diff options
author | Kyungwook Tak <k.tak@samsung.com> | 2016-07-18 11:28:53 +0900 |
---|---|---|
committer | Kyungwook Tak <k.tak@samsung.com> | 2016-07-18 13:54:57 +0900 |
commit | f72179753846682e783bbc4dbe1a3a570e7fac23 (patch) | |
tree | 792927dbc3307914f6f45b24a1f3a019e5166c9b | |
parent | 25dec26957850ba42687ffff35fc226039405654 (diff) | |
download | libwebappenc-f72179753846682e783bbc4dbe1a3a570e7fac23.tar.gz libwebappenc-f72179753846682e783bbc4dbe1a3a570e7fac23.tar.bz2 libwebappenc-f72179753846682e783bbc4dbe1a3a570e7fac23.zip |
Fix C code naming rules & minor fixes
- Remove some goto label which isn't needed
- Change 'num' param of strncmp / strncpy with meaningful value
(static buffer's size)
- Add const to unsigned char array input param
- Change param names (c string array and raw buffer array)
const char *pPkgId -> pkgId
unsigned char *pDek -> dek
unsigned char **ppDek -> pDek
- Change all camel naminges to underbar
- Remove null checking before call free()
free() does nothing if ptr is null pointer.
(refer: http://linux.die.net/man/3/free)
- Add missing closedir() after opendir()
Change-Id: I7e5888ed3dc77e5355cfc441f10dc0d6d916921c
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
-rw-r--r-- | include/web_app_enc.h | 38 | ||||
-rw-r--r-- | srcs/crypto_service.c | 122 | ||||
-rw-r--r-- | srcs/crypto_service.h | 24 | ||||
-rw-r--r-- | srcs/key_handler.c | 504 | ||||
-rw-r--r-- | srcs/key_handler.h | 32 | ||||
-rw-r--r-- | srcs/wae_initializer.c | 10 | ||||
-rw-r--r-- | srcs/web_app_enc.c | 210 | ||||
-rw-r--r-- | tests/internals.cpp | 2 |
8 files changed, 417 insertions, 525 deletions
diff --git a/include/web_app_enc.h b/include/web_app_enc.h index 7cadf7b..c876792 100644 --- a/include/web_app_enc.h +++ b/include/web_app_enc.h @@ -62,12 +62,12 @@ typedef enum { * @brief Encrypts web application data with internal key(APP DEK: Application Data Encryption Key). * * @since_tizen 3.0 - * @param[in] pPkgId The package id of an application. - * @param[in] appType The application type. - * @param[in] pData The data block to be encrypted. - * @param[in] dataLen The length of the data block. - * @param[out] ppEncryptedData The data block contaning encrypted data block. Memory allocated for ppEncryptedData. Has to be freed by free() function. - * @param[out] pEncDataLen The length of the encrypted data block. + * @param[in] pkg_id The package id of an application + * @param[in] app_type The application type + * @param[in] data The data block to be encrypted + * @param[in] data_len The length of @a data + * @param[out] pencrypted_data The data block contaning encrypted data block which must be freed by free() + * @param[out] pencrypted_data_len The length of data pointed by @a pencrypted_data * * @return #WAE_ERROR_NONE on success, otherwise a negative error value * @retval #WAE_ERROR_INVALID_PARAMETER Invalid input parameter @@ -79,18 +79,20 @@ typedef enum { * * @see wae_decrypt_web_application() */ -int wae_encrypt_web_application(const char *pPkgId, wae_app_type_e appType, const unsigned char *pData, size_t dataLen, unsigned char **ppEncryptedData, size_t *pEncDataLen); +int wae_encrypt_web_application(const char *pkg_id, wae_app_type_e app_type, + const unsigned char *data, size_t data_len, + unsigned char **pencrypted_data, size_t *pencrypted_data_len); /** * @brief Encrypts web application data with internal key. * * @since_tizen 3.0 - * @param[in] pPkgId The package id of an application. - * @param[in] appType The application type. - * @param[in] pData The data block to be decrypted. - * @param[in] dataLen The length of the data block. - * @param[out] ppDecryptedData Data block contaning decrypted data block. Memory allocated for ppEncryptedData. Has to be freed by free() function. - * @param[out] pDecDataLen The length of the decrypted data block. + * @param[in] pkg_id The package id of an application + * @param[in] app_type The application type + * @param[in] data The data block to be decrypted + * @param[in] data_len The length of @a data + * @param[out] pdecrypted_data Data block contaning decrypted data block which must be freed by free() + * @param[out] pdecrypted_data_len The length of data pointed by @a pdecrypted_data * * @return #WAE_ERROR_NONE on success, otherwise a negative error value * @retval #WAE_ERROR_INVALID_PARAMETER Invalid input parameter @@ -102,14 +104,16 @@ int wae_encrypt_web_application(const char *pPkgId, wae_app_type_e appType, cons * * @see wae_encrypt_web_application() */ -int wae_decrypt_web_application(const char *pPkgId, wae_app_type_e appType, const unsigned char *pData, size_t dataLen, unsigned char **ppDecryptedData, size_t *pDecDataLen); +int wae_decrypt_web_application(const char *pkg_id, wae_app_type_e app_type, + const unsigned char *data, size_t data_len, + unsigned char **pdecrypted_data, size_t *pdecrypted_data_len); /** * @brief Remove a APP DEK(Application Data Encryption Key) used for encrytpion and decryption of a web application. * * @since_tizen 3.0 - * @param[in] pPkgId The package id of an application. - * @param[in] appType The application type. + * @param[in] pkg_id The package id of an application + * @param[in] app_type The application type * * @return #WAE_ERROR_NONE on success, otherwise a negative error value * @retval #WAE_ERROR_INVALID_PARAMETER Invalid input parameter @@ -119,7 +123,7 @@ int wae_decrypt_web_application(const char *pPkgId, wae_app_type_e appType, cons * @retval #WAE_ERROR_UNKNOWN Failed with unknown reason * */ -int wae_remove_app_dek(const char *pPkgId, wae_app_type_e appType); +int wae_remove_app_dek(const char *pkg_id, wae_app_type_e app_type); /** * @} diff --git a/srcs/crypto_service.c b/srcs/crypto_service.c index 7d90190..0991d42 100644 --- a/srcs/crypto_service.c +++ b/srcs/crypto_service.c @@ -52,36 +52,36 @@ void _initialize() } } -int encrypt_app_dek(const unsigned char *rsaPublicKey, size_t pubKeyLen, - const unsigned char *dek, size_t dekLen, - unsigned char **encryptedDek, size_t *encryptedDekLen) +int encrypt_app_dek(const unsigned char *pubkey, size_t pubkey_len, + const unsigned char *dek, size_t dek_len, + unsigned char **pencrypted_dek, size_t *pencrypted_dek_len) { int ret = WAE_ERROR_NONE; - EVP_PKEY *pKey = NULL; + EVP_PKEY *key = NULL; BIO *bio = NULL; EVP_PKEY_CTX *ctx = NULL; unsigned char *out = NULL; - size_t outLen = 0; + size_t out_len = 0; _initialize(); bio = BIO_new(BIO_s_mem()); - BIO_write(bio, rsaPublicKey, pubKeyLen); - pKey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); + BIO_write(bio, pubkey, pubkey_len); + key = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); - if (pKey == NULL) { + if (key == NULL) { BIO_reset(bio); - BIO_write(bio, rsaPublicKey, pubKeyLen); - pKey = d2i_PUBKEY_bio(bio, NULL); + BIO_write(bio, pubkey, pubkey_len); + key = d2i_PUBKEY_bio(bio, NULL); } - if (pKey == NULL) { + if (key == NULL) { ret = WAE_ERROR_FILE; WAE_SLOGE("Failt to convert to public key."); goto error; } - ctx = EVP_PKEY_CTX_new(pKey, NULL); + ctx = EVP_PKEY_CTX_new(key, NULL); if (ctx == NULL) { WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_CTX_new failed"); @@ -102,13 +102,13 @@ int encrypt_app_dek(const unsigned char *rsaPublicKey, size_t pubKeyLen, } /* Determine buffer length */ - if (EVP_PKEY_encrypt(ctx, NULL, &outLen, dek, dekLen) <= 0) { + if (EVP_PKEY_encrypt(ctx, NULL, &out_len, dek, dek_len) <= 0) { WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt failed"); ret = WAE_ERROR_CRYPTO; goto error; } - out = OPENSSL_malloc(outLen); + out = OPENSSL_malloc(out_len); if (out == NULL) { WAE_SLOGE("Encrypt APP DEK Failed. OPENSSL_malloc failed"); @@ -116,21 +116,21 @@ int encrypt_app_dek(const unsigned char *rsaPublicKey, size_t pubKeyLen, goto error; } - if (EVP_PKEY_encrypt(ctx, out, &outLen, dek, dekLen) <= 0) { + if (EVP_PKEY_encrypt(ctx, out, &out_len, dek, dek_len) <= 0) { WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt failed"); ret = WAE_ERROR_CRYPTO; goto error; } - *encryptedDek = out; - *encryptedDekLen = outLen; + *pencrypted_dek = out; + *pencrypted_dek_len = out_len; error: if (bio != NULL) BIO_free(bio); - if (pKey != NULL) - EVP_PKEY_free(pKey); + if (key != NULL) + EVP_PKEY_free(key); if (ctx != NULL) EVP_PKEY_CTX_free(ctx); @@ -141,37 +141,37 @@ error: return ret; } -int decrypt_app_dek(const unsigned char *rsaPrivateKey, size_t priKeyLen, - const char *priKeyPassword, - const unsigned char *encryptedDek, size_t dencryptedDekLen, - unsigned char **decryptedDek, size_t *decryptedDekLen) +int decrypt_app_dek(const unsigned char *prikey, size_t prikey_len, + const char *prikey_pass, + const unsigned char *encrypted_dek, size_t encrypted_dek_len, + unsigned char **pdecrypted_dek, size_t *pdecrypted_dek_len) { int ret = WAE_ERROR_NONE; - EVP_PKEY *pKey = NULL; + EVP_PKEY *key = NULL; BIO *bio = NULL; EVP_PKEY_CTX *ctx = NULL; unsigned char *out = NULL; - size_t outLen = 0; + size_t out_len = 0; _initialize(); bio = BIO_new(BIO_s_mem()); - BIO_write(bio, rsaPrivateKey, priKeyLen); - pKey = PEM_read_bio_PrivateKey(bio, NULL, NULL, (void *)priKeyPassword); + BIO_write(bio, prikey, prikey_len); + key = PEM_read_bio_PrivateKey(bio, NULL, NULL, (void *)prikey_pass); - if (pKey == NULL) { + if (key == NULL) { BIO_reset(bio); - BIO_write(bio, rsaPrivateKey, priKeyLen); - pKey = d2i_PrivateKey_bio(bio, NULL); + BIO_write(bio, prikey, prikey_len); + key = d2i_PrivateKey_bio(bio, NULL); } - if (pKey == NULL) { + if (key == NULL) { ret = WAE_ERROR_FILE; WAE_SLOGE("Failt to convert to public key."); goto error; } - ctx = EVP_PKEY_CTX_new(pKey, NULL); + ctx = EVP_PKEY_CTX_new(key, NULL); if (ctx == NULL) { WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_CTX_new failed"); @@ -192,13 +192,13 @@ int decrypt_app_dek(const unsigned char *rsaPrivateKey, size_t priKeyLen, } /* Determine buffer length */ - if (EVP_PKEY_decrypt(ctx, NULL, &outLen, encryptedDek, dencryptedDekLen) <= 0) { + if (EVP_PKEY_decrypt(ctx, NULL, &out_len, encrypted_dek, encrypted_dek_len) <= 0) { WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_decrypt failed"); ret = WAE_ERROR_CRYPTO; goto error; } - out = OPENSSL_malloc(outLen); + out = OPENSSL_malloc(out_len); if (out == NULL) { WAE_SLOGE("Decrypt APP DEK Failed. OPENSSL_malloc failed"); @@ -206,21 +206,21 @@ int decrypt_app_dek(const unsigned char *rsaPrivateKey, size_t priKeyLen, goto error; } - if (EVP_PKEY_decrypt(ctx, out, &outLen, encryptedDek, dencryptedDekLen) <= 0) { + if (EVP_PKEY_decrypt(ctx, out, &out_len, encrypted_dek, encrypted_dek_len) <= 0) { WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_decrypt failed"); ret = WAE_ERROR_CRYPTO; goto error; } - *decryptedDek = out; - *decryptedDekLen = outLen; + *pdecrypted_dek = out; + *pdecrypted_dek_len = out_len; error: if (bio != NULL) BIO_free(bio); - if (pKey != NULL) - EVP_PKEY_free(pKey); + if (key != NULL) + EVP_PKEY_free(key); if (ctx != NULL) EVP_PKEY_CTX_free(ctx); @@ -232,9 +232,9 @@ error: } -int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, - const unsigned char *pData, size_t dataLen, - unsigned char **ppEncryptedData, size_t *pEncDataLen) +int encrypt_aes_cbc(const unsigned char *key, size_t key_len, + const unsigned char *data, size_t data_len, + unsigned char **pencrypted_data, size_t *pencrypted_data_len) { EVP_CIPHER_CTX *ctx; int len; @@ -245,16 +245,16 @@ int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, _initialize(); - WAE_SLOGI("Encryption Started. size=%d", dataLen); + WAE_SLOGI("Encryption Started. size=%d", data_len); /* check input paramter */ - if (keyLen != 32) { - WAE_SLOGE("Encryption Failed. Invalid Key Length. keyLen=%d", keyLen); + if (key_len != 32) { + WAE_SLOGE("Encryption Failed. Invalid Key Length. key_len=%d", key_len); return WAE_ERROR_INVALID_PARAMETER; } // assing a enough memory for decryption. - ciphertext = (unsigned char *) malloc(dataLen + 32); + ciphertext = (unsigned char *) malloc(data_len + 32); /* Create and initialise the context */ if (!(ctx = EVP_CIPHER_CTX_new())) { @@ -268,7 +268,7 @@ int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, * In this example we are using 256 bit AES (i.e. a 256 bit key). The * IV size for *most* modes is the same as the block size. For AES this * is 128 bits */ - if (1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, pKey, iv)) { + if (1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) { WAE_SLOGE("Encryption Failed. EVP_EncryptInit_ex failed"); ret = WAE_ERROR_CRYPTO; goto error; @@ -277,7 +277,7 @@ int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, /* Provide the message to be encrypted, and obtain the encrypted output. * EVP_EncryptUpdate can be called multiple times if necessary */ - if (1 != EVP_EncryptUpdate(ctx, ciphertext, &len, pData, dataLen)) { + if (1 != EVP_EncryptUpdate(ctx, ciphertext, &len, data, data_len)) { WAE_SLOGE("Encryption Failed. EVP_EncryptUpdate failed"); ret = WAE_ERROR_CRYPTO; goto error; @@ -296,8 +296,8 @@ int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, ciphertext_len += len; - *ppEncryptedData = ciphertext; - *pEncDataLen = ciphertext_len; + *pencrypted_data = ciphertext; + *pencrypted_data_len = ciphertext_len; ret = WAE_ERROR_NONE; WAE_SLOGI("Encryption Ended Successfully. encrypted_len", ciphertext_len); @@ -312,9 +312,9 @@ error: return ret; } -int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, - const unsigned char *pData, size_t dataLen, - unsigned char **ppDecryptedData, size_t *pDecDataLen) +int decrypt_aes_cbc(const unsigned char *key, size_t key_len, + const unsigned char *data, size_t data_len, + unsigned char **pdecrypted_data, size_t *pdecrypted_data_len) { EVP_CIPHER_CTX *ctx; int len; @@ -325,16 +325,16 @@ int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, _initialize(); - WAE_SLOGI("Decryption Started. size=%d", dataLen); + WAE_SLOGI("Decryption Started. size=%d", data_len); /* check input paramter */ - if (keyLen != 32) { - WAE_SLOGE("Decryption Failed. Invalid Key Length. keyLen=%d", keyLen); + if (key_len != 32) { + WAE_SLOGE("Decryption Failed. Invalid Key Length. key_len=%d", key_len); return WAE_ERROR_INVALID_PARAMETER; } // assing a enough memory for decryption. - plaintext = (unsigned char *) malloc(dataLen); + plaintext = (unsigned char *) malloc(data_len); /* Create and initialise the context */ if (!