namespace ode {
-class BlkDevCryptInfo {
-public:
- void init(const std::string &src, const std::string &crypto_name)
- {
- crypto_type_name = crypto_name;
- fs_size = getBlkdevSize(src);
- }
+void CryptInfo::init(const std::string &src, const std::string &crypto_name)
+{
+ crypto_type_name = crypto_name;
+ fs_size = getBlkdevSize(src);
+}
- long getFileSystemSize()
- {
- return fs_size;
- }
+long CryptInfo::getFileSystemSize()
+{
+ return fs_size;
+}
- std::string getCryptoTypeName() const
- {
- return crypto_type_name;
- }
+std::string CryptInfo::getCryptoTypeName() const
+{
+ return crypto_type_name;
+}
-private:
- long getBlkdevSize(const std::string &src)
- {
- int fd = open(src.c_str(), O_RDONLY);
- if (fd < 0)
- return 0;
+long CryptInfo::getBlkdevSize(const std::string &src)
+{
+ int fd = open(src.c_str(), O_RDONLY);
+ if (fd < 0)
+ return 0;
- long fs_size = 0;
- if ((ioctl(fd, BLKGETSIZE, &fs_size)) == -1)
- fs_size = 0;
- close(fd);
+ long fs_size = 0;
+ if ((ioctl(fd, BLKGETSIZE, &fs_size)) == -1)
+ fs_size = 0;
+ close(fd);
- return fs_size;
- }
+ return fs_size;
+}
-private:
- // TODO(seok85.hong): support fast-encryption
- long fs_size;
- std::string crypto_type_name;
-} real_blkdev_crypto_info;
static void convertKeyToHexASCII(const DMCryptEngine::data &key,
DMCryptEngine::data &key_ascii)
source(src), destination(dest)
{
// 1. Get Real Block device(src)'s infomation
- real_blkdev_crypto_info.init(src, "aes-cbc-essiv:sha256");
+ cryptInfo.init(src, "aes-cbc-essiv:sha256");
}
DMCryptEngine::~DMCryptEngine()
#define DM_CRYPT_BUF_SIZE 4096
#define DM_LABEL "userdata"
-static const std::string createCryptoBlkDev(const std::string &real_blkdev, const std::string &mount_name, const DMCryptEngine::data &key)
+static const std::string createCryptoBlkDev(const std::string &real_blkdev, const std::string &mount_name, const DMCryptEngine::data &key, long fileSystemSize, std::string cryptoTypeName)
{
int fd = -1;
dm_io->target_count = 1;
dm_ts->status = 0;
dm_ts->sector_start = 0;
- dm_ts->length = real_blkdev_crypto_info.getFileSystemSize();
+ dm_ts->length = fileSystemSize;
strcpy(dm_ts->target_type, "crypt");
// Prepare crypt_params
ode::convertKeyToHexASCII(key, key_ascii);
// Store crypt_params
- sprintf(crypt_params, "%s %s 0 %s 0", real_blkdev_crypto_info.getCryptoTypeName().c_str(), key_ascii.data(), real_blkdev.c_str());
+ sprintf(crypt_params, "%s %s 0 %s 0", cryptoTypeName.c_str(), key_ascii.data(), real_blkdev.c_str());
crypt_params += strlen(crypt_params) + 1;
// Align to an 8 byte boundary
DMCryptEngine::data sanitized_key = sanitizeKey(key);
// create crypto type device mapping layer to mount the encrypted partition.
- const std::string crypto_blkdev = createCryptoBlkDev(source, DM_LABEL, sanitized_key);
+ const std::string crypto_blkdev = createCryptoBlkDev(source, DM_LABEL, sanitized_key, cryptInfo.getFileSystemSize(), cryptInfo.getCryptoTypeName());
if (::mount(crypto_blkdev.c_str(), destination.c_str(), "ext4", 0, 0) < 0)
throw runtime::Exception(runtime::GetSystemErrorMessage());
// create crypto type device mapping layer to mount the plain partition
// should be encrypted here.
- const std::string crypto_blkdev = createCryptoBlkDev(source, DM_LABEL, sanitized_key);
+ const std::string crypto_blkdev = createCryptoBlkDev(source, DM_LABEL, sanitized_key, cryptInfo.getFileSystemSize(), cryptInfo.getCryptoTypeName());
// We always do In-place encryption
- encryptInPlace(crypto_blkdev, source, real_blkdev_crypto_info.getFileSystemSize());
+ encryptInPlace(crypto_blkdev, source, cryptInfo.getFileSystemSize());
// remove crypto type device mapper
destroyCryptoBlkDev(DM_LABEL);
// create crypto type device mapping layer to mount the plain partition
// should be encrypted here.
