diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2017-02-02 19:48:55 +0900 |
---|---|---|
committer | sangwan.kwon <sangwan.kwon@samsung.com> | 2017-02-06 15:34:06 +0900 |
commit | b4bb119b5e7f37f816cafaf7749d3c9eb79613b7 (patch) | |
tree | 28fdfce3a3887018e65a7b39ca910f91cc716bd2 | |
parent | a66e1e827320d62d448a3f0d2b81e8521cbea76f (diff) | |
download | cert-svc-b4bb119b5e7f37f816cafaf7749d3c9eb79613b7.tar.gz cert-svc-b4bb119b5e7f37f816cafaf7749d3c9eb79613b7.tar.bz2 cert-svc-b4bb119b5e7f37f816cafaf7749d3c9eb79613b7.zip |
Add examples about SignatureValidator
* signature-validator-until-3.0
* signature-validator-since-4.0
Change-Id: Ib721ba32bb8c9e155b42479ce772743346510fef
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r-- | CMakeLists.txt | 1 | ||||
-rw-r--r-- | examples/CMakeLists.txt | 41 | ||||
-rw-r--r-- | examples/resource/player/author-signature.xml | 82 | ||||
-rwxr-xr-x | examples/resource/player/bin/player | bin | 0 -> 51456 bytes | |||
-rwxr-xr-x | examples/resource/player/res/sample.3gp | bin | 0 -> 6829786 bytes | |||
-rwxr-xr-x | examples/resource/player/res/test0.3gp | bin | 0 -> 28561 bytes | |||
-rwxr-xr-x | examples/resource/player/res/test1.wav | bin | 0 -> 57854 bytes | |||
-rwxr-xr-x | examples/resource/player/res/test2.wav | bin | 0 -> 32664 bytes | |||
-rwxr-xr-x | examples/resource/player/shared/res/player.png | bin | 0 -> 57662 bytes | |||
-rw-r--r-- | examples/resource/player/signature1.xml | 84 | ||||
-rwxr-xr-x | examples/resource/player/tizen-manifest.xml | 8 | ||||
-rw-r--r-- | examples/signature-validator-since-4.0.cpp | 99 | ||||
-rw-r--r-- | examples/signature-validator-until-3.0.cpp | 102 | ||||
-rw-r--r-- | packaging/cert-svc.spec | 7 |
14 files changed, 424 insertions, 0 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index ee61fbb..f9de2ad 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -60,6 +60,7 @@ ADD_SUBDIRECTORY(etc) IF (DEFINED CERTSVC_TEST_BUILD) ADD_DEFINITIONS("-DTESTAPP_RES_DIR=\"${CERT_SVC_TESTS}/\"") ADD_SUBDIRECTORY(tests) +ADD_SUBDIRECTORY(examples) ENDIF (DEFINED CERTSVC_TEST_BUILD) CONFIGURE_FILE(packaging/cert-svc.manifest.in cert-svc.manifest @ONLY) diff --git a/examples/CMakeLists.txt b/examples/CMakeLists.txt new file mode 100644 index 0000000..13a67cb --- /dev/null +++ b/examples/CMakeLists.txt @@ -0,0 +1,41 @@ +# +# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License +# + +ADD_DEFINITIONS("-DCERT_SVC_EXAMPLES=\"${CERT_SVC_EXAMPLES}\"") + +INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src) + +FUNCTION(BUILD_EXAMPLE EXAMPLE_NAME SOURCE_FILE) + ADD_EXECUTABLE(${EXAMPLE_NAME} ${CMAKE_CURRENT_SOURCE_DIR}/${SOURCE_FILE}) + TARGET_LINK_LIBRARIES(${EXAMPLE_NAME} ${TARGET_VCORE_LIB}) + INSTALL(TARGETS ${EXAMPLE_NAME} + DESTINATION ${BIN_DIR} + PERMISSIONS OWNER_READ + OWNER_WRITE + OWNER_EXECUTE + GROUP_READ + GROUP_EXECUTE + WORLD_READ + WORLD_EXECUTE) + INSTALL(FILES ${CMAKE_CURRENT_SOURCE_DIR}/${SOURCE_FILE} + DESTINATION ${CERT_SVC_EXAMPLES}) +ENDFUNCTION(BUILD_EXAMPLE) + +BUILD_EXAMPLE("cert-svc-example-vcore-until-3.0" signature-validator-until-3.0.cpp) +BUILD_EXAMPLE("cert-svc-example-vcore-since-4.0" signature-validator-since-4.0.cpp) + +INSTALL(DIRECTORY