SignatureManager::ValidateUpdate()
{
TryReturn(__pContext, false, "__pContext is null.");
- TryReturn(__pContext->__isUpdated, false, "It's not update.");
if (InstallerUtil::IsAuthorSignatureVerificationEnabled() == false)
{
}
bool
-SignatureManager::ValidatePartialReferences()
+SignatureManager::ValidatePartialReferences(const String& path, IList* pAddedList, IList* pModifiedList)
{
+ TryReturn(__pContext, false, "__pContext is null.");
+ TryReturn(path.IsEmpty() == false, false, "rootPath is empty.");
+
AppLog("ValidatePartialReferences start >>");
- bool res = true;
- std::unique_ptr<char[]> pSignaturePath(_StringConverter::CopyToCharArrayN(__pContext->GetSignatureXmlPath()));
- TryReturn(pSignaturePath, false, "pSignaturePath is null.");
+ std::unique_ptr<char[]> pPath(_StringConverter::CopyToCharArrayN(path));
+ TryReturn(pPath, false, "pPath is null.");
- std::unique_ptr<char[]> pAuthorSignaturePath(_StringConverter::CopyToCharArrayN(__pContext->GetAuthorSignatureXmlPath()));
- TryReturn(pAuthorSignaturePath, false, "pAuthorSignaturePath is null.");
+ std::string rootPath = pPath.get();
+ rootPath += "/";
+ AppLog("rootPath = [%s]", rootPath.c_str());
- std::unique_ptr<SignatureHandler> pDistributorSignature(new (std::nothrow) SignatureHandler());
- TryReturn(pDistributorSignature, false, "pDistributorSignature is null.");
+ bool res = ValidationCore::VCoreInit(
+ std::string("/usr/share/wrt-engine/fingerprint_list.xml"),
+ std::string("/usr/share/wrt-engine/fingerprint_list.xsd"),
+ std::string("/opt/dbspace/.cert_svc_vcore.db"));
+ TryReturn(res, false, "ValidationCore::VCoreInit() failed.");
- res = pDistributorSignature->Construct(__pContext);
- TryReturn(res == true, false, "pDistributorSignature->Construct() is failed.");
+ ValidationCore::SignatureFinder::Result findRes = ValidationCore::SignatureFinder::NO_ERROR;
+ ValidationCore::SignatureFinder signatureFinder(rootPath);
+ ValidationCore::SignatureFileInfoSet signatureFiles;
- res = pDistributorSignature->Parse(pSignaturePath.get());
- TryReturn(res == true, false, "pDistributorSignature->Parse() is failed.");
+ findRes = signatureFinder.find(signatureFiles);
+ TryReturn(findRes == ValidationCore::SignatureFinder::NO_ERROR , false, "signatureFinder.find() failed, findRes = [%d]", (int)findRes);
- HashMap* pDistributorRefMap = pDistributorSignature->GetReferenceMap();
- TryReturn(pDistributorRefMap, false, "pDistributorRefMap is null.");
+ ValidationCore::SignatureFileInfoSet::reverse_iterator iter = signatureFiles.rbegin();
+ for (; iter != signatureFiles.rend(); ++iter)
+ {
+ int sigFileNumber = iter->getFileNumber();
+ AppLog("SignatureFiles: file = [%s]", iter->getFileName().c_str());
+ AppLog("SignatureFiles: number = [%d]", sigFileNumber);
- std::unique_ptr<SignatureHandler> pAuthorSignature(new (std::nothrow) SignatureHandler());
- TryReturn(pAuthorSignature, false, "pAuthorSignature is null.");
+ if (sigFileNumber > SIGNATURE_FILE_NUMBER_DISTRIBUTOR2)
+ {
+ AppLog("SignatureFiles: skip!");
+ continue;
+ }
- res = pAuthorSignature->Construct(__pContext);
- TryReturn(res == true, false, "pAuthorSignature.Construct() is failed.");
+ ValidationCore::SignatureData data(rootPath + iter->getFileName(), iter->getFileNumber());
- res = pAuthorSignature->Parse(pAuthorSignaturePath.get());
