change fine naming rule

Change-Id: I65b7084b94c791470784823d9ee07b4436996efa Signed-off-by: KyungwooNoh <kw1004.noh@samsung.com>
author: KyungwooNoh <kw1004.noh@samsung.com> 2013-06-26 19:40:25 +0900
committer: KyungwooNoh <kw1004.noh@samsung.com> 2013-06-26 19:40:25 +0900
commit: 81b5b465c7fe73023725a08946a0661b74e76fb1 (patch)
tree: bfa5b50a9517f6b24ef49464dfb10160b483f5e0
parent: ef2125cf0a5016d6b5edf97a9e3fe22ff4fc0790 (diff)
download: secure-storage-81b5b465c7fe73023725a08946a0661b74e76fb1.tar.gz
secure-storage-81b5b465c7fe73023725a08946a0661b74e76fb1.tar.bz2
secure-storage-81b5b465c7fe73023725a08946a0661b74e76fb1.zip
2 files changed, 229 insertions, 287 deletions
diff --git a/include/ss_manager.h b/include/ss_manager.h
index f9e277c..1d14ca4 100755
--- a/include/ss_manager.h
+++ b/include/ss_manager.h
@@ -45,6 +45,8 @@ typedef enum {
 	SSM_FLAG_SECRET_PRESERVE,	// for preserved operation
 	SSM_FLAG_SECRET_OPERATION,	// for oma drm , wifi addr, divx and bt addr
 	SSM_FLAG_WIDGET, // for wiget encryption/decryption
+	SSM_FLAG_WEB_APP,
+	SSM_FLAG_PRELOADED_WEB_APP,
 	SSM_FLAG_MAX
 } ssm_flag;
 
diff --git a/server/src/ss_server_main.c b/server/src/ss_server_main.c
index 5d66f16..25f3048 100755
--- a/server/src/ss_server_main.c
+++ b/server/src/ss_server_main.c
@@ -113,7 +113,7 @@ char* get_preserved_dir()
 int IsSmackEnabled()
 {
 	FILE *file = NULL;
-	if(file = fopen("/smack/load2", "r"))
+	if((file = fopen("/smack/load2", "r")))
 	{
 		fclose(file);
 		return 1;
@@ -186,7 +186,7 @@ unsigned short GetHashCode(const unsigned char* pString)
 	return hash;
 }
 
-int IsDirExist(char* dirpath)
+int IsDirExist(const char* dirpath)
 {
 	DIR* dp = NULL;
 	
@@ -204,300 +204,194 @@ int IsDirExist(char* dirpath)
 	return -1;
 }
 
-int check_privilege(const char* cookie, const char* group_id)
+int check_privilege_by_sockfd(int sockfd, const char* object, const char* access_rights)
 {
-//	int ret = -1;	// if success, return 0
-//	int gid = -1;
-	
-//	if(!strncmp(group_id, "NOTUSED", 7))	// group_id is NULL
-//		return 0;
-//	else
-//	{
-//		gid = security_server_get_gid(group_id);
-//		ret = security_server_check_privilege(cookie, gid);
-//	}
-
-//	return ret;
-	return 0; // success always
+	if(!IsSmackEnabled())
+		return 0;
+
+	int ret = security_server_check_privilege_by_sockfd(sockfd, object, access_rights);
+	SLOGD("object : %s, access_rights : %s, ret : %d", object, access_rights, ret);
+	return ret;
 }
 
-int check_privilege_by_sockfd(int sockfd, const char* object, const char* access_rights)
+/* convert normal file path to secure storage file path  */
+int ConvertFileName(int sender_pid, char* dest, const char* src, ssm_flag flag, const char* group_id)
 {
-	int ret = -1;	// if success, return 0
-	const char* private_group_id = "NOTUSED";
-	char* default_smack_label = NULL;
-	const char* group_id = object;
+	char s[33+1];
+	const char* dir = group_id;
+	char* preserved_dir = NULL;
+	int is_dir_exist = -1;
 
-	if(!IsSmackEnabled())
+	if(!dest || !src)
 	{
-		return 0;
+		SLOGE("Parameter error in ConvertFileName()...\n");
+		return SS_FILE_OPEN_ERROR;	// file related error
 	}
 