resource + DESTINATION ${CERT_SVC_EXAMPLES}) diff --git a/examples/resource/player/author-signature.xml b/examples/resource/player/author-signature.xml new file mode 100644 index 0000000..a36b3de --- /dev/null +++ b/examples/resource/player/author-signature.xml @@ -0,0 +1,82 @@ +<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="AuthorSignature"> +<SignedInfo> +<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod> +<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></SignatureMethod> +<Reference URI="bin%2Fplayer"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>4iIofyuIao2qwVNIuhUCpugxEr7Rxmjnj2r0SrGx0+s=</DigestValue> +</Reference> +<Reference URI="res%2Fsample.3gp"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>WMfan++QSvRVetnCQ1b2n0l7/SoR/5oJeJ+4bFAW3tY=</DigestValue> +</Reference> +<Reference URI="res%2Ftest0.3gp"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>XFDMdIG8gkJhmZ+gG8Tkfl+dOnjxSYJtmUC+Gyr5xgM=</DigestValue> +</Reference> +<Reference URI="res%2Ftest1.wav"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>lhUM4r77NnuRbxpA4j9B2nqxA3A7BAxFoLJC2ij1kMw=</DigestValue> +</Reference> +<Reference URI="res%2Ftest2.wav"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>v2+TQF3YD9JZmgCX8ow7Wn/avjr2o/vSKglhM3weZBU=</DigestValue> +</Reference> +<Reference URI="shared%2Fres%2Fplayer.png"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>1d0oEZHqPn+QzNzGIHwj9ODby6x9ggFs9uOsav6jPNs=</DigestValue> +</Reference> +<Reference URI="tizen-manifest.xml"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>V+kS3pGWRSUjCG1YRNghKWNpPOJOw/VQ1j8OKaO5nmg=</DigestValue> +</Reference> +<Reference URI="#prop"> +<Transforms> +<Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"></Transform> +</Transforms> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>lpo8tUDs054eLlBQXiDPVDVKfw30ZZdtkRs1jd7H5K8=</DigestValue> +</Reference> +</SignedInfo> +<SignatureValue> +pUNlYyBuHgMsic5q+VDIvpEfw5vJ90GIOwa+N6FlHc8pbYSzmOXimqrDSWslesj2X65xDB+OEB0X +QUYrRL3surBjr/8p+/5fNsxqK5VIRBbry9SEhs6mU9sqTwOJcA7ZtW0XyPD1Eee60g90mDvHniVI +oRGvUISF0TtUX7M8d3w= +</SignatureValue> +<KeyInfo> +<X509Data> +<X509Certificate> +MIIClTCCAX2gAwIBAgIGAVODJIU1MA0GCSqGSIb3DQEBBQUAMFYxGjAYBgNVBAoMEVRpemVuIEFz +c29jaWF0aW9uMRowGAYDVQQLDBFUaXplbiBBc3NvY2lhdGlvbjEcMBoGA1UEAwwTVGl6ZW4gRGV2 +ZWxvcGVycyBDQTAeFw0xMjExMDEwMDAwMDBaFw0xOTAxMDEwMDAwMDBaMBExDzANBgNVBAMMBmF1 +dGhvcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqFd1i8Gps0Kb6WIAzCHSB1vbfjVbigOd +kmOx/ESTS4XHPgA8LfqzjATrsASnCovZjxOkqlBEqENnwHirBAAKFGAfjiJWMrNtpBzpvGWYYe5W +qqct0AxL8XjmMR2IQo0XjeTMT1MwLf7VsjINYeSiKr0YXDIQvjiHM4zxllfml08CAwEAAaMyMDAw +DAYDVR0TAQH/BAIwADALBgNVHQ8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwDQYJKoZIhvcN +AQEFBQADggEBAG1lTFDWrlOobNHe1ZYXGFFfe0z6QHXXjdQcrbooZGgKYGLxuXrRFXkv101RNSu1 +XwCUhOsYVbHzDGHi/VngrbzYrFVPfNaF4HhfDHSKf+Fh0j0Hyyrkbx7jGzKKfykyUxb9ucHOgAp4 +MIM2RLIX2qqg/D/EHPZQjL4zEj8Ltya64CpiP56HvGZTjAz7W9dj1q+SuMWPiUrbNFjlibUTrlch +sAg/dLdn9DE7vsb9evSkTXHBUh8F3l1f+Ejz8Rc8SQu3Vd3VMBPzwG97SLWWCGCSPCcMRl81jgv+ +knt+MQX2bqF9X5tmFva1zGER1YMhpP74xFW9/ge80Ys6PNpLOng= +</X509Certificate> +<X509Certificate> +MIIDOTCCAiGgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMRowGAYDVQQKDBFUaXplbiBBc3NvY2lh +dGlvbjEaMBgGA1UECwwRVGl6ZW4gQXNzb2NpYXRpb24xHjAcBgNVBAMMFVRpemVuIERldmVsb3Bl +cnMgUm9vdDAeFw0xMjAxMDEwMDAwMDBaFw0yNzAxMDEwMDAwMDBaMFYxGjAYBgNVBAoMEVRpemVu +IEFzc29jaWF0aW9uMRowGAYDVQQLDBFUaXplbiBBc3NvY2lhdGlvbjEcMBoGA1UEAwwTVGl6ZW4g +RGV2ZWxvcGVycyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANVGhRGmMIUyBA7o +PCz8Sxut6z6HNkF4oDIuzuKaMzRYPeWodwe9O0gmqAkToQHfwg2giRhE5GoPld0fq+OYMMwSasCu +g8dwODx1eDeSYVuOLWRxpAmbTXOsSFi6VoWeyaPEm18JBHvZBsU5YQtgZ6Kp7MqzvQg3pXOxtajj +vyHxiatJl+xXrHgcXC1wgyG3buty7u/Fi2mvKXJ0PRJcCjjK81dqe/Vr20sRUCrbk02zbm5ggFt/ +jIEhV8wbFRQpliobc7J4dSTKhFfrqGM8rdd54LYhD7gSI1CFSe16pUXfcVR7FhJztRaiGLnCrwBE +dyTZ248+D4L/qR/D0axb3jcCAwEAAaMQMA4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC +AQEAnOXXQ/1O/QTDHyrmQDtFziqPY3xWlJBqJtEqXiT7Y+Ljpe66e+Ee/OjQMlZe8gu21/8cKklH +95RxjopMWCVedXDUbWdvS2+CdyvVW/quT2E0tjqIzXDekUTYwwhlPWlGxvfj3VsxqSFq3p8Brl04 +1Gx5RKAGyKVsMfTLhbbwSWwApuBUxYfcNpKwLWGPXkysu+HctY03OKv4/xKBnVWiN8ex/Sgesi0M ++OBAOMdZMPK32uJBTeKFx1xZgTLIhk45V0hPOomPjZloiv0LSS11eyd451ufjW0iHRE7WlpR6EvI +W6TFyZgMpQq+kg4hWl2SBTf3s2VI8Ygz7gj8TMlClg== +</X509Certificate> +</X509Data> +</KeyInfo> +<Object Id="prop"><SignatureProperties xmlns:dsp="http://www.w3.org/2009/xmldsig-properties"><SignatureProperty Id="profile" Target="#AuthorSignature"><dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile"></dsp:Profile></SignatureProperty><SignatureProperty Id="role" Target="#AuthorSignature"><dsp:Role URI="http://www.w3.org/ns/widgets-digsig#role-author"></dsp:Role></SignatureProperty><SignatureProperty Id="identifier" Target="#AuthorSignature"><dsp:Identifier></dsp:Identifier></SignatureProperty></SignatureProperties></Object> +</Signature>
\ No newline at end of file diff --git a/examples/resource/player/bin/player b/examples/resource/player/bin/player Binary files differnew file mode 100755 index 0000000..4489d02 --- /dev/null +++ b/examples/resource/player/bin/player diff --git a/examples/resource/player/res/sample.3gp b/examples/resource/player/res/sample.3gp Binary files differnew file mode 100755 index 0000000..d2f415d --- /dev/null +++ b/examples/resource/player/res/sample.3gp diff --git a/examples/resource/player/res/test0.3gp b/examples/resource/player/res/test0.3gp Binary files differnew file mode 100755 index 0000000..4a3d8ea --- /dev/null +++ b/examples/resource/player/res/test0.3gp diff --git a/examples/resource/player/res/test1.wav b/examples/resource/player/res/test1.wav Binary files differnew file mode 100755 index 0000000..b5cabca --- /dev/null +++ b/examples/resource/player/res/test1.wav diff --git a/examples/resource/player/res/test2.wav b/examples/resource/player/res/test2.wav Binary files differnew file mode 100755 index 0000000..7265cbd --- /dev/null +++ b/examples/resource/player/res/test2.wav diff --git a/examples/resource/player/shared/res/player.png b/examples/resource/player/shared/res/player.png Binary files