- TryReturn(res == true, false, "pAuthorSignature->Parse() is failed.");
+ try
+ {
+ ValidationCore::SignatureReader xml;
+ xml.initialize(data, "/usr/share/wrt-engine/schema.xsd");
+ xml.read(data);
- HashMap* pAuthorRefMap = pAuthorSignature->GetReferenceMap();
- TryReturn(pAuthorRefMap, false, "pAuthorRefMap is null.");
+ ValidationCore::CertificateList certList = data.getCertList();
+ ValidationCore::CertificateList::iterator it = certList.begin();
+ ValidationCore::CertificateList::iterator it_end = certList.end();
+ for (; it != it_end; it++)
+ {
+ std::string value = (*it)->getBase64();
+
+ if (data.isAuthorSignature() == true)
+ {
+ __pContext->__pAuthorCertList->Add(new String(value.c_str()));
+ AppLog("Author cert value = [%s]", value.c_str());
+ }
+ else
+ {
+ if (sigFileNumber == SIGNATURE_FILE_NUMBER_DISTRIBUTOR)
+ {
+ __pContext->__pDistributorCertList->Add(new String(value.c_str()));
+ AppLog("Default distributor cert value = [%s]", value.c_str());
+ }
+ }
+ }
+
+ ValidationCore::SignatureValidator::Result valRes = ValidationCore::SignatureValidator::SIGNATURE_VALID;
+ ValidationCore::SignatureValidator::AppType appType = ValidationCore::SignatureValidator::TIZEN;
+ ValidationCore::SignatureValidator validator(appType, false, false, false);
+
+ std::list<std::string> uriList;
+ if (pAddedList)
+ {
+ for (int idx = 0; idx < pAddedList->GetCount(); idx++)
+ {
+ String* pFilePath = static_cast< String* >(pAddedList->GetAt(idx));
+ TryReturn(pFilePath, false, "pFilePath is null.");
+
+ std::unique_ptr<char[]> pPath(_StringConverter::CopyToCharArrayN(*pFilePath));
+ TryReturn(pPath, false, "pPath is null.");
+
+ uriList.push_back(pPath.get());
+ AppLog("added = [%s]", pPath.get());
+ }
+ }
+ if (pModifiedList)
+ {
+ for (int idx = 0; idx < pModifiedList->GetCount(); idx++)
+ {
+ String* pFilePath = static_cast< String* >(pModifiedList->GetAt(idx));
+ TryReturn(pFilePath, false, "pFilePath is null.");
+
+ std::unique_ptr<char[]> pPath(_StringConverter::CopyToCharArrayN(*pFilePath));
+ TryReturn(pPath, false, "pPath is null.");
+
+ if ((strcasecmp(pPath.get(), "author-signature.xml") != 0) &&
+ (strcasecmp(pPath.get(), "signature1.xml") != 0))
+ {
+ uriList.push_back(pPath.get());
+ AppLog("modified = [%s]", pPath.get());
+ }
+ }
+ }
+ TryReturn(uriList.size() != 0, false, "uriList.size is 0.");
+ AppLog("uriList.size = [%d]", uriList.size());
+
+ valRes = validator.checkList(data, rootPath, uriList);
+ TryReturn(valRes == ValidationCore::SignatureValidator::SIGNATURE_VERIFIED, false, "validator.checkList() is failed, valRes=[%d]", (int)valRes);
+ AppLog("Signature validator.checkList() success, file = [%s], number = [%d]", iter->getFileName().c_str(), iter->getFileNumber());
+ }
+ catch (ValidationCore::ParserSchemaException::Base)
+ {
+ if (sigFileNumber == SIGNATURE_FILE_NUMBER_DISTRIBUTOR2)
+ {
+ AppLog("ValidationCore::ParserSchemaException::Base occurred, but it's ok for DISTRIBUTOR2.");
+ continue;
+ }
+ TryReturn(0, false, "ParserSchemaException::Base exception occurred.");
+ }
+ catch (DPL::Exception)
+ {
+ if (sigFileNumber == SIGNATURE_FILE_NUMBER_DISTRIBUTOR2)
+ {
+ AppLog("DPL::Exception occurred, but it's ok for DISTRIBUTOR2.");
+ continue;
+ }
+ TryReturn(0, false, "DPL::Exception exception occurred.");
+ }
+ }
+
+ AppLog("ValidateSignatures done successfully <<");
