X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;ds=sidebyside;f=server%2Fexternal-encryption.cpp;h=79001d38e8d2a38ccb9a1c43dc805cbe4019177a;hb=0ff615c824a9e1db86efe5f430e34972185c79b4;hp=d476a3cbeac43f3c82da33c0be78889ac71a3ed2;hpb=bc915d2521bab1059f766d4361541944857785dd;p=platform%2Fcore%2Fsecurity%2Fode.git diff --git a/server/external-encryption.cpp b/server/external-encryption.cpp index d476a3c..79001d3 100644 --- a/server/external-encryption.cpp +++ b/server/external-encryption.cpp @@ -26,36 +26,35 @@ #include #include #include +#include +#include +#include "vconf.h" #include "launchpad.h" #include "app-bundle.h" +#include "progress-bar.h" #include "engine/ecryptfs-engine.h" #include "key-manager/key-manager.h" -#include -#include #include "rmi/external-encryption.h" -#include "progress-bar.h" -#include "progress-vconf-backend.h" -#define EXTERNAL_STORAGE_PATH "/opt/media/SDCardA1" -#define DEFAULT_USER "owner" +#define EXTERNAL_ENGINE EcryptfsEngine +#define EXTERNAL_PATH "/opt/media/SDCardA1" #define EXTERNAL_STATE_VCONF_KEY VCONFKEY_SDE_CRYPTO_STATE #define EXTERNAL_OPTION_ONLY_NEW_FILE_VCONF_KEY VCONFKEY_SDE_ENCRYPT_NEWFILE #define EXTERNAL_OPTION_EXCEPT_FOR_MEDIA_FILE_VCONF_KEY VCONFKEY_SDE_EXCLUDE_MEDIAFILE +#define PRIVILEGE_PLATFORM "http://tizen.org/privilege/internal/default/platform" + namespace ode { namespace { -VConfBackend vconfBackend(VCONFKEY_SDE_ENCRYPT_PROGRESS); -ProgressBar progressBar(std::bind(&VConfBackend::update, &vconfBackend, std::placeholders::_1)); - -EcryptfsEngine engine(EXTERNAL_STORAGE_PATH, EXTERNAL_STORAGE_PATH, progressBar); +std::unique_ptr engine; void killDependedApplications() { - for (pid_t pid : runtime::FileUser::getList(EXTERNAL_STORAGE_PATH, true)) { + for (pid_t pid : runtime::FileUser::getList(EXTERNAL_PATH, true)) { INFO("Close process - " + std::to_string(pid)); ::kill(pid, SIGKILL); } @@ -160,17 +159,25 @@ void setOptions(unsigned int options) ExternalEncryption::ExternalEncryption(ODEControlContext &ctx) : context(ctx) { - context.registerParametricMethod(this, "", (int)(ExternalEncryption::mount)(std::string)); - context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::umount)); - context.registerParametricMethod(this, "", (int)(ExternalEncryption::encrypt)(std::string, unsigned int)); - context.registerParametricMethod(this, "", (int)(ExternalEncryption::decrypt)(std::string)); - context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::isPasswordInitialized)); - context.registerParametricMethod(this, "", (int)(ExternalEncryption::initPassword)(std::string)); - context.registerParametricMethod(this, "", (int)(ExternalEncryption::cleanPassword)(std::string)); - context.registerParametricMethod(this, "", (int)(ExternalEncryption::changePassword)(std::string, std::string)); - context.registerParametricMethod(this, "", (int)(ExternalEncryption::verifyPassword)(std::string)); - context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::getState)); - context.registerNonparametricMethod(this, "", (unsigned int)(ExternalEncryption::getSupportedOptions)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::mount)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::umount)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::encrypt)(std::string, unsigned int)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::decrypt)(std::string)); + context.expose(this, "", (int)(ExternalEncryption::isPasswordInitialized)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::initPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::cleanPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::changePassword)(std::string, std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::verifyPassword)(std::string)); + context.expose(this, "", (int)(ExternalEncryption::getState)()); + context.expose(this, "", (unsigned int)(ExternalEncryption::getSupportedOptions)()); + + engine.reset(new EXTERNAL_ENGINE( + EXTERNAL_PATH, EXTERNAL_PATH, + ProgressBar([](int v) { + ::vconf_set_str(VCONFKEY_SDE_ENCRYPT_PROGRESS, + std::to_string(v).c_str()); + }) + )); externalAddEventReceiver(); } @@ -186,13 +193,13 @@ int ExternalEncryption::mount(const std::string &password) } KeyManager::data data(password.begin(), password.end()); - KeyManager keyManager(engine.getKeyMeta()); + KeyManager keyManager(engine->getKeyMeta()); if (!keyManager.verifyPassword(data)) { return -2; } - engine.mount(keyManager.getMasterKey(data), getOptions()); + engine->mount(keyManager.getMasterKey(data), getOptions()); return 0; } @@ -204,8 +211,8 @@ int ExternalEncryption::umount() INFO("Close all applications using external storage..."); killDependedApplications(); - INFO("Umount internal storage..."); - engine.umount(); + INFO("Umount external storage..."); + engine->umount(); return 0; } @@ -217,24 +224,28 @@ int ExternalEncryption::encrypt(const std::string &password, unsigned int option } KeyManager::data pwData(password.begin(), password.end()); - KeyManager