summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJanusz Kozerski <j.kozerski@samsung.com>2015-06-23 15:22:19 (GMT)
committerJanusz Kozerski <j.kozerski@samsung.com>2015-07-06 12:44:23 (GMT)
commitaa31c0517333688b611ba453b08138960b53244e (patch)
tree047f44f4f4dcb53f5ec4370105144e9ba90d1d6e
parentdb78d4705ab241499fe1ba438e15da514f4ec3ba (diff)
downloadcert-checker-aa31c0517333688b611ba453b08138960b53244e.zip
cert-checker-aa31c0517333688b611ba453b08138960b53244e.tar.gz
cert-checker-aa31c0517333688b611ba453b08138960b53244e.tar.bz2
Add pulling out certificates from apps' signature.refs/changes/15/42215/4
* Move DPL include files from "dpl/*" into "cchecker/dpl/* because of cert-svc-vcore also uses DPL (from wrt-commons), and that was causing build break. * Certificates are stored in buffer and database. * OCSP URLs are pulled out from certificates and stored in database. Change-Id: Ic0601da38619f7c7b784d952abe56888db036673
-rw-r--r--packaging/cert-checker.spec1
-rw-r--r--src/CMakeLists.txt2
-rw-r--r--src/certs.cpp156
-rw-r--r--src/db/sql_query.cpp2
-rw-r--r--src/dpl/core/include/cchecker/dpl/assert.h (renamed from src/dpl/core/include/dpl/assert.h)2
-rw-r--r--src/dpl/core/include/cchecker/dpl/availability.h (renamed from src/dpl/core/include/dpl/availability.h)0
-rw-r--r--src/dpl/core/include/cchecker/dpl/char_traits.h (renamed from src/dpl/core/include/dpl/char_traits.h)3
-rw-r--r--src/dpl/core/include/cchecker/dpl/colors.h (renamed from src/dpl/core/include/dpl/colors.h)0
-rw-r--r--src/dpl/core/include/cchecker/dpl/errno_string.h (renamed from src/dpl/core/include/dpl/errno_string.h)3
-rw-r--r--src/dpl/core/include/cchecker/dpl/exception.h (renamed from src/dpl/core/include/dpl/exception.h)0
-rw-r--r--src/dpl/core/include/cchecker/dpl/noncopyable.h (renamed from src/dpl/core/include/dpl/noncopyable.h)0
-rw-r--r--src/dpl/core/include/cchecker/dpl/noreturn.h (renamed from src/dpl/core/include/dpl/noreturn.h)0
-rw-r--r--src/dpl/core/include/cchecker/dpl/optional.h (renamed from src/dpl/core/include/dpl/optional.h)2
-rw-r--r--src/dpl/core/include/cchecker/dpl/scoped_array.h (renamed from src/dpl/core/include/dpl/scoped_array.h)4
-rw-r--r--src/dpl/core/include/cchecker/dpl/scoped_free.h (renamed from src/dpl/core/include/dpl/scoped_free.h)2
-rw-r--r--src/dpl/core/include/cchecker/dpl/scoped_resource.h (renamed from src/dpl/core/include/dpl/scoped_resource.h)2
-rw-r--r--src/dpl/core/include/cchecker/dpl/string.h (renamed from src/dpl/core/include/dpl/string.h)5
-rw-r--r--src/dpl/core/src/assert.cpp4
-rw-r--r--src/dpl/core/src/char_traits.cpp3
-rw-r--r--src/dpl/core/src/colors.cpp3
-rw-r--r--src/dpl/core/src/errno_string.cpp11
-rw-r--r--src/dpl/core/src/exception.cpp2
-rw-r--r--src/dpl/core/src/noncopyable.cpp3
-rw-r--r--src/dpl/core/src/string.cpp10
-rw-r--r--src/dpl/db/include/cchecker/dpl/db/naive_synchronization_object.h (renamed from src/dpl/db/include/dpl/db/naive_synchronization_object.h)2
-rw-r--r--src/dpl/db/include/cchecker/dpl/db/sql_connection.h (renamed from src/dpl/db/include/dpl/db/sql_connection.h)10
-rw-r--r--src/dpl/db/src/naive_synchronization_object.cpp3
-rw-r--r--src/dpl/db/src/sql_connection.cpp11
-rw-r--r--src/include/cchecker/app.h21
-rw-r--r--src/include/cchecker/certs.h46
