summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2017-07-25prevent buffer overflow at strncatsubmit/tizen_4.0_unified/20170814.115522submit/tizen_4.0/20170814.115522submit/tizen_4.0/20170811.094300submit/tizen/20170725.005058accepted/tizen/unified/20170725.173916accepted/tizen/4.0/unified/20170816.020055accepted/tizen/4.0/unified/20170816.013625Dongsun Lee1-2/+2
- The third argument of strncat is the string length to be copied, not buffer size. So the last byte should be left for NULL character which terminates string. - The alias arguemnt is under control of a client, this alias variable can be manipulated maliciouly by the client. Change-Id: Iff4677af36b91d02b7127eb46360033a301b5f87 Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
2017-07-04Detect invalid rsa padding parameterKrzysztof Jackiewicz2-6/+10
Return proper error in case of wrong RSA padding parameter. Add more detailed description of valid parameter combinations. Change-Id: I100f0b900566dbb17bd66c62fabe278baf83c1ff
2017-06-16Fix casting of AbstractLogProvider::LogLevel to intsubmit/tizen/20170619.051653accepted/tizen/unified/20170620.174038Rafal Krypa1-1/+1
When DPL dlog provider prints error message about unsupported log level, it must explicitly cast LogLevel to int before printing it with %d. This fixes KONA issue RQ170612-01344 reported by VD. Change-Id: I31f298550d4ebe2888a82878489fa061b93c2995
2017-05-16Release 0.1.26tizen_4.0.m1_releasesubmit/tizen/20170517.012418accepted/tizen/unified/20170517.080128Tomasz Swierczek1-1/+1
* Adjust tests to boost 1.62 Change-Id: I6ab59675a2f11cf34cff4c0fb2902038e6d799c1
2017-05-16Adjust tests to boost 1.62Zofia Abramowska4-17/+83
* Fix missing file * Fix missing virtual methods * Fix missing semicolons after macros * Support boost version before 1.59 Change-Id: If4032191c662d365571d961d87a97ff88658778e
2017-05-02Version 0.1.25Piotr Sawicki1-1/+1
- Fix defects detected by SVACE Change-Id: I433ec7ed94b0afc6030e41e3f9ef5a6d29ee85a9
2017-04-18Fix defects detected by SVACEPiotr Sawicki1-1/+1
Use a dedicated ckmc_cert_free() function to safely destroy ckmc_cert_s struct. Change-Id: Icd6ac4faef597d93e7b617c3e4e5dce8449baa92
2017-04-12Version 0.1.24submit/tizen/20170412.224043accepted/tizen/unified/20170413.161130Piotr Sawicki1-1/+1
- Fix issues detected by the SVACE tool - Add internal test cases - Replace stringify template with macro - Update API documentation - CryptoLogic: Fix function name (CLEAR_FLAGS) and set max schema version - CryptoLogic: Clean up bit masking ENCR - Fix issues associated with OpenSSL and locking functions - Map System subdomains to System for sharing data between system services - Enable privilege check on control API - Use argos_watchdog - Add upgrade script for moving rw data - Return incomplete PKCS12 with exportable parts only - CAPI: add ckmc_alias_new() - Fix buffer overflow in sqlcipher.c - Adjust smack labels on ipc unix sockets - Add secure-storage data migration - Replace old exceptions with new ones - CAPI: Fix memory leak - Apply coding style rules - Change priorities of temporary directories used by sqlcipher.c - Change API visibility for mobile and wearable profiles - Hotfix: build error by warning on 64bit arch Change-Id: I40c4199a6c48392db0d79a91680048ad148959db
2017-04-07Fix issues detected by SVACEPiotr Sawicki1-1/+2
Fix possible memory leak in _toNewCkmCertList() Change-Id: I706332a37a48fb720b693b526425c03d2d04e0aa
2017-03-29Add %license macro for each sub packagesubmit/tizen/20170330.004841accepted/tizen/wearable/20170330.224112accepted/tizen/unified/20170330.224208accepted/tizen/tv/20170330.223923accepted/tizen/mobile/20170330.223903accepted/tizen/ivi/20170330.224153accepted/tizen/common/20170330.151544accepted/tizen_wearableaccepted/tizen_tvaccepted/tizen_mobileaccepted/tizen_iviaccepted/tizen_commonDongsun Lee1-2/+11
Change-Id: Iab00d7a0f4b4e19e30ab37d9bfe3dde755981fe2 Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
2017-02-02Add internal test casesKyungwook Tak19-12/+1335
