diff options
author | Kyungwook Tak <k.tak@samsung.com> | 2016-07-15 13:27:01 +0900 |
---|---|---|
committer | Kyungwook Tak <k.tak@samsung.com> | 2016-07-15 13:27:01 +0900 |
commit | 99523c9b37751cc9188dacc2d24fd775da02e180 (patch) | |
tree | 65bee5dfe699bf23104164bef8598a9261120f9e | |
parent | 4ea2f0ebe530415109e408cb96f81cc0a0b6b3f7 (diff) | |
download | libwebappenc-99523c9b37751cc9188dacc2d24fd775da02e180.tar.gz libwebappenc-99523c9b37751cc9188dacc2d24fd775da02e180.tar.bz2 libwebappenc-99523c9b37751cc9188dacc2d24fd775da02e180.zip |
Apply coding style of tizen by astyle
Change-Id: I495bcdeae8705c2bb8b605762e31458919736926
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
-rw-r--r-- | CMakeLists.txt | 4 | ||||
-rw-r--r-- | build/libwebappenc.pc.in | 1 | ||||
-rw-r--r-- | include/web_app_enc.h | 48 | ||||
-rw-r--r-- | srcs/crypto_service.c | 640 | ||||
-rw-r--r-- | srcs/crypto_service.h | 32 | ||||
-rw-r--r-- | srcs/key_handler.c | 1264 | ||||
-rw-r--r-- | srcs/key_handler.h | 50 | ||||
-rw-r--r-- | srcs/wae_initializer.c | 36 | ||||
-rw-r--r-- | srcs/wae_log.h | 9 | ||||
-rw-r--r-- | srcs/web_app_enc.c | 333 | ||||
-rw-r--r-- | tests/wae_tests.c | 1374 |
11 files changed, 1955 insertions, 1836 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index 31e000b..4c5a1bb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -89,5 +89,3 @@ ADD_SUBDIRECTORY(resources) ADD_SUBDIRECTORY(include) ADD_SUBDIRECTORY(tests) ADD_SUBDIRECTORY(systemd) - - diff --git a/build/libwebappenc.pc.in b/build/libwebappenc.pc.in index 2af6c92..b530dcf 100644 --- a/build/libwebappenc.pc.in +++ b/build/libwebappenc.pc.in @@ -8,4 +8,3 @@ Version: @VERSION@ Requires: @PC_REQUIRED@ Libs: @PC_LDFLAGS@ Cflags: @PC_CFLAGS@ - diff --git a/include/web_app_enc.h b/include/web_app_enc.h index 68a1fd9..7cadf7b 100644 --- a/include/web_app_enc.h +++ b/include/web_app_enc.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,9 +15,8 @@ * * @file web_app_enc.h * @version 1.0 - * @brief This file contains APIs of WEB_APP_ENC module. + * @brief APIs of WEB_APP_ENC module. */ - #ifndef __WEB_APP_ENC__ #define __WEB_APP_ENC__ @@ -25,39 +24,38 @@ extern "C" { #endif +#include <stddef.h> + /** * @addtogroup CAPI_WEB_APP_ENC_MODULE * @{ */ - /** * @brief WAE Errors. * @since_tizen 3.0 */ -typedef enum -{ - WAE_ERROR_NONE = 0x00, /**< Successful */ - WAE_ERROR_INVALID_PARAMETER = - 0x01, /**< Invalid function parameter */ - WAE_ERROR_PERMISSION_DENIED = - 0x02, /**< Permission denied */ - WAE_ERROR_NO_KEY = - 0x03, /**< No key */ - WAE_ERROR_KEY_EXISTS = - 0x04, /**< key already exists*/ - WAE_ERROR_KEY_MANAGER = - 0x05, /**< key-manager internal error */ - WAE_ERROR_CRYPTO = - 0x06, /**< failed in crypto operation */ - WAE_ERROR_MEMORY = - 0x07, /**< failed to allocate memory */ - WAE_ERROR_FILE = - 0x08, /**< failed to read or write a file*/ - WAE_ERROR_UNKNOWN = - 0x09 /** < Unknown error */ +typedef enum { + WAE_ERROR_NONE = 0x00, /**< Successful */ + WAE_ERROR_INVALID_PARAMETER = -0x01, /**< Invalid function parameter */ + WAE_ERROR_PERMISSION_DENIED = -0x02, /**< Permission denied */ + WAE_ERROR_NO_KEY = -0x03, /**< No key */ + WAE_ERROR_KEY_EXISTS = -0x04, /**< key already exists*/ + WAE_ERROR_KEY_MANAGER = -0x05, /**< key-manager internal error */ + WAE_ERROR_CRYPTO = -0x06, /**< failed in crypto operation */ + WAE_ERROR_MEMORY = -0x07, /**< failed to allocate memory */ + WAE_ERROR_FILE = -0x08, /**< failed to read or write a file*/ + WAE_ERROR_UNKNOWN = -0x09 /** < Unknown error */ } wae_error_e; /** * @brief Application Type. * @since_tizen 3.0 */ -typedef enum -{ - WAE_DOWNLOADED_NORMAL_APP = 0, /**< Downloaded Normal Application*/ - WAE_DOWNLOADED_GLOBAL_APP = 1, /**< Downloaded Global Application*/ - WAE_PRELOADED_APP = 2 /**< Preloaded Application*/ +typedef enum { + WAE_DOWNLOADED_NORMAL_APP = 0, /**< Downloaded Normal Application*/ + WAE_DOWNLOADED_GLOBAL_APP = 1, /**< Downloaded Global Application*/ + WAE_PRELOADED_APP = 2 /**< Preloaded Application*/ } wae_app_type_e; /** @@ -81,7 +79,7 @@ typedef enum * * @see wae_decrypt_web_application() */ -int wae_encrypt_web_application(const char* pPkgId, wae_app_type_e appType, const unsigned char* pData, size_t dataLen, unsigned char** ppEncryptedData, size_t* pEncDataLen); +int wae_encrypt_web_application(const char *pPkgId, wae_app_type_e appType, const unsigned char *pData, size_t dataLen, unsigned char **ppEncryptedData, size_t *pEncDataLen); /** * @brief Encrypts web application data with internal key. @@ -104,7 +102,7 @@ int wae_encrypt_web_application(const char* pPkgId, wae_app_type_e appType, cons * * @see wae_encrypt_web_application() */ -int wae_decrypt_web_application(const char* pPkgId, wae_app_type_e appType, const unsigned char* pData, size_t dataLen, unsigned char** ppDecryptedData, size_t* pDecDataLen); +int wae_decrypt_web_application(const char *pPkgId, wae_app_type_e appType, const unsigned char *pData, size_t dataLen, unsigned char **ppDecryptedData, size_t *pDecDataLen); /** * @brief Remove a APP DEK(Application Data Encryption Key) used for encrytpion and decryption of a web application. @@ -121,8 +119,7 @@ int wae_decrypt_web_application(const char* pPkgId, wae_app_type_e appType, cons * @retval #WAE_ERROR_UNKNOWN Failed with unknown reason * */ -int wae_remove_app_dek(const char* pPkgId, wae_app_type_e appType); - +int wae_remove_app_dek(const char *pPkgId, wae_app_type_e appType); /** * @} @@ -133,4 +130,3 @@ int wae_remove_app_dek(const char* pPkgId, wae_app_type_e appType); #endif #endif /* __WEB_APP_ENC__ */ - diff --git a/srcs/crypto_service.c b/srcs/crypto_service.c index 1c52cc5..7d90190 100644 --- a/srcs/crypto_service.c +++ b/srcs/crypto_service.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -36,336 +36,358 @@ #define AES_256_KEY_SIZE 32 -static unsigned char AES_CBC_IV[16] = { 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, - 0x08, 0x39, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F}; +static unsigned char AES_CBC_IV[16] = { + 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, + 0x08, 0x39, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F +}; static bool __initialized = false; void _initialize() { - if(!__initialized) { - ERR_load_crypto_strings(); - OpenSSL_add_all_algorithms(); - __initialized = true; - } + if (!__initialized) { + ERR_load_crypto_strings(); + OpenSSL_add_all_algorithms(); + __initialized = true; + } } - - -int encrypt_app_dek(const unsigned char* rsaPublicKey, size_t pubKeyLen, - const unsigned char* dek, size_t dekLen, - unsigned char** encryptedDek, size_t* encryptedDekLen) +int encrypt_app_dek(const unsigned char *rsaPublicKey, size_t pubKeyLen, + const unsigned char *dek, size_t dekLen, + unsigned char **encryptedDek, size_t *encryptedDekLen) { - int ret = WAE_ERROR_NONE; - EVP_PKEY *pKey = NULL; - BIO* bio = NULL; - EVP_PKEY_CTX *ctx = NULL; - unsigned char* out = NULL; - size_t outLen = 0; - - _initialize(); - - bio = BIO_new(BIO_s_mem()); - BIO_write(bio, rsaPublicKey, pubKeyLen); - pKey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); - - if(pKey == NULL){ - BIO_reset(bio); - BIO_write(bio, rsaPublicKey, pubKeyLen); - pKey = d2i_PUBKEY_bio(bio, NULL); - } - - if(pKey == NULL) { - ret = WAE_ERROR_FILE; - WAE_SLOGE("Failt to convert to public key."); - goto error; - } - - ctx = EVP_PKEY_CTX_new(pKey, NULL); - if(ctx == NULL) { - WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_CTX_new failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - if (EVP_PKEY_encrypt_init(ctx) <= 0) { - WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt_init failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) { - WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_CTX_set_rsa_padding failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - /* Determine buffer length */ - if (EVP_PKEY_encrypt(ctx, NULL, &outLen, dek, dekLen) <= 0) { - WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - out = OPENSSL_malloc(outLen); - if(out == NULL) { - WAE_SLOGE("Encrypt APP DEK Failed. OPENSSL_malloc failed"); - ret = WAE_ERROR_MEMORY; - goto error; - } - - if (EVP_PKEY_encrypt(ctx, out, &outLen, dek, dekLen) <= 0) { - WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - *encryptedDek = out; - *encryptedDekLen = outLen; + int ret = WAE_ERROR_NONE; + EVP_PKEY *pKey = NULL; + BIO *bio = NULL; + EVP_PKEY_CTX *ctx = NULL; + unsigned char *out = NULL; + size_t outLen = 0; + + _initialize(); + + bio = BIO_new(BIO_s_mem()); + BIO_write(bio, rsaPublicKey, pubKeyLen); + pKey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL); + + if (pKey == NULL) { + BIO_reset(bio); + BIO_write(bio, rsaPublicKey, pubKeyLen); + pKey = d2i_PUBKEY_bio(bio, NULL); + } + + if (pKey == NULL) { + ret = WAE_ERROR_FILE; + WAE_SLOGE("Failt to convert to public key."); + goto error; + } + + ctx = EVP_PKEY_CTX_new(pKey, NULL); + + if (ctx == NULL) { + WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_CTX_new failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + if (EVP_PKEY_encrypt_init(ctx) <= 0) { + WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt_init failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) { + WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_CTX_set_rsa_padding failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + /* Determine buffer length */ + if (EVP_PKEY_encrypt(ctx, NULL, &outLen, dek, dekLen) <= 0) { + WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + out = OPENSSL_malloc(outLen); + + if (out == NULL) { + WAE_SLOGE("Encrypt APP DEK Failed. OPENSSL_malloc failed"); + ret = WAE_ERROR_MEMORY; + goto error; + } + + if (EVP_PKEY_encrypt(ctx, out, &outLen, dek, dekLen) <= 0) { + WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_encrypt failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + *encryptedDek = out; + *encryptedDekLen = outLen; error: - if(bio != NULL) - BIO_free(bio); - if(pKey != NULL) - EVP_PKEY_free(pKey); - if(ctx != NULL) - EVP_PKEY_CTX_free(ctx); - if(ret != WAE_ERROR_NONE && out != NULL) - OPENSSL_free(out); - - return ret; + if (bio != NULL) + BIO_free(bio); + + if (pKey != NULL) + EVP_PKEY_free(pKey); + + if (ctx != NULL) + EVP_PKEY_CTX_free(ctx); + + if (ret != WAE_ERROR_NONE && out != NULL) + OPENSSL_free(out); + + return ret; } -int decrypt_app_dek(const unsigned char* rsaPrivateKey, size_t priKeyLen, - const char* priKeyPassword, - const unsigned char* encryptedDek, size_t dencryptedDekLen, - unsigned char** decryptedDek, size_t* decryptedDekLen) +int decrypt_app_dek(const unsigned char *rsaPrivateKey, size_t priKeyLen, + const char *priKeyPassword, + const unsigned char *encryptedDek, size_t dencryptedDekLen, + unsigned char **decryptedDek, size_t *decryptedDekLen) { - int ret = WAE_ERROR_NONE; - EVP_PKEY *pKey = NULL; - BIO* bio = NULL; - EVP_PKEY_CTX *ctx = NULL; - unsigned char* out = NULL; - size_t outLen = 0; - - _initialize(); - - bio = BIO_new(BIO_s_mem()); - BIO_write(bio, rsaPrivateKey, priKeyLen); - pKey = PEM_read_bio_PrivateKey(bio, NULL, NULL, (void *)priKeyPassword); - - if(pKey == NULL) { - BIO_reset(bio); - BIO_write(bio, rsaPrivateKey, priKeyLen); - pKey = d2i_PrivateKey_bio(bio, NULL); - } - - if(pKey == NULL) { - ret = WAE_ERROR_FILE; - WAE_SLOGE("Failt to convert to public key."); - goto error; - } - - ctx = EVP_PKEY_CTX_new(pKey, NULL); - if(ctx == NULL) { - WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_CTX_new failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - if (EVP_PKEY_decrypt_init(ctx) <= 0) { - WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_decrypt_init failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) { - WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_CTX_set_rsa_padding failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - /* Determine buffer length */ - if (EVP_PKEY_decrypt(ctx, NULL, &outLen, encryptedDek, dencryptedDekLen) <= 0) { - WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_decrypt failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - out = OPENSSL_malloc(outLen); - if(out == NULL) { - WAE_SLOGE("Decrypt APP DEK Failed. OPENSSL_malloc failed"); - ret = WAE_ERROR_MEMORY; - goto error; - } - - if (EVP_PKEY_decrypt(ctx, out, &outLen, encryptedDek, dencryptedDekLen) <= 0) { - WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_decrypt failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - *decryptedDek = out; - *decryptedDekLen = outLen; + int ret = WAE_ERROR_NONE; + EVP_PKEY *pKey = NULL; + BIO *bio = NULL; + EVP_PKEY_CTX *ctx = NULL; + unsigned char *out = NULL; + size_t outLen = 0; + + _initialize(); + + bio = BIO_new(BIO_s_mem()); + BIO_write(bio, rsaPrivateKey, priKeyLen); + pKey = PEM_read_bio_PrivateKey(bio, NULL, NULL, (void *)priKeyPassword); + + if (pKey == NULL) { + BIO_reset(bio); + BIO_write(bio, rsaPrivateKey, priKeyLen); + pKey = d2i_PrivateKey_bio(bio, NULL); + } + + if (pKey == NULL) { + ret = WAE_ERROR_FILE; + WAE_SLOGE("Failt to convert to public key."); + goto error; + } + + ctx = EVP_PKEY_CTX_new(pKey, NULL); + + if (ctx == NULL) { + WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_CTX_new failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + if (EVP_PKEY_decrypt_init(ctx) <= 0) { + WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_decrypt_init failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) { + WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_CTX_set_rsa_padding failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + /* Determine buffer length */ + if (EVP_PKEY_decrypt(ctx, NULL, &outLen, encryptedDek, dencryptedDekLen) <= 0) { + WAE_SLOGE("Decrypt APP DEK Failed. EVP_PKEY_decrypt failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + out = OPENSSL_malloc(outLen); + + if (out == NULL) { + WAE_SLOGE("Decrypt APP DEK Failed. OPENSSL_malloc failed"); + ret = WAE_ERROR_MEMORY; + goto error; + } + + if (EVP_PKEY_decrypt(ctx, out, &outLen, encryptedDek, dencryptedDekLen) <= 0) { + WAE_SLOGE("Encrypt APP DEK Failed. EVP_PKEY_decrypt failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + *decryptedDek = out; + *decryptedDekLen = outLen; error: - if(bio != NULL) - BIO_free(bio); - if(pKey != NULL) - EVP_PKEY_free(pKey); - if(ctx != NULL) - EVP_PKEY_CTX_free(ctx); - if(ret != WAE_ERROR_NONE && out != NULL) - OPENSSL_free(out); - - return ret; + if (bio != NULL) + BIO_free(bio); + + if (pKey != NULL) + EVP_PKEY_free(pKey); + + if (ctx != NULL) + EVP_PKEY_CTX_free(ctx); + + if (ret != WAE_ERROR_NONE && out != NULL) + OPENSSL_free(out); + + return ret; } -int encrypt_aes_cbc(const unsigned char* pKey, size_t keyLen, - const unsigned char* pData, size_t dataLen, - unsigned char** ppEncryptedData, size_t* pEncDataLen) +int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, + const unsigned char *pData, size_t dataLen, + unsigned char **ppEncryptedData, size_t *pEncDataLen) { - EVP_CIPHER_CTX *ctx; - int len; - unsigned char *ciphertext = NULL; - size_t ciphertext_len; - unsigned char *iv = AES_CBC_IV; - int ret = WAE_ERROR_NONE; - - _initialize(); - - WAE_SLOGI("Encryption Started. size=%d", dataLen); - /* check input paramter */ - if( keyLen != 32 ) { - WAE_SLOGE("Encryption Failed. Invalid Key Length. keyLen=%d", keyLen); - return WAE_ERROR_INVALID_PARAMETER; - } - - // assing a enough memory for decryption. - ciphertext = (unsigned char*) malloc(dataLen + 32); - - /* Create and initialise the context */ - if(!