- const std::string crypto_blkdev = createCryptoBlkDev(source, DM_LABEL, sanitized_key);
+ const std::string crypto_blkdev = createCryptoBlkDev(source, DM_LABEL, sanitized_key, cryptInfo.getFileSystemSize(), cryptInfo.getCryptoTypeName());
// We always do In-place encryption
- encryptInPlace(source, crypto_blkdev, real_blkdev_crypto_info.getFileSystemSize());
+ encryptInPlace(source, crypto_blkdev, cryptInfo.getFileSystemSize());
// remove crypto type device mapper
destroyCryptoBlkDev(DM_LABEL);
static std::string test_real_blkdev; // i.e. "/dev/loop0"
static std::string test_real_mntpoint;
+// ode::DMCryptEngine gvTest("/dev/mmcblk0p25", "/opt/usr");
+
}
////////////////////////////////////////////////////////////////////////////////////////
try {
const std::string test_crypto_type_name = "test-crypto-type-name";
- ode::real_blkdev_crypto_info.init(test_real_blkdev, test_crypto_type_name);
- if (test_crypto_type_name.compare(ode::real_blkdev_crypto_info.getCryptoTypeName()))
+ ode::CryptInfo cryptInfo;
+ cryptInfo.init(test_real_blkdev, test_crypto_type_name);
+ if (test_crypto_type_name.compare(cryptInfo.getCryptoTypeName()))
TEST_FAIL("CryptoTypeName doesn't match");
// we espect the sector size (20480) with our temporary created file
long test_fs_size = 20480;
- if (test_fs_size != ode::real_blkdev_crypto_info.getFileSystemSize())
+ if (test_fs_size != cryptInfo.getFileSystemSize())
TEST_FAIL("FileSystemSize doesn't match");
//
} catch (runtime::Exception &e) {
TESTCASE(DMCryptCreateRemoveCryptoBlkDevWithTempkey)
{
try {
- ode::real_blkdev_crypto_info.init(test_real_blkdev, "aes-cbc-essiv:sha256");
+ ode::CryptInfo cryptInfo;
+ cryptInfo.init(test_real_blkdev, "aes-cbc-essiv:sha256");
const std::string keystring = "01020304050607080910111213141516";
const ode::DMCryptEngine::data key32bit(keystring.begin(), keystring.end());
- const std::string crypto_blkdev = ode::createCryptoBlkDev(test_real_blkdev, "testdata", key32bit);
+ const std::string crypto_blkdev = ode::createCryptoBlkDev(test_real_blkdev, "testdata", key32bit, cryptInfo.getFileSystemSize(), cryptInfo.getCryptoTypeName());
// check crypto device status using cryptsetup
{
FILE *fp = popen("cryptsetup status testdata", "r");
TESTCASE(DMCryptEncryptAndDecrypt)
{
try {
- ode::real_blkdev_crypto_info.init(test_real_blkdev, "aes-cbc-essiv:sha256");
+ // ode::cryptInfo.init(test_real_blkdev, "aes-cbc-essiv:sha256");
const std::string keystring = "01020304050607080910111213141516";
const ode::DMCryptEngine::data key32bit(keystring.begin(), keystring.end());
TESTCASE(DMCryptEncryptMountUnmountDecrypt)
{
try {
- ode::real_blkdev_crypto_info.init(test_real_blkdev, "aes-cbc-essiv:sha256");
+ // ode::cryptInfo.init(test_real_blkdev, "aes-cbc-essiv:sha256");
const std::string keystring = "01020304050607080910111213141516";
const ode::DMCryptEngine::data key32bit(keystring.begin(), keystring.end());
TESTCASE(DMCryptEncryptButDecryptWithWrongKey)
{
try {
- ode::real_blkdev_crypto_info.init(test_real_blkdev, "aes-cbc-essiv:sha256");
+ // ode::cryptInfo.init(test_real_blkdev, "aes-cbc-essiv:sha256");
const std::string keystring = "01020304050607080910111213141516";
const ode::DMCryptEngine::data key32bit(keystring.begin(), keystring.end());
const std::string wrongkeystring = "SIZE_IS_SAME_BUT_WRONG_DECKEY___";
projects / platform / core / security / ode.git / commitdiff