Add new steps for trust anchor

- Add StepRegisterTrustAnchor to install requests
- Add StepUnregisterTrustAnchor to uninstall requests
- Add StepUpdateTrustAnchor to update requests

Related changes:
[tpk-manifest-handlers] : https://review.tizen.org/gerrit/136315
[app-installers] : https://review.tizen.org/gerrit/136316
[pkgmgr-info] : https://review.tizen.org/gerrit/136317
[wgt-manifest-handlers] : https://review.tizen.org/gerrit/136866
[tpk-backend] : https://review.tizen.org/gerrit/137370

Change-Id: I3ff3dd724d444a7036746377b7c43da2788df2ac
Signed-off-by: Junghyun Yeon <jungh.yeon@samsung.com>

diff --git a/src/wgt/step/configuration/step_parse.cc b/src/wgt/step/configuration/step_parse.cc
index f1825e2..47605b4 100644 (file)
--- a/src/wgt/step/configuration/step_parse.cc
+++ b/src/wgt/step/configuration/step_parse.cc
@@ -508,6 +508,31 @@ bool StepParse::FillBackgroundCategoryInfo(manifest_x* manifest) {
   return true;
 }
 
+bool StepParse::FillTrustAnchorInfo(manifest_x* manifest) {
+  auto trust_anchor_info = parser_->GetManifestData(
+      app_keys::kTizenTrustAnchorKey);
+
+  if (!trust_anchor_info)
+    return true;
+
+  std::shared_ptr<const parse::TrustAnchorInfo> trust_anchor =
+      std::static_pointer_cast<const parse::TrustAnchorInfo>
+      (trust_anchor_info);
+
+  if (!trust_anchor)
+    return true;
+
+  std::string certs_dir = trust_anchor->get_certs_dir();
+  if (!certs_dir.empty())
+    manifest->pkg_certs_dir = strdup(certs_dir.c_str());
+
+  std::string use_system_certs = trust_anchor->get_use_system_certs();
+  if (!use_system_certs.empty())
+    manifest->use_system_certs = strdup(use_system_certs.c_str());
+
+  return true;
+}
+
 bool StepParse::FillAppControl(manifest_x* manifest) {
   auto app_info_list =
       GetManifestDataForKey<const wgt::parse::AppControlInfoList>(
@@ -717,6 +742,8 @@ bool StepParse::FillManifestX(manifest_x* manifest) {
     return false;
   if (!FillBackgroundCategoryInfo(manifest))
     return false;
+  if (!FillTrustAnchorInfo(manifest))
+    return false;
 
   // Fill data for other applications
   if (!FillAdditionalApplications(manifest))

diff --git a/src/wgt/step/configuration/step_parse.h b/src/wgt/step/configuration/step_parse.h
index 10e5f9e..e875f77 100644 (file)
--- a/src/wgt/step/configuration/step_parse.h
+++ b/src/wgt/step/configuration/step_parse.h
@@ -74,6 +74,7 @@ class StepParse : public common_installer::Step {
   bool FillBackgroundCategoryInfo(manifest_x* manifest);
   bool FillAdditionalApplications(manifest_x* manifest);
   bool FillManifestX(manifest_x* manifest);
+  bool FillTrustAnchorInfo(manifest_x* manifest);
 
   std::unique_ptr<wgt::parse::WidgetConfigParser> parser_;
   ConfigLocation config_location_;

diff --git a/src/wgt/step/pkgmgr/step_generate_xml.cc b/src/wgt/step/pkgmgr/step_generate_xml.cc
index e7e8235..6743f2a 100644 (file)
--- a/src/wgt/step/pkgmgr/step_generate_xml.cc
+++ b/src/wgt/step/pkgmgr/step_generate_xml.cc
@@ -391,7 +391,7 @@ common_installer::Step::Status StepGenerateXml::GenerateManifestElement(
   GenerateIme(writer);
   GenerateProfiles(writer);
   GenerateShortcuts(writer);
-
+  GenerateTrustAnchor(writer);
   xmlTextWriterEndElement(writer);
   return Status::OK;
 }
@@ -675,5 +675,20 @@ void StepGenerateXml::GenerateShortcuts(xmlTextWriterPtr writer) {
   }
 }
 
