|
1 // Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies). |
|
2 // All rights reserved. |
|
3 // This component and the accompanying materials are made available |
|
4 // under the terms of "Eclipse Public License v1.0" |
|
5 // which accompanies this distribution, and is available |
|
6 // at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
7 // |
|
8 // Initial Contributors: |
|
9 // Nokia Corporation - initial contribution. |
|
10 // |
|
11 // Contributors: |
|
12 // |
|
13 // Description: |
|
14 // Security issues related methods used across apparc |
|
15 // |
|
16 // apsecutils.cpp |
|
17 // |
|
18 |
|
19 #include "apsecutils.h" |
|
20 #include <stdlib.h> |
|
21 #include <iostream.h> |
|
22 #include <fstream> |
|
23 #include <string> |
|
24 #include "parse.h" |
|
25 |
|
26 using namespace std; |
|
27 |
|
28 TUint32 CApaSecurityUtils::iCapabilities = 0; |
|
29 TUint32 CApaSecurityUtils::iSecureID = 0; |
|
30 |
|
31 /** |
|
32 * Determines whether an EXE SID is within the protected range\d |
|
33 * |
|
34 * @param aSid The SID to check |
|
35 * @return ETrue if it is protected |
|
36 */ |
|
37 inline TBool CApaSecurityUtils::HasWriteDeviceDataCap( const TUint32 aCapability ) |
|
38 { |
|
39 // If bit 6 is set then WriteDeviceData capability is enabled |
|
40 return (aCapability & 0x20) ? 1 : 0; |
|
41 } |
|
42 |
|
43 /** |
|
44 * Determines whether an EXE SID is within the protected range\d |
|
45 * |
|
46 * @param aSid The SID to check |
|
47 * @return ETrue if it is protected |
|
48 */ |
|
49 inline TBool CApaSecurityUtils::IsSidProtected( const TUint32 aSid ) |
|
50 { |
|
51 // If bit 31 is set then Sid is unprotected |
|
52 return (aSid & 0x80000000) ? 0 : 1; |
|
53 } |
|
54 |
|
55 TInt CApaSecurityUtils::GetInfo(std::string& aFilename) |
|
56 { |
|
57 const TUint8 kHeaderSize= 4; |
|
58 TUint8 header[kHeaderSize]; |
|
59 |
|
60 std::ifstream* iFileContents; |
|
61 iFileContents= new std::ifstream(aFilename.c_str(), std::ios::in|std::ios::binary); |
|
62 |
|
63 if(!iFileContents->good()) |
|
64 { |
|
65 if (iFileContents->is_open()) |
|
66 { |
|
67 iFileContents->close(); |
|
68 } |
|
69 if(iFileContents) |
|
70 delete iFileContents; |
|
71 return 1; |
|
72 } |
|
73 |
|
74 TInt aPos=0x80; |
|
75 // Seek to the offset specified by "aPos" |
|
76 iFileContents->seekg(aPos, std::ios_base::beg); |
|
77 iFileContents->read((char*)header, kHeaderSize); |
|
78 memcpy((TUint8*)&iSecureID,header,4); |
|
79 |
|
80 aPos=0x88; |
|
81 // Seek to the offset specified by "aPos" |
|
82 iFileContents->seekg(aPos, std::ios_base::beg); |
|
83 iFileContents->read((char*)header, kHeaderSize); |
|
84 memcpy((TUint8*)&iCapabilities,header,4); |
|
85 |
|
86 if (iFileContents->is_open()) |
|
87 { |
|
88 iFileContents->close(); |
|
89 } |
|
90 |
|
91 if(iFileContents) |
|
92 delete iFileContents; |
|
93 |
|
94 return 0; |
|
95 } |
|
96 |
|
97 /** |
|
98 * Check if application has a WriteDeviceData capability |
|
99 * and if it's SID is in the protected range |
|
100 * |
|
101 * @param aAppFilename path to application exe file |
|
102 * @param aHasWriteDeviceDataCap returns ETrue if app has WriteDeviceData cap |
|
103 * @param aIsSidProtected returns ETrue if application SID is in the protected range |
|
104 * @return KErrNone if succesful, error code otherwise |
|
105 */ |
|
106 TInt CApaSecurityUtils::CheckAppSecurity( const Ptr16& aAppFilename, |
|
107 TBool& aHasWriteDeviceDataCap, |
|
108 TBool& aIsSidProtected, |
|
109 const std::string& aDerivedPath) |
|
110 |
|
111 { |
|
112 aHasWriteDeviceDataCap = EFalse; |
|
113 aIsSidProtected = EFalse; |
|
114 |
|
115 std::string Filename = Ptr16ToString(&aAppFilename); |
|
116 std::string Path(aDerivedPath); |
|
117 #ifdef __LINUX__ |
|
118 Path.append("/sys/bin/"); |
|
119 #else |
|
120 Path.append("\\sys\\bin\\"); |
|
121 #endif |
|
122 |
|
123 Path.append(Filename); |
|
124 Path.append(".exe"); |
|
125 |
|
126 TInt ret = CApaSecurityUtils::GetInfo(Path); |
|
127 |
|
128 if ( KErrNone == ret ) |
|
129 { |
|
130 if( HasWriteDeviceDataCap( TUint32( iCapabilities) ) ) |
|
131 { |
|
132 aHasWriteDeviceDataCap = ETrue; |
|
133 } |
|
134 |
|
135 if( IsSidProtected( TUint32( iSecureID) ) ) |
|
136 { |
|
137 aIsSidProtected = ETrue; |
|
138 } |
|
139 } |
|
140 |
|
141 return ret; |
|
142 } |
|
143 |
|
144 //End of file |