd48c973528d801cd3347d963dfa8ade0 Signed-off-by: Kyungwook Tak --- src/include/ckmc/ckmc-manager.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/include/ckmc/ckmc-manager.h b/src/include/ckmc/ckmc-manager.h index 35a3413..9d8bf27 100644 --- a/src/include/ckmc/ckmc-manager.h +++ b/src/include/ckmc/ckmc-manager.h @@ -943,6 +943,10 @@ int ckmc_get_cert_chain_with_trustedcert(const ckmc_cert_s *cert, * @privlevel public * @privilege %http://tizen.org/privilege/internet * + * @remarks %http://tizen.org/privilege/internet (public level privilege) is required + * to use this API instead of %http://tizen.org/privilege/keymanager (public + * level privilege) since 3.0. + * * @param[in] pcert_chain_list Valid certificate chain to perform OCSP check * @param[out] ocsp_status The pointer to status result of OCSP check * -- 2.7.4 From c5efe9cb8bd549a51c5e6abc9e91c56faafc51dc Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Fri, 4 Mar 2016 16:14:40 +0900 Subject: [PATCH 03/16] Sync error code description with common package platform/core/api/common error_message/key-manager.xml Change-Id: Iae51652c580f4b3ccf4fbd2dec261e97a0a04bcd Signed-off-by: Kyungwook Tak --- src/include/ckmc/ckmc-error.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/include/ckmc/ckmc-error.h b/src/include/ckmc/ckmc-error.h index c7ac7ec..52cbb22 100644 --- a/src/include/ckmc/ckmc-error.h +++ b/src/include/ckmc/ckmc-error.h @@ -47,7 +47,7 @@ typedef enum { CKMC_ERROR_BAD_RESPONSE = TIZEN_ERROR_KEY_MANAGER | 0x03, /**< Invalid response from Central Key Manager */ CKMC_ERROR_SEND_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x04, /**< Transmitting request failed */ CKMC_ERROR_RECV_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x05, /**< Receiving response failed */ - CKMC_ERROR_AUTHENTICATION_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x06, /**< Authentication between client and manager failed */ + CKMC_ERROR_AUTHENTICATION_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x06, /**< Optional password which used when saving is incorrect */ CKMC_ERROR_BUFFER_TOO_SMALL = TIZEN_ERROR_KEY_MANAGER | 0x07, /**< The output buffer size which is passed as parameter is too small */ CKMC_ERROR_SERVER_ERROR = TIZEN_ERROR_KEY_MANAGER | 0x08, /**< Central Key Manager has been failed for some reason */ CKMC_ERROR_DB_LOCKED = TIZEN_ERROR_KEY_MANAGER | 0x09, /**< The database was not unlocked - user did not login */ @@ -57,7 +57,7 @@ typedef enum { CKMC_ERROR_VERIFICATION_FAILED = TIZEN_ERROR_KEY_MANAGER | 0x0D, /**< CA certificate(s) were unknown and chain could not be created */ CKMC_ERROR_INVALID_FORMAT = TIZEN_ERROR_KEY_MANAGER | 0x0E, /**< A provided file or binary has not a valid format */ CKMC_ERROR_FILE_ACCESS_DENIED = TIZEN_ERROR_KEY_MANAGER | 0x0F, /**< A provided file doesn't exist or cannot be accessed in the file system */ - CKMC_ERROR_NOT_EXPORTABLE = TIZEN_ERROR_KEY_MANAGER | 0x10, /**< Key is not exportable. It could not be returned to client */ + CKMC_ERROR_NOT_EXPORTABLE = TIZEN_ERROR_KEY_MANAGER | 0x10, /**< The data is saved as unexportable so it cannot be leaked */ CKMC_ERROR_FILE_SYSTEM = TIZEN_ERROR_KEY_MANAGER | 0x11, /**< Save key/certificate/pkcs12 failed because of file system error */ CKMC_ERROR_UNKNOWN = TIZEN_ERROR_KEY_MANAGER | 0xFF, /**< The error with unknown reason */ } key_manager_error_e; -- 2.7.4 From 37426bd1fc85ba35d4089b03f3721171a1d54cfa Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Fri, 4 Mar 2016 16:21:37 +0900 Subject: [PATCH 04/16] Version 0.1.22 - Fix SVACE defects - Remove hard-coded paths - remove dependency from pwdutils -> user/group manage backup plan given up for now... Change-Id: I91ede36bcbc017a067783fbbf46a6c919cf6c717 Signed-off-by: Kyungwook Tak --- packaging/key-manager.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec index bb3998c..4673c74 100644 --- a/packaging/key-manager.spec +++ b/packaging/key-manager.spec @@ -1,6 +1,6 @@ Name: key-manager Summary: Central Key Manager and utilities -Version: 0.1.21 +Version: 0.1.22 Release: 1 Group: System/Security License: Apache-2.0 and BSL-1.0 and BSD-2.0 -- 2.7.4 From 753a5219058dd3ffa11b0f213a7badb22b7a8e3e Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Fri, 11 Mar 2016 14:03:09 +0900 Subject: [PATCH 05/16] Hotfix: image creation failed /usr/sbin/ldconfig cannot be found. Use /sbin/ldconfig as it was. Change-Id: Ieb38a62b2474ae3b89c0305c5bfb20bd9c4dbe9f Signed-off-by: Kyungwook Tak --- packaging/key-manager.spec | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec index 4673c74..ed87faa 100644 --- a/packaging/key-manager.spec +++ b/packaging/key-manager.spec @@ -40,7 +40,9 @@ Requires: libkey-manager-common = %{version}-%{release} %global ro_data_dir %{?TZ_SYS_RO_SHARE:%TZ_SYS_RO_SHARE/ckm}%{!?TZ_SYS_RO_SHARE:%_datadir/ckm} %global db_test_dir %{?TZ_SYS_RO_SHARE:%TZ_SYS_RO_SHARE/ckm-db-test}%{!?TZ_SYS_RO_SHARE:%_datadir/ckm-db-test} %global bin_dir %{?TZ_SYS_BIN:%TZ_SYS_BIN}%{!?TZ_SYS_BIN:%_bindir} -%global sbin_dir %{?TZ_SYS_SBIN:%TZ_SYS_SBIN}%{!?TZ_SYS_SBIN:%_sbindir} +# image creation error occured if /usr/sbin used for ldconfig +#%global sbin_dir %{?TZ_SYS_SBIN:%TZ_SYS_SBIN}%{!?TZ_SYS_SBIN:%_sbindir} +%global sbin_dir /sbin %global ro_etc_dir %{?TZ_SYS_RO_ETC:%TZ_SYS_RO_ETC}%{!?TZ_SYS_RO_ETC:/etc} %global run_dir %{?TZ_SYS_RUN:%TZ_SYS_RUN}%{!?TZ_SYS_RUN:/var/run} %global initial_values_dir %{rw_data_dir}/initial_values -- 2.7.4 From 7ca6ec72345061a12575dd9bac4ef4db866d6622 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Fri, 11 Mar 2016 17:13:54 +0900 Subject: [PATCH 06/16] Fix SVACE defects Use thread-safe functions Initialize values in constructor Catch all exceptions Change-Id: I7ce649b7ba1a11e45949e8f8fca257be4eb7f37d Signed-off-by: Kyungwook Tak --- src/manager/main/socket-manager.cpp | 2 +- src/manager/main/socket-manager.h | 5 +- src/manager/main/thread-service.cpp | 2 +- src/manager/service/ckm-logic.cpp | 23 +++--- src/manager/service/file-lock.cpp | 9 +-- tests/CMakeLists.txt | 1 + tests/encryption-scheme/generate-db.cpp | 3 + tests/encryption-scheme/scheme-test.cpp | 53 +++++++++----- tests/encryption-scheme/scheme-test.h | 5 +- tests/test_db_crypto.cpp | 8 +-- tests/test_descriptor-set.cpp | 15 ++-- tools/ckm_db_tool/ckm_db_tool.cpp | 122 +++++++++++++++++--------------- tools/ckm_so_loader.cpp | 61 ++++++++-------- 13 files changed, 177 insertions(+), 132 deletions(-) diff --git a/src/manager/main/socket-manager.cpp b/src/manager/main/socket-manager.cpp index 0b49378..ab566cf 100644 --- a/src/manager/main/socket-manager.cpp +++ b/src/manager/main/socket-manager.cpp @@ -31,7 +31,6 @@ #include #include #include -#include #include @@ -168,6 +167,7 @@ SocketManager::CreateDefaultReadSocketDescription(int sock, bool timeout) SocketManager::SocketManager() : m_maxDesc(0), + m_working(true), m_counter(0) { FD_ZERO(&m_readSet); diff --git a/src/manager/main/socket-manager.h b/src/manager/main/socket-manager.h index cc951d7..4e98dd5 100644 --- a/src/manager/main/socket-manager.h +++ b/src/manager/main/socket-manager.h @@ -32,6 +32,7 @@ #include #include #include +#include #include @@ -100,7 +101,9 @@ protected: SocketDescription() : interfaceID(-1) - , service(NULL) + , service(nullptr) + , timeout(::time(nullptr)) + , counter(0) , m_flags(0) { } diff --git a/src/manager/main/thread-service.cpp b/src/manager/main/thread-service.cpp index b9c1b40..2e4e95d 100644 --- a/src/manager/main/thread-service.cpp +++ b/src/manager/main/thread-service.cpp @@ -24,7 +24,7 @@ namespace CKM { -ThreadService::ThreadService() +ThreadService::ThreadService() : m_connectionInfoMap() { } diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp index de4d710..5dc7826 100644 --- a/src/manager/service/ckm-logic.cpp +++ b/src/manager/service/ckm-logic.cpp @@ -414,15 +414,16 @@ int CKMLogic::verifyAndSaveDataHelper( // check if data is correct Crypto::Data binaryData; retCode = toBinaryData(data, binaryData); - if (retCode == CKM_API_SUCCESS) - retCode = saveDataHelper(cred, name, label, binaryData, policy); + if (retCode != CKM_API_SUCCESS) + return retCode; + else + return saveDataHelper(cred, name, label, binaryData, policy); } catch (const Exc::Exception &e) { - retCode = e.error(); + return e.error(); } catch (const CKM::Exception &e) { LogError("CKM::Exception: " << e.GetMessage()); - retCode = CKM_API_ERROR_SERVER_ERROR; + return CKM_API_ERROR_SERVER_ERROR; } - return retCode; } int CKMLogic::getKeyForService( @@ -474,19 +475,21 @@ int CKMLogic::extractPKCS12Data( DB::RowVector &output) const { // private key is mandatory - if (!pkcs.getKey()) + auto key = pkcs.getKey(); + if (!key) return CKM_API_ERROR_INVALID_FORMAT; - Key* keyPtr = pkcs.getKey().get(); - Crypto::Data keyData(DataType(keyPtr->getType()), keyPtr->getDER()); + + Crypto::Data keyData(DataType(key->getType()), key->getDER()); int retCode = verifyBinaryData(keyData); if (retCode != CKM_API_SUCCESS) return retCode; output.push_back(createEncryptedRow(crypto, name, ownerLabel, keyData, keyPolicy)); // certificate is mandatory - if (!pkcs.getCertificate()) + auto cert = pkcs.getCertificate(); + if (!cert) return CKM_API_ERROR_INVALID_FORMAT; - Crypto::Data certData(DataType::CERTIFICATE, pkcs.getCertificate().get()->getDER()); + Crypto::Data certData(DataType::CERTIFICATE, cert->getDER()); retCode = verifyBinaryData(certData); if (retCode != CKM_API_SUCCESS) return retCode; diff --git a/src/manager/service/file-lock.cpp b/src/manager/service/file-lock.cpp index 95def7f..27803a0 100644 --- a/src/manager/service/file-lock.cpp +++ b/src/manager/service/file-lock.cpp @@ -32,6 +32,7 @@ #include #include +#include namespace CKM { @@ -51,24 +52,24 @@ FileLock::FileLock(const char* const file) // Open lock file m_lockFd = TEMP_FAILURE_RETRY(creat(file, 0644)); if (m_lockFd == -1) - throw io_exception("Cannot open lock file. Errno: ", strerror(errno)); + throw io_exception("Cannot open lock file. Errno: ", GetErrnoString()); if (-1 == lockf(m_lockFd, F_TLOCK, 0)) { if (errno == EACCES || errno == EAGAIN) throw io_exception("Can't acquire lock. Another instance must be running."); else - throw io_exception("Can't acquire lock. Errno: ", strerror(errno)); + throw io_exception("Can't acquire lock. Errno: ", GetErrnoString()); } std::string pid = std::to_string(getpid()); ssize_t written = TEMP_FAILURE_RETRY(write(m_lockFd, pid.c_str(), pid.size())); if (-1 == written || static_cast(pid.size()) > written) - throw io_exception("Can't write file lock. Errno: ", strerror(errno)); + throw io_exception("Can't write file lock. Errno: ", GetErrnoString()); int ret = fsync(m_lockFd); if (-1 == ret) - throw io_exception("Fsync failed. Errno: ", strerror(errno)); + throw io_exception("Fsync failed. Errno: ", GetErrnoString()); } FileLock::~FileLock() diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index b788fac..f6bb45a 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -54,6 +54,7 @@ SET(TEST_MERGED_SOURCES ${KEY_MANAGER_PATH}/client-async/descriptor-set.cpp ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp ${KEY_MANAGER_PATH}/dpl/core/src/colors.cpp + ${KEY_MANAGER_PATH}/dpl/core/src/errno_string.cpp ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp ${KEY_MANAGER_PATH}/dpl/db/src/naive_synchronization_object.cpp ${KEY_MANAGER_PATH}/sqlcipher/sqlcipher.c diff --git a/tests/encryption-scheme/generate-db.cpp b/tests/encryption-scheme/generate-db.cpp index b5b6c23..3177230 100644 --- a/tests/encryption-scheme/generate-db.cpp +++ b/tests/encryption-scheme/generate-db.cpp @@ -33,6 +33,9 @@ int main() } catch (const std::runtime_error& e) { std::cerr << e.what() << std::endl; return -1; + } catch (...) { + std::cerr << "Unknown exception occured!" << std::endl; + return -1; } } diff --git a/tests/encryption-scheme/scheme-test.cpp b/tests/encryption-scheme/scheme-test.cpp index f154e40..abb6538 100644 --- a/tests/encryption-scheme/scheme-test.cpp +++ b/tests/encryption-scheme/scheme-test.cpp @@ -42,6 +42,7 @@ #include #include #include +#include using namespace CKM; using namespace std; @@ -254,15 +255,39 @@ struct FdCloser { typedef std::unique_ptr FdPtr; uid_t getUid(const char *name) { - passwd *p = getpwnam(name); - BOOST_REQUIRE_MESSAGE(p, "getpwnam failed"); - return p->pw_uid; + struct passwd pwd; + struct passwd *result = nullptr; + int bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); + if (bufsize <= 0) + bufsize = 16384; /* should be more than enough */ + + memset(&pwd, 0x00, sizeof(pwd)); + + std::unique_ptr buf(new char[bufsize]); + BOOST_REQUIRE_MESSAGE(buf, "failed to allocate mem for buf for getpwname_r"); + + int ret = getpwnam_r(name, &pwd, buf.get(), bufsize, &result); + BOOST_REQUIRE_MESSAGE(ret == 0 && result, "getpwnam_r failed"); + + return pwd.pw_uid; } gid_t getGid(const char *name) { - group *g = getgrnam(name); - BOOST_REQUIRE_MESSAGE(g, "getgrnam failed"); - return g->gr_gid; + struct group grp; + struct group *result = nullptr; + size_t bufsize = sysconf(_SC_GETGR_R_SIZE_MAX); + if (bufsize <= 0) + bufsize = 16384; /* should be more than enough */ + + memset(&grp, 0x00, sizeof(grp)); + + std::unique_ptr buf(new char[bufsize]); + BOOST_REQUIRE_MESSAGE(buf, "failed to allocate mem for buf for getgrnam_r"); + + int ret = getgrnam_r(name, &grp, buf.get(), bufsize, &result); + BOOST_REQUIRE_MESSAGE(ret == 0 && result, "getgrnam_r failed"); + + return grp.gr_gid; } void restoreFile(const string& filename) { @@ -275,36 +300,32 @@ void restoreFile(const string& filename) { int sourceFd = TEMP_FAILURE_RETRY(open(sourcePath.c_str(), O_RDONLY)); err = errno; - BOOST_REQUIRE_MESSAGE(sourceFd > 0, "Opening " << sourcePath << " failed: " << strerror(err)); + BOOST_REQUIRE_MESSAGE(sourceFd > 0, "Opening " << sourcePath << " failed: " << GetErrnoString(err)); FdPtr sourceFdPtr(&sourceFd); int targetFd = TEMP_FAILURE_RETRY(creat(targetPath.c_str(), 0644)); err = errno; - BOOST_REQUIRE_MESSAGE(targetFd > 0, "Creating " << targetPath << " failed: " << strerror(err)); + BOOST_REQUIRE_MESSAGE(targetFd > 0, "Creating " << targetPath << " failed: " << GetErrnoString(err)); ret = fchown(targetFd, CKM_UID, CKM_GID); err = errno; - BOOST_REQUIRE_MESSAGE(ret != -1, "fchown() failed: " << strerror(err)); + BOOST_REQUIRE_MESSAGE(ret != -1, "fchown() failed: " << GetErrnoString(err)); FdPtr targetFdPtr(&targetFd); struct stat sourceStat; ret = fstat(sourceFd, &sourceStat); err = errno; - BOOST_REQUIRE_MESSAGE(ret != -1, "fstat() failed: " << strerror(err)); + BOOST_REQUIRE_MESSAGE(ret != -1, "fstat() failed: " << GetErrnoString(err)); ret = sendfile(targetFd, sourceFd, 0, sourceStat.st_size); err = errno; - BOOST_REQUIRE_MESSAGE(ret != -1, "sendfile() failed: " << strerror(err)); + BOOST_REQUIRE_MESSAGE(ret != -1, "sendfile() failed: " << GetErrnoString(err)); ret = fsync(targetFd); err = errno; - BOOST_REQUIRE_MESSAGE(ret != -1, "fsync() failed: " << strerror(err)); - - // TODO scoped close - close(targetFd); - close(sourceFd); + BOOST_REQUIRE_MESSAGE(ret != -1, "fsync() failed: " << GetErrnoString(err)); } void generateRandom(size_t random_bytes, unsigned char *output) diff --git a/tests/encryption-scheme/scheme-test.h b/tests/encryption-scheme/scheme-test.h index 6d020b7..96dab6c 100644 --- a/tests/encryption-scheme/scheme-test.h +++ b/tests/encryption-scheme/scheme-test.h @@ -37,7 +37,10 @@ class Crypto; } // CKM struct Item { - Item() {} + Item() : type(CKM::DataType::Type::DB_LAST) + { + } + Item(const CKM::Alias& alias, const CKM::DataType::Type type, const CKM::Policy& policy) diff --git a/tests/test_db_crypto.cpp b/tests/test_db_crypto.cpp index c8b85d2..a598e4e 100644 --- a/tests/test_db_crypto.cpp +++ b/tests/test_db_crypto.cpp @@ -133,7 +133,7 @@ BOOST_AUTO_TEST_CASE(DBperfLookupAliasByOwner) performance_start("getRow"); for(unsigned int t=0; t #include +#include using namespace CKM; @@ -57,7 +58,7 @@ void closePipe(int* fd) { */ #define PIPE(fd) \ int (fd)[2]; \ - BOOST_REQUIRE_MESSAGE(0 == pipe((fd)),"Pipe creation failed: " << strerror(errno)); \ + BOOST_REQUIRE_MESSAGE(0 == pipe((fd)),"Pipe creation failed: " << GetErrnoString()); \ PipePtr fd##Ptr((fd), closePipe); void unexpectedCallback(int, short) { @@ -69,14 +70,14 @@ void readFd(int fd, int expectedFd, short revents) { BOOST_REQUIRE_MESSAGE(fd == expectedFd, "Unexpected descriptor"); BOOST_REQUIRE_MESSAGE(revents & POLLIN, "Unexpected event"); BOOST_REQUIRE_MESSAGE(1 == TEMP_FAILURE_RETRY(read(fd,buf,1)), - "Pipe read failed" << strerror(errno)); + "Pipe read