+void StepGenerateXml::GenerateTrustAnchor(xmlTextWriterPtr writer) {
+  if (!context_->manifest_data.get()->pkg_certs_dir ||
+      !context_->manifest_data.get()->use_system_certs)
+    return;
+
+  xmlTextWriterStartElement(writer, BAD_CAST "trust-anchor");
+  xmlTextWriterWriteAttribute(writer, BAD_CAST "pkg-certs-dir",
+      BAD_CAST context_->manifest_data.get()->pkg_certs_dir);
+
+  xmlTextWriterWriteAttribute(writer, BAD_CAST "use-system-certs",
+      BAD_CAST context_->manifest_data.get()->use_system_certs);
+
+  xmlTextWriterEndElement(writer);
+}
+
 }  // namespace pkgmgr
 }  // namespace wgt

diff --git a/src/wgt/step/pkgmgr/step_generate_xml.h b/src/wgt/step/pkgmgr/step_generate_xml.h
index 5bb7f89..f9a893f 100644 (file)
--- a/src/wgt/step/pkgmgr/step_generate_xml.h
+++ b/src/wgt/step/pkgmgr/step_generate_xml.h
@@ -49,6 +49,7 @@ class StepGenerateXml : public common_installer::Step {
   void GenerateIme(xmlTextWriterPtr writer);
   void GenerateProfiles(xmlTextWriterPtr writer);
   void GenerateShortcuts(xmlTextWriterPtr writer);
+  void GenerateTrustAnchor(xmlTextWriterPtr writer);
 
   STEP_NAME(GenerateXML)
 };

diff --git a/src/wgt/wgt_backend_data.h b/src/wgt/wgt_backend_data.h
index c36cbad..cd7651a 100644 (file)
--- a/src/wgt/wgt_backend_data.h
+++ b/src/wgt/wgt_backend_data.h
@@ -12,6 +12,7 @@
 #include <wgt_manifest_handlers/content_handler.h>
 #include <wgt_manifest_handlers/service_handler.h>
 #include <wgt_manifest_handlers/setting_handler.h>
+#include <wgt_manifest_handlers/trust_anchor_handler.h>
 
 #include <string>
 #include <vector>
@@ -32,6 +33,7 @@ class WgtBackendData : public common_installer::BackendData {
   Property<parse::AppWidgetInfo> appwidgets;
   Property<parse::ContentInfo> content;
   Property<parse::ServiceList> service_list;
+  Property<parse::TrustAnchorInfo> trust_anchor;
 };
 
 }  // namespace wgt

diff --git a/src/wgt/wgt_installer.cc b/src/wgt/wgt_installer.cc
index 20c741b..bc4edde 100755 (executable)
--- a/src/wgt/wgt_installer.cc
+++ b/src/wgt/wgt_installer.cc
@@ -76,6 +76,9 @@
 #include <common/step/security/step_rollback_deinstallation_security.h>
 #include <common/step/security/step_rollback_installation_security.h>
 #include <common/step/security/step_update_security.h>
+#include <common/step/security/step_register_trust_anchor.h>
+#include <common/step/security/step_unregister_trust_anchor.h>
+#include <common/step/security/step_update_trust_anchor.h>
 
