#include <klay/file-user.h>
#include <klay/filesystem.h>
#include <klay/audit/logger.h>
+#include <klay/dbus/variant.h>
+#include <klay/dbus/connection.h>
+#include "vconf.h"
#include "launchpad.h"
#include "app-bundle.h"
+#include "progress-bar.h"
#include "engine/ecryptfs-engine.h"
#include "key-manager/key-manager.h"
-#include <klay/dbus/variant.h>
-#include <klay/dbus/connection.h>
#include "rmi/external-encryption.h"
-#include "progress-bar.h"
-#include "progress-vconf-backend.h"
-#define EXTERNAL_STORAGE_PATH "/opt/media/SDCardA1"
-#define DEFAULT_USER "owner"
+#define EXTERNAL_ENGINE EcryptfsEngine
+#define EXTERNAL_PATH "/opt/media/SDCardA1"
#define EXTERNAL_STATE_VCONF_KEY VCONFKEY_SDE_CRYPTO_STATE
#define EXTERNAL_OPTION_ONLY_NEW_FILE_VCONF_KEY VCONFKEY_SDE_ENCRYPT_NEWFILE
#define EXTERNAL_OPTION_EXCEPT_FOR_MEDIA_FILE_VCONF_KEY VCONFKEY_SDE_EXCLUDE_MEDIAFILE
+#define PRIVILEGE_PLATFORM "http://tizen.org/privilege/internal/default/platform"
+
namespace ode {
namespace {
-VConfBackend vconfBackend(VCONFKEY_SDE_ENCRYPT_PROGRESS);
-ProgressBar progressBar(std::bind(&VConfBackend::update, &vconfBackend, std::placeholders::_1));
-
-EcryptfsEngine engine(EXTERNAL_STORAGE_PATH, EXTERNAL_STORAGE_PATH, progressBar);
+std::unique_ptr<EXTERNAL_ENGINE> engine;
void killDependedApplications()
{
- for (pid_t pid : runtime::FileUser::getList(EXTERNAL_STORAGE_PATH, true)) {
+ for (pid_t pid : runtime::FileUser::getList(EXTERNAL_PATH, true)) {
INFO("Close process - " + std::to_string(pid));
::kill(pid, SIGKILL);
}
ExternalEncryption::ExternalEncryption(ODEControlContext &ctx) :
context(ctx)
{
- context.registerParametricMethod(this, "", (int)(ExternalEncryption::mount)(std::string));
- context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::umount));
- context.registerParametricMethod(this, "", (int)(ExternalEncryption::encrypt)(std::string, unsigned int));
- context.registerParametricMethod(this, "", (int)(ExternalEncryption::decrypt)(std::string));
- context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::isPasswordInitialized));
- context.registerParametricMethod(this, "", (int)(ExternalEncryption::initPassword)(std::string));
- context.registerParametricMethod(this, "", (int)(ExternalEncryption::cleanPassword)(std::string));
- context.registerParametricMethod(this, "", (int)(ExternalEncryption::changePassword)(std::string, std::string));
- context.registerParametricMethod(this, "", (int)(ExternalEncryption::verifyPassword)(std::string));
- context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::getState));
- context.registerNonparametricMethod(this, "", (unsigned int)(ExternalEncryption::getSupportedOptions));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::mount)(std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::umount)());
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::encrypt)(std::string, unsigned int));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::decrypt)(std::string));
+ context.expose(this, "", (int)(ExternalEncryption::isPasswordInitialized)());
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::initPassword)(std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::cleanPassword)(std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::changePassword)(std::string, std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::verifyPassword)(std::string));
+ context.expose(this, "", (int)(ExternalEncryption::getState)());
+ context.expose(this, "", (unsigned int)(ExternalEncryption::getSupportedOptions)());
+
+ engine.reset(new EXTERNAL_ENGINE(
+ EXTERNAL_PATH, EXTERNAL_PATH,
+ ProgressBar([](int v) {
+ ::vconf_set_str(VCONFKEY_SDE_ENCRYPT_PROGRESS,
+ std::to_string(v).c_str());
+ })
+ ));
externalAddEventReceiver();
}
}
KeyManager::data data(password.begin(), password.end());
- KeyManager keyManager(engine.getKeyMeta());
+ KeyManager keyManager(engine->getKeyMeta());
if (!keyManager.verifyPassword(data)) {
return -2;
}
- engine.mount(keyManager.getMasterKey(data), getOptions());
+ engine->mount(keyManager.getMasterKey(data), getOptions());
return 0;
}
INFO("Close all applications using external storage...");
killDependedApplications();
- INFO("Umount internal storage...");
- engine.umount();
+ INFO("Umount external storage...");
+ engine->umount();
return 0;
}
}
KeyManager::data pwData(password.begin(), password.end());
- KeyManager keyManager(engine.getKeyMeta());
