diff options
author | Kyungwook Tak <k.tak@samsung.com> | 2016-12-07 17:22:40 +0900 |
---|---|---|
committer | Kyungwook Tak <k.tak@samsung.com> | 2016-12-08 15:09:41 +0900 |
commit | 66f4515064566676869fd3c3a8970fcf24b00b5f (patch) | |
tree | ab44c28901de718ad736b8e0517d591b50961eef /srcs/key_handler.h | |
parent | 9efcb91aed4e7365aa945fc9c6ffe2d111ca1496 (diff) | |
download | libwebappenc-66f4515064566676869fd3c3a8970fcf24b00b5f.tar.gz libwebappenc-66f4515064566676869fd3c3a8970fcf24b00b5f.tar.bz2 libwebappenc-66f4515064566676869fd3c3a8970fcf24b00b5f.zip |
Remove reload option to wae initializer service
Reload option is not needed anymore.
To be secure, remove all KEKs from dek store (also adek) after loading
preloaded adeks once. Loaded adeks are stored in key-manager so they're
useless.
Related test cases are added. (load preloaded app deks)
(TODO) To use key-manager initial value feature is highly considered
to store KEK private key more securely.
Change-Id: I2f6c645398277968cd7d480236d1802a07fa33df
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Diffstat (limited to 'srcs/key_handler.h')
-rw-r--r-- | srcs/key_handler.h | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/srcs/key_handler.h b/srcs/key_handler.h index 791e149..f5ce3e4 100644 --- a/srcs/key_handler.h +++ b/srcs/key_handler.h @@ -41,6 +41,10 @@ int _get_random(raw_buffer_s *rb); int _get_preloaded_app_dek_file_path(const char *pkg_id, size_t size, char *path); int _read_encrypted_app_dek_from_file(const char *pkg_id, raw_buffer_s **pencrypted); int _write_encrypted_app_dek_to_file(const char *pkg_id, const raw_buffer_s *encrypted); +void _remove_directory(const char *path); +const char *_get_dek_kek_pub_key_path(); +const char *_get_dek_kek_pri_key_path(); +const char *_get_dek_store_path(); /* functions for interface */ int get_app_ce(uid_t uid, const char *pkg_id, wae_app_type_e app_type, @@ -51,7 +55,7 @@ int remove_app_ce(uid_t uid, const char *pkg_id, wae_app_type_e app_type); int get_preloaded_app_ce(const char *pkg_id, const crypto_element_s **pce); int create_preloaded_app_ce(const char *pkg_id, const crypto_element_s **pce); -int load_preloaded_app_deks(bool reload); +int load_preloaded_app_deks(); #ifdef __cplusplus } |