Krzysztof Jackiewicz [Tue, 20 Jan 2015 10:45:06 +0000 (11:45 +0100)]
Fix label-related logic during permission setting
[Issue#] N/A
[Feature/Bug] N/A
[Problem] The logic of setPermissionHelper was not accurate. It worked because
in our special case the owner==client.
[Cause] N/A
[Solution] Logic fixed to address generic cases. Few comments added
[Verification] Run tests
Change-Id: I853cb523fb5309600a0f54df8efa65bc910e83cc
kyungwook tak [Thu, 20 Nov 2014 01:40:39 +0000 (10:40 +0900)]
Add OCSP check CAPI
Change-Id: I41876e3c8a3ea33c1a9eb200bc9467571b83940b
Bartlomiej Grzelewski [Mon, 12 Jan 2015 12:00:12 +0000 (13:00 +0100)]
Create bioLogger in OCSP module.
Change-Id: Iefcbaad56040df18e60bb09147d827de1ad14c38
Maciej J. Karpiuk [Fri, 2 Jan 2015 14:25:21 +0000 (15:25 +0100)]
DB re-factor: added VIEW joining all tables.
Restrictions applied on VIEW result.
Change-Id: I9b4b5962dd47327e39415db0de24896486534308
Maciej J. Karpiuk [Tue, 16 Dec 2014 15:29:31 +0000 (16:29 +0100)]
CAPI cleanup: control "owner" removal, set_permission replaces allow_access.
Change-Id: If56f8336d8782fffe5e4982ac5a86d7b59dc2682
Bartlomiej Grzelewski [Mon, 12 Jan 2015 13:22:17 +0000 (14:22 +0100)]
Version 0.1.12
Change-Id: Icd0a80393197637d3b839cb9bbc1bcd42ebb9424
yuseok.jeon [Tue, 6 Jan 2015 12:15:45 +0000 (21:15 +0900)]
fix for x509 cert chain verification (stric flag added when CC Mode enabled)
Change-Id: I679b1210d94c721343fc851c8a2b51ac9765635e
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
Bartlomiej Grzelewski [Wed, 17 Dec 2014 09:10:26 +0000 (10:10 +0100)]
Add transaction during password change.
Change-Id: Ic236a84959d339ddc19b2f3e8078766cd97545a7
kyungwook tak [Wed, 17 Dec 2014 07:17:45 +0000 (16:17 +0900)]
Fix macro definition which is not following grammar
Change-Id: Idf7268bd147fee00e30a3714114f4b65d5a9a0fa
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Bartlomiej Grzelewski [Mon, 15 Dec 2014 16:19:58 +0000 (17:19 +0100)]
Version 0.1.11
Change-Id: I77965c93ed03f27e16f35768ce93c985cd049945
Maciej J. Karpiuk [Fri, 14 Nov 2014 15:08:25 +0000 (16:08 +0100)]
Add PKCS12 support.
Change-Id: I389c56611fed80cf27bbbfa279b1c17e55572b14
Bartlomiej Grzelewski [Thu, 11 Dec 2014 14:38:08 +0000 (15:38 +0100)]
Prevent desynchronization in "battery remove test".
This commit force to save encrypted data as soon as possible.
There is still small time window then desynhronization may happen.
Desynchronization may occure if you take out battery exectly after the
data was saved by ckm and the confirmation was not send to
security-server yet.
Change-Id: Ib4d4f0299001d9c71b13acdcfa136298d942ab6c
Bartlomiej Grzelewski [Mon, 1 Dec 2014 16:12:26 +0000 (17:12 +0100)]
DBDataType refactoring.
Change-Id: I080034c971ae5d8f75747d2091fb34ca0a7c78fa
Maciej J. Karpiuk [Fri, 14 Nov 2014 10:15:15 +0000 (11:15 +0100)]
C++ API change: common method for removing Alias.
No need to deliver separate methods to remove keys, certs or data.
Item is unambiguosly identified by <name, label> pair.
Change-Id: Ice2c418d66fd4f4b776ac752d8d5c6a779ad3b5a
Maciej J. Karpiuk [Fri, 14 Nov 2014 09:09:45 +0000 (10:09 +0100)]
OpenSSL initialization is done by anyone who uses OpenSSL first.
This resolves issue when CKM::PKCS12::create() is called before client is initialized.