differnew file mode 100755 index 0000000..9765b1b --- /dev/null +++ b/examples/resource/player/shared/res/player.png diff --git a/examples/resource/player/signature1.xml b/examples/resource/player/signature1.xml new file mode 100644 index 0000000..0d9e3e6 --- /dev/null +++ b/examples/resource/player/signature1.xml @@ -0,0 +1,84 @@ +<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="DistributorSignature"> +<SignedInfo> +<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod> +<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></SignatureMethod> +<Reference URI="author-signature.xml"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>VVWnsf5bsID6FccZpe7Cl01iEP9wjil/rLWciQFBdx4=</DigestValue> +</Reference> +<Reference URI="bin%2Fplayer"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>4iIofyuIao2qwVNIuhUCpugxEr7Rxmjnj2r0SrGx0+s=</DigestValue> +</Reference> +<Reference URI="res%2Fsample.3gp"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>WMfan++QSvRVetnCQ1b2n0l7/SoR/5oJeJ+4bFAW3tY=</DigestValue> +</Reference> +<Reference URI="res%2Ftest0.3gp"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>XFDMdIG8gkJhmZ+gG8Tkfl+dOnjxSYJtmUC+Gyr5xgM=</DigestValue> +</Reference> +<Reference URI="res%2Ftest1.wav"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>lhUM4r77NnuRbxpA4j9B2nqxA3A7BAxFoLJC2ij1kMw=</DigestValue> +</Reference> +<Reference URI="res%2Ftest2.wav"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>v2+TQF3YD9JZmgCX8ow7Wn/avjr2o/vSKglhM3weZBU=</DigestValue> +</Reference> +<Reference URI="shared%2Fres%2Fplayer.png"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>1d0oEZHqPn+QzNzGIHwj9ODby6x9ggFs9uOsav6jPNs=</DigestValue> +</Reference> +<Reference URI="tizen-manifest.xml"> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>V+kS3pGWRSUjCG1YRNghKWNpPOJOw/VQ1j8OKaO5nmg=</DigestValue> +</Reference> +<Reference URI="#prop"> +<Transforms> +<Transform Algorithm="http://www.w3.org/2006/12/xml-c14n11"></Transform> +</Transforms> +<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod> +<DigestValue>u/jU3U4Zm5ihTMSjKGlGYbWzDfRkGphPPHx3gJIYEJ4=</DigestValue> +</Reference> +</SignedInfo> +<SignatureValue> +JoX9l1p6JEzziIU1oMvassakfgPr09hxR8umNmEt+E5IRN45C/ogLkQoo6t2pL7je3pW/AJtdJrX +PkI8jOD8vYqh8TDZf59mwl1E9+C6y6KRx8PI/iyQNIcAUnkex1GPqjk76cUkUKPGmrrDxEV/7bMh +mhsjvErXxvFcV+u43c4= +</SignatureValue> +<KeyInfo> +<X509Data> +<X509Certificate> +MIICmzCCAgQCCQDXI7WLdVZwiTANBgkqhkiG9w0BAQUFADCBjzELMAkGA1UEBhMCS1IxDjAMBgNV +BAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6ZW4gVGVzdCBDQTEiMCAGA1UE +CwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwbVGl6ZW4gUHVibGljIERpc3Ry +aWJ1dG9yIENBMB4XDTEyMTAyOTEzMDMwNFoXDTIyMTAyNzEzMDMwNFowgZMxCzAJBgNVBAYTAktS +MQ4wDAYDVQQIDAVTdXdvbjEOMAwGA1UEBwwFU3V3b24xFjAUBgNVBAoMDVRpemVuIFRlc3QgQ0Ex +IjAgBgNVBAsMGVRpemVuIERpc3RyaWJ1dG9yIFRlc3QgQ0ExKDAmBgNVBAMMH1RpemVuIFB1Ymxp +YyBEaXN0cmlidXRvciBTaWduZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtMvlc5hENK +90ZdA+y66+Sy0enD1gpZDBh5T9RP0oRsptJv5jjNTseQbQi0SZOdOXb6J7iQdlBCtR343RpIEz8H +mrBy7mSY7mgwoU4EPpp4CTSUeAuKcmvrNOngTp5Hv7Ngf02TTHOLK3hZLpGayaDviyNZB5PdqQdB +hokKjzAzAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAvGp1gxxAIlFfhJH1efjb9BJK/rtRkbYn9+Ez +GEbEULg1svsgnyWisFimI3uFvgI/swzr1eKVY3Sc8MQ3+Fdy3EkbDZ2+WAubhcEkorTWjzWz2fL1 +vKaYjeIsuEX6TVRUugHWudPzcEuQRLQf8ibZWjbQdBmpeQYBMg5x+xKLCJc= +</X509Certificate> +<X509Certificate> +MIICtDCCAh2gAwIBAgIJAMDbehElPNKvMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYDVQQGEwJLUjEO +MAwGA1UECAwFU3V3b24xDjAMBgNVBAcMBVN1d29uMRYwFAYDVQQKDA1UaXplbiBUZXN0IENBMSMw +IQYDVQQLDBpUVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEpMCcGA1UEAwwgVGl6ZW4gUHVibGlj +IERpc3RyaWJ1dG9yIFJvb3QgQ0EwHhcNMTIxMDI5MTMwMjUwWhcNMjIxMDI3MTMwMjUwWjCBjzEL +MAkGA1UEBhMCS1IxDjAMBgNVBAgMBVN1d29uMQ4wDAYDVQQHDAVTdXdvbjEWMBQGA1UECgwNVGl6 +ZW4gVGVzdCBDQTEiMCAGA1UECwwZVGl6ZW4gRGlzdHJpYnV0b3IgVGVzdCBDQTEkMCIGA1UEAwwb +VGl6ZW4gUHVibGljIERpc3RyaWJ1dG9yIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDe +OTS/3nXvkDEmsFCJIvRlQ3RKDcxdWJJp625pFqHdmoJBdV+x6jl1raGK2Y1sp2Gdvpjc/z92yzAp +bE/UVLPh/tRNZPeGhzU4ejDDm7kzdr2f7Ia0U98K+OoY12ucwg7TYNItj9is7Cj4blGfuMDzd2ah +2AgnCGlwNwV/pv+uVQIDAQABoxAwDjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBACqJ +KO33YdoGudwanZIxMdXuxnnD9R6u72ltKk1S4zPfMJJv482CRGCI4FK6djhlsI4i0Lt1SVIJEed+ +yc3qckGm19dW+4xdlkekon7pViEBWuyHw8OWv3RXtTum1+PGHjBJ2eYY4ZKIpz73U/1NC16sTB/0 +VhfnkHwPltmrpYVe +</X509Certificate> +</X509Data> +</KeyInfo> +<Object Id="prop"><SignatureProperties xmlns:dsp="http://www.w3.org/2009/xmldsig-properties"><SignatureProperty Id="profile" Target="#DistributorSignature"><dsp:Profile URI="http://www.w3.org/ns/widgets-digsig#profile"></dsp:Profile></SignatureProperty><SignatureProperty Id="role" Target="#DistributorSignature"><dsp:Role URI="http://www.w3.org/ns/widgets-digsig#role-distributor"></dsp:Role></SignatureProperty><SignatureProperty Id="identifier" Target="#DistributorSignature"><dsp:Identifier></dsp:Identifier></SignatureProperty></SignatureProperties></Object> +</Signature>
\ No newline at end of file diff --git a/examples/resource/player/tizen-manifest.xml b/examples/resource/player/tizen-manifest.xml new file mode 100755 index 0000000..c7c99d4 --- /dev/null +++ b/examples/resource/player/tizen-manifest.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8" standalone="no"?> +<manifest xmlns="http://tizen.org/ns/packages" api-version="2.4" package="org.example.player" version="1.0.0"> + <profile name="mobile"/> + <ui-application appid="org.example.player" exec="player" multiple="false" nodisplay="false" taskmanage="true" type="capp"> + <label>player</label> + <icon>player.png</icon> + </ui-application> +</manifest> diff --git a/examples/signature-validator-since-4.0.cpp b/examples/signature-validator-since-4.0.cpp new file mode 100644 index 0000000..4351bfe --- /dev/null +++ b/examples/signature-validator-since-4.0.cpp @@ -0,0 +1,99 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file signature-validator-since-4.0.cpp + * @author Sangwan Kwon (sangwan.kwon@samsung.com) + * @version 1.0 + * @brief Signature Validator example (Tizen_4.0 ~ ) + */ +#include <string> +#include <iostream> + +#include <vcore/SignatureValidator.h> + +const