path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2016-02-24Change building certificate chain APIsubmit/tizen/20160224.080105accepted/tizen/wearable/20160225.080701accepted/tizen/tv/20160225.080643accepted/tizen/mobile/20160225.080627accepted/tizen/ivi/20160225.080714sangwan.kwon2-63/+89
* cert-svc API, key-manager API -> pkgmgr-info API Change-Id: I1c3523dd73041f117fab1c1b0012d25c1535defe Signed-off-by: sangwan.kwon <>
2016-02-17Change package event handler APIsangwan.kwon3-121/+210
* Dbus API -> pkgmgrinfo API Change-Id: Ia7a8d84e7eaf35d5be5d077b753ec1915b1b49d0 Signed-off-by: sangwan.kwon <>
2015-11-25Use new cert-svc vcore APIsubmit/tizen_ivi/20160217.000003submit/tizen_ivi/20160217.000000submit/tizen_common/20151229.154718submit/tizen_common/20151229.144031submit/tizen_common/20151229.142028submit/tizen/20151204.130942accepted/tizen/wearable/20151206.224905accepted/tizen/tv/20151206.224844accepted/tizen/mobile/20151206.224825accepted/tizen/ivi/20160218.023939Janusz Kozerski1-2/+2
Vcore SignatureValidator API has been changed. This commit introduces usage of the new API. Change-Id: I074e0ca0660b980b4defa9d95ae5869099822eb0
2015-11-17Fix klocwork issuesJanusz Kozerski1-1/+1
Verification: Build, run tests. Change-Id: I91e4dea095cc427576e0e4d75eb335e65ee4ae5d
2015-11-10Add popupJanusz Kozerski15-171/+1333
Since Notification framework doesn't support system daemons, the cert-checker's internal popup should be provided. Add implementation of popup binary - /usr/bin/cert-checker-popup Cert-checker forks(), execs a popup binary, waits for popup termination, and then reads user response from pipe. Change-Id: Ie2e70f661feb1f262841d59a1b4c6a7ec49901f9
2015-09-14Add missing code for logic testsJanusz Kozerski3-5/+24
Change-Id: Iaa411b52647f2348024b1e8d100d678f89a48c5f
2015-09-08Fixed synchronisation issuesKrzysztof Jackiewicz2-59/+82
[Problem] Production code mixed with test code. Poor readability. Synchronisation issues. [Solution] Synchronisation reimplemented. Test code separated from production code. [Verification] Run all test Change-Id: Iea5ed2ce9f10a4cdac8994acf91809cd12050d69
2015-09-08Use new cert-svc-vcore API: makeChainBySignature()Janusz Kozerski4-109/+52
This change includes adding cert_order in DB. Chain of certificates should be created while reading/parsing signature. Certificates should be put into DB in right order - first should go end entity certificate. DB ensures that certificates will be loaded into the buffer in exactly same order (end entity will be the first element on the list). Verification: Run tests, all should pass. Change-Id: I09571bab7862bdb539dd3a957330fe23d687b48f
2015-08-03Add defines in DB codeJanusz Kozerski1-50/+54
Change-Id: I7405977c655032e4d520dcd064979302105b820c
2015-08-03Add popup UI (+tests)Janusz Kozerski9-7/+398
Notification framework currently doesn't work properly on To test UI run: cert-checker-popup-test, and check if UI is displayed correctly. Change-Id: I0eb9b134c77c82eb77b4834b81a1cd1fa19dd620
2015-07-31Get online status from connman at startup.Janusz Kozerski2-22/+60
* Fix DBus proxy pointer Change-Id: Iad1cfe8e6a02136e5a899b50560a586265c5a322
2015-07-17Add systemd configurationJanusz Kozerski1-1/+1
Change-Id: Id0de6e5eb1387e99b8c8bcb0c66ae13151c1a3f7
2015-07-17Add OCSP verification (CKM API is used)Janusz Kozerski5-48/+237
* Add tests for certificates * Remove unnecessary methods in Logic class * Add missing include * Use new cert-checker-vcore API Change-Id: Idfa777d1f1ba6f7142ea78e29bf1bc63415b128e
2015-07-10Refactor DB and app_t structure - preparation for OCSP checking.Janusz Kozerski5-49/+127