Change-Id: Ifd6b70245a8210f17097cd47d7739c8d19ab1819 Signed-off-by: Kyungwook Tak <k.tak@samsung.com> (cherry picked from commit 925c8d123fd9ece130ccf359446ad9e0e63906e3)
2017-02-02Replace stringify template to macroKyungwook Tak3-91/+68
Change-Id: Ifc6e0d65d903ec17c2669ddfa32c3b3b23a7bcb0 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2017-02-03Update documents in doc/Kyungwook Tak3-19/+23
Change-Id: I3de73523d2a51f8508482247eddb2bc2a0078ad7 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2017-01-10Apply the reviewed API documentationDongsun Lee4-1293/+806
Change-Id: Ifab4e5d251ce90642b07a5c5274adcf58e3083f7 Signed-off-by: Dongsun Lee <ds73.lee@samsung.com> (cherry picked from commit edf7e603070dedac237898a9c60ec5205a44d4d3)
2017-01-06gcc version condition check on using pragmasubmit/tizen_unified/20170308.100409submit/tizen/20170109.064234accepted/tizen/wearable/20170109.084923accepted/tizen/unified/20170309.034038accepted/tizen/tv/20170109.084906accepted/tizen/mobile/20170109.084839accepted/tizen/ivi/20170109.084943accepted/tizen/common/20170109.202449Kyungwook Tak1-0/+2
pragma dianogstic ignored makes warning on gcc version 4 so define it when gcc version is 6 or upper Change-Id: I0a62af50418ae4f11d7396fc52bbc770143e037f Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2017-01-02Suppress warning on sqlcipher(unused-const-variable)submit/tizen/20170106.082921submit/tizen/20170106.082227Kyungwook Tak1-0/+1
unused-const-variable warning occurs in sqlcipher when it built with gcc version 6.2. sqlcipher code is hard to touch and not recommended so just suppress the warning on that file only by pragma Change-Id: Icc29d829ed460592b8d883497b69bd9dc9df2a3f Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-20[CryptoLogic] Fix func name and set max schema versionsubmit/tizen/20161226.013211accepted/tizen/wearable/20161226.131222accepted/tizen/tv/20161226.131212accepted/tizen/mobile/20161226.131146accepted/tizen/ivi/20161226.131245accepted/tizen/common/20161227.192124Kyungwook Tak2-5/+17
Change function name: CLEAR_FLAG => CLEAR_FLAGS Define maximum variable of schema version available. To changing encryption schema bitmask from int to std::bitset makes some backward compatability issue because it resides in DB::Row::encryptionScheme as int already which is in DB. But std::bitset cannot support converting to int (only ulong & ulong long) so it's hard to use. Change-Id: Ia27ec252f67c61fece9b34b1458724476b653b77 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-19Replace deprecated readdir_r with readdirKyungwook Tak2-10/+10
Change-Id: I10857c628068c2a53978c16670fab1f9f9d23033 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-16Clean up bit masking ENCR in CryptoLogicKyungwook Tak2-46/+44
Clean up some variables are double declared in anonymous namespace and class member. Make inline private member function for bit masking operations for encryption scheme/version to clean up related codes. Change-Id: I7bccdccd3f80fd259fa54b95d1906e1f386b2116 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-16Fix shift overflow which makes build err in gcc6.2Kyungwook Tak1-1/+2
Change-Id: I17a1c729b83442e90ff91f0771ea845d09140873 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-16C++11 destructor should not throw exceptionKyungwook Tak1-1/+1
Change-Id: If6e3e469acec69bd0a4c2678348d92af607b39d2 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-16Add missing headerKyungwook Tak1-0/+1
Change-Id: Ic9660e80708abb71c293245755912c1bf4bdd438 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-16Static cast enum value to intKyungwook Tak1-1/+1
Change-Id: I738b0a745725c47a0608c58396df79f745ccd412 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-16Replace deprecated auto_ptr with unique_ptrKyungwook Tak2-4/+4
Change-Id: Ib0ebc0f297f51a4cc3335a7d1c9033a37edea016 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-15Remove to add openssl locking function on clientKyungwook Tak2-45/+63