-	if(!strncmp(group_id, private_group_id, strlen(private_group_id)))
+	// get top-dir path
+	if(flag == SSM_FLAG_SECRET_PRESERVE)
 	{
-		SLOGD("requested default group_id. get smack label");
-		default_smack_label = security_server_get_smacklabel_sockfd(sockfd);
-		if(default_smack_label)
+		preserved_dir = get_preserved_dir();
+		if(preserved_dir == NULL)	// fail to get preserved directory
 		{
-			SLOGD("defined smack label : %s", default_smack_label);
-			group_id = default_smack_label;
+			SLOGE("fail to get preserved dir\n");
+			return SS_FILE_OPEN_ERROR;
 		}
-		else
+
+		strncpy(dest, preserved_dir, strlen(preserved_dir));  //dest <= /csa
+		free(preserved_dir);
+	}
+	else 	// SSM_FLAG_SECRET_DATA || SSM_FLAG_SECRET_OPERATION || SSM_FLAG_PRELOADED_WEB_APP
+	{
+		if(CreateStorageDir(SS_STORAGE_DEFAULT_PATH) < 0)
 		{
-			SLOGD("failed to get smack label");
-			return -1;
+			return SS_FILE_OPEN_ERROR;
 		}
+		// TBD
+		strncpy(dest, SS_STORAGE_DEFAULT_PATH, strlen(SS_STORAGE_DEFAULT_PATH));
 	}
 
-	SLOGD("object : %s, access_rights : %s", group_id, access_rights);
-	ret = security_server_check_privilege_by_sockfd(sockfd, group_id, access_rights);
+	strncat(dest, dir, (strlen(dir))); 	// add top-dir + dir(label)
+	strncat(dest, "/", 1);
 
-	if(default_smack_label)
+	if(CreateStorageDir(dest) < 0)
 	{
-		free(default_smack_label);
+		return SS_FILE_OPEN_ERROR;
 	}
 
-	return ret;
-}
+	strncat(dest, "_", 1); 	// /top-dir/label/_
 
-/* convert normal file path to secure storage file path  */
-int ConvertFileName(int sender_pid, char* dest, const char* src, ssm_flag flag, const char* group_id)
-{
-	char* if_pointer = NULL;
-	unsigned short h_code = 0;
-	unsigned short h_code2 = 0;
-	unsigned char path_hash[SHA_DIGEST_LENGTH + 1];
-	char s[33+1];
-	const char* dir = NULL;
-	char tmp_cmd[32] = {0, };
-	char tmp_buf[10] = {0, };
-	const unsigned char exe_path[256] = {0, };
-	FILE* fp_proc = NULL;
-	char* preserved_dir = NULL;
-	int is_dir_exist = -1;
+	GetPathHash(src, s);
+	strncat(dest, s, strlen(s)); 	// /top-dir/label/_hash
+	strncat(dest, SS_FILE_POSTFIX, strlen(SS_FILE_POSTFIX)); 	// /top-dir/label/_hash.e
 
-	if(!dest || !src)
-	{
-		SLOGE("Parameter error in ConvertFileName()...\n");
-		return SS_FILE_OPEN_ERROR;	// file related error
-	}
+	SLOGD("final dest : %s", dest);
+
+	return 1;
+}
 
-	memset(tmp_cmd, 0x00, 32);
-	snprintf(tmp_cmd, 32, "/proc/%d/cmdline", sender_pid);
+int GetProcessExecPath(int pid, char* buffer)
+{
+	char tmp_cmd[32] = {0,};
+	FILE *fp_proc = NULL;
+	snprintf(tmp_cmd, 32, "/proc/%d/cmdline", pid);
 
 	if(!(fp_proc = fopen(tmp_cmd, "r")))
 	{
 		SLOGE("file open error: [%s]", tmp_cmd);
 		return SS_FILE_OPEN_ERROR;
 	}
-	
-	fgets((char*)exe_path, 256, fp_proc);
+
+	fgets((char*)buffer, 256, fp_proc);
 	fclose(fp_proc);
 