Client was initializing the OpenSSL so parsing PKCS12 was failing due to uninitialized OpenSSL.
Change-Id: I809af1f622ce7c0f4764172c2143773629c88b67
Krzysztof Jackiewicz [Tue, 2 Dec 2014 16:28:24 +0000 (17:28 +0100)]
Fix for duplicates in all alias list query
[Issue#] N/A
[Feature/Bug] N/A
[Problem] DBperfGetAliasList fails
[Cause] DB_CMD_NAME_SELECT_BY_TYPE_AND_PERMISSION query is incorrect. When
listing objects accessible by given label it will produce one result for every
owned object times the number of accessors allowed.
Example:
Label L1 is owner of object (L1 N1)
Labels L2 and L3 have read permission to (L1 N1)
Listing all aliases accessible by L1 will produce:
L1 N1 (access by L2)
L1 N1 (access by L3)
[Solution] Add GROUP BY clause clause to get rid of duplicated objects
[Verification] ckm-tests-internall succeeds
Change-Id: I63f0d576750038e0abc1d7d41921e05d87cadfe4
Maciej J. Karpiuk [Fri, 7 Nov 2014 14:38:45 +0000 (15:38 +0100)]
New DB layout: CKM_TABLE split into NAME_TABLE and OBJECT_TABLE.
Change-Id: I3a3666b2a928f45294adf97548bac09d54d133de
Bartlomiej Grzelewski [Mon, 1 Dec 2014 10:30:42 +0000 (11:30 +0100)]
Simplified code in ckm-logic.
Change-Id: I35d54422a88d075163509f2437d9c72d8e2a5006
Maciej J. Karpiuk [Fri, 28 Nov 2014 16:17:20 +0000 (17:17 +0100)]
Service denies attempt to add data using different label.
The same applies to attempt to modify another label's permissions.
Change-Id: Ib167de4b4ccb59271f2dcfdbf7ce049f3d3dc819
Bartlomiej Grzelewski [Mon, 1 Dec 2014 18:51:07 +0000 (19:51 +0100)]
Remove deprecated comments and logs.
This logs are no longer required to during ckm tests.
Change-Id: I74811ad7a14026bbb5fce09eeac421fac549019f
kyungwook tak [Mon, 1 Dec 2014 09:44:56 +0000 (18:44 +0900)]
Use AliasSupport in SaveData
Change-Id: I449e49aea2b52a9595d9e1ba8afcf47af3a7d69f
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Maciej J. Karpiuk [Thu, 6 Nov 2014 15:14:49 +0000 (16:14 +0100)]
DBCrypto access control re-factor: access control moved into additional layer.
Change-Id: I3ea1ce1a858b69c4a5a7365dffa1344b64aab0b6
kyungwook tak [Fri, 28 Nov 2014 01:32:25 +0000 (10:32 +0900)]
Add cmake flags to support ASLR
Change-Id: Ie074e69a71e14c40f79a83f982c970d6a15b303f
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Maciej J. Karpiuk [Tue, 18 Nov 2014 11:02:42 +0000 (12:02 +0100)]
Housekeeping: KLOC warnings removed.
Change-Id: I36a972fd2e9dbd7f4e5fc11647badaf0173a425d
kyungwook tak [Wed, 26 Nov 2014 06:15:28 +0000 (15:15 +0900)]
Bug fix for application DEK memory push
Change-Id: Ia874cac4e57312ed1be99e8ab66142d3f12d1ef0
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Maciej J. Karpiuk [Thu, 23 Oct 2014 08:00:29 +0000 (10:00 +0200)]
Minor re-factoring: boost::vector replaced with std::vector.
<vector> header cleanup.
Change-Id: I8408a4943f22e5fb18a08c40e9e0b5f9c938b34c
Krzysztof Jackiewicz [Mon, 3 Nov 2014 11:28:33 +0000 (12:28 +0100)]
Add journald logging and refactor log system
Add journald log provider. Simplify log system and log providers. Add support
for environment flags.
[Verification] Compile and run different build configurations with different
CKM_LOG_LEVEL and CKM_LOG_PROVIDER values. For client apps just export desired
log level/provider as CKM_LOG_LEVEL/PROVIDER env variable and run it. For ckm
service use:
'echo "CKM_LOG_LEVEL=X" > /etc/sysconfig/central-key-manager'
'echo "CKM_LOG_PROVIDER=X" >> /etc/sysconfig/central-key-manager'
and restart ckm service.