failed" << GetErrnoString()); } void writeFd(int fd, int expectedFd, short revents) { BOOST_REQUIRE_MESSAGE(fd == expectedFd, "Unexpected descriptor"); BOOST_REQUIRE_MESSAGE(revents & POLLOUT, "Unexpected event"); BOOST_REQUIRE_MESSAGE(1 == TEMP_FAILURE_RETRY(write(fd,"j",1)), - "Pipe writing failed" << strerror(errno)); + "Pipe writing failed" << GetErrnoString()); } } // anonymous namespace @@ -193,7 +194,7 @@ BOOST_AUTO_TEST_CASE(T070_Write) { { char buf[1]; ssize_t tmp = TEMP_FAILURE_RETRY(read(fd[0], buf, 1)); - THREAD_REQUIRE_MESSAGE(tmp == 1, "Pipe reading failed " << strerror(errno)); + THREAD_REQUIRE_MESSAGE(tmp == 1, "Pipe reading failed " << GetErrnoString()); }); BOOST_REQUIRE_NO_THROW(descriptors.wait(POLL_TIMEOUT)); @@ -221,7 +222,7 @@ BOOST_AUTO_TEST_CASE(T080_Read) { auto thread = CreateWatchedThread([fd] { ssize_t tmp = TEMP_FAILURE_RETRY(write(fd[1], "j", 1)); - THREAD_REQUIRE_MESSAGE(tmp == 1, "Pipe writing failed " << strerror(errno)); + THREAD_REQUIRE_MESSAGE(tmp == 1, "Pipe writing failed " << GetErrnoString()); }); BOOST_REQUIRE_NO_THROW(descriptors.wait(POLL_TIMEOUT)); @@ -260,11 +261,11 @@ BOOST_AUTO_TEST_CASE(T090_WriteAfterRead) { auto thread = CreateWatchedThread([fd,fd2] { ssize_t tmp = TEMP_FAILURE_RETRY(write(fd[1], "j", 1)); - BOOST_REQUIRE_MESSAGE(tmp == 1, "Pipe writing failed " << strerror(errno)); + BOOST_REQUIRE_MESSAGE(tmp == 1, "Pipe writing failed " << GetErrnoString()); char buf[1]; tmp = TEMP_FAILURE_RETRY(read(fd2[0], buf, 1)); - THREAD_REQUIRE_MESSAGE(tmp == 1, "Pipe reading failed " << strerror(errno)); + THREAD_REQUIRE_MESSAGE(tmp == 1, "Pipe reading failed " << GetErrnoString()); }); BOOST_REQUIRE_NO_THROW(descriptors.wait(POLL_TIMEOUT)); diff --git a/tools/ckm_db_tool/ckm_db_tool.cpp b/tools/ckm_db_tool/ckm_db_tool.cpp index 378ff9e..ae5087e 100644 --- a/tools/ckm_db_tool/ckm_db_tool.cpp +++ b/tools/ckm_db_tool/ckm_db_tool.cpp @@ -118,13 +118,13 @@ void DbWrapper::process(const string& acmd) displayRow(row, trim); } } catch (const DB::SqlConnection::Exception::Base& e) { - cout << e.GetMessage() << endl; + cerr << e.GetMessage() << endl; } catch (const Exc::Exception &e) { - cout << e.message() << endl; + cerr << e.message() << endl; } catch (const std::exception &e) { - cout << e.what() << endl; + cerr << e.what() << endl; } catch (...) { - cout << "Unexpected exception occurred" << endl; + cerr << "Unexpected exception occurred" << endl; } } @@ -166,70 +166,76 @@ void internalHelp() { int main(int argc, char* argv[]) { - if(argc < 2 || !argv[1]) { - usage(); - return -1; - } + try { + if (argc < 2 || !argv[1]) { + usage(); + return -1; + } - // read uid - stringstream ss(argv[1]); - uid_t uid; - if(!(ss >> uid)) { - usage(); - return -1; - } + // read uid + stringstream ss(argv[1]); + uid_t uid; + if (!(ss >> uid)) { + usage(); + return -1; + } - int idx = 2; + int idx = 2; - // read password - Password pass; - if(uid >= 5000) { - if(argc > idx) { - pass = argv[idx]; - idx++; + // read password + Password pass; + if (uid >= 5000) { + if (argc > idx) { + pass = argv[idx]; + idx++; + } } - } - // read sqlite3 command - string argcmd; - if(argc > idx) - argcmd = argv[idx]; + // read sqlite3 command + string argcmd; + if (argc > idx) + argcmd = argv[idx]; + + // unlock db + DbWrapper dbw(uid, pass); + int retCode = dbw.unlock(); + if (retCode != CKM_API_SUCCESS ) { + cerr << "Unlocking database failed: " << retCode << endl; + return -1; + } + cout << "Database unlocked" << endl; + + while (true) { + string cmd; + if (argcmd.empty()) { + cout << "> "; + if(!getline(cin, cmd)) { + cout << "exit" << endl; + break; // EOF + } + } else { + cmd = argcmd; + } - // unlock db - DbWrapper dbw(uid, pass); - int retCode = dbw.unlock(); - if (retCode != CKM_API_SUCCESS ) { - cout << "Unlocking database failed: " << retCode << endl; - return -1; - } - cout << "Database unlocked" << endl; - - for(;;) { - string cmd; - if (argcmd.empty()) { - cout << "> "; - if(!getline(cin, cmd)) { - cout << "exit" << endl; - break; // EOF + if(cmd == "exit") + break; + if(cmd == "help") { + internalHelp(); + continue; } - } else { - cmd = argcmd; - } - if(cmd == "exit") - break; - if(cmd == "help") { - internalHelp(); - continue; + dbw.process(cmd); + + if(!argcmd.empty()) + break; } - dbw.process(cmd); + dbw.lock(); + cout << "Database locked" << endl; - if(!argcmd.empty()) - break; + return 0; + } catch (...) { + cerr << "Unexpected exception occurred" << endl; + return -1; } - dbw.lock(); - cout << "Database locked" << endl; - - return 0; } diff --git a/tools/ckm_so_loader.cpp b/tools/ckm_so_loader.cpp index a39adb6..085c736 100644 --- a/tools/ckm_so_loader.cpp +++ b/tools/ckm_so_loader.cpp @@ -43,7 +43,7 @@ void clear_cache() sync(); ofstream of("/proc/sys/vm/drop_caches"); if (of.bad()) { - cerr << "Cache clearing failed: " << strerror(errno) << endl; + cerr << "Cache clearing failed with errno: " << errno << endl; return; } of << "3"; @@ -89,36 +89,39 @@ int main(int argc, char* argv[]) return -1; } - int flags = stoi(argv[1]); // let it throw - int repeats = stoi(argv[2]); // let it throw - string so_path(argv[3]); - string symbol(argv[4]); + try { + int flags = stoi(argv[1]); // let it throw + int repeats = stoi(argv[2]); // let it throw + string so_path(argv[3]); + string symbol(argv[4]); - cout << "dlopen[us];dlsym[us]" << endl; - for (int cnt = 0 ; cnt < repeats; cnt++) - { - /* - * It has to be a different process each time. Glibc somehow caches the library information - * and consecutive calls are faster - */ - pid_t pid = fork(); - if (pid < 0) { - cerr << "fork failed: " << strerror(errno) << endl; - return -1; - } - if (pid == 0) { - test(flags, so_path, symbol); - exit(0); - } - else - { - int status; - pid_t ret = waitpid(pid,&status, 0); - if (ret != pid) { - cerr << "waitpid failed: " << strerror(errno) << endl; - exit(1); + cout << "dlopen[us];dlsym[us]" << endl; + for (int cnt = 0 ; cnt < repeats; cnt++) { + /* + * It has to be a different process each time. Glibc somehow caches the library information + * and consecutive calls are faster + */ + pid_t pid = fork(); + if (pid < 0) { + cerr << "fork failed with errno: " << errno << endl; + return -1; + } else if (pid == 0) { + test(flags, so_path, symbol); + exit(0); + } else { + + int status; + pid_t ret = waitpid(pid, &status, 0); + if (ret != pid) { + cerr << "waitpid failed with errno: " << errno << endl; + exit(1); + } } } + + return 0; + } catch (...) { + cerr << "Unexpected exception occured" << endl; + return -1; } - return 0; } -- 2.7.4 From d0b09a208b50206b87e74da500f2c8ba7bfdd7e5 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Mon, 14 Mar 2016 22:46:06 +0900 Subject: [PATCH 07/16] Add for_each files handling style when reading dir Change-Id: I41ecf62acf6277db6651fdbf3ac5b0eb4761f005 Signed-off-by: Kyungwook Tak --- src/CMakeLists.txt | 27 +++++----- .../initial-values/initial-value-loader.cpp | 24 +++------ src/manager/service/file-system.cpp | 52 +++++++----------- src/manager/service/for-each-file.cpp | 61 ++++++++++++++++++++++ src/manager/service/for-each-file.h | 33 ++++++++++++ tests/CMakeLists.txt | 26 +++++---- tests/encryption-scheme/CMakeLists.txt | 11 ++-- tests/resources/traverse/res-1 | 1 + tests/resources/traverse/res-10 | 1 + tests/resources/traverse/res-2 | 1 + tests/resources/traverse/res-3 | 1 + tests/resources/traverse/res-4 | 1 + tests/resources/traverse/res-5 | 1 + tests/resources/traverse/res-6 | 1 + tests/resources/traverse/res-7 | 1 + tests/resources/traverse/res-8 | 1 + tests/resources/traverse/res-9 | 1 + tests/test_for-each-file.cpp | 47 +++++++++++++++++ tools/ckm_db_tool/CMakeLists.txt | 52 +++++++++--------- 19 files changed, 238 insertions(+), 105 deletions(-) create mode 100644 src/manager/service/for-each-file.cpp create mode 100644 src/manager/service/for-each-file.h create mode 100644 tests/resources/traverse/res-1 create mode 100644 tests/resources/traverse/res-10 create mode 100644 tests/resources/traverse/res-2 create mode 100644 tests/resources/traverse/res-3 create mode 100644 tests/resources/traverse/res-4 create mode 100644 tests/resources/traverse/res-5 create mode 100644 tests/resources/traverse/res-6 create mode 100644 tests/resources/traverse/res-7 create mode 100644 tests/resources/traverse/res-8 create mode 100644 tests/resources/traverse/res-9 create mode 100644 tests/test_for-each-file.cpp diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 9bcd3a4..619b44e 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -33,28 +33,29 @@ ENDIF (MOCKUP_SM MATCHES "ON") SET(KEY_MANAGER_SOURCES ${KEY_MANAGER_PATH}/main/generic-socket-manager.cpp - ${KEY_MANAGER_PATH}/main/socket-manager.cpp ${KEY_MANAGER_PATH}/main/key-manager-main.cpp ${KEY_MANAGER_PATH}/main/smack-check.cpp - ${KEY_MANAGER_PATH}/main/thread-service.cpp ${KEY_MANAGER_PATH}/main/socket-2-id.cpp - ${KEY_MANAGER_PATH}/service/certificate-store.cpp - ${KEY_MANAGER_PATH}/service/certificate-config.cpp - ${KEY_MANAGER_PATH}/service/file-lock.cpp + ${KEY_MANAGER_PATH}/main/socket-manager.cpp + ${KEY_MANAGER_PATH}/main/thread-service.cpp ${KEY_MANAGER_PATH}/service/access-control.cpp - ${KEY_MANAGER_PATH}/service/ckm-service.cpp + ${KEY_MANAGER_PATH}/service/certificate-config.cpp + ${KEY_MANAGER_PATH}/service/certificate-store.cpp ${KEY_MANAGER_PATH}/service/ckm-logic.cpp - ${KEY_MANAGER_PATH}/service/glib-service.cpp + ${KEY_MANAGER_PATH}/service/ckm-service.cpp + ${KEY_MANAGER_PATH}/service/crypto-logic.cpp + ${KEY_MANAGER_PATH}/service/db-crypto.cpp + ${KEY_MANAGER_PATH}/service/encryption-logic.cpp + ${KEY_MANAGER_PATH}/service/encryption-service.cpp + ${KEY_MANAGER_PATH}/service/file-lock.cpp + ${KEY_MANAGER_PATH}/service/file-system.cpp + ${KEY_MANAGER_PATH}/service/for-each-file.cpp ${KEY_MANAGER_PATH}/service/glib-logic.cpp + ${KEY_MANAGER_PATH}/service/glib-service.cpp ${KEY_MANAGER_PATH}/service/key-provider.cpp ${KEY_MANAGER_PATH}/service/ocsp.cpp - ${KEY_MANAGER_PATH}/service/crypto-logic.cpp - ${KEY_MANAGER_PATH}/service/file-system.cpp - ${KEY_MANAGER_PATH}/service/db-crypto.cpp - ${KEY_MANAGER_PATH}/service/ocsp-service.cpp ${KEY_MANAGER_PATH}/service/ocsp-logic.cpp - ${KEY_MANAGER_PATH}/service/encryption-service.cpp - ${KEY_MANAGER_PATH}/service/encryption-logic.cpp + ${KEY_MANAGER_PATH}/service/ocsp-service.cpp ${KEY_MANAGER_PATH}/initial-values/parser.cpp ${KEY_MANAGER_PATH}/initial-values/BufferHandler.cpp ${KEY_MANAGER_PATH}/initial-values/CertHandler.cpp diff --git a/src/manager/initial-values/initial-value-loader.cpp b/src/manager/initial-values/initial-value-loader.cpp index 1fd715d..ac1e431 100644 --- a/src/manager/initial-values/initial-value-loader.cpp +++ b/src/manager/initial-values/initial-value-loader.cpp @@ -19,11 +19,10 @@ * @version 1.0 * @brief */ -#include - #include #include +#include #include namespace { @@ -38,23 +37,16 @@ void LoadFiles(CKMLogic &logic) { try { std::vector filesToParse; - DIR *dp = opendir(INITIAL_VALUES_DIR); - if (dp) { - struct dirent *entry; - while ((entry = readdir(dp))) { - std::string filename = std::string(entry->d_name); - // check if XML file - std::string lowercaseFilename = filename; - std::transform(lowercaseFilename.begin(), lowercaseFilename.end(), lowercaseFilename.begin(), ::tolower); + forEachFile(INITIAL_VALUES_DIR, [&filesToParse](const std::string &filename) { + std::string lowercaseFilename = filename; + std::transform(lowercaseFilename.begin(), lowercaseFilename.end(), lowercaseFilename.begin(), ::tolower); - if (lowercaseFilename.find(INIT_VALUES_FILE_SUFFIX) == std::string::npos) - continue; + if (lowercaseFilename.find(INIT_VALUES_FILE_SUFFIX) == std::string::npos) + return; - filesToParse.push_back(std::string(INITIAL_VALUES_DIR) + "/" + filename); - } - closedir(dp); - } + filesToParse.emplace_back(std::string(INITIAL_VALUES_DIR) + "/" + filename); + }); // parse for (const auto & file : filesToParse) { diff --git a/src/manager/service/file-system.cpp b/src/manager/service/file-system.cpp index 9adbb22..9e32f99 100644 --- a/src/manager/service/file-system.cpp +++ b/src/manager/service/file-system.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2000 - 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,17 +14,16 @@ * limitations under the License * * - * @file FileSystem.cpp + * @file file-system.cpp * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) * @version 1.0 - * @brief Sample service implementation. + * @brief File related operations. */ #include #include #include #include #include -#include #include #include @@ -38,6 +37,7 @@ #include #include +#include #include namespace { @@ -188,42 +188,26 @@ int FileSystem::init() UidVector FileSystem::getUIDsFromDBFile() { UidVector uids; - std::unique_ptr> - dirp(::opendir(RW_DATA_DIR), ::closedir); - if (!dirp.get()) { - int err = errno; - LogError("Error in opendir. Data directory could not be read. Error: " << GetErrnoString(err)); - return UidVector(); - } - - size_t len = offsetof(struct dirent, d_name) + pathconf(RW_DATA_DIR, _PC_NAME_MAX) + 1; - std::unique_ptr> - pEntry(static_cast(::malloc(len)), ::free); - - if (!pEntry) { - LogError("Memory allocation failed."); - return UidVector(); - } + forEachFile(RW_DATA_DIR, [&uids](const std::string &filename) { + if (strncmp(filename.c_str(), CKM_KEY_PREFIX.c_str(), CKM_KEY_PREFIX.size())) + return; - struct dirent* pDirEntry = NULL; - - while ( (!readdir_r(dirp.get(), pEntry.get(), &pDirEntry)) && pDirEntry ) { - // Ignore files with diffrent prefix - if (strncmp(pDirEntry->d_name, CKM_KEY_PREFIX.c_str(), CKM_KEY_PREFIX.size())) - continue; - - // We find database. Let's extract user id. try { - uids.push_back(static_cast(std::stoi((pDirEntry->d_name)+CKM_KEY_PREFIX.size()))); + uids.emplace_back(static_cast(std::stoi((filename.c_str()) + + CKM_KEY_PREFIX.size()))); } catch (const std::invalid_argument) { - LogDebug("Error in extracting uid from db file. Error=std::invalid_argument." - "This will be ignored.File=" << pDirEntry->d_name << ""); + LogDebug("Error in extracting uid from db file. " + "Error=std::invalid_argument. " + "This will be ignored.File=" << filename); } catch(const std::out_of_range) { - LogDebug("Error in extracting uid from db file. Error=std::out_of_range." - "This will be ignored. File="<< pDirEntry->d_name << ""); + LogDebug("Error in extracting uid from db file. " + "Error=std::out_of_range. " + "This will be ignored. File="<< filename); } - } + + return; + }); return uids; } diff --git a/src/manager/service/for-each-file.cpp b/src/manager/service/for-each-file.cpp new file mode 100644 index 0000000..f6e804d --- /dev/null +++ b/src/manager/service/for-each-file.cpp @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file for-each-file.cpp + * @author Kyungwook Tak (k.tak@samsung.com) + * @version 1.0 + * @brief Handle all files in the directory by given function. + */ +#include "for-each-file.h" + +#include +#include +#include +#include +#include + +#include +#include + +namespace CKM { + +void forEachFile(const std::string &dirpath, ActionFunc func) +{ + std::unique_ptr> + dirp(::opendir(dirpath.c_str()), ::closedir); + + if (!dirp.get()) + ThrowErr(Exc::FileSystemFailed, + "Cannot open dir: ", dirpath, " errno: ", GetErrnoString()); + + size_t len = + offsetof(struct dirent, d_name) + pathconf(dirpath.c_str(), _PC_NAME_MAX) + 1; + + std::unique_ptr> + pEntry(static_cast(::malloc(len)), ::free); + + if (!pEntry) + ThrowErr(Exc::InternalError, "Memory allocation failed for dir entry"); + + struct dirent *pDirEntry = nullptr; + + while ((!readdir_r(dirp.get(), pEntry.get(), &pDirEntry)) && pDirEntry) { + /* run func for every file names in dirpath. d_name is only file name, not path */ + func(pDirEntry->d_name); + } +} + +} diff --git a/src/manager/service/for-each-file.h b/src/manager/service/for-each-file.h new file mode 100644 index 0000000..0c03234 --- /dev/null +++ b/src/manager/service/for-each-file.h @@ -0,0 +1,33 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file for-each-file.h + * @author Kyungwook Tak (k.tak@samsung.com) + * @version 1.0 + * @brief Handle all files in the directory by given function. + */ +#pragma once + +#include +#include + +namespace CKM { + +using ActionFunc = std::function; + +void forEachFile(const std::string &dirpath, ActionFunc func); + +} diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index f6bb45a..5d5343d 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -34,29 +34,31 @@ INCLUDE_DIRECTORIES( ) SET(TEST_MERGED_SOURCES + ${KEY_MANAGER_TEST_MERGED_SRC}/colour_log_formatter.cpp + ${KEY_MANAGER_TEST_MERGED_SRC}/DBFixture.