Age | Commit message (Collapse) | Author | Files | Lines |
|
- The third argument of strncat is the string length to be copied, not buffer size.
So the last byte should be left for NULL character which terminates string.
- The alias arguemnt is under control of a client,
this alias variable can be manipulated maliciouly by the client.
Change-Id: Iff4677af36b91d02b7127eb46360033a301b5f87
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
|
|
Return proper error in case of wrong RSA padding parameter. Add more detailed
description of valid parameter combinations.
Change-Id: I100f0b900566dbb17bd66c62fabe278baf83c1ff
|
|
When DPL dlog provider prints error message about unsupported log level, it must
explicitly cast LogLevel to int before printing it with %d.
This fixes KONA issue RQ170612-01344 reported by VD.
Change-Id: I31f298550d4ebe2888a82878489fa061b93c2995
|
|
* Adjust tests to boost 1.62
Change-Id: I6ab59675a2f11cf34cff4c0fb2902038e6d799c1
|
|
* Fix missing file
* Fix missing virtual methods
* Fix missing semicolons after macros
* Support boost version before 1.59
Change-Id: If4032191c662d365571d961d87a97ff88658778e
|
|
- Fix defects detected by SVACE
Change-Id: I433ec7ed94b0afc6030e41e3f9ef5a6d29ee85a9
|
|
Use a dedicated ckmc_cert_free() function to safely destroy ckmc_cert_s struct.
Change-Id: Icd6ac4faef597d93e7b617c3e4e5dce8449baa92
|
|
- Fix issues detected by the SVACE tool
- Add internal test cases
- Replace stringify template with macro
- Update API documentation
- CryptoLogic: Fix function name (CLEAR_FLAGS) and set max schema version
- CryptoLogic: Clean up bit masking ENCR
- Fix issues associated with OpenSSL and locking functions
- Map System subdomains to System for sharing data between system services
- Enable privilege check on control API
- Use argos_watchdog
- Add upgrade script for moving rw data
- Return incomplete PKCS12 with exportable parts only
- CAPI: add ckmc_alias_new()
- Fix buffer overflow in sqlcipher.c
- Adjust smack labels on ipc unix sockets
- Add secure-storage data migration
- Replace old exceptions with new ones
- CAPI: Fix memory leak
- Apply coding style rules
- Change priorities of temporary directories used by sqlcipher.c
- Change API visibility for mobile and wearable profiles
- Hotfix: build error by warning on 64bit arch
Change-Id: I40c4199a6c48392db0d79a91680048ad148959db
|
|
Fix possible memory leak in _toNewCkmCertList()
Change-Id: I706332a37a48fb720b693b526425c03d2d04e0aa
|
|
Change-Id: Iab00d7a0f4b4e19e30ab37d9bfe3dde755981fe2
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
|
|
Change-Id: Ifd6b70245a8210f17097cd47d7739c8d19ab1819
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
(cherry picked from commit 925c8d123fd9ece130ccf359446ad9e0e63906e3)
|
|
Change-Id: Ifc6e0d65d903ec17c2669ddfa32c3b3b23a7bcb0
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: I3de73523d2a51f8508482247eddb2bc2a0078ad7
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: Ifab4e5d251ce90642b07a5c5274adcf58e3083f7
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
(cherry picked from commit edf7e603070dedac237898a9c60ec5205a44d4d3)
|
|
pragma dianogstic ignored makes warning on gcc version 4
so define it when gcc version is 6 or upper
Change-Id: I0a62af50418ae4f11d7396fc52bbc770143e037f
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
unused-const-variable warning occurs in sqlcipher when it built with
gcc version 6.2. sqlcipher code is hard to touch and not recommended so
just suppress the warning on that file only by pragma
Change-Id: Icc29d829ed460592b8d883497b69bd9dc9df2a3f
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change function name: CLEAR_FLAG => CLEAR_FLAGS
Define maximum variable of schema version available.
To changing encryption schema bitmask from int to std::bitset
makes some backward compatability issue because it resides in
DB::Row::encryptionScheme as int already which is in DB.
But std::bitset cannot support converting to int (only ulong & ulong
long) so it's hard to use.
Change-Id: Ia27ec252f67c61fece9b34b1458724476b653b77
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: I10857c628068c2a53978c16670fab1f9f9d23033
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Clean up some variables are double declared in anonymous
namespace and class member.
Make inline private member function for bit masking
operations for encryption scheme/version to clean up related codes.
Change-Id: I7bccdccd3f80fd259fa54b95d1906e1f386b2116
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: I17a1c729b83442e90ff91f0771ea845d09140873
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: If6e3e469acec69bd0a4c2678348d92af607b39d2
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: Ic9660e80708abb71c293245755912c1bf4bdd438
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: I738b0a745725c47a0608c58396df79f745ccd412
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: Ib0ebc0f297f51a4cc3335a7d1c9033a37edea016
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
To add locking function in client library side is dangerous of occuring
segmentation fault because it can be used in some dynamic loaded
plugins. If multiple plugins are adding locking function, there is race
condition issue that symbol is unloaded out from the plugin so it makes
segmentation fault.