New version of DB is needed to keep separately certificates from each signatrue. Because application can be signed by more than one signature we need to keep all certificates from all signatures in separate lists to make building certificates' chains easier. * Add operators (==, !=, <) for app_t structre * Add operators (==, !=) for event_t structure * Add tests for operators * Remove check_id from app_t structure Change-Id: I966dd81420618325d1afa55bcbc656291ccb4238
2015-07-06Add pulling out certificates from apps' signature.Janusz Kozerski32-48/+296
* Move DPL include files from "dpl/*" into "cchecker/dpl/* because of cert-svc-vcore also uses DPL (from wrt-commons), and that was causing build break. * Certificates are stored in buffer and database. * OCSP URLs are pulled out from certificates and stored in database. Change-Id: Ic0601da38619f7c7b784d952abe56888db036673
2015-07-06Add thread for processing eventsJanusz Kozerski2-9/+171
Thread is waiting on conditional for events. When event will be add to queue the callback will send signal to thread (connman callback sends signal without adding event to queue). The thread: * Process the queue first: Moves all events from queue into the buffer. * Then process buffer (checks OCSP, shows popup, etc.) - to be implemented. Change-Id: I8cadc43b8d2c704bf07f0aec63b909ec4d52d5a7
2015-07-06Add thread-safe Queue classJanusz Kozerski5-0/+133
* Add m_queue member to Logic class Change-Id: I31574fccd48cddc8bbb467568cf72c4d80d94803
2015-06-26Replace pkgmgr signal handling with dbus APIJanusz Kozerski3-92/+160
After fix package-manager API using of its API can be restored. [Verication] 1) Build cert-checker with debug and run it on emulator 2) In 2nd console run: journalctl -f | grep cert-checker 3) Install and uninstall app in some random order: install: pkgcmd -i -t wgt -p /usr/share/widget_demo/mancala.wgt -q uninstall: pkgcmd -u -n yKrWwxz1KX -q 4) Check if journal logs are correct Change-Id: I60a77c2862dd9745e1b422fb2eb3afec13b40d14
2015-06-26Add cert-checker database (+tests). Change include files path.Janusz Kozerski16-37/+639
* Add m_buffer in Logic class. * Load database into buffer in Logic::setup() * Move include to separate folder - this solves problem with app.h file from different package. [Verification] Run cert-checker-tests. All should pass. Change-Id: I809951a17fd44d5258ad91e480b6914e92d1058b
2015-05-27Add DPL code (needed for database support)Janusz Kozerski23-0/+3100
Changes: * change namespace from DPL to CCHECKER. * change LogPenantic -> LogDebug (journal doesn't support pedantic) * naiveSynchronizationObject() uses STL thread and chrono instead of DPL/thread Change-Id: I553a71dd5befbe4bc4d18f7582955af6ea329db7
2015-05-27Add classes: Logic, App_t. Add journal loging supportJanusz Kozerski8-0/+614
Class Logic has only dbus callbacks implemetation (package-manager, connman), beside it it's empty implementation. Verification: 1) Build cert-checker with debug, and install on emulator. 2) Run cert-checker - do it in emulator UI console (not via ssh). 3) On other console in emulator UI run command: journalctl -f | grep cert-checker - to see the logs. 4) On third console turn on and off offline mode on device: /usr/sbin/connmanctl enable offline /usr/sbin/connmanctl disable offline 5) You should see logs from cert-checker in journal 6) Install any app to check if package-manager signal works in cert-checker: pkgcmd -i -t wgt -p /usr/share/widget_demo/go.wgt -q 7) Check if logs are present. Change-Id: Ic7d6fc4f47ca9ced18744ad8a77f8516b75304e3