-	if(!strncmp(group_id, "NOTUSED", 7))	// don't share
+	return 0;
+}
+
+int GetProcessSmackLabel(int sockfd, char* proc_smack_label)
+{
+	char* smack_label = security_server_get_smacklabel_sockfd(sockfd);
+	if(smack_label)
 	{
-		h_code2 = GetHashCode(exe_path);
-		memset(tmp_buf, 0x00, 10);
-		snprintf(tmp_buf, 10, "%u", h_code2);
-		dir = tmp_buf;
+		strncpy(proc_smack_label, smack_label, strlen(smack_label));
+		free(smack_label);
 	}
-	else	// share
-		dir = group_id;
-
-	if_pointer = strrchr(src, '/');
-	
-	if(flag == SSM_FLAG_DATA) // /opt/share/secure-storage/*
+	else
 	{
-		// check whether directory is exist or not
-		is_dir_exist = IsDirExist(SS_STORAGE_DEFAULT_PATH);
-		
-		if (is_dir_exist == 0) // SS_STORAGE_FILE_PATH is not exist
-		{
-			SLOGI("directory [%s] is making now.\n", SS_STORAGE_DEFAULT_PATH);
-			if(mkdir(SS_STORAGE_DEFAULT_PATH, 0700) < 0)	// fail to make directory
-			{
-				SLOGE("[%s] cannot be made\n", SS_STORAGE_DEFAULT_PATH);
-				return SS_FILE_OPEN_ERROR;
-			}
-		}
-		else if (is_dir_exist == -1) // Unknown error
-		{
-			SLOGE("Unknown error in the function IsDirExist().\n");
-			return SS_PARAM_ERROR;
-		}
+		SLOGE("failed to get smack label");
+		return -1; // SS_SECURITY_SERVER_ERROR?
+	}
+	SLOGD("defined smack label : %s", proc_smack_label);
+	return 0;
+}
 
-		// TBD
-		strncpy(dest, SS_STORAGE_DEFAULT_PATH, MAX_FILENAME_LEN - 1);
-		strncat(dest, dir, (strlen(dest) - 1));
-		strncat(dest, "/", 1);
+int GetPathHash(const char *src, char *output)
+{
+	unsigned short h_code = 0;
+	unsigned char path_hash[SHA_DIGEST_LENGTH + 1];
 
-		// make directory
-		dest[strlen(SS_STORAGE_DEFAULT_PATH) + strlen(dir) + 2] = '\0';
-		is_dir_exist = IsDirExist(dest);
+	SHA1((unsigned char*)src, (size_t)strlen(src), path_hash);
+	h_code = GetHashCode(path_hash);
+	memset(output, 0x00, 34);
+	snprintf(output, 34, "%u", h_code);
 
-		if(is_dir_exist == 0) // not exist
-		{
-			SLOGI("%s is making now.\n", dest);
-			if(mkdir(dest, 0700) < 0)	// fail to make directory
-			{
-				SLOGE("[%s] cannot be made\n", dest);
-				return SS_FILE_OPEN_ERROR;
-			}
-		}
-		
-		int length_of_file = 0;
-		if(if_pointer != NULL)
-		{
-			length_of_file = strlen(if_pointer);
-			strncat(dest, if_pointer + 1, length_of_file + 1);
-		}
-		strncat(dest, "_", 1);
+	SLOGD("hashing src : %s to output : %s", src, output);
 
-		SHA1((unsigned char*)src, (size_t)strlen(src), path_hash);
-		h_code = GetHashCode(path_hash);
-		memset(s, 0x00, 34);
-		snprintf(s, 34, "%u", h_code);
-		strncat(dest, s, strlen(s));
-		strncat(dest, SS_FILE_POSTFIX, strlen(SS_FILE_POSTFIX));
+	return 0;
+}
 