Supported CKM_LOG_LEVEL values: <0,5>
Supported CKM_LOG_PROVIDER values: {CONSOLE, DLOG, JOURNALD }
Observe logs.
1.Release build
-by default (CKM_LOG_LEVEL not set) only errors should be logged
-by default (CKM_LOG_PROVIDER not set) dlog is used
-logs can be disabled completely by setting CKM_LOG_LEVEL to 0
2.Debug build
-by default Debug and higher severity logs should be logged
-by default (CKM_LOG_PROVIDER not set) dlog is used
-log level can be adjusted to any level <0,5>
Change-Id: I496d12309360354399cf5011680f081ce42ee58f
Krzysztof Jackiewicz [Tue, 4 Nov 2014 16:26:40 +0000 (17:26 +0100)]
Secure logging removed
Change-Id: I926178d7ce975cc64c828585beb75b445fded065
kyungwook tak [Mon, 17 Nov 2014 08:58:46 +0000 (17:58 +0900)]
Determine MDPP Mode Disabled to CC mode On
Change-Id: Ibb97e38e60a4165a3d418dd4e89f06708bafdecb
Signed-off-by: kyungwook tak <k.tak@samsung.com>
kyungwook tak [Tue, 11 Nov 2014 07:11:46 +0000 (16:11 +0900)]
Modify key-manager-listener smack label & rule
* smack label of daemon should not be floor(_)
* smack label of listener is changed to key-manager-listener
* smack rules which are needed for using package-manager API is added
Change-Id: Ic7c8a0c32e6241b5ee9e11c6ed6a23725dcb44fa
Signed-off-by: kyungwook tak <k.tak@samsung.com>
kyungwook tak [Tue, 11 Nov 2014 06:38:04 +0000 (15:38 +0900)]
Remove daemonize codes in listener daemon
* remove meaningless daemonizing part of key-manager-listener
* listener daemon is managed by systemd
Change-Id: I0fc41d1a1d9449bbe1451272838d735a8728b1a3
Signed-off-by: kyungwook tak <k.tak@samsung.com>
VBS [Thu, 6 Nov 2014 04:44:59 +0000 (13:44 +0900)]
Remove duplicated error explanations
Change-Id: Ia7b43684e5bc0a70c21b5fe0c4366aeb141d7bf5
Signed-off-by: VBS <yuseok@samsung.com>
Bartlomiej Grzelewski [Wed, 5 Nov 2014 17:15:42 +0000 (18:15 +0100)]
Version 0.1.10
Change-Id: I246149610dbc892a8e36481af0b853e84cd214ee
Maciej J. Karpiuk [Wed, 5 Nov 2014 11:08:01 +0000 (12:08 +0100)]
Divide alias into name & label in getCertificateChain: code re-factor.
Change-Id: I373a87f9421dac3b5e43e8c835d99944676822b1
kyungwook tak [Tue, 4 Nov 2014 10:13:07 +0000 (19:13 +0900)]
Divide alias into name & label in getCertificateChain
Change-Id: Iacc02c6bd3b082779aa51c4cd296928c3f7f05d3
Signed-off-by: kyungwook tak <k.tak@samsung.com>
Bartlomiej Grzelewski [Mon, 3 Nov 2014 14:59:01 +0000 (15:59 +0100)]
Version 0.1.9
Change-Id: I9055033b9742536b25b8c1a48488a85e718cbedf
Krzysztof Jackiewicz [Mon, 3 Nov 2014 12:08:29 +0000 (13:08 +0100)]
Listener service dependency fixed
[Verification] Restart listener and see if journalctl complains about service
configuration
Change-Id: Ib7718ded2440677e2fc06ed732e9d7cbb8f38a95
Krzysztof Jackiewicz [Mon, 3 Nov 2014 09:20:33 +0000 (10:20 +0100)]
Lock file operations fixed in listener
Change-Id: If94b0167477306d1af4ea5c60a8b17d83fe13b39
Krzysztof Jackiewicz [Tue, 28 Oct 2014 11:33:51 +0000 (12:33 +0100)]
Add file lock to key-manager server
[Verification] Try to run 2 instances of key-manager. It should fail.
key-manager-listener should not start key-manager.