(ctx = EVP_CIPHER_CTX_new())) { - WAE_SLOGE("Encryption Failed. EVP_CIPHER_CTX_new failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - /* Initialise the encryption operation. IMPORTANT - ensure you use a key - * and IV size appropriate for your cipher - * In this example we are using 256 bit AES (i.e. a 256 bit key). The - * IV size for *most* modes is the same as the block size. For AES this - * is 128 bits */ - if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, pKey, iv)) { - WAE_SLOGE("Encryption Failed. EVP_EncryptInit_ex failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - /* Provide the message to be encrypted, and obtain the encrypted output. - * EVP_EncryptUpdate can be called multiple times if necessary - */ - if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, pData, dataLen)) { - WAE_SLOGE("Encryption Failed. EVP_EncryptUpdate failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - ciphertext_len = len; - - /* Finalise the encryption. Further ciphertext bytes may be written at - * this stage. - */ - if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) { - WAE_SLOGE("Encryption Failed. EVP_EncryptFinal_ex failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - ciphertext_len += len; - - *ppEncryptedData = ciphertext; - *pEncDataLen = ciphertext_len; - - ret = WAE_ERROR_NONE; - WAE_SLOGI("Encryption Ended Successfully. encrypted_len", ciphertext_len); + EVP_CIPHER_CTX *ctx; + int len; + unsigned char *ciphertext = NULL; + size_t ciphertext_len; + unsigned char *iv = AES_CBC_IV; + int ret = WAE_ERROR_NONE; + + _initialize(); + + WAE_SLOGI("Encryption Started. size=%d", dataLen); + + /* check input paramter */ + if (keyLen != 32) { + WAE_SLOGE("Encryption Failed. Invalid Key Length. keyLen=%d", keyLen); + return WAE_ERROR_INVALID_PARAMETER; + } + + // assing a enough memory for decryption. + ciphertext = (unsigned char *) malloc(dataLen + 32); + + /* Create and initialise the context */ + if (!(ctx = EVP_CIPHER_CTX_new())) { + WAE_SLOGE("Encryption Failed. EVP_CIPHER_CTX_new failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + /* Initialise the encryption operation. IMPORTANT - ensure you use a key + * and IV size appropriate for your cipher + * In this example we are using 256 bit AES (i.e. a 256 bit key). The + * IV size for *most* modes is the same as the block size. For AES this + * is 128 bits */ + if (1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, pKey, iv)) { + WAE_SLOGE("Encryption Failed. EVP_EncryptInit_ex failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + /* Provide the message to be encrypted, and obtain the encrypted output. + * EVP_EncryptUpdate can be called multiple times if necessary + */ + if (1 != EVP_EncryptUpdate(ctx, ciphertext, &len, pData, dataLen)) { + WAE_SLOGE("Encryption Failed. EVP_EncryptUpdate failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + ciphertext_len = len; + + /* Finalise the encryption. Further ciphertext bytes may be written at + * this stage. + */ + if (1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) { + WAE_SLOGE("Encryption Failed. EVP_EncryptFinal_ex failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + ciphertext_len += len; + + *ppEncryptedData = ciphertext; + *pEncDataLen = ciphertext_len; + + ret = WAE_ERROR_NONE; + WAE_SLOGI("Encryption Ended Successfully. encrypted_len", ciphertext_len); + error: - if(ctx != NULL) - EVP_CIPHER_CTX_free(ctx); - if(ret != WAE_ERROR_NONE && ciphertext != NULL) - free(ciphertext); - return ret; + if (ctx != NULL) + EVP_CIPHER_CTX_free(ctx); + + if (ret != WAE_ERROR_NONE && ciphertext != NULL) + free(ciphertext); + + return ret; } -int decrypt_aes_cbc(const unsigned char* pKey, size_t keyLen, - const unsigned char* pData, size_t dataLen, - unsigned char** ppDecryptedData, size_t* pDecDataLen) +int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, + const unsigned char *pData, size_t dataLen, + unsigned char **ppDecryptedData, size_t *pDecDataLen) { - EVP_CIPHER_CTX *ctx; - int len; - unsigned char* plaintext = NULL; - size_t plaintext_len; - unsigned char *iv = AES_CBC_IV; - int ret = WAE_ERROR_NONE; - - _initialize(); - - WAE_SLOGI("Decryption Started. size=%d", dataLen); - - /* check input paramter */ - if( keyLen != 32 ) { - WAE_SLOGE("Decryption Failed. Invalid Key Length. keyLen=%d", keyLen); - return WAE_ERROR_INVALID_PARAMETER; - } - - // assing a enough memory for decryption. - plaintext = (unsigned char*) malloc(dataLen); - - /* Create and initialise the context */ - if(!(ctx = EVP_CIPHER_CTX_new())) { - WAE_SLOGE("Decryption Failed. EVP_CIPHER_CTX_new failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - /* Initialise the decryption operation. IMPORTANT - ensure you use a key - * and IV size appropriate for your cipher - * In this example we are using 256 bit AES (i.e. a 256 bit key). The - * IV size for *most* modes is the same as the block size. For AES this - * is 128 bits */ - if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, pKey, iv)) { - WAE_SLOGE("Decryption Failed. EVP_DecryptInit_ex failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - /* Provide the message to be decrypted, and obtain the plaintext output. - * EVP_DecryptUpdate can be called multiple times if necessary - */ - if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, pData, dataLen)) { - WAE_SLOGE("Decryption Failed. EVP_DecryptUpdate failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - plaintext_len = len; - - /* Finalise the decryption. Further plaintext bytes may be written at - * this stage. - */ - if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) { - WAE_SLOGE("Decryption Failed. EVP_DecryptFinal_ex failed"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - plaintext_len += len; - - *ppDecryptedData = plaintext; - *pDecDataLen = plaintext_len; - - ret = WAE_ERROR_NONE; - WAE_SLOGI("Decryption Ended Successfully. decrypted_len", plaintext_len); + EVP_CIPHER_CTX *ctx; + int len; + unsigned char *plaintext = NULL; + size_t plaintext_len; + unsigned char *iv = AES_CBC_IV; + int ret = WAE_ERROR_NONE; + + _initialize(); + + WAE_SLOGI("Decryption Started. size=%d", dataLen); + + /* check input paramter */ + if (keyLen != 32) { + WAE_SLOGE("Decryption Failed. Invalid Key Length. keyLen=%d", keyLen); + return WAE_ERROR_INVALID_PARAMETER; + } + + // assing a enough memory for decryption. + plaintext = (unsigned char *) malloc(dataLen); + + /* Create and initialise the context */ + if (!(ctx = EVP_CIPHER_CTX_new())) { + WAE_SLOGE("Decryption Failed. EVP_CIPHER_CTX_new failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + /* Initialise the decryption operation. IMPORTANT - ensure you use a key + * and IV size appropriate for your cipher + * In this example we are using 256 bit AES (i.e. a 256 bit key). The + * IV size for *most* modes is the same as the block size. For AES this + * is 128 bits */ + if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, pKey, iv)) { + WAE_SLOGE("Decryption Failed. EVP_DecryptInit_ex failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + /* Provide the message to be decrypted, and obtain the plaintext output. + * EVP_DecryptUpdate can be called multiple times if necessary + */ + if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, pData, dataLen)) { + WAE_SLOGE("Decryption Failed. EVP_DecryptUpdate failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + plaintext_len = len; + + /* Finalise the decryption. Further plaintext bytes may be written at + * this stage. + */ + if (1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) { + WAE_SLOGE("Decryption Failed. EVP_DecryptFinal_ex failed"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + plaintext_len += len; + + *ppDecryptedData = plaintext; + *pDecDataLen = plaintext_len; + + ret = WAE_ERROR_NONE; + WAE_SLOGI("Decryption Ended Successfully. decrypted_len", plaintext_len); + error: - if(ctx != NULL) - EVP_CIPHER_CTX_free(ctx); - if(ret != WAE_ERROR_NONE && plaintext != NULL) - free(plaintext); - return ret; -} + if (ctx != NULL) + EVP_CIPHER_CTX_free(ctx); + if (ret != WAE_ERROR_NONE && plaintext != NULL) + free(plaintext); + + return ret; +} diff --git a/srcs/crypto_service.h b/srcs/crypto_service.h index fcdb0fe..61f4d0b 100644 --- a/srcs/crypto_service.h +++ b/srcs/crypto_service.h @@ -19,8 +19,8 @@ * @version 1.0 * @brief provides encryption and decription operations. */ -#ifndef __TIZEN_CORE_WAE_CRYPTO_SERVICE_H -#define __TIZEN_CORE_WAE_CRYPTO_SERVICE_H +#ifndef __WAE_CRYPTO_SERVICE_H +#define __WAE_CRYPTO_SERVICE_H #ifdef __cplusplus extern "C" { @@ -28,26 +28,26 @@ extern "C" { #include <stddef.h> -int encrypt_app_dek(const unsigned char* rsaPublicKey, size_t pubKeyLen, - const unsigned char* dek, size_t dekLen, - unsigned char** encryptedDek, size_t* encryptedDekLen); +int encrypt_app_dek(const unsigned char *rsaPublicKey, size_t pubKeyLen, + const unsigned char *dek, size_t dekLen, + unsigned char **encryptedDek, size_t *encryptedDekLen); -int decrypt_app_dek(const unsigned char* rsaPrivateKey, size_t priKeyLen, - const char* priKeyPassword, - const unsigned char* encryptedDek, size_t dencryptedDekLen, - unsigned char** decryptedDek, size_t* decryptedDekLen); +int decrypt_app_dek(const unsigned char *rsaPrivateKey, size_t priKeyLen, + const char *priKeyPassword, + const unsigned char *encryptedDek, size_t dencryptedDekLen, + unsigned char **decryptedDek, size_t *decryptedDekLen); -int encrypt_aes_cbc(const unsigned char* pKey, size_t keyLen, - const unsigned char* pData, size_t dataLen, - unsigned char** ppEncryptedData, size_t* pEncDataLen); +int encrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, + const unsigned char *pData, size_t dataLen, + unsigned char **ppEncryptedData, size_t *pEncDataLen); -int decrypt_aes_cbc(const unsigned char* pKey, size_t keyLen, - const unsigned char* pData, size_t dataLen, - unsigned char** ppDecryptedData, size_t* pDecDataLen); +int decrypt_aes_cbc(const unsigned char *pKey, size_t keyLen, + const unsigned char *pData, size_t dataLen, + unsigned char **ppDecryptedData, size_t *pDecDataLen); #ifdef __cplusplus } #endif -#endif /* __TIZEN_CORE_WAE_CRYPTO_SERVICE_H */ +#endif /* __WAE_CRYPTO_SERVICE_H */ diff --git a/srcs/key_handler.c b/srcs/key_handler.c index bf98c5d..929d282 100644 --- a/srcs/key_handler.c +++ b/srcs/key_handler.c @@ -47,9 +47,9 @@ #define MAX_PKGID_LEN 256 #define MAX_CACHE_SIZE 100 -typedef struct _dek_cache_element{ - char pkgId[MAX_PKGID_LEN]; - unsigned char dek[DEK_LEN]; +typedef struct _dek_cache_element { + char pkgId[MAX_PKGID_LEN]; + unsigned char dek[DEK_LEN]; } dek_cache_element; dek_cache_element APP_DEK_CACHE[MAX_CACHE_SIZE]; @@ -57,734 +57,762 @@ int NEXT_CACHE_IDX = -1; void _initialize_cache() { - NEXT_CACHE_IDX = 0; - memset(APP_DEK_CACHE, 0, sizeof(dek_cache_element)*MAX_CACHE_SIZE); + NEXT_CACHE_IDX = 0; + memset(APP_DEK_CACHE, 0, sizeof(dek_cache_element)*MAX_CACHE_SIZE); } -unsigned char* _get_app_dek_from_cache(const char* pkgId) +unsigned char *_get_app_dek_from_cache(const char *pkgId) { - int i = 0; - - if(NEXT_CACHE_IDX < 0) - _initialize_cache(); - - for(i =0; i<MAX_CACHE_SIZE; i++) { - //WAE_SLOGI("CACHED APP_DEK[%d]=%s", i, APP_DEK_CACHE[i].pkgId); - if( strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) && - strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) { - return APP_DEK_CACHE[i].dek; - } - } - return NULL; + if (NEXT_CACHE_IDX < 0) + _initialize_cache(); + + for (int i = 0; i < MAX_CACHE_SIZE; i++) { + //WAE_SLOGI("CACHED APP_DEK[%d]=%s", i, APP_DEK_CACHE[i].pkgId); + if (strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) && + strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) { + return APP_DEK_CACHE[i].dek; + } + } + + return NULL; } -void _add_app_dek_to_cache(const char* pkgId, unsigned char* dek) +void _add_app_dek_to_cache(const char *pkgId, unsigned char *dek) { - int i = 0; - - if(NEXT_CACHE_IDX < 0) - _initialize_cache(); - - // if existing one has the same pkgid - for(i =0; i<MAX_CACHE_SIZE; i++) { - if( strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) && - strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) { - memcpy(APP_DEK_CACHE[i].dek, dek, DEK_LEN); - return; - } - } - - // for new pkgid - strncpy(APP_DEK_CACHE[NEXT_CACHE_IDX].pkgId, pkgId, strlen(pkgId)); - memcpy(APP_DEK_CACHE[NEXT_CACHE_IDX].dek, dek, DEK_LEN); - - NEXT_CACHE_IDX++; - if(NEXT_CACHE_IDX >= MAX_CACHE_SIZE) - NEXT_CACHE_IDX = 0; + if (NEXT_CACHE_IDX < 0) + _initialize_cache(); + + // if existing one has the same pkgid + for (int i = 0; i < MAX_CACHE_SIZE; i++) { + if (strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) && + strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) { + memcpy(APP_DEK_CACHE[i].dek, dek, DEK_LEN); + return; + } + } + + // for new pkgid + strncpy(APP_DEK_CACHE[NEXT_CACHE_IDX].pkgId, pkgId, strlen(pkgId)); + memcpy(APP_DEK_CACHE[NEXT_CACHE_IDX].dek, dek, DEK_LEN); + + NEXT_CACHE_IDX++; + + if (NEXT_CACHE_IDX >= MAX_CACHE_SIZE) + NEXT_CACHE_IDX = 0; } -void _remove_app_dek_from_cache(const char* pkgId) +void _remove_app_dek_from_cache(const char *pkgId) { - int i = 0; - - for(i =0; i<MAX_CACHE_SIZE; i++) { - if( strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) && - strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) { - memset(APP_DEK_CACHE[i].pkgId, 0, sizeof(APP_DEK_CACHE[i].pkgId)); - return; - } - } + for (int i = 0; i < MAX_CACHE_SIZE; i++) { + if (strlen(APP_DEK_CACHE[i].pkgId) == strlen(pkgId) && + strncmp(pkgId, APP_DEK_CACHE[i].pkgId, strlen(pkgId)) == 0) { + memset(APP_DEK_CACHE[i].pkgId, 0, sizeof(APP_DEK_CACHE[i].pkgId)); + return; + } + } } int _to_wae_error(int key_manager_error) { - switch(key_manager_error) { - case CKMC_ERROR_NONE: return WAE_ERROR_NONE; - case CKMC_ERROR_INVALID_PARAMETER: return WAE_ERROR_INVALID_PARAMETER; - case CKMC_ERROR_PERMISSION_DENIED: return WAE_ERROR_PERMISSION_DENIED; - case CKMC_ERROR_DB_ALIAS_UNKNOWN: return WAE_ERROR_NO_KEY; - case CKMC_ERROR_DB_ALIAS_EXISTS: return WAE_ERROR_KEY_EXISTS; - default: return WAE_ERROR_KEY_MANAGER; - } + switch (key_manager_error) { + case CKMC_ERROR_NONE: + return WAE_ERROR_NONE; + + case CKMC_ERROR_INVALID_PARAMETER: + return WAE_ERROR_INVALID_PARAMETER; + + case CKMC_ERROR_PERMISSION_DENIED: + return WAE_ERROR_PERMISSION_DENIED; + + case CKMC_ERROR_DB_ALIAS_UNKNOWN: + return WAE_ERROR_NO_KEY; + + case CKMC_ERROR_DB_ALIAS_EXISTS: + return WAE_ERROR_KEY_EXISTS; + + default: + return WAE_ERROR_KEY_MANAGER; + } } -int _get_random(size_t length, unsigned char* random) +int _get_random(size_t length, unsigned char *random) { - FILE* f = NULL; - size_t i = 0; - int ch = 0; - //read random file - if((f = fopen(RANDOM_FILE, "r")) != NULL){ - while( i < length){ - if((ch = fgetc(f)) == EOF){ - break; - } - random[i] = (unsigned char) ch; - i++; - } - } - if(f != NULL) - fclose(f); - return WAE_ERROR_NONE; + FILE *f = NULL; + size_t i = 0; + int ch = 0; + + //read random file + if ((f = fopen(RANDOM_FILE, "r")) != NULL) { + while (i < length) { + if ((ch = fgetc(f)) == EOF) { + break; + } + + random[i] = (unsigned char) ch; + i++; + } + } + + if (f != NULL) + fclose(f); + + return WAE_ERROR_NONE; } -void _get_alias(const char* pPkgId, wae_app_type_e appType, bool forSave, char* alias, size_t buff_len) +void _get_alias(const char *pPkgId, wae_app_type_e appType, bool forSave, char *alias, size_t buff_len) { - if(appType == WAE_DOWNLOADED_NORMAL_APP) { - if(forSave) { - snprintf(alias, buff_len, "%s%s", - APP_DEK_ALIAS_PFX, - pPkgId); - }else{ - snprintf(alias, buff_len, "%s%s%s%s", - WRT_INSTALLER_LABEL, - ckmc_owner_id_separator, - APP_DEK_ALIAS_PFX, - pPkgId); - } - }else { // system alias - (void) appType; - snprintf(alias, buff_len, "%s%s%s%s", - ckmc_owner_id_system, - ckmc_owner_id_separator, - APP_DEK_ALIAS_PFX, - pPkgId); - } + if (appType == WAE_DOWNLOADED_NORMAL_APP) { + if (forSave) { + snprintf(alias, buff_len, "%s%s", + APP_DEK_ALIAS_PFX, + pPkgId); + } else { + snprintf(alias, buff_len, "%s%s%s%s", + WRT_INSTALLER_LABEL, + ckmc_owner_id_separator, + APP_DEK_ALIAS_PFX, + pPkgId); + } + } else { // system alias + snprintf(alias, buff_len, "%s%s%s%s", + ckmc_owner_id_system, + ckmc_owner_id_separator, + APP_DEK_ALIAS_PFX, + pPkgId); + } } -void _get_dek_kek_alias(char* alias, size_t buff_len) +void _get_dek_kek_alias(char *alias, size_t buff_len) { - snprintf(alias, buff_len, "%s%s%s", - ckmc_owner_id_system, - ckmc_owner_id_separator, - APP_DEK_KEK_ALIAS); + snprintf(alias, buff_len, "%s%s%s", + ckmc_owner_id_system, + ckmc_owner_id_separator, + APP_DEK_KEK_ALIAS); } -void _get_dek_loading_done_alias(char* alias, size_t buff_len) +void _get_dek_loading_done_alias(char *alias, size_t buff_len) { - snprintf(alias, buff_len, "%s%s%s", - ckmc_owner_id_system, - ckmc_owner_id_separator, - APP_DEK_LOADING_DONE_ALIAS); + snprintf(alias, buff_len, "%s%s%s", + ckmc_owner_id_system, + ckmc_owner_id_separator, + APP_DEK_LOADING_DONE_ALIAS); } -const char* _get_dek_kek_pub_key_path() +const char *_get_dek_kek_pub_key_path() { - return tzplatform_mkpath4(TZ_SYS_SHARE, "wae", "app_dek", "WAE_APPDEK_KEK_PublicKey.pem"); + return tzplatform_mkpath4(TZ_SYS_SHARE, "wae", "app_dek", "WAE_APPDEK_KEK_PublicKey.pem"); } -const char* _get_dek_kek_pri_key_path() +const char *_get_dek_kek_pri_key_path() { - return tzplatform_mkpath4(TZ_SYS_SHARE, "wae", "app_dek", "WAE_APPDEK_KEK_PrivateKey.pem"); + return tzplatform_mkpath4(TZ_SYS_SHARE, "wae", "app_dek", "WAE_APPDEK_KEK_PrivateKey.pem"); } -const char* _get_dek_store_path() +const char *_get_dek_store_path() { - return tzplatform_mkpath3(TZ_SYS_SHARE, "wae", "app_dek"); + return tzplatform_mkpath3(TZ_SYS_SHARE, "wae", "app_dek"); } -int _add_dek_to_key_manager(const char* pPkgId, wae_app_type_e appType, const unsigned char* pDek, size_t len) +int _add_dek_to_key_manager(const char *pPkgId, wae_app_type_e appType, const unsigned char *pDek, size_t len) { - int ret = WAE_ERROR_NONE; - char alias[MAX_ALIAS_LEN] = {0,}; - ckmc_raw_buffer_s buff; - ckmc_policy_s policy; - - buff.data = (unsigned char *)pDek; - buff.size = len; - - policy.password = NULL; - policy.extractable = true; - - // save app_dek in key_manager - _get_alias(pPkgId, appType, true, alias, sizeof(alias)); - - // even if it fails to remove, ignore it. - ret = _to_wae_error( ckmc_remove_alias(alias)); - - ret = _to_wae_error(ckmc_save_data(alias, buff, policy)); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to add APP_DEK to key-manager. pkgId=%s, alias=%s, ret=%d", pPkgId, alias, ret); - goto error; - } - - // share app_dek for web app laucher to use app_dek - ret = _to_wae_error(ckmc_set_permission(alias, pPkgId, CKMC_PERMISSION_READ)); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to set_permission to APP_DEK. pkgId=%s, ret=%d", pPkgId, ret); - goto error; - } - WAE_SLOGI("WAE: Success to add APP_DEK to key-manager. pkgId=%s, alias=%s", pPkgId, alias); -error: - return ret; -} + int ret = WAE_ERROR_NONE; + char alias[MAX_ALIAS_LEN] = {0,}; + ckmc_raw_buffer_s buff; + ckmc_policy_s policy; + buff.data = (unsigned char *)pDek; + buff.size = len; -int _get_preloaded_app_dek_file_path(const char* pPkgId, size_t size, char *path) -{ - int ret = -1; + policy.password = NULL; + policy.extractable = true; + + // save app_dek in key_manager + _get_alias(pPkgId, appType, true, alias, sizeof(alias)); + + // even if it fails to remove, ignore it. + ret = _to_wae_error(ckmc_remove_alias(alias)); + + ret = _to_wae_error(ckmc_save_data(alias, buff, policy)); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("WAE: Fail to add APP_DEK to key-manager. pkgId=%s, alias=%s, ret=%d", pPkgId, alias, ret); + return ret; + } - ret = snprintf(path, size, "%s/%s_%s.adek", - _get_dek_store_path(), APP_DEK_FILE_PFX, pPkgId); + // share app_dek for web app laucher to use app_dek + ret = _to_wae_error(ckmc_set_permission(alias, pPkgId, CKMC_PERMISSION_READ)); - if (ret < 0) - return WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */ + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("WAE: Fail to set_permission to APP_DEK. pkgId=%s, ret=%d", pPkgId, ret); + return ret; + } - return WAE_ERROR_NONE; + WAE_SLOGI("WAE: Success to add APP_DEK to key-manager. pkgId=%s, alias=%s", pPkgId, alias); + + return ret; } -int _extract_pkg_id_from_file_name(const char* fileName, char* pkgId) +int _get_preloaded_app_dek_file_path(const char *pPkgId, size_t size, char *path) { - char* start = strstr(fileName, APP_DEK_FILE_PFX); - if(start == NULL){ - WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. fileName=%s", fileName); - return WAE_ERROR_FILE; - } - start = start + strlen(APP_DEK_FILE_PFX) + 1; - char* end = strstr(fileName, ".adek"); - if(start == NULL){ - WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. fileName=%s", fileName); - return WAE_ERROR_FILE; - } - strncpy(pkgId, start, end-start); - pkgId[end-start] = 0;//terminate string - return WAE_ERROR_NONE; + int ret = snprintf(path, size, "%s/%s_%s.adek", + _get_dek_store_path(), APP_DEK_FILE_PFX, pPkgId); + + if (ret < 0) + return WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */ + + return WAE_ERROR_NONE; } -int _read_encrypted_app_dek_from_file(const char* pPkgId, unsigned char** encrypted_app_dek, size_t *len) +int _extract_pkg_id_from_file_name(const char *fileName, char *pkgId) { - char path[MAX_PATH_LEN] = {0,}; - _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path); - return _read_from_file(path, encrypted_app_dek, len); + char *start = strstr(fileName, APP_DEK_FILE_PFX); + + if (start == NULL) { + WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. fileName=%s", fileName); + return WAE_ERROR_FILE; + } + + start = start + strlen(APP_DEK_FILE_PFX) + 1; + char *end = strstr(fileName, ".adek"); + + if (start == NULL) { + WAE_SLOGE("WAE: Fail to extract pkgid from APP_DEK file. fileName=%s", fileName); + return WAE_ERROR_FILE; + } + + strncpy(pkgId, start, end - start); + pkgId[end - start] = 0; //terminate string + + return WAE_ERROR_NONE; +} + +int _read_encrypted_app_dek_from_file(const char *pPkgId, unsigned char **encrypted_app_dek, size_t *len) +{ + char path[MAX_PATH_LEN] = {0,}; + _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path); + return _read_from_file(path, encrypted_app_dek, len); } -int _write_encrypted_app_dek_to_file(const char* pPkgId, const unsigned char* encrypted_app_dek, size_t len) +int _write_encrypted_app_dek_to_file(const char *pPkgId, const unsigned char *encrypted_app_dek, size_t len) { - char path[MAX_PATH_LEN] = {0,}; - _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path); - return _write_to_file( path, encrypted_app_dek, len); + char path[MAX_PATH_LEN] = {0,}; + _get_preloaded_app_dek_file_path(pPkgId, sizeof(path), path); + return _write_to_file(path, encrypted_app_dek, len); } -int _read_from_file(const char* path, unsigned char** data, size_t* len) +int _read_from_file(const char *path, unsigned char **data, size_t *len) { - int ret = WAE_ERROR_NONE; - FILE* f = NULL; - int file_len = -1; - unsigned char* file_contents = NULL; - int ch = 0; - int i = 0; - - f = fopen(path, "r"); - if( f == NULL) { - WAE_SLOGE("WAE: Fail to open a file. file=%s", path); - ret = WAE_ERROR_FILE; - goto error; - } - - fseek(f, 0, SEEK_END); // move to the end of a file - file_len = ftell(f); - if (file_len <= 0) { - WAE_SLOGE("WAE: Failed to get file size by ftell. ret: %d", file_len); - ret = WAE_ERROR_FILE; - goto error; - } - - fseek(f, 0, SEEK_SET); // move to the start of a file - - file_contents = (unsigned char*) malloc(file_len); - if(file_contents == NULL) { - WAE_SLOGE("WAE: Fail to allocate memory for encrypted_app_dek"); - ret = WAE_ERROR_MEMORY; - goto error; - } - memset(file_contents, 0x00, file_len); - - while( (ch = fgetc(f)) != EOF) { - file_contents[i++]=(char)ch; - } - - *data = file_contents; - *len = file_len; + int ret = WAE_ERROR_NONE; + int file_len = -1; + unsigned char *file_contents = NULL; + int ch = 0; + int i = 0; + + FILE *f = fopen(path, "r"); + + if (f == NULL) { + WAE_SLOGE("WAE: Fail to open a file. file=%s", path); + return WAE_ERROR_FILE; + } + + fseek(f, 0, SEEK_END); // move to the end of a file + file_len = ftell(f); + + if (file_len <= 0) { + WAE_SLOGE("WAE: Failed to get file size by ftell. ret: %d", file_len); + ret = WAE_ERROR_FILE; + goto error; + } + + fseek(f, 0, SEEK_SET); // move to the start of a file + + file_contents = (unsigned char *) malloc(file_len); + + if (file_contents == NULL) { + WAE_SLOGE("WAE: Fail to allocate memory for encrypted_app_dek"); + ret = WAE_ERROR_MEMORY; + goto error; + } + + memset(file_contents, 0x00, file_len); + + while ((ch = fgetc(f)) != EOF) { + file_contents[i++] = (char)ch; + } + + *data = file_contents; + *len = file_len; error: - if(f != NULL) - fclose(f); - if(ret != WAE_ERROR_NONE && file_contents != NULL) - free(file_contents); + if (f != NULL) + fclose(f); + + if (ret != WAE_ERROR_NONE && file_contents != NULL) + free(file_contents); - return ret; + return ret; } -int _write_to_file(const char* path, const unsigned char* data, size_t len) +int _write_to_file(const char *path, const unsigned char *data, size_t len) { - int ret = WAE_ERROR_NONE; - - FILE* f = NULL; - int write_len = -1; - - f = fopen(path, "w"); - if( f == NULL) { - WAE_SLOGE("WAE: Fail to open a file. file=%s", path); - ret = WAE_ERROR_FILE; - goto error; - } - - write_len = fwrite(data, 1, len, f); - if(write_len != (int) len) { - WAE_SLOGE("WAE: Fail to write a file. file=%s", path); - ret = WAE_ERROR_FILE; - goto error; - } + int ret = WAE_ERROR_NONE; + + int write_len = -1; + + FILE *f = fopen(path, "w"); + + if (f == NULL) { + WAE_SLOGE("WAE: Fail to open a file. file=%s", path); + return WAE_ERROR_FILE; + } + + write_len = fwrite(data, 1, len, f); + + if (write_len != (int) len) { + WAE_SLOGE("WAE: Fail to write a file. file=%s", path); + ret = WAE_ERROR_FILE; + goto error; + } + error: - if(f != NULL) - fclose(f); + if (f != NULL) + fclose(f); - return ret; + return ret; } -int get_app_dek(const char* pPkgId, wae_app_type_e appType, unsigned char** ppDek, size_t* dekLen) +int get_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen) { - int ret = WAE_ERROR_NONE; - - char* password = NULL; - ckmc_raw_buffer_s *pDekBuffer = NULL; - char alias[MAX_ALIAS_LEN] = {0,}; - unsigned char* pDek = NULL; - unsigned char* cached_dek = NULL; - - // get dek from cache - cached_dek = _get_app_dek_from_cache(pPkgId); - if(cached_dek == NULL) { - // get APP_DEK from system database - _get_alias(pPkgId, appType, false, alias, sizeof(alias)); - - ret = _to_wae_error(ckmc_get_data(alias, password, &pDekBuffer)); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGI("WAE: Fail to get APP_DEK from key-manager. pkgId=%s, alias=%s, ret=%d", - pPkgId, alias, ret); - goto error; - } - } - - pDek = (unsigned char*) malloc(DEK_LEN); - if(pDek == NULL) { - WAE_SLOGE("Fail to allocate a memory"); - ret = WAE_ERROR_MEMORY; - goto error; - } - memcpy(pDek, (cached_dek != NULL) ? cached_dek : pDekBuffer->data, DEK_LEN); - - *ppDek = pDek; - *dekLen = DEK_LEN; - WAE_SLOGI("WAE: Success to get APP_DEK from key-manager. pkgId=%s, alias=%s", pPkgId, alias); + int ret = WAE_ERROR_NONE; + + char *password = NULL; + ckmc_raw_buffer_s *pDekBuffer = NULL; + char alias[MAX_ALIAS_LEN] = {0,}; + unsigned char *pDek = NULL; + + unsigned char *cached_dek = _get_app_dek_from_cache(pPkgId); + + if (cached_dek == NULL) { + // get APP_DEK from system database + _get_alias(pPkgId, appType, false, alias, sizeof(alias)); + + ret = _to_wae_error(ckmc_get_data(alias, password, &pDekBuffer)); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGI("WAE: Fail to get APP_DEK from key-manager. pkgId=%s, alias=%s, ret=%d", + pPkgId, alias, ret); + goto error; + } + } + + pDek = (unsigned char *) malloc(DEK_LEN); + + if (pDek == NULL) { + WAE_SLOGE("Fail to allocate a memory"); + ret = WAE_ERROR_MEMORY; + goto error; + } + + memcpy(pDek, (cached_dek != NULL) ? cached_dek : pDekBuffer->data, DEK_LEN); + + *ppDek = pDek; + *dekLen = DEK_LEN; + WAE_SLOGI("WAE: Success to get APP_DEK from key-manager. pkgId=%s, alias=%s", pPkgId, alias); + error: - if(pDekBuffer != NULL) - ckmc_buffer_free(pDekBuffer); - if(ret != WAE_ERROR_NONE && pDek != NULL) - free(pDek); + if (pDekBuffer != NULL) + ckmc_buffer_free(pDekBuffer); + + if (ret != WAE_ERROR_NONE && pDek != NULL) + free(pDek); - return ret; + return ret; } -int create_app_dek(const char* pPkgId, wae_app_type_e appType, unsigned char** ppDek, size_t* dekLen) +int create_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen) { - int ret = WAE_ERROR_NONE; - unsigned char *dek= NULL; - - dek = (unsigned char*) malloc(DEK_LEN); - if(dek == NULL) { - ret = WAE_ERROR_MEMORY; - goto error; - } - - ret = _get_random(DEK_LEN, dek); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to get random for APP_DEK. pkgId=%s, ret=%d", pPkgId, ret); - goto error; - } - - // save app_dek in key_manager - ret = _add_dek_to_key_manager(pPkgId, appType, dek, DEK_LEN); - if(ret != WAE_ERROR_NONE) { - goto error; - } - - // store APP_DEK in cache - _add_app_dek_to_cache(pPkgId, dek); - - *ppDek = dek; - *dekLen = DEK_LEN; - - WAE_SLOGI("WAE: Success to create APP_DEK and store it in key-manager. pkgId=%s", pPkgId); + unsigned char *dek = (unsigned char *) malloc(DEK_LEN); + + if (dek == NULL) + return WAE_ERROR_MEMORY; + + int ret = _get_random(DEK_LEN, dek); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("WAE: Fail to get random for APP_DEK. pkgId=%s, ret=%d", pPkgId, ret); + goto error; + } + + // save app_dek in key_manager + ret = _add_dek_to_key_manager(pPkgId, appType, dek, DEK_LEN); + + if (ret != WAE_ERROR_NONE) { + goto error; + } + + // store APP_DEK in cache + _add_app_dek_to_cache(pPkgId, dek); + + *ppDek = dek; + *dekLen = DEK_LEN; + + WAE_SLOGI("WAE: Success to create APP_DEK and store it in key-manager. pkgId=%s", pPkgId); + error: - if(ret != WAE_ERROR_NONE && dek != NULL) - free(dek); + if (ret != WAE_ERROR_NONE && dek != NULL) + free(dek); - return ret; + return ret; } -int get_preloaded_app_dek(const char* pPkgId, unsigned char** ppDek, size_t* dekLen) +int get_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen) { - int ret = WAE_ERROR_NONE; - unsigned char* cached_dek= NULL; - unsigned char* dek = NULL; - - // get dek from cache - cached_dek = _get_app_dek_from_cache(pPkgId); - if(cached_dek == NULL) { - WAE_SLOGE("WAE: Fail to get APP_DEK from cache for preloaded app"); - ret = WAE_ERROR_NO_KEY; - goto error; - } - - dek = (unsigned char*) malloc(DEK_LEN); - if(dek == NULL) { - WAE_SLOGE("WAE: Fail to allocate memory for preloaded app dek"); - ret = WAE_ERROR_MEMORY; - goto error; - } - memcpy(dek, cached_dek, DEK_LEN); - - *ppDek = dek; - *dekLen = DEK_LEN; + int ret = WAE_ERROR_NONE; + + unsigned char *cached_dek = _get_app_dek_from_cache(pPkgId); + + if (cached_dek == NULL) { + WAE_SLOGE("WAE: Fail to get APP_DEK from cache for preloaded app"); + return WAE_ERROR_NO_KEY; + } + + unsigned char *dek = (unsigned char *) malloc(DEK_LEN); + + if (dek == NULL) { + WAE_SLOGE("WAE: Fail to allocate memory for preloaded app dek"); + ret = WAE_ERROR_MEMORY; + goto error; + } + + memcpy(dek, cached_dek, DEK_LEN); + + *ppDek = dek; + *dekLen = DEK_LEN; + error: - if(ret != WAE_ERROR_NONE && dek != NULL) - free(dek); + if (ret != WAE_ERROR_NONE && dek != NULL) + free(dek); - return ret; + return ret; } -int create_preloaded_app_dek(const char* pPkgId, unsigned char** ppDek, size_t* dekLen) +int create_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen) { - int ret = WAE_ERROR_NONE; - unsigned char* dek = NULL; - unsigned char* encrypted_app_dek = NULL; - size_t encrypted_app_dek_len = 0; - unsigned char* pubKey = NULL; - size_t pubKeyLen = 0; - - // create APP_DEK - dek = (unsigned char*) malloc(DEK_LEN); - if(dek == NULL) { - ret = WAE_ERROR_MEMORY; - goto error; - } - - ret = _get_random(DEK_LEN, dek); - if(ret != WAE_ERROR_NONE) { - goto error; - } - - // encrypt APP_DEK with APP_DEK_KEK - ret = _read_from_file(_get_dek_kek_pub_key_path(), &pubKey, &pubKeyLen); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to read APP_DEK_KEK Public Key"); - goto error; - } - - ret = encrypt_app_dek(pubKey, pubKeyLen, dek, DEK_LEN, &encrypted_app_dek, &encrypted_app_dek_len); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to encrypt APP_DEK with APP_DEK_KEK"); - goto error; - } - - // write APP_DEK in a file - ret = _write_encrypted_app_dek_to_file(pPkgId, encrypted_app_dek, encrypted_app_dek_len); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to write encrypted APP_DEK. pkgId=%s", pPkgId); - goto error; - } - - // store APP_DEK in cache - _add_app_dek_to_cache(pPkgId, dek); - - *ppDek = dek; - *dekLen = DEK_LEN; - WAE_SLOGI("WAE: Success to create preleaded APP_DEK and write it in initail value file. pkgId=%s", pPkgId); + unsigned char *encrypted_app_dek = NULL; + size_t encrypted_app_dek_len = 0; + unsigned char *pubKey = NULL; + size_t pubKeyLen = 0; -error: - if(pubKey != NULL) - free(pubKey); - if(encrypted_app_dek != NULL) - free(encrypted_app_dek); - if(ret != WAE_ERROR_NONE && dek != NULL) - free(dek); - return ret; -} + // create APP_DEK + unsigned char *dek = (unsigned char *)malloc(DEK_LEN); + if (dek == NULL) + return WAE_ERROR_MEMORY; -int _get_app_dek_kek(unsigned char** ppDekKek, size_t* kekLen) -{ - int ret = WAE_ERROR_NONE; + int ret = _get_random(DEK_LEN, dek); + + if (ret != WAE_ERROR_NONE) + goto error; + + // encrypt APP_DEK with APP_DEK_KEK + ret = _read_from_file(_get_dek_kek_pub_key_path(), &pubKey, &pubKeyLen); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("WAE: Fail to read APP_DEK_KEK Public Key"); + goto error; + } + + ret = encrypt_app_dek(pubKey, pubKeyLen, dek, DEK_LEN, &encrypted_app_dek, &encrypted_app_dek_len); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("WAE: Fail to encrypt APP_DEK with APP_DEK_KEK"); + goto error; + } + + // write APP_DEK in a file + ret = _write_encrypted_app_dek_to_file(pPkgId, encrypted_app_dek, encrypted_app_dek_len); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("WAE: Fail to write encrypted APP_DEK. pkgId=%s", pPkgId); + goto error; + } + + // store APP_DEK in cache + _add_app_dek_to_cache(pPkgId, dek); + + *ppDek = dek; + *dekLen = DEK_LEN; + WAE_SLOGI("WAE: Success to create preleaded APP_DEK and write it in initail value file. pkgId=%s", pPkgId); - ret = _read_from_file(_get_dek_kek_pri_key_path(), ppDekKek, kekLen); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to read APP_DEK_KEK Private Key"); - return ret; - } -/* - char* password = NULL; - ckmc_raw_buffer_s *pKekBuffer = NULL; - unsigned char* pKek = NULL; - - char dek_kek_alias[MAX_ALIAS_LEN] = {0, }; - _get_dek_kek_alias(dek_kek_alias, sizeof(dek_kek_alias)); - - ret = _to_wae_error(ckmc_get_data(dek_kek_alias, password, &pKekBuffer)); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("Fail to get APP_DEK_KEK from key-manager. alias=%s, ret=%d", APP_DEK_KEK_ALIAS, ret); - goto error; - } - - pKek = (unsigned char*) malloc(pKekBuffer->size); - if(pKek == NULL) { - WAE_SLOGE("Fail to allocate a memory"); - ret = WAE_ERROR_MEMORY; - goto error; - } - memcpy(pKek, pKekBuffer->data, pKekBuffer->size); - - *ppDekKek = pKek; - *kekLen = pKekBuffer->size; - WAE_SLOGI("Success to get APP_DEK_KEK from key-manager."); error: - if(pKekBuffer != NULL) - ckmc_buffer_free(pKekBuffer); - if(ret != WAE_ERROR_NONE && pKek != NULL) - free(pKek); -*/ - return ret; + if (pubKey != NULL) + free(pubKey); + + if (encrypted_app_dek != NULL) + free(encrypted_app_dek); + + if (ret != WAE_ERROR_NONE && dek != NULL) + free(dek); + + return ret; } +int _get_app_dek_kek(unsigned char **ppDekKek, size_t *kekLen) +{ + int ret = _read_from_file(_get_dek_kek_pri_key_path(), ppDekKek, kekLen); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("WAE: Fail to read APP_DEK_KEK Private Key"); + return ret; + } + + /* + char* password = NULL; + ckmc_raw_buffer_s *pKekBuffer = NULL; + unsigned char* pKek = NULL; + + char dek_kek_alias[MAX_ALIAS_LEN] = {0, }; + _get_dek_kek_alias(dek_kek_alias, sizeof(dek_kek_alias)); + + ret = _to_wae_error(ckmc_get_data(dek_kek_alias, password, &pKekBuffer)); + if(ret != WAE_ERROR_NONE) { + WAE_SLOGE("Fail to get APP_DEK_KEK from key-manager. alias=%s, ret=%d", APP_DEK_KEK_ALIAS, ret); + goto error; + } + + pKek = (unsigned char*) malloc(pKekBuffer->size); + if(pKek == NULL) { + WAE_SLOGE("Fail to allocate a memory"); + ret = WAE_ERROR_MEMORY; + goto error; + } + memcpy(pKek, pKekBuffer->data, pKekBuffer->size); + + *ppDekKek = pKek; + *kekLen = pKekBuffer->size; + WAE_SLOGI("Success to get APP_DEK_KEK from key-manager."); + error: + if(pKekBuffer != NULL) + ckmc_buffer_free(pKekBuffer); + if(ret != WAE_ERROR_NONE && pKek != NULL) + free(pKek); + */ + return ret; +} int _get_app_deks_loaded() { - int ret = WAE_ERROR_NONE; - - ckmc_raw_buffer_s *pBuffer = NULL; - char loading_done_alias[MAX_ALIAS_LEN] = {0, }; + char loading_done_alias[MAX_ALIAS_LEN] = {0, }; + _get_dek_loading_done_alias(loading_done_alias, sizeof(loading_done_alias)); - _get_dek_loading_done_alias(loading_done_alias, sizeof(loading_done_alias)); + ckmc_raw_buffer_s *pBuffer = NULL; + int ret = _to_wae_error(ckmc_get_data(loading_done_alias, NULL, &pBuffer)); - ret = _to_wae_error(ckmc_get_data(loading_done_alias, NULL, &pBuffer)); - if(ret == WAE_ERROR_NO_KEY) { - WAE_SLOGI("WAE: APP_DEK_LOADING was not done"); - } else if(ret == WAE_ERROR_NONE) { - WAE_SLOGI("WAE: APP_DEK_LOADING was already done"); - } else { - WAE_SLOGE("WAE: Fail to get information from key-manager about APP_DEK_LOADING_DONE_ALIAS. ret=%d", ret); - goto error; - } + if (ret == WAE_ERROR_NO_KEY) + WAE_SLOGI("WAE: APP_DEK_LOADING was not done"); + else if (ret == WAE_ERROR_NONE) + WAE_SLOGI("WAE: APP_DEK_LOADING was already done"); + else + WAE_SLOGE("WAE: Fail to get information from key-manager about APP_DEK_LOADING_DONE_ALIAS. ret=%d", ret); -error: - if(pBuffer != NULL) - ckmc_buffer_free(pBuffer); + if (pBuffer != NULL) + ckmc_buffer_free(pBuffer); - return ret; + return ret; } int _set_app_deks_loaded() { - int ret = WAE_ERROR_NONE; - ckmc_raw_buffer_s buff; - ckmc_policy_s policy; - unsigned char dummyData[1] = {0}; - - buff.data = dummyData; - buff.size = sizeof(dummyData); - - policy.password = NULL; - policy.extractable = true; - - char loading_done_alias[MAX_ALIAS_LEN] = {0, }; - _get_dek_loading_done_alias(loading_done_alias, sizeof(loading_done_alias)); - - ret = _to_wae_error(ckmc_save_data(loading_done_alias, buff, policy)); - if(ret == WAE_ERROR_KEY_EXISTS) { - WAE_SLOGI("WAE: APP_DEK_LOADING was already done"); - ret = WAE_ERROR_NONE; - } else if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("WAE: Fail to set APP_DEK_LOADING_DONE_ALIAS to key-manager. ret=%d", ret); - goto error; - } - - WAE_SLOGI("Success to set APP_DEK_LOADING_DONE_ALIAS to key-manager."); -error: - return ret; + ckmc_raw_buffer_s buff; + ckmc_policy_s policy; + unsigned char dummyData[1] = {0}; + + buff.data = dummyData; + buff.size = sizeof(dummyData); + + policy.password = NULL; + policy.extractable = true; + + char loading_done_alias[MAX_ALIAS_LEN] = {0, }; + _get_dek_loading_done_alias(loading_done_alias, sizeof(loading_done_alias)); + + int ret = _to_wae_error(ckmc_save_data(loading_done_alias, buff, policy)); + + if (ret == WAE_ERROR_KEY_EXISTS) { + WAE_SLOGI("WAE: APP_DEK_LOADING was already done"); + ret = WAE_ERROR_NONE; + } else if (ret == WAE_ERROR_NONE) { + WAE_SLOGI("Success to set APP_DEK_LOADING_DONE_ALIAS to key-manager."); + } else { + WAE_SLOGE("WAE: Fail to set APP_DEK_LOADING_DONE_ALIAS to key-manager. ret=%d", ret); + } + + return ret; } int _clear_app_deks_loaded() { - int ret = WAE_ERROR_NONE; - char loading_done_alias[MAX_ALIAS_LEN] = {0, }; - _get_dek_loading_done_alias(loading_done_alias, sizeof(loading_done_alias)); - - ret = _to_wae_error(ckmc_remove_alias(loading_done_alias)); - if(ret == WAE_ERROR_NO_KEY) { - WAE_SLOGI("APP_DEK_LOADING_DONE_ALIAS was not set to key-manager before."); - ret = WAE_ERROR_NONE; - }else if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("Fail to clear APP_DEK_LOADING_DONE_ALIAS to key-manager. ret=%d", ret); - } - - return ret; + char loading_done_alias[MAX_ALIAS_LEN] = {0, }; + _get_dek_loading_done_alias(loading_done_alias, sizeof(loading_done_alias)); + + int ret = _to_wae_error(ckmc_remove_alias(loading_done_alias)); + + if (ret == WAE_ERROR_NO_KEY) { + WAE_SLOGI("APP_DEK_LOADING_DONE_ALIAS was not set to key-manager before."); + ret = WAE_ERROR_NONE; + } else if (ret == WAE_ERROR_NONE) { + WAE_SLOGI("Success to clear app deks loaded"); + } else { + WAE_SLOGE("Fail to clear APP_DEK_LOADING_DONE_ALIAS to key-manager. ret=%d", ret); + } + + return ret; } int load_preloaded_app_deks(bool reload) { - int ret = WAE_ERROR_NONE; - - char pkgId[MAX_PKGID_LEN] = {0, }; - - DIR *dir = NULL; - struct dirent entry; - struct dirent *result; - int error; - char file_path_buff[MAX_PATH_LEN]; - unsigned char* encrypted_app_dek = NULL; - size_t encrypted_app_dek_len = 0; - unsigned char* app_dek = NULL; - size_t app_dek_len = 0; - unsigned char* priKey = NULL; - size_t priKeyLen = 0; - - int error_during_loading = 0; - - if(!reload) { - // check if all deks were already loaded into key-manager. - ret = _get_app_deks_loaded(); - if(ret == WAE_ERROR_NONE) { - return ret; - } - } - - ret = _get_app_dek_kek(&priKey, &priKeyLen); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("Fail to get APP_DEK_KEK Private Key"); - return ret; - } - - dir = opendir(_get_dek_store_path()); - if(dir == NULL) { - WAE_SLOGE("Fail to open dir. dir=%s", _get_dek_store_path()); - ret = WAE_ERROR_FILE; - goto error; - } - - for(;;) { - error = readdir_r(dir, &entry, &result); - if( error != 0 ) { - ret = WAE_ERROR_FILE; - goto error; - } - // readdir_r returns NULL in *result if the end - // of the directory stream is reached - if(result == NULL) - break; - - // regular file && start with KEY_MANAGER_INITIAL_VALUE_FILE_PFX - if(entry.d_type == DT_REG && strstr(entry.d_name, APP_DEK_FILE_PFX) != NULL) { - memset(file_path_buff, 0, sizeof(file_path_buff)); - ret = snprintf(file_path_buff, sizeof(file_path_buff), "%s/%s", - _get_dek_store_path(), entry.d_name); - if(ret < 0) { - WAE_SLOGE("Failed to make file path by snprintf."); - ret = WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */ - goto error; - } - - ret = _extract_pkg_id_from_file_name(entry.d_name, pkgId); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGW("Fail to extract pkgid from file. It will be ignored. file=%s",file_path_buff); - continue; - } - - ret = _read_from_file(file_path_buff, &encrypted_app_dek, &encrypted_app_dek_len); - if(ret != WAE_ERROR_NONE || encrypted_app_dek == NULL) { - error_during_loading++; - WAE_SLOGW("Fail to read file. It will be ignored. file=%s",file_path_buff); - continue; - } - - ret = decrypt_app_dek(priKey, priKeyLen, APP_DEK_KEK_PRIKEY_PASSWORD, - encrypted_app_dek, encrypted_app_dek_len, - &app_dek, &app_dek_len); - if(ret != WAE_ERROR_NONE || app_dek == NULL) { - error_during_loading++; - WAE_SLOGW("Fail to decrypt APP DEK. It will be ignored. file=%s",file_path_buff); - continue; - } - - // save app_dek in key_manager - ret = _add_dek_to_key_manager(pkgId, WAE_PRELOADED_APP, app_dek, app_dek_len); - // free temp objects - free(app_dek); - free(encrypted_app_dek); - app_dek = NULL; - encrypted_app_dek = NULL; - - if(ret == WAE_ERROR_KEY_EXISTS) { - WAE_SLOGI("Key Manager already has APP_DEK. It will be ignored. file=%s",file_path_buff); - continue; - }else if(ret != WAE_ERROR_NONE) { - error_during_loading++; - WAE_SLOGW("Fail to add APP DEK to key-manager. file=%s",file_path_buff); - continue; - } - } - } - - ret = _set_app_deks_loaded(); - if(ret == WAE_ERROR_NONE) { - WAE_SLOGI("Success to load_preloaded_app_deks"); - ret = WAE_ERROR_NONE; - }else { - WAE_SLOGW("Fail to _set_app_deks_loaded to key-manager. ret=%d", ret); - } + int ret = WAE_ERROR_NONE; + + char pkgId[MAX_PKGID_LEN] = {0, }; + + DIR *dir = NULL; + struct dirent entry; + struct dirent *result; + int error; + char file_path_buff[MAX_PATH_LEN]; + unsigned char *encrypted_app_dek = NULL; + size_t encrypted_app_dek_len = 0; + unsigned char *app_dek = NULL; + size_t app_dek_len = 0; + unsigned char *priKey = NULL; + size_t priKeyLen = 0; + + int error_during_loading = 0; + + if (!reload) { + // check if all deks were already loaded into key-manager. + ret = _get_app_deks_loaded(); + + if (ret == WAE_ERROR_NONE) + return ret; + } + + ret = _get_app_dek_kek(&priKey, &priKeyLen); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("Fail to get APP_DEK_KEK Private Key"); + return ret; + } + + dir = opendir(_get_dek_store_path()); + + if (dir == NULL) { + WAE_SLOGE("Fail to open dir. dir=%s", _get_dek_store_path()); + ret = WAE_ERROR_FILE; + goto error; + } + + while (true) { + error = readdir_r(dir, &entry, &result); + + if (error != 0) { + ret = WAE_ERROR_FILE; + goto error; + } + + // readdir_r returns NULL in *result if the end + // of the directory stream is reached + if (result == NULL) + break; + + // regular file && start with KEY_MANAGER_INITIAL_VALUE_FILE_PFX + if (entry.d_type == DT_REG && strstr(entry.d_name, APP_DEK_FILE_PFX) != NULL) { + memset(file_path_buff, 0, sizeof(file_path_buff)); + ret = snprintf(file_path_buff, sizeof(file_path_buff), "%s/%s", + _get_dek_store_path(), entry.d_name); + + if (ret < 0) { + WAE_SLOGE("Failed to make file path by snprintf."); + ret = WAE_ERROR_INVALID_PARAMETER; /* buffer size too small */ + goto error; + } + + ret = _extract_pkg_id_from_file_name(entry.d_name, pkgId); + + if (ret != WAE_ERROR_NONE) { + WAE_SLOGW("Fail to extract pkgid from file. It will be ignored. file=%s", file_path_buff); + continue; + } + + ret = _read_from_file(file_path_buff, &encrypted_app_dek, &encrypted_app_dek_len); + + if (ret != WAE_ERROR_NONE || encrypted_app_dek == NULL) { + error_during_loading++; + WAE_SLOGW("Fail to read file. It will be ignored. file=%s", file_path_buff); + continue; + } + + ret = decrypt_app_dek(priKey, priKeyLen, APP_DEK_KEK_PRIKEY_PASSWORD, + encrypted_app_dek, encrypted_app_dek_len, + &app_dek, &app_dek_len); + + if (ret != WAE_ERROR_NONE || app_dek == NULL) { + error_during_loading++; + WAE_SLOGW("Fail to decrypt APP DEK. It will be ignored. file=%s", file_path_buff); + continue; + } + + // save app_dek in key_manager + ret = _add_dek_to_key_manager(pkgId, WAE_PRELOADED_APP, app_dek, app_dek_len); + // free temp objects + free(app_dek); + free(encrypted_app_dek); + app_dek = NULL; + encrypted_app_dek = NULL; + + if (ret == WAE_ERROR_KEY_EXISTS) { + WAE_SLOGI("Key Manager already has APP_DEK. It will be ignored. file=%s", file_path_buff); + continue; + } else if (ret != WAE_ERROR_NONE) { + error_during_loading++; + WAE_SLOGW("Fail to add APP DEK to key-manager. file=%s", file_path_buff); + continue; + } + } + } + + ret = _set_app_deks_loaded(); + + if (ret == WAE_ERROR_NONE) { + WAE_SLOGI("Success to load_preloaded_app_deks"); + ret = WAE_ERROR_NONE; + } else { + WAE_SLOGW("Fail to _set_app_deks_loaded to key-manager. ret=%d", ret); + } + error: - if(priKey != NULL) - free(priKey); + if (priKey != NULL) + free(priKey); - return ret; + return ret; } - -int remove_app_dek(const char* pPkgId, wae_app_type_e appType) +int remove_app_dek(const char *pPkgId, wae_app_type_e appType) { - int ret = CKMC_ERROR_NONE; - char alias[MAX_ALIAS_LEN] = {0,}; + char alias[MAX_ALIAS_LEN] = {0,}; - _get_alias(pPkgId, appType, true, alias,sizeof(alias)); + _get_alias(pPkgId, appType, true, alias, sizeof(alias)); - ret = _to_wae_error(ckmc_remove_alias(alias)); - if(ret != WAE_ERROR_NONE) { - WAE_SLOGE("Fail to remove APP_DEK from key-manager. pkgId=%s, alias=%s, ret=%d", pPkgId, alias, ret); - goto error; - } + int ret = _to_wae_error(ckmc_remove_alias(alias)); - _remove_app_dek_from_cache(pPkgId); - WAE_SLOGI("Success to remove APP_DEK from key-manager. pkgId=%s", pPkgId); -error: - return WAE_ERROR_NONE; + if (ret != WAE_ERROR_NONE) { + WAE_SLOGE("Fail to remove APP_DEK from key-manager. pkgId=%s, alias=%s, ret=%d", pPkgId, alias, ret); + return ret; + } + + _remove_app_dek_from_cache(pPkgId); + WAE_SLOGI("Success to remove APP_DEK from key-manager. pkgId=%s", pPkgId); + + return WAE_ERROR_NONE; } diff --git a/srcs/key_handler.h b/srcs/key_handler.h index 2d3af65..e1ad727 100644 --- a/srcs/key_handler.h +++ b/srcs/key_handler.h @@ -19,8 +19,8 @@ * @version 1.0 * @brief Key manupulatation. */ -#ifndef __TIZEN_CORE_WAE_KEY_HANDLER_H -#define __TIZEN_CORE_WAE_KEY_HANDLER_H +#ifndef __WAE_KEY_HANDLER_H +#define __WAE_KEY_HANDLER_H #ifdef __cplusplus extern "C" { @@ -34,37 +34,37 @@ extern "C" { /* functions with "_" prefix are internal static functions but declared here for testing */ void _initialize_cache(); -unsigned char* _get_app_dek_from_cache(const char* pkgId); -void _add_app_dek_to_cache(const char* pkgId, unsigned char* dek); -void _remove_app_dek_from_cache(const char* pkgId); -int _get_random(size_t length, unsigned char* random); -void _get_alias(const char* pPkgId, wae_app_type_e appType, bool forSave, char* alias, size_t buff_len); -void _get_dek_kek_alias(char* alias, size_t buff_len); -void _get_dek_loading_done_alias(char* alias, size_t buff_len); -const char* _get_dek_kek_pub_key_path(); -const char* _get_dek_kek_pri_key_path(); -const char* _get_dek_store_path(); -int _add_dek_to_key_manager(const char* pPkgId, wae_app_type_e appType, const unsigned char* pDek, size_t len); -int _get_preloaded_app_dek_file_path(const char* pPkgId, size_t size, char *path); -int _extract_pkg_id_from_file_name(const char* fileName, char* pkgId); -int _read_encrypted_app_dek_from_file(const char* pPkgId, unsigned char** encrypted_app_dek, size_t*len); -int _write_encrypted_app_dek_to_file(const char* pPkgId, const unsigned char* encrypted_app_dek, size_t len); -int _read_from_file(const char* path, unsigned char** data, size_t* len); -int _write_to_file(const char* path, const unsigned char* data, size_t len); +unsigned char *_get_app_dek_from_cache(const char *pkgId); +void _add_app_dek_to_cache(const char *pkgId, unsigned char *dek); +void _remove_app_dek_from_cache(const char *pkgId); +int _get_random(size_t length, unsigned char *random); +void _get_alias(const char *pPkgId, wae_app_type_e appType, bool forSave, char *alias, size_t buff_len); +void _get_dek_kek_alias(char *alias, size_t buff_len); +void _get_dek_loading_done_alias(char *alias, size_t buff_len); +const char *_get_dek_kek_pub_key_path(); +const char *_get_dek_kek_pri_key_path(); +const char *_get_dek_store_path(); +int _add_dek_to_key_manager(const char *pPkgId, wae_app_type_e appType, const unsigned char *pDek, size_t len); +int _get_preloaded_app_dek_file_path(const char *pPkgId, size_t size, char *path); +int _extract_pkg_id_from_file_name(const char *fileName, char *pkgId); +int _read_encrypted_app_dek_from_file(const char *pPkgId, unsigned char **encrypted_app_dek, size_t *len); +int _write_encrypted_app_dek_to_file(const char *pPkgId, const unsigned char *encrypted_app_dek, size_t len); +int _read_from_file(const char *path, unsigned char **data, size_t *len); +int _write_to_file(const char *path, const unsigned char *data, size_t len); int _get_app_deks_loaded(); int _set_app_deks_loaded(); int _clear_app_deks_loaded(); /* functions for interface */ -int get_app_dek(const char* pPkgId, wae_app_type_e appType, unsigned char** ppDek, size_t *dekLen); -int create_app_dek(const char* pPkgId, wae_app_type_e appType, unsigned char** ppDek, size_t *dekLen); -int get_preloaded_app_dek(const char* pPkgId, unsigned char** ppDek, size_t* dekLen); -int create_preloaded_app_dek(const char* pPkgId, unsigned char** ppDek, size_t *dekLen); +int get_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen); +int create_app_dek(const char *pPkgId, wae_app_type_e appType, unsigned char **ppDek, size_t *dekLen); +int get_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen); +int create_preloaded_app_dek(const char *pPkgId, unsigned char **ppDek, size_t *dekLen); int load_preloaded_app_deks(bool reload); -int remove_app_dek(const char* pPkgId, wae_app_type_e appType); +int remove_app_dek(const char *pPkgId, wae_app_type_e appType); #ifdef __cplusplus } #endif -#endif /* __TIZEN_CORE_WAE_KEY_HANDLER_H */ +#endif /* __WAE_KEY_HANDLER_H */ diff --git a/srcs/wae_initializer.c b/srcs/wae_initializer.c index 4022f48..b9d7ce8 100644 --- a/srcs/wae_initializer.c +++ b/srcs/wae_initializer.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,30 +19,30 @@ * @version 1.0 * @brief tool for importing APP DEKs during booting */ - #include "key_handler.h" #include "web_app_enc.h" #include "wae_log.h" #include <stdio.h> -int main(int argc, char* argv[]) +int main(int argc, char *argv[]) { - int ret = WAE_ERROR_NONE; - bool reload = false; + int ret = WAE_ERROR_NONE; + bool reload = false; + + if (argc == 2 && strcmp(argv[1], "--reload") == 0) { + reload = true; + } - if(argc == 2 && strcmp(argv[1], "--reload")==0) { - reload = true; - } + ret = load_preloaded_app_deks(reload); - ret = load_preloaded_app_deks(reload); - if(ret == WAE_ERROR_NONE) { - printf("WAE INITIALIZER was finished successfully.\n"); - WAE_SLOGI("WAE INITIALIZER was finished successfully."); - return 0; - }else { - printf("WAE INITIALIZER was finished with error. ret=%d\n", ret); - WAE_SLOGE("WAE INITIALIZER was finished with error. ret=%d", ret); - return -1; - } + if (ret == WAE_ERROR_NONE) { + printf("WAE INITIALIZER was finished successfully.\n"); + WAE_SLOGI("WAE INITIALIZER was finished successfully."); + return 0; + } else { + printf("WAE INITIALIZER was finished with error. ret=%d\n", ret); + WAE_SLOGE("WAE INITIALIZER was finished with error. ret=%d", ret); + return -1; + } } diff --git a/srcs/wae_log.h b/srcs/wae_log.h index 6dfe44a..732557f 100644 --- a/srcs/wae_log.h +++ b/srcs/wae_log.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,16 +17,14 @@ * @file wae_log.h * @author Dongsun Lee (ds73.lee@samsung.com) * @version 1.0 - * @brief a header for loggin. + * @brief logging. */ - #ifndef __WAE_LOG_H__ #define __WAE_LOG_H__ -/* Use DLOG logging mechanism */ #include <dlog.h> -#define TAG_WAE "WAE" +#define TAG_WAE "WAE" #define WAE_SLOGD(format, arg...) SLOG(LOG_DEBUG, TAG_WAE, format, ##arg) #define WAE_SLOGI(format, arg...) SLOG(LOG_INFO, TAG_WAE, format, ##arg) @@ -35,4 +33,3 @@ #define WAE_SLOGF(format, arg...) SLOG(LOG_FATAL, TAG_WAE, format, ##arg) #endif /* __WAE_LOG_H__*/ - diff --git a/srcs/web_app_enc.c b/srcs/web_app_enc.c index 39865bc..0e31c30 100644 --- a/srcs/web_app_enc.c +++ b/srcs/web_app_enc.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,200 +19,213 @@ * @version 1.0 * @brief provides fucntions for encryption and decryption of web application. */ +#include "web_app_enc.h" #include <stdlib.h> #include <stdio.h> -#include "web_app_enc.h" #include "key_handler.h" #include "crypto_service.h" #include "wae_log.h" - -int _wae_encrypt_downloaded_web_application(const char* pPkgId, wae_app_type_e appType, - const unsigned char* pData, size_t dataLen, - unsigned char** ppEncryptedData, size_t* pEncDataLen) +int _wae_encrypt_downloaded_web_application(const char *pPkgId, wae_app_type_e appType, + const unsigned char *pData, size_t dataLen, + unsigned char **ppEncryptedData, size_t *pEncDataLen) { - int ret = WAE_ERROR_NONE; - unsigned char *pDek = NULL; - size_t dekLen = -1; - - if(pPkgId == NULL) { - WAE_SLOGE("Invalid Parameter. pPkgId is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - if(pData == NULL || dataLen <= 0) { - WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - if(ppEncryptedData == NULL || pEncDataLen == NULL) { - WAE_SLOGE("Invalid Parameter. ppEncryptedData or pEncDataLen is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - - // get APP_DEK. - // if not exists, create APP_DEK - ret = get_app_dek(pPkgId, appType, &pDek, &dekLen); - if(ret == WAE_ERROR_NO_KEY) { - ret = create_app_dek(pPkgId, appType, &pDek, &dekLen); - } - if(ret != WAE_ERROR_NONE) { - goto error; - } - - // encrypt - ret = encrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppEncryptedData, pEncDataLen); - if(ret != WAE_ERROR_NONE) { - goto error; - } + int ret = WAE_ERROR_NONE; + unsigned char *pDek = NULL; + size_t dekLen = -1; + + if (pPkgId == NULL) { + WAE_SLOGE("Invalid Parameter. pPkgId is NULL"); + ret = WAE_ERROR_INVALID_PARAMETER; + goto error; + } + + if (pData == NULL || dataLen <= 0) { + WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen); + ret = WAE_ERROR_INVALID_PARAMETER; + goto error; + } + + if (ppEncryptedData == NULL || pEncDataLen == NULL) { + WAE_SLOGE("Invalid Parameter. ppEncryptedData or pEncDataLen is NULL"); + ret = WAE_ERROR_INVALID_PARAMETER; + goto error; + } + + // get APP_DEK. + // if not exists, create APP_DEK + ret = get_app_dek(pPkgId, appType, &pDek, &dekLen); + + if (ret == WAE_ERROR_NO_KEY) { + ret = create_app_dek(pPkgId, appType, &pDek, &dekLen); + } + + if (ret != WAE_ERROR_NONE) { + goto error; + } + + // encrypt + ret = encrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppEncryptedData, pEncDataLen); + + if (ret != WAE_ERROR_NONE) { + goto error; + } error: - if(pDek != NULL) - free(pDek); + if (pDek != NULL) + free(pDek); - return ret; + return ret; } -int _wae_decrypt_downloaded_web_application(const char* pPkgId, wae_app_type_e appType, - const unsigned char* pData, size_t dataLen, - unsigned char** ppDecryptedData, size_t* pDecDataLen) +int _wae_decrypt_downloaded_web_application(const char *pPkgId, wae_app_type_e appType, + const unsigned char *pData, size_t dataLen, + unsigned char **ppDecryptedData, size_t *pDecDataLen) { - int ret = WAE_ERROR_NONE; - unsigned char *pDek = NULL; - size_t dekLen = -1; - - if(pPkgId == NULL) { - WAE_SLOGE("Invalid Parameter. pPkgId is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - if(pData == NULL || dataLen <= 0) { - WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - if(ppDecryptedData == NULL || pDecDataLen == NULL) { - WAE_SLOGE("Invalid Parameter. ppDecryptedData or pDecDataLen is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - - ret = get_app_dek(pPkgId, appType, &pDek, &dekLen); - if(ret != WAE_ERROR_NONE) { - goto error; - } - - // decrypt - ret = decrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppDecryptedData, pDecDataLen); - if(ret != WAE_ERROR_NONE) { - goto error; - } + int ret = WAE_ERROR_NONE; + unsigned char *pDek = NULL; + size_t dekLen = -1; + + if (pPkgId == NULL) { + WAE_SLOGE("Invalid Parameter. pPkgId is NULL"); + ret = WAE_ERROR_INVALID_PARAMETER; + goto error; + } + + if (pData == NULL || dataLen <= 0) { + WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen); + ret = WAE_ERROR_INVALID_PARAMETER; + goto error; + } + + if (ppDecryptedData == NULL || pDecDataLen == NULL) { + WAE_SLOGE("Invalid Parameter. ppDecryptedData or pDecDataLen is NULL"); + ret = WAE_ERROR_INVALID_PARAMETER; + goto error; + } + + ret = get_app_dek(pPkgId, appType, &pDek, &dekLen); + + if (ret != WAE_ERROR_NONE) { + goto error; + } + + // decrypt + ret = decrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppDecryptedData, pDecDataLen); + + if (ret != WAE_ERROR_NONE) { + goto error; + } error: - if(pDek != NULL) - free(pDek); + if (pDek != NULL) + free(pDek); - return ret; + return ret; } -int _wae_encrypt_preloaded_web_application(const char* pPkgId, - const unsigned char* pData, size_t dataLen, - unsigned char** ppEncryptedData, size_t* pEncDataLen) +int _wae_encrypt_preloaded_web_application(const char *pPkgId, + const unsigned char *pData, size_t dataLen, + unsigned char **ppEncryptedData, size_t *pEncDataLen) { - int ret = WAE_ERROR_NONE; - unsigned char *pDek = NULL; - size_t dekLen = -1; - - if(pPkgId == NULL) { - WAE_SLOGE("Invalid Parameter. pPkgId is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - if(pData == NULL || dataLen <= 0) { - WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - if(ppEncryptedData == NULL || pEncDataLen == NULL) { - WAE_SLOGE("Invalid Parameter. ppEncryptedData or pEncDataLen is NULL"); - ret = WAE_ERROR_INVALID_PARAMETER; - goto error; - } - - ret = get_preloaded_app_dek(pPkgId, &pDek, &dekLen); - if(ret == WAE_ERROR_NO_KEY) { - ret = create_preloaded_app_dek(pPkgId, &pDek, &dekLen); - } - if(ret != WAE_ERROR_NONE) { - goto error; - } - - // encrypt - ret = encrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppEncryptedData, pEncDataLen); - if(ret != WAE_ERROR_NONE) { - goto error; - } + int ret = WAE_ERROR_NONE; + unsigned char *pDek = NULL; + size_t dekLen = -1; + + if (pPkgId == NULL) { + WAE_SLOGE("Invalid Parameter. pPkgId is NULL"); + ret = WAE_ERROR_INVALID_PARAMETER; + goto error; + } + + if (pData == NULL || dataLen <= 0) { + WAE_SLOGE("Invalid Parameter. pData is NULL or invalid dataLen(%d)", dataLen); + ret = WAE_ERROR_INVALID_PARAMETER; + goto error; + } + + if (ppEncryptedData == NULL || pEncDataLen == NULL) { + WAE_SLOGE("Invalid Parameter. ppEncryptedData or pEncDataLen is NULL"); + ret = WAE_ERROR_INVALID_PARAMETER; + goto error; + } + + ret = get_preloaded_app_dek(pPkgId, &pDek, &dekLen); + + if (ret == WAE_ERROR_NO_KEY) { + ret = create_preloaded_app_dek(pPkgId, &pDek, &dekLen); + } + + if (ret != WAE_ERROR_NONE) { + goto error; + } + + // encrypt + ret = encrypt_aes_cbc(pDek, dekLen, pData, dataLen, ppEncryptedData, pEncDataLen); + + if (ret != WAE_ERROR_NONE) { + goto error; + } + error: - if(pDek != NULL) - free(pDek); + if (pDek != NULL) + free(pDek); - return ret; + return ret; } -int _wae_decrypt_preloaded_web_application(const char* pPkgId, wae_app_type_e appType, - const unsigned char* pData, size_t dataLen, - unsigned char** ppDecryptedData, size_t* pDecDataLen) +int _wae_decrypt_preloaded_web_application(const char *pPkgId, wae_app_type_e appType, + const unsigned char *pData, size_t dataLen, + unsigned char **ppDecryptedData, size_t *pDecDataLen) { - // same with the decryption of downloaded web application - return _wae_decrypt_downloaded_web_application(pPkgId, appType, - pData, dataLen, ppDecryptedData, pDecDataLen); + // same with the decryption of downloaded web application + return _wae_decrypt_downloaded_web_application(pPkgId, appType, + pData, dataLen, ppDecryptedData, pDecDataLen); } -int wae_encrypt_web_application(const char* pPkgId, wae_app_type_e appType, - const unsigned char* pData, size_t dataLen, - unsigned char** ppEncryptedData, size_t* pEncDataLen) +int wae_encrypt_web_application(const char *pPkgId, wae_app_type_e appType, + const unsigned char *pData, size_t dataLen, + unsigned char **ppEncryptedData, size_t *pEncDataLen) { - int ret = WAE_ERROR_NONE; - - if(appType == WAE_PRELOADED_APP) - ret = _wae_encrypt_preloaded_web_application(pPkgId, - pData, dataLen, ppEncryptedData, pEncDataLen); - else - ret = _wae_encrypt_downloaded_web_application(pPkgId, appType, - pData, dataLen, ppEncryptedData, pEncDataLen); - - WAE_SLOGI("Encrypt Web App. pkgId=%s, appType=%d, dataLen=%d, ret=%d", - pPkgId, appType, dataLen, ret); - return ret; + int ret = WAE_ERROR_NONE; + + if (appType == WAE_PRELOADED_APP) + ret = _wae_encrypt_preloaded_web_application(pPkgId, + pData, dataLen, ppEncryptedData, pEncDataLen); + else + ret = _wae_encrypt_downloaded_web_application(pPkgId, appType, + pData, dataLen, ppEncryptedData, pEncDataLen); + + WAE_SLOGI("Encrypt Web App. pkgId=%s, appType=%d, dataLen=%d, ret=%d", + pPkgId, appType, dataLen, ret); + return ret; } -int wae_decrypt_web_application(const char* pPkgId, wae_app_type_e appType, - const unsigned char* pData, size_t dataLen, - unsigned char** ppDecryptedData, size_t* pDecDataLen) +int wae_decrypt_web_application(const char *pPkgId, wae_app_type_e appType, + const unsigned char *pData, size_t dataLen, + unsigned char **ppDecryptedData, size_t *pDecDataLen) { - int ret = WAE_ERROR_NONE; - - if(appType == WAE_PRELOADED_APP) - ret = _wae_decrypt_preloaded_web_application(pPkgId, appType, - pData, dataLen, ppDecryptedData, pDecDataLen); - else - ret = _wae_decrypt_downloaded_web_application(pPkgId, appType, - pData, dataLen, ppDecryptedData, pDecDataLen); - - WAE_SLOGI("Decrypt Web App. pkgId=%s, appType=%d, dataLen=%d, ret=%d", - pPkgId, appType, dataLen, ret); - return ret; + int ret = WAE_ERROR_NONE; + + if (appType == WAE_PRELOADED_APP) + ret = _wae_decrypt_preloaded_web_application(pPkgId, appType, + pData, dataLen, ppDecryptedData, pDecDataLen); + else + ret = _wae_decrypt_downloaded_web_application(pPkgId, appType, + pData, dataLen, ppDecryptedData, pDecDataLen); + + WAE_SLOGI("Decrypt Web App. pkgId=%s, appType=%d, dataLen=%d, ret=%d", + pPkgId, appType, dataLen, ret); + return ret; } -int wae_remove_app_dek(const char* pPkgId, wae_app_type_e appType) +int wae_remove_app_dek(const char *pPkgId, wae_app_type_e appType) { - int ret = WAE_ERROR_NONE; - ret = remove_app_dek(pPkgId, appType); - WAE_SLOGI("Remove APP DEK. pkgId=%s, appType=%d, ret=%d", pPkgId, appType, ret); - return ret; + int ret = remove_app_dek(pPkgId, appType); + WAE_SLOGI("Remove APP DEK. pkgId=%s, appType=%d, ret=%d", pPkgId, appType, ret); + return ret; } diff --git a/tests/wae_tests.c b/tests/wae_tests.c index abaf4aa..c724d21 100644 --- a/tests/wae_tests.c +++ b/tests/wae_tests.