}
}
-int InternalEncryptionClient::mount()
+int InternalEncryptionClient::mount(const std::vector<unsigned char> &mk, unsigned int options)
{
try {
- return context->methodCall<int>("InternalEncryptionServer::mount");
+ return context->methodCall<int>("InternalEncryptionServer::mount", mk, options);
} catch (runtime::Exception& e) {
return error::Unknown;
}
#define __INTERNAL_ENCRYPTION_CLIENT_H__
#include <string>
+#include <vector>
#include "rmi/internal-encryption.h"
#include "client.h"
int setMountPassword(const std::string& password);
- int mount();
+ int mount(const std::vector<unsigned char> &mk, unsigned int options);
int umount();
int encrypt(const std::string& password, unsigned int options);
RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
InternalEncryptionClient internal = client.createInterface<InternalEncryptionClient>();
- return toApiError(internal.mount());
+ return toApiError(internal.mount(std::vector<unsigned char>(), 0));
+}
+
+int ode_internal_encryption_mount_ex(const unsigned char *mk, unsigned int options)
+{
+ size_t key_len = options == 0 ? 32 : 64;
+ std::vector<unsigned char> key(mk, mk + key_len);
+ ClientContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryptionClient internal = client.createInterface<InternalEncryptionClient>();
+
+ return toApiError(internal.mount(key, options));
}
int ode_internal_encryption_umount()
ODE_API int ode_internal_encryption_mount();
/**
+ * @brief Mount internal storage with encryption
+ * @details Administrator can use this API to mount encrypted internal
+ * storage.
+ * @since_tizen 4.0
+ * @param[in] mk Master key used to mount internal storage
+ * @param[in] options Mount options
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_NO_SUCH_DEVICE Internal storage is not encrypted
+ * @retval #ODE_ERROR_NO_DATA Password isn't set
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @retval #ODE_ERROR_CONNECTION_REFUSED Connection to the server failed
+ * @retval #ODE_ERROR_UNKNOWN Unknown error
+ * @see ode_internal_encryption_umount()
+ */
+
+ODE_API int ode_internal_encryption_mount_ex(const unsigned char *mk, int option);
+
+/**
* @brief Umount internal storage
* @details Administrator can use this API to unmount internal storage.
* @since_tizen 4.0
* @retval #ODE_ERROR_UNKNOWN Unknown error
*/
ODE_API int ode_internal_encryption_get_device_path(char** device);
-
/*
* @}
*/
#define __INTERNAL_ENCRYPTION_H__
#include <string>
+#include <vector>
namespace ode {
virtual int setMountPassword(const std::string& password) = 0;
- virtual int mount() = 0;
+ virtual int mount(const std::vector<unsigned char>& mk, unsigned int options) = 0;
virtual int umount() = 0;
virtual int encrypt(const std::string& password, unsigned int options) = 0;
keyServer(key)
{
server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::setMountPassword)(std::string));
- server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::mount)());
+ server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::mount)(std::vector<unsigned char>, unsigned int));
server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::umount)());
server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::encrypt)(std::string, unsigned int));
server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::decrypt)(std::string));
return keyServer.get(engine->getSource(), password, mountKey);
}
-int InternalEncryptionServer::mount()
+int InternalEncryptionServer::mount(const std::vector<unsigned char> &mk, unsigned int options)
{
- if (mountKey.empty()) {
- ERROR(SINK, "You need to call set_mount_password() first.");
+ if (mountKey.empty() && mk.empty()) {
+ ERROR(SINK, "You need to set master key first.");
return error::NoData;
}
- BinaryData key = mountKey;
+ BinaryData key = mk.empty() ? mountKey : mk;
mountKey.clear();
if (getState() != State::Encrypted) {
int setMountPassword(const std::string& password);
- int mount();
+ int mount(const std::vector<unsigned char> &mk, unsigned int options);
int umount();
int encrypt(const std::string& password, unsigned int options);