(ctx = EVP_CIPHER_CTX_new())) { @@ -348,7 +348,7 @@ int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, * In this example we are using 256 bit AES (i.e. a 256 bit key). The * IV size for *most* modes is the same as the block size. For AES this * is 128 bits */ - if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, pKey, iv)) { + if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv)) { WAE_SLOGE("Decryption Failed. EVP_DecryptInit_ex failed"); ret = WAE_ERROR_CRYPTO; goto error; @@ -357,7 +357,7 @@ int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, /* Provide the message to be decrypted, and obtain the plaintext output. * EVP_DecryptUpdate can be called multiple times if necessary */ - if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, pData, dataLen)) { + if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, data, data_len)) { WAE_SLOGE("Decryption Failed. EVP_DecryptUpdate failed"); ret = WAE_ERROR_CRYPTO; goto error; @@ -376,8 +376,8 @@ int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, plaintext_len += len; - *ppDecryptedData = plaintext; - *pDecDataLen = plaintext_len; + *pdecrypted_data = plaintext; + *pdecrypted_data_len = plaintext_len; ret = WAE_ERROR_NONE; WAE_SLOGI("Decryption Ended Successfully. decrypted_len", plaintext_len); diff --git a/srcs/crypto_service.h b/srcs/crypto_service.h index 61f4d0b..8a64d6d 100644 --- a/srcs/crypto_service.h +++ b/srcs/crypto_service.h @@ -28,23 +28,23 @@ extern "C" { #include <stddef.h> -int encrypt_app_dek(const unsigned char *rsaPublicKey, size_t pubKeyLen, - const unsigned char *dek, size_t dekLen, +int encrypt_app_dek(const unsigned char *pubkey, size_t pubkey_len, + const unsigned char *dek, size_t dek_len, unsigned char **encryptedDek, size_t *encryptedDekLen); -int decrypt_app_dek(const unsigned char *rsaPrivateKey, size_t priKeyLen, - const char *priKeyPassword, - const unsigned char *encryptedDek, size_t dencryptedDekLen, - unsigned char **decryptedDek, size_t *decryptedDekLen); +int decrypt_app_dek(const unsigned char *prikey, size_t prikey_len, + const char *prikey_pass, + const unsigned char *encrypted_dek, size_t encrypted_dek_len, + unsigned char **pdecrypted_dek, size_t *pdecrypted_dek_len); -int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, - const unsigned char *pData, size_t dataLen, - unsigned char **ppEncryptedData, size_t *pEncDataLen); +int encrypt_aes_cbc(const unsigned char *key, size_t key_len, + const unsigned char *data, size_t data_len, + unsigned char **pencrypted_data, size_t *pencrypted_data_len); -int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, - const unsigned char *pData, size_t dataLen, - unsigned char **ppDecryptedData, size_t *pDecDataLen); +int decrypt_aes_cbc(const unsigned char *key, size_t key_len, + const unsigned char *data, size_t data_len, + unsigned char **pdecrypted_data, size_t *pdecrypted_data_len); #ifdef __cplusplus } diff --git a/srcs/key_handler.c b/srcs/key_handler.c index 15dc96f..0cb2776 100644 --- a/srcs/key_handler.c +++ b/srcs/key_handler.c @@ -47,7 +47,7 @@ #define MAX_CACHE_SIZE 100 typedef struct _dek_cache_element { - char pkgId[MAX_PKGID_LEN]; + char pkg_id[MAX_PKGID_LEN]; unsigned char dek[DEK_LEN]; } dek_cache_element; @@ -57,55 +57,51 @@ int NEXT_CACHE_IDX = -1; void _initialize_cache() { NEXT_CACHE_IDX = 0; - memset(APP_DEK_CACHE, 0, sizeof(dek_cache_element)*MAX_CACHE_SIZE); + memset(APP_DEK_CACHE, 0, sizeof(dek_cache_element) * MAX_CACHE_SIZE); } -unsigned char *_get_app_dek_from_cache(const char *pkgId) +const unsigned char *_get_app_dek_from_cache(const char *pkg_id) { if (NEXT_CACHE_IDX < 0) _initialize_cache(); - for (int i = 0; i < MAX_CACHE_SIZE; i++) { - //WAE_SLOGI("CACHED APP_DEK[%d]=%s", i, APP_DEK_CACHE[i].pkgId); - if (strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) && - strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) { + for (size_t i = 0; i < MAX_CACHE_SIZE; i++) { + //WAE_SLOGI("CACHED APP_DEK[%d]=%s", i, APP_DEK_CACHE[i].pkg_id); + if (strncmp(pkg_id, APP_DEK_CACHE[i].pkg_id, MAX_PKGID_LEN) == 0) return APP_DEK_CACHE[i].dek; - } } return NULL; } -void _add_app_dek_to_cache(const char *pkgId, unsigned char *dek) +void _add_app_dek_to_cache(const char *pkg_id, const unsigned char *dek) { if (NEXT_CACHE_IDX < 0) _initialize_cache(); // if existing one has the same pkgid - for (int i = 0; i < MAX_CACHE_SIZE; i++) { - if (strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) && - strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) { + for (size_t i = 0; i < MAX_CACHE_SIZE; i++) { + if (strncmp(pkg_id, APP_DEK_CACHE[i].pkg_id, MAX_PKGID_LEN) == 0) { memcpy(APP_DEK_CACHE[i].dek, dek, DEK_LEN); return; } } // for new pkgid - strncpy(APP_DEK_CACHE[NEXT_CACHE_IDX].pkgId, pkgId, strlen(pkgId)); + strncpy(APP_DEK_CACHE[NEXT_CACHE_IDX].pkg_id, pkg_id, MAX_PKGID_LEN - 1); memcpy(APP_DEK_CACHE[NEXT_CACHE_IDX].dek, dek, DEK_LEN); - NEXT_CACHE_IDX++; + ++NEXT_CACHE_IDX; if (NEXT_CACHE_IDX >= MAX_CACHE_SIZE) NEXT_CACHE_IDX = 0; } -void _remove_app_dek_from_cache(const char *pkgId) +void _remove_app_dek_from_cache(const char *pkg_id) { - for (int i = 0; i < MAX_CACHE_SIZE; i++) { - if (strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) && - strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) { - memset(APP_DEK_CACHE[i].pkgId, 0, sizeof(APP_DEK_CACHE[i].pkgId)); + for (size_t i = 0; i < MAX_CACHE_SIZE; i++) { + if (strncmp(pkg_id, APP_DEK_CACHE[i].pkg_id, MAX_PKGID_LEN) == 0) { + memset(APP_DEK_CACHE[i].pkg_id, 0, MAX_PKGID_LEN); return; } } @@ -137,48 +133,43 @@ int _to_wae_error(int key_manager_error) int _get_random(size_t length, unsigned char *random) { - FILE *f = NULL; - size_t i = 0; - int ch = 0; + FILE *f = fopen(RANDOM_FILE, "r"); - //read random file - if ((f = fopen(RANDOM_FILE, "r")) != NULL) { - while (i < length) { - if ((ch = fgetc(f)) == EOF) { - break; - } - - random[i] = (unsigned char) ch; - i++; - } + if (f == NULL) { + WAE_SLOGE("Failed to open random file source: %s", RANDOM_FILE); + return WAE_ERROR_FILE; } - if (f != NULL) - fclose(f); + size_t i = 0; + int ch = 0; + while (i < length && (ch = fgetc(f) != EOF)) + random[i++] = (unsigned char)ch; + + fclose(f); return WAE_ERROR_NONE; } -void _get_alias(const char *pPkgId, wae_app_type_e appType, bool forSave, char *alias, size_t buff_len) +void _get_alias(const char *pkg_id, wae_app_type_e app_type, bool forSave, char *alias, size_t buff_len) { - if (appType == WAE_DOWNLOADED_NORMAL_APP) { + if (app_type == WAE_DOWNLOADED_NORMAL_APP) { if (forSave) { snprintf(alias, buff_len, "%s%s", APP_DEK_ALIAS_PFX, - pPkgId); + pkg_id); } else { snprintf(alias, buff_len, "%c%s%s%s%s", '/', INSTALLER_LABEL, ckmc_owner_id_separator, APP_DEK_ALIAS_PFX, - pPkgId); + pkg_id); } } else { // system alias snprintf(alias, buff_len, "%s%s%s%s", ckmc_owner_id_system, ckmc_owner_id_separator, APP_DEK_ALIAS_PFX, - pPkgId); + pkg_id); } } @@ -213,49 +204,46 @@ const char *_get_dek_store_path() return tzplatform_mkpath3(TZ_SYS_SHARE, "wae", "app_dek"); } -int _add_dek_to_key_manager(const char *pPkgId, wae_app_type_e appType, const unsigned char *pDek, size_t len) +int _add_dek_to_key_manager(const char *pkg_id, wae_app_type_e app_type, const unsigned char *dek, size_t dek_len) { int ret = WAE_ERROR_NONE; - char alias[MAX_ALIAS_LEN] = {0,}; + char alias[MAX_ALIAS_LEN] = {0, }; ckmc_raw_buffer_s buff; ckmc_policy_s policy; - buff.data = (unsigned char *)pDek; - buff.size = len; + buff.data = (unsigned char *)dek; + buff.size = dek_len; policy.password = NULL; policy.extractable = true; - // save app_dek in key_manager - _get_alias(pPkgId, appType, true, alias, sizeof(alias)); + _get_alias(pkg_id, app_type, true, alias, sizeof(alias)); // even if it fails to remove, ignore it. - ret = _to_wae_error(ckmc_remove_alias(alias)); + ckmc_remove_alias(alias); ret = _to_wae_error(ckmc_save_data(alias, buff, policy)); - if (ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to add APP_DEK to key-manager. pkgId=%s, alias=%s, ret=%d", pPkgId, alias, ret); + WAE_SLOGE("WAE: Fail to add APP_DEK to key-manager. pkg_id=%s, alias=%s, ret=%d", pkg_id, alias, ret); return ret; } // share app_dek for web app laucher to use app_dek - ret = _to_wae_error(ckmc_set_permission(alias, pPkgId, CKMC_PERMISSION_READ)); - + ret = _to_wae_error(ckmc_set_permission(alias, pkg_id, CKMC_PERMISSION_READ)); if (ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to set_permission to APP_DEK. pkgId=%s, ret=%d", pPkgId, ret); + WAE_SLOGE("WAE: Fail to set_permission to APP_DEK. pkg_id=%s, ret=%d", pkg_id, ret); return ret; } - WAE_SLOGI("WAE: Success to add APP_DEK to key-manager. pkgId=%s, alias=%s", pPkgId, alias); + WAE_SLOGI("WAE: Success to add APP_DEK to key-manager. pkg_id=%s, alias=%s", pkg_id, alias); return ret; } -int _get_preloaded_app_dek_file_path(const char *pPkgId, size_t size, char *path) +int _get_preloaded_app_dek_file_path(const char *pkg_id, size_t size, char *path) { int ret = snprintf(path, size, "%s/%s_%s.adek", - _get_dek_store_path(), APP_DEK_FILE_PFX, pPkgId); + _get_dek_store_path(), APP_DEK_FILE_PFX, pkg_id); if (ret < 0) return WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */ @@ -263,47 +251,46 @@ int _get_preloaded_app_dek_file_path(const char *pPkgId, size_t size, char *path return WAE_ERROR_NONE; } -int _extract_pkg_id_from_file_name(const char *fileName, char *pkgId) +int _extract_pkg_id_from_file_name(const char *file_name, char *pkg_id) { - char *start = strstr(fileName, APP_DEK_FILE_PFX); + char *start = strstr(file_name, APP_DEK_FILE_PFX); if (start == NULL) { - WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. fileName=%s", fileName); + WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. file_name=%s", file_name); return WAE_ERROR_FILE; } start = start + strlen(APP_DEK_FILE_PFX) + 1; - char *end = strstr(fileName, ".adek"); + char *end = strstr(file_name, ".adek"); if (start == NULL) { - WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. fileName=%s", fileName); + WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. file_name=%s", file_name); return WAE_ERROR_FILE; } - strncpy(pkgId, start, end - start); - pkgId[end - start] = 0; //terminate string + strncpy(pkg_id, start, end - start); + pkg_id[end - start] = 0; //terminate string return WAE_ERROR_NONE; } -int _read_encrypted_app_dek_from_file(const char *pPkgId, unsigned char **encrypted_app_dek, size_t *len) +int _read_encrypted_app_dek_from_file(const char *pkg_id, unsigned char **pencrypted_app_dek, size_t *pencrypted_app_dek_len) { char path[MAX_PATH_LEN] = {0,}; - _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path); - return _read_from_file(path, encrypted_app_dek, len); + _get_preloaded_app_dek_file_path(pkg_id, sizeof(path), path); + return _read_from_file(path, pencrypted_app_dek, pencrypted_app_dek_len); } -int _write_encrypted_app_dek_to_file(const char *pPkgId, const unsigned char *encrypted_app_dek, size_t len) +int _write_encrypted_app_dek_to_file(const char *pkg_id, const unsigned char *encrypted_app_dek, size_t encrypted_app_dek_len) { char path[MAX_PATH_LEN] = {0,}; - _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path); - return _write_to_file(path, encrypted_app_dek, len); + _get_preloaded_app_dek_file_path(pkg_id, sizeof(path), path); + return _write_to_file(path, encrypted_app_dek, encrypted_app_dek_len); } -int _read_from_file(const char *path, unsigned char **data, size_t *len) +int _read_from_file(const char *path, unsigned char **pdata, size_t *pdata_len) { int ret = WAE_ERROR_NONE; - int file_len = -1; unsigned char *file_contents = NULL; int ch = 0; int i = 0; @@ -316,7 +303,7 @@ int _read_from_file(const char *path, unsigned char **data, size_t *len) } fseek(f, 0, SEEK_END); // move to the end of a file - file_len = ftell(f); + int file_len = ftell(f); if (file_len <= 0) { WAE_SLOGE("WAE: Failed to get file size by ftell. ret: %d", file_len); @@ -326,7 +313,7 @@ int _read_from_file(const char *path, unsigned char **data, size_t *len) fseek(f, 0, SEEK_SET); // move to the start of a file - file_contents = (unsigned char *) malloc(file_len); + file_contents = (unsigned char *)malloc(file_len); if (file_contents == NULL) { WAE_SLOGE("WAE: Fail to allocate memory for encrypted_app_dek"); @@ -336,29 +323,23 @@ int _read_from_file(const char *path, unsigned char **data, size_t *len) memset(file_contents, 0x00, file_len); - while ((ch = fgetc(f)) != EOF) { + while ((ch = fgetc(f)) != EOF) file_contents[i++] = (char)ch; - } - *data = file_contents; - *len = file_len; + *pdata = file_contents; + *pdata_len = file_len; error: - if (f != NULL) - fclose(f); + fclose(f); - if (ret != WAE_ERROR_NONE && file_contents != NULL) + if (ret != WAE_ERROR_NONE) free(file_contents); return ret; } -int _write_to_file(const char *path, const unsigned char *data, size_t len) +int _write_to_file(const char *path, const unsigned char *data, size_t data_len) { - int ret = WAE_ERROR_NONE; - - int write_len = -1; - FILE *f = fopen(path, "w"); if (f == NULL) { @@ -366,72 +347,80 @@ int _write_to_file(const char *path, const unsigned char *data, size_t len) return WAE_ERROR_FILE; } - write_len = fwrite(data, 1, len, f); + int write_len = fwrite(data, 1, data_len, f); + + fclose(f); - if (write_len != (int) len) { + if (write_len != (int)data_len) { WAE_SLOGE("WAE: Fail to write a file. file=%s", path); - ret = WAE_ERROR_FILE; - goto error; + return WAE_ERROR_FILE; } -error: - if (f != NULL) - fclose(f); - - return ret; + return WAE_ERROR_NONE; } -int get_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen) +int get_app_dek(const char *pkg_id, wae_app_type_e app_type, unsigned char **pdek, size_t *pdek_len) { int ret = WAE_ERROR_NONE; - char *password = NULL; - ckmc_raw_buffer_s *pDekBuffer = NULL; - char alias[MAX_ALIAS_LEN] = {0,}; - unsigned char *pDek = NULL; + ckmc_raw_buffer_s *dek_buffer = NULL; + char alias[MAX_ALIAS_LEN] = {0, }; - unsigned char *cached_dek = _get_app_dek_from_cache(pPkgId); + const unsigned char *cached_dek = _get_app_dek_from_cache(pkg_id); if (cached_dek == NULL) { // get APP_DEK from system database - _get_alias(pPkgId, appType, false, alias, sizeof(alias)); + _get_alias(pkg_id, app_type, false, alias, sizeof(alias)); - ret = _to_wae_error(ckmc_get_data(alias, password, &pDekBuffer)); + ret = _to_wae_error(ckmc_get_data(alias, NULL, &dek_buffer)); if (ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to get APP_DEK from key-manager. pkgId=%s, alias=%s, ret=%d", - pPkgId, alias, ret); + WAE_SLOGE("Failed to get APP_DEK from key-manager. pkg_id=%s, alias=%s, ret=%d", + pkg_id, alias, ret); + goto error; + } else if (dek_buffer == NULL || dek_buffer->data == NULL) { + WAE_SLOGE("key-manager success but buffer is null for getting dek of pkg_id=%s", + pkg_id); + ret = WAE_ERROR_KEY_MANAGER; + goto error; + } else if (dek_buffer->size != DEK_LEN) { + WAE_SLOGE("DEK's length which has been saved in key-manager is not valid!"); + ret = WAE_ERROR_KEY_MANAGER; goto error; } + + WAE_SLOGD("Successfully get dek from key-manager for pkgid=%s", pkg_id); + cached_dek = dek_buffer->data; } - pDek = (unsigned char *)malloc(DEK_LEN); + unsigned char *dek = (unsigned char *)malloc(DEK_LEN); - if (pDek == NULL) { + if (dek == NULL) { WAE_SLOGE("Fail to allocate a memory"); ret = WAE_ERROR_MEMORY; goto error; } - memcpy(pDek, (cached_dek != NULL) ? cached_dek : pDekBuffer->data, DEK_LEN); + memcpy(dek, cached_dek, DEK_LEN); + + *pdek = dek; + *pdek_len = DEK_LEN; - *ppDek = pDek; - *dekLen = DEK_LEN; - WAE_SLOGI("WAE: Success to get APP_DEK from key-manager. pkgId=%s, alias=%s", pPkgId, alias); + WAE_SLOGI("WAE: Success to get APP_DEK from key-manager. pkg_id=%s, alias=%s", + pkg_id, alias); error: - if (pDekBuffer != NULL) - ckmc_buffer_free(pDekBuffer); + ckmc_buffer_free(dek_buffer); - if (ret != WAE_ERROR_NONE && pDek != NULL) - free(pDek); + if (ret != WAE_ERROR_NONE) + free(dek); return ret; } -int create_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen) +int create_app_dek(const char *pkg_id, wae_app_type_e app_type, unsigned char **pdek, size_t *pdek_len) { - unsigned char *dek = (unsigned char *) malloc(DEK_LEN); + unsigned char *dek = (unsigned char *)malloc(DEK_LEN); if (dek == NULL) return WAE_ERROR_MEMORY; @@ -439,69 +428,63 @@ int create_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **p int ret = _get_random(DEK_LEN, dek); if (ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to get random for APP_DEK. pkgId=%s, ret=%d", pPkgId, ret); + WAE_SLOGE("WAE: Fail to get random for APP_DEK. pkg_id=%s, ret=%d", pkg_id, ret); goto error; } // save app_dek in key_manager - ret = _add_dek_to_key_manager(pPkgId, appType, dek, DEK_LEN); + ret = _add_dek_to_key_manager(pkg_id, app_type, dek, DEK_LEN); if (ret != WAE_ERROR_NONE) { goto error; } // store APP_DEK in cache - _add_app_dek_to_cache(pPkgId, dek); + _add_app_dek_to_cache(pkg_id, dek); - *ppDek = dek; - *dekLen = DEK_LEN; + *pdek = dek; + *pdek_len = DEK_LEN; - WAE_SLOGI("WAE: Success to create APP_DEK and store it in key-manager. pkgId=%s", pPkgId); + WAE_SLOGI("WAE: Success to create APP_DEK and store it in key-manager. pkg_id=%s", pkg_id); + + return WAE_ERROR_NONE; error: - if (ret != WAE_ERROR_NONE && dek != NULL) - free(dek); + free(dek); return ret; } -int get_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen) +int get_preloaded_app_dek(const char *pkg_id, unsigned char **pdek, size_t *pdek_len) { - int ret = WAE_ERROR_NONE; - - unsigned char *cached_dek = _get_app_dek_from_cache(pPkgId); + const unsigned char *cached_dek = _get_app_dek_from_cache(pkg_id); if (cached_dek == NULL) { WAE_SLOGE("WAE: Fail to get APP_DEK from cache for preloaded app"); return WAE_ERROR_NO_KEY; } - unsigned char *dek = (unsigned char *) malloc(DEK_LEN); + unsigned char *dek = (unsigned char *)malloc(DEK_LEN); if (dek == NULL) { WAE_SLOGE("WAE: Fail to allocate memory for preloaded app dek"); - ret = WAE_ERROR_MEMORY; - goto error; + return WAE_ERROR_MEMORY; } memcpy(dek, cached_dek, DEK_LEN); - *ppDek = dek; - *dekLen = DEK_LEN; - -error: - if (ret != WAE_ERROR_NONE && dek != NULL) - free(dek); + *pdek = dek; + *pdek_len = DEK_LEN; - return ret; + return WAE_ERROR_NONE; } -int create_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen) +int create_preloaded_app_dek(const char *pkg_id, unsigned char **pdek, size_t *pdek_len) { unsigned char *encrypted_app_dek = NULL; size_t encrypted_app_dek_len = 0; - unsigned char *pubKey = NULL; - size_t pubKeyLen = 0; + unsigned char *pubkey = NULL; + size_t pubkey_len = 0; // create APP_DEK unsigned char *dek = (unsigned char *)malloc(DEK_LEN); @@ -515,14 +498,14 @@ int create_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t * goto error; // encrypt APP_DEK with APP_DEK_KEK - ret = _read_from_file(_get_dek_kek_pub_key_path(), &pubKey, &pubKeyLen); + ret = _read_from_file(_get_dek_kek_pub_key_path(), &pubkey, &pubkey_len); if (ret != WAE_ERROR_NONE) { WAE_SLOGE("WAE: Fail to read APP_DEK_KEK Public Key"); goto error; } - ret = encrypt_app_dek(pubKey, pubKeyLen, dek, DEK_LEN, &encrypted_app_dek, &encrypted_app_dek_len); + ret = encrypt_app_dek(pubkey, pubkey_len, dek, DEK_LEN, &encrypted_app_dek, &encrypted_app_dek_len); if (ret != WAE_ERROR_NONE) { WAE_SLOGE("WAE: Fail to encrypt APP_DEK with APP_DEK_KEK"); @@ -530,73 +513,70 @@ int create_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t * } // write APP_DEK in a file - ret = _write_encrypted_app_dek_to_file(pPkgId, encrypted_app_dek, encrypted_app_dek_len); + ret = _write_encrypted_app_dek_to_file(pkg_id, encrypted_app_dek, encrypted_app_dek_len); if (ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to write encrypted APP_DEK. pkgId=%s", pPkgId); + WAE_SLOGE("WAE: Fail to write encrypted APP_DEK. pkg_id=%s", pkg_id); goto error; } // store APP_DEK in cache - _add_app_dek_to_cache(pPkgId, dek); + _add_app_dek_to_cache(pkg_id, dek); - *ppDek = dek; - *dekLen = DEK_LEN; - WAE_SLOGI("WAE: Success to create preleaded APP_DEK and write it in initail value file. pkgId=%s", pPkgId); + *pdek = dek; + *pdek_len = DEK_LEN; + WAE_SLOGI("WAE: Success to create preleaded APP_DEK and write it in initail value file. pkg_id=%s", pkg_id); error: - if (pubKey != NULL) - free(pubKey); + free(pubkey); + free(encrypted_app_dek); - if (encrypted_app_dek != NULL) - free(encrypted_app_dek); - - if (ret != WAE_ERROR_NONE && dek != NULL) + if (ret != WAE_ERROR_NONE) free(dek); return ret; } -int _get_app_dek_kek(unsigned char **ppDekKek, size_t *kekLen) +int _get_app_dek_kek(unsigned char **pdek_kek, size_t *pdek_kek_len) { - int ret = _read_from_file(_get_dek_kek_pri_key_path(), ppDekKek, kekLen); + int ret = _read_from_file(_get_dek_kek_pri_key_path(), pdek_kek, pdek_kek_len); if (ret != WAE_ERROR_NONE) { WAE_SLOGE("WAE: Fail to read APP_DEK_KEK Private Key"); return ret; } - /* - char* password = NULL; - ckmc_raw_buffer_s *pKekBuffer = NULL; - unsigned char* pKek = NULL; - - char dek_kek_alias[MAX_ALIAS_LEN] = {0, }; - _get_dek_kek_alias(dek_kek_alias, sizeof(dek_kek_alias)); - - ret = _to_wae_error(ckmc_get_data(dek_kek_alias, password, &pKekBuffer)); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("Fail to get APP_DEK_KEK from key-manager. alias=%s, ret=%d", APP_DEK_KEK_ALIAS, ret); - goto error; - } - - pKek = (unsigned char*) malloc(pKekBuffer->size); - if(pKek == NULL) { - WAE_SLOGE("Fail to allocate a memory"); - ret = WAE_ERROR_MEMORY; - goto error; - } - memcpy(pKek, pKekBuffer->data, pKekBuffer->size); - - *ppDekKek = pKek; - *kekLen = pKekBuffer->size; - WAE_SLOGI("Success to get APP_DEK_KEK from key-manager."); - error: - if(pKekBuffer != NULL) - ckmc_buffer_free(pKekBuffer); - if(ret != WAE_ERROR_NONE && pKek != NULL) - free(pKek); - */ +#if 0 + ckmc_raw_buffer_s *kek_buffer = NULL; + unsigned char* kek = NULL; + + char dek_kek_alias[MAX_ALIAS_LEN] = {0, }; + _get_dek_kek_alias(dek_kek_alias, sizeof(dek_kek_alias)); + + ret = _to_wae_error(ckmc_get_data(dek_kek_alias, NULL, &kek_buffer)); + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("Fail to get APP_DEK_KEK from key-manager. alias=%s, ret=%d", + APP_DEK_KEK_ALIAS, ret); + goto error; + } + + kek = (unsigned char *)malloc(kek_buffer->size); + if(kek == NULL) { + WAE_SLOGE("Fail to allocate a memory"); + ret = WAE_ERROR_MEMORY; + goto error; + } + memcpy(kek, kek_buffer->data, kek_buffer->size); + + *pdek_kek = kek; + *pdek_kek_len = kek_buffer->size; + WAE_SLOGI("Success to get APP_DEK_KEK from key-manager."); + +error: + ckmc_buffer_free(kek_buffer); + free(kek); +#endif + return ret; } @@ -605,8 +585,8 @@ int _get_app_deks_loaded() char loading_done_alias[MAX_ALIAS_LEN] = {0, }; _get_dek_loading_done_alias(loading_done_alias, sizeof(loading_done_alias)); - ckmc_raw_buffer_s *pBuffer = NULL; - int ret = _to_wae_error(ckmc_get_data(loading_done_alias, NULL, &pBuffer)); + ckmc_raw_buffer_s *buffer = NULL; + int ret = _to_wae_error(ckmc_get_data(loading_done_alias, NULL, &buffer)); if (ret == WAE_ERROR_NO_KEY) WAE_SLOGI("WAE: APP_DEK_LOADING was not done"); @@ -615,8 +595,7 @@ int _get_app_deks_loaded() else WAE_SLOGE("WAE: Fail to get information from key-manager about APP_DEK_LOADING_DONE_ALIAS. ret=%d", ret); - if (pBuffer != NULL) - ckmc_buffer_free(pBuffer); + ckmc_buffer_free(buffer); return ret; } @@ -625,10 +604,10 @@ int _set_app_deks_loaded() { ckmc_raw_buffer_s buff; ckmc_policy_s policy; - unsigned char dummyData[1] = {0}; + unsigned char dummy_data[1] = {0}; - buff.data = dummyData; - buff.size = sizeof(dummyData); + buff.data = dummy_data; + buff.size = sizeof(dummy_data); policy.password = NULL; policy.extractable = true; @@ -673,19 +652,15 @@ int load_preloaded_app_deks(bool reload) { int ret = WAE_ERROR_NONE; - char pkgId[MAX_PKGID_LEN] = {0, }; + char pkg_id[MAX_PKGID_LEN] = {0, }; - DIR *dir = NULL; - struct dirent entry; - struct dirent *result; - int error; char file_path_buff[MAX_PATH_LEN]; unsigned char *encrypted_app_dek = NULL; size_t encrypted_app_dek_len = 0; unsigned char *app_dek = NULL; size_t app_dek_len = 0; - unsigned char *priKey = NULL; - size_t priKeyLen = 0; + unsigned char *prikey = NULL; + size_t prikey_len = 0; int error_during_loading = 0; @@ -697,23 +672,25 @@ int load_preloaded_app_deks(bool reload) return ret; } - ret = _get_app_dek_kek(&priKey, &priKeyLen); + ret = _get_app_dek_kek(&prikey, &prikey_len); if (ret != WAE_ERROR_NONE) { WAE_SLOGE("Fail to get APP_DEK_KEK Private Key"); return ret; } - dir = opendir(_get_dek_store_path()); + DIR *dir = opendir(_get_dek_store_path()); if (dir == NULL) { WAE_SLOGE("Fail to open dir. dir=%s", _get_dek_store_path()); - ret = WAE_ERROR_FILE; - goto error; + return WAE_ERROR_FILE; } + struct dirent entry; + struct dirent *result = NULL; + while (true) { - error = readdir_r(dir, &entry, &result); + int error = readdir_r(dir, &entry, &result); if (error != 0) { ret = WAE_ERROR_FILE; @@ -726,58 +703,57 @@ int load_preloaded_app_deks(bool reload) break; // regular file && start with KEY_MANAGER_INITIAL_VALUE_FILE_PFX - if (entry.d_type == DT_REG && strstr(entry.d_name, APP_DEK_FILE_PFX) != NULL) { - memset(file_path_buff, 0, sizeof(file_path_buff)); - ret = snprintf(file_path_buff, sizeof(file_path_buff), "%s/%s", - _get_dek_store_path(), entry.d_name); - - if (ret < 0) { - WAE_SLOGE("Failed to make file path by snprintf."); - ret = WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */ - goto error; - } - - ret = _extract_pkg_id_from_file_name(entry.d_name, pkgId); - - if (ret != WAE_ERROR_NONE) { - WAE_SLOGW("Fail to extract pkgid from file. It will be ignored. file=%s", file_path_buff); - continue; - } - - ret = _read_from_file(file_path_buff, &encrypted_app_dek, &encrypted_app_dek_len); - - if (ret != WAE_ERROR_NONE || encrypted_app_dek == NULL) { - error_during_loading++; - WAE_SLOGW("Fail to read file. It will be ignored. file=%s", file_path_buff); - continue; - } - - ret = decrypt_app_dek(priKey, priKeyLen, APP_DEK_KEK_PRIKEY_PASSWORD, - encrypted_app_dek, encrypted_app_dek_len, - &app_dek, &app_dek_len); - - if (ret != WAE_ERROR_NONE || app_dek == NULL) { - error_during_loading++; - WAE_SLOGW("Fail to decrypt APP DEK. It will be ignored. file=%s", file_path_buff); - continue; - } - - // save app_dek in key_manager - ret = _add_dek_to_key_manager(pkgId, WAE_PRELOADED_APP, app_dek, app_dek_len); - // free temp objects - free(app_dek); - free(encrypted_app_dek); - app_dek = NULL; - encrypted_app_dek = NULL; - - if (ret == WAE_ERROR_KEY_EXISTS) { - WAE_SLOGI("Key Manager already has APP_DEK. It will be ignored. file=%s", file_path_buff); - continue; - } else if (ret != WAE_ERROR_NONE) { - error_during_loading++; - WAE_SLOGW("Fail to add APP DEK to key-manager. file=%s", file_path_buff); - continue; - } + if (entry.d_type != DT_REG || strstr(entry.d_name, APP_DEK_FILE_PFX) == NULL) + continue; + + memset(file_path_buff, 0, sizeof(file_path_buff)); + ret = snprintf(file_path_buff, sizeof(file_path_buff), "%s/%s", + _get_dek_store_path(), entry.d_name); + + if (ret < 0) { + WAE_SLOGE("Failed to make file path by snprintf."); + ret = WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */ + goto error; + } + + ret = _extract_pkg_id_from_file_name(entry.d_name, pkg_id); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGW("Fail to extract pkgid from file. It will be ignored. file=%s", file_path_buff); + continue; + } + + ret = _read_from_file(file_path_buff, &encrypted_app_dek, &encrypted_app_dek_len); + + if (ret != WAE_ERROR_NONE || encrypted_app_dek == NULL) { + error_during_loading++; + WAE_SLOGW("Fail to read file. It will be ignored. file=%s", file_path_buff); + continue; + } + + ret = decrypt_app_dek(prikey, prikey_len, APP_DEK_KEK_PRIKEY_PASSWORD, + encrypted_app_dek, encrypted_app_dek_len, + &app_dek, &app_dek_len); + + if (ret != WAE_ERROR_NONE || app_dek == NULL) { + error_during_loading++; + WAE_SLOGW("Fail to decrypt APP DEK. It will be ignored. file=%s", file_path_buff); + continue; + } + + // save app_dek in key_manager + ret = _add_dek_to_key_manager(pkg_id, WAE_PRELOADED_APP, app_dek, app_dek_len); + // free temp objects + free(app_dek); + free(encrypted_app_dek); + app_dek = NULL; + encrypted_app_dek = NULL; + + if (ret == WAE_ERROR_KEY_EXISTS) { + WAE_SLOGI("Key Manager already has APP_DEK. It will be ignored. file=%s", file_path_buff); + } else if (ret != WAE_ERROR_NONE) { + error_during_loading++; + WAE_SLOGW("Fail to add APP DEK to key-manager. file=%s", file_path_buff); } } @@ -791,27 +767,27 @@ int load_preloaded_app_deks(bool reload) } error: - if (priKey != NULL) - free(priKey); + free(prikey); + closedir(dir); return ret; } -int remove_app_dek(const char *pPkgId, wae_app_type_e appType) +int remove_app_dek(const char *pkg_id, wae_app_type_e app_type) { char alias[MAX_ALIAS_LEN] = {0,}; - _get_alias(pPkgId, appType, true, alias, sizeof(alias)); + _get_alias(pkg_id, app_type, true, alias, sizeof(alias)); int ret = _to_wae_error(ckmc_remove_alias(alias)); if (ret != WAE_ERROR_NONE) { - WAE_SLOGE("Fail to remove APP_DEK from key-manager. pkgId=%s, alias=%s, ret=%d", pPkgId, alias, ret); + WAE_SLOGE("Fail to remove APP_DEK from key-manager. pkg_id=%s, alias=%s, ret=%d", pkg_id, alias, ret); return ret; } - _remove_app_dek_from_cache(pPkgId); - WAE_SLOGI("Success to remove APP_DEK from key-manager. pkgId=%s", pPkgId); + _remove_app_dek_from_cache(pkg_id); + WAE_SLOGI("Success to remove APP_DEK from key-manager. pkg_id=%s", pkg_id); return WAE_ERROR_NONE; } diff --git a/srcs/key_handler.h b/srcs/key_handler.h index e1ad727..c2e65a7 100644 --- a/srcs/key_handler.h +++ b/srcs/key_handler.h @@ -34,34 +34,34 @@ extern "C" { /* functions with "_" prefix are internal static functions but declared here for testing */ void _initialize_cache(); -unsigned char *_get_app_dek_from_cache(const char *pkgId); -void _add_app_dek_to_cache(const char *pkgId, unsigned char *dek); -void _remove_app_dek_from_cache(const char *pkgId); +const unsigned char *_get_app_dek_from_cache(const char *pkg_id); +void _add_app_dek_to_cache(const char *pkg_id, const unsigned char *dek); +void _remove_app_dek_from_cache(const char *pkg_id); int _get_random(size_t length, unsigned char *random); -void _get_alias(const char *pPkgId, wae_app_type_e appType, bool forSave, char *alias, size_t buff_len); +void _get_alias(const char *pkg_id, wae_app_type_e app_type, bool forSave, char *alias, size_t buff_len); void _get_dek_kek_alias(char *alias, size_t buff_len); void _get_dek_loading_done_alias(char *alias, size_t buff_len); const char *_get_dek_kek_pub_key_path(); const char *_get_dek_kek_pri_key_path(); const char *_get_dek_store_path(); -int _add_dek_to_key_manager(const char *pPkgId, wae_app_type_e appType, const unsigned char *pDek, size_t len); -int _get_preloaded_app_dek_file_path(const char *pPkgId, size_t size, char *path); -int _extract_pkg_id_from_file_name(const char *fileName, char *pkgId); -int _read_encrypted_app_dek_from_file(const char *pPkgId, unsigned char **encrypted_app_dek, size_t *len); -int _write_encrypted_app_dek_to_file(const char *pPkgId, const unsigned char *encrypted_app_dek, size_t len); -int _read_from_file(const char *path, unsigned char **data, size_t *len); -int _write_to_file(const char *path, const unsigned char *data, size_t len); +int _add_dek_to_key_manager(const char *pkg_id, wae_app_type_e app_type, const unsigned char *dek, size_t dek_len); +int _get_preloaded_app_dek_file_path(const char *pkg_id, size_t size, char *path); +int _extract_pkg_id_from_file_name(const char *file_name, char *pkg_id); +int _read_encrypted_app_dek_from_file(const char *pkg_id, unsigned char **pencrypted_app_dek, size_t *pencrypted_app_dek_len); +int _write_encrypted_app_dek_to_file(const char *pkg_id, const unsigned char *encrypted_app_dek, size_t encrypted_app_dek_len); +int _read_from_file(const char *path, unsigned char **pdata, size_t *pdata_len); +int _write_to_file(const char *path, const unsigned char *data, size_t data_len); int _get_app_deks_loaded(); int _set_app_deks_loaded(); int _clear_app_deks_loaded(); /* functions for interface */ -int get_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen); -int create_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen); -int get_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen); -int create_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen); +int get_app_dek(const char *pkg_id, wae_app_type_e app_type, unsigned char **pdek, size_t *pdek_len); +int create_app_dek(const char *pkg_id, wae_app_type_e app_type, unsigned char **pdek, size_t *pdek_len); +int get_preloaded_app_dek(const char *pkg_id, unsigned char **pdek, size_t *pdek_len); +int create_preloaded_app_dek(const char *pkg_id, unsigned char **pdek, size_t *pdek_len); int load_preloaded_app_deks(bool reload); -int remove_app_dek(const char *pPkgId, wae_app_type_e appType); +int remove_app_dek(const char *pkg_id, wae_app_type_e app_type); #ifdef __cplusplus } diff --git a/srcs/wae_initializer.c b/srcs/wae_initializer.c index b9d7ce8..956b04d 100644 --- a/srcs/wae_initializer.c +++ b/srcs/wae_initializer.c @@ -23,25 +23,19 @@ #include "web_app_enc.h" #include "wae_log.h" -#include <stdio.h> - int main(int argc, char *argv[]) { - int ret = WAE_ERROR_NONE; bool reload = false; - if (argc == 2 && strcmp(argv[1], "--reload") == 0) { + if (argc == 2 && strcmp(argv[1], "--reload") == 0) reload = true; - } - ret = load_preloaded_app_deks(reload); + int ret = load_preloaded_app_deks(reload); if (ret == WAE_ERROR_NONE) { - printf("WAE INITIALIZER was finished successfully.\n"); WAE_SLOGI("WAE INITIALIZER was finished successfully."); return 0; } else { - printf("WAE INITIALIZER was finished with error. ret=%d\n", ret); WAE_SLOGE("WAE INITIALIZER was finished with error. ret=%d", ret); return -1; } diff --git a/srcs/web_app_enc.c b/srcs/web_app_enc.c index 0e31c30..dd133d9 100644 --- a/srcs/web_app_enc.c +++ b/srcs/web_app_enc.c @@ -22,210 +22,128 @@ #include "web_app_enc.h" #include <stdlib.h> -#include <stdio.h> #include "key_handler.h" #include "crypto_service.h" #include "wae_log.h" -int _wae_encrypt_downloaded_web_application(const char *pPkgId, wae_app_type_e appType, - const unsigned char *pData, size_t dataLen, - unsigned char **ppEncryptedData, size_t *pEncDataLen) +int _wae_encrypt_downloaded_web_application( + const char *pkg_id, wae_app_type_e app_type, + const unsigned char *data, size_t data_len, + unsigned char **pencrypted_data, size_t *pencrypted_data_len) { - int ret = WAE_ERROR_NONE; - unsigned char *pDek = NULL; - size_t dekLen = -1; - - if (pPkgId == NULL) { - WAE_SLOGE("Invalid Parameter. pPkgId is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - - if (pData == NULL || dataLen <= 0) { - WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - - if (ppEncryptedData == NULL || pEncDataLen == NULL) { - WAE_SLOGE("Invalid Parameter. ppEncryptedData or pEncDataLen is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } + if (pkg_id == NULL || data == NULL || data_len == 0 || pencrypted_data == NULL || + pencrypted_data_len == NULL) + return WAE_ERROR_INVALID_PARAMETER; // get APP_DEK. // if not exists, create APP_DEK - ret = get_app_dek(pPkgId, appType, &pDek, &dekLen); + unsigned char *dek = NULL; + size_t dek_len = -1; + int ret = get_app_dek(pkg_id, app_type, &dek, &dek_len); - if (ret == WAE_ERROR_NO_KEY) { - ret = create_app_dek(pPkgId, appType, &pDek, &dekLen); - } + if (ret == WAE_ERROR_NO_KEY) + ret = create_app_dek(pkg_id, app_type, &dek, &dek_len); - if (ret != WAE_ERROR_NONE) { + if (ret != WAE_ERROR_NONE) goto error; - } // encrypt - ret = encrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppEncryptedData, pEncDataLen); - - if (ret != WAE_ERROR_NONE) { - goto