path: root/src/Step/SignatureStep.cpp

//
// Open Service Platform
// Copyright (c) 2012 Samsung Electronics Co., Ltd.
//
// Licensed under the Apache License, Version 2.0 (the License);
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
/**
 * @file	SignatureStep.cpp
 * @brief	This is the implementation file for %SignatureStep class.
 */

#include <FIoFile.h>
#include <FApp_PackageInfoImpl.h>
#include <FBase_StringConverter.h>

#include "InstallationContext.h"
#include "PrivilegeHandler.h"
#include "SignatureHandler.h"
#include "SignatureStep.h"

using namespace Tizen::App;
using namespace Tizen::Base;
using namespace Tizen::Base::Collection;
using namespace Tizen::Io;

SignatureStep::SignatureStep(void)
:__state(STATE_SIGNER_CERT)
,__pContext(null)
,__pSignatureManager(null)
{
}

SignatureStep::~SignatureStep(void)
{
	delete __pSignatureManager;
}

InstallerError
SignatureStep::Run(InstallationContext* pContext)
{
	InstallerError error = INSTALLER_ERROR_NONE;
	AppLogTag(OSP_INSTALLER, "------------------------------------------");
	AppLogTag(OSP_INSTALLER, " SignatureStep - START");
	AppLogTag(OSP_INSTALLER, "------------------------------------------");

	__pContext = pContext;

	if (__pContext->IsVerificationMode() == false)
	{
		AppLogTag(OSP_INSTALLER, "Signature file not found. path = [%ls]\n", __pContext->GetSignatureXmlPath().GetPointer());
		return INSTALLER_ERROR_NONE;
	}

	while (true)
	{
		switch (__state)
		{
		case STATE_SIGNER_CERT:
			AppLogTag(OSP_INSTALLER, "[STATE_SIGNER_CERT]");
			error = OnStateSignerCert();
			break;

		case STATE_CERT_CHAIN:
			AppLogTag(OSP_INSTALLER, "[STATE_CERT_CHAIN]");
			error = OnStateCertChain();
			break;

		case STATE_ROOT_CERT:
			AppLogTag(OSP_INSTALLER, "[STATE_ROOT_CERT]");
			error = OnStateRootCert();
			break;

		case STATE_DONE:
			AppLogTag(OSP_INSTALLER, "[STATE_DONE]");
			error = OnStateDone();
			break;

		default:
			break;
		}

		if (error != INSTALLER_ERROR_NONE)
		{
			AppLogTag(OSP_INSTALLER, "SignatureStep::Run - ErrorType [%d]\n", error);
			//fprintf(stderr, "SignatureStep::Run - ErrorType [%d]\n", error);
			break;
		}

		if (__state > STATE_DONE)
		{
			AppLogTag(OSP_INSTALLER, "------------------------------------------");
			AppLogTag(OSP_INSTALLER, " SignatureStep - END");
			AppLogTag(OSP_INSTALLER, "------------------------------------------");
			break;
		}
	}

	return error;
}

void
SignatureStep::GoNextState(void)
{
	__state++;
}

InstallerError
SignatureStep::OnStateSignerCert(void)
{
	InstallerError error = INSTALLER_ERROR_NONE;
	bool ret = true;

	__pSignatureManager = new SignatureManager();
	TryCatch(__pSignatureManager, error = INSTALLER_ERROR_MEMORY, "[osp-installer] __pSignatureManager is null.");

	ret = __pSignatureManager->Construct(__pContext);
	TryCatch(ret == true, error = INSTALLER_ERROR_INTERNAL_STATE, "[osp-installer] Construct() failed");

	ret = __pSignatureManager->SetSignature();
	TryCatch(ret == true, error = INSTALLER_ERROR_INVALID_SIGNATURE, "[osp-installer] SetSignature() failed");

CATCH:
	GoNextState();
	return error;
}

InstallerError
SignatureStep::OnStateCertChain(void)
{
	InstallerError error = INSTALLER_ERROR_NONE;
	bool ret = true;

	ret = __pSignatureManager->AddCert();
	TryCatch(ret == true, error = INSTALLER_ERROR_INVALID_SIGNATURE, "[osp-installer] AddCert(DEVELOPER_ROOT_CERTIFICATE) failed");

	ret = __pSignatureManager->VerifyChain();
	TryCatch(ret == true, error = INSTALLER_ERROR_INVALID_SIGNATURE, "[osp-installer] VerifyChain() failed");

CATCH:
	GoNextState();
	return error;
}

InstallerError
SignatureStep::OnStateRootCert(void)
{
	InstallerError error = INSTALLER_ERROR_NONE;
	result r = E_SUCCESS;
	String privileges;
	String hmacPrivileges;

	const ArrayList* pPrivilegeList = __pContext->GetPrivilegeList();
	RootCertificateType certType = __pContext->GetRootCertType();
	_PackageInfoImpl* pPackageInfoImpl = __pContext->GetPackageInfoImpl();
	String appId = pPackageInfoImpl->GetAppId();
	int apiVisibility = GetApiVisibility(certType);

	AppLogTag(OSP_INSTALLER, "AppId = [%ls], CertType = [%d], ApiVisibility = [%d]", appId.GetPointer(), certType, apiVisibility);

	r = PrivilegeHandler::GenerateCipherPrivilege(appId, *pPrivilegeList, apiVisibility, privileges, hmacPrivileges);
	if (IsFailed(r))
	{
		fprintf(stderr, "PrivilegeHandler::GenerateCipherPrivilege is failded. [%ls][%ls][%ls]\n", appId.GetPointer(), privileges.GetPointer(), hmacPrivileges.GetPointer());
	}
	TryCatch(!IsFailed(r), error = INSTALLER_ERROR_PRIVILEGE, "[osp-installer] privMgr.GeneratePrivilegeString() failed");

	pPackageInfoImpl->SetPrivilegesValue(privileges, hmacPrivileges);
	pPackageInfoImpl->SetCertType(apiVisibility);

CATCH:
	GoNextState();
	return error;
}

InstallerError
SignatureStep::OnStateDone(void)
{
	InstallerError error = INSTALLER_ERROR_NONE;

	GoNextState();
	return error;
}

int
SignatureStep::GetApiVisibility(RootCertificateType certType)
{
	int apiVisibility = _API_VISIBILITY_NONE;

	if (certType == ROOT_CERTIFICATE_PUBLIC)
	{
		apiVisibility = _API_VISIBILITY_PUBLIC;
	}
	else if (certType == ROOT_CERTIFICATE_PARTNER)
	{
		apiVisibility = _API_VISIBILITY_PARTNER;
	}
	else if (certType == ROOT_CERTIFICATE_PARTNER_OPERATOR)
	{
		apiVisibility = _API_VISIBILITY_PARTNER_OPERATOR;
	}
	else if (certType == ROOT_CERTIFICATE_PARTNER_MANUFACTURER)
	{
		apiVisibility = _API_VISIBILITY_PARTNER_MANUFACTURER;
	}
	else if (certType == ROOT_CERTIFICATE_PRIVATE)
	{
		apiVisibility = _API_VISIBILITY_PRIVATE;
	}

	return apiVisibility;
}