-rw-r--r--src/include/cchecker/logic.h4
-rw-r--r--src/include/cchecker/sql_query.h2
-rw-r--r--src/logic.cpp26
-rw-r--r--tests/colour_log_formatter.cpp2
34 files changed, 298 insertions, 49 deletions
diff --git a/packaging/cert-checker.spec b/packaging/cert-checker.spec
index bccc58d..9f3ce30 100644
--- a/packaging/cert-checker.spec
+++ b/packaging/cert-checker.spec
@@ -14,6 +14,7 @@ BuildRequires: pkgconfig(glib-2.0)
BuildRequires: pkgconfig(notification)
BuildRequires: pkgconfig(dbus-1)
BuildRequires: pkgconfig(dbus-glib-1)
+BuildRequires: pkgconfig(cert-svc-vcore)
BuildRequires: pkgconfig(libsystemd-journal)
BuildRequires: pkgconfig(libtzplatform-config)
BuildRequires: pkgconfig(sqlite3)
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index da303b4..bd75eb5 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -1,5 +1,6 @@
PKG_CHECK_MODULES(CERT_CHECKER_DEP
REQUIRED
+ cert-svc-vcore
dbus-1
dbus-glib-1
db-util
@@ -19,6 +20,7 @@ SET(CERT_CHECKER_SOURCES
${CERT_CHECKER_SRC_PATH}/app.cpp
${CERT_CHECKER_SRC_PATH}/logic.cpp
${CERT_CHECKER_SRC_PATH}/queue.cpp
+ ${CERT_CHECKER_SRC_PATH}/certs.cpp
# logs
${CERT_CHECKER_SRC_PATH}/log/log.cpp
# dpl
diff --git a/src/certs.cpp b/src/certs.cpp
new file mode 100644
index 0000000..4a69fde
--- /dev/null
+++ b/src/certs.cpp
@@ -0,0 +1,156 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file certs.cpp
+ * @author Janusz Kozerski (j.kozerski@samsung.com)
+ * @version 1.0
+ * @brief This file is the implementation of certificates logic
+ * Getting out findinf app signature, getting certificates out of
+ * signature. Checking OCSP
+ */
+#include <sys/types.h>
+#include <dirent.h>
+#include <list>
+#include <memory>
+#include <string>
+#include <set>
+#include <vector>
+#include <vcore/Certificate.h>
+#include <vcore/SignatureReader.h>
+#include <vcore/SignatureFinder.h>
+#include <vcore/WrtSignatureValidator.h>
+#include <vcore/VCore.h>
+
+#include <cchecker/certs.h>
+#include <cchecker/log.h>
+
+namespace {
+const std::string signatureXmlSchemaPath = std::string(tzplatform_getenv(TZ_SYS_SHARE))
+ + std::string("/app-installers/signature_schema.xsd");
+}
+
+namespace CCHECKER {
+
+Certs::Certs()
+{
+ ValidationCore::VCoreInit();
+}
+
+Certs::~Certs()
+{
+ ValidationCore::VCoreDeinit();
+}
+
+void Certs::get_certificates (app_t &app, ocsp_urls_t &ocsp_urls)
+{
+ std::vector<std::string> signatures;
+ (void) signatures;
+
+ if (0 != tzplatform_set_user(app.uid)) {
+ LogError("Cannot set user: tzplatform_set_user has failed");
+ return;
+ }
+
+ if (app.app_id == TEMP_APP_ID) {
+ LogDebug("Temporary app_id. Searching for apps in package.");
+ search_app(app, ocsp_urls);
+ }
+ else {
+ const char *pkg_path = tzplatform_mkpath(TZ_USER_APP, app.pkg_id.c_str());
+ std::string app_path = std::string(pkg_path) + std::string("/") + app.app_id;
+ find_app_signatures (app, app_path, ocsp_urls);
+ }
+
+}
+
+/* Since there's no information about application in signal,
+ * and we've got information only about package, we have to check
+ * all applications that belongs to that package
+ */
+void Certs::search_app (app_t &app, ocsp_urls_t &ocsp_urls)
+{
+ DIR *dp;
+ struct dirent *entry;
+ const char *pkg_path = tzplatform_mkpath(TZ_USER_APP, app.pkg_id.c_str());