error; - } + ret = encrypt_aes_cbc(dek, dek_len, data, data_len, pencrypted_data, pencrypted_data_len); error: - if (pDek != NULL) - free(pDek); + free(dek); return ret; } -int _wae_decrypt_downloaded_web_application(const char *pPkgId, wae_app_type_e appType, - const unsigned char *pData, size_t dataLen, - unsigned char **ppDecryptedData, size_t *pDecDataLen) +int _wae_decrypt_downloaded_web_application(const char *pkg_id, wae_app_type_e app_type, + const unsigned char *data, size_t data_len, + unsigned char **pdecrypted_data, size_t *pdecrypted_data_len) { - int ret = WAE_ERROR_NONE; - unsigned char *pDek = NULL; - size_t dekLen = -1; - if (pPkgId == NULL) { - WAE_SLOGE("Invalid Parameter. pPkgId is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - - if (pData == NULL || dataLen <= 0) { - WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - - if (ppDecryptedData == NULL || pDecDataLen == NULL) { - WAE_SLOGE("Invalid Parameter. ppDecryptedData or pDecDataLen is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } + if (pkg_id == NULL || data == NULL || data_len == 0 || pdecrypted_data == NULL || + pdecrypted_data_len == NULL) + return WAE_ERROR_INVALID_PARAMETER; - ret = get_app_dek(pPkgId, appType, &pDek, &dekLen); + unsigned char *dek = NULL; + size_t dek_len = -1; + int ret = get_app_dek(pkg_id, app_type, &dek, &dek_len); - if (ret != WAE_ERROR_NONE) { + if (ret != WAE_ERROR_NONE) goto error; - } // decrypt - ret = decrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppDecryptedData, pDecDataLen); - - if (ret != WAE_ERROR_NONE) { - goto error; - } + ret = decrypt_aes_cbc(dek, dek_len, data, data_len, pdecrypted_data, pdecrypted_data_len); error: - if (pDek != NULL) - free(pDek); + free(dek); return ret; } -int _wae_encrypt_preloaded_web_application(const char *pPkgId, - const unsigned char *pData, size_t dataLen, - unsigned char **ppEncryptedData, size_t *pEncDataLen) +int _wae_encrypt_preloaded_web_application(const char *pkg_id, + const unsigned char *data, size_t data_len, + unsigned char **pencrypted_data, size_t *pencrypted_data_len) { + if (pkg_id == NULL || data == NULL || data_len == 0 || pencrypted_data == NULL || + pencrypted_data_len == NULL) + return WAE_ERROR_INVALID_PARAMETER; - int ret = WAE_ERROR_NONE; - unsigned char *pDek = NULL; - size_t dekLen = -1; + unsigned char *dek = NULL; + size_t dek_len = -1; + int ret = get_preloaded_app_dek(pkg_id, &dek, &dek_len); - if (pPkgId == NULL) { - WAE_SLOGE("Invalid Parameter. pPkgId is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } + if (ret == WAE_ERROR_NO_KEY) + ret = create_preloaded_app_dek(pkg_id, &dek, &dek_len); - if (pData == NULL || dataLen <= 0) { - WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen); - ret = WAE_ERROR_INVALID_PARAMETER; + if (ret != WAE_ERROR_NONE) goto error; - } - - if (ppEncryptedData == NULL || pEncDataLen == NULL) { - WAE_SLOGE("Invalid Parameter. ppEncryptedData or pEncDataLen is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - - ret = get_preloaded_app_dek(pPkgId, &pDek, &dekLen); - - if (ret == WAE_ERROR_NO_KEY) { - ret = create_preloaded_app_dek(pPkgId, &pDek, &dekLen); - } - - if (ret != WAE_ERROR_NONE) { - goto error; - } // encrypt - ret = encrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppEncryptedData, pEncDataLen); - - if (ret != WAE_ERROR_NONE) { - goto error; - } + ret = encrypt_aes_cbc(dek, dek_len, data, data_len, pencrypted_data, pencrypted_data_len); error: - if (pDek != NULL) - free(pDek); + free(dek); return ret; } -int _wae_decrypt_preloaded_web_application(const char *pPkgId, wae_app_type_e appType, - const unsigned char *pData, size_t dataLen, - unsigned char **ppDecryptedData, size_t *pDecDataLen) +int _wae_decrypt_preloaded_web_application(const char *pkg_id, wae_app_type_e app_type, + const unsigned char *data, size_t data_len, + unsigned char **pdecrypted_data, size_t *pdecrypted_data_len) { // same with the decryption of downloaded web application - return _wae_decrypt_downloaded_web_application(pPkgId, appType, - pData, dataLen, ppDecryptedData, pDecDataLen); + return _wae_decrypt_downloaded_web_application(pkg_id, app_type, + data, data_len, pdecrypted_data, pdecrypted_data_len); } -int wae_encrypt_web_application(const char *pPkgId, wae_app_type_e appType, - const unsigned char *pData, size_t dataLen, - unsigned char **ppEncryptedData, size_t *pEncDataLen) +int wae_encrypt_web_application(const char *pkg_id, wae_app_type_e app_type, + const unsigned char *data, size_t data_len, + unsigned char **pencrypted_data, size_t *pencrypted_data_len) { - int ret = WAE_ERROR_NONE; - - if (appType == WAE_PRELOADED_APP) - ret = _wae_encrypt_preloaded_web_application(pPkgId, - pData, dataLen, ppEncryptedData, pEncDataLen); + if (app_type == WAE_PRELOADED_APP) + return _wae_encrypt_preloaded_web_application(pkg_id, + data, data_len, pencrypted_data, pencrypted_data_len); else - ret = _wae_encrypt_downloaded_web_application(pPkgId, appType, - pData, dataLen, ppEncryptedData, pEncDataLen); - - WAE_SLOGI("Encrypt Web App. pkgId=%s, appType=%d, dataLen=%d, ret=%d", - pPkgId, appType, dataLen, ret); - return ret; + return _wae_encrypt_downloaded_web_application(pkg_id, app_type, + data, data_len, pencrypted_data, pencrypted_data_len); } -int wae_decrypt_web_application(const char *pPkgId, wae_app_type_e appType, - const unsigned char *pData, size_t dataLen, - unsigned char **ppDecryptedData, size_t *pDecDataLen) +int wae_decrypt_web_application(const char *pkg_id, wae_app_type_e app_type, + const unsigned char *data, size_t data_len, + unsigned char **pdecrypted_data, size_t *pdecrypted_data_len) { - int ret = WAE_ERROR_NONE; - - if (appType == WAE_PRELOADED_APP) - ret = _wae_decrypt_preloaded_web_application(pPkgId, appType, - pData, dataLen, ppDecryptedData, pDecDataLen); + if (app_type == WAE_PRELOADED_APP) + return _wae_decrypt_preloaded_web_application(pkg_id, app_type, + data, data_len, pdecrypted_data, pdecrypted_data_len); else - ret = _wae_decrypt_downloaded_web_application(pPkgId, appType, - pData, dataLen, ppDecryptedData, pDecDataLen); - - WAE_SLOGI("Decrypt Web App. pkgId=%s, appType=%d, dataLen=%d, ret=%d", - pPkgId, appType, dataLen, ret); - return ret; + return _wae_decrypt_downloaded_web_application(pkg_id, app_type, + data, data_len, pdecrypted_data, pdecrypted_data_len); } -int wae_remove_app_dek(const char *pPkgId, wae_app_type_e appType) +int wae_remove_app_dek(const char *pkg_id, wae_app_type_e app_type) { - int ret = remove_app_dek(pPkgId, appType); - WAE_SLOGI("Remove APP DEK. pkgId=%s, appType=%d, ret=%d", pPkgId, appType, ret); - return ret; + return remove_app_dek(pkg_id, app_type); } diff --git a/tests/internals.cpp b/tests/internals.cpp index 5d6ca2c..257447b 100644 --- a/tests/internals.cpp +++ b/tests/internals.cpp @@ -160,7 +160,7 @@ BOOST_AUTO_TEST_CASE(cache) _add_app_dek_to_cache(pkg3, dek3.data()); size_t dek_len = 32; - unsigned char *_cached = _get_app_dek_from_cache(pkg1); + const unsigned char *_cached = _get_app_dek_from_cache(pkg1); auto cached = Wae::Test::bytearr_to_vec(_cached, dek_len); BOOST_REQUIRE_MESSAGE(cached == dek1, |