Change-Id: Ifa0d6244738b4a48b153e066d5b49fbd967a316a
Krzysztof Jackiewicz [Wed, 29 Oct 2014 09:48:22 +0000 (10:48 +0100)]
Helper functions for log/exception message concatenation
Change-Id: I0c7d1146009924f7765af5f3602b46e2e8c8a094
Bartlomiej Grzelewski [Mon, 3 Nov 2014 10:52:15 +0000 (11:52 +0100)]
Refactoring ServiceConnection.
* Remove private inheritence from SockRAII
* Rename Connect to prepareConnection and change logic.
Change-Id: I791e3ec2791c155a7da17a3e1d45218de8351b39
Bartlomiej Grzelewski [Mon, 3 Nov 2014 10:55:54 +0000 (11:55 +0100)]
Refactoring SockRAII
Change-Id: Ib264bb049ed52d644f2d5873dabcd7be532738a3
yuseok [Sun, 2 Nov 2014 06:58:03 +0000 (15:58 +0900)]
Remove doxygen warning
Change-Id: I4a7c90495e6d8653a77edebb4f5fdcea54684d16
Signed-off-by: yuseok <yuseok@samsung.com>
yuseok [Sun, 2 Nov 2014 05:51:30 +0000 (14:51 +0900)]
Modify the setting value of POLL_TIMEOUT
Change-Id: I6c9da2626c5b7af518bad6baba4e9c7c51adb192
Signed-off-by: yuseok <yuseok@samsung.com>
Maciej J. Karpiuk [Thu, 9 Oct 2014 14:11:24 +0000 (16:11 +0200)]
C++ API re-factored: establish and keep socket connection to the service.
C API still does create and destroy socket per each API call.
Change-Id: I99f90da5dca8e7ddc615b7d39d8a0a26055984d6
Maciej J. Karpiuk [Tue, 28 Oct 2014 14:43:17 +0000 (15:43 +0100)]
Split alias at server side into pair name and label.
Change-Id: I5cbe62ee49042449127218a95f82db9b59105a73
Krzysztof Jackiewicz [Mon, 27 Oct 2014 12:11:16 +0000 (13:11 +0100)]
CC mode logic updated
[Issue#] N/A
[Feature/Bug] N/A
[Problem] CC mode was not checked during key-manager startup. CC mode was passed
via API
[Cause] N/A
[Solution] CC mode checked during key-manager startup. CC mode is being read by
key-manager.
[Verification] Run ckm-tests --group=CKM_CC_MODE
Change-Id: I5b861c53301893773559eca10722604fa24bd6ec
Bartlomiej Grzelewski [Mon, 27 Oct 2014 13:13:07 +0000 (14:13 +0100)]
Fix build break on 64bit platforms.
systemd configuration files should be placed in /usr/lib regardless 32bit
or 64bit architectures.
Change-Id: I4baabff03ce8ba14c8c2cfc73ae8c98262345311
Dongsun Lee [Mon, 27 Oct 2014 00:33:31 +0000 (09:33 +0900)]
remove the description for alias. It will be added later
Change-Id: I52cfb00e528823716afc331dddd5578b1e46351e
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Bartlomiej Grzelewski [Fri, 24 Oct 2014 18:40:17 +0000 (20:40 +0200)]
Vesion 0.1.8
Change-Id: Id31b41f64a2746fda3dbb09371477ad08a7eca71
Bartlomiej Grzelewski [Fri, 24 Oct 2014 15:07:05 +0000 (00:07 +0900)]
Revert "Alias is not unique user-wide: (alias, label) pair is unique now."
This reverts commit
44333f4dcbcc9e295cde3a2846ffb70c0732b622.
Change-Id: I9aa9fde63082ce395cb54590f74d9e554d992139
Bartlomiej Grzelewski [Fri, 24 Oct 2014 09:58:44 +0000 (11:58 +0200)]
Fix spelling mistake in socket files.
Change-Id: I13279239a297a5da7b97b77a689d91860a684321
Maciej J. Karpiuk [Wed, 22 Oct 2014 10:23:00 +0000 (12:23 +0200)]
Alias is not unique user-wide: (alias, label) pair is unique now.
Client can address items using label::alias syntax.