 #include <wgt_manifest_handlers/widget_config_parser.h>
 
@@ -227,6 +230,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<wgt::security::StepCheckExtensionPrivileges>();
       AddStep<wgt::pkgmgr::StepGenerateXml>();
       AddStep<ci::pkgmgr::StepRegisterApplication>();
+      AddStep<ci::security::StepRegisterTrustAnchor>();
       AddStep<ci::security::StepRegisterSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(
           ci::Plugin::ActionType::Install);
@@ -273,6 +277,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<wgt::security::StepCheckExtensionPrivileges>();
       AddStep<wgt::pkgmgr::StepGenerateXml>();
       AddStep<ci::pkgmgr::StepUpdateApplication>();
+      AddStep<ci::security::StepUpdateTrustAnchor>();
       AddStep<ci::security::StepUpdateSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(
           ci::Plugin::ActionType::Upgrade);
@@ -301,6 +306,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<ci::filesystem::StepRemoveZipImage>();
       AddStep<ci::filesystem::StepRemoveIcons>();
       AddStep<wgt::encryption::StepRemoveEncryptionData>();
+      AddStep<ci::security::StepUnregisterTrustAnchor>();
       AddStep<ci::security::StepRevokeSecurity>();
       AddStep<ci::pkgmgr::StepRemoveManifest>();
       AddStep<ci::filesystem::StepCreateGlobalAppSymlinks>();
@@ -324,6 +330,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<ci::filesystem::StepUpdateTep>();
       AddStep<ci::rds::StepRDSModify>();
       AddStep<wgt::security::StepCheckExtensionPrivileges>();
+      AddStep<ci::security::StepUpdateTrustAnchor>();
       AddStep<ci::security::StepUpdateSecurity>();
       AddStep<ci::filesystem::StepChangeOwnershipAndPermission>();
       AddStep<ci::filesystem::StepCreateGlobalAppSymlinks>();
@@ -371,6 +378,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<wgt::security::StepCheckExtensionPrivileges>();
       AddStep<wgt::pkgmgr::StepGenerateXml>();
       AddStep<ci::pkgmgr::StepUpdateApplication>();
+      AddStep<ci::security::StepUpdateTrustAnchor>();
       AddStep<ci::security::StepUpdateSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(
           ci::Plugin::ActionType::Upgrade);
@@ -429,6 +437,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<wgt::pkgmgr::StepGenerateXml>();
       AddStep<wgt::security::StepCheckExtensionPrivileges>();
       AddStep<ci::pkgmgr::StepRegisterApplication>();
+      AddStep<ci::security::StepRegisterTrustAnchor>();
       AddStep<ci::security::StepRegisterSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(
           ci::Plugin::ActionType::Install);
@@ -472,6 +481,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<wgt::security::StepCheckExtensionPrivileges>();
       AddStep<wgt::pkgmgr::StepGenerateXml>();
       AddStep<ci::pkgmgr::StepUpdateApplication>();
+      AddStep<ci::security::StepUpdateTrustAnchor>();
       AddStep<ci::security::StepUpdateSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(
           ci::Plugin::ActionType::Upgrade);
@@ -498,6 +508,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<wgt::filesystem::StepWgtPatchIcons>();
       AddStep<wgt::pkgmgr::StepGenerateXml>();
       AddStep<ci::pkgmgr::StepRegisterApplication>();
+      AddStep<ci::security::StepRegisterTrustAnchor>();
       AddStep<ci::security::StepRegisterSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(ci::Plugin::ActionType::Install);
       AddStep<ci::filesystem::StepCreatePerUserStorageDirectories>(
@@ -528,6 +539,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<wgt::filesystem::StepWgtPatchIcons>();
       AddStep<wgt::pkgmgr::StepGenerateXml>();
       AddStep<ci::pkgmgr::StepUpdateApplication>();
+      AddStep<ci::security::StepUpdateTrustAnchor>();
       AddStep<ci::security::StepUpdateSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(
           ci::Plugin::ActionType::Upgrade);
@@ -570,6 +582,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<wgt::security::StepCheckExtensionPrivileges>();
       AddStep<wgt::pkgmgr::StepGenerateXml>();
       AddStep<ci::pkgmgr::StepUpdateApplication>();
+      AddStep<ci::security::StepUpdateTrustAnchor>();
       AddStep<ci::security::StepUpdateSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(ci::Plugin::ActionType::Upgrade);
       AddStep<ci::filesystem::StepChangeOwnershipAndPermission>();
@@ -598,6 +611,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<ci::filesystem::StepRemoveZipImage>();
       AddStep<ci::pkgmgr::StepUpdateApplication>();
       AddStep<ci::configuration::StepSwitchReadonlyMode>();
+      AddStep<ci::security::StepUpdateTrustAnchor>();
       AddStep<ci::security::StepUpdateSecurity>();
       AddStep<ci::pkgmgr::StepRemoveManifest>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(ci::Plugin::ActionType::Upgrade);
@@ -614,6 +628,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<wgt::security::StepCheckWgtBackgroundCategory>();
       AddStep<ci::filesystem::StepRemoveGlobalAppSymlinks>();
       AddStep<ci::pkgmgr::StepRegisterApplication>();
+      AddStep<ci::security::StepRegisterTrustAnchor>();
       AddStep<ci::security::StepRegisterSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(ci::Plugin::ActionType::Install);
       AddStep<ci::filesystem::StepCreatePerUserStorageDirectories>(
@@ -636,6 +651,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<ci::pkgmgr::StepKillApps>();
       AddStep<ci::filesystem::StepRemoveGlobalAppSymlinks>();
       AddStep<ci::pkgmgr::StepUpdateApplication>();
+      AddStep<ci::security::StepUpdateTrustAnchor>();
       AddStep<ci::security::StepUpdateSecurity>();
       AddStep<ci::pkgmgr::StepRunParserPlugin>(
           ci::Plugin::ActionType::Upgrade);
@@ -657,6 +673,7 @@ WgtInstaller::WgtInstaller(ci::PkgMgrPtr pkgrmgr)
       AddStep<ci::filesystem::StepRemovePerUserStorageDirectories>();
       AddStep<ci::pkgmgr::StepUnregisterApplication>();
       AddStep<wgt::encryption::StepRemoveEncryptionData>();
+      AddStep<ci::security::StepUnregisterTrustAnchor>();
       AddStep<ci::security::StepRevokeSecurity>();
   }