Add get/set encryption state using vconf

Signed-off-by: Sungbae Yoo <sungbae.yoo@samsung.com>
Change-Id: I81c0fd84c81f5e2e2ce5f5fe677bb2bca36b6642

diff --git a/lib/ode/common.h b/lib/ode/common.h
index 201e223..d0f89cc 100644 (file)
--- a/lib/ode/common.h
+++ b/lib/ode/common.h
@@ -63,6 +63,16 @@ typedef enum {
        ODE_ERROR_KEY_REJECTED         = TIZEN_ERROR_KEY_REJECTED          /**< Passwor is rejected */
 } ode_error_type_e;
 
+/*
+ * @brief       Enumeration for encryption state
+ * @since_tizen 3.0
+ */
+typedef enum {
+    ODE_STATE_UNENCRYPTED   = 0x00, /**< Device is not encrypted */
+    ODE_STATE_ENCRYPTED     = 0x01, /**< Device is encrypted  */
+    ODE_STATE_CORRUPTED     = 0x02  /**< Devoce is corrupted because of encryption error  */
+} ode_state_e;
+
 /**
  * @}
  */

diff --git a/lib/ode/external-encryption.cpp b/lib/ode/external-encryption.cpp
index 3ecd74c..2275aaa 100644 (file)
--- a/lib/ode/external-encryption.cpp
+++ b/lib/ode/external-encryption.cpp
@@ -86,7 +86,7 @@ int ode_external_encryption_get_state(int* state)
        ExternalEncryption external = client.createInterface<ExternalEncryption>();
        int ret = external.getState();
 
-       RET_ON_FAILURE(ret != -1, ODE_ERROR_INVALID_PARAMETER);
+       RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER);
 
        *state = ret;
        return ODE_ERROR_NONE;

diff --git a/lib/ode/internal-encryption.cpp b/lib/ode/internal-encryption.cpp
index 696e7ae..9c3d769 100644 (file)
--- a/lib/ode/internal-encryption.cpp
+++ b/lib/ode/internal-encryption.cpp
@@ -86,7 +86,7 @@ int ode_internal_encryption_get_state(int* state)
        InternalEncryption internal = client.createInterface<InternalEncryption>();
        int ret = internal.getState();
 
-       RET_ON_FAILURE(ret != -1, ODE_ERROR_INVALID_PARAMETER);
+       RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER);
 
        *state = ret;
        return ODE_ERROR_NONE;

diff --git a/rmi/external-encryption.h b/rmi/external-encryption.h
index cd38faa..4643cd9 100644 (file)
--- a/rmi/external-encryption.h
+++ b/rmi/external-encryption.h
@@ -39,6 +39,12 @@ public:
 
        int changePassword(const std::string& oldPW, const std::string& newPW);
 
+       enum State {
+               Unencrypted = 0x00,
+               Encrypted   = 0x01,
+               Corrupted   = 0x02,
+       };
+
        int getState();
 
 private:

diff --git a/rmi/internal-encryption.h b/rmi/internal-encryption.h
index c1986c1..59ef340 100644 (file)
--- a/rmi/internal-encryption.h
+++ b/rmi/internal-encryption.h
@@ -38,6 +38,12 @@ public:
 
        int changePassword(const std::string& oldPW, const std::string& newPW);
 
+       enum State {
+               Unencrypted = 0x00,
+               Encrypted   = 0x01,
+               Corrupted   = 0x02,
+       };
+
        int getState();
 
 private:

diff --git a/server/external-encryption.cpp b/server/external-encryption.cpp
index c5eed8c..c54e5bd 100644 (file)
--- a/server/external-encryption.cpp
+++ b/server/external-encryption.cpp
@@ -17,7 +17,9 @@
 #include <unistd.h>
 #include <sys/mount.h>
 
+#include <vconf.h>
 #include <tzplatform_config.h>
+
 #include <klay/file-user.h>
 #include <klay/filesystem.h>
 #include <klay/audit/logger.h>
@@ -33,6 +35,7 @@
 
 #define EXTERNAL_STORAGE_PATH  "/opt/media/SDCardA1"
 #define DEFAULT_USER "owner"
+#define EXTERNAL_STORAGE_VCONF_KEY VCONFKEY_SDE_CRYPTO_STATE
 
 namespace ode {
 
@@ -250,7 +253,22 @@ int ExternalEncryption::changePassword(const std::string& oldPassword,
 
 int ExternalEncryption::getState()
 {
-       //TODO
+       char *value = ::vconf_get_str(EXTERNAL_STORAGE_VCONF_KEY);
+       if (value == NULL) {
+               throw runtime::Exception("Failed to get vconf value");
+       }
+
+       std::string valueStr(value);
+       free(value);
+
+       if (valueStr == "encrypted") {
+               return State::Encrypted;
+       } else if (valueStr == "unencrypted") {
+               return State::Unencrypted;
+       } else {
+               return State::Corrupted;
+       }
+
        return 0;
 }
 

diff --git a/server/internal-encryption.cpp b/server/internal-encryption.cpp
index 9562530..d0c4a27 100644 (file)
--- a/server/internal-encryption.cpp
+++ b/server/internal-encryption.cpp
@@ -20,6 +20,7 @@
 #include <sys/mount.h>
 #include <sys/reboot.h>
 