+ if (!pkg_path) {
+ LogError("tzplatform_mkpath has returned NULL for TZ_USER_APP");
+ return;
+ }
+
+ dp = opendir(pkg_path);
+ if (dp != NULL) {
+ while ((entry = readdir(dp))) {
+ if (strcmp(entry->d_name, ".") != 0 && strcmp(entry->d_name, "..") != 0 && entry->d_type == DT_DIR) {
+ LogDebug("Found app: " << entry->d_name);
+ std::string app_path = std::string(pkg_path) + std::string("/") + std::string(entry->d_name);
+ find_app_signatures(app, app_path, ocsp_urls);
+ }
+ }
+ closedir(dp); //close directory
+ }
+ else
+ LogError("Couldn't open the package directory.");
+}
+
+// Together with certificates we can pull out OCSP URLs
+void Certs::find_app_signatures (app_t &app, const std::string &app_path, ocsp_urls_t &ocsp_urls)
+{
+ ValidationCore::SignatureFinder signature_finder(app_path);
+ ValidationCore::SignatureFileInfoSet signature_files;
+
+ if (signature_finder.find(signature_files) !=
+ ValidationCore::SignatureFinder::NO_ERROR) {
+ LogError("Error while searching for signatures in " << app_path.c_str());
+ return;
+ }
+ LogDebug("Number of signature files: " << signature_files.size());
+
+ LogDebug("Searching for certificates");
+ for (auto iter = signature_files.begin(); iter != signature_files.end(); iter++){
+ LogDebug("Checking signature");
+ ValidationCore::SignatureData data(app_path + std::string("/") + (*iter).getFileName(),
+ (*iter).getFileNumber());
+ LogDebug("signatureXmlSchemaPath: " << signatureXmlSchemaPath);
+ try {
+ ValidationCore::SignatureReader reader;
+ reader.initialize(data, signatureXmlSchemaPath);
+ reader.read(data);
+ ValidationCore::CertificateList certs = data.getCertList();
+ for (auto cert_iter = certs.begin(); cert_iter != certs.end(); cert_iter++ ){
+ std::string app_cert = (*cert_iter)->getBase64();
+ app.certificates.push_back(app_cert);
+ LogDebug("Certificate: " << app_cert << " has been added");
+
+ // check OCSP URL
+ std::string ocsp_url = DPL::ToUTF8String((*cert_iter)->getOCSPURL());
+ if (ocsp_url != std::string("")) {
+ std::string issuer = DPL::ToUTF8String(
+ (*cert_iter)->getCommonName(ValidationCore::Certificate::FIELD_ISSUER));
+ int64_t time = (*cert_iter)->getNotBefore();
+ url_t url(issuer, ocsp_url, time);
+ ocsp_urls.push_back(url);
+ LogDebug("Found OCSP URL: " << ocsp_url << " for issuer: " << issuer << ", time: " << time);
+
+ }
+ }
+ } catch (const ValidationCore::ParserSchemaException::Base& exception) {
+ // Needs to catch parser exceptions
+ LogError("Error occured in ParserSchema: " << exception.DumpToString());
+ }
+ }
+}
+
+} // CCHECKER
diff --git a/src/db/sql_query.cpp b/src/db/sql_query.cpp
index c39be95..0968717 100644
--- a/src/db/sql_query.cpp
+++ b/src/db/sql_query.cpp
@@ -20,7 +20,7 @@
* @brief This file is the implementation of SQL queries
*/
-#include <dpl/db/sql_connection.h>
+#include <cchecker/dpl/db/sql_connection.h>
#include <cchecker/sql_query.h>
#include <cchecker/log.h>
diff --git a/src/dpl/core/include/dpl/assert.h b/src/dpl/core/include/cchecker/dpl/assert.h
index 936c71e..03dd7d0 100644
--- a/src/dpl/core/include/dpl/assert.h
+++ b/src/dpl/core/include/cchecker/dpl/assert.h
@@ -22,7 +22,7 @@
#ifndef CCHECKER_ASSERT_H
#define CCHECKER_ASSERT_H
-#include <dpl/noreturn.h>