Change-Id: I1ac443c5d2e166cf05c65b3d937dae64472c713b
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Because RO partition shouldn't be modified,
use cp instead of mv.
Change-Id: If852002611569ebc5146c73b82617ee9e14975c4
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
(cherry picked from commit 592432e551bd61800d488a0bf6b4a52762445e58)
|
|
Based on gbs build errorcode and groups are listed here:
https://wiki.tizen.org/wiki/Packaging/Guidelines#Group_Tag
Change-Id: I81e416b30454a951a51cd6f9fe9ca832e700ff6d
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: Id415803d99a9bad4f89adae3c8d5030e8920f438
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: I3637563d2e7869041693887c96697a495a26d3b5
|
|
|
|
e.g., System::Privileged -> System
This is for sharing data between system services regardless subdomain
like System::Privileged which has special subdomain label for onlycap
Change-Id: Ibd6f99c8ced3b7bbb3ba3da6e7bd7ee39cd2bfe2
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
privilege: http://tizen.org/privilege/internal/service
storage API is still disabled because it's non-privileged
Change-Id: I89cfa8f11181d0a89280d204f2bf611a3a237d78
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: I273107afabcf2bb95db7a35906618fd01b207928
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
argos watchdog is watchdog lib which has systemd backend
on platform and backend can be reimplemented by product developer
argos watchdog provides per-process watchdog registration
(systemd allows per-thread but it's not guaranteed by other
backends for now)
This feature is on discussion with multiple product divisions
so it would be easily enabled/disabled by build feature
in compile time
Change-Id: Idb28caa52f3d20a2e0030c84852ad101fdbb6623
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: I7ed6f71aaa631510622ea8d934dfb7d25a57611b
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
key-manager does not build when libraries are placed in
non standard directories.
Change-Id: I5e60c51ba89059fd233c721c0122dd66f33fd5ba
|
|
Change-Id: Iab98d014daf3bee0785c21a14657c0b1f6d4c5a8
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
protect control functions"
This reverts commit aa24737c5837cc0a3d4ed1c2865b6b1c669af96c.
Currently socket stream file is created as root:root so others cannot
access. This patch should be excluded from 37 week SR and apply it later
with related proper patch.
Change-Id: I1740c2206992b3e46be0dbfeb16cf8b631fa6f60
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
key-manager_doc.h is invisible for SDK user
Change-Id: I33195575d930ef51a54dc917138a0408d456cbc3
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
control functions
Change-Id: I976f31bddf77946f62173a5670684a8fc56be857
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
|
|
Change-Id: I1f670628bc6636e89ca9a7d9eae72922f062fd22
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
cert svc API in cert-service.h is removed and certificates saved by
those API could be used through key-manager API after certificates
migrated.
(related cert-svc commit:
project : platform/core/security/cert-svc
commitid : 3f2d8b2afcbefa5d2668a08bcd2a3acd25ffe067)
For now added script only moves certs directory from old cert-svc path
to key-manager data directory. Reading those resources and save to
key-manager db when service loaded is TODO
Change-Id: I54019a31d8b7549a770d8acf0da8df28be6f99a6
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: Ifd75cbfc7c629059d1b6280efa38190fa627728d
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
[Problem] There's no way to get CA certificates list for PKCS12 with
non-exportable key.
[Solution] Create an incomplete PKCS12 structure with exportable fields only.
[Verification] Run ckm-tests --group=T310_CKMC_CAPI_PKCS12
Change-Id: I77b7ef153fc5d7eb16a587a5bb0450c6a74f6ba1
|
|
Platform upgrade script dir: /usr/share/upgrade/scripts
Change-Id: Ia705efe39ce537f42899761b5f2f2b08e3a52e05
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: I511f7dc4fc711f433ef23448badf468c8169afef
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
ckmc_load_from_pkcs12_file is deprecated but @see links from other APIs
still exist.
Change-Id: I5c58cb8bbc1e1268f23ec09a828e66be581e3ddc
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Change-Id: Ia53c49ea40d225971a3061241ee90c58534eaf65
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Make full alias with owner id and data alias (and separator between them)
Change-Id: I103d3ca0577c6847df65a402907b12b388a8e49e
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
null-terminated string(pVfs->zName) has no assurance that the length
is longer than 10 so buffer-overflow can occured
Change-Id: I9dad1321ba2e8be4260feb33eb3874bb2c6cbb09
Signed-off-by: Yury Usishchev <y.usishchev@samsung.com>
|