2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
16 * @file password-plugin.cpp
17 * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
20 #include <security-server-plugin-api.h>
22 #include <ckm/ckm-client-info.h>
23 #include <ckm/ckm-control.h>
24 #include <ckm/ckm-type.h>
27 SecurityServer::PasswordPlugin *create(void);
28 void destroy(SecurityServer::PasswordPlugin *obj);
31 namespace SecurityServer {
33 class KEY_MANAGER_API Plugin : public PasswordPlugin {
36 virtual int changeUserPassword(const std::string &zone, uid_t user, const std::string &oldPass, const std::string &newPass);
37 virtual int login(const std::string &zone, uid_t user, const std::string &password);
38 virtual int logout(const std::string &zone, uid_t user);
39 virtual int resetUserPassword(const std::string &zone, uid_t user, const std::string &newPass);
40 virtual int removeUserData(const std::string &zone, uid_t user);
43 CKM::ClientInfo getClientInfo(const std::string &zone, uid_t user);
46 CKM::ClientInfo Plugin::getClientInfo(const std::string &zone, uid_t user)
48 return CKM::ClientInfo(zone, user);
51 int Plugin::changeUserPassword(
52 const std::string &zone,
54 const std::string &oldPass,
55 const std::string &newPass)
57 auto control = CKM::Control::create();
59 return SECURITY_SERVER_PLUGIN_FAIL;
61 CKM::Password oldPwd(oldPass.begin(), oldPass.end());
62 CKM::Password newPwd(newPass.begin(), newPass.end());
63 CKM::ClientInfo clientInfo = getClientInfo(zone, user);
65 // CKM does not allow to change user password if database does
66 // not exists. We must create database before change password.
67 if (CKM_API_SUCCESS != control->unlockUserKey(clientInfo, oldPwd))
68 return SECURITY_SERVER_PLUGIN_FAIL;
69 if (CKM_API_SUCCESS != control->changeUserPassword(clientInfo, oldPwd, newPwd))
70 return SECURITY_SERVER_PLUGIN_FAIL;
72 return SECURITY_SERVER_PLUGIN_SUCCESS;
76 const std::string &zone,
78 const std::string &password)
80 auto control = CKM::Control::create();
82 return SECURITY_SERVER_PLUGIN_FAIL;
84 CKM::Password pwd(password.begin(), password.end());
86 if (CKM_API_SUCCESS != control->unlockUserKey(getClientInfo(zone, user), pwd))
87 return SECURITY_SERVER_PLUGIN_FAIL;
89 return SECURITY_SERVER_PLUGIN_SUCCESS;
92 int Plugin::logout(const std::string &zone, uid_t user)
94 auto control = CKM::Control::create();
96 return SECURITY_SERVER_PLUGIN_FAIL;
98 if (CKM_API_SUCCESS != control->lockUserKey(getClientInfo(zone, user)))
99 return SECURITY_SERVER_PLUGIN_FAIL;
101 return SECURITY_SERVER_PLUGIN_SUCCESS;
104 int Plugin::resetUserPassword(
105 const std::string &zone,
107 const std::string &newPass)
109 auto control = CKM::Control::create();
111 return SECURITY_SERVER_PLUGIN_FAIL;
113 CKM::Password pwd(newPass.begin(), newPass.end());
115 if (CKM_API_SUCCESS != control->resetUserPassword(getClientInfo(zone, user), pwd))
116 return SECURITY_SERVER_PLUGIN_FAIL;
118 return SECURITY_SERVER_PLUGIN_SUCCESS;
121 int Plugin::removeUserData(const std::string &zone, uid_t user)
123 auto control = CKM::Control::create();
125 return SECURITY_SERVER_PLUGIN_FAIL;
127 if (CKM_API_SUCCESS != control->removeUserData(getClientInfo(zone, user)))
128 return SECURITY_SERVER_PLUGIN_FAIL;
130 return SECURITY_SERVER_PLUGIN_SUCCESS;
133 } // namespace SecurityServer
136 SecurityServer::PasswordPlugin* create(void) {
137 return new SecurityServer::Plugin;
141 void destroy(SecurityServer::PasswordPlugin *obj) {