+ KeyManager keyManager(engine->getKeyMeta());
if (!keyManager.verifyPassword(pwData)) {
return -2;
}
KeyManager::data MasterKey = keyManager.getMasterKey(pwData);
- auto encryptWorker = [&MasterKey, options, this]() {
- INFO("Close all applications using external storage...");
- killDependedApplications();
- INFO("Encryption started...");
- ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "error_partially_encrypted");
- engine.encrypt(MasterKey, options);
- setOptions(options & getSupportedOptions());
- INFO("Sync disk...");
- sync();
- INFO("Encryption completed");
- ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "encrypted");
+ auto encryptWorker = [MasterKey, options, this]() {
+ try {
+ INFO("Close all applications using external storage...");
+ killDependedApplications();
+ INFO("Encryption started...");
+ ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "error_partially_encrypted");
+ engine->encrypt(MasterKey, options);
+ setOptions(options & getSupportedOptions());
+ INFO("Sync disk...");
+ sync();
+ INFO("Encryption completed");
+ ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "encrypted");
+ } catch (runtime::Exception &e) {
+ ERROR("Encryption failed - " + std::string(e.what()));
+ }
};
std::thread asyncWork(encryptWorker);
}
KeyManager::data pwData(password.begin(), password.end());
- KeyManager keyManager(engine.getKeyMeta());
+ KeyManager keyManager(engine->getKeyMeta());
if (!keyManager.verifyPassword(pwData)) {
return -2;
KeyManager::data MasterKey = keyManager.getMasterKey(pwData);
auto decryptWorker = [MasterKey, this]() {
- INFO("Close all applications using external storage...");
- killDependedApplications();
- INFO("Umount internal storage...");
try {
- engine.umount();
- } catch (runtime::Exception &e) {}
-
- INFO("Decryption started...");
- ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "error_partially_encrypted");
- engine.decrypt(MasterKey, getOptions());
- INFO("Sync disk...");
- sync();
- INFO("Decryption completed");
- ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "unencrypted");
+ INFO("Close all applications using external storage...");
+ killDependedApplications();
+ INFO("Umount external storage...");
+ while (1) {
+ try {
+ engine->umount();
+ break;
+ } catch (runtime::Exception &e) {
+ killDependedApplications();
+ }
+ }
+
+ INFO("Decryption started...");
+ ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "error_partially_encrypted");
+ engine->decrypt(MasterKey, getOptions());
+ INFO("Sync disk...");
+ sync();
+ INFO("Decryption completed");
+ ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "unencrypted");
+ } catch (runtime::Exception &e) {
+ ERROR("Decryption failed - " + std::string(e.what()));
+ }
};
std::thread asyncWork(decryptWorker);
int ExternalEncryption::isPasswordInitialized()
{
- if (engine.isKeyMetaSet()) {
+ if (engine->isKeyMetaSet()) {
return 1;
}
return 0;
KeyManager keyManager;
keyManager.initPassword(pwData);
- engine.setKeyMeta(keyManager.serialize());
+ engine->setKeyMeta(keyManager.serialize());
return 0;
}
int ExternalEncryption::cleanPassword(const std::string& password)
{
KeyManager::data pwData(password.begin(), password.end());
- KeyManager keyManager(engine.getKeyMeta());
+ KeyManager keyManager(engine->getKeyMeta());
if (!keyManager.verifyPassword(pwData)) {
return -2;
}
- engine.clearKeyMeta();
+ engine->clearKeyMeta();
return 0;
}
{
KeyManager::data oldPwData(oldPassword.begin(), oldPassword.end());
KeyManager::data newPwData(newPassword.begin(), newPassword.end());
- KeyManager keyManager(engine.getKeyMeta());
+ KeyManager keyManager(engine->getKeyMeta());
if (!keyManager.verifyPassword(oldPwData)) {
return -2;
}
keyManager.changePassword(oldPwData, newPwData);
- engine.setKeyMeta(keyManager.serialize());
+ engine->setKeyMeta(keyManager.serialize());
return 0;
}
int ExternalEncryption::verifyPassword(const std::string& password)
{
KeyManager::data pwData(password.begin(), password.end());
- KeyManager keyManager(engine.getKeyMeta());
+ KeyManager keyManager(engine->getKeyMeta());
if (keyManager.verifyPassword(pwData)) {
return 1;
return 0;
}
-
-
int ExternalEncryption::getState()
{
char *value = ::vconf_get_str(EXTERNAL_STATE_VCONF_KEY);
unsigned int ExternalEncryption::getSupportedOptions()
{
- return engine.getSupportedOptions();
+ return engine->getSupportedOptions();
}
} // namespace ode
projects / platform / core / security / ode.git / blobdiff