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -37,193 +37,206 @@ static int tc_fail = 0; #define FPRINTF(format, args...) fprintf(stdout, format, ##args) -static int RUNTC(int (*tc_method)(), const char* tc_name) +static int RUNTC(int (*tc_method)(), const char *tc_name) { - int ret = WAE_ERROR_NONE; - FPRINTF("[%02d:%s]started...\n", tc_seq, tc_name); - ret = tc_method(); - if(ret == WAE_ERROR_NONE) { - FPRINTF("[%02d:%s]ended. SUCCESS\n\n", tc_seq, tc_name); - tc_succ++; - } else { - FPRINTF("[%02d:%s]ended. FAIL. error=%d\n\n", tc_seq, tc_name, ret); - tc_fail++; - } - tc_seq++; - return ret; + int ret = WAE_ERROR_NONE; + FPRINTF("[%02d:%s]started...\n", tc_seq, tc_name); + ret = tc_method(); + + if (ret == WAE_ERROR_NONE) { + FPRINTF("[%02d:%s]ended. SUCCESS\n\n", tc_seq, tc_name); + tc_succ++; + } else { + FPRINTF("[%02d:%s]ended. FAIL. error=%d\n\n", tc_seq, tc_name, ret); + tc_fail++; + } + + tc_seq++; + return ret; } static void PRINT_TC_SUMMARY() { - FPRINTF("\n"); - FPRINTF("===============================================\n"); - FPRINTF(" TOTAL = %d, SUCCESS = %d, FAIL = %d\n", tc_seq, tc_succ, tc_fail); - FPRINTF("===============================================\n"); + FPRINTF("\n"); + FPRINTF("===============================================\n"); + FPRINTF(" TOTAL = %d, SUCCESS = %d, FAIL = %d\n", tc_seq, tc_succ, tc_fail); + FPRINTF("===============================================\n"); } -void _print_binary_to_hex(const char* msg, unsigned char* bin, size_t len) +void _print_binary_to_hex(const char *msg, unsigned char *bin, size_t len) { - size_t i = 0; - FPRINTF("%s", msg); - for(i=0; i<len; i++) { - FPRINTF("%02x", bin[i]); - } - FPRINTF("\n"); + size_t i = 0; + FPRINTF("%s", msg); + + for (i = 0; i < len; i++) { + FPRINTF("%02x", bin[i]); + } + + FPRINTF("\n"); } -int _compare_binary(const unsigned char* b1, size_t b1Len, const unsigned char* b2, size_t b2Len) +int _compare_binary(const unsigned char *b1, size_t b1Len, const unsigned char *b2, size_t b2Len) { - size_t i = 0; - if(b1Len != b2Len) - return b1Len - b2Len; - for(i=0; i<b1Len; i++) { - if(b1[i] != b2[i]) - return b1[i] - b2[i]; - } - return 0; -} + size_t i = 0; + + if (b1Len != b2Len) + return b1Len - b2Len; + for (i = 0; i < b1Len; i++) { + if (b1[i] != b2[i]) + return b1[i] - b2[i]; + } + + return 0; +} //================================================================================= // tests for crypto_service.h //================================================================================= int wae_tc_encrypt_decrypt_app_dek() { - int ret = WAE_ERROR_NONE; - unsigned char dek[32]; - unsigned char* encryptedDek = NULL; - size_t encryptedDekLen = 0; - unsigned char* decryptedDek = NULL; - size_t decryptedDekLen = 0; - - const char* priKey = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEpgIBAAKCAQEA0kWtjpRO7Zh2KX2naVE/BDJdrfwK9xexfNA0MkY2VJ4J2AKM\n" - "YTj1D1jntceryupCEHOvP3rum+WsFvPXduz9+VKnSsSqj4jcTUubtpDUGA5G79Iq\n" - "LEPFuSBaqI8Uwkzd08pE+s30oaJDnNazMhSq8JkqBPoCCwtUs73ruE9VbtsBO/kT\n" - "lASIAfe8nXqcJLcDQgWYhizjJw0Pi6d74oCwS2OTvQDNvsXfFnA0ZJEEYw/rZLir\n" - "j7OHoOjz+Sh5N+1uA3Up6SPPEbHuP6L12YxqHdy7gnJXodLhvE/cR4SN9VW7+qmC\n" - "MBjmLkBejGrEX3STS9sLI7MZHu9Y26dwuYb4+wIDAQABAoIBAQCwxqV/vc2RUGDe\n" - "xuXM0+IvrAw37jJlw4SS0xNexMp+XxMViCbuwYy851h96azS/himbiuCKd6aL/96\n" - "mGunbtyiFEvSvv5Jh5z2Wr9BQAcfZjla+4w7BIsg9UNifE/OfgLsQBu34xhsHtfK\n" - "7nFehCOl/I5n+qtnD5KZPe0DWacQdwY4vEAj6YyXdb2bBg+MiwE9KVxGEIUDbklh\n" - "Is70JXczjLZCS+lIpOKh0/lbZmBZePoUbVTtS+GvtPTpQC/aTHRkwGoEtuPEWpbL\n" - "0Q1d6zO+vDJVLJlb5FF2haghs8IlqAxkkPjeUTNye+WktRrDQxmPu/blbxQrygfq\n" - "Au5tBnsxAoGBAOiVtcpg32puo3Yq2Y78oboe9PuHaQP0d3DhwP3/7J0BeNslpjW7\n" - "E1LWsVsCanxTE8XPUdFfAWgMk7lQqESN0wawGmSmWk+eQPZdjHanBaC8vh7aKjo6\n" - "q9FdT1DKjrRi23QyDco3f3E7hvM93IAAhw1ikNu8DT19JAxtdeMh5WAZAoGBAOdw\n" - "6neEvIFXh3RWEv2/GKVhVR8mxDqxmuFdXpOF+YWsK0Tg4uC8jm9kUGnwXgT2Mjke\n" - "oAwYAFcRbHQQGsxy/vkV16kv4aurTE2hMpjeXCAakwV0Pi2w1f9WnDokjgORkOmc\n" - "+QK9I8egdFPMVDfQjhLslhSUY0Eb4qcJ6q9WxfQzAoGBANSsAFybk+7oWAO3TtQW\n" - "YXOk1vIgcYAyS/0mEKixGZS/QdlxZbf/5b17nxTO8rvX416fIftG2ixgQ7vR6us0\n" - "m9+jq56ZFj9zP4eHJudf9h9yNo5TgwVXnMCGh/4iGbcMJgrrsfxUHu5VNiK5UCSj\n" - "VtqAZGDoZVryUMIkXQVhezIRAoGBAN7QUIqcGbcUA24257Wu4hVlrUN+WPCAyDEr\n" - "aL/x/ZV5eXaoYwQlw6LuGpTDOmDgfN2M5FyARuOL/LOIRaSLGXnIU4WoeUSCd8VM\n" - "6Z9Og7bMnrpjfPEUDBH02hcH1kkNPUwLOZgva2Dm0tdSIcpSWFVTu/E4Io4uQHi8\n" - "DVqc2ZsNAoGBAJT76ezXNSSv8hnrKqTpwgTicpqhRZ3eFQjyl4HRL26AJMKv++x8\n" - "4/IsVIwxaHzpbN3nnCjmAHV4gX9YpxVnvYcZflC9WZeDkwNMLmPYb3Zg27EzSMfQ\n" - "8yrfWJZo3qobipcHf1yohAt4fHk9kUKtPHEwp0xKe//rfhswLb3VCzvQ\n" - "-----END RSA PRIVATE KEY-----"; - const char* pubKey = - "-----BEGIN PUBLIC KEY-----\n" - "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kWtjpRO7Zh2KX2naVE/\n" - "BDJdrfwK9xexfNA0MkY2VJ4J2AKMYTj1D1jntceryupCEHOvP3rum+WsFvPXduz9\n" - "+VKnSsSqj4jcTUubtpDUGA5G79IqLEPFuSBaqI8Uwkzd08pE+s30oaJDnNazMhSq\n" - "8JkqBPoCCwtUs73ruE9VbtsBO/kTlASIAfe8nXqcJLcDQgWYhizjJw0Pi6d74oCw\n" - "S2OTvQDNvsXfFnA0ZJEEYw/rZLirj7OHoOjz+Sh5N+1uA3Up6SPPEbHuP6L12Yxq\n" - "Hdy7gnJXodLhvE/cR4SN9VW7+qmCMBjmLkBejGrEX3STS9sLI7MZHu9Y26dwuYb4\n" - "+wIDAQAB\n" - "-----END PUBLIC KEY-----"; - - ret = encrypt_app_dek((const unsigned char*) pubKey, strlen(pubKey), - dek, sizeof(dek), &encryptedDek, &encryptedDekLen); - if(ret != WAE_ERROR_NONE){ - FPRINTF("...FAIL: encrypt_app_dek. ret=%d\n", ret); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - ret = decrypt_app_dek((const unsigned char*) priKey, strlen(priKey), NULL, - encryptedDek, encryptedDekLen, &decryptedDek, &decryptedDekLen); - if(ret != WAE_ERROR_NONE){ - FPRINTF("...FAIL: decrypt_app_dek. ret=%d\n", ret); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - _print_binary_to_hex("...ORIG DEK= ", dek, sizeof(dek)); - _print_binary_to_hex("...ENC DEK= ", encryptedDek, encryptedDekLen); - _print_binary_to_hex("...DEC DEK= ", decryptedDek, decryptedDekLen); - - if(_compare_binary(dek, sizeof(dek), decryptedDek, decryptedDekLen) != 0) { - FPRINTF("...FAIL: ORIG DEK != decrypted DEK\n"); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - ret = WAE_ERROR_NONE; + int ret = WAE_ERROR_NONE; + unsigned char dek[32]; + unsigned char *encryptedDek = NULL; + size_t encryptedDekLen = 0; + unsigned char *decryptedDek = NULL; + size_t decryptedDekLen = 0; + + const char *priKey = + "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIEpgIBAAKCAQEA0kWtjpRO7Zh2KX2naVE/BDJdrfwK9xexfNA0MkY2VJ4J2AKM\n" + "YTj1D1jntceryupCEHOvP3rum+WsFvPXduz9+VKnSsSqj4jcTUubtpDUGA5G79Iq\n" + "LEPFuSBaqI8Uwkzd08pE+s30oaJDnNazMhSq8JkqBPoCCwtUs73ruE9VbtsBO/kT\n" + "lASIAfe8nXqcJLcDQgWYhizjJw0Pi6d74oCwS2OTvQDNvsXfFnA0ZJEEYw/rZLir\n" + "j7OHoOjz+Sh5N+1uA3Up6SPPEbHuP6L12YxqHdy7gnJXodLhvE/cR4SN9VW7+qmC\n" + "MBjmLkBejGrEX3STS9sLI7MZHu9Y26dwuYb4+wIDAQABAoIBAQCwxqV/vc2RUGDe\n" + "xuXM0+IvrAw37jJlw4SS0xNexMp+XxMViCbuwYy851h96azS/himbiuCKd6aL/96\n" + "mGunbtyiFEvSvv5Jh5z2Wr9BQAcfZjla+4w7BIsg9UNifE/OfgLsQBu34xhsHtfK\n" + "7nFehCOl/I5n+qtnD5KZPe0DWacQdwY4vEAj6YyXdb2bBg+MiwE9KVxGEIUDbklh\n" + "Is70JXczjLZCS+lIpOKh0/lbZmBZePoUbVTtS+GvtPTpQC/aTHRkwGoEtuPEWpbL\n" + "0Q1d6zO+vDJVLJlb5FF2haghs8IlqAxkkPjeUTNye+WktRrDQxmPu/blbxQrygfq\n" + "Au5tBnsxAoGBAOiVtcpg32puo3Yq2Y78oboe9PuHaQP0d3DhwP3/7J0BeNslpjW7\n" + "E1LWsVsCanxTE8XPUdFfAWgMk7lQqESN0wawGmSmWk+eQPZdjHanBaC8vh7aKjo6\n" + "q9FdT1DKjrRi23QyDco3f3E7hvM93IAAhw1ikNu8DT19JAxtdeMh5WAZAoGBAOdw\n" + "6neEvIFXh3RWEv2/GKVhVR8mxDqxmuFdXpOF+YWsK0Tg4uC8jm9kUGnwXgT2Mjke\n" + "oAwYAFcRbHQQGsxy/vkV16kv4aurTE2hMpjeXCAakwV0Pi2w1f9WnDokjgORkOmc\n" + "+QK9I8egdFPMVDfQjhLslhSUY0Eb4qcJ6q9WxfQzAoGBANSsAFybk+7oWAO3TtQW\n" + "YXOk1vIgcYAyS/0mEKixGZS/QdlxZbf/5b17nxTO8rvX416fIftG2ixgQ7vR6us0\n" + "m9+jq56ZFj9zP4eHJudf9h9yNo5TgwVXnMCGh/4iGbcMJgrrsfxUHu5VNiK5UCSj\n" + "VtqAZGDoZVryUMIkXQVhezIRAoGBAN7QUIqcGbcUA24257Wu4hVlrUN+WPCAyDEr\n" + "aL/x/ZV5eXaoYwQlw6LuGpTDOmDgfN2M5FyARuOL/LOIRaSLGXnIU4WoeUSCd8VM\n" + "6Z9Og7bMnrpjfPEUDBH02hcH1kkNPUwLOZgva2Dm0tdSIcpSWFVTu/E4Io4uQHi8\n" + "DVqc2ZsNAoGBAJT76ezXNSSv8hnrKqTpwgTicpqhRZ3eFQjyl4HRL26AJMKv++x8\n" + "4/IsVIwxaHzpbN3nnCjmAHV4gX9YpxVnvYcZflC9WZeDkwNMLmPYb3Zg27EzSMfQ\n" + "8yrfWJZo3qobipcHf1yohAt4fHk9kUKtPHEwp0xKe//rfhswLb3VCzvQ\n" + "-----END RSA PRIVATE KEY-----"; + const char *pubKey = + "-----BEGIN PUBLIC KEY-----\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kWtjpRO7Zh2KX2naVE/\n" + "BDJdrfwK9xexfNA0MkY2VJ4J2AKMYTj1D1jntceryupCEHOvP3rum+WsFvPXduz9\n" + "+VKnSsSqj4jcTUubtpDUGA5G79IqLEPFuSBaqI8Uwkzd08pE+s30oaJDnNazMhSq\n" + "8JkqBPoCCwtUs73ruE9VbtsBO/kTlASIAfe8nXqcJLcDQgWYhizjJw0Pi6d74oCw\n" + "S2OTvQDNvsXfFnA0ZJEEYw/rZLirj7OHoOjz+Sh5N+1uA3Up6SPPEbHuP6L12Yxq\n" + "Hdy7gnJXodLhvE/cR4SN9VW7+qmCMBjmLkBejGrEX3STS9sLI7MZHu9Y26dwuYb4\n" + "+wIDAQAB\n" + "-----END PUBLIC KEY-----"; + + ret = encrypt_app_dek((const unsigned char *) pubKey, strlen(pubKey), + dek, sizeof(dek), &encryptedDek, &encryptedDekLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: encrypt_app_dek. ret=%d\n", ret); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + ret = decrypt_app_dek((const unsigned char *) priKey, strlen(priKey), NULL, + encryptedDek, encryptedDekLen, &decryptedDek, &decryptedDekLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: decrypt_app_dek. ret=%d\n", ret); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + _print_binary_to_hex("...ORIG DEK= ", dek, sizeof(dek)); + _print_binary_to_hex("...ENC DEK= ", encryptedDek, encryptedDekLen); + _print_binary_to_hex("...DEC DEK= ", decryptedDek, decryptedDekLen); + + if (_compare_binary(dek, sizeof(dek), decryptedDek, decryptedDekLen) != 0) { + FPRINTF("...FAIL: ORIG DEK != decrypted DEK\n"); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + ret = WAE_ERROR_NONE; error: - if(encryptedDek != NULL) - free(encryptedDek); - if(decryptedDek != NULL) - free(decryptedDek); + if (encryptedDek != NULL) + free(encryptedDek); + + if (decryptedDek != NULL) + free(decryptedDek); - return ret; + return ret; } int wae_tc_encrypt_decrypt_aes_cbc() { - int ret = WAE_ERROR_NONE; - - unsigned char dek[32] = {0, }; - size_t keyLen = 32; - const char* plaintext= "adbdfdfdfdfdererfdfdfererfdrerfdrer"; - size_t plaintextLen = strlen(plaintext); - unsigned char* encrypted = NULL; - size_t encLen = 0; - unsigned char* decrypted = NULL; - size_t decLen = 0; - char decrypted_str[1024] = {0, }; - - ret = _get_random(keyLen, dek); - - ret = encrypt_aes_cbc(dek, keyLen, (const unsigned char*)plaintext, plaintextLen, &encrypted, &encLen); - if(ret != WAE_ERROR_NONE){ - FPRINTF("...FAIL: encrypt_aes_cbc. ret=%d\n", ret); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - ret = decrypt_aes_cbc(dek, keyLen, encrypted, encLen, &decrypted, &decLen); - if(ret != WAE_ERROR_NONE){ - FPRINTF("...FAIL: decrypt_aes_cbc. ret=%d\n", ret); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - if(plaintextLen != decLen) { - FPRINTF("...FAIL: plaintextLen(%d) != decLen(%d)\n", (int) plaintextLen, (int) decLen); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - memcpy(decrypted_str, decrypted, decLen); - FPRINTF("...plaintext = %s\n", plaintext); - FPRINTF("...decrypted = %s\n", decrypted_str); - if(strcmp(plaintext, decrypted_str) != 0) { - FPRINTF("...FAIL: plaintext(%s) != decrypted(%s)\n", plaintext, decrypted_str); - ret = WAE_ERROR_CRYPTO; - goto error; - } + int ret = WAE_ERROR_NONE; + + unsigned char dek[32] = {0, }; + size_t keyLen = 32; + const char *plaintext = "adbdfdfdfdfdererfdfdfererfdrerfdrer"; + size_t plaintextLen = strlen(plaintext); + unsigned char *encrypted = NULL; + size_t encLen = 0; + unsigned char *decrypted = NULL; + size_t decLen = 0; + char decrypted_str[1024] = {0, }; + + ret = _get_random(keyLen, dek); + + ret = encrypt_aes_cbc(dek, keyLen, (const unsigned char *)plaintext, plaintextLen, &encrypted, &encLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: encrypt_aes_cbc. ret=%d\n", ret); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + ret = decrypt_aes_cbc(dek, keyLen, encrypted, encLen, &decrypted, &decLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: decrypt_aes_cbc. ret=%d\n", ret); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + if (plaintextLen != decLen) { + FPRINTF("...FAIL: plaintextLen(%d) != decLen(%d)\n", (int) plaintextLen, (int) decLen); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + memcpy(decrypted_str, decrypted, decLen); + FPRINTF("...plaintext = %s\n", plaintext); + FPRINTF("...decrypted = %s\n", decrypted_str); + + if (strcmp(plaintext, decrypted_str) != 0) { + FPRINTF("...FAIL: plaintext(%s) != decrypted(%s)\n", plaintext, decrypted_str); + ret = WAE_ERROR_CRYPTO; + goto error; + } error: - if(encrypted != NULL) - free(encrypted); - if(decrypted != NULL) - free(decrypted); + if (encrypted != NULL) + free(encrypted); - return ret; + if (decrypted != NULL) + free(decrypted); + + return ret; } //================================================================================= @@ -231,627 +244,680 @@ error: //================================================================================= int wae_tc_cache() { - int ret = WAE_ERROR_NONE; - - const char* pkg1 = "pkg1"; - const char* pkg2 = "pkg2"; - const char* pkg3 = "pkg3"; - const char* pkgDummy = "dummy"; - - unsigned char dek1[32] = {1, }; - unsigned char dek2[32] = {2, }; - unsigned char dek3[32] = {3, }; - unsigned char* retDek = NULL; - - _initialize_cache(); - - _add_app_dek_to_cache(pkg1, dek1); - _add_app_dek_to_cache(pkg2, dek2); - _add_app_dek_to_cache(pkg3, dek3); - - retDek = NULL; - retDek = _get_app_dek_from_cache(pkg1); - if(retDek == NULL || _compare_binary(dek1, 32, retDek, 32) != 0) { - FPRINTF("failed in cache. Diffent DEK1\n"); - ret = WAE_ERROR_UNKNOWN; - goto error; - } - _print_binary_to_hex("...DEK1 : ", dek1, 32); - _print_binary_to_hex("...Returen DEK1 : ", retDek, 32); - - retDek = NULL; - retDek = _get_app_dek_from_cache(pkg2); - if(retDek == NULL || _compare_binary(dek2, 32, retDek, 