Add ode_internal_encryption_mount_ex API

Change-Id: I66143553b9c0b23a3989abb679e8e67f3556c7aa
Signed-off-by: Jaemin Ryu <jm77.ryu@samsung.com>

diff --git a/lib/internal-encryption.cpp b/lib/internal-encryption.cpp
index 123c8f3dd6306186cc1f16b6f9bf49deeaf51188..0ea54f06577172bc05d457f96028ed597e905e2f 100644 (file)
--- a/lib/internal-encryption.cpp
+++ b/lib/internal-encryption.cpp
@@ -36,10 +36,10 @@ int InternalEncryptionClient::setMountPassword(const std::string& password)
        }
 }
 
-int InternalEncryptionClient::mount()
+int InternalEncryptionClient::mount(const std::vector<unsigned char> &mk, unsigned int options)
 {
        try {
-               return context->methodCall<int>("InternalEncryptionServer::mount");
+               return context->methodCall<int>("InternalEncryptionServer::mount", mk, options);
        } catch (runtime::Exception& e) {
                return error::Unknown;
        }

diff --git a/lib/internal-encryption.h b/lib/internal-encryption.h
index 882a464a9edb99d49669b6f3c3871d39f72f8c24..15b76db3af1dbd14239f02da9bb788eeedd3d59d 100644 (file)
--- a/lib/internal-encryption.h
+++ b/lib/internal-encryption.h
@@ -18,6 +18,7 @@
 #define __INTERNAL_ENCRYPTION_CLIENT_H__
 
 #include <string>
+#include <vector>
 
 #include "rmi/internal-encryption.h"
 #include "client.h"
@@ -31,7 +32,7 @@ public:
 
        int setMountPassword(const std::string& password);
 
-       int mount();
+       int mount(const std::vector<unsigned char> &mk, unsigned int options);
        int umount();
 
        int encrypt(const std::string& password, unsigned int options);

diff --git a/lib/ode/internal-encryption.cpp b/lib/ode/internal-encryption.cpp
index 4935d073dca71ff282cd0c22c87e23e4e3b4fa50..d8b4d559d8e58d65b8bf6d3d0a72340e307ace94 100644 (file)
--- a/lib/ode/internal-encryption.cpp
+++ b/lib/ode/internal-encryption.cpp
@@ -43,7 +43,18 @@ int ode_internal_encryption_mount()
        RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
        InternalEncryptionClient internal = client.createInterface<InternalEncryptionClient>();
 
-       return toApiError(internal.mount());
+       return toApiError(internal.mount(std::vector<unsigned char>(), 0));
+}
+
+int ode_internal_encryption_mount_ex(const unsigned char *mk, unsigned int options)
+{
+       size_t key_len = options == 0 ? 32 : 64;
+       std::vector<unsigned char> key(mk, mk + key_len);
+       ClientContext client;
+       RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+       InternalEncryptionClient internal = client.createInterface<InternalEncryptionClient>();
+
+       return toApiError(internal.mount(key, options));
 }
 
 int ode_internal_encryption_umount()

diff --git a/lib/ode/internal-encryption.h b/lib/ode/internal-encryption.h
index c55f531328ab9ce30012c8b1fc9873fc21db6eaf..951cd99459a69701e659382ae12adf116320ba05 100644 (file)
--- a/lib/ode/internal-encryption.h
+++ b/lib/ode/internal-encryption.h
@@ -70,6 +70,26 @@ ODE_API int ode_internal_encryption_set_mount_password(const char* password);
  */
 ODE_API int ode_internal_encryption_mount();
 
