diff options
author | Maksym Ked (GitHub) <41471947+mked-luxoft@users.noreply.github.com> | 2019-08-29 17:18:03 +0300 |
---|---|---|
committer | JackLivio <jack@livio.io> | 2019-08-29 10:18:03 -0400 |
commit | 5905717229c512e975ca95715736db795f3105d2 (patch) | |
tree | eaf7ebfed69c51f82941c0c095a0117e62073d18 /src/components/application_manager/include | |
parent | 0d41f149005218b9e5d76f6e40b892ecbc2e4280 (diff) | |
download | sdl_core-5905717229c512e975ca95715736db795f3105d2.tar.gz |
Feature/rpc message protection (#2951)
* Added encryption required flag to policy table.
Also added RPC Encryption Manager Interface for comfortable access to
policy table.
* Added logic for processing RPC according to the proposal.
* The permission change notification has been expanded.
* Fixed UTs after implementation feature RPC message protection.
* Fix multiframe issue
* Fix style
* Added storage of encryption required rpcs
* Fix CI build
* Extended logic adding encryption flag in message helper
* Added permission check of encryption required for PROP
* Added permission check of encryption required for EXT
* Fixes after rebase
* Answer PR comments
- fixed typos
- fixed 3rd party cmake
* fixup! Added logic for processing RPC according to the proposal.
* fixup! The permission change notification has been expanded.
* Answer PR comments
- renamed functions
- added encryption_required flag to sql_pt_ext* source files
- added condition and logging to CacheManager::GetApplicationParams
* fixup! Added logic for processing RPC according to the proposal.
* fixup! Added encryption required flag to policy table.
* fixup! Added permission check of encryption required for EXT
* fixup! Added permission check of encryption required for PROP
* Fixes after rebase
Diffstat (limited to 'src/components/application_manager/include')
7 files changed, 269 insertions, 2 deletions
diff --git a/src/components/application_manager/include/application_manager/message.h b/src/components/application_manager/include/application_manager/message.h index 7525ff1aa3..1ce7596bf2 100644 --- a/src/components/application_manager/include/application_manager/message.h +++ b/src/components/application_manager/include/application_manager/message.h @@ -71,6 +71,12 @@ class Message { int32_t correlation_id() const; int32_t connection_key() const; + /** + * @brief retreives message's protection flag + * @return true if message is encrypted, otherwise returns false + */ + bool is_message_encrypted() const; + MessageType type() const; protocol_handler::MajorProtocolVersion protocol_version() const; @@ -95,6 +101,13 @@ class Message { void set_data_size(size_t data_size); void set_payload_size(size_t payload_size); + /** + * @brief sets message's protection flag + * @param protection - bool value, if message is encrypted - true, otherwise + * - false + */ + void set_message_encryption(const bool protection); + static bool is_sufficient_version( protocol_handler::MajorProtocolVersion minVersion, protocol_handler::MajorProtocolVersion version); @@ -122,6 +135,8 @@ class Message { size_t data_size_; size_t payload_size_; protocol_handler::MajorProtocolVersion version_; + + bool is_message_encrypted_; }; typedef std::shared_ptr<application_manager::Message> MobileMessage; diff --git a/src/components/application_manager/include/application_manager/message_helper.h b/src/components/application_manager/include/application_manager/message_helper.h index 44046be523..8f05b523b3 100644 --- a/src/components/application_manager/include/application_manager/message_helper.h +++ b/src/components/application_manager/include/application_manager/message_helper.h @@ -514,11 +514,14 @@ class MessageHelper { * @brief Send notification to mobile on application permissions update * @param connection_key Id of application to send message to * @param permissions updated permissions for application + * @param app_mngr reference to application