32) != 0) { - FPRINTF("failed in cache. Diffent DEK2\n"); - ret = WAE_ERROR_UNKNOWN; - goto error; - } - _print_binary_to_hex("...DEK2 : ", dek2, 32); - _print_binary_to_hex("...Returen DEK1 : ", retDek, 32); - - retDek = NULL; - retDek = _get_app_dek_from_cache(pkg3); - if(retDek == NULL || _compare_binary(dek3, 32, retDek, 32) != 0) { - FPRINTF("failed in cache. Diffent DEK3\n"); - ret = WAE_ERROR_UNKNOWN; - goto error; - } - _print_binary_to_hex("...DEK3 : ", dek3, 32); - _print_binary_to_hex("...Returen DEK3 : ", retDek, 32); - - retDek = NULL; - retDek = _get_app_dek_from_cache(pkgDummy); - if(retDek != NULL) { - FPRINTF("failed in cache. Wrong DEK_DUMMY1 returned\n"); - _print_binary_to_hex("retured wrong DEK : ", retDek, 32); - ret = WAE_ERROR_UNKNOWN; - goto error; - } - - _remove_app_dek_from_cache(pkg3); - retDek = NULL; - retDek = _get_app_dek_from_cache(pkg3); - if(retDek != NULL) { - FPRINTF("fail to remove app dek from cache\n"); - ret = WAE_ERROR_UNKNOWN; - goto error; - } - - _initialize_cache(); - - _add_app_dek_to_cache(pkg1, dek1); - - retDek = NULL; - retDek = _get_app_dek_from_cache(pkg2); - if(retDek != NULL) { - FPRINTF("failed in cache. Wrong DEK_DUMMY2 returned\n"); - _print_binary_to_hex("retured wrong DEK : ", retDek, 32); - ret = WAE_ERROR_UNKNOWN; - goto error; - } - - ret = WAE_ERROR_NONE; + int ret = WAE_ERROR_NONE; + + const char *pkg1 = "pkg1"; + const char *pkg2 = "pkg2"; + const char *pkg3 = "pkg3"; + const char *pkgDummy = "dummy"; + + unsigned char dek1[32] = {1, }; + unsigned char dek2[32] = {2, }; + unsigned char dek3[32] = {3, }; + unsigned char *retDek = NULL; + + _initialize_cache(); + + _add_app_dek_to_cache(pkg1, dek1); + _add_app_dek_to_cache(pkg2, dek2); + _add_app_dek_to_cache(pkg3, dek3); + + retDek = NULL; + retDek = _get_app_dek_from_cache(pkg1); + + if (retDek == NULL || _compare_binary(dek1, 32, retDek, 32) != 0) { + FPRINTF("failed in cache. Diffent DEK1\n"); + ret = WAE_ERROR_UNKNOWN; + goto error; + } + + _print_binary_to_hex("...DEK1 : ", dek1, 32); + _print_binary_to_hex("...Returen DEK1 : ", retDek, 32); + + retDek = NULL; + retDek = _get_app_dek_from_cache(pkg2); + + if (retDek == NULL || _compare_binary(dek2, 32, retDek, 32) != 0) { + FPRINTF("failed in cache. Diffent DEK2\n"); + ret = WAE_ERROR_UNKNOWN; + goto error; + } + + _print_binary_to_hex("...DEK2 : ", dek2, 32); + _print_binary_to_hex("...Returen DEK1 : ", retDek, 32); + + retDek = NULL; + retDek = _get_app_dek_from_cache(pkg3); + + if (retDek == NULL || _compare_binary(dek3, 32, retDek, 32) != 0) { + FPRINTF("failed in cache. Diffent DEK3\n"); + ret = WAE_ERROR_UNKNOWN; + goto error; + } + + _print_binary_to_hex("...DEK3 : ", dek3, 32); + _print_binary_to_hex("...Returen DEK3 : ", retDek, 32); + + retDek = NULL; + retDek = _get_app_dek_from_cache(pkgDummy); + + if (retDek != NULL) { + FPRINTF("failed in cache. Wrong DEK_DUMMY1 returned\n"); + _print_binary_to_hex("retured wrong DEK : ", retDek, 32); + ret = WAE_ERROR_UNKNOWN; + goto error; + } + + _remove_app_dek_from_cache(pkg3); + retDek = NULL; + retDek = _get_app_dek_from_cache(pkg3); + + if (retDek != NULL) { + FPRINTF("fail to remove app dek from cache\n"); + ret = WAE_ERROR_UNKNOWN; + goto error; + } + + _initialize_cache(); + + _add_app_dek_to_cache(pkg1, dek1); + + retDek = NULL; + retDek = _get_app_dek_from_cache(pkg2); + + if (retDek != NULL) { + FPRINTF("failed in cache. Wrong DEK_DUMMY2 returned\n"); + _print_binary_to_hex("retured wrong DEK : ", retDek, 32); + ret = WAE_ERROR_UNKNOWN; + goto error; + } + + ret = WAE_ERROR_NONE; + error: - return ret; + return ret; } int wae_tc_get_random() { - int ret = WAE_ERROR_NONE; + int ret = WAE_ERROR_NONE; - size_t rand_len = 32; - unsigned char random[32] = {0, }; + size_t rand_len = 32; + unsigned char random[32] = {0, }; - ret = _get_random(rand_len, random); + ret = _get_random(rand_len, random); - _print_binary_to_hex("...RANDOM = ", random, sizeof(random)); + _print_binary_to_hex("...RANDOM = ", random, sizeof(random)); - return ret; + return ret; } int wae_tc_get_alias() { - int ret = WAE_ERROR_NONE; + int ret = WAE_ERROR_NONE; - const char* pkgId = "TEST_PKG_ID"; - char alias[256] = {0, }; + const char *pkgId = "TEST_PKG_ID"; + char alias[256] = {0, }; - _get_alias(pkgId, WAE_DOWNLOADED_NORMAL_APP, true, alias, sizeof(alias)); - FPRINTF("...pkgid=%s, alias for normal for save. app=%s\n", pkgId, alias); + _get_alias(pkgId, WAE_DOWNLOADED_NORMAL_APP, true, alias, sizeof(alias)); + FPRINTF("...pkgid=%s, alias for normal for save. app=%s\n", pkgId, alias); - _get_alias(pkgId, WAE_DOWNLOADED_NORMAL_APP, false, alias, sizeof(alias)); - FPRINTF("...pkgid=%s, alias for normal for get. app=%s\n", pkgId, alias); + _get_alias(pkgId, WAE_DOWNLOADED_NORMAL_APP, false, alias, sizeof(alias)); + FPRINTF("...pkgid=%s, alias for normal for get. app=%s\n", pkgId, alias); - _get_alias(pkgId, WAE_DOWNLOADED_GLOBAL_APP, true, alias, sizeof(alias)); - FPRINTF("...pkgid=%s, alias for global app=%s\n", pkgId, alias); + _get_alias(pkgId, WAE_DOWNLOADED_GLOBAL_APP, true, alias, sizeof(alias)); + FPRINTF("...pkgid=%s, alias for global app=%s\n", pkgId, alias); - _get_alias(pkgId, WAE_PRELOADED_APP, true, alias, sizeof(alias)); - FPRINTF("...pkgid=%s, alias for preloaded app=%s\n", pkgId, alias); + _get_alias(pkgId, WAE_PRELOADED_APP, true, alias, sizeof(alias)); + FPRINTF("...pkgid=%s, alias for preloaded app=%s\n", pkgId, alias); - return ret; + return ret; } int _wae_tc_add_get_remove_dek(wae_app_type_e appType) { - int ret = WAE_ERROR_NONE; - - const char* pkgId = "TEST_PKG_ID"; - - size_t dekLen= 32; - unsigned char dek[32] = {0, }; - size_t storedDekLen = 0; - unsigned char* storedDek = NULL; - - ret = _get_random(dekLen, dek); - - remove_app_dek(pkgId, appType); - - ret = _add_dek_to_key_manager(pkgId, appType, dek, dekLen); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: _add_dek_to_key_manager. ret=%d\n", ret); - goto error; - } - - ret = get_app_dek(pkgId, appType, &storedDek, &storedDekLen); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: get_app_dek. ret=%d\n", ret); - goto error; - } - - if(_compare_binary(dek, dekLen, storedDek, storedDekLen) != 0 ) { - ret = WAE_ERROR_KEY_MANAGER; - FPRINTF("...FAIL: DEK != STORED_DEK.\n"); - goto error; - } - - ret = remove_app_dek(pkgId, appType); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: remove_app_dek. ret=%d\n", ret); - goto error; - } - - ret = get_app_dek(pkgId, appType, &storedDek, &storedDekLen); - if(ret == WAE_ERROR_NONE) { - ret = WAE_ERROR_UNKNOWN; - FPRINTF("...FAIL: APP DEK still exists in key_manager.\n"); - goto error; - } - - ret = WAE_ERROR_NONE; + int ret = WAE_ERROR_NONE; + + const char *pkgId = "TEST_PKG_ID"; + + size_t dekLen = 32; + unsigned char dek[32] = {0, }; + size_t storedDekLen = 0; + unsigned char *storedDek = NULL; + + ret = _get_random(dekLen, dek); + + remove_app_dek(pkgId, appType); + + ret = _add_dek_to_key_manager(pkgId, appType, dek, dekLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: _add_dek_to_key_manager. ret=%d\n", ret); + goto error; + } + + ret = get_app_dek(pkgId, appType, &storedDek, &storedDekLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: get_app_dek. ret=%d\n", ret); + goto error; + } + + if (_compare_binary(dek, dekLen, storedDek, storedDekLen) != 0) { + ret = WAE_ERROR_KEY_MANAGER; + FPRINTF("...FAIL: DEK != STORED_DEK.\n"); + goto error; + } + + ret = remove_app_dek(pkgId, appType); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: remove_app_dek. ret=%d\n", ret); + goto error; + } + + ret = get_app_dek(pkgId, appType, &storedDek, &storedDekLen); + + if (ret == WAE_ERROR_NONE) { + ret = WAE_ERROR_UNKNOWN; + FPRINTF("...FAIL: APP DEK still exists in key_manager.\n"); + goto error; + } + + ret = WAE_ERROR_NONE; + error: - if(storedDek != NULL) - free(storedDek); + if (storedDek != NULL) + free(storedDek); - return ret; + return ret; } int wae_tc_add_get_remove_dek_for_normal_app() { - return _wae_tc_add_get_remove_dek(WAE_DOWNLOADED_NORMAL_APP); + return _wae_tc_add_get_remove_dek(WAE_DOWNLOADED_NORMAL_APP); } int wae_tc_add_get_remove_dek_for_global_app() { - return _wae_tc_add_get_remove_dek(WAE_DOWNLOADED_GLOBAL_APP); + return _wae_tc_add_get_remove_dek(WAE_DOWNLOADED_GLOBAL_APP); } int wae_tc_add_get_remove_dek_for_preloaded_app() { - return _wae_tc_add_get_remove_dek(WAE_PRELOADED_APP); + return _wae_tc_add_get_remove_dek(WAE_PRELOADED_APP); } int wae_tc_get_preloaded_app_dek_file_path() { - int ret = WAE_ERROR_NONE; + int ret = WAE_ERROR_NONE; + + const char *pkgId = "test_pkg"; + const char *expectedPath = tzplatform_mkpath4(TZ_SYS_SHARE, + "wae", "app_dek", "WAE_APP_DEK_test_pkg.adek"); + char path[256]; - const char *pkgId = "test_pkg"; - const char *expectedPath = tzplatform_mkpath4(TZ_SYS_SHARE, - "wae", "app_dek", "WAE_APP_DEK_test_pkg.adek"); - char path[256]; + FPRINTF("...expected path : %s\n", expectedPath); + ret = _get_preloaded_app_dek_file_path(pkgId, sizeof(path), path); + FPRINTF("...returned path : %s\n", path); - FPRINTF("...expected path : %s\n", expectedPath); - ret = _get_preloaded_app_dek_file_path(pkgId, sizeof(path), path); - FPRINTF("...returned path : %s\n", path); + if (ret != WAE_ERROR_NONE || strncmp(expectedPath, path, strlen(expectedPath)) != 0) { + ret = WAE_ERROR_UNKNOWN; + goto error; + } - if(ret != WAE_ERROR_NONE || strncmp(expectedPath, path, strlen(expectedPath)) != 0) { - ret = WAE_ERROR_UNKNOWN; - goto error; - } error: - return ret; + return ret; } int wae_tc_extract_pkg_id_from_file_name() { - int ret = WAE_ERROR_NONE; - const char* fileName = "WAE_APP_DEK_test_pkg.adek"; - const char* expectedPkgId = "test_pkg"; - char pkgId[100]; - - ret = _extract_pkg_id_from_file_name(fileName, pkgId); - FPRINTF("...expected pkgId: %s\n", expectedPkgId); - FPRINTF("...returned pkgId: %s\n", pkgId); - - if(ret != WAE_ERROR_NONE || strncmp(expectedPkgId, pkgId, strlen(expectedPkgId)) != 0) { - ret = WAE_ERROR_UNKNOWN; - goto error; - } + int ret = WAE_ERROR_NONE; + const char *fileName = "WAE_APP_DEK_test_pkg.adek"; + const char *expectedPkgId = "test_pkg"; + char pkgId[100]; + + ret = _extract_pkg_id_from_file_name(fileName, pkgId); + FPRINTF("...expected pkgId: %s\n", expectedPkgId); + FPRINTF("...returned pkgId: %s\n", pkgId); + + if (ret != WAE_ERROR_NONE || strncmp(expectedPkgId, pkgId, strlen(expectedPkgId)) != 0) { + ret = WAE_ERROR_UNKNOWN; + goto error; + } + error: - return ret; + return ret; } int wae_tc_read_write_encrypted_app_dek() { - int ret = WAE_ERROR_NONE; - const char* pkgId = "write_test_pkg"; - unsigned char dek[256]; - unsigned char* readDek = NULL; - size_t readDekLen = 0; - - ret = _write_encrypted_app_dek_to_file(pkgId, dek, sizeof(dek)); - if(ret != WAE_ERROR_NONE) { - FPRINTF("Fail to _write_encrypted_app_dek_to_file. pkgId=%s\n", pkgId); - goto error; - } - - ret = _read_encrypted_app_dek_from_file(pkgId, &readDek, &readDekLen); - if(ret != WAE_ERROR_NONE) { - FPRINTF("Fail to _read_encrypted_app_dek_from_file. pkgId=%s\n", pkgId); - goto error; - } - - _print_binary_to_hex("...ORIG DEK= ", dek, sizeof(dek)); - _print_binary_to_hex("...READ DEK= ", readDek, readDekLen); - if(_compare_binary(dek, sizeof(dek), readDek, readDekLen) != 0 ) { - ret = WAE_ERROR_UNKNOWN; - FPRINTF("...FAIL: DEK != read_DEK.\n"); - goto error; - } + int ret = WAE_ERROR_NONE; + const char *pkgId = "write_test_pkg"; + unsigned char dek[256]; + unsigned char *readDek = NULL; + size_t readDekLen = 0; + + ret = _write_encrypted_app_dek_to_file(pkgId, dek, sizeof(dek)); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("Fail to _write_encrypted_app_dek_to_file. pkgId=%s\n", pkgId); + goto error; + } + + ret = _read_encrypted_app_dek_from_file(pkgId, &readDek, &readDekLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("Fail to _read_encrypted_app_dek_from_file. pkgId=%s\n", pkgId); + goto error; + } + + _print_binary_to_hex("...ORIG DEK= ", dek, sizeof(dek)); + _print_binary_to_hex("...READ DEK= ", readDek, readDekLen); + + if (_compare_binary(dek, sizeof(dek), readDek, readDekLen) != 0) { + ret = WAE_ERROR_UNKNOWN; + FPRINTF("...FAIL: DEK != read_DEK.\n"); + goto error; + } error: - if(readDek != NULL) - free(readDek); - return ret; + if (readDek != NULL) + free(readDek); + + return ret; } int _wae_tc_create_app_dek(wae_app_type_e appType) { - int ret = WAE_ERROR_NONE; + int ret = WAE_ERROR_NONE; + + const char *pkgId = "TEST_PKG_ID"; + unsigned char *dek = NULL; + size_t dekLen = 0; - const char* pkgId = "TEST_PKG_ID"; - unsigned char* dek = NULL; - size_t dekLen = 0; + size_t storedDekLen = 0; + unsigned char *storedDek = NULL; - size_t storedDekLen = 0; - unsigned char* storedDek = NULL; + remove_app_dek(pkgId, appType); - remove_app_dek(pkgId, appType); + ret = create_app_dek(pkgId, appType, &dek, &dekLen); - ret = create_app_dek(pkgId, appType, &dek, &dekLen); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: create_app_dek. ret=%d\n", ret); - goto error; - } + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: create_app_dek. ret=%d\n", ret); + goto error; + } - ret = get_app_dek(pkgId, appType, &storedDek, &storedDekLen); - if(ret != WAE_ERROR_NONE) { - ret = WAE_ERROR_KEY_MANAGER; - FPRINTF("...FAIL: get_app_dek. ret=%d\n", ret); - goto error; - } + ret = get_app_dek(pkgId, appType, &storedDek, &storedDekLen); - _print_binary_to_hex("...CREATED DEK = ", dek, dekLen); - _print_binary_to_hex("...STORED DEK = ", storedDek, storedDekLen); - if(_compare_binary(dek, dekLen, storedDek, storedDekLen) != 0 ) { - ret = WAE_ERROR_FILE; - FPRINTF("...FAIL: DEK != STORED_DEK.\n"); - goto error; - } + if (ret != WAE_ERROR_NONE) { + ret = WAE_ERROR_KEY_MANAGER; + FPRINTF("...FAIL: get_app_dek. ret=%d\n", ret); + goto error; + } - remove_app_dek(pkgId, appType); + _print_binary_to_hex("...CREATED DEK = ", dek, dekLen); + _print_binary_to_hex("...STORED DEK = ", storedDek, storedDekLen); + + if (_compare_binary(dek, dekLen, storedDek, storedDekLen) != 0) { + ret = WAE_ERROR_FILE; + FPRINTF("...FAIL: DEK != STORED_DEK.\n"); + goto error; + } + + remove_app_dek(pkgId, appType); + + ret = WAE_ERROR_NONE; - ret = WAE_ERROR_NONE; error: - if(dek != NULL) - free(dek); - if(storedDek != NULL) - free(storedDek); - return ret; + if (dek != NULL) + free(dek); + + if (storedDek != NULL) + free(storedDek); + + return ret; } int wae_tc_create_app_dek_for_normal_app() { - return _wae_tc_create_app_dek(WAE_DOWNLOADED_NORMAL_APP); + return _wae_tc_create_app_dek(WAE_DOWNLOADED_NORMAL_APP); } int wae_tc_create_app_dek_for_global_app() { - return _wae_tc_create_app_dek(WAE_DOWNLOADED_GLOBAL_APP); + return _wae_tc_create_app_dek(WAE_DOWNLOADED_GLOBAL_APP); } int wae_tc_create_app_dek_for_preloaded_app() { - return _wae_tc_create_app_dek(WAE_PRELOADED_APP); + return _wae_tc_create_app_dek(WAE_PRELOADED_APP); } int wae_tc_get_create_preloaded_app_dek() { - int ret = WAE_ERROR_NONE; - - const char* pkgId = "TEST_PKG_ID_FOR_CREATE"; - unsigned char *dek = NULL; - unsigned char *readDek = NULL; - size_t readDekLen = 0; - size_t dekLen = 0; - - ret = get_preloaded_app_dek(pkgId, &readDek, &readDekLen); - if(ret != WAE_ERROR_NO_KEY) { - FPRINTF("...FAIL: There should be no APP DEK. get_preloaded_app_dek. ret=%d\n", ret); - ret = WAE_ERROR_FILE; - goto error; - } - - ret = create_preloaded_app_dek(pkgId, &dek, &dekLen); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: create_preloaded_app_dek. ret=%d\n", ret); - goto error; - } - - ret = get_preloaded_app_dek(pkgId, &readDek, &readDekLen); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: get_preloaded_app_dek. ret=%d\n", ret); - goto error; - } - - _print_binary_to_hex("...CREATED DEK = ", dek, dekLen); - _print_binary_to_hex("...READ DEK = ", readDek, readDekLen); - - if(_compare_binary(dek, dekLen, readDek, readDekLen) != 0 ) { - ret = WAE_ERROR_FILE; - FPRINTF("...FAIL: DEK != READ_DEK.