+/**
+ * @brief       Mount internal storage with encryption
+ * @details     Administrator can use this API to mount encrypted internal
+ *              storage.
+ * @since_tizen 4.0
+ * @param[in]   mk Master key used to mount internal storage
+ * @param[in]   options Mount options
+ * @return      #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval      #ODE_ERROR_NONE Successful
+ * @retval      #ODE_ERROR_NO_SUCH_DEVICE Internal storage is not encrypted
+ * @retval      #ODE_ERROR_NO_DATA Password isn't set
+ * @retval      #ODE_ERROR_PERMISSION_DENIED The application does not have
+ *              the privilege to call this API
+ * @retval      #ODE_ERROR_CONNECTION_REFUSED Connection to the server failed
+ * @retval      #ODE_ERROR_UNKNOWN Unknown error
+ * @see         ode_internal_encryption_umount()
+ */
+
+ODE_API int ode_internal_encryption_mount_ex(const unsigned char *mk, int option);
+
 /**
  * @brief       Umount internal storage
  * @details     Administrator can use this API to unmount internal storage.
@@ -330,7 +350,6 @@ ODE_API int ode_internal_encryption_unset_mount_event_cb();
  * @retval      #ODE_ERROR_UNKNOWN Unknown error
  */
 ODE_API int ode_internal_encryption_get_device_path(char** device);
-
 /*
  * @}
  */

diff --git a/rmi/internal-encryption.h b/rmi/internal-encryption.h
index c20f7f9db870d6d60fbd1e7d44fcf5a47f300666..1260214f9f8d1aa3b55666f5bb6d2f4c88640d36 100644 (file)
--- a/rmi/internal-encryption.h
+++ b/rmi/internal-encryption.h
@@ -18,6 +18,7 @@
 #define __INTERNAL_ENCRYPTION_H__
 
 #include <string>
+#include <vector>
 
 namespace ode {
 
@@ -31,7 +32,7 @@ public:
 
        virtual int setMountPassword(const std::string& password) = 0;
 
-       virtual int mount() = 0;
+       virtual int mount(const std::vector<unsigned char>& mk, unsigned int options) = 0;
        virtual int umount() = 0;
 
        virtual int encrypt(const std::string& password, unsigned int options) = 0;

diff --git a/server/internal-encryption.cpp b/server/internal-encryption.cpp
index 0c310f02c47cdfa181136b8ea4a8d6d92855f255..f0df17f04e980a2242836dc0e7b8d883d127dff1 100644 (file)
--- a/server/internal-encryption.cpp
+++ b/server/internal-encryption.cpp
@@ -310,7 +310,7 @@ InternalEncryptionServer::InternalEncryptionServer(ServerContext& srv,
        keyServer(key)
 {
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::setMountPassword)(std::string));
-       server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::mount)());
+       server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::mount)(std::vector<unsigned char>, unsigned int));
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::umount)());
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::encrypt)(std::string, unsigned int));
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::decrypt)(std::string));
@@ -346,14 +346,14 @@ int InternalEncryptionServer::setMountPassword(const std::string& password)
        return keyServer.get(engine->getSource(), password, mountKey);
 }
 
-int InternalEncryptionServer::mount()
+int InternalEncryptionServer::mount(const std::vector<unsigned char> &mk, unsigned int options)
 {
-       if (mountKey.empty()) {
-               ERROR(SINK, "You need to call set_mount_password() first.");
+       if (mountKey.empty() && mk.empty()) {
+               ERROR(SINK, "You need to set master key first.");
                return error::NoData;
        }
 
-       BinaryData key = mountKey;
+       BinaryData key = mk.empty() ? mountKey : mk;
        mountKey.clear();
 
        if (getState() != State::Encrypted) {

diff --git a/server/internal-encryption.h b/server/internal-encryption.h
index f5e59efcaa723f5a189008eb3d98dade28e83f35..52d4f3555d358a3f85e8a2fcba3f911a93818ddd 100644 (file)
--- a/server/internal-encryption.h
+++ b/server/internal-encryption.h
@@ -36,7 +36,7 @@ public:
 
        int setMountPassword(const std::string& password);
 
-       int mount();
+       int mount(const std::vector<unsigned char> &mk, unsigned int options);
        int umount();
 
        int encrypt(const std::string& password, unsigned int options);