-		dest[strlen(SS_STORAGE_DEFAULT_PATH) + strlen(dir) + length_of_file + strlen(s) + strlen(SS_FILE_POSTFIX) + 4] = '\0';
-	}
-	else if(flag == SSM_FLAG_SECRET_PRESERVE) // /tmp/csa/
+
+int CreateStorageDir(const char* path)
+{
+	int is_dir_exist = IsDirExist(path);
+
+	if (is_dir_exist == 0) // path directory is not exist
 	{
-		preserved_dir = get_preserved_dir();
-		if(preserved_dir == NULL)	// fail to get preserved directory
+		SLOGI("directory [%s] is making now.\n", path);
+		if(mkdir(path, 0700) < 0)	// fail to make directory
 		{
-			SLOGE("fail to get preserved dir\n");
-			return SS_FILE_OPEN_ERROR;
+			SLOGE("[%s] cannot be made\n", SS_STORAGE_DEFAULT_PATH);
+			return -SS_FILE_OPEN_ERROR;
 		}
-		
-		if(strncmp(src, preserved_dir, strlen(preserved_dir)) == 0) //src[0] == '/')
-		{
-			strncpy(dest, src, MAX_FILENAME_LEN - 1);
-			strncat(dest, SS_FILE_POSTFIX, strlen(SS_FILE_POSTFIX));
+	}
 
-			dest[strlen(src) + strlen(SS_FILE_POSTFIX)] = '\0';
-		}
-		else if(if_pointer != NULL)	// absolute path == file
-		{
-			strncpy(dest, preserved_dir, MAX_FILENAME_LEN - 1);
-			strncat(dest, if_pointer + 1, strlen(if_pointer) + 1);
-			strncat(dest, SS_FILE_POSTFIX, strlen(SS_FILE_POSTFIX));
-			dest[strlen(preserved_dir) + strlen(if_pointer) + strlen(SS_FILE_POSTFIX) + 1] = '\0';
-		}
-		else	// relative path == buffer
-		{
-			strncpy(dest, preserved_dir, MAX_FILENAME_LEN - 1);
-			strncat(dest, src, strlen(src));
-			strncat(dest, SS_FILE_POSTFIX, strlen(SS_FILE_POSTFIX));
-			dest[strlen(preserved_dir) + strlen(src) + strlen(SS_FILE_POSTFIX)] = '\0';
-		}
+	return 0;
+}
 
-		free(preserved_dir);
+/*
+ * if group_id is given, use group_id
+ *
+ * if NULL group_id is given
+ * smack enable :  use process smack label
+ * smack disable :  use process exec path
+ *
+ */
+int GetProcessStorageDir(int sockfd, int sender_pid, const char* group_id, char* output)
+{
+	char *object = group_id;
+	char proc_smack_label[MAX_GROUP_ID_LEN+1] = {0,};
+	char hash_buf[10] = {0, };
+	int is_shared = strncmp(group_id, "NOTUSED", 7) ? 1 : 0;
 