\n"); - goto error; - } - - ret = WAE_ERROR_NONE; + int ret = WAE_ERROR_NONE; + + const char *pkgId = "TEST_PKG_ID_FOR_CREATE"; + unsigned char *dek = NULL; + unsigned char *readDek = NULL; + size_t readDekLen = 0; + size_t dekLen = 0; + + ret = get_preloaded_app_dek(pkgId, &readDek, &readDekLen); + + if (ret != WAE_ERROR_NO_KEY) { + FPRINTF("...FAIL: There should be no APP DEK. get_preloaded_app_dek. ret=%d\n", ret); + ret = WAE_ERROR_FILE; + goto error; + } + + ret = create_preloaded_app_dek(pkgId, &dek, &dekLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: create_preloaded_app_dek. ret=%d\n", ret); + goto error; + } + + ret = get_preloaded_app_dek(pkgId, &readDek, &readDekLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: get_preloaded_app_dek. ret=%d\n", ret); + goto error; + } + + _print_binary_to_hex("...CREATED DEK = ", dek, dekLen); + _print_binary_to_hex("...READ DEK = ", readDek, readDekLen); + + if (_compare_binary(dek, dekLen, readDek, readDekLen) != 0) { + ret = WAE_ERROR_FILE; + FPRINTF("...FAIL: DEK != READ_DEK.\n"); + goto error; + } + + ret = WAE_ERROR_NONE; + error: - if(dek != NULL) - free(dek); - if(readDek != NULL) - free(readDek); - return ret; + if (dek != NULL) + free(dek); + + if (readDek != NULL) + free(readDek); + + return ret; } int wae_tc_load_preloaded_app_deks() { - int ret = WAE_ERROR_NONE; - - const char* pkgId1 = "TEST_PKGID_1"; - unsigned char* dek1 = NULL; - size_t dekLen1 = 0; - unsigned char* readDek1 = NULL; - size_t readDekLen1 = 0; - char path1[MAX_PATH_LEN] = {0, }; - - const char* pkgId2 = "TEST_PKGID_2"; - unsigned char* dek2 = NULL; - size_t dekLen2 = 0; - unsigned char* readDek2 = NULL; - size_t readDekLen2 = 0; - char path2[MAX_PATH_LEN] = {0, }; - - _get_preloaded_app_dek_file_path(pkgId1, sizeof(path1), path1); - _get_preloaded_app_dek_file_path(pkgId2, sizeof(path2), path2); - - // remove old test data - remove_app_dek(pkgId1, WAE_PRELOADED_APP); - remove_app_dek(pkgId2, WAE_PRELOADED_APP); - unlink(path1); - unlink(path2); - - // create 2 dek for preloaded app - ret = create_preloaded_app_dek(pkgId1, &dek1, &dekLen1); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: create_preloaded_app_dek. ret=%d\n", ret); - goto error; - } - - ret = create_preloaded_app_dek(pkgId2, &dek2, &dekLen2); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: create_preloaded_app_dek. ret=%d\n", ret); - goto error; - } - - // load_preloaded_app_deks - ret = load_preloaded_app_deks(true); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: load_preloaded_app_deks. ret=%d\n", ret); - goto error; - } - - // get_app_dek - ret = get_app_dek(pkgId1, WAE_PRELOADED_APP, &readDek1, &readDekLen1); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: get_app_dek. ret=%d\n", ret); - goto error; - } - - ret = get_app_dek(pkgId2, WAE_PRELOADED_APP, &readDek2, &readDekLen2); - if(ret != WAE_ERROR_NONE) { - FPRINTF("...FAIL: get_app_dek. ret=%d\n", ret); - goto error; - } - - _print_binary_to_hex("...CREATED DEK1 = ", dek1, dekLen1); - _print_binary_to_hex("...READ DEK1 = ", readDek1, readDekLen1); - if(_compare_binary(dek1, dekLen1, readDek1, readDekLen1) != 0 ) { - ret = WAE_ERROR_FILE; - FPRINTF("...FAIL: DEK1 != READ_DEK1.\n"); - goto error; - } - - _print_binary_to_hex("...CREATED DEK2 = ", dek2, dekLen2); - _print_binary_to_hex("...READ DEK2 = ", readDek2, readDekLen2); - if(_compare_binary(dek2, dekLen2, readDek2, readDekLen2) != 0 ) { - ret = WAE_ERROR_FILE; - FPRINTF("...FAIL: DEK2 != READ_DEK2.\n"); - goto error; - } - - // remove_app_dek - remove_app_dek(pkgId1, WAE_PRELOADED_APP); - remove_app_dek(pkgId2, WAE_PRELOADED_APP); - - ret = WAE_ERROR_NONE; + int ret = WAE_ERROR_NONE; + + const char *pkgId1 = "TEST_PKGID_1"; + unsigned char *dek1 = NULL; + size_t dekLen1 = 0; + unsigned char *readDek1 = NULL; + size_t readDekLen1 = 0; + char path1[MAX_PATH_LEN] = {0, }; + + const char *pkgId2 = "TEST_PKGID_2"; + unsigned char *dek2 = NULL; + size_t dekLen2 = 0; + unsigned char *readDek2 = NULL; + size_t readDekLen2 = 0; + char path2[MAX_PATH_LEN] = {0, }; + + _get_preloaded_app_dek_file_path(pkgId1, sizeof(path1), path1); + _get_preloaded_app_dek_file_path(pkgId2, sizeof(path2), path2); + + // remove old test data + remove_app_dek(pkgId1, WAE_PRELOADED_APP); + remove_app_dek(pkgId2, WAE_PRELOADED_APP); + unlink(path1); + unlink(path2); + + // create 2 dek for preloaded app + ret = create_preloaded_app_dek(pkgId1, &dek1, &dekLen1); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: create_preloaded_app_dek. ret=%d\n", ret); + goto error; + } + + ret = create_preloaded_app_dek(pkgId2, &dek2, &dekLen2); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: create_preloaded_app_dek. ret=%d\n", ret); + goto error; + } + + // load_preloaded_app_deks + ret = load_preloaded_app_deks(true); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: load_preloaded_app_deks. ret=%d\n", ret); + goto error; + } + + // get_app_dek + ret = get_app_dek(pkgId1, WAE_PRELOADED_APP, &readDek1, &readDekLen1); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: get_app_dek. ret=%d\n", ret); + goto error; + } + + ret = get_app_dek(pkgId2, WAE_PRELOADED_APP, &readDek2, &readDekLen2); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: get_app_dek. ret=%d\n", ret); + goto error; + } + + _print_binary_to_hex("...CREATED DEK1 = ", dek1, dekLen1); + _print_binary_to_hex("...READ DEK1 = ", readDek1, readDekLen1); + + if (_compare_binary(dek1, dekLen1, readDek1, readDekLen1) != 0) { + ret = WAE_ERROR_FILE; + FPRINTF("...FAIL: DEK1 != READ_DEK1.\n"); + goto error; + } + + _print_binary_to_hex("...CREATED DEK2 = ", dek2, dekLen2); + _print_binary_to_hex("...READ DEK2 = ", readDek2, readDekLen2); + + if (_compare_binary(dek2, dekLen2, readDek2, readDekLen2) != 0) { + ret = WAE_ERROR_FILE; + FPRINTF("...FAIL: DEK2 != READ_DEK2.\n"); + goto error; + } + + // remove_app_dek + remove_app_dek(pkgId1, WAE_PRELOADED_APP); + remove_app_dek(pkgId2, WAE_PRELOADED_APP); + + ret = WAE_ERROR_NONE; + error: - if(dek1 != NULL) - free(dek1); - if(readDek1 != NULL) - free(readDek1); - if(dek2 != NULL) - free(dek2); - if(readDek2 != NULL) - free(readDek2); - - return ret; + if (dek1 != NULL) + free(dek1); + + if (readDek1 != NULL) + free(readDek1); + + if (dek2 != NULL) + free(dek2); + + if (readDek2 != NULL) + free(readDek2); + + return ret; } int _wae_tc_encrypt_decrypt_web_app(wae_app_type_e appType) { - int ret = WAE_ERROR_NONE; - - const char* pkgId1 = "testpkg_for_normal"; - const char* pkgId2 = "testpkg_for_global"; - const char* pkgId3 = "testpkg_for_preloaded"; - const char* pkgId = NULL; - const char* plaintext= "adbdfdfdfdfdererfdfdfererfdrerfdrer"; - size_t plaintextLen = strlen(plaintext); - unsigned char* encrypted = NULL; - size_t encLen = 0; - unsigned char* decrypted = NULL; - size_t decLen = 0; - char decrypted_str[1024] = {0, }; - - switch(appType) { - case WAE_DOWNLOADED_NORMAL_APP: - pkgId = pkgId1; - break; - case WAE_DOWNLOADED_GLOBAL_APP: - pkgId = pkgId2; - break; - case WAE_PRELOADED_APP: - pkgId = pkgId3; - break; - } - - // remove old test data - ret = wae_remove_app_dek(pkgId, appType); - if(appType == WAE_PRELOADED_APP) { - _clear_app_deks_loaded(); - } - - // test for downloaded web application - ret = wae_encrypt_web_application(pkgId, appType, - (const unsigned char*)plaintext, plaintextLen, - &encrypted, &encLen); - if(ret != WAE_ERROR_NONE){ - FPRINTF("...FAIL: wae_encrypt_web_application. ret=%d\n", ret); - goto error; - } - - // encrypt test twice - ret = wae_encrypt_web_application(pkgId, appType, - (const unsigned char*)plaintext, plaintextLen, - &encrypted, &encLen); - if(ret != WAE_ERROR_NONE){ - FPRINTF("...FAIL: wae_encrypt_web_application. ret=%d\n", ret); - goto error; - } - - _remove_app_dek_from_cache(pkgId); - - if(appType == WAE_PRELOADED_APP) { - load_preloaded_app_deks(true); - } - - ret = wae_decrypt_web_application(pkgId, appType, encrypted, encLen, &decrypted, &decLen); - if(ret != WAE_ERROR_NONE){ - FPRINTF("...FAIL: wae_decrypt_web_application. ret=%d\n", ret); - goto error; - } - - if(plaintextLen != decLen) { - FPRINTF("...FAIL: plaintextLen(%d) != decLen(%d)\n", (int) plaintextLen, (int) decLen); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - memcpy(decrypted_str, decrypted, decLen); - FPRINTF("...plaintext(downloaded) = %s\n", plaintext); - FPRINTF("...decrypted(downloaded) = %s\n", decrypted_str); - if(strcmp(plaintext, decrypted_str) != 0) { - FPRINTF("...FAIL: plaintext(%s) != decrypted(%s)\n", plaintext, decrypted_str); - ret = WAE_ERROR_CRYPTO; - goto error; - } - - ret = wae_remove_app_dek(pkgId, appType); - if(ret != WAE_ERROR_NONE){ - FPRINTF("...FAIL: wae_remove_app_dek. ret=%d\n", ret); - goto error; - } + int ret = WAE_ERROR_NONE; + + const char *pkgId1 = "testpkg_for_normal"; + const char *pkgId2 = "testpkg_for_global"; + const char *pkgId3 = "testpkg_for_preloaded"; + const char *pkgId = NULL; + const char *plaintext = "adbdfdfdfdfdererfdfdfererfdrerfdrer"; + size_t plaintextLen = strlen(plaintext); + unsigned char *encrypted = NULL; + size_t encLen = 0; + unsigned char *decrypted = NULL; + size_t decLen = 0; + char decrypted_str[1024] = {0, }; + + switch (appType) { + case WAE_DOWNLOADED_NORMAL_APP: + pkgId = pkgId1; + break; + + case WAE_DOWNLOADED_GLOBAL_APP: + pkgId = pkgId2; + break; + + case WAE_PRELOADED_APP: + pkgId = pkgId3; + break; + } + + // remove old test data + ret = wae_remove_app_dek(pkgId, appType); + + if (appType == WAE_PRELOADED_APP) { + _clear_app_deks_loaded(); + } + + // test for downloaded web application + ret = wae_encrypt_web_application(pkgId, appType, + (const unsigned char *)plaintext, plaintextLen, + &encrypted, &encLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: wae_encrypt_web_application. ret=%d\n", ret); + goto error; + } + + // encrypt test twice + ret = wae_encrypt_web_application(pkgId, appType, + (const unsigned char *)plaintext, plaintextLen, + &encrypted, &encLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: wae_encrypt_web_application. ret=%d\n", ret); + goto error; + } + + _remove_app_dek_from_cache(pkgId); + + if (appType == WAE_PRELOADED_APP) { + load_preloaded_app_deks(true); + } + + ret = wae_decrypt_web_application(pkgId, appType, encrypted, encLen, &decrypted, &decLen); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: wae_decrypt_web_application. ret=%d\n", ret); + goto error; + } + + if (plaintextLen != decLen) { + FPRINTF("...FAIL: plaintextLen(%d) != decLen(%d)\n", (int) plaintextLen, (int) decLen); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + memcpy(decrypted_str, decrypted, decLen); + FPRINTF("...plaintext(downloaded) = %s\n", plaintext); + FPRINTF("...decrypted(downloaded) = %s\n", decrypted_str); + + if (strcmp(plaintext, decrypted_str) != 0) { + FPRINTF("...FAIL: plaintext(%s) != decrypted(%s)\n", plaintext, decrypted_str); + ret = WAE_ERROR_CRYPTO; + goto error; + } + + ret = wae_remove_app_dek(pkgId, appType); + + if (ret != WAE_ERROR_NONE) { + FPRINTF("...FAIL: wae_remove_app_dek. ret=%d\n", ret); + goto error; + } error: - if(encrypted != NULL) - free(encrypted); - if(decrypted != NULL) - free(decrypted); + if (encrypted != NULL) + free(encrypted); + + if (decrypted != NULL) + free(decrypted); - return ret; + return ret; } int wae_tc_encrypt_decrypt_normal_app() { - return _wae_tc_encrypt_decrypt_web_app(WAE_DOWNLOADED_NORMAL_APP); + return _wae_tc_encrypt_decrypt_web_app(WAE_DOWNLOADED_NORMAL_APP); } int wae_tc_encrypt_decrypt_global_app() { - return _wae_tc_encrypt_decrypt_web_app(WAE_DOWNLOADED_GLOBAL_APP); + return _wae_tc_encrypt_decrypt_web_app(WAE_DOWNLOADED_GLOBAL_APP); } int wae_tc_encrypt_decrypt_preloaded_app() { - return _wae_tc_encrypt_decrypt_web_app(WAE_PRELOADED_APP); + return _wae_tc_encrypt_decrypt_web_app(WAE_PRELOADED_APP); } -int run_test_cases(char* test_mode) +int run_test_cases(char *test_mode) { - if(strcmp(test_mode, "system") == 0) { - RUNTC(wae_tc_encrypt_decrypt_app_dek, "wae_tc_encrypt_decrypt_app_dek"); - RUNTC(wae_tc_encrypt_decrypt_aes_cbc, "wae_tc_encrypt_decrypt_aes_cbc"); - RUNTC(wae_tc_cache, "wae_tc_cache"); + if (strcmp(test_mode, "system") == 0) { + RUNTC(wae_tc_encrypt_decrypt_app_dek, "wae_tc_encrypt_decrypt_app_dek"); + RUNTC(wae_tc_encrypt_decrypt_aes_cbc, "wae_tc_encrypt_decrypt_aes_cbc"); + RUNTC(wae_tc_cache, "wae_tc_cache"); - RUNTC(wae_tc_get_random, "wae_tc_get_random"); - RUNTC(wae_tc_get_alias, "wae_tc_get_alias"); + RUNTC(wae_tc_get_random, "wae_tc_get_random"); + RUNTC(wae_tc_get_alias, "wae_tc_get_alias"); - RUNTC(wae_tc_add_get_remove_dek_for_global_app, "wae_tc_add_get_remove_dek_for_global_app"); - RUNTC(wae_tc_add_get_remove_dek_for_preloaded_app, "wae_tc_add_get_remove_dek_for_preloaded_app"); + RUNTC(wae_tc_add_get_remove_dek_for_global_app, "wae_tc_add_get_remove_dek_for_global_app"); + RUNTC(wae_tc_add_get_remove_dek_for_preloaded_app, "wae_tc_add_get_remove_dek_for_preloaded_app"); - RUNTC(wae_tc_get_preloaded_app_dek_file_path, "wae_tc_get_preloaded_app_dek_file_path"); - RUNTC(wae_tc_extract_pkg_id_from_file_name, "wae_tc_extract_pkg_id_from_file_name"); - RUNTC(wae_tc_read_write_encrypted_app_dek, "wae_tc_read_write_encrypted_app_dek"); + RUNTC(wae_tc_get_preloaded_app_dek_file_path, "wae_tc_get_preloaded_app_dek_file_path"); + RUNTC(wae_tc_extract_pkg_id_from_file_name, "wae_tc_extract_pkg_id_from_file_name"); + RUNTC(wae_tc_read_write_encrypted_app_dek, "wae_tc_read_write_encrypted_app_dek"); - RUNTC(wae_tc_create_app_dek_for_global_app, "wae_tc_create_app_dek_for_global_app"); - RUNTC(wae_tc_create_app_dek_for_preloaded_app, "wae_tc_create_app_dek_for_preloaded_app"); + RUNTC(wae_tc_create_app_dek_for_global_app, "wae_tc_create_app_dek_for_global_app"); + RUNTC(wae_tc_create_app_dek_for_preloaded_app, "wae_tc_create_app_dek_for_preloaded_app"); - RUNTC(wae_tc_get_create_preloaded_app_dek, "wae_tc_get_create_preloaded_app_dek"); - RUNTC(wae_tc_load_preloaded_app_deks, "wae_tc_load_preloaded_app_deks"); + RUNTC(wae_tc_get_create_preloaded_app_dek, "wae_tc_get_create_preloaded_app_dek"); + RUNTC(wae_tc_load_preloaded_app_deks, "wae_tc_load_preloaded_app_deks"); - RUNTC(wae_tc_encrypt_decrypt_global_app, "wae_tc_encrypt_decrypt_global_app"); - RUNTC(wae_tc_encrypt_decrypt_preloaded_app, "wae_tc_encrypt_decrypt_preloaded_app"); - }else { - RUNTC(wae_tc_add_get_remove_dek_for_normal_app, "wae_tc_add_get_remove_dek_for_normal_app"); - RUNTC(wae_tc_create_app_dek_for_normal_app, "wae_tc_create_app_dek_for_normal_app"); - RUNTC(wae_tc_encrypt_decrypt_normal_app, "wae_tc_encrypt_decrypt_normal_app"); - } + RUNTC(wae_tc_encrypt_decrypt_global_app, "wae_tc_encrypt_decrypt_global_app"); + RUNTC(wae_tc_encrypt_decrypt_preloaded_app, "wae_tc_encrypt_decrypt_preloaded_app"); + } else { + RUNTC(wae_tc_add_get_remove_dek_for_normal_app, "wae_tc_add_get_remove_dek_for_normal_app"); + RUNTC(wae_tc_create_app_dek_for_normal_app, "wae_tc_create_app_dek_for_normal_app"); + RUNTC(wae_tc_encrypt_decrypt_normal_app, "wae_tc_encrypt_decrypt_normal_app"); + } - PRINT_TC_SUMMARY(); - return 0; + PRINT_TC_SUMMARY(); + return 0; } -int main(int argc, char* argv[]) +int main(int argc, char *argv[]) { - int ret = 0; + int ret = 0; - if(argc != 2 || (strcmp(argv[1],"system") != 0 && strcmp(argv[1],"user")) ) { - FPRINTF("invalid command formant. command format : %s system|user\n", argv[0]); - exit(1); - } + if (argc != 2 || (strcmp(argv[1], "system") != 0 && strcmp(argv[1], "user"))) { + FPRINTF("invalid command formant. command format : %s system|user\n", argv[0]); + exit(1); + } - ret = run_test_cases(argv[1]); + ret = run_test_cases(argv[1]); - return ret; + return ret; } |