#include <vcore/SignatureReader.h>
#include <vcore/SignatureFinder.h>
#include <vcore/WrtSignatureValidator.h>
-#include <vcore/DeveloperModeValidator.h>
#include <dpl/utils/wrt_global_settings.h>
#include <dpl/wrt-dao-ro/global_dao_read_only.h>
{
AddStep(&TaskCertify::stepSignature);
// certi comparison determines whether the update.
- if (true == m_contextData.existingWidgetInfo.isExist) {
+ if (true == m_contextData.isUpdateMode) {
AddStep(&TaskCertify::stepVerifyUpdate);
}
// no point in check domain WAC_ROOT and WAC_RECOGNIZED
m_contextData.wacSecurity.setDistributorSigned(true);
- if (data.getStorageType().contains(CertStoreId::WAC_ROOT)) {
- m_contextData.wacSecurity.setWacSigned(true);
- }
-
CertificateCollection collection;
collection.load(data.getCertList());
Assert(collection.sort() &&
SignatureFinder signatureFinder(widgetPath);
if (SignatureFinder::NO_ERROR != signatureFinder.find(signatureFiles)) {
LogError("Error in Signature Finder");
- ThrowMsg(Exceptions::InvalidPackage,
+ ThrowMsg(Exceptions::SignatureNotFound,
"Error openig temporary widget directory");
}
SignatureFileInfoSet::reverse_iterator iter = signatureFiles.rbegin();
LogInfo("Number of signatures: " << signatureFiles.size());
- bool testCertificate = false;
-
bool complianceMode = GlobalDAOReadOnly::getComplianceMode();
for (; iter != signatureFiles.rend(); ++iter) {
if (result == WrtSignatureValidator::SIGNATURE_REVOKED) {
LogWarning("Certificate is REVOKED");
- ThrowMsg(Exceptions::InvalidPackage,
+ ThrowMsg(Exceptions::CertificateExpired,
"Certificate is REVOKED");
}
if (result == WrtSignatureValidator::SIGNATURE_INVALID) {
LogWarning("Signature is INVALID");
// TODO change exception name
- ThrowMsg(Exceptions::InvalidPackage,
+ ThrowMsg(Exceptions::SignatureInvalid,
"Invalid Package");
}
// now signature _must_ be verified
processDistributorSignature(data);
}
-
- bool developerMode = GlobalDAOReadOnly::GetDeveloperMode();
-
- std::string realMEID;
- /*
- TapiHandle *tapiHandle = tel_init(NULL);
- char *meid = tel_get_misc_me_sn_sync(tapiHandle);
- if (meid) {
- realMEID = meid;
- free(meid);
- }
- tel_deinit(tapiHandle);
- */
-
- DeveloperModeValidator developerModeValidator(
- complianceMode,
- developerMode,
- GlobalDAOReadOnly::getComplianceFakeImei(),
- GlobalDAOReadOnly::getComplianceFakeMeid(),
- realMEID);
-
- developerModeValidator.check(data);
-
- testCertificate |=
- data.getStorageType().contains(CertStoreId::DEVELOPER);
-
- if (testCertificate && !developerMode) {
- LogError("Widget signed by test certificate, "
- "but developer mode is off.");
- ThrowMsg(Exceptions::InvalidPackage,
- "Widget signed by test certificate, "
- "but developer mode is off.");
- }
- m_contextData.widgetConfig.isTestWidget = testCertificate;
} Catch(ParserSchemaException::Base) {
LogError("Error occured in ParserSchema.");
- ReThrowMsg(Exceptions::InvalidPackage,
+ ReThrowMsg(Exceptions::SignatureInvalid,
"Error occured in ParserSchema.");
}
- Catch(DeveloperModeValidator::Exception::Base) {
- LogError("Cannot validate developer certificate.");
- ReThrowMsg(Exceptions::InvalidPackage,
- "Cannot validate developer certificate.");
- }
}
if (signatureFiles.empty()) {
oldCertificate->getBase64());
LogDebug("new widget's author signer certificate : " <<
newCertificate->getBase64());
- ThrowMsg(Exceptions::InvalidPackage,
+ ThrowMsg(Exceptions::NotMatchedCertification,
"Author signer certificates doesn't match \
between old widget and installing widget");
}
} else {
if (!(NULL == newCertificate.Get() && NULL == oldCertificate.Get())) {
- ThrowMsg(Exceptions::InvalidPackage,
+ ThrowMsg(Exceptions::NotMatchedCertification,
"Author signer certificates doesn't match \
between old widget and installing widget");
}