std::string PKG_PATH(CERT_SVC_EXAMPLES "/resource/player"); + +int main() +{ + // Step 1. Validate signature files. + ValidationCore::SignatureValidator validator(PKG_PATH); + ValidationCore::SignatureDataMap sigDataMap; + ValidationCore::VCerr result = validator.checkAll(true, // OCSP + true, // reverse reference check + sigDataMap); + /* + If you want to validate specific files, use checkListAll(). + + ex) UriList uriList; + uriList.emplace_back("author-siganture.xml"); + uriList.emplace_back("res/res.xml"); + uriList.emplace_back("shared/res/preference.png"); + uriList.emplace_back("tizen-manifest.xml"); + + validator.checkListAll(true, // OCSP + uriList, + data); + */ + + switch (result) { + case ValidationCore::E_SIG_DISREGARDED: + std::cout << "This signature is disregarded." << std::endl; + break; + + case ValidationCore::E_SIG_NONE: + std::cout << "Success to validate signature." << std::endl; + break; + + default: + std::cout << "Failed to validate signature : " + << validator.errorToString(result) << std::endl; + return -1; + } + + // Step 2. Get certificate list from signature. + auto authorSigData = sigDataMap[ValidationCore::SignatureType::AUTHOR]; + for (const auto &certPtr : authorSigData.getCertList()) + std::cout << "Author certificate > " + << certPtr->getBase64() << std::endl; + + auto dist1SigData = sigDataMap[ValidationCore::SignatureType::DISTRIBUTOR1]; + for (const auto &certPtr : dist1SigData.getCertList()) + std::cout << "Distributor1 certificate > " + << certPtr->getBase64() << std::endl; + + auto dist2SigData = sigDataMap[ValidationCore::SignatureType::DISTRIBUTOR2]; + for (const auto &certPtr : dist2SigData.getCertList()) + std::cout << "Distributor2 certificate > " + << certPtr->getBase64() << std::endl; + + // Step 3. Check visibility about distributor1. + switch (dist1SigData.getVisibilityLevel()) { + case ValidationCore::CertStoreId::VIS_PUBLIC: + std::cout << "This signature has public visibility." << std::endl; + break; + case ValidationCore::CertStoreId::VIS_PARTNER: + std::cout << "This signature has partner visibility." << std::endl; + break; + case ValidationCore::CertStoreId::VIS_PLATFORM: + std::cout << "This signature has platform visibility." << std::endl; + break; + default: + std::cout << "Failed to get proper visibility." << std::endl; + return -1; + } + + return 0; +} diff --git a/examples/signature-validator-until-3.0.cpp b/examples/signature-validator-until-3.0.cpp new file mode 100644 index 0000000..8db28d4 --- /dev/null +++ b/examples/signature-validator-until-3.0.cpp @@ -0,0 +1,102 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file signature-validator-until-3.0.cpp + * @author Sangwan Kwon (sangwan.kwon@samsung.com) + * @version 1.0 + * @brief Signature Validator example (~ Tizen_3.0) + */ +#include <string> +#include <iostream> + +#include <vcore/SignatureValidator.h> + +const std::string PKG_PATH(CERT_SVC_EXAMPLES "/resource/player"); + +int main() +{ + // Step 1. Find signature files in package. + ValidationCore::SignatureFileInfoSet signatureSet; + ValidationCore::SignatureFinder finder(PKG_PATH); + if (ValidationCore::SignatureFinder::NO_ERROR != finder.find(signatureSet)) { + std::cout << "Failed to find signature." << std::endl; + return -1; + } + + // Step 2. Validate signature files. + for (const auto &signature : signatureSet) { + ValidationCore::SignatureValidator validator(signature); + ValidationCore::SignatureData data; + ValidationCore::VCerr result = validator.check(PKG_PATH, + true, // OCSP + true, // reverse reference check + data); + /* + If you want to validate specific files, use checkList(). + + ex) UriList uriList; + uriList.emplace_back("author-siganture.xml"); + uriList.emplace_back("res/res.xml"); + uriList.emplace_back("shared/res/preference.png"); + uriList.emplace_back("tizen-manifest.xml"); + + validator.checkList(true, // OCSP + uriList, + data); + */ + + std::cout << "Start to validate : " + << data.getSignatureFileName() << std::endl; + + switch (result) { + case ValidationCore::E_SIG_DISREGARDED: + std::cout << "This signature is disregarded." << std::endl; + break; + + case ValidationCore::E_SIG_NONE: + std::cout << "Success to validate signature." << std::endl; + // Step 3. Get certificate list from signature. + for (const auto &certPtr : data.getCertList()) + std::cout << certPtr->getBase64() << std::endl; + break; + + default: + std::cout << "Failed to validate signature : " + << validator.errorToString(result) << std::endl; + return -1; + } + + // Step 4. Check visibility about distributor1. + if (!data.isAuthorSignature() && data.getSignatureNumber() == 1) { + switch (data.getVisibilityLevel()) { + case ValidationCore::CertStoreId::VIS_PUBLIC: + std::cout << "This signature has public visibility." << std::endl; + break; + case ValidationCore::CertStoreId::VIS_PARTNER: + std::cout << "This signature has partner visibility." << std::endl; + break; + case ValidationCore::CertStoreId::VIS_PLATFORM: + std::cout << "This signature has platform visibility." << std::endl; + break; + default: + std::cout << "Failed to get proper visibility." << std::endl; + return -1; + } + } + } + + return 0; +} diff --git a/packaging/cert-svc.spec b/packaging/cert-svc.spec index ad0c01f..83fee99 100644 --- a/packaging/cert-svc.spec +++ b/packaging/cert-svc.spec @@ -49,6 +49,7 @@ Requires: openssl %global cert_svc_pkcs12 %cert_svc_path/pkcs12 %global cert_svc_transec %cert_svc_path/transec %global cert_svc_ca_bundle %cert_svc_path/ca-certificate.crt +%global cert_svc_examples %cert_svc_ro_path/examples %global cert_svc_tests %rw_app_dir/cert-svc-tests %global cert_svc_old_db_path /opt/share/cert-svc/dbspace @@ -120,6 +121,7 @@ export FFLAGS="$FFLAGS -DTIZEN_EMULATOR_MODE" %if 0%{?certsvc_test_build} -DCERTSVC_TEST_BUILD=1 \ -DCERT_SVC_TESTS=%cert_svc_tests \ + -DCERT_SVC_EXAMPLES=%cert_svc_examples \ %endif -DCMAKE_BUILD_TYPE=%build_type \ -DSYSTEMD_UNIT_DIR=%_unitdir @@ -190,6 +192,11 @@ fi %bin_dir/cert-svc-test* %cert_svc_tests %_libdir/libcert-svc-validator-plugin.so + %attr(755, root, root) %upgrade_script_path/cert-svc-test-upgrade.sh %upgrade_data_path/certs-meta-old.db + +%bin_dir/cert-svc-example* +%cert_svc_examples + %endif |