masterKey = KeyGenerator::RNG(KEY_SIZE.at(params));
EncryptedKey ek(masterKey, password);
+
+ std::lock_guard<std::mutex> lock(footerLock);
FileFooter::write(dev, ek.serialize());
return error::None;
int KeyServer::remove(const std::string& dev, const std::string& password)
{
- int ret = verifyPassword(dev, password);
- if (ret != error::None) {
- if (ret == error::WrongPassword)
- ERROR(SINK, "Wrong password passed.");
+ if (dev.empty() || password.empty())
+ return error::InvalidParameter;
+
+ std::lock_guard<std::mutex> lock(footerLock);
+ BinaryData key;
+ int ret = internalGet(dev, password, key);
+ if (ret != error::None)
return ret;
- }
FileFooter::clear(dev);
return error::None;
if (dev.empty() || curPassword.empty() || newPassword.empty())
return error::InvalidParameter;
+ std::lock_guard<std::mutex> lock(footerLock);
if (!FileFooter::exist(dev)) {
- ERROR(SINK, "Given device has no master key");
+ ERROR(SINK, "Given device has no master key.");
return error::NoSuchFile;
}
auto key = ek.decrypt(curPassword);
if (key.empty()) {
- ERROR(SINK, "Wrong password passed");
+ ERROR(SINK, "Wrong password passed.");
return error::WrongPassword;
}
+
ek.encrypt(key, newPassword);
FileFooter::write(dev, ek.serialize());
if (dev.empty() || password.empty())
return error::InvalidParameter;
- if (!FileFooter::exist(dev)) {
- ERROR(SINK, "Given device has no master key");
- return error::NoSuchFile;
- }
-
- EncryptedKey ek(FileFooter::read(dev));
-
- auto key = ek.decrypt(password);
- if (key.empty())
- return error::WrongPassword;
-
- return error::None;
+ BinaryData dummy;
+ std::lock_guard<std::mutex> lock(footerLock);
+ return internalGet(dev, password, dummy);
}
int KeyServer::get(const std::string& dev,
if (dev.empty() || password.empty())
return error::InvalidParameter;
- if (!FileFooter::exist(dev)) {
- ERROR(SINK, "Given device has no master key");
- return error::NoSuchFile;
- }
-
- EncryptedKey ek(FileFooter::read(dev));
-
- masterKey = ek.decrypt(password);
- if (masterKey.empty()) {
- ERROR(SINK, "Wrong password passed");
- return error::WrongPassword;
- }
- return error::None;
+ std::lock_guard<std::mutex> lock(footerLock);
+ return internalGet(dev, password, masterKey);
}
void KeyServer::removePassword(const std::string& dev)
if (dev.empty())
return;
+ std::lock_guard<std::mutex> lock(footerLock);
FileFooter::clear(dev);
}
if (dev.empty() || password.empty())
return error::InvalidParameter;
- if (!FileFooter::exist(dev)) {
- ERROR(SINK, "Given device has no master key");
- return error::NoSuchFile;
- }
-
- EncryptedKey ek(FileFooter::read(dev));
+ std::unique_lock<std::mutex> lock(footerLock);
+ BinaryData masterKey;
+ int ret = internalGet(dev, password, masterKey);
+ if (ret != error::None)
+ return ret;
- auto masterKey = ek.decrypt(password);
- if (masterKey.empty()) {
- ERROR(SINK, "Wrong password passed");
- return error::WrongPassword;
- }
+ lock.unlock();
try {
UpgradeSupport::storeMasterKey(dev, masterKey);
return error::None;
}
+int KeyServer::internalGet(const std::string& dev,
+ const std::string& password,
+ BinaryData& key) const
+{
+ if (!FileFooter::exist(dev)) {
+ ERROR(SINK, "Given device has no master key.");
+ return error::NoSuchFile;
+ }
+
+ EncryptedKey ek(FileFooter::read(dev));
+
+ key = ek.decrypt(password);
+ if (key.empty()) {
+ ERROR(SINK, "Wrong password passed.");
+ return error::WrongPassword;
+ }
+ return error::None;
+}
+
} // namespace ode
projects / platform / core / security / ode.git / commitdiff