2 * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 #include <sys/mount.h>
20 #include <tzplatform_config.h>
21 #include <klay/file-user.h>
22 #include <klay/filesystem.h>
23 #include <klay/audit/logger.h>
25 #include "launchpad.h"
26 #include "app-bundle.h"
27 #include "engine/ecryptfs-engine.h"
28 #include "key-manager/key-manager.h"
29 #include <klay/dbus/variant.h>
30 #include <klay/dbus/connection.h>
32 #include "rmi/external-encryption.h"
34 #define EXTERNAL_STORAGE_PATH "/opt/media/SDCardA1"
35 #define DEFAULT_USER "owner"
41 KeyManager keyManager(EXTERNAL_STORAGE_PATH);
42 EcryptfsEngine engine(EXTERNAL_STORAGE_PATH, EXTERNAL_STORAGE_PATH);
44 void killDependedApplications()
46 for (pid_t pid : runtime::FileUser::getList(EXTERNAL_STORAGE_PATH, true)) {
47 INFO("Close process - " + std::to_string(pid));
52 void showProgressUI(const std::string type) {
54 bundle.add("mode", "progress");
55 bundle.add("type", type);
56 bundle.add("target", "SD card encryption");
58 Launchpad launchpad(::tzplatform_getuid(TZ_SYS_DEFAULT_USER));
59 launchpad.launch("org.tizen.ode-gui", bundle);
62 void externalCallback(dbus::Variant parameters)
64 INFO("SD Card State Changed");
68 parameters.get("(issssssisibii)",
69 &intparams[0], // block type: 0 - scsi, 1 : mmc
70 &strparams[0], // devnode
71 &strparams[1], // syspath
72 &strparams[2], // usage
73 &strparams[3], // fs type
74 &strparams[4], // fs version
75 &strparams[5], // fs uuid enc
76 &intparams[1], // readonly: 0 - rw, 1 - ro
77 &strparams[6], // mount point
78 &intparams[2], // state: 0 - unmount, 1 - mount
79 &intparams[3], // primary: 0 - flase, 1 - true
80 &intparams[4], // flags: 1 - unmounted 2 - broken filesystem 4 - no filesystem 8 - not supported 16 - readonly
81 &intparams[5]); // strage id
82 if(intparams[2] == 0) {
89 std::string pw = "tizen";
90 KeyManager::data pwData(pw.begin(), pw.end());
91 engine.mount(keyManager.getDEK(pwData));
95 void externalAddEventReceiver()
97 dbus::Connection &systemDBus = dbus::Connection::getSystem();
98 dbus::Connection::SubscriptionId id;
100 id = systemDBus.subscribeSignal("",
101 "org.tizen.system.storage.BlockManager",
103 "/Org/Tizen/System/Storage/Block/Manager",
105 INFO("Event ID: " + std::to_string(id));
108 void externalCheckMount()
110 INFO("EcryptfsEncrypt");
111 if (!engine.isMountpointMounted(EXTERNAL_STORAGE_PATH)) {
112 INFO("SD Card not inserted!");
115 INFO("SD Card inserted!");
116 if (engine.checkEncryptMetaData(ORIG_META_FILE_PATH) == 0) {
117 INFO("SD Card encrypted!");
118 if (engine.isEcryptfsMountpointMounted(EXTERNAL_STORAGE_PATH) == 0) {
119 INFO("Already Ecryptfs Mounted");
122 std::string pw = "tizen";
123 KeyManager::data pwData(pw.begin(), pw.end());
124 engine.mount(keyManager.getDEK(pwData));
128 INFO("SD Card not encrypted!");
135 ExternalEncryption::ExternalEncryption(ODEControlContext& ctx) :
138 context.registerParametricMethod(this, "", (int)(ExternalEncryption::mount)(std::string));
139 context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::umount));
140 context.registerParametricMethod(this, "", (int)(ExternalEncryption::encrypt)(std::string));
141 context.registerParametricMethod(this, "", (int)(ExternalEncryption::decrypt)(std::string));
142 context.registerParametricMethod(this, "", (int)(ExternalEncryption::changePassword)(std::string, std::string));
143 context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::getState));
145 externalAddEventReceiver();
146 externalCheckMount();
150 ExternalEncryption::~ExternalEncryption()
154 int ExternalEncryption::mount(const std::string& password)
156 bool isVerified = false;
157 KeyManager::data pwData(password.begin(), password.end());
160 isVerified = keyManager.verifyPassword(pwData);
161 } catch (runtime::Exception& e) {}
167 engine.mount(keyManager.getDEK(pwData));
171 int ExternalEncryption::umount()
173 INFO("Close all applications using external storage...");
174 killDependedApplications();
175 INFO("Umount internal storage...");
181 int ExternalEncryption::encrypt(const std::string& password)
183 KeyManager::data pwData(password.begin(), password.end());
185 if (keyManager.isInitialized()) {
186 bool isVerified = false;
188 isVerified = keyManager.verifyPassword(pwData);
189 } catch (runtime::Exception& e) {}
195 keyManager.initPassword(pwData);
198 KeyManager::data DEK = keyManager.getDEK(pwData);
199 auto encryptWorker = [DEK, this]() {
200 showProgressUI("Encrypting");
202 INFO("Close all applications using external storage...");
203 killDependedApplications();
204 INFO("Encryption started...");
206 INFO("Sync disk...");
208 INFO("Encryption completed");
211 std::thread asyncWork(encryptWorker);
217 int ExternalEncryption::decrypt(const std::string& password)
219 bool isVerified = false;
220 KeyManager::data pwData(password.begin(), password.end());
223 isVerified = keyManager.verifyPassword(pwData);
224 } catch (runtime::Exception& e) {}
230 KeyManager::data DEK = keyManager.getDEK(pwData);
231 auto decryptWorker = [DEK, this]() {
232 showProgressUI("Decrypting");
234 INFO("Close all applications using external storage...");
235 killDependedApplications();
236 INFO("Umount internal storage...");
239 } catch (runtime::Exception& e) {}
241 INFO("Decryption started...");
243 INFO("Sync disk...");
245 INFO("Decryption completed");
248 std::thread asyncWork(decryptWorker);
251 keyManager.clearPassword();
256 int ExternalEncryption::changePassword(const std::string& oldPassword,
257 const std::string& newPassword)
259 KeyManager::data oldPwData(oldPassword.begin(), oldPassword.end());
260 KeyManager::data newPwData(newPassword.begin(), oldPassword.end());
262 bool isVerified = false;
264 isVerified = keyManager.verifyPassword(newPwData);
265 } catch (runtime::Exception& e) {}
271 keyManager.changePassword(oldPwData, newPwData);
275 int ExternalEncryption::getState()