+#include <cchecker/dpl/noreturn.h>
namespace CCHECKER {
// Assertion handler procedure
diff --git a/src/dpl/core/include/dpl/availability.h b/src/dpl/core/include/cchecker/dpl/availability.h
index b1cb894..b1cb894 100644
--- a/src/dpl/core/include/dpl/availability.h
+++ b/src/dpl/core/include/cchecker/dpl/availability.h
diff --git a/src/dpl/core/include/dpl/char_traits.h b/src/dpl/core/include/cchecker/dpl/char_traits.h
index e76f48b..06e2840 100644
--- a/src/dpl/core/include/dpl/char_traits.h
+++ b/src/dpl/core/include/cchecker/dpl/char_traits.h
@@ -29,7 +29,8 @@
#include <string>
#include <ostream>
#include <algorithm>
-#include <dpl/exception.h>
+
+#include <cchecker/dpl/exception.h>
namespace CCHECKER {
typedef std::char_traits<wchar_t> CharTraits;
diff --git a/src/dpl/core/include/dpl/colors.h b/src/dpl/core/include/cchecker/dpl/colors.h
index d652f5b..d652f5b 100644
--- a/src/dpl/core/include/dpl/colors.h
+++ b/src/dpl/core/include/cchecker/dpl/colors.h
diff --git a/src/dpl/core/include/dpl/errno_string.h b/src/dpl/core/include/cchecker/dpl/errno_string.h
index 498b2af..c98eba3 100644
--- a/src/dpl/core/include/dpl/errno_string.h
+++ b/src/dpl/core/include/cchecker/dpl/errno_string.h
@@ -22,10 +22,11 @@
#ifndef CCHECKER_ERRNO_STRING_H
#define CCHECKER_ERRNO_STRING_H
-#include <dpl/exception.h>
#include <string>
#include <cerrno>
+#include <cchecker/dpl/exception.h>
+
namespace CCHECKER {
DECLARE_EXCEPTION_TYPE(CCHECKER::Exception, InvalidErrnoValue)
diff --git a/src/dpl/core/include/dpl/exception.h b/src/dpl/core/include/cchecker/dpl/exception.h
index f7b9afc..f7b9afc 100644
--- a/src/dpl/core/include/dpl/exception.h
+++ b/src/dpl/core/include/cchecker/dpl/exception.h
diff --git a/src/dpl/core/include/dpl/noncopyable.h b/src/dpl/core/include/cchecker/dpl/noncopyable.h
index 747299c..747299c 100644
--- a/src/dpl/core/include/dpl/noncopyable.h
+++ b/src/dpl/core/include/cchecker/dpl/noncopyable.h
diff --git a/src/dpl/core/include/dpl/noreturn.h b/src/dpl/core/include/cchecker/dpl/noreturn.h
index 6eaaa64..6eaaa64 100644
--- a/src/dpl/core/include/dpl/noreturn.h
+++ b/src/dpl/core/include/cchecker/dpl/noreturn.h
diff --git a/src/dpl/core/include/dpl/optional.h b/src/dpl/core/include/cchecker/dpl/optional.h
index 6aca7bd..42d1bd4 100644
--- a/src/dpl/core/include/dpl/optional.h
+++ b/src/dpl/core/include/cchecker/dpl/optional.h
@@ -22,7 +22,7 @@
#ifndef CCHECKER_OPTIONAL_H
#define CCHECKER_OPTIONAL_H
-#include <dpl/exception.h>
+#include <cchecker/dpl/exception.h>
namespace CCHECKER {
template <typename Type>
diff --git a/src/dpl/core/include/dpl/scoped_array.h b/src/dpl/core/include/cchecker/dpl/scoped_array.h
index ca6a02b..54c0c80 100644
--- a/src/dpl/core/include/dpl/scoped_array.h
+++ b/src/dpl/core/include/cchecker/dpl/scoped_array.h
@@ -24,8 +24,8 @@
#include <cstddef>
-#include <dpl/assert.h>
-#include <dpl/scoped_resource.h>
+#include <cchecker/dpl/assert.h>
+#include <cchecker/dpl/scoped_resource.h>
namespace CCHECKER {
template<typename Class>
diff --git a/src/dpl/core/include/dpl/scoped_free.h b/src/dpl/core/include/cchecker/dpl/scoped_free.h
index 9be17b7..d8fee50 100644
--- a/src/dpl/core/include/dpl/scoped_free.h
+++ b/src/dpl/core/include/cchecker/dpl/scoped_free.h