-	}
-	else if(flag == SSM_FLAG_SECRET_OPERATION) // /opt/share/secure-storage/
+#ifdef SMACK_GROUP_ID
+	if(IsSmackEnabled())
 	{
-		if(if_pointer != NULL) 	// absolute path == input is a file
+		if(!is_shared) 	// don't share, use process smack label
 		{
-			// check whether directory is exist or not
-			is_dir_exist = IsDirExist(SS_STORAGE_DEFAULT_PATH);
-
-			if (is_dir_exist == 0) // SS_STORAGE_FILE_PATH is not exist
+			if(GetProcessSmackLabel(sockfd, proc_smack_label) != 0)
 			{
-				SLOGI("%s is making now.\n", SS_STORAGE_DEFAULT_PATH);
-				if(mkdir(SS_STORAGE_DEFAULT_PATH, 0700) < 0)	// fail to make directory
-				{
-					SLOGE("[%s] cannnot be made\n", SS_STORAGE_DEFAULT_PATH);
-					return SS_FILE_OPEN_ERROR;
-				}
+				return -SS_SECURE_STORAGE_ERROR;
 			}
-			else if (is_dir_exist == -1) // Unknown error
-			{
-				SLOGE("Unknown error in the function IsDirExist().\n");
-				return SS_PARAM_ERROR;
-			}
-			
-			strncpy(dest, SS_STORAGE_DEFAULT_PATH, MAX_FILENAME_LEN - 1);
-			strncat(dest, dir, strlen(dir));
-			strncat(dest, "/", 1);
-
-			// make directory
-			dest[strlen(SS_STORAGE_DEFAULT_PATH) + strlen(dir) + 2] = '\0';
-			is_dir_exist = IsDirExist(dest);
-
-			if(is_dir_exist == 0) // not exist
-			{
-				SLOGI("%s is making now.\n", dest);
-				if(mkdir(dest, 0700) < 0)
-				{
-					SLOGE("[%s] cannot be made\n", dest);
-					return SS_FILE_OPEN_ERROR;
-				}
-			}
-			
-			strncat(dest, if_pointer + 1, strlen(if_pointer) + 1);
-			strncat(dest, "_", 1);
-			SHA1((unsigned char*)src, (size_t)strlen(src), path_hash);
-			h_code = GetHashCode(path_hash);
-			memset(s, 0x00, 34);
-			snprintf(s, 34, "%u", h_code);
-			strncat(dest, s, strlen(s));
-			strncat(dest, SS_FILE_POSTFIX, strlen(SS_FILE_POSTFIX));
-
-			dest[strlen(SS_STORAGE_DEFAULT_PATH) + strlen(dir) + strlen(if_pointer) + strlen(s) + strlen(SS_FILE_POSTFIX) + 4] = '\0';
+			object = proc_smack_label;
 		}
-		else	// relative path == input is a buffer
-		{
-			// check whether directory is exist or not
-			is_dir_exist = IsDirExist(SS_STORAGE_DEFAULT_PATH);
-
-			if (is_dir_exist == 0) // SS_STORAGE_BUFFER_PATH is not exist
-			{
-				SLOGI("%s is making now.\n", SS_STORAGE_DEFAULT_PATH);
-				if(mkdir(SS_STORAGE_DEFAULT_PATH, 0700) < 0)
-				{
-					SLOGE("[%s] cannot be made\n", SS_STORAGE_DEFAULT_PATH);
-					return SS_FILE_OPEN_ERROR;
-				}
-			}
-			else if (is_dir_exist == -1) // Unknown error
-			{
-				SLOGE("Unknown error in the function IsDirExist().\n");
-				return SS_PARAM_ERROR;
-			}
-
-			strncpy(dest, SS_STORAGE_DEFAULT_PATH, MAX_FILENAME_LEN - 1);
-			strncat(dest, dir, strlen(dir));
-			strncat(dest, "/", 1);
-
-			// make directory
-			dest[strlen(SS_STORAGE_DEFAULT_PATH) + strlen(dir) + 2] = '\0';
-			is_dir_exist = IsDirExist(dest);
+	}
+	else{
+#endif
+		char exe_path[256] = {0,};
+		int h_code2 = 0;
 
-			if(is_dir_exist == 0) // not exist
+		if(!is_shared)	// don't share
+		{
+			if(GetProcessExecPath(sender_pid, exe_path) != 0)
 			{
-				SLOGI("%s is making now.\n", dest);
-				if(mkdir(dest, 0700) < 0)
-				{
-					SLOGE("[%s] cannot be made\n", dest);
-					return SS_FILE_OPEN_ERROR;
-				}
+				return -SS_SECURE_STORAGE_ERROR;
 			}
-
-			strncat(dest, src, strlen(src));
-			strncat(dest, SS_FILE_POSTFIX, strlen(SS_FILE_POSTFIX));
-
-			dest[strlen(SS_STORAGE_DEFAULT_PATH) + strlen(dir) + strlen(src) + strlen(SS_FILE_POSTFIX) + 2] = '\0';
+			h_code2 = GetHashCode(exe_path);
+			snprintf(hash_buf, 10, "%u", h_code2);
+			object = hash_buf;
 		}
+#ifdef SMACK_GROUP_ID
 	}
-	else
-	{
-		SLOGE("flag mispatch. cannot convert file name.\n");
-		return SS_PARAM_ERROR;
-	}
+#endif
+	strncpy(output, object, strlen(object));
+	return 0;
+}
 
