diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-12-09 14:11:26 +0900 |
---|---|---|
committer | sangwan kwon <sangwan.kwon@samsung.com> | 2017-01-10 19:58:41 -0800 |
commit | cd391245cd1b59258dcefc0484372192e46ba062 (patch) | |
tree | 9355c6eafe5b4d039a3278bdcfe3770d280e8e5d | |
parent | fa83f9e9f64c155ae2fb7849f5a79862537dc8dc (diff) | |
download | cert-svc-cd391245cd1b59258dcefc0484372192e46ba062.tar.gz cert-svc-cd391245cd1b59258dcefc0484372192e46ba062.tar.bz2 cert-svc-cd391245cd1b59258dcefc0484372192e46ba062.zip |
Init transec library about app custom trust anchor
* Add AppCustomTrustAnchor header draft
Change-Id: Iff710eaece8ba54a1ffad57589f02857b6b325ff
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r-- | CMakeLists.txt | 1 | ||||
-rw-r--r-- | packaging/cert-svc.spec | 2 | ||||
-rw-r--r-- | src/CMakeLists.txt | 2 | ||||
-rw-r--r-- | src/transec/AppCustomTrustAnchor.cpp | 109 | ||||
-rw-r--r-- | src/transec/AppCustomTrustAnchor.h | 53 | ||||
-rw-r--r-- | src/transec/CMakeLists.txt | 44 |
6 files changed, 211 insertions, 0 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index f55fc49..6bbd96f 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -25,6 +25,7 @@ ADD_DEFINITIONS("-Wextra") ADD_DEFINITIONS("-Werror") SET(TARGET_VCORE_LIB "cert-svc-vcore") +SET(TARGET_TRANSEC_LIB "cert-svc-transec") SET(TARGET_CERT_SERVER "cert-server") ADD_DEFINITIONS("-DSIGNATURE_SCHEMA_PATH=\"${CERT_SVC_RO_PATH}/schema.xsd\"") diff --git a/packaging/cert-svc.spec b/packaging/cert-svc.spec index fd50ddd..f65e7d9 100644 --- a/packaging/cert-svc.spec +++ b/packaging/cert-svc.spec @@ -161,6 +161,7 @@ fi %_unitdir/cert-server.socket %_unitdir/sockets.target.wants/cert-server.socket %_libdir/libcert-svc-vcore.so.* +%_libdir/libcert-svc-transec.so.* %bin_dir/cert-server %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_path %dir %attr(-, %{user_name}, %{group_name}) %cert_svc_pkcs12 @@ -178,6 +179,7 @@ fi %_includedir/* %_libdir/pkgconfig/* %_libdir/libcert-svc-vcore.so +%_libdir/libcert-svc-transec.so %if 0%{?certsvc_test_build} %files test diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 94a9a59..6f93734 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -165,3 +165,5 @@ INSTALL(FILES cert-svc/cstring.h DESTINATION ${INCLUDEDIR}/cert-svc/cert-svc ) + +ADD_SUBDIRECTORY(transec) diff --git a/src/transec/AppCustomTrustAnchor.cpp b/src/transec/AppCustomTrustAnchor.cpp new file mode 100644 index 0000000..0bc1d02 --- /dev/null +++ b/src/transec/AppCustomTrustAnchor.cpp @@ -0,0 +1,109 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file AppCustomTrustAnchor.cpp + * @author Sangwan Kwon (sangwan.kwon@samsung.com) + * @version 0.1 + * @brief Implementation of App custom trust anchor + */ +#include "AppCustomTrustAnchor.h" + +namespace transec { + +class AppCustomTrustAnchor::Impl { +public: + explicit Impl(const std::string &packageId, + const std::string &certsDir, + uid_t uid); + explicit Impl(const std::string &packageId, const std::string &certsDir); + virtual ~Impl(void) = default; + + int install(bool withSystemCerts); + int uninstall(void); + int launch(bool withSystemCerts); + +private: + std::string m_packageId; + std::string m_certsDir; + uid_t m_uid; +}; + +AppCustomTrustAnchor::Impl::Impl(const std::string &packageId, + const std::string &certsDir, + uid_t uid) : + m_packageId(packageId), m_certsDir(certsDir), m_uid(uid) {} + +AppCustomTrustAnchor::Impl::Impl(const std::string &packageId, + const std::string &certsDir) : + m_packageId(packageId), m_certsDir(certsDir) {} + +int AppCustomTrustAnchor::Impl::install(bool withSystemCerts) +{ + if (withSystemCerts) + return 0; + else + return -1; +} + +int AppCustomTrustAnchor::Impl::uninstall(void) +{ + return 0; +} + +int AppCustomTrustAnchor::Impl::launch(bool withSystemCerts) +{ + if (withSystemCerts) + return 0; + else + return -1; +} + +AppCustomTrustAnchor::AppCustomTrustAnchor(const std::string &packageId, + const std::string &certsDir, + uid_t uid) noexcept : + m_pImpl(new Impl(packageId, certsDir, uid)) {} + +AppCustomTrustAnchor::AppCustomTrustAnchor(const std::string &packageId, + const std::string &certsDir) noexcept : + m_pImpl(new Impl(packageId, certsDir)) {} + +AppCustomTrustAnchor::~AppCustomTrustAnchor(void) = default; + +int AppCustomTrustAnchor::install(bool withSystemCerts) noexcept +{ + if (this->m_pImpl == nullptr) + return -1; + + return this->m_pImpl->install(withSystemCerts); +} + +int AppCustomTrustAnchor::uninstall(void) noexcept +{ + if (this->m_pImpl == nullptr) + return -1; + + return this->m_pImpl->uninstall(); +} + +int AppCustomTrustAnchor::launch(bool withSystemCerts) noexcept +{ + if (this->m_pImpl == nullptr) + return -1; + + return this->m_pImpl->launch(withSystemCerts); +} + +} // namespace transec diff --git a/src/transec/AppCustomTrustAnchor.h b/src/transec/AppCustomTrustAnchor.h new file mode 100644 index 0000000..c9e1c92 --- /dev/null +++ b/src/transec/AppCustomTrustAnchor.h @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/* + * @file AppCustomTrustAnchor.h + * @author Sangwan Kwon (sangwan.kwon@samsung.com) + * @version 0.1 + * @brief App custom trust anchor C++ API header + */ +#pragma once + +#include <sys/types.h> +#include <string> +#include <memory> + +namespace transec { + +class AppCustomTrustAnchor { +public: + explicit AppCustomTrustAnchor(const std::string &packageId, + const std::string &certsDir, + uid_t uid) noexcept; + explicit AppCustomTrustAnchor(const std::string &packageId, + const std::string &certsDir) noexcept; + virtual ~AppCustomTrustAnchor(void); + + AppCustomTrustAnchor(const AppCustomTrustAnchor &) = delete; + AppCustomTrustAnchor(AppCustomTrustAnchor &&) = delete; + AppCustomTrustAnchor &operator=(const AppCustomTrustAnchor &) = delete; + AppCustomTrustAnchor &operator=(AppCustomTrustAnchor &&) = delete; + + int install(bool withSystemCerts) noexcept; + int uninstall(void) noexcept; + int launch(bool withSystemCerts) noexcept; + +private: + class Impl; + std::unique_ptr<Impl> m_pImpl; +}; + +} // namespace transec diff --git a/src/transec/CMakeLists.txt b/src/transec/CMakeLists.txt new file mode 100644 index 0000000..36d751b --- /dev/null +++ b/src/transec/CMakeLists.txt @@ -0,0 +1,44 @@ +# Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Sangwan Kwon (sangwan.kwon@samsung.com) +# @breif Make trasnport security library +# +SET(${TARGET_TRANSEC_LIB}_SRCS + AppCustomTrustAnchor.cpp +) + +INCLUDE_DIRECTORIES( + SYSTEM + . + ${${TARGET_TRANSEC_LIB}_DEP_INCLUDE_DIRS} +) + +ADD_LIBRARY(${TARGET_TRANSEC_LIB} SHARED ${${TARGET_TRANSEC_LIB}_SRCS}) + +# TODO(sangwan.kwon) visibility needed to be hidden +SET_TARGET_PROPERTIES(${TARGET_TRANSEC_LIB} + PROPERTIES + COMPILE_FLAGS "-D_GNU_SOURCE -fPIC -fvisibility=default" + SOVERSION ${SO_VERSION} + VERSION ${VERSION} +) + +INSTALL(TARGETS ${TARGET_TRANSEC_LIB} DESTINATION ${LIB_INSTALL_DIR}) +INSTALL(FILES + AppCustomTrustAnchor.h + DESTINATION + ${INCLUDEDIR}/cert-svc/transec +) |