*_set_mount_password() must be called before every *_mount()

Change-Id: Ie55ee30a386a1784bff301dc5602b48978095e24

diff --git a/lib/ode/external-encryption.h b/lib/ode/external-encryption.h
index d40fb5f41600d9aa97e929c96eb9e4f7595ac22f..a64f561a9929d569c7ee822783534063082bfa25 100644 (file)
--- a/lib/ode/external-encryption.h
+++ b/lib/ode/external-encryption.h
@@ -63,7 +63,8 @@ ODE_API int ode_external_encryption_set_mount_password(const char* password);
  * @retval      #ODE_ERROR_PERMISSION_DENIED The application does not have
  *              the privilege to call this API
  * @pre         A password must be set by
- *              ode_external_encryption_set_mount_password().
+ *              ode_external_encryption_set_mount_password() before every
+ *              mount attempt.
  * @see         ode_external_encryption_set_mount_password()
  * @see         ode_external_encryption_umount()
  */

diff --git a/lib/ode/internal-encryption.h b/lib/ode/internal-encryption.h
index 885b6b6be2740a6e0b3d181321996693457e068f..1ecfc5ba5ea87f1a2fa54548f5ca5181e1a4f04d 100644 (file)
--- a/lib/ode/internal-encryption.h
+++ b/lib/ode/internal-encryption.h
@@ -62,7 +62,8 @@ ODE_API int ode_internal_encryption_set_mount_password(const char* password);
  * @retval      #ODE_ERROR_PERMISSION_DENIED The application does not have
  *              the privilege to call this API
  * @pre         A password must be set by
- *              ode_internal_encryption_set_mount_password().
+ *              ode_internal_encryption_set_mount_password() before every
+ *              mount attempt.
  * @see         ode_internal_encryption_set_mount_password()
  * @see         ode_internal_encryption_umount()
  */

diff --git a/server/external-encryption.cpp b/server/external-encryption.cpp
index 62a9fc28a8848c693fa66d593084f5b9f2b84b31..1481b1c77620d113a1c75acad890327421a6cf91 100644 (file)
--- a/server/external-encryption.cpp
+++ b/server/external-encryption.cpp
@@ -234,6 +234,14 @@ int ExternalEncryptionServer::setMountPassword(const std::string& password)
 
 int ExternalEncryptionServer::mount()
 {
+       if (mountKey.empty()) {
+               ERROR(SINK, "You need to call set_mount_password() first");
+               return -1;
+       }
+
+       KeyManager::data key = mountKey;
+       mountKey.clear();
+
        if (getState() != State::Encrypted) {
                return -1;
        }
@@ -245,10 +253,8 @@ int ExternalEncryptionServer::mount()
 
        INFO(SINK, "Mount external storage...");
        try {
-               engine->mount(mountKey, getOptions());
-               mountKey.clear();
+               engine->mount(key, getOptions());
        } catch (runtime::Exception &e) {
-               mountKey.clear();
                ERROR(SINK, "Failed to mount: " + std::string(e.what()));
                return -3;
        }

diff --git a/server/internal-encryption.cpp b/server/internal-encryption.cpp
index f03b006af67f01bb0ce5b91fb7eb8c62fac0d761..c5e762e10da35bbec6d2fed9f0e9281c20252949 100644 (file)
--- a/server/internal-encryption.cpp
+++ b/server/internal-encryption.cpp
@@ -276,6 +276,14 @@ int InternalEncryptionServer::setMountPassword(const std::string& password)
 
 int InternalEncryptionServer::mount()
 {
+       if (mountKey.empty()) {
+               ERROR(SINK, "You need to call set_mount_password() first");
+               return -1;
+       }
+
+       KeyManager::data key = mountKey;
+       mountKey.clear();
+
        if (getState() != State::Encrypted) {
                return -1;
        }
@@ -287,8 +295,7 @@ int InternalEncryptionServer::mount()
 
        try {
                INFO(SINK, "Mount internal storage...");
-               engine->mount(mountKey, getOptions());
-               mountKey.clear();
+               engine->mount(key, getOptions());
 
                server.notify("InternalEncryptionServer::mount");