-	return 1;
+void SetMetaData(ssm_file_info_convert_t* sfic, unsigned int orig_size, unsigned int stored_size, int flag)
+{
+	sfic->fInfoStruct.originSize = (unsigned int)orig_size;
+	sfic->fInfoStruct.storedSize = (unsigned int)stored_size;
+	sfic->fInfoStruct.reserved[0] = flag & 0x000000ff;
 }
 
 /* aes crypto function wrapper - p_text : plain text, c_text : cipher text, aes_key : from GetKey, mode : ENCRYPT/DECRYPT, size : data size */
@@ -538,25 +432,35 @@ int SsServerDataStoreFromFile(int sender_pid, const char* data_filepath, ssm_fla
 	FILE* fd_out = NULL;
 	struct stat file_info;
 	ssm_file_info_convert_t sfic;
-	int res = -1;
 
 	unsigned char p_text[ENCRYPT_SIZE]= {0, };
 	unsigned char e_text[ENCRYPT_SIZE]= {0, };
 
 	size_t read = 0, rest = 0;
+	int res = -1;
 
 	//0. privilege check and get directory name
+	char dir[MAX_GROUP_ID_LEN] = {0,};
+	if(GetProcessStorageDir(sockfd, sender_pid, group_id, dir) < 0)
+	{
+		SLOGE("Failed to get storage dir\n");
+		return SS_SECURE_STORAGE_ERROR;
+	}
+
 #ifdef SMACK_GROUP_ID
-	if(check_privilege_by_sockfd(sockfd, group_id, "w") != 0)
+	if(flag != SSM_FLAG_PRELOADED_WEB_APP)
 	{
-		SLOGE("[%s] permission denied\n", group_id);
-		return SS_PERMISSION_DENIED;
+		if(check_privilege_by_sockfd(sockfd, dir, "w") < 0)
+		{
+			SLOGE("Permission denied\n");
+			return SS_PERMISSION_DENIED;
+		}
 	}
 #endif
 
 	// 1. create out file name
-	ConvertFileName(sender_pid, out_filepath, in_filepath, flag, group_id);
-	
+	ConvertFileName(sender_pid, out_filepath, in_filepath, flag, dir);
+
 	// 2. file open 
 	if(!(fd_in = fopen(in_filepath, "rb")))
 	{
@@ -582,9 +486,7 @@ int SsServerDataStoreFromFile(int sender_pid, const char* data_filepath, ssm_fla
 	// 3. write metadata
 	if(!stat(in_filepath, &file_info))
 	{
-		sfic.fInfoStruct.originSize = (unsigned int)file_info.st_size;
-		sfic.fInfoStruct.storedSize = (unsigned int)(sfic.fInfoStruct.originSize/AES_BLOCK_SIZE + 1) * AES_BLOCK_SIZE;
-		sfic.fInfoStruct.reserved[0] = flag & 0x000000ff;
+		SetMetaData(&sfic, file_info.st_size, (file_info.st_size/AES_BLOCK_SIZE + 1) * AES_BLOCK_SIZE, flag);
 	}
 	else
 	{
@@ -647,15 +549,15 @@ int SsServerDataStoreFromBuffer(int sender_pid, char* writebuffer, size_t bufLen
 {
 	char key[16] = {0, };
 	unsigned char iv[16] = {0, };
-	char out_filepath[MAX_FILENAME_LEN+1];
+	char out_filepath[MAX_FILENAME_LEN+1] = {0,};
 	char *buffer = NULL;
 	unsigned int writeLen = 0, loop, rest, count;
 	FILE *fd_out = NULL;
 	ssm_file_info_convert_t sfic;
-	unsigned char p_text[ENCRYPT_SIZE]= {0, };
-	unsigned char e_text[ENCRYPT_SIZE]= {0, };
+	unsigned char p_text[ENCRYPT_SIZE] = {0, };
+	unsigned char e_text[ENCRYPT_SIZE] = {0, };
 	int res = -1;
-	
+
 	writeLen = (unsigned int)(bufLen / AES_BLOCK_SIZE + 1) * AES_BLOCK_SIZE;
 	buffer = (char*)malloc(writeLen + 1);
 	if(!buffer)
@@ -666,18 +568,27 @@ int SsServerDataStoreFromBuffer(int sender_pid, char* writebuffer, size_t bufLen
 	memset(buffer, 0x00, writeLen);
 	memcpy(buffer, writebuffer, bufLen);
 