keyManager(engine.getKeyMeta()); + KeyManager keyManager(engine->getKeyMeta()); if (!keyManager.verifyPassword(pwData)) { return -2; } KeyManager::data MasterKey = keyManager.getMasterKey(pwData); - auto encryptWorker = [&MasterKey, options, this]() { - INFO("Close all applications using external storage..."); - killDependedApplications(); - INFO("Encryption started..."); - ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "error_partially_encrypted"); - engine.encrypt(MasterKey, options); - setOptions(options & getSupportedOptions()); - INFO("Sync disk..."); - sync(); - INFO("Encryption completed"); - ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "encrypted"); + auto encryptWorker = [MasterKey, options, this]() { + try { + INFO("Close all applications using external storage..."); + killDependedApplications(); + INFO("Encryption started..."); + ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "error_partially_encrypted"); + engine->encrypt(MasterKey, options); + setOptions(options & getSupportedOptions()); + INFO("Sync disk..."); + sync(); + INFO("Encryption completed"); + ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "encrypted"); + } catch (runtime::Exception &e) { + ERROR("Encryption failed - " + std::string(e.what())); + } }; std::thread asyncWork(encryptWorker); @@ -250,7 +261,7 @@ int ExternalEncryption::decrypt(const std::string &password) } KeyManager::data pwData(password.begin(), password.end()); - KeyManager keyManager(engine.getKeyMeta()); + KeyManager keyManager(engine->getKeyMeta()); if (!keyManager.verifyPassword(pwData)) { return -2; @@ -258,20 +269,29 @@ int ExternalEncryption::decrypt(const std::string &password) KeyManager::data MasterKey = keyManager.getMasterKey(pwData); auto decryptWorker = [MasterKey, this]() { - INFO("Close all applications using external storage..."); - killDependedApplications(); - INFO("Umount internal storage..."); try { - engine.umount(); - } catch (runtime::Exception &e) {} - - INFO("Decryption started..."); - ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "error_partially_encrypted"); - engine.decrypt(MasterKey, getOptions()); - INFO("Sync disk..."); - sync(); - INFO("Decryption completed"); - ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "unencrypted"); + INFO("Close all applications using external storage..."); + killDependedApplications(); + INFO("Umount external storage..."); + while (1) { + try { + engine->umount(); + break; + } catch (runtime::Exception &e) { + killDependedApplications(); + } + } + + INFO("Decryption started..."); + ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "error_partially_encrypted"); + engine->decrypt(MasterKey, getOptions()); + INFO("Sync disk..."); + sync(); + INFO("Decryption completed"); + ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "unencrypted"); + } catch (runtime::Exception &e) { + ERROR("Decryption failed - " + std::string(e.what())); + } }; std::thread asyncWork(decryptWorker); @@ -282,7 +302,7 @@ int ExternalEncryption::decrypt(const std::string &password) int ExternalEncryption::isPasswordInitialized() { - if (engine.isKeyMetaSet()) { + if (engine->isKeyMetaSet()) { return 1; } return 0; @@ -294,20 +314,20 @@ int ExternalEncryption::initPassword(const std::string& password) KeyManager keyManager; keyManager.initPassword(pwData); - engine.setKeyMeta(keyManager.serialize()); + engine->setKeyMeta(keyManager.serialize()); return 0; } int ExternalEncryption::cleanPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); - KeyManager keyManager(engine.getKeyMeta()); + KeyManager keyManager(engine->getKeyMeta()); if (!keyManager.verifyPassword(pwData)) { return -2; } - engine.clearKeyMeta(); + engine->clearKeyMeta(); return 0; } @@ -316,14 +336,14 @@ int ExternalEncryption::changePassword(const std::string &oldPassword, { KeyManager::data oldPwData(oldPassword.begin(), oldPassword.end()); KeyManager::data newPwData(newPassword.begin(), newPassword.end()); - KeyManager keyManager(engine.getKeyMeta()); + KeyManager keyManager(engine->getKeyMeta()); if (!keyManager.verifyPassword(oldPwData)) { return -2; } keyManager.changePassword(oldPwData, newPwData); - engine.setKeyMeta(keyManager.serialize()); + engine->setKeyMeta(keyManager.serialize()); return 0; } @@ -331,7 +351,7 @@ int ExternalEncryption::changePassword(const std::string &oldPassword, int ExternalEncryption::verifyPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); - KeyManager keyManager(engine.getKeyMeta()); + KeyManager keyManager(engine->getKeyMeta()); if (keyManager.verifyPassword(pwData)) { return 1; @@ -339,8 +359,6 @@ int ExternalEncryption::verifyPassword(const std::string& password) return 0; } - - int ExternalEncryption::getState() { char *value = ::vconf_get_str(EXTERNAL_STATE_VCONF_KEY); @@ -364,7 +382,7 @@ int ExternalEncryption::getState() unsigned int ExternalEncryption::getSupportedOptions() { - return engine.getSupportedOptions(); + return engine->getSupportedOptions(); } } // namespace ode