@@ -26,7 +26,7 @@
#include <malloc.h>
#include <cstddef>
-#include <dpl/scoped_resource.h>
+#include <cchecker/dpl/scoped_resource.h>
namespace CCHECKER {
template<typename Class>
diff --git a/src/dpl/core/include/dpl/scoped_resource.h b/src/dpl/core/include/cchecker/dpl/scoped_resource.h
index c024684..2b3c72d 100644
--- a/src/dpl/core/include/dpl/scoped_resource.h
+++ b/src/dpl/core/include/cchecker/dpl/scoped_resource.h
@@ -22,7 +22,7 @@
#ifndef CCHECKER_SCOPED_RESOURCE_H
#define CCHECKER_SCOPED_RESOURCE_H
-#include <dpl/noncopyable.h>
+#include <cchecker/dpl/noncopyable.h>
namespace CCHECKER {
template<typename ClassPolicy>
diff --git a/src/dpl/core/include/dpl/string.h b/src/dpl/core/include/cchecker/dpl/string.h
index a271e5a..d9c3bbd 100644
--- a/src/dpl/core/include/dpl/string.h
+++ b/src/dpl/core/include/cchecker/dpl/string.h
@@ -21,12 +21,13 @@
#ifndef CCHECKER_STRING
#define CCHECKER_STRING
-#include <dpl/exception.h>
-#include <dpl/char_traits.h>
#include <string>
#include <ostream>
#include <numeric>
+#include <cchecker/dpl/exception.h>
+#include <cchecker/dpl/char_traits.h>
+
namespace CCHECKER {
// @brief CCHECKER string
typedef std::basic_string<wchar_t, CharTraits> String;
diff --git a/src/dpl/core/src/assert.cpp b/src/dpl/core/src/assert.cpp
index c8aed8f..2050617 100644
--- a/src/dpl/core/src/assert.cpp
+++ b/src/dpl/core/src/assert.cpp
@@ -20,10 +20,10 @@
* @brief This file is the implementation file of assert
*/
#include <stddef.h>
-#include <dpl/assert.h>
#include <cstdlib>
-#include <dpl/exception.h>
+#include <cchecker/dpl/assert.h>
+#include <cchecker/dpl/exception.h>
#include <cchecker/log.h>
namespace CCHECKER {
diff --git a/src/dpl/core/src/char_traits.cpp b/src/dpl/core/src/char_traits.cpp
index 32b9197..d142cb2 100644
--- a/src/dpl/core/src/char_traits.cpp
+++ b/src/dpl/core/src/char_traits.cpp
@@ -23,7 +23,8 @@
* performance
*/
#include <stddef.h>
-#include <dpl/char_traits.h>
+
+#include <cchecker/dpl/char_traits.h>
//
// Note:
diff --git a/src/dpl/core/src/colors.cpp b/src/dpl/core/src/colors.cpp
index 25feadf..272c06b 100644
--- a/src/dpl/core/src/colors.cpp
+++ b/src/dpl/core/src/colors.cpp
@@ -21,7 +21,8 @@
* and html output
*/
#include <stddef.h>
-#include <dpl/colors.h>
+
+#include <cchecker/dpl/colors.h>
namespace CCHECKER {
namespace Colors {
diff --git a/src/dpl/core/src/errno_string.cpp b/src/dpl/core/src/errno_string.cpp
index e481a02..5b1de37 100644
--- a/src/dpl/core/src/errno_string.cpp
+++ b/src/dpl/core/src/errno_string.cpp
@@ -20,11 +20,6 @@
* @brief This file is the implementation file of errno string
*/
#include <stddef.h>
-#include <dpl/errno_string.h>
-#include <dpl/assert.h>
-#include <dpl/exception.h>
-#include <dpl/assert.h>
-#include <dpl/scoped_free.h>
#include <string>
#include <cstddef>
#include <cstring>
@@ -32,6 +27,12 @@
#include <cerrno>
#include <stdexcept>
+#include <cchecker/dpl/errno_string.h>
+#include <cchecker/dpl/assert.h>
+#include <cchecker/dpl/exception.h>
+#include <cchecker/dpl/assert.h>
+#include <cchecker/dpl/scoped_free.h>
+
namespace CCHECKER {
namespace // anonymous
{
diff --git a/src/dpl/core/src/exception.cpp b/src/dpl/core/src/exception.cpp
index 5f2e8e0..d26e13c 100644
--- a/src/dpl/core/src/exception.cpp