-	//0. privilege check and get directory name
+	//0. get directory name and privilege check
+	char dir[MAX_GROUP_ID_LEN] = {0,};
+	if(GetProcessStorageDir(sockfd, sender_pid, group_id, dir) < 0)
+	{
+		SLOGE("Failed to get storage dir\n");
+		return SS_SECURE_STORAGE_ERROR;
+	}
+
 #ifdef SMACK_GROUP_ID
-	if(check_privilege_by_sockfd(sockfd, group_id, "w") != 0)
+	if(flag != SSM_FLAG_PRELOADED_WEB_APP)
 	{
-		SLOGE("permission denied\n");
-		free(buffer);
-		return SS_PERMISSION_DENIED;
+		if(check_privilege_by_sockfd(sockfd, dir, "w") < 0)
+		{
+			SLOGE("Permission denied\n");
+			return SS_PERMISSION_DENIED;
+		}
 	}
 #endif
-	
+
 	// create file path from filename
-	ConvertFileName(sender_pid, out_filepath, filename, flag, group_id); 
+	ConvertFileName(sender_pid, out_filepath, filename, flag, dir);
 
 	// open a file with write mode
 	if(!(fd_out = fopen(out_filepath, "wb")))
@@ -696,9 +607,7 @@ int SsServerDataStoreFromBuffer(int sender_pid, char* writebuffer, size_t bufLen
 	}
 	
 	// write metadata
-	sfic.fInfoStruct.originSize = (unsigned int)bufLen;
-	sfic.fInfoStruct.storedSize = writeLen;
-	sfic.fInfoStruct.reserved[0] = flag & 0x000000ff;
+	SetMetaData(&sfic, bufLen, writeLen, flag);
 
 	fwrite(sfic.fInfoArray, 1, sizeof(ssm_file_info_t), fd_out);
 	
@@ -738,9 +647,9 @@ int SsServerDataStoreFromBuffer(int sender_pid, char* writebuffer, size_t bufLen
 			SLOGI("success to execute fsync(). loop=[%d], rest=[%d]\n", loop, rest);
 	}
 
-	fclose(fd_out);	
+	fclose(fd_out);
 	free(buffer);
-	
+
 	return 1;
 }
 
@@ -763,12 +672,22 @@ int SsServerDataRead(int sender_pid, const char* data_filepath, char* pRetBuf, u
 	
 	*readLen = 0;
 
-	//0. privilege check and get directory name
+	//0. get directory name and privilege check
+	char dir[MAX_GROUP_ID_LEN] = {0,};
+	if(GetProcessStorageDir(sockfd, sender_pid, group_id, dir) < 0)
+	{
+		SLOGE("Failed to get storage dir\n");
+		return SS_SECURE_STORAGE_ERROR;
+	}
+
 #ifdef SMACK_GROUP_ID
-	if(check_privilege_by_sockfd(sockfd, group_id, "r") != 0)
+	if(flag != SSM_FLAG_PRELOADED_WEB_APP)
 	{
-		SLOGE("permission denied\n");
-		return SS_PERMISSION_DENIED;
+		if(check_privilege_by_sockfd(sockfd, dir, "r") < 0)
+		{
+			SLOGE("Permission denied\n");
+			return SS_PERMISSION_DENIED;
+		}
 	}
 #endif
 
@@ -776,7 +695,7 @@ int SsServerDataRead(int sender_pid, const char* data_filepath, char* pRetBuf, u
 	if(flag == SSM_FLAG_WIDGET)
 		strncpy(in_filepath, data_filepath, MAX_FILENAME_LEN - 1);
 	else
-		ConvertFileName(sender_pid, in_filepath, data_filepath, flag, group_id);
+		ConvertFileName(sender_pid, in_filepath, data_filepath, flag, dir);
 