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/main.cpp + ${KEY_MANAGER_TEST_MERGED_SRC}/test_comm-manager.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_common.cpp - ${KEY_MANAGER_TEST_MERGED_SRC}/DBFixture.cpp - ${KEY_MANAGER_TEST_MERGED_SRC}/colour_log_formatter.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_db_crypto.cpp - ${KEY_MANAGER_TEST_MERGED_SRC}/test_sql.cpp + ${KEY_MANAGER_TEST_MERGED_SRC}/test_descriptor-set.cpp + ${KEY_MANAGER_TEST_MERGED_SRC}/test_encryption-scheme.cpp + ${KEY_MANAGER_TEST_MERGED_SRC}/test_for-each-file.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test-key-provider.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_safe-buffer.cpp - ${KEY_MANAGER_TEST_MERGED_SRC}/test_descriptor-set.cpp - ${KEY_MANAGER_TEST_MERGED_SRC}/test_comm-manager.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_serialization.cpp + ${KEY_MANAGER_TEST_MERGED_SRC}/test_sql.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_xml-parser.cpp - ${KEY_MANAGER_TEST_MERGED_SRC}/test_encryption-scheme.cpp - ${KEY_MANAGER_PATH}/service/db-crypto.cpp - ${KEY_MANAGER_PATH}/service/key-provider.cpp - ${KEY_MANAGER_PATH}/initial-values/parser.cpp - ${KEY_MANAGER_PATH}/initial-values/xml-utils.cpp ${KEY_MANAGER_PATH}/client-async/descriptor-set.cpp ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp ${KEY_MANAGER_PATH}/dpl/core/src/colors.cpp ${KEY_MANAGER_PATH}/dpl/core/src/errno_string.cpp - ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp ${KEY_MANAGER_PATH}/dpl/db/src/naive_synchronization_object.cpp + ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp + ${KEY_MANAGER_PATH}/initial-values/parser.cpp + ${KEY_MANAGER_PATH}/initial-values/xml-utils.cpp + ${KEY_MANAGER_PATH}/service/db-crypto.cpp + ${KEY_MANAGER_PATH}/service/for-each-file.cpp + ${KEY_MANAGER_PATH}/service/key-provider.cpp ${KEY_MANAGER_PATH}/sqlcipher/sqlcipher.c ) @@ -93,4 +95,6 @@ INSTALL( DESTINATION ${DB_TEST_DIR} ) +INSTALL(DIRECTORY resources/traverse DESTINATION ${DB_TEST_DIR}) + ADD_SUBDIRECTORY(encryption-scheme) diff --git a/tests/encryption-scheme/CMakeLists.txt b/tests/encryption-scheme/CMakeLists.txt index ce4d98a..a291583 100644 --- a/tests/encryption-scheme/CMakeLists.txt +++ b/tests/encryption-scheme/CMakeLists.txt @@ -32,13 +32,14 @@ SET(ENCRYPTION_SCHEME_SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/smack-access.cpp ${CMAKE_CURRENT_SOURCE_DIR}/scheme-test.cpp - ${KEY_MANAGER_PATH}/service/file-lock.cpp - ${KEY_MANAGER_PATH}/service/key-provider.cpp - ${KEY_MANAGER_PATH}/service/db-crypto.cpp - ${KEY_MANAGER_PATH}/service/file-system.cpp ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp - ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp ${KEY_MANAGER_PATH}/dpl/db/src/naive_synchronization_object.cpp + ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp + ${KEY_MANAGER_PATH}/service/db-crypto.cpp + ${KEY_MANAGER_PATH}/service/file-lock.cpp + ${KEY_MANAGER_PATH}/service/file-system.cpp + ${KEY_MANAGER_PATH}/service/for-each-file.cpp + ${KEY_MANAGER_PATH}/service/key-provider.cpp ${KEY_MANAGER_PATH}/sqlcipher/sqlcipher.c ) diff --git a/tests/resources/traverse/res-1 b/tests/resources/traverse/res-1 new file mode 100644 index 0000000..cc356ec --- /dev/null +++ b/tests/resources/traverse/res-1 @@ -0,0 +1 @@ +res 1 diff --git a/tests/resources/traverse/res-10 b/tests/resources/traverse/res-10 new file mode 100644 index 0000000..df432bb --- /dev/null +++ b/tests/resources/traverse/res-10 @@ -0,0 +1 @@ +res 10 diff --git a/tests/resources/traverse/res-2 b/tests/resources/traverse/res-2 new file mode 100644 index 0000000..340160e --- /dev/null +++ b/tests/resources/traverse/res-2 @@ -0,0 +1 @@ +res 2 diff --git a/tests/resources/traverse/res-3 b/tests/resources/traverse/res-3 new file mode 100644 index 0000000..0e0c42c --- /dev/null +++ b/tests/resources/traverse/res-3 @@ -0,0 +1 @@ +res 3 diff --git a/tests/resources/traverse/res-4 b/tests/resources/traverse/res-4 new file mode 100644 index 0000000..29e0ca8 --- /dev/null +++ b/tests/resources/traverse/res-4 @@ -0,0 +1 @@ +res 4 diff --git a/tests/resources/traverse/res-5 b/tests/resources/traverse/res-5 new file mode 100644 index 0000000..6b33cbf --- /dev/null +++ b/tests/resources/traverse/res-5 @@ -0,0 +1 @@ +res 5 diff --git a/tests/resources/traverse/res-6 b/tests/resources/traverse/res-6 new file mode 100644 index 0000000..a505c59 --- /dev/null +++ b/tests/resources/traverse/res-6 @@ -0,0 +1 @@ +res 6 diff --git a/tests/resources/traverse/res-7 b/tests/resources/traverse/res-7 new file mode 100644 index 0000000..6b99474 --- /dev/null +++ b/tests/resources/traverse/res-7 @@ -0,0 +1 @@ +res 7 diff --git a/tests/resources/traverse/res-8 b/tests/resources/traverse/res-8 new file mode 100644 index 0000000..221a915 --- /dev/null +++ b/tests/resources/traverse/res-8 @@ -0,0 +1 @@ +res 8 diff --git a/tests/resources/traverse/res-9 b/tests/resources/traverse/res-9 new file mode 100644 index 0000000..e15cf5e --- /dev/null +++ b/tests/resources/traverse/res-9 @@ -0,0 +1 @@ +res 9 diff --git a/tests/test_for-each-file.cpp b/tests/test_for-each-file.cpp new file mode 100644 index 0000000..60baf35 --- /dev/null +++ b/tests/test_for-each-file.cpp @@ -0,0 +1,47 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ +/* + * @file test_for-each-file.cpp + * @author Kyungwook Tak (k.tak@samsung.com) + * @version 1.0 + */ +#include + +#include +#include + +#include +#include + +using namespace CKM; + +BOOST_AUTO_TEST_SUITE(TRAVERSE_DIR_TEST) + +BOOST_AUTO_TEST_CASE(T010_check_prefix) +{ + std::vector files; + + forEachFile(DB_TEST_DIR "/traverse", [&files](const std::string &filename) { + if (filename.find("res-") == std::string::npos) + return; + + files.push_back(filename); + }); + + BOOST_REQUIRE_MESSAGE(files.size() == 10, "files num in traverse dir should be 10"); +} + +BOOST_AUTO_TEST_SUITE_END() diff --git a/tools/ckm_db_tool/CMakeLists.txt b/tools/ckm_db_tool/CMakeLists.txt index 7fe71fd..ad413b5 100644 --- a/tools/ckm_db_tool/CMakeLists.txt +++ b/tools/ckm_db_tool/CMakeLists.txt @@ -33,43 +33,43 @@ SET(CKM_DB_TOOL_SOURCES ${PROJECT_SOURCE_DIR}/tools/ckm_db_tool/ckm_db_tool.cpp ${PROJECT_SOURCE_DIR}/tools/ckm_db_tool/db-crypto-ext.cpp ${PROJECT_SOURCE_DIR}/tools/ckm_db_tool/ckm-logic-ext.cpp + ${KEY_MANAGER_PATH}/crypto/platform/decider.cpp + ${KEY_MANAGER_PATH}/crypto/sw-backend/internals.cpp + ${KEY_MANAGER_PATH}/crypto/sw-backend/obj.cpp + ${KEY_MANAGER_PATH}/crypto/sw-backend/store.cpp + ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp + ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp + ${KEY_MANAGER_PATH}/dpl/db/src/naive_synchronization_object.cpp + ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp + ${KEY_MANAGER_PATH}/initial-values/BufferHandler.cpp + ${KEY_MANAGER_PATH}/initial-values/CertHandler.cpp + ${KEY_MANAGER_PATH}/initial-values/DataHandler.cpp + ${KEY_MANAGER_PATH}/initial-values/InitialValueHandler.cpp + ${KEY_MANAGER_PATH}/initial-values/InitialValuesFile.cpp + ${KEY_MANAGER_PATH}/initial-values/KeyHandler.cpp + ${KEY_MANAGER_PATH}/initial-values/NoCharactersHandler.cpp + ${KEY_MANAGER_PATH}/initial-values/parser.cpp + ${KEY_MANAGER_PATH}/initial-values/PermissionHandler.cpp ${KEY_MANAGER_PATH}/initial-values/SWKeyFile.cpp - + ${KEY_MANAGER_PATH}/initial-values/xml-utils.cpp ${KEY_MANAGER_PATH}/main/cynara.cpp ${KEY_MANAGER_PATH}/main/generic-socket-manager.cpp - ${KEY_MANAGER_PATH}/main/socket-manager.cpp ${KEY_MANAGER_PATH}/main/smack-check.cpp - ${KEY_MANAGER_PATH}/main/thread-service.cpp ${KEY_MANAGER_PATH}/main/socket-2-id.cpp - ${KEY_MANAGER_PATH}/service/certificate-store.cpp - ${KEY_MANAGER_PATH}/service/certificate-config.cpp - ${KEY_MANAGER_PATH}/service/file-lock.cpp + ${KEY_MANAGER_PATH}/main/socket-2-id-mockup.cpp + ${KEY_MANAGER_PATH}/main/socket-manager.cpp + ${KEY_MANAGER_PATH}/main/thread-service.cpp ${KEY_MANAGER_PATH}/service/access-control.cpp + ${KEY_MANAGER_PATH}/service/certificate-config.cpp + ${KEY_MANAGER_PATH}/service/certificate-store.cpp ${KEY_MANAGER_PATH}/service/ckm-logic.cpp - ${KEY_MANAGER_PATH}/service/key-provider.cpp ${KEY_MANAGER_PATH}/service/crypto-logic.cpp ${KEY_MANAGER_PATH}/service/db-crypto.cpp + ${KEY_MANAGER_PATH}/service/file-lock.cpp ${KEY_MANAGER_PATH}/service/file-system.cpp - ${KEY_MANAGER_PATH}/initial-values/parser.cpp - ${KEY_MANAGER_PATH}/initial-values/BufferHandler.cpp - ${KEY_MANAGER_PATH}/initial-values/CertHandler.cpp - ${KEY_MANAGER_PATH}/initial-values/DataHandler.cpp - ${KEY_MANAGER_PATH}/initial-values/KeyHandler.cpp - ${KEY_MANAGER_PATH}/initial-values/PermissionHandler.cpp - ${KEY_MANAGER_PATH}/initial-values/InitialValueHandler.cpp - ${KEY_MANAGER_PATH}/initial-values/InitialValuesFile.cpp - ${KEY_MANAGER_PATH}/initial-values/NoCharactersHandler.cpp - ${KEY_MANAGER_PATH}/initial-values/xml-utils.cpp - ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp - ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp - ${KEY_MANAGER_PATH}/dpl/db/src/naive_synchronization_object.cpp + ${KEY_MANAGER_PATH}/service/for-each-file.cpp + ${KEY_MANAGER_PATH}/service/key-provider.cpp ${KEY_MANAGER_PATH}/sqlcipher/sqlcipher.c - ${KEY_MANAGER_PATH}/crypto/sw-backend/obj.cpp - ${KEY_MANAGER_PATH}/crypto/sw-backend/internals.cpp - ${KEY_MANAGER_PATH}/crypto/sw-backend/store.cpp - ${KEY_MANAGER_PATH}/crypto/platform/decider.cpp - ${KEY_MANAGER_PATH}/crypto/tz-backend/store.cpp - ${KEY_MANAGER_PATH}/main/socket-2-id-mockup.cpp ) ADD_EXECUTABLE( ${CKM_DB_TOOL} ${CKM_DB_TOOL_SOURCES} ) -- 2.7.4 From ff6994d12c984776e5dfd38346d2dcf9f9b91c5c Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Tue, 15 Mar 2016 10:06:03 +0900 Subject: [PATCH 08/16] Remove useless CKMC error -> CKM error converter Change-Id: Ia8fcfd5424d2886ffcc535220b301c1bb9ea8078 Signed-off-by: Kyungwook Tak --- src/CMakeLists.txt | 2 - src/include/ckm/ckm-type.h | 2 - src/manager/client-capi/ckmc-error.cpp | 32 ------------- src/manager/client-capi/ckmc-type-converter.cpp | 30 ------------ src/manager/client-capi/ckmc-type-converter.h | 1 - src/manager/client/client-error.cpp | 63 ------------------------- 6 files changed, 130 deletions(-) delete mode 100644 src/manager/client-capi/ckmc-error.cpp delete mode 100644 src/manager/client/client-error.cpp diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 619b44e..574b249 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -135,7 +135,6 @@ INCLUDE_DIRECTORIES( SET(KEY_MANAGER_CLIENT_SOURCES ${KEY_MANAGER_CLIENT_SRC_PATH}/client-common.cpp - ${KEY_MANAGER_CLIENT_SRC_PATH}/client-error.cpp ${KEY_MANAGER_CLIENT_SRC_PATH}/client-manager.cpp ${KEY_MANAGER_CLIENT_SRC_PATH}/client-manager-impl.cpp ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/client-manager-async.cpp @@ -148,7 +147,6 @@ SET(KEY_MANAGER_CLIENT_SOURCES ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/encryption-receiver.cpp ${KEY_MANAGER_CLIENT_ASYNC_SRC_PATH}/descriptor-set.cpp ${KEY_MANAGER_CLIENT_CAPI_SRC_PATH}/ckmc-type.cpp - ${KEY_MANAGER_CLIENT_CAPI_SRC_PATH}/ckmc-error.cpp ${KEY_MANAGER_CLIENT_CAPI_SRC_PATH}/ckmc-manager.cpp ${KEY_MANAGER_CLIENT_CAPI_SRC_PATH}/ckmc-type-converter.cpp ) diff --git a/src/include/ckm/ckm-type.h b/src/include/ckm/ckm-type.h index 352dc14..7b91d99 100644 --- a/src/include/ckm/ckm-type.h +++ b/src/include/ckm/ckm-type.h @@ -108,8 +108,6 @@ enum Permission: int { // keep in sync with ckmc_permission_e ! }; -const char * ErrorToString(int error); - // algorithm parameters enum class ParamName : int { ALGO_TYPE = 1, // If there's no such param, the service will try to deduce the algorithm diff --git a/src/manager/client-capi/ckmc-error.cpp b/src/manager/client-capi/ckmc-error.cpp deleted file mode 100644 index d606846..0000000 --- a/src/manager/client-capi/ckmc-error.cpp +++ /dev/null @@ -1,32 +0,0 @@ -/* - * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - * - * - * @file ckmc-error.cpp - * @author Yuseok Jeon(yuseok.jeon@samsung.com) - * @version 1.0 - * @brief This file contains the conversion method to C from C++ about how to get error string. - */ - -#include -#include -#include -#include - -KEY_MANAGER_CAPI -const char * ckmc_error_to_string(int error) -{ - return CKM::ErrorToString(to_ckm_error(error)); -} diff --git a/src/manager/client-capi/ckmc-type-converter.cpp b/src/manager/client-capi/ckmc-type-converter.cpp index 8a27cfb..94a4385 100644 --- a/src/manager/client-capi/ckmc-type-converter.cpp +++ b/src/manager/client-capi/ckmc-type-converter.cpp @@ -23,36 +23,6 @@ #include #include -int to_ckm_error(int ckmc_error) -{ - switch (ckmc_error) { - case CKMC_ERROR_NONE: return CKM_API_SUCCESS; - case CKMC_ERROR_SOCKET: return CKM_API_ERROR_SOCKET; - case CKMC_ERROR_BAD_REQUEST: return CKM_API_ERROR_BAD_REQUEST; - case CKMC_ERROR_BAD_RESPONSE: return CKM_API_ERROR_BAD_RESPONSE; - case CKMC_ERROR_SEND_FAILED: return CKM_API_ERROR_SEND_FAILED; - case CKMC_ERROR_RECV_FAILED: return CKM_API_ERROR_RECV_FAILED; - case CKMC_ERROR_AUTHENTICATION_FAILED: return CKM_API_ERROR_AUTHENTICATION_FAILED; - case CKMC_ERROR_INVALID_PARAMETER: return CKM_API_ERROR_INPUT_PARAM; - case CKMC_ERROR_BUFFER_TOO_SMALL: return CKM_API_ERROR_BUFFER_TOO_SMALL; - case CKMC_ERROR_OUT_OF_MEMORY: return CKM_API_ERROR_OUT_OF_MEMORY; - case CKMC_ERROR_PERMISSION_DENIED: return CKM_API_ERROR_ACCESS_DENIED; - case CKMC_ERROR_SERVER_ERROR: return CKM_API_ERROR_SERVER_ERROR; - case CKMC_ERROR_DB_LOCKED: return CKM_API_ERROR_DB_LOCKED; - case CKMC_ERROR_DB_ERROR: return CKM_API_ERROR_DB_ERROR; - case CKMC_ERROR_DB_ALIAS_EXISTS: return CKM_API_ERROR_DB_ALIAS_EXISTS; - case CKMC_ERROR_DB_ALIAS_UNKNOWN: return CKM_API_ERROR_DB_ALIAS_UNKNOWN; - case CKMC_ERROR_VERIFICATION_FAILED: return CKM_API_ERROR_VERIFICATION_FAILED; - case CKMC_ERROR_INVALID_FORMAT: return CKM_API_ERROR_INVALID_FORMAT; - case CKMC_ERROR_FILE_ACCESS_DENIED: return CKM_API_ERROR_FILE_ACCESS_DENIED; - case CKMC_ERROR_NOT_EXPORTABLE: return CKM_API_ERROR_NOT_EXPORTABLE; - case CKMC_ERROR_FILE_SYSTEM: return CKM_API_ERROR_FILE_SYSTEM; - case CKMC_ERROR_NOT_SUPPORTED: return CKM_API_ERROR_NOT_SUPPORTED; - case CKMC_ERROR_UNKNOWN: return CKM_API_ERROR_UNKNOWN; - } - return CKMC_ERROR_UNKNOWN; -} - int to_ckmc_error(int ckm_error) { switch (ckm_error) { diff --git a/src/manager/client-capi/ckmc-type-converter.h b/src/manager/client-capi/ckmc-type-converter.h index 1de3325..0a49d0e 100644 --- a/src/manager/client-capi/ckmc-type-converter.h +++ b/src/manager/client-capi/ckmc-type-converter.h @@ -32,7 +32,6 @@ extern "C" { #endif int to_ckmc_error(int ckm_error); -int to_ckm_error(int ckmc_error); ckmc_ocsp_status_e to_ckmc_ocsp_status(int ckm_ocsp_status); int access_to_permission_mask(ckmc_access_right_e ar, int & permissionMask); diff --git a/src/manager/client/client-error.cpp b/src/manager/client/client-error.cpp deleted file mode 100644 index fc018e3..0000000 --- a/src/manager/client/client-error.cpp +++ /dev/null @@ -1,63 +0,0 @@ -/* Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License - * - * - * @file client-error.cpp - * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @version 1.0 - * @brief This file contains example of ckm-manager client implementation - */ -#include -#include - -#define ERRORDESCRIBE(name) case name: return #name - -namespace CKM { -__attribute__((visibility("default"))) - -const char * ErrorToString(int error) -{ - switch (error) { - ERRORDESCRIBE(CKM_API_SUCCESS); - ERRORDESCRIBE(CKM_API_ERROR_SOCKET); - ERRORDESCRIBE(CKM_API_ERROR_BAD_REQUEST); - ERRORDESCRIBE(CKM_API_ERROR_BAD_RESPONSE); - ERRORDESCRIBE(CKM_API_ERROR_SEND_FAILED); - ERRORDESCRIBE(CKM_API_ERROR_RECV_FAILED); - ERRORDESCRIBE(CKM_API_ERROR_AUTHENTICATION_FAILED); - ERRORDESCRIBE(CKM_API_ERROR_INPUT_PARAM); - ERRORDESCRIBE(CKM_API_ERROR_BUFFER_TOO_SMALL); - ERRORDESCRIBE(CKM_API_ERROR_OUT_OF_MEMORY); - ERRORDESCRIBE(CKM_API_ERROR_ACCESS_DENIED); - ERRORDESCRIBE(CKM_API_ERROR_SERVER_ERROR); - ERRORDESCRIBE(CKM_API_ERROR_DB_LOCKED); - ERRORDESCRIBE(CKM_API_ERROR_DB_ERROR); - ERRORDESCRIBE(CKM_API_ERROR_DB_ALIAS_EXISTS); - ERRORDESCRIBE(CKM_API_ERROR_DB_ALIAS_UNKNOWN); - ERRORDESCRIBE(CKM_API_ERROR_VERIFICATION_FAILED); - ERRORDESCRIBE(CKM_API_ERROR_INVALID_FORMAT); - ERRORDESCRIBE(CKM_API_ERROR_FILE_ACCESS_DENIED); - ERRORDESCRIBE(CKM_API_ERROR_NOT_EXPORTABLE); - ERRORDESCRIBE(CKM_API_ERROR_FILE_SYSTEM); - ERRORDESCRIBE(CKM_API_ERROR_NOT_SUPPORTED); - ERRORDESCRIBE(CKM_API_ERROR_UNKNOWN); - default: - return "Error not defined"; - } -} - -#undef ERRORDESCRIBE - -} // namespace CKM - -- 2.7.4 From 20bca1eb006ba3c6ec92fa0e460fee035f266a21 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Tue, 15 Mar 2016 11:26:58 +0900 Subject: [PATCH 09/16] Refactor client-capi manager as c++ style Change-Id: If26aab66bc2b8e4fdfb14c62d9c79300d8af61e0 Signed-off-by: Kyungwook Tak --- src/manager/client-capi/ckmc-manager.cpp | 586 ++++++++++++++----------------- 1 file changed, 254 insertions(+), 332 deletions(-) diff --git a/src/manager/client-capi/ckmc-manager.cpp b/src/manager/client-capi/ckmc-manager.cpp index 6a62e0b..b060165 100644 --- a/src/manager/client-capi/ckmc-manager.cpp +++ b/src/manager/client-capi/ckmc-manager.cpp @@ -35,39 +35,41 @@ namespace { const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR; const CKM::AliasVector EMPTY_ALIAS_VECTOR; -CKM::Password _tostring(const char *str) +inline CKM::Password _tostring(const char *str) { - if (str == NULL) - return CKM::Password(); - return CKM::Password(str); + return (str == nullptr) ? CKM::Password() : CKM::Password(str); } -CKM::KeyShPtr _toCkmKey(const ckmc_key_s *key) +inline CKM::Policy _toCkmPolicy(const ckmc_policy_s &policy) { - if (key) { - CKM::RawBuffer buffer(key->raw_key, key->raw_key + key->key_size); - return CKM::Key::create(buffer, _tostring(key->password)); - } - return CKM::KeyShPtr(); + return CKM::Policy(_tostring(policy.password), policy.extractable); } -CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert) +inline CKM::KeyShPtr _toCkmKey(const ckmc_key_s *key) { - if (cert) { - CKM::RawBuffer buffer(cert->raw_cert, cert->raw_cert + cert->cert_size); - CKM::DataFormat dataFormat = static_cast(static_cast(cert->data_format)); - return CKM::Certificate::create(buffer, dataFormat); - } - return CKM::CertificateShPtr(); + return (key == nullptr) ? + CKM::KeyShPtr() : + CKM::Key::create( + CKM::RawBuffer(key->raw_key, key->raw_key + key->key_size), + _tostring(key->password)); +} + +inline CKM::CertificateShPtr _toCkmCertificate(const ckmc_cert_s *cert) +{ + return (cert == nullptr) ? + CKM::CertificateShPtr() : + CKM::Certificate::create( + CKM::RawBuffer(cert->raw_cert, cert->raw_cert + cert->cert_size), + static_cast(static_cast(cert->data_format))); } CKM::CertificateShPtrVector _toCkmCertificateVector(const ckmc_cert_list_s *list) { CKM::CertificateShPtrVector certs; - ckmc_cert_list_s *current = const_cast(list); - while (current != NULL) { - if (current->cert != NULL) - certs.push_back(_toCkmCertificate(current->cert)); + auto current = list; + while (current != nullptr) { + if (current->cert != nullptr) + certs.emplace_back(_toCkmCertificate(current->cert)); current = current->next; } return certs; @@ -76,10 +78,10 @@ CKM::CertificateShPtrVector _toCkmCertificateVector(const ckmc_cert_list_s *list CKM::AliasVector _toCkmAliasVector(const ckmc_alias_list_s *list) { CKM::AliasVector aliases; - ckmc_alias_list_s *current = const_cast(list); - while (current != NULL) { - if (current->alias != NULL) - aliases.push_back(CKM::Alias(current->alias)); + auto current = list; + while (current != nullptr) { + if (current->alias != nullptr) + aliases.emplace_back(CKM::Alias(current->alias)); current = current->next; } return aliases; @@ -87,28 +89,28 @@ CKM::AliasVector _toCkmAliasVector(const ckmc_alias_list_s *list) ckmc_cert_list_s *_toNewCkmCertList(const CKM::CertificateShPtrVector &certVector) { - int ret; - ckmc_cert_list_s *start = NULL; - ckmc_cert_list_s *plist = NULL; + ckmc_cert_list_s *start = nullptr; + ckmc_cert_list_s *plist = nullptr; + for (const auto &e : certVector) { - CKM::RawBuffer rawBuffer = e->getDER(); - ckmc_cert_s *pcert = NULL; - ret = ckmc_cert_new(rawBuffer.data(), rawBuffer.size(), CKMC_FORM_DER, &pcert); - if (pcert == NULL) { + auto rawBuffer = e->getDER(); + ckmc_cert_s *pcert = nullptr; + int ret = ckmc_cert_new(rawBuffer.data(), rawBuffer.size(), CKMC_FORM_DER, &pcert); + if (ret != CKMC_ERROR_NONE || pcert == nullptr) { ckmc_cert_list_all_free(start); - return NULL; - } - if (plist == NULL) { - ret = ckmc_cert_list_new(pcert, &plist); - start = plist; // save the pointer of the first element - } else { - ret = ckmc_cert_list_add(plist, pcert, &plist); + return nullptr; } + + ret = ckmc_cert_list_add(plist, pcert, &plist); if (ret != CKMC_ERROR_NONE) { ckmc_cert_list_all_free(start); - return NULL; + return nullptr; } + + if (start == nullptr) + start = plist; } + return start; } @@ -140,8 +142,7 @@ int _cryptoOperation(cryptoFn operation, CKM::RawBuffer inBuffer(in.data, in.data + in.size); CKM::RawBuffer outBuffer; - // operation - CKM::ManagerShPtr mgr = CKM::Manager::create(); + auto mgr = CKM::Manager::create(); int ret = ((*mgr).*operation)(*ca, key_alias, pass, inBuffer, outBuffer); if (ret != CKM_API_SUCCESS) return to_ckmc_error(ret); @@ -171,19 +172,14 @@ KEY_MANAGER_CAPI int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s policy) { return try_catch_enclosure([&]()->int { - CKM::ManagerShPtr mgr = CKM::Manager::create(); - - if (alias == NULL) - return CKMC_ERROR_INVALID_PARAMETER; - - CKM::Alias ckmAlias(alias); + auto mgr = CKM::Manager::create(); - if (key.raw_key == NULL || key.key_size <= 0) + if (alias == nullptr || key.raw_key == nullptr || key.key_size == 0) return CKMC_ERROR_INVALID_PARAMETER; CKM::RawBuffer buffer(key.raw_key, key.raw_key + key.key_size); - CKM::KeyShPtr ckmKey; + if (key.key_type == CKMC_KEY_AES) { if (key.password) return CKMC_ERROR_INVALID_PARAMETER; @@ -192,13 +188,10 @@ int ckmc_save_key(const char *alias, const ckmc_key_s key, const ckmc_policy_s p ckmKey = CKM::Key::create(buffer, _tostring(key.password)); } - if (ckmKey.get() == NULL) + if (!ckmKey) return CKMC_ERROR_INVALID_FORMAT; - CKM::Policy storePolicy(_tostring(policy.password), policy.extractable); - - int ret = mgr->saveKey(ckmAlias, ckmKey, storePolicy); - return to_ckmc_error(ret); + return to_ckmc_error(mgr->saveKey(CKM::Alias(alias), ckmKey, _toCkmPolicy(policy))); }); } @@ -213,22 +206,23 @@ KEY_MANAGER_CAPI int ckmc_get_key(const char *alias, const char *password, ckmc_key_s **key) { return try_catch_enclosure([&]()->int { - int ret; - CKM::KeyShPtr ckmKey; - if (alias == NULL || key == NULL) + if (alias == nullptr || key == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::ManagerShPtr mgr = CKM::Manager::create(); + int ret; + CKM::KeyShPtr ckmKey; + auto mgr = CKM::Manager::create(); if ((ret = mgr->getKey(alias, _tostring(password), ckmKey)) != CKM_API_SUCCESS) return to_ckmc_error(ret); - CKM::RawBuffer buffer = ckmKey->getDER(); - ckmc_key_type_e keyType = static_cast(static_cast(ckmKey->getType())); - - ret = ckmc_key_new(buffer.data(), buffer.size(), keyType, NULL, key); - - return to_ckmc_error(ret); + auto buffer = ckmKey->getDER(); + return ckmc_key_new( + buffer.data(), + buffer.size(), + static_cast(static_cast(ckmKey->getType())), + nullptr, + key); }); } @@ -238,37 +232,38 @@ int ckmc_get_key_alias_list(ckmc_alias_list_s** alias_list) return try_catch_enclosure([&]()->int { int ret; - if (alias_list == NULL) + if (alias_list == nullptr) return CKMC_ERROR_INVALID_PARAMETER; CKM::AliasVector aliasVector; - CKM::ManagerShPtr mgr = CKM::Manager::create(); + auto mgr = CKM::Manager::create(); if ((ret = mgr->getKeyAliasVector(aliasVector)) != CKM_API_SUCCESS) return to_ckmc_error(ret); - ckmc_alias_list_s *plist = NULL; + ckmc_alias_list_s *start = nullptr; + ckmc_alias_list_s *plist = nullptr; - for (const auto it : aliasVector) { + for (const auto &it : aliasVector) { char *alias = strndup(it.c_str(), it.size()); - if (plist == NULL) { // first - ret = ckmc_alias_list_new(alias, &plist); - *alias_list = plist; // save the pointer of the first element - } else { - ret = ckmc_alias_list_add(plist, alias, &plist); - } + ret = ckmc_alias_list_add(plist, alias, &plist); if (ret != CKMC_ERROR_NONE) { free(alias); - ckmc_alias_list_all_free(*alias_list); + ckmc_alias_list_all_free(start); return ret; } + + if (start == nullptr) + start = plist; } - if (plist == NULL) // if the alias_list size is zero + if (plist == nullptr) // if the alias_list size is zero return CKMC_ERROR_DB_ALIAS_UNKNOWN; + *alias_list = start; + return CKMC_ERROR_NONE; }); } @@ -277,31 +272,22 @@ KEY_MANAGER_CAPI int ckmc_save_cert(const char *alias, const ckmc_cert_s cert, const ckmc_policy_s policy) { return try_catch_enclosure([&]()->int { - if (alias == NULL) + if (alias == nullptr || cert.raw_cert == nullptr || cert.cert_size == 0) return CKMC_ERROR_INVALID_PARAMETER; - CKM::Alias ckmAlias(alias); - - if (cert.raw_cert == NULL || cert.cert_size <= 0) - return CKMC_ERROR_INVALID_PARAMETER; - - CKM::CertificateShPtr ckmCert = _toCkmCertificate(&cert); - if (ckmCert.get() == NULL) + auto ckmCert = _toCkmCertificate(&cert); + if (!ckmCert) return CKMC_ERROR_INVALID_FORMAT; - CKM::Policy storePolicy(_tostring(policy.password), policy.extractable); - - CKM::ManagerShPtr mgr = CKM::Manager::create(); - int ret = mgr->saveCertificate(ckmAlias, ckmCert, storePolicy); - - return to_ckmc_error(ret); + auto mgr = CKM::Manager::create(); + return to_ckmc_error(mgr->saveCertificate(CKM::Alias(alias), ckmCert, _toCkmPolicy(policy))); }); } KEY_MANAGER_CAPI int ckmc_remove_cert(const char *alias) { - return ckmc_remove_alias(alias); + return ckmc_remove_alias(alias); } KEY_MANAGER_CAPI @@ -311,17 +297,15 @@ int ckmc_get_cert(const char *alias, const char *password, ckmc_cert_s **cert) CKM::CertificateShPtr ckmCert; int ret; - if (alias == NULL || cert == NULL) + if (alias == nullptr || cert == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::ManagerShPtr mgr = CKM::Manager::create(); + auto mgr = CKM::Manager::create(); if ((ret = mgr->getCertificate(alias, _tostring(password), ckmCert)) != CKM_API_SUCCESS) return to_ckmc_error(ret); - CKM::RawBuffer buffer = ckmCert->getDER(); - ret = ckmc_cert_new(buffer.data(), buffer.size(), CKMC_FORM_DER, cert); - - return ret; + auto buffer = ckmCert->getDER(); + return ckmc_cert_new(buffer.data(), buffer.size(), CKMC_FORM_DER, cert); }); } @@ -329,40 +313,38 @@ KEY_MANAGER_CAPI int ckmc_get_cert_alias_list(ckmc_alias_list_s** alias_list) { return try_catch_enclosure([&]()->int { - int ret; - - if (alias_list == NULL) + if (alias_list == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - *alias_list = NULL; - CKM::AliasVector aliasVector; - CKM::ManagerShPtr mgr = CKM::Manager::create(); + int ret; + auto mgr = CKM::Manager::create(); if ((ret = mgr->getCertificateAliasVector(aliasVector)) != CKM_API_SUCCESS) return to_ckmc_error(ret); - ckmc_alias_list_s *plist = NULL; + ckmc_alias_list_s *start = nullptr; + ckmc_alias_list_s *plist = nullptr; - for (const auto it : aliasVector) { + for (const auto &it : aliasVector) { char *alias = strndup(it.c_str(), it.size()); - if (plist == NULL) { // first - ret = ckmc_alias_list_new(alias, &plist); - *alias_list = plist; // save the pointer of the first element - } else { - ret = ckmc_alias_list_add(plist, alias, &plist); - } + ret = ckmc_alias_list_add(plist, alias, &plist); if (ret != CKMC_ERROR_NONE) { free(alias); - ckmc_alias_list_all_free(*alias_list); + ckmc_alias_list_all_free(start); return ret; } + + if (start == nullptr) + start = plist; } - if (plist == NULL) // if the alias_list size is zero + if (plist == nullptr) // if the alias_list size is zero return CKMC_ERROR_DB_ALIAS_UNKNOWN; + *alias_list = start; + return CKMC_ERROR_NONE; }); } @@ -371,27 +353,20 @@ KEY_MANAGER_CAPI int ckmc_save_pkcs12(const char *alias, const ckmc_pkcs12_s *ppkcs, const ckmc_policy_s key_policy, const ckmc_policy_s cert_policy) { return try_catch_enclosure([&]()->int { - CKM::KeyShPtr private_key; - CKM::CertificateShPtr cert; - CKM::CertificateShPtrVector ca_cert_list; - - if (alias == NULL || ppkcs == NULL) + if (alias == nullptr || ppkcs == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::Alias ckmAlias(alias); - private_key = _toCkmKey(ppkcs->priv_key); - cert = _toCkmCertificate(ppkcs->cert); - ca_cert_list = _toCkmCertificateVector(ppkcs->ca_chain); + CKM::PKCS12ShPtr pkcs12(new CKM::PKCS12Impl( + _toCkmKey(ppkcs->priv_key), + _toCkmCertificate(ppkcs->cert), + _toCkmCertificateVector(ppkcs->ca_chain))); - CKM::Policy keyPolicy(_tostring(key_policy.password), key_policy.extractable); - CKM::Policy certPolicy(_tostring(cert_policy.password), cert_policy.extractable); - - CKM::PKCS12ShPtr pkcs12(new CKM::PKCS12Impl(private_key, cert, ca_cert_list)); - - CKM::ManagerShPtr mgr = CKM::Manager::create(); - int ret = mgr->savePKCS12(ckmAlias, pkcs12, keyPolicy, certPolicy); - - return to_ckmc_error(ret); + auto mgr = CKM::Manager::create(); + return to_ckmc_error(mgr->savePKCS12( + CKM::Alias(alias), + pkcs12, + _toCkmPolicy(key_policy), + _toCkmPolicy(cert_policy))); }); } @@ -399,39 +374,29 @@ KEY_MANAGER_CAPI int ckmc_get_pkcs12(const char *alias, const char *key_password, const char *cert_password, ckmc_pkcs12_s **pkcs12) { return try_catch_enclosure([&]()->int { - int ret; - CKM::PKCS12ShPtr pkcs; - CKM::Password keyPass, certPass; - ckmc_key_s *private_key = NULL; - ckmc_cert_s *cert = NULL; - ckmc_cert_list_s *ca_cert_list = 0; - if (!alias || !pkcs12) return CKMC_ERROR_INVALID_PARAMETER; - if (key_password) - keyPass = key_password; - - if (cert_password) - certPass = cert_password; - + int ret; + CKM::PKCS12ShPtr pkcs; auto mgr = CKM::Manager::create(); - - if ((ret = mgr->getPKCS12(alias, keyPass, certPass, pkcs)) != CKM_API_SUCCESS) + if ((ret = mgr->getPKCS12(alias, _tostring(key_password), _tostring(cert_password), pkcs)) != CKM_API_SUCCESS) return to_ckmc_error(ret); if (!pkcs) return CKMC_ERROR_BAD_RESPONSE; + ckmc_key_s *private_key = nullptr; auto pkcsKey = pkcs->getKey(); if (pkcsKey) { - CKM::RawBuffer buffer = pkcsKey->getDER(); + auto buffer = pkcsKey->getDER(); ckmc_key_type_e keyType = static_cast(pkcsKey->getType()); - ret = ckmc_key_new(buffer.data(), buffer.size(), keyType, NULL, &private_key); + ret = ckmc_key_new(buffer.data(), buffer.size(), keyType, nullptr, &private_key); if (ret != CKMC_ERROR_NONE) return ret; } + ckmc_cert_s *cert = nullptr; auto pkcsCert = pkcs->getCertificate(); if (pkcsCert) { CKM::RawBuffer buffer = pkcsCert->getDER(); @@ -442,7 +407,7 @@ int ckmc_get_pkcs12(const char *alias, const char *key_password, const char *cer } } - ca_cert_list = _toNewCkmCertList(pkcs->getCaCertificateShPtrVector()); + auto ca_cert_list = _toNewCkmCertList(pkcs->getCaCertificateShPtrVector()); ret = ckmc_pkcs12_new(private_key, cert, ca_cert_list, pkcs12); if (ret != CKMC_ERROR_NONE) { @@ -450,6 +415,7 @@ int ckmc_get_pkcs12(const char *alias, const char *key_password, const char *cer ckmc_cert_free(cert); ckmc_cert_list_free(ca_cert_list); } + return ret; }); } @@ -459,48 +425,37 @@ KEY_MANAGER_CAPI int ckmc_save_data(const char *alias, ckmc_raw_buffer_s data, const ckmc_policy_s policy) { return try_catch_enclosure([&]()->int { - if (alias == NULL) + if (alias == nullptr || data.data == nullptr || data.size == 0) return CKMC_ERROR_INVALID_PARAMETER; - CKM::Alias ckmAlias(alias); - - if (data.data == NULL || data.size <= 0) - return CKMC_ERROR_INVALID_PARAMETER; - - CKM::RawBuffer buffer(data.data, data.data + data.size); - - CKM::Policy storePolicy(_tostring(policy.password), policy.extractable); - - CKM::ManagerShPtr mgr = CKM::Manager::create(); - int ret = mgr->saveData(ckmAlias, buffer, storePolicy); - - return to_ckmc_error(ret); + auto mgr = CKM::Manager::create(); + return to_ckmc_error(mgr->saveData( + CKM::Alias(alias), + CKM::RawBuffer(data.data, data.data + data.size), + _toCkmPolicy(policy))); }); } KEY_MANAGER_CAPI int ckmc_remove_data(const char *alias) { - return ckmc_remove_alias(alias); + return ckmc_remove_alias(alias); } KEY_MANAGER_CAPI int ckmc_get_data(const char *alias, const char *password, ckmc_raw_buffer_s **data) { return try_catch_enclosure([&]()->int { - CKM::RawBuffer ckmBuff; - int ret; - - if (alias == NULL || data == NULL) + if (alias == nullptr || data == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::ManagerShPtr mgr = CKM::Manager::create(); + int ret; + CKM::RawBuffer ckmBuff; + auto mgr = CKM::Manager::create(); if ((ret = mgr->getData(alias, _tostring(password), ckmBuff)) != CKM_API_SUCCESS) return to_ckmc_error(ret); - ret = ckmc_buffer_new(ckmBuff.data(), ckmBuff.size(), data); - - return ret; + return ckmc_buffer_new(ckmBuff.data(), ckmBuff.size(), data); }); } @@ -508,113 +463,103 @@ KEY_MANAGER_CAPI int