+++ b/src/dpl/core/src/exception.cpp
@@ -20,9 +20,9 @@
* @brief This file is the implementation of exception system
*/
#include <stddef.h>
-#include <dpl/exception.h>
#include <cstdio>
+#include <cchecker/dpl/exception.h>
#include <cchecker/log.h>
namespace CCHECKER {
diff --git a/src/dpl/core/src/noncopyable.cpp b/src/dpl/core/src/noncopyable.cpp
index 1ae80e9..6e6f50c 100644
--- a/src/dpl/core/src/noncopyable.cpp
+++ b/src/dpl/core/src/noncopyable.cpp
@@ -20,7 +20,8 @@
* @brief This file is the implementation file of noncopyable
*/
#include <stddef.h>
-#include <dpl/noncopyable.h>
+
+#include <cchecker/dpl/noncopyable.h>
namespace CCHECKER {
Noncopyable::Noncopyable()
diff --git a/src/dpl/core/src/string.cpp b/src/dpl/core/src/string.cpp
index cdc83ec..d22aaba 100644
--- a/src/dpl/core/src/string.cpp
+++ b/src/dpl/core/src/string.cpp
@@ -20,11 +20,6 @@
* @version 1.0
*/
#include <stddef.h>
-#include <dpl/string.h>
-#include <dpl/char_traits.h>
-#include <dpl/errno_string.h>
-#include <dpl/exception.h>
-#include <dpl/scoped_array.h>
#include <string>
#include <vector>
#include <algorithm>
@@ -33,6 +28,11 @@
#include <iconv.h>
#include <unicode/ustring.h>
+#include <cchecker/dpl/string.h>
+#include <cchecker/dpl/char_traits.h>
+#include <cchecker/dpl/errno_string.h>
+#include <cchecker/dpl/exception.h>
+#include <cchecker/dpl/scoped_array.h>
#include <cchecker/log.h>
// TODO: Completely move to ICU
diff --git a/src/dpl/db/include/dpl/db/naive_synchronization_object.h b/src/dpl/db/include/cchecker/dpl/db/naive_synchronization_object.h
index 687d666..8836635 100644
--- a/src/dpl/db/include/dpl/db/naive_synchronization_object.h
+++ b/src/dpl/db/include/cchecker/dpl/db/naive_synchronization_object.h
@@ -23,7 +23,7 @@
#ifndef CCHECKER_NAIVE_SYNCHRONIZATION_OBJECT_H
#define CCHECKER_NAIVE_SYNCHRONIZATION_OBJECT_H
-#include <dpl/db/sql_connection.h>
+#include <cchecker/dpl/db/sql_connection.h>
namespace CCHECKER {
namespace DB {
diff --git a/src/dpl/db/include/dpl/db/sql_connection.h b/src/dpl/db/include/cchecker/dpl/db/sql_connection.h
index 321372b..8af5a58 100644
--- a/src/dpl/db/include/dpl/db/sql_connection.h
+++ b/src/dpl/db/include/cchecker/dpl/db/sql_connection.h
@@ -22,17 +22,17 @@
#ifndef CCHECKER_SQL_CONNECTION_H
#define CCHECKER_SQL_CONNECTION_H
-#include <dpl/noncopyable.h>
-#include <dpl/exception.h>
-#include <dpl/optional.h>
#include <memory>
-#include <dpl/string.h>
#include <sqlite3.h>
#include <string>
-#include <dpl/assert.h>
#include <memory>
#include <stdint.h>
+#include <cchecker/dpl/string.h>
+#include <cchecker/dpl/assert.h>
+#include <cchecker/dpl/noncopyable.h>
+#include <cchecker/dpl/exception.h>
+#include <cchecker/dpl/optional.h>
#include <cchecker/log.h>
namespace CCHECKER {
diff --git a/src/dpl/db/src/naive_synchronization_object.cpp b/src/dpl/db/src/naive_synchronization_object.cpp
index 2592c3c..18eeefb 100644
--- a/src/dpl/db/src/naive_synchronization_object.cpp
+++ b/src/dpl/db/src/naive_synchronization_object.cpp
@@ -21,10 +21,11 @@
* synchronization object
*/
#include <stddef.h>
-#include <dpl/db/naive_synchronization_object.h>
#include <chrono>
#include <thread>
+#include <cchecker/dpl/db/naive_synchronization_object.h>
+
namespace {
