* @file
* @brief CLI tool to encrypt/decrypt storage and secure erase
*/
+#include <unistd.h>
#include <getopt.h>
+#include <termios.h>
#include <string>
#include <vector>
#include <iostream>
-#include <klay/exception.h>
-#include <klay/filesystem.h>
+#include <ode/secure-erase.h>
+#include <ode/internal-encryption.h>
+#include <ode/external-encryption.h>
extern char** environ;
-static inline void usage(const std::string name)
+static inline int usage(const std::string name)
{
std::cout << "Usage: " << name << " [Option]" << std::endl
<< std::endl
<< "Options :" << std::endl
- << " -h, --help show this" << std::endl
+ << " -m, --mount=internal|external mount" << std::endl
+ << " -u, --umount=internal|external umount" << std::endl
+ << " -e, --encrypt=internal|external encrypt" << std::endl
+ << " -d, --decrypt=internal|external decrypt" << std::endl
+ << " -s, --state=internal|external get state" << std::endl
+ << " -r, --erase=FILE|DIRECTORY secure-erase" << std::endl
+ << " -c, --clean=DIRECTORY secure-clean" << std::endl
+ << " -h, --help show this" << std::endl
<< std::endl;
+
+ return -1;
+}
+
+static inline std::string getPassword() {
+ std::string password;
+
+ std::cout << "Password: ";
+
+ struct termios oldt;
+ tcgetattr(STDIN_FILENO, &oldt);
+
+ termios newt = oldt;
+ newt.c_lflag &= ~ECHO;
+ tcsetattr(STDIN_FILENO, TCSANOW, &newt);
+
+ std::cin >> password;
+
+ tcsetattr(STDIN_FILENO, TCSANOW, &oldt);
+ std::cout << std::endl;
+
+ return password;
+}
+
+static inline void printSelectableStorage()
+{
+ std::cerr << "Just choose one among followings :" << std::endl
+ << "internal, external" << std::endl;
+}
+
+static inline int mount(const std::string name)
+{
+ int ret;
+
+ if (name == "internal") {
+ std::string password = getPassword();
+ ret = ode_internal_encryption_mount(password.c_str());
+ } else if (name == "external") {
+ std::string password = getPassword();
+ ret = ode_external_encryption_mount(password.c_str());
+ } else {
+ printSelectableStorage();
+ return -1;
+ }
+
+ if (ret != 0) {
+ std::cerr << "Error : " << ret <<std::endl;
+ }
+
+ return ret;
+}
+
+static inline int umount(const std::string name)
+{
+ int ret;
+
+ if (name == "internal") {
+ ret = ode_internal_encryption_umount();
+ } else if (name == "external") {
+ ret = ode_external_encryption_umount();
+ } else {
+ printSelectableStorage();
+ return -1;
+ }
+
+ if (ret != 0) {
+ std::cerr << "Error : " << ret <<std::endl;
+ }
+
+ return ret;
+}
+
+static inline int encrypt_storage(const std::string name)
+{
+ int ret;
+
+ if (name == "internal") {
+ std::string password = getPassword();
+ ret = ode_internal_encryption_encrypt(password.c_str());
+ } else if (name == "external") {
+ std::string password = getPassword();
+ ret = ode_external_encryption_encrypt(password.c_str());
+ } else {
+ printSelectableStorage();
+ return -1;
+ }
+
+ if (ret != 0) {
+ std::cerr << "Error : " << ret <<std::endl;
+ }
+
+ return ret;
+}
+
+static inline int decrypt_storage(const std::string name)
+{
+ int ret;
+
+ if (name == "internal") {
+ std::string password = getPassword();
+ ret = ode_internal_encryption_decrypt(password.c_str());
+ } else if (name == "external") {
+ std::string password = getPassword();
+ ret = ode_external_encryption_decrypt(password.c_str());
+ } else {
+ printSelectableStorage();
+ return -1;
+ }
+
+ if (ret != 0) {
+ std::cerr << "Error : " << ret <<std::endl;
+ }
+
+ return ret;
+}
+
+static inline int get_state(const std::string name)
+{
+ int ret, state;
+
+ if (name == "internal") {
+ ret = ode_internal_encryption_get_state(&state);
+ } else if (name == "external") {
+ ret = ode_external_encryption_get_state(&state);
+ } else {
+ printSelectableStorage();
+ return -1;
+ }
+
+ if (ret != 0) {
+ std::cerr << "Error : " << ret <<std::endl;
+ }
+
+ return ret;
+}
+
+static inline int erase(const std::string name)
+{
+ int ret;
+
+ ret = ode_secure_erase(name.c_str());
+ if (ret != 0) {
+ std::cerr << "Error : " << ret <<std::endl;
+ }
+
+ return ret;
+}
+
+static inline int clean(const std::string name)
+{
+ int ret;
+
+ ret = ode_secure_clean(name.c_str());
+ if (ret != 0) {
+ std::cerr << "Error : " << ret <<std::endl;
+ }
+
+ return ret;
}
int main(int argc, char* argv[])
struct option options[] = {
{"help", no_argument, 0, 'h'},
+ {"mount", required_argument, 0, 'm'},
+ {"umount", required_argument, 0, 'u'},
+ {"encrypt", required_argument, 0, 'e'},
+ {"decrypt", required_argument, 0, 'd'},
+ {"state", required_argument, 0, 's'},
+ {"erase", required_argument, 0, 'r'},
+ {"clean", required_argument, 0, 'c'},
{0, 0, 0, 0}
};
return EXIT_SUCCESS;
}
- while ((opt = getopt_long(argc, argv, "e:h", options, &index)) != -1) {
+ while ((opt = getopt_long(argc, argv, "m:u:e:d:s:r:c:h", options, &index)) != -1) {
switch (opt) {
- case 'h':
- usage(argv[0]);
+ case 'm':
+ ret = mount(optarg);
+ break;
+ case 'u':
+ ret = umount(optarg);
+ break;
+ case 'e':
+ ret = encrypt_storage(optarg);
+ break;
+ case 'd':
+ ret = decrypt_storage(optarg);
break;
+ case 's':
+ ret = get_state(optarg);
+ break;
+ case 'r':
+ ret = erase(optarg);
+ break;
+ case 'c':
+ ret = clean(optarg);
+ break;
+ case 'h':
default:
- usage(argv[0]);
- ret = -1;
+ ret = usage(argv[0]);
}
}