- res = CompareReferences(pDistributorRefMap, pAuthorRefMap);
- TryReturn(res == true, false, "CompareReferences() is failed.");
+ res = ValidateUpdate();
+ TryReturn(res, false, "ValidateUpdate() is failed.");
return true;
}
#include <unique_ptr.h>
-#include <FIoFile.h>
+#include <FAppTypes.h>
#include <FAppPkgPackageInfo.h>
#include <FAppPkg_PackageInfoImpl.h>
+#include <FIoFile.h>
#include "InstallationContext.h"
#include "RdsStep.h"
#include "PermissionManager.h"
-#include "FAppTypes.h"
+#include "SignatureManager.h"
+
-using namespace Tizen::Base;
-using namespace Tizen::Base::Collection;
using namespace Tizen::App;
using namespace Tizen::App::Package;
+using namespace Tizen::Base;
+using namespace Tizen::Base::Collection;
using namespace Tizen::Io;
RdsStep::RdsStep(void)
bool res = false;
std::unique_ptr<ArrayList> pDeletedList(new (std::nothrow) ArrayList());
- TryReturn(pDeletedList, INSTALLER_ERROR_OUT_OF_MEMORY, "pDeletedList is null");
+ TryReturn(pDeletedList, INSTALLER_ERROR_OUT_OF_MEMORY, "pDeletedList is null.");
std::unique_ptr<ArrayList> pAddedList(new (std::nothrow) ArrayList());
- TryReturn(pAddedList, INSTALLER_ERROR_OUT_OF_MEMORY, "pAddedList is null");
+ TryReturn(pAddedList, INSTALLER_ERROR_OUT_OF_MEMORY, "pAddedList is null.");
std::unique_ptr<ArrayList> pModifiedList(new (std::nothrow) ArrayList());
- TryReturn(pModifiedList, INSTALLER_ERROR_OUT_OF_MEMORY, "pModifiedList is null");
+ TryReturn(pModifiedList, INSTALLER_ERROR_OUT_OF_MEMORY, "pModifiedList is null.");
PackageId packageId = __pContext->__packageId;
res = InstallerUtil::GetRdsList(packageId, pDeletedList.get(), pAddedList.get(), pModifiedList.get());
- TryReturn(res, INSTALLER_ERROR_INTERNAL_STATE, "GetRdsList() failed");
+ TryReturn(res, INSTALLER_ERROR_INTERNAL_STATE, "GetRdsList() failed.");
+
+ String tempRootPath = DIR_APPLICATIONS_TMP;
+ tempRootPath += L"/" + packageId;
+
+ SignatureManager sigManager;
+ sigManager.Construct(__pContext);
+ res = sigManager.ValidatePartialReferences(tempRootPath, pAddedList.get(), pModifiedList.get());
+ TryReturn(res, INSTALLER_ERROR_SIGNATURE_VERIFICATION_FAILED, "ValidatePartialReferences() failed.");
std::unique_ptr< PackageInfo > pPackageInfo(_PackageManagerImpl::GetInstance()->GetPackageInfoN(packageId));
TryReturn(pPackageInfo, INSTALLER_ERROR_INTERNAL_STATE, "GetPackageInfoN() failed.");
_PackageInfoImpl* pPackageInfoImpl = _PackageInfoImpl::GetInstance(pPackageInfo.get());
- TryReturn(pPackageInfoImpl, INSTALLER_ERROR_INTERNAL_STATE, "GetInstance() failed");
+ TryReturn(pPackageInfoImpl, INSTALLER_ERROR_INTERNAL_STATE, "GetInstance() failed.");
String rootPath = pPackageInfoImpl->GetAppRootPath();
__pContext->__rootPath = rootPath;
PermissionManager permissionMgr;
res = permissionMgr.CopyForRds(__pContext, pAddedList.get(), __isInstallRequired);
- TryReturn(res, INSTALLER_ERROR_INTERNAL_STATE, "permissionMgr.CopyForRds(pAddedList) failed");
+ TryReturn(res, INSTALLER_ERROR_INTERNAL_STATE, "permissionMgr.CopyForRds(pAddedList) failed.");
res = permissionMgr.CopyForRds(__pContext, pModifiedList.get(), __isInstallRequired);
- TryReturn(res, INSTALLER_ERROR_INTERNAL_STATE, "permissionMgr.CopyForRds(pModifiedList) failed");
+ TryReturn(res, INSTALLER_ERROR_INTERNAL_STATE, "permissionMgr.CopyForRds(pModifiedList) failed.");
permissionMgr.ApplyPermissionForRds(__pContext);