ckmc_get_data_alias_list(ckmc_alias_list_s** alias_list) { return try_catch_enclosure([&]()->int { - int ret; - - if (alias_list == NULL) + if (alias_list == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - *alias_list = NULL; - + int ret; CKM::AliasVector aliasVector; - CKM::ManagerShPtr mgr = CKM::Manager::create(); + auto mgr = CKM::Manager::create(); if ((ret = mgr->getDataAliasVector(aliasVector)) != CKM_API_SUCCESS) return to_ckmc_error(ret); - ckmc_alias_list_s *plist = NULL; + ckmc_alias_list_s *start = nullptr; + ckmc_alias_list_s *plist = nullptr; - for (const auto it : aliasVector) { + for (const auto &it : aliasVector) { char *alias = strndup(it.c_str(), it.size()); - if (plist == NULL) { // first - ret = ckmc_alias_list_new(alias, &plist); - *alias_list = plist; // save the pointer of the first element - } else { - ret = ckmc_alias_list_add(plist, alias, &plist); - } + ret = ckmc_alias_list_add(plist, alias, &plist); if (ret != CKMC_ERROR_NONE) { free(alias); - ckmc_alias_list_all_free(*alias_list); + ckmc_alias_list_all_free(start); return ret; } + + if (start == nullptr) + start = plist; } - if (plist == NULL) // if the alias_list size is zero + if (plist == nullptr) // if the alias_list size is zero return CKMC_ERROR_DB_ALIAS_UNKNOWN; + *alias_list = start; + return CKMC_ERROR_NONE; }); } KEY_MANAGER_CAPI int ckmc_create_key_pair_rsa(const size_t size, - const char *private_key_alias, - const char *public_key_alias, - const ckmc_policy_s policy_private_key, - const ckmc_policy_s policy_public_key) + const char *private_key_alias, + const char *public_key_alias, + const ckmc_policy_s policy_private_key, + const ckmc_policy_s policy_public_key) { return try_catch_enclosure([&]()->int { - int ret; - CKM::ManagerShPtr mgr = CKM::Manager::create(); + auto mgr = CKM::Manager::create(); - if (private_key_alias == NULL || public_key_alias == NULL) + if (private_key_alias == nullptr || public_key_alias == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::Alias ckmPrivakeKeyAlias(private_key_alias); - CKM::Alias ckmPublicKeyAlias(public_key_alias); - CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable); - CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable); - - ret = mgr->createKeyPairRSA(static_cast(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy); - return to_ckmc_error(ret); + return to_ckmc_error(mgr->createKeyPairRSA( + static_cast(size), + CKM::Alias(private_key_alias), + CKM::Alias(public_key_alias), + _toCkmPolicy(policy_private_key), + _toCkmPolicy(policy_public_key))); }); } KEY_MANAGER_CAPI int ckmc_create_key_pair_dsa(const size_t size, - const char *private_key_alias, - const char *public_key_alias, - const ckmc_policy_s policy_private_key, - const ckmc_policy_s policy_public_key) + const char *private_key_alias, + const char *public_key_alias, + const ckmc_policy_s policy_private_key, + const ckmc_policy_s policy_public_key) { return try_catch_enclosure([&]()->int { - int ret; - CKM::ManagerShPtr mgr = CKM::Manager::create(); - - if (private_key_alias == NULL || public_key_alias == NULL) + if (private_key_alias == nullptr || public_key_alias == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::Alias ckmPrivakeKeyAlias(private_key_alias); - CKM::Alias ckmPublicKeyAlias(public_key_alias); - CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable); - CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable); - - ret = mgr->createKeyPairDSA(static_cast(size), ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy); - return to_ckmc_error(ret); + auto mgr = CKM::Manager::create(); + return to_ckmc_error(mgr->createKeyPairDSA( + static_cast(size), + CKM::Alias(private_key_alias), + CKM::Alias(public_key_alias), + _toCkmPolicy(policy_private_key), + _toCkmPolicy(policy_public_key))); }); } KEY_MANAGER_CAPI int ckmc_create_key_pair_ecdsa(const ckmc_ec_type_e type, - const char *private_key_alias, - const char *public_key_alias, - const ckmc_policy_s policy_private_key, - const ckmc_policy_s policy_public_key) + const char *private_key_alias, + const char *public_key_alias, + const ckmc_policy_s policy_private_key, + const ckmc_policy_s policy_public_key) { return try_catch_enclosure([&]()->int { - CKM::ManagerShPtr mgr = CKM::Manager::create(); - - if (private_key_alias == NULL || public_key_alias == NULL) + if (private_key_alias == nullptr || public_key_alias == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::ElipticCurve ckmType = static_cast(static_cast(type)); - CKM::Alias ckmPrivakeKeyAlias(private_key_alias); - CKM::Alias ckmPublicKeyAlias(public_key_alias); - CKM::Policy ckmPrivateKeyPolicy(_tostring(policy_private_key.password), policy_private_key.extractable); - CKM::Policy ckmPublicKeyPolicy(_tostring(policy_public_key.password), policy_public_key.extractable); - - int ret = mgr->createKeyPairECDSA(ckmType, ckmPrivakeKeyAlias, ckmPublicKeyAlias, ckmPrivateKeyPolicy, ckmPublicKeyPolicy); - return to_ckmc_error(ret); + auto mgr = CKM::Manager::create(); + return to_ckmc_error(mgr->createKeyPairECDSA( + static_cast(static_cast(type)), + CKM::Alias(private_key_alias), + CKM::Alias(public_key_alias), + _toCkmPolicy(policy_private_key), + _toCkmPolicy(policy_public_key))); }); } @@ -624,83 +569,63 @@ int ckmc_create_key_aes(size_t size, ckmc_policy_s key_policy) { return try_catch_enclosure([&]()->int { - CKM::ManagerShPtr mgr = CKM::Manager::create(); - - if (key_alias == NULL) + if (key_alias == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::Alias ckmKeyAlias(key_alias); - CKM::Policy ckmKeyPolicy(_tostring(key_policy.password), key_policy.extractable); - - int ret = mgr->createKeyAES(size, ckmKeyAlias, ckmKeyPolicy); - return to_ckmc_error(ret); + auto mgr = CKM::Manager::create(); + return to_ckmc_error(mgr->createKeyAES(size, CKM::Alias(key_alias), _toCkmPolicy(key_policy))); }); } KEY_MANAGER_CAPI int ckmc_create_signature(const char *private_key_alias, - const char *password, - const ckmc_raw_buffer_s message, - const ckmc_hash_algo_e hash, - const ckmc_rsa_padding_algo_e padding, - ckmc_raw_buffer_s **signature) + const char *password, + const ckmc_raw_buffer_s message, + const ckmc_hash_algo_e hash, + const ckmc_rsa_padding_algo_e padding, + ckmc_raw_buffer_s **signature) { return try_catch_enclosure([&]()->int { - int ret; - CKM::ManagerShPtr mgr = CKM::Manager::create(); - CKM::RawBuffer ckmSignature; - - if (private_key_alias == NULL || signature == NULL) + if (private_key_alias == nullptr || signature == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::Alias ckmPrivakeKeyAlias(private_key_alias); - CKM::RawBuffer ckmMessage(message.data, message.data + message.size); - CKM::HashAlgorithm ckmHashAlgo = static_cast(static_cast(hash)); - CKM::RSAPaddingAlgorithm ckmPadding = static_cast(static_cast(padding)); - + int ret; + CKM::RawBuffer ckmSignature; + auto mgr = CKM::Manager::create(); if ((ret = mgr->createSignature( - ckmPrivakeKeyAlias, + CKM::Alias(private_key_alias), _tostring(password), - ckmMessage, - ckmHashAlgo, - ckmPadding, + CKM::RawBuffer(message.data, message.data + message.size), + static_cast(static_cast(hash)), + static_cast(static_cast(padding)), ckmSignature)) != CKM_API_SUCCESS) return to_ckmc_error(ret); - ret = ckmc_buffer_new(ckmSignature.data(), ckmSignature.size(), signature); - - return ret; + return ckmc_buffer_new(ckmSignature.data(), ckmSignature.size(), signature); }); } KEY_MANAGER_CAPI int ckmc_verify_signature(const char *public_key_alias, - const char *password, - const ckmc_raw_buffer_s message, - const ckmc_raw_buffer_s signature, - const ckmc_hash_algo_e hash, - const ckmc_rsa_padding_algo_e padding) + const char *password, + const ckmc_raw_buffer_s message, + const ckmc_raw_buffer_s signature, + const ckmc_hash_algo_e hash, + const ckmc_rsa_padding_algo_e padding) { return try_catch_enclosure([&]()->int { - int ret; - CKM::ManagerShPtr mgr = CKM::Manager::create(); - - if (public_key_alias == NULL) + if (public_key_alias == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::Alias ckmPublicKeyAlias(public_key_alias); - CKM::RawBuffer ckmMessage(message.data, message.data + message.size); - CKM::RawBuffer ckmSignature(signature.data, signature.data + signature.size); - CKM::HashAlgorithm ckmHashAlgo = static_cast(static_cast(hash)); - CKM::RSAPaddingAlgorithm ckmPadding = static_cast(static_cast(padding)); - + int ret; + auto mgr = CKM::Manager::create(); if ((ret = mgr->verifySignature( - ckmPublicKeyAlias, + CKM::Alias(public_key_alias), _tostring(password), - ckmMessage, - ckmSignature, - ckmHashAlgo, - ckmPadding)) != CKM_API_SUCCESS) + CKM::RawBuffer(message.data, message.data + message.size), + CKM::RawBuffer(signature.data, signature.data + signature.size), + static_cast(static_cast(hash)), + static_cast(static_cast(padding)))) != CKM_API_SUCCESS) return to_ckmc_error(ret); return CKMC_ERROR_NONE; @@ -711,18 +636,21 @@ KEY_MANAGER_CAPI int ckmc_get_cert_chain(const ckmc_cert_s *cert, const ckmc_cert_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list) { return try_catch_enclosure([&]()->int { - int ret; - CKM::ManagerShPtr mgr = CKM::Manager::create(); - CKM::CertificateShPtrVector ckmCertChain; - - if (cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) + if (cert == nullptr || cert->raw_cert == nullptr || cert->cert_size == 0 || cert_chain_list == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert); - - CKM::CertificateShPtrVector ckmUntrustedCerts = _toCkmCertificateVector(untrustedcerts); + auto ckmCert = _toCkmCertificate(cert); + if (!ckmCert) + return CKMC_ERROR_INVALID_FORMAT; - ret = mgr->getCertificateChain(ckmCert, ckmUntrustedCerts, EMPTY_CERT_VECTOR, true, ckmCertChain); + CKM::CertificateShPtrVector ckmCertChain; + auto mgr = CKM::Manager::create(); + int ret = mgr->getCertificateChain( + ckmCert, + _toCkmCertificateVector(untrustedcerts), + EMPTY_CERT_VECTOR, + true, + ckmCertChain); if (ret != CKM_API_SUCCESS) return to_ckmc_error(ret); @@ -736,21 +664,16 @@ KEY_MANAGER_CAPI int ckmc_get_cert_chain_with_alias(const ckmc_cert_s *cert, const ckmc_alias_list_s *untrustedcerts, ckmc_cert_list_s **cert_chain_list) { return try_catch_enclosure([&]()->int { - int ret; - CKM::ManagerShPtr mgr = CKM::Manager::create(); - CKM::CertificateShPtrVector ckmCertChain; - - - if (cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || cert_chain_list == NULL) + if (cert == nullptr || cert->raw_cert == nullptr || cert->cert_size == 0 || cert_chain_list == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::CertificateShPtr ckmCert = _toCkmCertificate(cert); - if (ckmCert.get() == NULL) + auto ckmCert = _toCkmCertificate(cert); + if (!ckmCert) return CKMC_ERROR_INVALID_FORMAT; - CKM::AliasVector ckmUntrustedAliases = _toCkmAliasVector(untrustedcerts); - - ret = mgr->getCertificateChain(ckmCert, ckmUntrustedAliases, EMPTY_ALIAS_VECTOR, true, ckmCertChain); + CKM::CertificateShPtrVector ckmCertChain; + auto mgr = CKM::Manager::create(); + int ret = mgr->getCertificateChain(ckmCert, _toCkmAliasVector(untrustedcerts),EMPTY_ALIAS_VECTOR, true, ckmCertChain); if (ret != CKM_API_SUCCESS) return to_ckmc_error(ret); @@ -768,25 +691,25 @@ int ckmc_get_cert_chain_with_trustedcert(const ckmc_cert_s* cert, ckmc_cert_list_s** ppcert_chain_list) { return try_catch_enclosure([&]()->int { - int ret; - CKM::ManagerShPtr mgr = CKM::Manager::create(); - CKM::CertificateShPtrVector ckm_cert_chain; - - if (cert == NULL || cert->raw_cert == NULL || cert->cert_size <= 0 || ppcert_chain_list == NULL) + if (cert == nullptr || cert->raw_cert == nullptr || cert->cert_size == 0 || ppcert_chain_list == nullptr) return CKMC_ERROR_INVALID_PARAMETER; - CKM::CertificateShPtr ckm_cert = _toCkmCertificate(cert); - if (ckm_cert.get() == NULL) + auto ckmCert = _toCkmCertificate(cert); + if (!ckmCert) return CKMC_ERROR_INVALID_PARAMETER; - CKM::CertificateShPtrVector ckm_untrusted = _toCkmCertificateVector(untrustedcerts); - CKM::CertificateShPtrVector ckm_trusted = _toCkmCertificateVector(trustedcerts); - - ret = mgr->getCertificateChain(ckm_cert, ckm_untrusted, ckm_trusted, sys_certs, ckm_cert_chain); + CKM::CertificateShPtrVector ckmCertChain; + auto mgr = CKM::Manager::create(); + int ret = mgr->getCertificateChain( + ckmCert, + _toCkmCertificateVector(untrustedcerts), + _toCkmCertificateVector(trustedcerts), + sys_certs, + ckmCertChain); if (ret != CKM_API_SUCCESS) return to_ckmc_error(ret); - *ppcert_chain_list = _toNewCkmCertList(ckm_cert_chain); + *ppcert_chain_list = _toNewCkmCertList(ckmCertChain); return CKMC_ERROR_NONE; }); @@ -796,19 +719,19 @@ KEY_MANAGER_CAPI int ckmc_ocsp_check(const ckmc_cert_list_s *pcert_chain_list, ckmc_ocsp_status_e *ocsp_status) { return try_catch_enclosure([&]()->int { - if (pcert_chain_list == NULL - || pcert_chain_list->cert == NULL - || pcert_chain_list->cert->raw_cert == NULL - || pcert_chain_list->cert->cert_size <= 0 - || ocsp_status == NULL) + if (pcert_chain_list == nullptr + || pcert_chain_list->cert == nullptr + || pcert_chain_list->cert->raw_cert == nullptr + || pcert_chain_list->cert->cert_size == 0 + || ocsp_status == nullptr) return CKMC_ERROR_INVALID_PARAMETER; int tmpOcspStatus = -1; - CKM::ManagerShPtr mgr = CKM::Manager::create(); - CKM::CertificateShPtrVector ckmCertChain = _toCkmCertificateVector(pcert_chain_list); + auto mgr = CKM::Manager::create(); + int ret = mgr->ocspCheck(_toCkmCertificateVector(pcert_chain_list), tmpOcspStatus); - int ret = mgr->ocspCheck(ckmCertChain, tmpOcspStatus); *ocsp_status = to_ckmc_ocsp_status(tmpOcspStatus); + return to_ckmc_error(ret); }); } @@ -817,10 +740,10 @@ KEY_MANAGER_CAPI int ckmc_allow_access(const char *alias, const char *accessor, ckmc_access_right_e granted) { return try_catch_enclosure([&]()->int { - int ec, permissionMask; - ec = access_to_permission_mask(granted, permissionMask); - if (ec != CKMC_ERROR_NONE) - return ec; + int permissionMask; + int ret = access_to_permission_mask(granted, permissionMask); + if (ret != CKMC_ERROR_NONE) + return ret; return ckmc_set_permission(alias, accessor, permissionMask); }); @@ -833,7 +756,7 @@ int ckmc_set_permission(const char *alias, const char *accessor, int permissions if (!alias || !accessor) return CKMC_ERROR_INVALID_PARAMETER; - CKM::ManagerShPtr mgr = CKM::Manager::create(); + auto mgr = CKM::Manager::create(); return to_ckmc_error(mgr->setPermission(alias, accessor, permissions)); }); } @@ -845,7 +768,7 @@ int ckmc_deny_access(const char *alias, const char *accessor) if (!alias || !accessor) return CKMC_ERROR_INVALID_PARAMETER; - CKM::ManagerShPtr mgr = CKM::Manager::create(); + auto mgr = CKM::Manager::create(); return to_ckmc_error(mgr->setPermission(alias, accessor, CKM::Permission::NONE)); }); } @@ -857,9 +780,8 @@ int ckmc_remove_alias(const char *alias) if (!alias) return CKMC_ERROR_INVALID_PARAMETER; - CKM::ManagerShPtr mgr = CKM::Manager::create(); - int ret = mgr->removeAlias(alias); - return to_ckmc_error(ret); + auto mgr = CKM::Manager::create(); + return to_ckmc_error(mgr->removeAlias(alias)); }); } -- 2.7.4 From f8398c18310c1bfa9c0b4d872a94847c8bb08f53 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Tue, 15 Mar 2016 11:47:09 +0900 Subject: [PATCH 10/16] Remove unused functions in certificate-impl Change-Id: I343f14a7fa076ea8c7f744b5aa6c2c4babe70633 Signed-off-by: Kyungwook Tak --- src/manager/common/certificate-impl.cpp | 135 +++----------------------------- src/manager/common/certificate-impl.h | 11 --- src/manager/common/key-impl.h | 4 +- 3 files changed, 12 insertions(+), 138 deletions(-) diff --git a/src/manager/common/certificate-impl.cpp b/src/manager/common/certificate-impl.cpp index 97cd4bd..3643e63 100644 --- a/src/manager/common/certificate-impl.cpp +++ b/src/manager/common/certificate-impl.cpp @@ -31,7 +31,7 @@ namespace CKM { CertificateImpl::CertificateImpl(const RawBuffer &der, DataFormat format) - : m_x509(NULL) + : m_x509(nullptr) { int size; const unsigned char *ptr; @@ -47,15 +47,15 @@ CertificateImpl::CertificateImpl(const RawBuffer &der, DataFormat format) tmp = base64.get(); ptr = reinterpret_cast(tmp.data()); size = static_cast(tmp.size()); - m_x509 = d2i_X509(NULL, &ptr, size); + m_x509 = d2i_X509(nullptr, &ptr, size); } else if (DataFormat::FORM_DER == format) { ptr = reinterpret_cast(der.data()); size = static_cast(der.size()); - m_x509 = d2i_X509(NULL, &ptr, size); + m_x509 = d2i_X509(nullptr, &ptr, size); } else if (DataFormat::FORM_PEM == format) { BIO *buff = BIO_new(BIO_s_mem()); BIO_write(buff, der.data(), der.size()); - m_x509 = PEM_read_bio_X509(buff, NULL, NULL, NULL); + m_x509 = PEM_read_bio_X509(buff, nullptr, nullptr, nullptr); BIO_free_all(buff); } else { // TODO @@ -86,7 +86,7 @@ CertificateImpl::CertificateImpl(const CertificateImpl &second) CertificateImpl::CertificateImpl(CertificateImpl &&second) { m_x509 = second.m_x509; - second.m_x509 = NULL; + second.m_x509 = nullptr; LogDebug("Certificate moved: " << (void*)m_x509); } @@ -97,7 +97,7 @@ CertificateImpl& CertificateImpl::operator=(CertificateImpl &&second) if (m_x509) X509_free(m_x509); m_x509 = second.m_x509; - second.m_x509 = NULL; + second.m_x509 = nullptr; LogDebug("Certificate moved: " << (void*)m_x509); return *this; } @@ -119,7 +119,7 @@ X509* CertificateImpl::getX509() const RawBuffer CertificateImpl::getDER(void) const { - unsigned char *rawDer = NULL; + unsigned char *rawDer = nullptr; int size = i2d_X509(m_x509, &rawDer); if (!rawDer || size <= 0) { LogError("i2d_X509 failed"); @@ -135,7 +135,7 @@ RawBuffer CertificateImpl::getDER(void) const bool CertificateImpl::empty() const { - return m_x509 == NULL; + return m_x509 == nullptr; } KeyImpl::EvpShPtr CertificateImpl::getEvpShPtr() const @@ -143,123 +143,6 @@ KeyImpl::EvpShPtr CertificateImpl::getEvpShPtr() const return KeyImpl::EvpShPtr(X509_get_pubkey(m_x509), EVP_PKEY_free); } -KeyImpl CertificateImpl::getKeyImpl() const -{ - KeyImpl::EvpShPtr evp(X509_get_pubkey(m_x509), EVP_PKEY_free); - switch (EVP_PKEY_type(evp->type)) { - case EVP_PKEY_RSA: - return KeyImpl(evp, KeyType::KEY_RSA_PUBLIC); - case EVP_PKEY_DSA: - return KeyImpl(evp, KeyType::KEY_DSA_PUBLIC); - case EVP_PKEY_EC: - return KeyImpl(evp, KeyType::KEY_ECDSA_PUBLIC); - default: - LogError("Unsupported key type in certificate."); - break; - } - return KeyImpl(); -} - -X509_NAME *getX509Name(X509 *x509, CertificateFieldId type) -{ - if (!x509) - return NULL; - - if (type == CertificateFieldId::ISSUER) - return X509_get_issuer_name(x509); - else if (type == CertificateFieldId::SUBJECT) - return X509_get_subject_name(x509); - - LogError("Invalid param. Unknown CertificateFieldId"); - return NULL; -} - -std::string CertificateImpl::getOneLine(CertificateFieldId type) const -{ - X509_NAME *name = getX509Name(m_x509, type); - if (!name) - return std::string(); - static const int MAXB = 1024; - char buffer[MAXB]; - X509_NAME_oneline(name, buffer, MAXB); - return std::string(buffer); -} - -std::string CertificateImpl::getField(CertificateFieldId type, int fieldNid) const -{ - X509_NAME *subjectName = getX509Name(m_x509, type); - X509_NAME_ENTRY *subjectEntry = NULL; - - if (!subjectName) - return std::string(); - - int entryCount = X509_NAME_entry_count(subjectName); - - for (int i = 0; i < entryCount; ++i) { - subjectEntry = X509_NAME_get_entry(subjectName, i); - - if (!subjectEntry) - continue; - - int nid = OBJ_obj2nid( - static_cast( - X509_NAME_ENTRY_get_object(subjectEntry))); - - if (nid != fieldNid) - continue; - - ASN1_STRING* pASN1Str = subjectEntry->value; - - unsigned char* pData = NULL; - int nLength = ASN1_STRING_to_UTF8(&pData, pASN1Str); - - if (nLength < 0) { - LogError("Reading field error."); - return std::string(); - } - - std::string output(reinterpret_cast(pData), nLength); - OPENSSL_free(pData); - return output; - } - return std::string(); -} - -std::string CertificateImpl::getCommonName(CertificateFieldId type) const -{ - return getField(type, NID_commonName); -} - -std::string CertificateImpl::getCountryName(CertificateFieldId type) const -{ - return getField(type, NID_countryName); -} - -std::string CertificateImpl::getStateOrProvinceName(CertificateFieldId type) const -{ - return getField(type, NID_stateOrProvinceName); -} - -std::string CertificateImpl::getLocalityName(CertificateFieldId type) const -{ - return getField(type, NID_localityName); -} - -std::string CertificateImpl::getOrganizationName(CertificateFieldId type) const -{ - return getField(type, NID_organizationName); -} - -std::string CertificateImpl::getOrganizationalUnitName(CertificateFieldId type) const -{ - return getField(type, NID_organizationalUnitName); -} - -std::string CertificateImpl::getEmailAddres(CertificateFieldId type) const -{ - return getField(type, NID_pkcs9_emailAddress); -} - std::string CertificateImpl::getOCSPURL() const { if (!m_x509) @@ -267,7 +150,7 @@ std::string CertificateImpl::getOCSPURL() const STACK_OF(OPENSSL_STRING) *aia = X509_get1_ocsp(m_x509); - if (NULL == aia) + if (nullptr == aia) return std::string(); std::string result(sk_OPENSSL_STRING_value(aia, 0)); diff --git a/src/manager/common/certificate-impl.h b/src/manager/common/certificate-impl.h index 106a19a..fb9c6cc 100644 --- a/src/manager/common/certificate-impl.h +++ b/src/manager/common/certificate-impl.h @@ -46,17 +46,6 @@ public: virtual X509* getX509() const; KeyImpl::EvpShPtr getEvpShPtr() const; - KeyImpl getKeyImpl() const; - - std::string getOneLine(CertificateFieldId type) const; - std::string getField(CertificateFieldId type, int fieldNid) const; - std::string getCommonName(CertificateFieldId type) const; - std::string getCountryName(CertificateFieldId type) const; - std::string getStateOrProvinceName(CertificateFieldId type) const; - std::string getLocalityName(CertificateFieldId type) const; - std::string getOrganizationName(CertificateFieldId type) const; - std::string getOrganizationalUnitName(CertificateFieldId type) const; - std::string getEmailAddres(CertificateFieldId type) const; std::string getOCSPURL() const; virtual ~CertificateImpl(); diff --git a/src/manager/common/key-impl.h b/src/manager/common/key-impl.h index 459405d..46f3dfc 100644 --- a/src/manager/common/key-impl.h +++ b/src/manager/common/key-impl.h @@ -43,11 +43,13 @@ public: virtual RawBuffer getDERPUB() const; virtual RawBuffer getDERPRV() const; virtual EvpShPtr getEvpShPtr() const; + /* //TODO virtual ElipticCurve getCurve() const { - // TODO return ElipticCurve::prime192v1; } + */ + virtual int getSize() const { // TODO -- 2.7.4 From fd96b254c3ec080b6ffd471d160147412ab68353 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Tue, 15 Mar 2016 12:06:23 +0900 Subject: [PATCH 11/16] Clean up old dpl core sources errno to string function is too heavy. make it light-weighted Use dpl log to print assert message and unhandled exception dpl log can print to several provider(console, journal, dlog) already by modify configuration file Change-Id: Ib2e090a0e1c5aafa51bde40c73030b435ae1a1e8 Signed-off-by: Kyungwook Tak --- src/manager/dpl/core/src/assert.cpp | 43 ++++++---------- src/manager/dpl/core/src/errno_string.cpp | 82 +++++++------------------------ src/manager/dpl/core/src/exception.cpp | 34 +++++-------- 3 files changed, 44 insertions(+), 115 deletions(-) diff --git a/src/manager/dpl/core/src/assert.cpp b/src/manager/dpl/core/src/assert.cpp index 38ed526..9659178 100644 --- a/src/manager/dpl/core/src/assert.cpp +++ b/src/manager/dpl/core/src/assert.cpp @@ -19,12 +19,11 @@ * @version 1.0 * @brief This file is the implementation file of assert */ -#include -#include -#include -#include -#include +#include "dpl/assert.h" + +#include #include +#include namespace CKM { void AssertProc(const char *condition, @@ -32,31 +31,17 @@ void AssertProc(const char *condition, int line, const char *function) { -#define INTERNAL_LOG(message) \ - do { \ - std::ostringstream platformLog; \ - platformLog << message; \ - CKM::Log::LogSystemSingleton::Instance().Log( \ - CKM::Log::AbstractLogProvider::LogLevel::Pedantic, \ - platformLog.str().c_str(), \ - __FILE__, __LINE__, __FUNCTION__); \ - } while (0) - - // Try to log failed assertion to log system - Try { - INTERNAL_LOG( - "################################################################################"); - INTERNAL_LOG( - "### CKM assertion failed! ###"); - INTERNAL_LOG( - "################################################################################"); - INTERNAL_LOG("### Condition: " << condition); - INTERNAL_LOG("### File: " << file); - INTERNAL_LOG("### Line: " << line); - INTERNAL_LOG("### Function: " << function); - INTERNAL_LOG( + try { + LogError( + "################################################################################" << std::endl << + "### CKM assertion failed! ###" << std::endl << + "################################################################################" << std::endl << + "### Condition: " << condition << std::endl << + "### File: " << file << std::endl << + "### Line: " << line << std::endl << + "### Function: " << function << "################################################################################"); - } catch (Exception) { + } catch (...) { // Just ignore possible double errors } diff --git a/src/manager/dpl/core/src/errno_string.cpp b/src/manager/dpl/core/src/errno_string.cpp index b918529..1327edf 100644 --- a/src/manager/dpl/core/src/errno_string.cpp +++ b/src/manager/dpl/core/src/errno_string.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -14,85 +14,37 @@ * limitations under the License. */ /* - * @file errno_string.h - * @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com) + * @file errno_string.cpp + * @author Bartlomiej Grzelewski (b.grzelewskik@samsung.com) * @version 1.0 - * @brief This file is the implementation file of errno string + * @brief Get errno string as std::string by strerror_r */ -#include -#include -#include -#include -#include -#include -#include +#include "dpl/errno_string.h" + #include -#include -#include #include -#include -#include +#include namespace CKM { namespace { // anonymous -const size_t DEFAULT_ERRNO_STRING_SIZE = 32; + +const size_t MAX_BUF = 256; + } // namespace anonymous std::string GetErrnoString(int error) { - size_t size = DEFAULT_ERRNO_STRING_SIZE; - char *buffer = NULL; - - for (;;) { - // Add one extra characted for end of string null value - char *newBuffer = static_cast(::realloc(buffer, size + 1)); - - if (!newBuffer) { - // Failed to realloc - ::free(buffer); - throw std::bad_alloc(); - } - - // Setup reallocated buffer - buffer = newBuffer; - ::memset(buffer, 0, size + 1); + std::vector buffer(MAX_BUF, '\0'); - // Try to retrieve error string #if (_POSIX_C_SOURCE >= 200112L || _XOPEN_SOURCE >= 600) && !_GNU_SOURCE - // The XSI-compliant version of strerror_r() is provided if: - int result = ::strerror_r(error, buffer, size); - - if (result == 0) { - CharUniquePtr scopedBufferFree(buffer); - return std::string(buffer); - } + if (0 == strerror_r(error, buffer.data(), buffer.size())) + return std::string(buffer.begin(), buffer.end()); #else - errno = 0; - - // Otherwise, the GNU-specific version is provided. - char *result = ::strerror_r(error, buffer, size); - - if (result != NULL) { - CharUniquePtr scopedBufferFree(buffer); - return std::string(result); - } + char *result = strerror_r(error, buffer.data(), buffer.size()); + if (result) + return std::string(result); #endif - // Interpret errors - switch (errno) { - case EINVAL: - // We got an invalid errno value - ::free(buffer); - ThrowMsg(InvalidErrnoValue, "Invalid errno value: " << error); - - case ERANGE: - // Incease buffer size and retry - size <<= 1; - continue; - - default: - AssertMsg(0, "Invalid errno value after call to strerror_r!"); - } - } + return std::string(); } } // namespace CKM diff --git a/src/manager/dpl/core/src/exception.cpp b/src/manager/dpl/core/src/exception.cpp index 792c97f..c01bdbb 100644 --- a/src/manager/dpl/core/src/exception.cpp +++ b/src/manager/dpl/core/src/exception.cpp @@ -19,10 +19,10 @@ * @version 1.0 * @brief This file is the implementation of exception system */ -#include -#include +#include "dpl/exception.h" + +#include #include -#include namespace CKM { Exception* Exception::m_lastException = NULL; @@ -31,11 +31,7 @@ void (*Exception::m_terminateHandler)() = NULL; void LogUnhandledException(const std::string &str) { - // Logging to console - printf("%s\n", str.c_str()); - - // Logging to dlog - LogPedantic(str); + LogError(str); } void LogUnhandledException(const std::string &str, @@ -43,18 +39,14 @@ void LogUnhandledException(const std::string &str, int line, const char *function) { - // Logging to console - std::ostringstream msg; - msg << "\033[1;5;31m\n=== [" << filename << ":" << line << "] " << - function << " ===\033[m"; - msg << str; - printf("%s\n", msg.str().c_str()); - - // Logging to dlog - CKM::Log::LogSystemSingleton::Instance().Log(CKM::Log::AbstractLogProvider::LogLevel::Error, - str.c_str(), - filename, - line, - function); + LogError( + "################################################################################" << std::endl << + "### CKM Unhandled Exception Occured! ###" << std::endl << + "################################################################################" << std::endl << + "### Condition: " << str << std::endl << + "### File: " << filename << std::endl << + "### Line: " << line << std::endl << + "### Function: " << function << + "################################################################################"); } } // namespace CKM -- 2.7.4 From 7d834d8b2affcd246586963c0ab534a57a968af3 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Tue, 15 Mar 2016 14:27:19 +0900 Subject: [PATCH 12/16] Clean up move/copy assignment/constructor Change-Id: If87eacaa85ac5b7d11cede5a256c62e4e71cc935 Signed-off-by: Kyungwook Tak --- src/manager/common/certificate-impl.cpp | 41 +++------ src/manager/common/certificate-impl.h | 15 ++-- src/manager/common/key-impl.cpp | 152 ++++++++++++++------------------ src/manager/common/key-impl.h | 3 +- src/manager/common/pkcs12-impl.cpp | 63 ++++++------- src/manager/common/pkcs12-impl.h | 10 ++- src/manager/common/protocols.cpp | 99 ++++++++++++++------- src/manager/common/protocols.h | 14 ++- src/manager/service/ckm-logic.cpp | 10 ++- 9 files changed, 205 insertions(+), 202 deletions(-) diff --git a/src/manager/common/certificate-impl.cpp b/src/manager/common/certificate-impl.cpp index 3643e63..bce2daa 100644 --- a/src/manager/common/certificate-impl.cpp +++ b/src/manager/common/certificate-impl.cpp @@ -11,12 +11,12 @@ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License - * - * - * @file client-certificate-impl.cpp + */ +/* + * @file certificate-impl.cpp * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) * @version 1.0 - * @brief Key implementation. + * @brief Certificate implementation. */ #include #include @@ -31,12 +31,8 @@ namespace CKM { CertificateImpl::CertificateImpl(const RawBuffer &der, DataFormat format) - : m_x509(nullptr) + : m_x509(nullptr) { - int size; - const unsigned char *ptr; - RawBuffer tmp; - LogDebug("Certificate to parse. Size: " << der.size()); if (DataFormat::FORM_DER_BASE64 == format) { @@ -44,16 +40,16 @@ CertificateImpl::CertificateImpl(const RawBuffer &der, DataFormat format) base64.reset(); base64.append(der); base64.finalize(); - tmp = base64.get(); - ptr = reinterpret_cast(tmp.data()); - size = static_cast(tmp.size()); + auto tmp = base64.get(); + auto ptr = reinterpret_cast(tmp.data()); + auto size = static_cast(tmp.size()); m_x509 = d2i_X509(nullptr, &ptr, size); } else if (DataFormat::FORM_DER == format) { - ptr = reinterpret_cast(der.data()); - size = static_cast(der.size()); + auto ptr = reinterpret_cast(der.data()); + auto size = static_cast(der.size()); m_x509 = d2i_X509(nullptr, &ptr, size); } else if (DataFormat::FORM_PEM == format) { - BIO *buff = BIO_new(BIO_s_mem()); + auto buff = BIO_new(BIO_s_mem()); BIO_write(buff, der.data(), der.size()); m_x509 = PEM_read_bio_X509(buff, nullptr, nullptr, nullptr); BIO_free_all(buff); @@ -78,11 +74,6 @@ CertificateImpl::CertificateImpl(X509 *x509, bool duplicate) m_x509 = x509; } -CertificateImpl::CertificateImpl(const CertificateImpl &second) -{ - m_x509 = X509_dup(second.m_x509); -} - CertificateImpl::CertificateImpl(CertificateImpl &&second) { m_x509 = second.m_x509; @@ -102,16 +93,6 @@ CertificateImpl& CertificateImpl::operator=(CertificateImpl &&second) return *this; } -CertificateImpl& CertificateImpl::operator=(const CertificateImpl &second) -{ - if (this == &second) - return *this; - if (m_x509) - X509_free(m_x509); - m_x509 = X509_dup(second.m_x509); - return *this; -} - X509* CertificateImpl::getX509() const { return m_x509; diff --git a/src/manager/common/certificate-impl.h b/src/manager/common/certificate-impl.h index fb9c6cc..b30d97f 100644 --- a/src/manager/common/certificate-impl.h +++ b/src/manager/common/certificate-impl.h @@ -11,9 +11,9 @@ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License - * - * - * @file client-certificate-impl.h + */ +/* + * @file certificate-impl.h * @author Barlomiej Grzelewski (b.grzelewski@samsung.com) * @version 1.0 * @brief Certificate Implmentation. @@ -33,12 +33,14 @@ namespace CKM { class COMMON_API CertificateImpl : public Certificate { public: - CertificateImpl() : m_x509(NULL) {} + CertificateImpl() : m_x509(nullptr) {} explicit CertificateImpl(X509* x509, bool duplicate = true); CertificateImpl(const RawBuffer &data, DataFormat format); - CertificateImpl(const CertificateImpl &); + + CertificateImpl(const CertificateImpl &) = delete; + CertificateImpl &operator=(const CertificateImpl &) = delete; + CertificateImpl(CertificateImpl &&); - CertificateImpl& operator=(const CertificateImpl &); CertificateImpl& operator=(CertificateImpl &&); virtual RawBuffer getDER() const; @@ -57,4 +59,3 @@ protected: typedef std::vector CertificateImplVector; } // namespace CKM - diff --git a/src/manager/common/key-impl.cpp b/src/manager/common/key-impl.cpp index ab593fa..a7978c3 100644 --- a/src/manager/common/key-impl.cpp +++ b/src/manager/common/key-impl.cpp @@ -40,17 +40,15 @@ namespace { typedef std::unique_ptr> BioUniquePtr; -int passcb(char *buff, int size, int rwflag, void *userdata) +int passcb(char *buff, int size, int /*rwflag*/, void *userdata) { - (void) rwflag; - Password *ptr = static_cast(userdata); - if (ptr == NULL) - return 0; - if (ptr->empty()) - return 0; - if (static_cast(ptr->size()) > size) + auto ptr = static_cast(userdata); + + if (ptr == nullptr || ptr->empty() || static_cast(ptr->size()) > size) return 0; + memcpy(buff, ptr->c_str(), ptr->size()); + return ptr->size(); } @@ -60,17 +58,10 @@ CKM::RawBuffer i2d(I2D_CONV fun, EVP_PKEY* pkey) { BioUniquePtr bio(BIO_new(BIO_s_mem()), BIO_free_all); - if (NULL == pkey) { - LogDebug("You are trying to read empty key!"); - return RawBuffer(); - } - - if (NULL == bio.get()) { - LogError("Error in memory allocation! Function: BIO_new."); + if (pkey == nullptr || !bio) return RawBuffer(); - } - if (1 != fun(bio.get(), pkey)) { + if (fun(bio.get(), pkey) != 1) { LogError("Error in conversion EVP_PKEY to der"); return RawBuffer(); } @@ -90,56 +81,47 @@ CKM::RawBuffer i2d(I2D_CONV fun, EVP_PKEY* pkey) } // anonymous namespace -KeyImpl::KeyImpl() - : m_pkey(NULL, EVP_PKEY_free) - , m_type(KeyType::KEY_NONE) -{ -} - -KeyImpl::KeyImpl(const KeyImpl &second) +KeyImpl::KeyImpl() : m_pkey(nullptr, EVP_PKEY_free), m_type(KeyType::KEY_NONE) { - m_pkey = second.m_pkey; - m_type = second.m_type; } KeyImpl::KeyImpl(const RawBuffer &buf, const Password &password) : - m_pkey(NULL, EVP_PKEY_free), + m_pkey(nullptr, EVP_PKEY_free), m_type(KeyType::KEY_NONE) { bool isPrivate = false; - EVP_PKEY *pkey = NULL; + EVP_PKEY *pkey = nullptr; BioUniquePtr bio(BIO_new(BIO_s_mem()), BIO_free_all); LogDebug("Start to parse key:"); -// printDER(buf); if (buf[0] != '-') { BIO_write(bio.get(), buf.data(), buf.size()); - pkey = d2i_PUBKEY_bio(bio.get(), NULL); + pkey = d2i_PUBKEY_bio(bio.get(), nullptr); isPrivate = false; LogDebug("Trying d2i_PUBKEY_bio Status: " << (void*)pkey); } if (!pkey && buf[0] != '-') { - (void)BIO_reset(bio.get()); + BIO_reset(bio.get()); BIO_write(bio.get(), buf.data(), buf.size()); - pkey = d2i_PrivateKey_bio(bio.get(), NULL); + pkey = d2i_PrivateKey_bio(bio.get(), nullptr); isPrivate = true; LogDebug("Trying d2i_PrivateKey_bio Status: " << (void*)pkey); } if (!pkey && buf[0] == '-') { - (void)BIO_reset(bio.get()); + BIO_reset(bio.get()); BIO_write(bio.get(), buf.data(), buf.size()); - pkey = PEM_read_bio_PUBKEY(bio.get(), NULL, passcb, const_cast(&password)); + pkey = PEM_read_bio_PUBKEY(bio.get(), nullptr, passcb, const_cast(&password)); isPrivate = false; LogDebug("PEM_read_bio_PUBKEY Status: " << (void*)pkey); } if (!pkey && buf[0] == '-') { - (void)BIO_reset(bio.get()); + BIO_reset(bio.get()); BIO_write(bio.get(), buf.data(), buf.size()); - pkey = PEM_read_bio_PrivateKey(bio.get(), NULL, passcb, const_cast(&password)); + pkey = PEM_read_bio_PrivateKey(bio.get(), nullptr, passcb, const_cast(&password)); isPrivate = true; LogDebug("PEM_read_bio_PrivateKey Status: " << (void*)pkey); } @@ -152,49 +134,49 @@ KeyImpl::KeyImpl(const RawBuffer &buf, const Password &password) : m_pkey.reset(pkey, EVP_PKEY_free); switch (EVP_PKEY_type(pkey->type)) { - case EVP_PKEY_RSA: - m_type = isPrivate ? KeyType::KEY_RSA_PRIVATE : KeyType::KEY_RSA_PUBLIC; - break; + case EVP_PKEY_RSA: + m_type = isPrivate ? KeyType::KEY_RSA_PRIVATE : KeyType::KEY_RSA_PUBLIC; + break; - case EVP_PKEY_DSA: - m_type = isPrivate ? KeyType::KEY_DSA_PRIVATE : KeyType::KEY_DSA_PUBLIC; - break; + case EVP_PKEY_DSA: + m_type = isPrivate ? KeyType::KEY_DSA_PRIVATE : KeyType::KEY_DSA_PUBLIC; + break; - case EVP_PKEY_EC: - m_type = isPrivate ? KeyType::KEY_ECDSA_PRIVATE : KeyType::KEY_ECDSA_PUBLIC; - break; + case EVP_PKEY_EC: + m_type = isPrivate ? KeyType::KEY_ECDSA_PRIVATE : KeyType::KEY_ECDSA_PUBLIC; + break; } - LogDebug("KeyType is: " << (int)m_type << " isPrivate: " << isPrivate); + + LogDebug("KeyType is: " << static_cast(m_type) << " isPrivate: " << isPrivate); } -KeyImpl::KeyImpl(EvpShPtr pkey, KeyType type) : - m_pkey(pkey), - m_type(type) +KeyImpl::KeyImpl(EvpShPtr pkey, KeyType type) : m_pkey(pkey), m_type(type) { int expected_type = EVP_PKEY_NONE; + switch (type) { - case KeyType::KEY_RSA_PRIVATE: - case KeyType::KEY_RSA_PUBLIC: - expected_type = EVP_PKEY_RSA; - break; - - case KeyType::KEY_DSA_PRIVATE: - case KeyType::KEY_DSA_PUBLIC: - expected_type = EVP_PKEY_DSA; - break; - - case KeyType::KEY_AES: - LogError("Error, AES keys are not supported yet."); - break; - - case KeyType::KEY_ECDSA_PRIVATE: - case KeyType::KEY_ECDSA_PUBLIC: - expected_type = EVP_PKEY_EC; - break; - - default: - LogError("Unknown key type provided."); - break; + case KeyType::KEY_RSA_PRIVATE: + case KeyType::KEY_RSA_PUBLIC: + expected_type = EVP_PKEY_RSA; + break; + + case KeyType::KEY_DSA_PRIVATE: + case KeyType::KEY_DSA_PUBLIC: + expected_type = EVP_PKEY_DSA; + break; + + case KeyType::KEY_AES: + LogError("Error, AES keys are not supported yet."); + break; + + case KeyType::KEY_ECDSA_PRIVATE: + case KeyType::KEY_ECDSA_PUBLIC: + expected_type = EVP_PKEY_EC; + break; + + default: + LogError("Unknown key type provided."); + break; } // verify if actual key type matches the expected tpe @@ -207,7 +189,7 @@ KeyImpl::KeyImpl(EvpShPtr pkey, KeyType type) : bool KeyImpl::empty() const { - return m_pkey.get() == NULL; + return !m_pkey; } KeyImpl::EvpShPtr KeyImpl::getEvpShPtr() const @@ -233,19 +215,20 @@ RawBuffer KeyImpl::getDERPUB() const RawBuffer KeyImpl::getDER() const { switch (m_type) { - case KeyType::KEY_RSA_PRIVATE: - case KeyType::KEY_DSA_PRIVATE: - case KeyType::KEY_ECDSA_PRIVATE: - return getDERPRV(); - - case KeyType::KEY_RSA_PUBLIC: - case KeyType::KEY_DSA_PUBLIC: - case KeyType::KEY_ECDSA_PUBLIC: - return getDERPUB(); - - default: - break; + case KeyType::KEY_RSA_PRIVATE: + case KeyType::KEY_DSA_PRIVATE: + case KeyType::KEY_ECDSA_PRIVATE: + return getDERPRV(); + + case KeyType::KEY_RSA_PUBLIC: + case KeyType::KEY_DSA_PUBLIC: + case KeyType::KEY_ECDSA_PUBLIC: + return getDERPUB(); + + default: + break; } + return RawBuffer(); } @@ -265,4 +248,3 @@ KeyShPtr Key::create(const RawBuffer &raw, const Password &password) } } // namespace CKM - diff --git a/src/manager/common/key-impl.h b/src/manager/common/key-impl.h index 46f3dfc..c09b4a5 100644 --- a/src/manager/common/key-impl.h +++ b/src/manager/common/key-impl.h @@ -34,7 +34,8 @@ public: typedef std::shared_ptr EvpShPtr; KeyImpl(); - KeyImpl(const KeyImpl &second); + KeyImpl(const KeyImpl &second) = delete; + KeyImpl &operator=(const KeyImpl &second) = delete; KeyImpl(const RawBuffer& buffer, const Password &password = Password()); KeyImpl(EvpShPtr pkey, KeyType type); diff --git a/src/manager/common/pkcs12-impl.cpp b/src/manager/common/pkcs12-impl.cpp index 5a931d4..a73c055 100644 --- a/src/manager/common/pkcs12-impl.cpp +++ b/src/manager/common/pkcs12-impl.cpp @@ -84,22 +84,22 @@ PKCS12Impl::PKCS12Impl(const RawBuffer &buffer, const Password &password) if (pkey) { KeyImpl::EvpShPtr ptr(pkey, EVP_PKEY_free); switch (EVP_PKEY_type(pkey->type)) { - case EVP_PKEY_RSA: - m_pkey = std::make_shared(ptr, KeyType::KEY_RSA_PRIVATE); - break; - - case EVP_PKEY_DSA: - m_pkey = std::make_shared(ptr, KeyType::KEY_DSA_PRIVATE); - break; - - case EVP_PKEY_EC: - m_pkey = std::make_shared(ptr, KeyType::KEY_ECDSA_PRIVATE); - break; - - default: - LogError("Unsupported private key type."); - EVP_PKEY_free(pkey); - break; + case EVP_PKEY_RSA: + m_pkey = std::make_shared(ptr, KeyType::KEY_RSA_PRIVATE); + break; + + case EVP_PKEY_DSA: + m_pkey = std::make_shared(ptr, KeyType::KEY_DSA_PRIVATE); + break; + + case EVP_PKEY_EC: + m_pkey = std::make_shared(ptr, KeyType::KEY_ECDSA_PRIVATE); + break; + + default: + LogError("Unsupported private key type."); + EVP_PKEY_free(pkey); + break; } } @@ -116,13 +116,6 @@ PKCS12Impl::PKCS12Impl(const RawBuffer &buffer, const Password &password) } } -PKCS12Impl::PKCS12Impl(const PKCS12 &other) : - m_pkey(other.getKey()), - m_cert(other.getCertificate()), - m_ca(other.getCaCertificateShPtrVector()) -{ -} - PKCS12Impl::PKCS12Impl(PKCS12Impl &&other) : m_pkey(std::move(other.m_pkey)), m_cert(std::move(other.m_cert)), @@ -130,21 +123,23 @@ PKCS12Impl::PKCS12Impl(PKCS12Impl &&other) : { } -PKCS12Impl::PKCS12Impl(const PKCS12Impl &other) : - m_pkey(other.getKey()), - m_cert(other.getCertificate()), - m_ca(other.getCaCertificateShPtrVector()) +PKCS12Impl &PKCS12Impl::operator=(PKCS12Impl &&other) { + if (this == &other) + return *this; + + m_pkey = std::move(other.m_pkey); + m_cert = std::move(other.m_cert); + m_ca = std::move(other.m_ca); + + return *this; } -PKCS12Impl& PKCS12Impl::operator=(const PKCS12Impl &other) +PKCS12Impl::PKCS12Impl(const PKCS12 &other) : + m_pkey(other.getKey()), + m_cert(other.getCertificate()), + m_ca(other.getCaCertificateShPtrVector()) { - if (this != &other) { - m_pkey = other.getKey(); - m_cert = other.getCertificate(); - m_ca = other.getCaCertificateShPtrVector(); - } - return *this; } KeyShPtr PKCS12Impl::getKey() const diff --git a/src/manager/common/pkcs12-impl.h b/src/manager/common/pkcs12-impl.h index 9712829..8078d8b 100644 --- a/src/manager/common/pkcs12-impl.h +++ b/src/manager/common/pkcs12-impl.h @@ -31,13 +31,15 @@ class COMMON_API PKCS12Impl : public PKCS12 { public: PKCS12Impl() {} explicit PKCS12Impl(const PKCS12 &); - PKCS12Impl(PKCS12Impl &&); - PKCS12Impl(const PKCS12Impl &); PKCS12Impl(const RawBuffer &, const Password &); PKCS12Impl(const KeyShPtr &, const CertificateShPtr &, const CertificateShPtrVector &); - PKCS12Impl& operator=(const PKCS12Impl &); - PKCS12Impl& operator=(PKCS12Impl &&) = delete; + PKCS12Impl(PKCS12Impl &&); + PKCS12Impl& operator=(PKCS12Impl &&); + + PKCS12Impl(const PKCS12Impl &) = delete; + PKCS12Impl& operator=(const PKCS12Impl &) = delete; + virtual KeyShPtr getKey() const; virtual CertificateShPtr getCertificate() const; diff --git a/src/manager/common/protocols.cpp b/src/manager/common/protocols.cpp index d4d398d..8e72579 100644 --- a/src/manager/common/protocols.cpp +++ b/src/manager/common/protocols.cpp @@ -1,7 +1,5 @@ /* - * Copyright (c) 2000 - 2013 Samsung Electronics Co., Ltd All Rights Reserved - * - * Contact: Bumjin Im + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,10 +19,12 @@ * @version 1.0 * @brief List of all protocols supported by Central Key Manager. */ +#include "protocols.h" -#include +#include #include +#include #include namespace CKM { @@ -46,70 +46,101 @@ PKCS12Serializable::PKCS12Serializable(const PKCS12 &pkcs) { } +PKCS12Serializable::PKCS12Serializable(PKCS12Serializable &&other) + : PKCS12Impl(std::move(other)) +{ +} + +PKCS12Serializable &PKCS12Serializable::operator=(PKCS12Serializable &&other) +{ + if (this == &other) + return *this; + + m_pkey = std::move(other.m_pkey); + m_cert = std::move(other.m_cert); + m_ca = std::move(other.m_ca); + + return *this; +} + PKCS12Serializable::PKCS12Serializable(IStream &stream) { - // key - size_t numKeys; - Deserialization::Deserialize(stream, numKeys); - if (numKeys > 0) { + bool keyPresent = false; + Deserialization::Deserialize(stream, keyPresent); + if (keyPresent) { int keyType; RawBuffer keyData; Deserialization::Deserialize(stream, keyType); Deserialization::Deserialize(stream, keyData); m_pkey = CKM::Key::create(keyData); + if (m_pkey) + LogDebug("private key from pkcs deserialized success. key size: " << keyData.size() << " and DER size: " << m_pkey->getDER().size()); + else + LogError("private key from pkcs deserialized fail"); } - // cert - size_t numCerts; - Deserialization::Deserialize(stream, numCerts); - if (numCerts > 0) { + bool certPresent = false; + Deserialization::Deserialize(stream, certPresent); + if (certPresent) { RawBuffer certData; Deserialization::Deserialize(stream, certData); m_cert = CKM::Certificate::create(certData, DataFormat::FORM_DER); + if (m_cert) + LogDebug("certificate from pkcs deserialized success. cert size: " << certData.size() << " and DER size: " << m_cert->getDER().size()); + else + LogError("certificate from pkcs deserialized fail"); } - // CA chain - size_t num_CA; - Deserialization::Deserialize(stream, num_CA); - for (size_t i=0; i < num_CA; i++) { + size_t numCA = 0; + Deserialization::Deserialize(stream, numCA); + for (size_t i = 0; i < numCA; i++) { RawBuffer CAcertData; Deserialization::Deserialize(stream, CAcertData); - m_ca.push_back(CKM::Certificate::create(CAcertData, DataFormat::FORM_DER)); + m_ca.emplace_back(CKM::Certificate::create(CAcertData, DataFormat::FORM_DER)); + if (m_pkey) + LogDebug("ca certificate from pkcs deserialized success. cert size: " << CAcertData.size() << " and DER size: " << CKM::Certificate::create(CAcertData, DataFormat::FORM_DER)->getDER().size()); + else + LogError("ca certificate from pkcs deserialized fail"); } } -PKCS12Serializable::PKCS12Serializable(const KeyShPtr &privKey, const CertificateShPtr &cert, const CertificateShPtrVector &chainCerts) +PKCS12Serializable::PKCS12Serializable(KeyShPtr &&privKey, CertificateShPtr &&cert, CertificateShPtrVector &&chainCerts) { - m_pkey = privKey; - m_cert = cert; - m_ca = chainCerts; + m_pkey = std::move(privKey); + m_cert = std::move(cert); + m_ca = std::move(chainCerts); } void PKCS12Serializable::Serialize(IStream &stream) const { - // key - Key *keyPtr = getKey().get(); - bool isAnyKeyPresent = (getKey().get() != NULL); + auto keyPtr = getKey(); + bool isKeyPresent = !!keyPtr; // logics if PKCS is correct or not is on the service side. // sending number of keys and certificates to allow proper parsing on the service side. // (what if no key or cert present? attempt to deserialize a not present key/cert would // throw an error and close the connection). - Serialization::Serialize(stream, static_cast(isAnyKeyPresent?1:0)); - if (keyPtr) { + Serialization::Serialize(stream, isKeyPresent); + if (isKeyPresent) { Serialization::Serialize(stream, DataType(keyPtr->getType())); Serialization::Serialize(stream, keyPtr->getDER()); + LogDebug("private key from pkcs serialized success. key DER size: " << keyPtr->getDER().size()); } - bool isAnyCertPresent = (getCertificate().get() != NULL); - Serialization::Serialize(stream, static_cast(isAnyCertPresent?1:0)); - if (isAnyCertPresent) - Serialization::Serialize(stream, getCertificate().get()->getDER()); + auto certPtr = getCertificate(); + bool isCertPresent = !!certPtr; + Serialization::Serialize(stream, isCertPresent); + if (isCertPresent) { + Serialization::Serialize(stream, certPtr->getDER()); + LogDebug("certificate from pkcs serialized success. cert DER size: " << certPtr->getDER().size()); + } - // CA chain - Serialization::Serialize(stream, getCaCertificateShPtrVector().size()); - for (auto it : getCaCertificateShPtrVector()) - Serialization::Serialize(stream, it->getDER()); + auto caCertPtrVec = getCaCertificateShPtrVector(); + Serialization::Serialize(stream, caCertPtrVec.size()); + for (auto &caCertPtr : getCaCertificateShPtrVector()) { + Serialization::Serialize(stream, caCertPtr->getDER()); + LogDebug("ca certificate from pkcs serialized success. cert DER size: " << caCertPtr->getDER().size()); + } }; diff --git a/src/manager/common/protocols.h b/src/manager/common/protocols.h index d2a9d05..de108f3 100644 --- a/src/manager/common/protocols.h +++ b/src/manager/common/protocols.h @@ -103,12 +103,18 @@ struct COMMON_API PolicySerializable : public Policy, ISerializable { struct COMMON_API