unsigned int seed = time(NULL);
}
diff --git a/src/dpl/db/src/sql_connection.cpp b/src/dpl/db/src/sql_connection.cpp
index 27ea4fd..65c04ec 100644
--- a/src/dpl/db/src/sql_connection.cpp
+++ b/src/dpl/db/src/sql_connection.cpp
@@ -20,16 +20,17 @@
* @brief This file is the implementation file of SQL connection
*/
#include <stddef.h>
-#include <dpl/db/sql_connection.h>
-#include <dpl/db/naive_synchronization_object.h>
-#include <dpl/scoped_free.h>
-#include <dpl/noncopyable.h>
-#include <dpl/assert.h>
#include <db-util.h>
#include <unistd.h>
#include <cstdio>
#include <cstdarg>
+#include <cchecker/dpl/scoped_free.h>
+#include <cchecker/dpl/noncopyable.h>
+#include <cchecker/dpl/assert.h>
+#include <cchecker/dpl/db/sql_connection.h>
+#include <cchecker/dpl/db/naive_synchronization_object.h>
+
namespace CCHECKER {
namespace DB {
namespace // anonymous
diff --git a/src/include/cchecker/app.h b/src/include/cchecker/app.h
index c7dff35..3217bdb 100644
--- a/src/include/cchecker/app.h
+++ b/src/include/cchecker/app.h
@@ -24,10 +24,15 @@
#include <string>
#include <vector>
+#include <list>
#include <sys/types.h>
namespace CCHECKER {
+// Used as app_id when no information about app id in signal
+// Currently in signals from pkgmgr only information about pkg_id is included
+const char *const TEMP_APP_ID = "temp#app_id";
+
struct app_t {
enum class verified_t : int32_t {
NO = 0,
@@ -50,6 +55,22 @@ struct app_t {
std::string str(void) const;
};
+struct url_t {
+ std::string issuer;
+ std::string url;
+ int64_t date;
+
+ url_t(const std::string &_issuer,
+ const std::string &_url,
+ int64_t _date):
+ issuer(_issuer),
+ url(_url),
+ date(_date)
+ {};
+};
+
+typedef std::list<url_t> ocsp_urls_t;
+
} //CCHECKER
#endif //CCHECKER_APP_H
diff --git a/src/include/cchecker/certs.h b/src/include/cchecker/certs.h
new file mode 100644
index 0000000..ed8efe0
--- /dev/null
+++ b/src/include/cchecker/certs.h
@@ -0,0 +1,46 @@
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file certs.h
+ * @author Janusz Kozerski (j.kozerski@samsung.com)
+ * @version 1.0
+ * @brief This file is the implementation of certificates logic
+ * Getting out findinf app signature, getting certificates out of
+ * signature. Checking OCSP
+ */
+
+#ifndef CCHECKER_CERTS_H
+#define CCHECKER_CERTS_H
+
+#include <cchecker/app.h>
+
+namespace CCHECKER {
+
+class Certs {
+ public:
+ Certs();
+ virtual ~Certs();
+ void get_certificates (app_t &app, ocsp_urls_t &ocsp_urls);
+ private:
+ void find_app_signatures (app_t &app, const std::string &app_path, ocsp_urls_t &ocsp_urls);
+ void search_app (app_t &app, ocsp_urls_t &ocsp_urls);
+
+};
+
+} // CCHECKER
+
+
+#endif // CCHECKER_CERTS_H
diff --git a/src/include/cchecker/logic.h b/src/include/cchecker/logic.h
index 1f42ab3..d698437 100644
--- a/src/include/cchecker/logic.h
+++ b/src/include/cchecker/logic.h
@@ -31,6 +31,7 @@
#include <thread>
#include <cchecker/app.h>
+#include <cchecker/certs.h>
#include <cchecker/queue.h>
namespace CCHECKER {
@@ -84,7 +85,7 @@ class Logic {
void pkgmanager_uninstall(const app_t &app);
void get_certs_from_signature(const std::string &signature, std::vector<std::string> &cert);
- void add_app_to_buffer(const app_t &app);
+ void add_app_to_buffer_and_database(const app_t &app);
