Add ode_internal_encryption_mount_ex API

Change-Id: I66143553b9c0b23a3989abb679e8e67f3556c7aa
Signed-off-by: Jaemin Ryu <jm77.ryu@samsung.com>

diff --git a/lib/internal-encryption.cpp b/lib/internal-encryption.cpp
index 123c8f3..0ea54f0 100644 (file)
--- a/lib/internal-encryption.cpp
+++ b/lib/internal-encryption.cpp
@@ -36,10 +36,10 @@ int InternalEncryptionClient::setMountPassword(const std::string& password)
        }
 }
 
-int InternalEncryptionClient::mount()
+int InternalEncryptionClient::mount(const std::vector<unsigned char> &mk, unsigned int options)
 {
        try {
-               return context->methodCall<int>("InternalEncryptionServer::mount");
+               return context->methodCall<int>("InternalEncryptionServer::mount", mk, options);
        } catch (runtime::Exception& e) {
                return error::Unknown;
        }

diff --git a/lib/internal-encryption.h b/lib/internal-encryption.h
index 882a464..15b76db 100644 (file)
--- a/lib/internal-encryption.h
+++ b/lib/internal-encryption.h
@@ -18,6 +18,7 @@
 #define __INTERNAL_ENCRYPTION_CLIENT_H__
 
 #include <string>
+#include <vector>
 
 #include "rmi/internal-encryption.h"
 #include "client.h"
@@ -31,7 +32,7 @@ public:
 
        int setMountPassword(const std::string& password);
 
-       int mount();
+       int mount(const std::vector<unsigned char> &mk, unsigned int options);
        int umount();
 
        int encrypt(const std::string& password, unsigned int options);

diff --git a/lib/ode/internal-encryption.cpp b/lib/ode/internal-encryption.cpp
index 4935d07..d8b4d55 100644 (file)
--- a/lib/ode/internal-encryption.cpp
+++ b/lib/ode/internal-encryption.cpp
@@ -43,7 +43,18 @@ int ode_internal_encryption_mount()
        RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
        InternalEncryptionClient internal = client.createInterface<InternalEncryptionClient>();
 
-       return toApiError(internal.mount());
+       return toApiError(internal.mount(std::vector<unsigned char>(), 0));
+}
+
+int ode_internal_encryption_mount_ex(const unsigned char *mk, unsigned int options)
+{
+       size_t key_len = options == 0 ? 32 : 64;
+       std::vector<unsigned char> key(mk, mk + key_len);
+       ClientContext client;
+       RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+       InternalEncryptionClient internal = client.createInterface<InternalEncryptionClient>();
+
+       return toApiError(internal.mount(key, options));
 }
 
 int ode_internal_encryption_umount()

diff --git a/lib/ode/internal-encryption.h b/lib/ode/internal-encryption.h
index c55f531..951cd99 100644 (file)
--- a/lib/ode/internal-encryption.h
+++ b/lib/ode/internal-encryption.h
@@ -71,6 +71,26 @@ ODE_API int ode_internal_encryption_set_mount_password(const char* password);
 ODE_API int ode_internal_encryption_mount();
 
 /**
+ * @brief       Mount internal storage with encryption
+ * @details     Administrator can use this API to mount encrypted internal
+ *              storage.
+ * @since_tizen 4.0
+ * @param[in]   mk Master key used to mount internal storage
+ * @param[in]   options Mount options
+ * @return      #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval      #ODE_ERROR_NONE Successful
+ * @retval      #ODE_ERROR_NO_SUCH_DEVICE Internal storage is not encrypted
+ * @retval      #ODE_ERROR_NO_DATA Password isn't set
+ * @retval      #ODE_ERROR_PERMISSION_DENIED The application does not have
+ *              the privilege to call this API
+ * @retval      #ODE_ERROR_CONNECTION_REFUSED Connection to the server failed
+ * @retval      #ODE_ERROR_UNKNOWN Unknown error
+ * @see         ode_internal_encryption_umount()
+ */
+
+ODE_API int ode_internal_encryption_mount_ex(const unsigned char *mk, int option);
+
+/**
  * @brief       Umount internal storage
  * @details     Administrator can use this API to unmount internal storage.
  * @since_tizen 4.0
@@ -330,7 +350,6 @@ ODE_API int ode_internal_encryption_unset_mount_event_cb();
  * @retval      #ODE_ERROR_UNKNOWN Unknown error
  */
 ODE_API int ode_internal_encryption_get_device_path(char** device);
-
 /*
  * @}
  */

diff --git a/rmi/internal-encryption.h b/rmi/internal-encryption.h
index c20f7f9..1260214 100644 (file)
--- a/rmi/internal-encryption.h
+++ b/rmi/internal-encryption.h
@@ -18,6 +18,7 @@
 #define __INTERNAL_ENCRYPTION_H__
 
 #include <string>
+#include <vector>
 
 namespace ode {
 
@@ -31,7 +32,7 @@ public:
 
        virtual int setMountPassword(const std::string& password) = 0;
 
-       virtual int mount() = 0;
+       virtual int mount(const std::vector<unsigned char>& mk, unsigned int options) = 0;
        virtual int umount() = 0;
 
        virtual int encrypt(const std::string& password, unsigned int options) = 0;

diff --git a/server/internal-encryption.cpp b/server/internal-encryption.cpp
index 0c310f0..f0df17f 100644 (file)
--- a/server/internal-encryption.cpp
+++ b/server/internal-encryption.cpp
@@ -310,7 +310,7 @@ InternalEncryptionServer::InternalEncryptionServer(ServerContext& srv,
        keyServer(key)
 {
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::setMountPassword)(std::string));
-       server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::mount)());
+       server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::mount)(std::vector<unsigned char>, unsigned int));
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::umount)());
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::encrypt)(std::string, unsigned int));
        server.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::decrypt)(std::string));
@@ -346,14 +346,14 @@ int InternalEncryptionServer::setMountPassword(const std::string& password)
        return keyServer.get(engine->getSource(), password, mountKey);
 }
 
-int InternalEncryptionServer::mount()
+int InternalEncryptionServer::mount(const std::vector<unsigned char> &mk, unsigned int options)
 {
-       if (mountKey.empty()) {
-               ERROR(SINK, "You need to call set_mount_password() first.");
+       if (mountKey.empty() && mk.empty()) {
+               ERROR(SINK, "You need to set master key first.");
                return error::NoData;
        }
 
-       BinaryData key = mountKey;
+       BinaryData key = mk.empty() ? mountKey : mk;
        mountKey.clear();
 
        if (getState() != State::Encrypted) {

diff --git a/server/internal-encryption.h b/server/internal-encryption.h
index f5e59ef..52d4f35 100644 (file)
--- a/server/internal-encryption.h
+++ b/server/internal-encryption.h
@@ -36,7 +36,7 @@ public:
 
        int setMountPassword(const std::string& password);
 
-       int mount();
+       int mount(const std::vector<unsigned char> &mk, unsigned int options);
        int umount();
 
        int encrypt(const std::string& password, unsigned int options);