+#include <vconf.h>
 #include <klay/process.h>
 #include <klay/file-user.h>
 #include <klay/filesystem.h>
@@ -32,6 +33,7 @@
 #include "rmi/internal-encryption.h"
 
 #define INTERNAL_STORAGE_PATH  "/opt/usr"
+#define INTERNAL_STORAGE_VCONF_KEY VCONFKEY_ODE_CRYPTO_STATE
 
 namespace ode {
 
@@ -98,6 +100,10 @@ InternalEncryption::~InternalEncryption()
 
 int InternalEncryption::mount(const std::string& password)
 {
+       if (getState() != State::Encrypted) {
+               return -1;
+       }
+
        KeyManager::data pwData(password.begin(), password.end());
        KeyManager keyManager(engine.getKeyMeta());
 
@@ -111,6 +117,10 @@ int InternalEncryption::mount(const std::string& password)
 
 int InternalEncryption::umount()
 {
+       if (getState() != State::Encrypted) {
+               return -1;
+       }
+
        INFO("Close all processes using internal storage...");
        stopDependedSystemdServices();
        INFO("Umount internal storage...");
@@ -121,6 +131,10 @@ int InternalEncryption::umount()
 
 int InternalEncryption::encrypt(const std::string& password)
 {
+       if (getState() != State::Unencrypted) {
+               return -1;
+       }
+
        KeyManager::data pwData(password.begin(), password.end());
        KeyManager keyManager;
 
@@ -141,10 +155,13 @@ int InternalEncryption::encrypt(const std::string& password)
                }
 
                INFO("Encryption started...");
+               ::vconf_set_str(INTERNAL_STORAGE_VCONF_KEY, "error_partially_encrypted");
                engine.encrypt(MasterKey);
                INFO("Sync disk...");
                sync();
                INFO("Encryption completed");
+
+               ::vconf_set_str(INTERNAL_STORAGE_VCONF_KEY, "encrypted");
                ::reboot(RB_AUTOBOOT);
        };
 
@@ -156,6 +173,10 @@ int InternalEncryption::encrypt(const std::string& password)
 
 int InternalEncryption::decrypt(const std::string& password)
 {
+       if (getState() != State::Encrypted) {
+               return -1;
+       }
+
        KeyManager::data pwData(password.begin(), password.end());
        KeyManager keyManager(engine.getKeyMeta());
 
@@ -175,10 +196,13 @@ int InternalEncryption::decrypt(const std::string& password)
                } catch (runtime::Exception& e) {}
 
                INFO("Decryption started...");
+               ::vconf_set_str(INTERNAL_STORAGE_VCONF_KEY, "error_partially_encrypted");
                engine.decrypt(MasterKey);
                INFO("Sync disk...");
                sync();
                INFO("Decryption completed");
+
+               ::vconf_set_str(INTERNAL_STORAGE_VCONF_KEY, "unencrypted");
                ::reboot(RB_AUTOBOOT);
        };
 
@@ -207,7 +231,22 @@ int InternalEncryption::changePassword(const std::string& oldPassword,
 
 int InternalEncryption::getState()
 {
-       //TODO
+       char *value = ::vconf_get_str(INTERNAL_STORAGE_VCONF_KEY);
+       if (value == NULL) {
+               throw runtime::Exception("Failed to get vconf value");
+       }
+
+       std::string valueStr(value);
+       free(value);
+
+       if (valueStr == "encrypted") {
+               return State::Encrypted;
+       } else if (valueStr == "unencrypted") {
+               return State::Unencrypted;
+       } else {
+               return State::Corrupted;
+       }
+
        return 0;
 }
 

diff --git a/tools/cli/ode-admin-cli.cpp b/tools/cli/ode-admin-cli.cpp
index d6abe1c..a4dae3a 100644 (file)
--- a/tools/cli/ode-admin-cli.cpp
+++ b/tools/cli/ode-admin-cli.cpp
@@ -205,7 +205,22 @@ static inline int get_state(const std::string name)
 
        if (ret != 0) {
                std::cerr << "Error : " << ret <<std::endl;
+               return -1;
+       }
+
+       switch (state) {
+       case ODE_STATE_ENCRYPTED:
+               std::cout << "Encrypted";
+               break;
+       case ODE_STATE_UNENCRYPTED:
+               std::cout << "Unencrypted";
+               break;
+       case ODE_STATE_CORRUPTED:
+               std::cout << "Corrupted";
+               break;
        }
+       std::cout << std::endl;
+
 
        return ret;
 }