void remove_app_from_buffer(const app_t &app);
void pkgmgr_callback_internal(GVariant *parameters, pkgmgr_event_t event);
@@ -111,6 +112,7 @@ class Logic {
void set_should_exit(void);
Queue m_queue;
+ Certs m_certs;
std::list<app_t> m_buffer;
DB::SqlQuery *m_sqlquery;
bool m_was_setup_called;
diff --git a/src/include/cchecker/sql_query.h b/src/include/cchecker/sql_query.h
index 3996b75..5a22740 100644
--- a/src/include/cchecker/sql_query.h
+++ b/src/include/cchecker/sql_query.h
@@ -23,7 +23,7 @@
#include <list>
#include <string>
-#include <dpl/db/sql_connection.h>
+#include <cchecker/dpl/db/sql_connection.h>
#include <cchecker/app.h>
namespace CCHECKER {
diff --git a/src/logic.cpp b/src/logic.cpp
index 82059ac..445c266 100644
--- a/src/logic.cpp
+++ b/src/logic.cpp
@@ -32,7 +32,6 @@ namespace CCHECKER {
namespace {
const char *const DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".cert-checker.db");
-const char *const TEPM_APP_ID = "temp#app_id";
}
Logic::~Logic(void)
@@ -264,7 +263,7 @@ void Logic::pkgmgr_callback_internal(GVariant *parameters,
status = g_variant_dup_string(g_variant_get_child_value(parameters, 5), NULL);
// FIXME: No information about app_id in the signal. Use stub.
- app_t app(TEPM_APP_ID, pkgid, uid, {});
+ app_t app(TEMP_APP_ID, pkgid, uid, {});
if (std::string(state) == "end" && std::string(status) == "ok") {
if (event == EVENT_INSTALL) {
@@ -358,7 +357,9 @@ void Logic::process_queue(void)
error_t Logic::process_buffer(void)
{
- // TODO: Implement
+ for(auto iter = m_buffer.begin(); iter != m_buffer.end(); iter++) {
+ // TODO: Implement checking OCSP
+ }
return NO_ERROR;
}
@@ -393,18 +394,29 @@ void Logic::process_all()
void Logic::process_event(const event_t &event)
{
if (event.event_type == event_t::event_type_t::APP_INSTALL) {
- // TODO: implement geting app signature, then getting certificates from app signature.
- // TODO: implement add app to buffer and database
- add_app_to_buffer(event.app);
+ // pulling out certificates from signatures
+ app_t app = event.app;
+ ocsp_urls_t ocsp_urls;
+ m_certs.get_certificates(app, ocsp_urls);
+ add_app_to_buffer_and_database(app);
+
+ // Adding OCSP URLs - if found any
+ if (!ocsp_urls.empty()){
+ LogDebug("Some OCSP url has been found. Adding to database");
+ for (auto iter = ocsp_urls.begin(); iter != ocsp_urls.end(); iter++){
+ m_sqlquery->set_url(iter->issuer, iter->url, iter->date);
+ }
+ }
}
else if (event.event_type == event_t::event_type_t::APP_UNINSTALL) {
remove_app_from_buffer(event.app);
+ m_sqlquery->remove_app_from_check_list(event.app);
}
else
LogError("Unknown event type");
}
-void Logic::add_app_to_buffer(const app_t &app)
+void Logic::add_app_to_buffer_and_database(const app_t &app)
{
// First add app to DB
if(!m_sqlquery->add_app_to_check_list(app)) {
diff --git a/tests/colour_log_formatter.cpp b/tests/colour_log_formatter.cpp
index 8b71d99..4587237 100644
--- a/tests/colour_log_formatter.cpp
+++ b/tests/colour_log_formatter.cpp
@@ -12,7 +12,7 @@
#include <iostream>
#include <string>
-#include <dpl/colors.h>
+#include <cchecker/dpl/colors.h>
// ************************************************************************** //
// ************** colour_log_formatter ************** //