Change-Id: Ib9429e652e8a73d2d6c62a4164d54229e85cf7d5
Maciej J. Karpiuk [Thu, 16 Oct 2014 14:09:05 +0000 (16:09 +0200)]
Add service-side key and certificate verification when saving.
Change-Id: I93b16a73a59d3b8af041715754836b5bc58dcde7
Maciej J. Karpiuk [Wed, 15 Oct 2014 14:24:28 +0000 (16:24 +0200)]
Valgrind warnings removed: all changes were false-positive issues.
Change-Id: I7ff0e4e6ab21ab570fddc9a63432a399c4ed402b
Bartlomiej Grzelewski [Tue, 21 Oct 2014 13:54:31 +0000 (15:54 +0200)]
Replace some functions with thread safe version.
Change-Id: I749eaea647c39d7b25125ed72feb5ee22ddc38dd
Bartlomiej Grzelewski [Mon, 20 Oct 2014 14:59:55 +0000 (16:59 +0200)]
Fix package description in spec files.
Change-Id: Icc6d20cccda0fe2a0f1c4491be4ba53790787f51
José Bollo [Wed, 17 Dec 2014 11:47:49 +0000 (12:47 +0100)]
Fix packaging issues and warnings
The packaging was broken in 64 bits. To correct,
the use of %_unitdir is introduced.
Also, the new compiling flags was pointing out that
some variables was potentially not initialized. It is
wrong but now variables are initialized and the compiler
is muted.
Change-Id: Ib44390b1c548d6ddfb9b17acaa10ee5bbb3fe7f9
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
Bartlomiej Grzelewski [Mon, 20 Oct 2014 11:35:46 +0000 (13:35 +0200)]
Version 0.1.7
Change-Id: I28581de9185615569121ccd330961df5a9fc5e4e
Dongsun Lee [Mon, 20 Oct 2014 07:23:49 +0000 (16:23 +0900)]
add the explanation of access control and alias format
Change-Id: I2b2ce697357589f9efdab0c064ff9aea0a2bd9f4
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Krzysztof Jackiewicz [Fri, 10 Oct 2014 10:25:15 +0000 (12:25 +0200)]
Implementation of remaining async API
Change-Id: I019f368b90ecab9ede5e4e652e4cf0b48fe83b6f
Krzysztof Jackiewicz [Fri, 10 Oct 2014 08:19:14 +0000 (10:19 +0200)]
Add generic serialization/deserialization methods
Change-Id: I981531932bb5cf40b5f1345da94fc25a538bb2c2
Krzysztof Jackiewicz [Mon, 22 Sep 2014 08:09:03 +0000 (10:09 +0200)]
Async API stubs
Change-Id: I3d91fa6506fdab315826312bf02253093b12f049
Krzysztof Jackiewicz [Tue, 16 Sep 2014 08:05:35 +0000 (10:05 +0200)]
Implement service communication
Add service class for communication with server services. Implement response
parser for single request.
Change-Id: Idf68c5abcb1e8270937b7b2f6f4e87fb6d696653
Krzysztof Jackiewicz [Tue, 16 Sep 2014 07:52:27 +0000 (09:52 +0200)]
Asynchronous API framework
Single API function implementation. Connection thread implementation. Request
structure added.
Change-Id: Ic823b8c1dcc713edda9273a5c5cbe7763182e150
Bartlomiej Grzelewski [Thu, 16 Oct 2014 13:20:41 +0000 (15:20 +0200)]
Fix build break on tizen.org platform.
Change-Id: I50022f54790b4036a045f95767ced1a3f1c07bf9
Bartlomiej Grzelewski [Wed, 15 Oct 2014 11:25:03 +0000 (13:25 +0200)]
Fix license identifier in spec file.
Change-Id: If13057bc7cd87690c1aab2e8df98ee58289a3027
Maciej J. Karpiuk [Tue, 7 Oct 2014 11:02:28 +0000 (13:02 +0200)]
Add DB performance analysis tests and performance improvements.
