Revert "Add PASSWORD_PROTECTION_DISABLE feature"

This reverts commit c960d5d61979802933b7cc44b66a118b5861edf7.

Change-Id: Ia3225c3a460f48dde93a272e931f6a53d461f48c

diff --git a/CMakeLists.txt b/CMakeLists.txt
index bc0aab1..73720b1 100644 (file)
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -62,11 +62,6 @@ IF (DEFINED SYSTEMD_ENV_FILE)
     ADD_DEFINITIONS(-DSYSTEMD_ENV_FILE="${SYSTEMD_ENV_FILE}")
 ENDIF (DEFINED SYSTEMD_ENV_FILE)
 
-IF (DEFINED PASSWORD_PROTECTION_DISABLE)
-    MESSAGE("PASSWORD_PROTECTION_DISABLE ENABLED !")
-    ADD_DEFINITIONS("-DPASSWORD_PROTECTION_DISABLE")
-ENDIF (DEFINED PASSWORD_PROTECTION_DISABLE)
-
 SET(TARGET_KEY_MANAGER "key-manager")
 SET(TARGET_KEY_MANAGER_CLIENT "key-manager-client")
 SET(TARGET_KEY_MANAGER_CONTROL_CLIENT "key-manager-control-client")

diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec
index 405eaa7..eb2503a 100644 (file)
--- a/packaging/key-manager.spec
+++ b/packaging/key-manager.spec
@@ -113,8 +113,6 @@ cp -a %{SOURCE1005} .
     export FFLAGS="$FFLAGS -DTIZEN_DEBUG_ENABLE"
 %endif
 
-# password protection enabled
-%define ckm_password_protection_disable 1
 
 export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions "
 
@@ -123,9 +121,6 @@ export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions "
         -DCMAKE_VERBOSE_MAKEFILE=ON \
         -DSYSTEMD_UNIT_DIR=%{_unitdir} \
         -DSYSTEMD_ENV_FILE="/etc/sysconfig/central-key-manager" \
-%if 0%{?ckm_password_protection_disable}
-        -DPASSWORD_PROTECTION_DISABLE=1 \
-%endif
         -DMOCKUP_SM=%{?mockup_sm:%mockup_sm}%{!?mockup_sm:OFF}
 
 make %{?jobs:-j%jobs}

diff --git a/src/manager/service/key-provider.cpp b/src/manager/service/key-provider.cpp
index ce6e72b..23ca201 100644 (file)
--- a/src/manager/service/key-provider.cpp
+++ b/src/manager/service/key-provider.cpp
@@ -140,7 +140,7 @@ KeyProvider::KeyProvider(
 
     concat_user_pass = concat_password_user(
         wkmcDKEK.getWrappedKeyAndInfo().keyInfo.label,
-        getConvertedStr(password));
+        password.c_str());
 
     if (!PKCS5_PBKDF2_HMAC_SHA1(
         concat_user_pass,
@@ -223,7 +223,7 @@ RawBuffer KeyProvider::getWrappedDomainKEK(const Password &password)
 
     concat_user_pass = concat_password_user(
         m_kmcDKEK->getKeyAndInfo().keyInfo.label,
-        getConvertedStr(password));
+        password.c_str());
 
     if (!PKCS5_PBKDF2_HMAC_SHA1(
         concat_user_pass,
@@ -393,7 +393,7 @@ RawBuffer KeyProvider::reencrypt(
 
     concat_user_pass = concat_password_user(
         wkmcOldDKEK.getWrappedKeyAndInfo().keyInfo.label,
-        getConvertedStr(oldPass));
+        oldPass.c_str());
 
     if (!PKCS5_PBKDF2_HMAC_SHA1(
         concat_user_pass,
@@ -425,7 +425,7 @@ RawBuffer KeyProvider::reencrypt(
 
     concat_user_pass = concat_password_user(
         kmcDKEK.getKeyAndInfo().keyInfo.label,
-        getConvertedStr(newPass));
+        newPass.c_str());
 
     if (!PKCS5_PBKDF2_HMAC_SHA1(
         concat_user_pass,
@@ -477,7 +477,7 @@ RawBuffer KeyProvider::generateDomainKEK(
 
     int wrappedKeyLength;
     char *concat_user_pass = NULL;
-    concat_user_pass = concat_password_user(user.c_str(), getConvertedStr(userPassword));
+    concat_user_pass = concat_password_user(user.c_str(), userPassword.c_str());
     if (!PKCS5_PBKDF2_HMAC_SHA1(
         concat_user_pass,
         strlen(concat_user_pass),
@@ -645,13 +645,3 @@ char * KeyProvider::concat_password_user(const char *user, const char *password)
     delete[] resized_user;
     return concat_user_pass;
 }
-
-const char* KeyProvider::getConvertedStr(const Password &password)
-{
-#ifdef PASSWORD_PROTECTION_DISABLE
-    (void ) password;
-    return "";
-#else
-    return password.c_str();
-#endif
-}

diff --git a/src/manager/service/key-provider.h b/src/manager/service/key-provider.h
index dd22c32..918a622 100644 (file)
--- a/src/manager/service/key-provider.h
+++ b/src/manager/service/key-provider.h
@@ -169,7 +169,6 @@ private:
         const char *user,
         const char *password);
 
-    static const char* getConvertedStr(const Password &password);
 };
 
 } // namespace CKM