To add locking function in client library side is dangerous of occuring segmentation fault because it can be used in some dynamic loaded plugins. If multiple plugins are adding locking function, there is race condition issue that symbol is unloaded out from the plugin so it makes segmentation fault. Change-Id: I1ac443c5d2e166cf05c65b3d937dae64472c713b Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-12-05Upgrade: cp instead of mvSunmin Lee1-1/+1
Because RO partition shouldn't be modified, use cp instead of mv. Change-Id: If852002611569ebc5146c73b82617ee9e14975c4 Signed-off-by: Kyungwook Tak <k.tak@samsung.com> (cherry picked from commit 592432e551bd61800d488a0bf6b4a52762445e58)
2016-11-28Use valid group tagKyungwook Tak1-6/+6
Based on gbs build errorcode and groups are listed here: https://wiki.tizen.org/wiki/Packaging/Guidelines#Group_Tag Change-Id: I81e416b30454a951a51cd6f9fe9ca832e700ff6d Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-11-28License name changed: BSD-2.0 -> BSD-3.0-ClauseKyungwook Tak2-2/+2
Change-Id: Id415803d99a9bad4f89adae3c8d5030e8920f438 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-10-14Remove socket-2-id-wrapper and socket-2-id-mockupBartlomiej Grzelewski7-286/+61
Change-Id: I3637563d2e7869041693887c96697a495a26d3b5
2016-09-25Merge "Map System subdomains to System" into tizensubmit/tizen_3.0_wearable/20161015.000002submit/tizen_3.0_tv/20161015.000002submit/tizen_3.0_mobile/20161015.000003submit/tizen_3.0_ivi/20161010.000003submit/tizen_3.0_common/20161104.104000submit/tizen/20160926.005548accepted/tizen/wearable/20160927.020827accepted/tizen/tv/20160927.020701accepted/tizen/mobile/20160927.020845accepted/tizen/ivi/20160927.020903accepted/tizen/common/20160926.154122accepted/tizen/3.0/wearable/20161015.082655accepted/tizen/3.0/tv/20161016.004614accepted/tizen/3.0/mobile/20161015.033458accepted/tizen/3.0/ivi/20161011.044322accepted/tizen/3.0/common/20161114.105958Dong Sun Lee4-0/+17
2016-09-25Map System subdomains to SystemKyungwook Tak4-0/+17
e.g., System::Privileged -> System This is for sharing data between system services regardless subdomain like System::Privileged which has special subdomain label for onlycap Change-Id: Ibd6f99c8ced3b7bbb3ba3da6e7bd7ee39cd2bfe2 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-23Enable privilege check on control APIKyungwook Tak4-71/+72
privilege: http://tizen.org/privilege/internal/service storage API is still disabled because it's non-privileged Change-Id: I89cfa8f11181d0a89280d204f2bf611a3a237d78 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-23Fix typo in link_directoriesKyungwook Tak1-1/+1
Change-Id: I273107afabcf2bb95db7a35906618fd01b207928 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-23Use argos_watchdogKyungwook Tak6-3/+68
argos watchdog is watchdog lib which has systemd backend on platform and backend can be reimplemented by product developer argos watchdog provides per-process watchdog registration (systemd allows per-thread but it's not guaranteed by other backends for now) This feature is on discussion with multiple product divisions so it would be easily enabled/disabled by build feature in compile time Change-Id: Idb28caa52f3d20a2e0030c84852ad101fdbb6623 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-23Fix doxygen warningsKyungwook Tak2-91/+92
Change-Id: I7ed6f71aaa631510622ea8d934dfb7d25a57611b Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-20Fix compilation scripts.Bartlomiej Grzelewski5-0/+10
key-manager does not build when libraries are placed in non standard directories. Change-Id: I5e60c51ba89059fd233c721c0122dd66f33fd5ba
2016-09-12Add upgrade script for moving rw datasubmit/tizen/20160912.100526accepted/tizen/wearable/20160913.042057accepted/tizen/tv/20160913.042032accepted/tizen/mobile/20160913.042013accepted/tizen/ivi/20160913.042113accepted/tizen/common/20160912.181800Kyungwook Tak5-2/+45
Change-Id: Iab98d014daf3bee0785c21a14657c0b1f6d4c5a8 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-12Revert "DAC change of .central-key-manager-api-control.sock to 770 to ↵submit/tizen/20160912.023936Kyungwook Tak1-1/+1