Change-Id: I5e3bd05e6390392dde2d9837d067de36da82d978
yuseok.jeon [Wed, 15 Oct 2014 10:43:59 +0000 (19:43 +0900)]
Add missing return value explanations in doxygen
Change-Id: I38df32f8d6bde71dba2b21d26f76751299d18578
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
Krzysztof Jackiewicz [Tue, 7 Oct 2014 11:23:58 +0000 (13:23 +0200)]
Update internal tests with new exception in KeyProvider
Change-Id: Ia8e7b962a8c89dd130af824436c9d8917aa7a360
Krzysztof Jackiewicz [Tue, 7 Oct 2014 11:05:20 +0000 (13:05 +0200)]
Workaround for memory garbage in SafeBuffer test
Operator delete of RawBuffer which is called after buffer memory is erased
(see erase_on_dealloc::deallocate) sometimes leaves garbage in the beginning of
that memory. Therefore the test will be marked as failing only if more than
1/10 of the data matches original. Also tests for std::vector control group
were added.
Change-Id: Ic1a0db5aa336eaca0825c945af5ccbc6fe88c13a
Krzysztof Jackiewicz [Tue, 16 Sep 2014 07:58:39 +0000 (09:58 +0200)]
Add exception wrapper for async API functions
Function will execute API function logic surruded with try catch block and call
supported error function if necessary.
Change-Id: I51295060edf531814b7498c1fd3ecf1156a94ec4
Krzysztof Jackiewicz [Tue, 16 Sep 2014 07:57:45 +0000 (09:57 +0200)]
Move SockRAII declaration to header file
Change-Id: I968d19db72eaa8677e212a88b5bbb5886163d307
Maciej J. Karpiuk [Tue, 7 Oct 2014 07:55:37 +0000 (09:55 +0200)]
Bugfix: fix problem with missing data (large data sets) in permission table.
Change-Id: Id7b5d816ec7705c43937ea7f446f2ab4d10a15d8
kyungwook tak [Tue, 7 Oct 2014 04:15:52 +0000 (13:15 +0900)]
Fix daemon starting time
Change-Id: I0f61b5f6f31ffdc5754b9b9257bf5847eac03b28
Signed-off-by: kyungwook tak <k.tak@samsung.com>
yuseok.jeon [Tue, 7 Oct 2014 07:37:39 +0000 (16:37 +0900)]
Modify the explanation of access control APIs in the doxygen document
Change-Id: I96a8b969ba6fd69a5140f140592f400dfe206ca2
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
yuseok.jeon [Tue, 7 Oct 2014 04:04:52 +0000 (13:04 +0900)]
Modify the code location of FIPS mode setting
Change-Id: I087bf3451e46427943e1a9f2a8ea37d6368e1631
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
Krzysztof Jackiewicz [Mon, 6 Oct 2014 05:59:15 +0000 (07:59 +0200)]
Version 0.1.6
Change-Id: I997ab0b9ff3977b76df5ef8abea54c8164b10cfd
kyungwook tak [Mon, 6 Oct 2014 01:57:14 +0000 (10:57 +0900)]
Fix build break on gcc4.8
Change-Id: Ia708b7ba1d6dd09782f825ec00c76cc7aef21f51
Signed-off-by: kyungwook tak <k.tak@samsung.com>
yuseok.jeon [Wed, 1 Oct 2014 07:05:28 +0000 (16:05 +0900)]
Add missing explanation of return value in doxygen
Change-Id: I1e9df6b6a69bb85ff0931cf808e9188f6eec8c5f
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
Krzysztof Jackiewicz [Fri, 3 Oct 2014 11:47:50 +0000 (13:47 +0200)]
Version 0.1.5
Change-Id: I8555b56e18581b31ca1256697a28c9553de16fc4
Maciej J. Karpiuk [Wed, 1 Oct 2014 14:27:21 +0000 (16:27 +0200)]
Alias list returns only aliases available to the calling label.
All CKM tests pass now.
Change-Id: I719d830cb5ea0e3cd1dda367a8c927a35095e225
Maciej J. Karpiuk [Wed, 1 Oct 2014 12:56:58 +0000 (14:56 +0200)]
Add access API to the control service.
Change-Id: I7145853938394f14997b6a4311b7476ab34f280d
Maciej J. Karpiuk [Tue, 30 Sep 2014 12:42:56 +0000 (14:42 +0200)]
Add access control code to the CKM.
Label that did not add the alias to the DB is not allowed to perform
operations on the alias. Work in progress.
Change-Id: I733448435e87251d856e9fdfd9194e798e8e3a99
Krzysztof Jackiewicz [Mon, 29 Sep 2014 12:42:33 +0000 (14:42 +0200)]
Add access control API stub
Change-Id: I16c26eff6f6d272d1a7a51cba48053d8ff7f35fa
Krzysztof Jackiewicz [Thu, 28 Aug 2014 08:25:49 +0000 (10:25 +0200)]
Internal tests for DescriptorSet class.