PKCS12Serializable : public PKCS12Impl, ISerializable { PKCS12Serializable(); + + PKCS12Serializable(const PKCS12Serializable &) = delete; + PKCS12Serializable &operator=(const PKCS12Serializable &) = delete; + + PKCS12Serializable(PKCS12Serializable &&); + PKCS12Serializable &operator=(PKCS12Serializable &&); + explicit PKCS12Serializable(const PKCS12 &); explicit PKCS12Serializable(IStream &); - PKCS12Serializable( - const KeyShPtr &privKey, - const CertificateShPtr &cert, - const CertificateShPtrVector &chainCerts); + PKCS12Serializable(KeyShPtr &&privKey, + CertificateShPtr &&cert, + CertificateShPtrVector &&chainCerts); void Serialize(IStream &) const; }; diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp index 5dc7826..5eed782 100644 --- a/src/manager/service/ckm-logic.cpp +++ b/src/manager/service/ckm-logic.cpp @@ -476,8 +476,10 @@ int CKMLogic::extractPKCS12Data( { // private key is mandatory auto key = pkcs.getKey(); - if (!key) + if (!key) { + LogError("Failed to get private key from pkcs"); return CKM_API_ERROR_INVALID_FORMAT; + } Crypto::Data keyData(DataType(key->getType()), key->getDER()); int retCode = verifyBinaryData(keyData); @@ -487,8 +489,10 @@ int CKMLogic::extractPKCS12Data( // certificate is mandatory auto cert = pkcs.getCertificate(); - if (!cert) + if (!cert) { + LogError("Failed to get certificate from pkcs"); return CKM_API_ERROR_INVALID_FORMAT; + } Crypto::Data certData(DataType::CERTIFICATE, cert->getDER()); retCode = verifyBinaryData(certData); if (retCode != CKM_API_SUCCESS) @@ -936,7 +940,7 @@ RawBuffer CKMLogic::getPKCS12( // prepare response if (retCode == CKM_API_SUCCESS) - output = PKCS12Serializable(privKey, cert, caChain); + output = PKCS12Serializable(std::move(privKey), std::move(cert), std::move(caChain)); } catch (const Exc::Exception &e) { retCode = e.error(); } catch (const CKM::Exception &e) { -- 2.7.4 From 837a4042fecb16022c8d143f2ec1857d877a52fa Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Tue, 15 Mar 2016 22:30:54 +0900 Subject: [PATCH 13/16] Add internal TC: for Base64, DataType Change-Id: Ic5bdcd1298e1b76c37ee69f58dff2b7dc39fbcdf Signed-off-by: Kyungwook Tak --- tests/CMakeLists.txt | 4 ++ tests/test_base64.cpp | 111 ++++++++++++++++++++++++++++++++ tests/test_data-type.cpp | 161 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 276 insertions(+) create mode 100644 tests/test_base64.cpp create mode 100644 tests/test_data-type.cpp diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 5d5343d..1734608 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -37,8 +37,10 @@ SET(TEST_MERGED_SOURCES ${KEY_MANAGER_TEST_MERGED_SRC}/colour_log_formatter.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/DBFixture.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/main.cpp + ${KEY_MANAGER_TEST_MERGED_SRC}/test_base64.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_comm-manager.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_common.cpp + ${KEY_MANAGER_TEST_MERGED_SRC}/test_data-type.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_db_crypto.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_descriptor-set.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_encryption-scheme.cpp @@ -48,6 +50,8 @@ SET(TEST_MERGED_SOURCES ${KEY_MANAGER_TEST_MERGED_SRC}/test_serialization.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_sql.cpp ${KEY_MANAGER_TEST_MERGED_SRC}/test_xml-parser.cpp + + # duplicated srcs to test hidden symbols ${KEY_MANAGER_PATH}/client-async/descriptor-set.cpp ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp ${KEY_MANAGER_PATH}/dpl/core/src/colors.cpp diff --git a/tests/test_base64.cpp b/tests/test_base64.cpp new file mode 100644 index 0000000..2f030ae --- /dev/null +++ b/tests/test_base64.cpp @@ -0,0 +1,111 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + * + * @file test_base64.cpp + * @author Kyungwook Tak (k.tak@samsung.com) + * @version 1.0 + * @brief base64 encoder / decoder test + */ +#include + +#include +#include +#include + +#include + +using CKM::Base64Encoder; +using CKM::Base64Decoder; +using CKM::RawBuffer; + +namespace { + +constexpr unsigned char RAW_DATA[] = { + 0xf8, 0x87, 0x0a, 0xc5, 0xd3, 0x6d, 0x44, 0x49, 0x03, 0x9f, 0xbd, 0x1e, 0xa8, 0x2f, 0xf6, 0xc3, + 0xdf, 0x3b, 0x02, 0x13, 0x58, 0x1b, 0x12, 0x30, 0x1c, 0xd7, 0xad, 0xa5, 0x1f, 0x5d, 0x01, 0x33 +}; + +const std::vector + RAW_DATA_VEC(RAW_DATA, RAW_DATA + sizeof(RAW_DATA) / sizeof(unsigned char)); + +const RawBuffer rawbuf(RAW_DATA_VEC.begin(), RAW_DATA_VEC.end()); + +} + +BOOST_AUTO_TEST_SUITE(BASE64_TEST) + +BOOST_AUTO_TEST_CASE(ENCODE_DECODE_POSITIVE) +{ + /* try encode */ + Base64Encoder encoder; + BOOST_REQUIRE_NO_THROW(encoder.append(rawbuf)); + BOOST_REQUIRE_NO_THROW(encoder.finalize()); + + RawBuffer encdata; + BOOST_REQUIRE_NO_THROW(encdata = encoder.get()); + BOOST_REQUIRE_NO_THROW(encoder.reset()); + + /* try decode */ + Base64Decoder decoder; + BOOST_REQUIRE_NO_THROW(decoder.append(encdata)); + BOOST_REQUIRE_NO_THROW(decoder.finalize()); + + RawBuffer decdata; + BOOST_REQUIRE_NO_THROW(decdata = decoder.get()); + BOOST_REQUIRE_NO_THROW(decoder.reset()); + + /* compare with orig data */ + BOOST_REQUIRE_MESSAGE( + rawbuf.size() == decdata.size() && memcmp(rawbuf.data(), decdata.data(), rawbuf.size()) == 0, + "Original data and encoded-decoded data is different!"); +} + +BOOST_AUTO_TEST_CASE(THROW_SOMETHING) +{ + /* encode data */ + Base64Encoder encoder; + BOOST_REQUIRE_THROW(encoder.get(), Base64Encoder::Exception::NotFinalized); + + BOOST_REQUIRE_NO_THROW(encoder.append(rawbuf)); + BOOST_REQUIRE_NO_THROW(encoder.finalize()); + + BOOST_REQUIRE_THROW(encoder.append(rawbuf), Base64Encoder::Exception::AlreadyFinalized); + BOOST_REQUIRE_THROW(encoder.finalize(), Base64Encoder::Exception::AlreadyFinalized); + + RawBuffer encdata; + BOOST_REQUIRE_NO_THROW(encdata = encoder.get()); + + /* decode data */ + Base64Decoder decoder; + BOOST_REQUIRE_THROW(decoder.get(), Base64Decoder::Exception::NotFinalized); + + BOOST_REQUIRE_NO_THROW(decoder.append(encdata)); + BOOST_REQUIRE_NO_THROW(decoder.finalize()); + + BOOST_REQUIRE_THROW(decoder.append(encdata), Base64Decoder::Exception::AlreadyFinalized); + BOOST_REQUIRE_THROW(decoder.finalize(), Base64Decoder::Exception::AlreadyFinalized); + + RawBuffer decdata; + BOOST_REQUIRE_NO_THROW(decdata = decoder.get()); +} + +BOOST_AUTO_TEST_CASE(ILLEGAL_DATA) +{ + Base64Decoder decoder; + BOOST_REQUIRE_NO_THROW(decoder.append(rawbuf)); + BOOST_REQUIRE(!decoder.finalize()); +} + +BOOST_AUTO_TEST_SUITE_END() diff --git a/tests/test_data-type.cpp b/tests/test_data-type.cpp new file mode 100644 index 0000000..215f552 --- /dev/null +++ b/tests/test_data-type.cpp @@ -0,0 +1,161 @@ +/* + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + * + * @file test_data-type.cpp + * @author Kyungwook Tak (k.tak@samsung.com) + * @version 1.0 + * @brief DataType class test + */ +#include + +#include + +#include + +using CKM::DataType; +using CKM::KeyType; +using CKM::AlgoType; + +BOOST_AUTO_TEST_SUITE(DATA_TYPE_TEST) + +BOOST_AUTO_TEST_CASE(CONSTRUCTOR) +{ + BOOST_REQUIRE_THROW(DataType(static_cast(999)), DataType::Exception::OutOfRange); + BOOST_REQUIRE_THROW(DataType(static_cast(999)), DataType::Exception::OutOfRange); + + std::vector types; + + types.emplace_back(AlgoType::AES_CTR); + types.emplace_back(AlgoType::AES_CBC); + types.emplace_back(AlgoType::AES_GCM); + types.emplace_back(AlgoType::AES_CFB); + types.emplace_back(AlgoType::AES_GEN); + for (auto &type : types) + BOOST_REQUIRE(type == DataType(DataType::KEY_AES)); + + types.clear(); + + types.emplace_back(AlgoType::RSA_SV); + types.emplace_back(AlgoType::RSA_OAEP); + types.emplace_back(AlgoType::RSA_GEN); + for (auto &type : types) + BOOST_REQUIRE(type == DataType(DataType::KEY_RSA_PUBLIC)); + + types.clear(); + + types.emplace_back(AlgoType::DSA_SV); + types.emplace_back(AlgoType::DSA_GEN); + for (auto &type : types) + BOOST_REQUIRE(type == DataType(DataType::KEY_DSA_PUBLIC)); + + types.clear(); + + types.emplace_back(AlgoType::ECDSA_SV); + types.emplace_back(AlgoType::ECDSA_GEN); + for (auto &type : types) + BOOST_REQUIRE(type == DataType(DataType::KEY_ECDSA_PUBLIC)); + + types.clear(); + + BOOST_REQUIRE_THROW( + DataType(static_cast(-1)), + DataType::Exception::OutOfRange); +} + +BOOST_AUTO_TEST_CASE(KEY_TYPE_CASTING) +{ + std::vector> pairs; + + pairs.emplace_back(DataType::KEY_RSA_PUBLIC, KeyType::KEY_RSA_PUBLIC); + pairs.emplace_back(DataType::KEY_RSA_PRIVATE, KeyType::KEY_RSA_PRIVATE); + + pairs.emplace_back(DataType::KEY_DSA_PUBLIC, KeyType::KEY_DSA_PUBLIC); + pairs.emplace_back(DataType::KEY_DSA_PRIVATE, KeyType::KEY_DSA_PRIVATE); + + pairs.emplace_back(DataType::KEY_ECDSA_PUBLIC, KeyType::KEY_ECDSA_PUBLIC); + pairs.emplace_back(DataType::KEY_ECDSA_PRIVATE, KeyType::KEY_ECDSA_PRIVATE); + + pairs.emplace_back(DataType::KEY_AES, KeyType::KEY_AES); + + for (auto &p : pairs) + BOOST_REQUIRE(p.second == DataType(static_cast(p.first))); +} + +BOOST_AUTO_TEST_CASE(UNARY_OPERATIONS) +{ + BOOST_REQUIRE(DataType(DataType::KEY_AES).isSKey()); + BOOST_REQUIRE(!DataType(DataType::KEY_RSA_PUBLIC).isSKey()); + + BOOST_REQUIRE(DataType(DataType::DB_CHAIN_FIRST).isChainCert()); + BOOST_REQUIRE(DataType(DataType::DB_CHAIN_LAST).isChainCert()); + BOOST_REQUIRE(!DataType(DataType::KEY_AES).isChainCert()); + + BOOST_REQUIRE(DataType(DataType::KEY_RSA_PUBLIC).isKeyPublic()); + BOOST_REQUIRE(DataType(DataType::KEY_DSA_PUBLIC).isKeyPublic()); + BOOST_REQUIRE(DataType(DataType::KEY_ECDSA_PUBLIC).isKeyPublic()); + BOOST_REQUIRE(!DataType(DataType::KEY_RSA_PRIVATE).isKeyPublic()); + BOOST_REQUIRE(!DataType(DataType::KEY_DSA_PRIVATE).isKeyPublic()); + BOOST_REQUIRE(!DataType(DataType::KEY_ECDSA_PRIVATE).isKeyPublic()); + BOOST_REQUIRE(!DataType(DataType::KEY_AES).isKeyPublic()); + BOOST_REQUIRE(!DataType(DataType::DB_CHAIN_LAST).isKeyPublic()); + + BOOST_REQUIRE(DataType(DataType::KEY_RSA_PRIVATE).isKeyPrivate()); + BOOST_REQUIRE(DataType(DataType::KEY_DSA_PRIVATE).isKeyPrivate()); + BOOST_REQUIRE(DataType(DataType::KEY_ECDSA_PRIVATE).isKeyPrivate()); + BOOST_REQUIRE(!DataType(DataType::KEY_RSA_PUBLIC).isKeyPrivate()); + BOOST_REQUIRE(!DataType(DataType::KEY_DSA_PUBLIC).isKeyPrivate()); + BOOST_REQUIRE(!DataType(DataType::KEY_ECDSA_PUBLIC).isKeyPrivate()); + BOOST_REQUIRE(!DataType(DataType::KEY_AES).isKeyPrivate()); + BOOST_REQUIRE(!DataType(DataType::DB_CHAIN_FIRST).isKeyPrivate()); + + BOOST_REQUIRE(DataType(DataType::CERTIFICATE).isCertificate()); + BOOST_REQUIRE(!DataType(DataType::KEY_AES).isCertificate()); + BOOST_REQUIRE(!DataType().isCertificate()); + BOOST_REQUIRE(!DataType(DataType::DB_CHAIN_FIRST).isCertificate()); + + BOOST_REQUIRE(DataType().isBinaryData()); + BOOST_REQUIRE(DataType(DataType::BINARY_DATA).isBinaryData()); + BOOST_REQUIRE(!DataType(DataType::KEY_AES).isBinaryData()); + BOOST_REQUIRE(!DataType(DataType::KEY_RSA_PUBLIC).isBinaryData()); + BOOST_REQUIRE(!DataType(DataType::DB_CHAIN_LAST).isBinaryData()); + + BOOST_REQUIRE(DataType(DataType::DB_KEY_FIRST).isKey()); + BOOST_REQUIRE(DataType(DataType::DB_KEY_LAST).isKey()); + BOOST_REQUIRE(DataType(DataType::KEY_AES).isKey()); + BOOST_REQUIRE(DataType(DataType::KEY_RSA_PUBLIC).isKey()); + BOOST_REQUIRE(DataType(DataType::KEY_RSA_PRIVATE).isKey()); + BOOST_REQUIRE(DataType(DataType::KEY_DSA_PUBLIC).isKey()); + BOOST_REQUIRE(DataType(DataType::KEY_DSA_PRIVATE).isKey()); + BOOST_REQUIRE(DataType(DataType::KEY_ECDSA_PUBLIC).isKey()); + BOOST_REQUIRE(DataType(DataType::KEY_ECDSA_PRIVATE).isKey()); + BOOST_REQUIRE(!DataType(DataType::DB_CHAIN_FIRST).isKey()); + BOOST_REQUIRE(!DataType(DataType::CERTIFICATE).isKey()); + BOOST_REQUIRE(!DataType().isKey()); +} + +BOOST_AUTO_TEST_CASE(GET_CHAIN_TYPE) +{ + DataType type; + + BOOST_REQUIRE(type.getChainDatatype(0) == DataType(DataType::DB_CHAIN_FIRST)); + BOOST_REQUIRE(type.getChainDatatype(5) == DataType(DataType::CHAIN_CERT_5)); + BOOST_REQUIRE(type.getChainDatatype(8) == DataType(DataType::CHAIN_CERT_8)); + BOOST_REQUIRE(type.getChainDatatype(13) == DataType(DataType::CHAIN_CERT_13)); + BOOST_REQUIRE(type.getChainDatatype(15) == DataType(DataType::DB_CHAIN_LAST)); + + BOOST_REQUIRE_THROW(type.getChainDatatype(16), DataType::Exception::OutOfRange); +} + +BOOST_AUTO_TEST_SUITE_END() -- 2.7.4 From d071bfe6398fdcfc1fab8d4ea55e3afead729558 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Wed, 16 Mar 2016 13:24:01 +0900 Subject: [PATCH 14/16] Version 0.1.23 Remove unused internal functions in common lib Refactor client-capi code as c++ style Remove CKMC error -> CKMC error converter Change-Id: I0f1a0b166720eec86821aa5cfbc80814c03ed66b Signed-off-by: Kyungwook Tak --- packaging/key-manager.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec index ed87faa..23e8703 100644 --- a/packaging/key-manager.spec +++ b/packaging/key-manager.spec @@ -1,6 +1,6 @@ Name: key-manager Summary: Central Key Manager and utilities -Version: 0.1.22 +Version: 0.1.23 Release: 1 Group: System/Security License: Apache-2.0 and BSL-1.0 and BSD-2.0 -- 2.7.4 From 0ec08c8d7ebd842ae2e8a714d92ebe6f093bfb10 Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Wed, 16 Mar 2016 13:50:35 +0900 Subject: [PATCH 15/16] Hotfix: build error by warning on 64bit arch unused return value of BIO_reset Change-Id: If03759de08a0f5e67d8e344f0026032b3f16ccf3 Signed-off-by: Kyungwook Tak --- src/manager/common/key-impl.cpp | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/manager/common/key-impl.cpp b/src/manager/common/key-impl.cpp index a7978c3..ab5308d 100644 --- a/src/manager/common/key-impl.cpp +++ b/src/manager/common/key-impl.cpp @@ -103,7 +103,8 @@ KeyImpl::KeyImpl(const RawBuffer &buf, const Password &password) : } if (!pkey && buf[0] != '-') { - BIO_reset(bio.get()); + /* cast to void of return val to ignore unused-value warning */ + static_cast(BIO_reset(bio.get())); BIO_write(bio.get(), buf.data(), buf.size()); pkey = d2i_PrivateKey_bio(bio.get(), nullptr); isPrivate = true; @@ -111,7 +112,8 @@ KeyImpl::KeyImpl(const RawBuffer &buf, const Password &password) : } if (!pkey && buf[0] == '-') { - BIO_reset(bio.get()); + /* cast to void of return val to ignore unused-value warning */ + static_cast(BIO_reset(bio.get())); BIO_write(bio.get(), buf.data(), buf.size()); pkey = PEM_read_bio_PUBKEY(bio.get(), nullptr, passcb, const_cast(&password)); isPrivate = false; @@ -119,7 +121,8 @@ KeyImpl::KeyImpl(const RawBuffer &buf, const Password &password) : } if (!pkey && buf[0] == '-') { - BIO_reset(bio.get()); + /* cast to void of return val to ignore unused-value warning */ + static_cast(BIO_reset(bio.get())); BIO_write(bio.get(), buf.data(), buf.size()); pkey = PEM_read_bio_PrivateKey(bio.get(), nullptr, passcb, const_cast(&password)); isPrivate = true; -- 2.7.4 From d65d061a2a47299a664f2b607dba32ca8621cf0b Mon Sep 17 00:00:00 2001 From: Kyungwook Tak Date: Mon, 21 Mar 2016 20:55:45 +0900 Subject: [PATCH 16/16] Change char unique_ptr to char vector char vector can free resource naturally than unique_ptr which should use delete [] explicitly by destructor. Related SVACE defect id : 56526, 56527 Vericiation: ckm-tests-internal --run_test=ENCRYPTION_SCHEME_TEST Change-Id: I508192c49557b9f980556e7a20d589be37390b3b Signed-off-by: Kyungwook Tak --- tests/encryption-scheme/scheme-test.cpp | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/tests/encryption-scheme/scheme-test.cpp b/tests/encryption-scheme/scheme-test.cpp index abb6538..47d1569 100644 --- a/tests/encryption-scheme/scheme-test.cpp +++ b/tests/encryption-scheme/scheme-test.cpp @@ -32,6 +32,7 @@ #include #include +#include #include @@ -263,10 +264,9 @@ uid_t getUid(const char *name) { memset(&pwd, 0x00, sizeof(pwd)); - std::unique_ptr buf(new char[bufsize]); - BOOST_REQUIRE_MESSAGE(buf, "failed to allocate mem for buf for getpwname_r"); + std::vector buf(bufsize, 0); - int ret = getpwnam_r(name, &pwd, buf.get(), bufsize, &result); + int ret = getpwnam_r(name, &pwd, buf.data(), bufsize, &result); BOOST_REQUIRE_MESSAGE(ret == 0 && result, "getpwnam_r failed"); return pwd.pw_uid; @@ -281,10 +281,9 @@ gid_t getGid(const char *name) { memset(&grp, 0x00, sizeof(grp)); - std::unique_ptr buf(new char[bufsize]); - BOOST_REQUIRE_MESSAGE(buf, "failed to allocate mem for buf for getgrnam_r"); + std::vector buf(bufsize, 0); - int ret = getgrnam_r(name, &grp, buf.get(), bufsize, &result); + int ret = getgrnam_r(name, &grp, buf.data(), bufsize, &result); BOOST_REQUIRE_MESSAGE(ret == 0 && result, "getgrnam_r failed"); return grp.gr_gid; -- 2.7.4