manager + * @param require_encryption require encryption flag */ static void SendOnPermissionsChangeNotification( uint32_t connection_key, const policy::Permissions& permissions, - ApplicationManager& app_mngr); + ApplicationManager& app_mngr, + const policy::EncryptionRequired encryprion_required); /* * @brief Send notification to HMI on application permissions update diff --git a/src/components/application_manager/include/application_manager/policies/policy_handler.h b/src/components/application_manager/include/application_manager/policies/policy_handler.h index ccbd466cdd..dddd1b333d 100644 --- a/src/components/application_manager/include/application_manager/policies/policy_handler.h +++ b/src/components/application_manager/include/application_manager/policies/policy_handler.h @@ -77,6 +77,8 @@ class PolicyHandler : public PolicyHandlerInterface, PolicyHandler(const policy::PolicySettings& get_settings, application_manager::ApplicationManager& application_manager); virtual ~PolicyHandler(); + PolicyEncryptionFlagGetterInterfaceSPtr PolicyEncryptionFlagGetter() + const OVERRIDE; bool LoadPolicyLibrary() OVERRIDE; bool PolicyEnabled() const OVERRIDE; bool InitPolicyTable() OVERRIDE; @@ -674,6 +676,8 @@ class PolicyHandler : public PolicyHandlerInterface, virtual void OnPTUFinished(const bool ptu_result) OVERRIDE; + virtual void OnPTInited() OVERRIDE; + /** * @brief OnDeviceSwitching Notifies policy manager on device switch event so * policy permissions should be processed accordingly diff --git a/src/components/application_manager/include/application_manager/rpc_protection_manager.h b/src/components/application_manager/include/application_manager/rpc_protection_manager.h new file mode 100644 index 0000000000..34188da4e9 --- /dev/null +++ b/src/components/application_manager/include/application_manager/rpc_protection_manager.h @@ -0,0 +1,111 @@ +/* + * Copyright (c) 2019, Ford Motor Company + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following + * disclaimer in the documentation and/or other materials provided with the + * distribution. + * + * Neither the name of the Ford Motor Company nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef SRC_COMPONENTS_APPLICATION_MANAGER_INCLUDE_PROTOCOL_HANDLER_RPC_PROTECTION_MANAGER_H_ +#define SRC_COMPONENTS_APPLICATION_MANAGER_INCLUDE_PROTOCOL_HANDLER_RPC_PROTECTION_MANAGER_H_ + +#include <cstdint> +#include <memory> + +#include "application_manager/application.h" +#include "application_manager/policies/policy_handler_observer.h" +#include "smart_objects/smart_object.h" + +namespace ns_smart_device_link { +namespace ns_smart_objects { +class SmartObject; +} // namespace ns_smart_objects +} // namespace ns_smart_device_link +namespace smart_objects = ns_smart_device_link::ns_smart_objects; + +namespace application_manager { +class Application; +} // namespace application_manager + +namespace application_manager { +/** + * @brief RPCProtectionManager interface + * This entity exists to get info from policy table regarding encryption on + * application and function group level, as well as make decisions whether + * certain RPC should be encrypted or not. + * It mediates communication between PRCService and + * PolicyEncryptionFlagGetterInterface which is implemented by PolicyManager, + * providing adequate level of abstraction. + */ +class RPCProtectionManager : public policy::PolicyHandlerObserver { + public: + /* + * @brief virtual destructor RPCProtectionManager + */ + virtual ~RPCProtectionManager() {} + + /* + * @brief checks whether given rpc requires encryption by policy + * @param function_id function id + * @param app ref to Application + * @param is_rpc_service_secure the flag the secure service started + * @return true if function need encryption for current app, else false + */ + virtual bool CheckPolicyEncryptionFlag( + const uint32_t function_id, + const ApplicationSharedPtr app, + const bool