protect control functions" This reverts commit aa24737c5837cc0a3d4ed1c2865b6b1c669af96c. Currently socket stream file is created as root:root so others cannot access. This patch should be excluded from 37 week SR and apply it later with related proper patch. Change-Id: I1740c2206992b3e46be0dbfeb16cf8b631fa6f60 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-12Remove tag to key-manager_doc.hKyungwook Tak1-3/+0
key-manager_doc.h is invisible for SDK user Change-Id: I33195575d930ef51a54dc917138a0408d456cbc3 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-08DAC change of .central-key-manager-api-control.sock to 770 to protect ↵Dongsun Lee1-1/+1
control functions Change-Id: I976f31bddf77946f62173a5670684a8fc56be857 Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
2016-09-07Fix SVACE defects: unsafe functions and dead codeKyungwook Tak3-18/+30
Change-Id: I1f670628bc6636e89ca9a7d9eae72922f062fd22 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-07Add migrate script for removed cert-svc store APIKyungwook Tak3-0/+42
cert svc API in cert-service.h is removed and certificates saved by those API could be used through key-manager API after certificates migrated. (related cert-svc commit: project : platform/core/security/cert-svc commitid : 3f2d8b2afcbefa5d2668a08bcd2a3acd25ffe067) For now added script only moves certs directory from old cert-svc path to key-manager data directory. Reading those resources and save to key-manager db when service loaded is TODO Change-Id: I54019a31d8b7549a770d8acf0da8df28be6f99a6 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-09-06Add temporary file suffix to gitignoreKyungwook Tak1-0/+5
Change-Id: Ifd75cbfc7c629059d1b6280efa38190fa627728d Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-08-31Return incomplete PKCS12 with exportable parts onlyKrzysztof Jackiewicz1-15/+20
[Problem] There's no way to get CA certificates list for PKCS12 with non-exportable key. [Solution] Create an incomplete PKCS12 structure with exportable fields only. [Verification] Run ckm-tests --group=T310_CKMC_CAPI_PKCS12 Change-Id: I77b7ef153fc5d7eb16a587a5bb0450c6a74f6ba1
2016-08-25Move upgrade patchs to platform upgrade script dirsubmit/tizen/20160829.005907accepted/tizen/wearable/20160830.060753accepted/tizen/tv/20160830.060729accepted/tizen/mobile/20160830.060702accepted/tizen/ivi/20160830.060821accepted/tizen/common/20160829.135729Kyungwook Tak3-6/+13
Platform upgrade script dir: /usr/share/upgrade/scripts Change-Id: Ia705efe39ce537f42899761b5f2f2b08e3a52e05 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-08-21Add deprecated attributes and logsKyungwook Tak7-16/+49
Change-Id: I511f7dc4fc711f433ef23448badf468c8169afef Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-08-19Remove @see link to deprecated APIsubmit/tizen/20160822.023804accepted/tizen/wearable/20160823.040958accepted/tizen/tv/20160823.040935accepted/tizen/mobile/20160823.040902accepted/tizen/ivi/20160823.041019accepted/tizen/common/20160822.132538Kyungwook Tak1-2/+0
ckmc_load_from_pkcs12_file is deprecated but @see links from other APIs still exist. Change-Id: I5c58cb8bbc1e1268f23ec09a828e66be581e3ddc Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-08-19Fix sha1 digest length and type mismatch(size_t and uint)Kyungwook Tak1-5/+25
Change-Id: Ia53c49ea40d225971a3061241ee90c58534eaf65 Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-08-15[CAPI added] ckmc_alias_new()Kyungwook Tak2-8/+66
Make full alias with owner id and data alias (and separator between them) Change-Id: I103d3ca0577c6847df65a402907b12b388a8e49e Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
2016-08-15Fix global-buffer-overflow in sqlcipher.cYury Usishchev1-1/+1
null-terminated string(pVfs->zName) has no assurance that the length is longer than 10 so buffer-overflow can occured Change-Id: I9dad1321ba2e8be4260feb33eb3874bb2c6cbb09 Signed-off-by: Yury Usishchev <y.usishchev@samsung.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-06 10:54:04 +0000