Add exceptions related to control APIs

Signed-off-by: yuseok.jeon <yuseok.jeon@samsung.com>

diff --git a/src/manager/client/client-control.cpp b/src/manager/client/client-control.cpp
index 1a352ff..86a7dcf 100644 (file)
--- a/src/manager/client/client-control.cpp
+++ b/src/manager/client/client-control.cpp
@@ -42,8 +42,14 @@ public:
             Serialization::Serialize(send, static_cast<int>(ControlCommand::UNLOCK_USER_KEY));
             Serialization::Serialize(send, user);
             Serialization::Serialize(send, password);
+            int retCode;
 
-            int retCode = sendToServer(
+            if((int)user < 0) {
+                retCode = CKM_API_ERROR_INPUT_PARAM;
+                return retCode;
+            }
+
+            retCode = sendToServer(
                 SERVICE_SOCKET_CKM_CONTROL,
                 send.Pop(),
                 recv);
@@ -63,8 +69,14 @@ public:
             MessageBuffer send, recv;
             Serialization::Serialize(send, static_cast<int>(ControlCommand::LOCK_USER_KEY));
             Serialization::Serialize(send, user);
+            int retCode;
+
+            if((int)user < 0) {
+                retCode = CKM_API_ERROR_INPUT_PARAM;
+                return retCode;
+            }
 
-            int retCode = sendToServer(
+            retCode = sendToServer(
                 SERVICE_SOCKET_CKM_CONTROL,
                 send.Pop(),
                 recv);
@@ -84,8 +96,14 @@ public:
             MessageBuffer send, recv;
             Serialization::Serialize(send, static_cast<int>(ControlCommand::REMOVE_USER_DATA));
             Serialization::Serialize(send, user);
+            int retCode;
 
-            int retCode = sendToServer(
+            if((int)user < 0) {
+                retCode = CKM_API_ERROR_INPUT_PARAM;
+                return retCode;
+            }
+
+            retCode = sendToServer(
                 SERVICE_SOCKET_CKM_CONTROL,
                 send.Pop(),
                 recv);
@@ -107,8 +125,14 @@ public:
             Serialization::Serialize(send, user);
             Serialization::Serialize(send, oldPassword);
             Serialization::Serialize(send, newPassword);
+            int retCode;
+
+            if((int)user < 0) {
+                retCode = CKM_API_ERROR_INPUT_PARAM;
+                return retCode;
+            }
 
-            int retCode = sendToServer(
+            retCode = sendToServer(
                 SERVICE_SOCKET_CKM_CONTROL,
                 send.Pop(),
                 recv);
@@ -129,8 +153,14 @@ public:
             Serialization::Serialize(send, static_cast<int>(ControlCommand::RESET_USER_PASSWORD));
             Serialization::Serialize(send, user);
             Serialization::Serialize(send, newPassword);
+            int retCode;
+
+            if((int)user < 0) {
+                retCode = CKM_API_ERROR_INPUT_PARAM;
+                return retCode;
+            }
 
-            int retCode = sendToServer(
+            retCode = sendToServer(
                 SERVICE_SOCKET_CKM_CONTROL,
                 send.Pop(),
                 recv);

diff --git a/src/manager/service/ckm-logic.cpp b/src/manager/service/ckm-logic.cpp
index 3b86e58..8135a5a 100644 (file)
--- a/src/manager/service/ckm-logic.cpp
+++ b/src/manager/service/ckm-logic.cpp
@@ -72,6 +72,9 @@ RawBuffer CKMLogic::unlockUserKey(uid_t user, const std::string &password) {
             handle.crypto = CryptoLogic();
             // TODO wipe key
         }
+    } catch (const KeyProvider::Exception::PassWordError &e) {
+        LogError("Incorrect Password " << e.GetMessage());
+        retCode = CKM_API_ERROR_AUTHENTICATION_FAILED;
     } catch (const KeyProvider::Exception::Base &e) {
         LogError("Error in KeyProvider " << e.GetMessage());
         retCode = CKM_API_ERROR_SERVER_ERROR;
@@ -117,15 +120,26 @@ RawBuffer CKMLogic::changeUserPassword(
     const std::string &newPassword)
 {
     int retCode = CKM_API_SUCCESS;
-    // TODO try-catch
-    FileSystem fs(user);
-    auto wrappedDomainKEK = fs.getDomainKEK();
-    if (wrappedDomainKEK.empty()) {
-        retCode = CKM_API_ERROR_BAD_REQUEST;
-    } else {
-        wrappedDomainKEK = KeyProvider::reencrypt(wrappedDomainKEK, oldPassword, newPassword);
-        fs.saveDomainKEK(wrappedDomainKEK);
+    try {
+        FileSystem fs(user);
+        auto wrappedDomainKEK = fs.getDomainKEK();
+        if (wrappedDomainKEK.empty()) {
+            retCode = CKM_API_ERROR_BAD_REQUEST;
+        } else {
+            wrappedDomainKEK = KeyProvider::reencrypt(wrappedDomainKEK, oldPassword, newPassword);
+            fs.saveDomainKEK(wrappedDomainKEK);
+        }
+    } catch (const KeyProvider::Exception::PassWordError &e) {
+        LogError("Incorrect Password " << e.GetMessage());
+        retCode = CKM_API_ERROR_AUTHENTICATION_FAILED;
+    } catch (const KeyProvider::Exception::Base &e) {
+        LogError("Error in KeyProvider " << e.GetMessage());
+        retCode = CKM_API_ERROR_SERVER_ERROR;
+    } catch (const CKM::Exception &e) {
+        LogError("CKM::Exception: " << e.GetMessage());
+        retCode = CKM_API_ERROR_SERVER_ERROR;
     }
+
     MessageBuffer response;
     Serialization::Serialize(response, retCode);
     return response.Pop();

diff --git a/src/manager/service/key-provider.h b/src/manager/service/key-provider.h
index 0d00e17..3d43f74 100644 (file)
--- a/src/manager/service/key-provider.h
+++ b/src/manager/service/key-provider.h
@@ -42,6 +42,7 @@ public:
                DECLARE_EXCEPTION_TYPE(Base, GenFailed)
                DECLARE_EXCEPTION_TYPE(Base, WrapFailed)
                DECLARE_EXCEPTION_TYPE(Base, UnwrapFailed)
+               DECLARE_EXCEPTION_TYPE(Base, PassWordError)
                DECLARE_EXCEPTION_TYPE(Base, InputParamError)
        };