is_rpc_service_secure) const = 0; + /* + * @brief check whether given rpc is saved to internal cache and needs to be + * encrypted before sending to mobile + * @param app_id application id + * @param correlation_id correlation id + * @return true if the message with correlation id correlation_id needed e + * ncryption else false + */ + virtual bool IsInEncryptionNeededCache( + const uint32_t app_id, const uint32_t conrrelation_id) const = 0; + + /* + * @brief Adds app id and correlation id of a message to internal cache + * @param app_id application if + * @param correlation_id correlation id + */ + virtual void AddToEncryptionNeededCache(const uint32_t app_id, + const uint32_t correlation_id) = 0; + + /* + * @brief Removes app id and correlation id of a message from internal cache + * @param app_id application if + * @param correlation_id correlation id + */ + virtual void RemoveFromEncryptionNeededCache( + const uint32_t app_id, const uint32_t correlation_id) = 0; +}; +} // namespace application_manager + +#endif // SRC_COMPONENTS_APPLICATION_MANAGER_INCLUDE_PROTOCOL_HANDLER_RPC_PROTECTION_MANAGER_H_ diff --git a/src/components/application_manager/include/application_manager/rpc_protection_manager_impl.h b/src/components/application_manager/include/application_manager/rpc_protection_manager_impl.h new file mode 100644 index 0000000000..b971ace480 --- /dev/null +++ b/src/components/application_manager/include/application_manager/rpc_protection_manager_impl.h @@ -0,0 +1,116 @@ +/* + * Copyright (c) 2019, Ford Motor Company + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following + * disclaimer in the documentation and/or other materials provided with the + * distribution. + * + * Neither the name of the Ford Motor Company nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef SRC_COMPONENTS_APPLICATION_MANAGER_INCLUDE_PROTOCOL_HANDLER_RPC_PROTECTION_MANAGER_IMPL_H_ +#define SRC_COMPONENTS_APPLICATION_MANAGER_INCLUDE_PROTOCOL_HANDLER_RPC_PROTECTION_MANAGER_IMPL_H_ + +#include <map> +#include <set> +#include "application_manager/policies/policy_handler.h" +#include "application_manager/rpc_protection_manager.h" + +namespace application_manager { +/* + * @brief RPCProtectionManager implementation + */ +class RPCProtectionManagerImpl : public RPCProtectionManager { + public: + typedef std::pair<uint32_t, uint32_t> AppIdCorrIdPair; + typedef std::set<std::string> FunctionNames; + typedef std::map<std::string, FunctionNames> AppEncryptedRpcMap; + + RPCProtectionManagerImpl(policy::PolicyHandlerInterface& policy_handler); + + ~RPCProtectionManagerImpl() OVERRIDE {} + + bool CheckPolicyEncryptionFlag( + const uint32_t function_id, + const ApplicationSharedPtr app, + const bool is_rpc_service_secure) const OVERRIDE; + + bool IsInEncryptionNeededCache(const uint32_t app_id, + const uint32_t conrrelation_id) const OVERRIDE; + + void AddToEncryptionNeededCache(const uint32_t app_id, + const uint32_t correlation_id) OVERRIDE; + + void RemoveFromEncryptionNeededCache(const uint32_t app_id, + const uint32_t correlation_id) OVERRIDE; + + // PolicyHandlerObserver interface + void OnPTUFinished(const bool ptu_result) OVERRIDE; + + void OnPTInited() OVERRIDE; + + private: + /* + * @brief check whether given rpc is an exception + * @param function_id function id + * @return true if function_id is an exception (rpc that can be sent before + * app is registered, hence before secure rpc service is established) + */ + bool IsExceptionRPC(const uint32_t function_id) const; + + /* + * @brief retreives list of rpcs that require encryption by policy + * @param policy_app_id policy application name + * @return container with function names that require encryption by policy + */ + FunctionNames GetEncryptedRPCsForApp(const std::string& policy_app_id); + + /* + * @brief checks whether given function name is in saved encrypted rpc list + * @param policy_app_id policy application