MCL/sf/mw/appinstall: comparison secureswitools/swisistools/source/rscparser/apsecutils.cpp

equal deleted inserted replaced

-:5cc91383ab1e
+:7333d7932ef7
+// Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies).
+// All rights reserved.
+// This component and the accompanying materials are made available
+// under the terms of "Eclipse Public License v1.0"
+// which accompanies this distribution, and is available
+// at the URL "http://www.eclipse.org/legal/epl-v10.html".
+//
+// Initial Contributors:
+// Nokia Corporation - initial contribution.
+//
+// Contributors:
+//
+// Description:
+// Security issues related methods used across apparc
+//
+// apsecutils.cpp
+//
+#include "apsecutils.h"
+#include <stdlib.h>
+#include <iostream.h>
+#include <fstream>
+#include <string>
+#include "parse.h"
+using namespace std;
+TUint32 CApaSecurityUtils::iCapabilities = 0;
+TUint32 CApaSecurityUtils::iSecureID = 0;
+/**
+* Determines whether an EXE SID is within the protected range\d
+*
+* @param aSid The SID to check
+* @return ETrue if it is protected
+*/
+inline TBool CApaSecurityUtils::HasWriteDeviceDataCap( const TUint32 aCapability )
+{
+// If bit 6 is set then WriteDeviceData capability is enabled
+return (aCapability & 0x20) ? 1 : 0;
+}
+/**
+* Determines whether an EXE SID is within the protected range\d
+*
+* @param aSid The SID to check
+* @return ETrue if it is protected
+*/
+inline TBool CApaSecurityUtils::IsSidProtected( const TUint32 aSid )
+{
+// If bit 31 is set then Sid is unprotected
+return (aSid & 0x80000000) ? 0 : 1;
+}
+TInt CApaSecurityUtils::GetInfo(std::string& aFilename)
+{
+	const TUint8 kHeaderSize= 4;
+	TUint8 header[kHeaderSize];
+	std::ifstream* iFileContents;
+	iFileContents= new std::ifstream(aFilename.c_str(), std::ios::in|std::ios::binary);
+	if(!iFileContents->good())
+	{
+		if (iFileContents->is_open())
+		{
+			iFileContents->close();
+		}
+		if(iFileContents)
+			delete iFileContents;
+		return 1;
+	}
+	TInt aPos=0x80;
+	// Seek to the offset specified by "aPos"
+	iFileContents->seekg(aPos, std::ios_base::beg);
+	iFileContents->read((char*)header, kHeaderSize);
+	memcpy((TUint8*)&iSecureID,header,4);
+	aPos=0x88;
+	// Seek to the offset specified by "aPos"
+	iFileContents->seekg(aPos, std::ios_base::beg);
+	iFileContents->read((char*)header, kHeaderSize);
+	memcpy((TUint8*)&iCapabilities,header,4);
+	if (iFileContents->is_open())
+	{
+		iFileContents->close();
+	}
+	if(iFileContents)
+		delete iFileContents;
+	return 0;
+}
+/**
+* Check if application has a WriteDeviceData capability
+* and if it's SID is in the protected range
+*
+* @param aAppFilename path to application exe file
+* @param aHasWriteDeviceDataCap returns ETrue if app has WriteDeviceData cap
+* @param aIsSidProtected returns ETrue if application SID is in the protected range
+* @return KErrNone if succesful, error code otherwise
+*/
+TInt CApaSecurityUtils::CheckAppSecurity( const Ptr16& aAppFilename,
+TBool& aHasWriteDeviceDataCap,
+TBool& aIsSidProtected,
+const std::string& aDerivedPath)
+{
+aHasWriteDeviceDataCap = EFalse;
+aIsSidProtected = EFalse;
+	std::string Filename = Ptr16ToString(&aAppFilename);
+	std::string Path(aDerivedPath);
+	#ifdef __LINUX__
+	Path.append("/sys/bin/");
+	#else
+	Path.append("\\sys\\bin\\");
+	#endif
+	Path.append(Filename);
+	Path.append(".exe");
+TInt ret = CApaSecurityUtils::GetInfo(Path);
+if ( KErrNone == ret )
+{
+if( HasWriteDeviceDataCap( TUint32( iCapabilities) ) )
+{
+aHasWriteDeviceDataCap = ETrue;
+}
+if( IsSidProtected( TUint32( iSecureID) ) )
+{
+aIsSidProtected = ETrue;
+}
+}
+return ret;
+}
+//End of file

branch	RCL_3
changeset 25	7333d7932ef7