Change-Id: I6008283eab8eadaf1ad755db078a6f06380a735d
Krzysztof Jackiewicz [Fri, 22 Aug 2014 09:58:38 +0000 (11:58 +0200)]
Add poll() wrapper
Introduces Descriptor set class that is a wrapper for:
-waiting for descirptors using poll()
-adding/removing descriptors to/from pollfd
-callback invocation
Use tests from next commit for verification:
ckm-tests-internal -t DESCRIPTOR_SET_TEST
All should pass
Change-Id: I4b86e4407d899ace57ff872b0db37d045e3bb9af
yuseok.jeon [Wed, 1 Oct 2014 06:47:45 +0000 (15:47 +0900)]
Modify setting value of socket-timeout
* Small setting value of socket-timeout can make unintended socket disconnect according to target device performance
Change-Id: If61b9642f14613091f1fa4db05ecb420a2805869
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
yuseok.jeon [Fri, 26 Sep 2014 06:36:02 +0000 (15:36 +0900)]
Add additional functions related to CC mode
* to fix issue about providing optional password encryption only when cc mode is off in key-manager
* check cc mode by registering callback
* event callback is added in key-manager-listener daemon
Change-Id: I00e84225b3d06e2b2442ec405d02484c767304e5
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
Dongsun Lee [Fri, 26 Sep 2014 10:31:26 +0000 (19:31 +0900)]
add HASH_NONE and NO_PADDING algo for createSignature and verifySignature
Change-Id: I34c615ad23a32290d1bc8891290c019e0ba1630a
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Maciej J. Karpiuk [Wed, 24 Sep 2014 08:27:04 +0000 (10:27 +0200)]
Added DSA keys support.
Change-Id: I0c360eae90df1961e8de8a4e74f2a7c964494643
kyungwook tak [Tue, 30 Sep 2014 00:33:35 +0000 (09:33 +0900)]
Fix Prevent defect about array_null
Change-Id: I2cd69947605d3df14c36ced7048eeef0af1edb10
Signed-off-by: kyungwook tak <k.tak@samsung.com>
yuseok.jeon [Thu, 25 Sep 2014 09:12:33 +0000 (18:12 +0900)]
Add missing words in doxygen
Change-Id: Id4c09496b6986ecaecfaab6b10b6af2b79819b56
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
Dongsun Lee [Wed, 24 Sep 2014 02:33:54 +0000 (11:33 +0900)]
decreased iteration count into 1000 in PBKDF
Change-Id: Ibf8111712201b193b54bdc431c0d3c1ec37686a4
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Maciej J. Karpiuk [Tue, 23 Sep 2014 14:13:20 +0000 (16:13 +0200)]
Fixed ckm internal db_crypto test - tag is now mandatory.
Change-Id: I8e85f3f4511bb721decede8b3301b2d030dd75b2
yuseok.jeon [Thu, 18 Sep 2014 02:35:02 +0000 (11:35 +0900)]
Fix doxygen about unnecessary references of internal APIs
Change-Id: I0c4540d09d46eb1de23b9536fc047ed7745dbde3
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
Dongsun Lee [Wed, 17 Sep 2014 06:44:52 +0000 (15:44 +0900)]
change privilege level into non-privilege for ckmc-type.h
Change-Id: Iee4903a6dba468b2f302031df1676ff3626659df
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
yuseok.jeon [Wed, 17 Sep 2014 02:17:41 +0000 (11:17 +0900)]
Fix false return value about requesting non-existent data
Change-Id: Ibe70d375a6b9eab145c850f40068d0d1c833cfd6
Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>
Dongsun Lee [Fri, 12 Sep 2014 05:52:22 +0000 (14:52 +0900)]
Removing data of deleted application during lock state
Change-Id: Id465b2dfd2ed37d8b54b1c191da8785a4dbc42cb
Zofia Abramowska [Mon, 15 Sep 2014 13:30:25 +0000 (15:30 +0200)]
Clean up database during unlock operation.
Change-Id: I56c9357419515b01f7013a9db2ab03925d453464
projects / platform / core / security / key-manager.git / log