name + * @param function_name policy function name + * @return true if function_name for this policy_app_id is saved, otherwise - + * false + */ + bool IsEncryptionRequiredByPolicy(const std::string& policy_app_id, + const std::string& function_name) const; + + /* + * @brief saves rpcs that have encryption_required flag in policy table to + * internal container + */ + void SaveEncryptedRPC(); + + policy::PolicyHandlerInterface& policy_handler_; + + AppEncryptedRpcMap encrypted_rpcs_; + sync_primitives::Lock encrypted_rpcs_lock_; + + std::set<AppIdCorrIdPair> encryption_needed_cache_; + sync_primitives::Lock message_needed_encryption_lock_; +}; +} // namespace application_manager + +#endif // SRC_COMPONENTS_APPLICATION_MANAGER_INCLUDE_PROTOCOL_HANDLER_RPC_PROTECTION_MANAGER_IMPL_H_ diff --git a/src/components/application_manager/include/application_manager/rpc_service_impl.h b/src/components/application_manager/include/application_manager/rpc_service_impl.h index ab71729b3f..e32cdf42a2 100644 --- a/src/components/application_manager/include/application_manager/rpc_service_impl.h +++ b/src/components/application_manager/include/application_manager/rpc_service_impl.h @@ -38,6 +38,7 @@ #include "application_manager/message_helper.h" #include "application_manager/mobile_message_handler.h" #include "application_manager/request_controller.h" +#include "application_manager/rpc_protection_manager.h" #include "application_manager/rpc_service.h" #include "application_manager/usage_statistics.h" @@ -87,6 +88,14 @@ typedef threads::MessageLoopThread<utils::PrioritizedQueue<MessageToHmi> > ToHmiQueue; } // namespace impl +typedef std::shared_ptr<RPCProtectionManager> RPCProtectionManagerSPtr; + +enum class EncryptionFlagCheckResult { + kSuccess_Protected, + kSuccess_NotProtected, + kError_EncryptionNeeded +}; + class RPCServiceImpl : public RPCService, public impl::ToMobileQueue::Handler, public impl::ToHmiQueue::Handler { @@ -103,7 +112,8 @@ class RPCServiceImpl : public RPCService, request_controller::RequestController& request_ctrl, protocol_handler::ProtocolHandler* protocol_handler, hmi_message_handler::HMIMessageHandler* hmi_handler, - CommandHolder& commands_holder); + CommandHolder& commands_holder, + RPCProtectionManagerSPtr rpc_protection_manager); ~RPCServiceImpl(); bool ManageMobileCommand(const commands::MessageSharedPtr message, @@ -133,6 +143,11 @@ class RPCServiceImpl : public RPCService, bool ConvertSOtoMessage(const smart_objects::SmartObject& message, Message& output, const bool allow_unknown_parameters = false); + + EncryptionFlagCheckResult IsEncryptionRequired( + const smart_objects::SmartObject& message, + ApplicationSharedPtr app, + const bool is_rpc_service_secure) const; hmi_apis::HMI_API& hmi_so_factory(); mobile_apis::MOBILE_API& mobile_so_factory(); void CheckSourceForUnsupportedRequest( @@ -143,6 +158,7 @@ class RPCServiceImpl : public RPCService, request_controller::RequestController& request_ctrl_; protocol_handler::ProtocolHandler* protocol_handler_; hmi_message_handler::HMIMessageHandler* hmi_handler_; + RPCProtectionManagerSPtr rpc_protection_manager_; CommandHolder& commands_holder_; // Thread that pumps messages being passed to mobile side. impl::ToMobileQueue messages_to_mobile_; diff --git a/src/components/application_manager/include/application_manager/smart_object_keys.h b/src/components/application_manager/include/application_manager/smart_object_keys.h index 1831d8cb4d..1d13417fa1 100644 --- a/src/components/application_manager/include/application_manager/smart_object_keys.h +++ b/src/components/application_manager/include/application_manager/smart_object_keys.h @@ -38,6 +38,8 @@ namespace application_manager { namespace strings { extern const char* params; +extern const char* require_encryption; +extern const char* protection; extern const char* message_type; extern const char* correlation_id; extern const char* function_id; |