 	// 2. open file
 	if(!(fd_in = fopen(in_filepath, "rb")))
@@ -824,10 +743,10 @@ int SsServerDataRead(int sender_pid, const char* data_filepath, char* pRetBuf, u
 	out_data += read;
 	*readLen += read;
 Last:
-	*out_data = '\0'; 
+	*out_data = '\0';
 
 	fclose(fd_in);
-	
+
 	return 1;
 }
 
@@ -840,17 +759,28 @@ int SsServerDeleteFile(int sender_pid, const char* data_filepath, ssm_flag flag,
 	const char* in_filepath = data_filepath;
 	char out_filepath[MAX_FILENAME_LEN] = {0, };
 
-	//0. privilege check and get directory name
+	//0. get directory name and privilege check
+	char dir[MAX_GROUP_ID_LEN] = {0,};
+	if(GetProcessStorageDir(sockfd, sender_pid, group_id, dir) < 0)
+	{
+		SLOGE("Failed to get storage dir\n");
+		return SS_SECURE_STORAGE_ERROR;
+	}
+
 #ifdef SMACK_GROUP_ID
-	if(check_privilege_by_sockfd(sockfd, group_id, "w") != 0)
+	if(flag != SSM_FLAG_PRELOADED_WEB_APP)
 	{
-		SLOGE("permission denied\n");
-		return SS_PERMISSION_DENIED;
+		if(check_privilege_by_sockfd(sockfd, dir, "w") < 0)
+		{
+			SLOGE("Permission denied\n");
+			return SS_PERMISSION_DENIED;
+		}
 	}
 #endif
-	// 1. create out file name
-	ConvertFileName(sender_pid, out_filepath, in_filepath, flag, group_id);
-	
+
+	// create file path from filename
+	ConvertFileName(sender_pid, out_filepath, in_filepath, flag, dir);
+
 	// 2. delete designated file
 	if(unlink(out_filepath) != 0)	// unlink fail?
 	{
@@ -871,21 +801,31 @@ int SsServerGetInfo(int sender_pid, const char* data_filepath, char* file_info,
 	FILE *fd_in = NULL;
 	char in_filepath[MAX_FILENAME_LEN] = {0, };
 
-	//0. privilege check and get directory name
+	//0. get directory name and privilege check
+	char dir[MAX_GROUP_ID_LEN] = {0,};
+	if(GetProcessStorageDir(sockfd, sender_pid, group_id, dir) < 0)
+	{
+		SLOGE("Failed to get storage dir\n");
+		return SS_SECURE_STORAGE_ERROR;
+	}
+
 #ifdef SMACK_GROUP_ID
-	if(check_privilege_by_sockfd(sockfd, group_id, "r") != 0)
+	if(flag != SSM_FLAG_PRELOADED_WEB_APP)
 	{
-		SLOGE("permission denied, [%s]\n", group_id);
-		return SS_PERMISSION_DENIED;
+		if(check_privilege_by_sockfd(sockfd, dir, "r") < 0)
+		{
+			SLOGE("Permission denied\n");
+			return SS_PERMISSION_DENIED;
+		}
 	}
 #endif
-	
+
 	// 1. create in file name : convert file name in order to access secure storage
 	if(flag == SSM_FLAG_WIDGET)
 		strncpy(in_filepath, data_filepath, MAX_FILENAME_LEN - 1);
 	else
-		ConvertFileName(sender_pid, in_filepath, data_filepath, flag, group_id);
-	
+		ConvertFileName(sender_pid, in_filepath, data_filepath, flag, dir);
+
 	// 1. open file
 	if(!(fd_in = fopen( in_filepath, "rb")))
 	{
author	KyungwooNoh <kw1004.noh@samsung.com>	2013-06-26 19:40:25 +0900
committer	KyungwooNoh <kw1004.noh@samsung.com>	2013-06-26 19:40:25 +0900
commit	81b5b465c7fe73023725a08946a0661b74e76fb1 (patch)
tree	bfa5b50a9517f6b24ef49464dfb10160b483f5e0
parent	ef2125cf0a5016d6b5edf97a9e3fe22ff4fc0790 (diff)
download	secure-storage-81b5b465c7fe73023725a08946a0661b74e76fb1.tar.gz secure-storage-81b5b465c7fe73023725a08946a0661b74e76fb1.tar.bz2 secure-storage-81b5b465c7fe73023725a08946a0661b74e76fb1.zip