ADD_DEFINITIONS(-DSYSTEMD_ENV_FILE="${SYSTEMD_ENV_FILE}")
ENDIF (DEFINED SYSTEMD_ENV_FILE)
+IF (DEFINED PASSWORD_PROTECTION_DISABLE)
+ MESSAGE("PASSWORD_PROTECTION_DISABLE ENABLED !")
+ ADD_DEFINITIONS("-DPASSWORD_PROTECTION_DISABLE")
+ENDIF (DEFINED PASSWORD_PROTECTION_DISABLE)
+
SET(TARGET_KEY_MANAGER "key-manager")
SET(TARGET_KEY_MANAGER_CLIENT "key-manager-client")
SET(TARGET_KEY_MANAGER_CONTROL_CLIENT "key-manager-control-client")
export FFLAGS="$FFLAGS -DTIZEN_DEBUG_ENABLE"
%endif
+# password protection enabled
+%define ckm_password_protection_disable 1
export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions "
-DCMAKE_VERBOSE_MAKEFILE=ON \
-DSYSTEMD_UNIT_DIR=%{_unitdir} \
-DSYSTEMD_ENV_FILE="/etc/sysconfig/central-key-manager" \
+%if 0%{?ckm_password_protection_disable}
+ -DPASSWORD_PROTECTION_DISABLE=1 \
+%endif
-DMOCKUP_SM=%{?mockup_sm:%mockup_sm}%{!?mockup_sm:OFF}
make %{?jobs:-j%jobs}
concat_user_pass = concat_password_user(
wkmcDKEK.getWrappedKeyAndInfo().keyInfo.label,
- password.c_str());
+ getConvertedStr(password));
if (!PKCS5_PBKDF2_HMAC_SHA1(
concat_user_pass,
concat_user_pass = concat_password_user(
m_kmcDKEK->getKeyAndInfo().keyInfo.label,
- password.c_str());
+ getConvertedStr(password));
if (!PKCS5_PBKDF2_HMAC_SHA1(
concat_user_pass,
concat_user_pass = concat_password_user(
wkmcOldDKEK.getWrappedKeyAndInfo().keyInfo.label,
- oldPass.c_str());
+ getConvertedStr(oldPass));
if (!PKCS5_PBKDF2_HMAC_SHA1(
concat_user_pass,
concat_user_pass = concat_password_user(
kmcDKEK.getKeyAndInfo().keyInfo.label,
- newPass.c_str());
+ getConvertedStr(newPass));
if (!PKCS5_PBKDF2_HMAC_SHA1(
concat_user_pass,
int wrappedKeyLength;
char *concat_user_pass = NULL;
- concat_user_pass = concat_password_user(user.c_str(), userPassword.c_str());
+ concat_user_pass = concat_password_user(user.c_str(), getConvertedStr(userPassword));
if (!PKCS5_PBKDF2_HMAC_SHA1(
concat_user_pass,
strlen(concat_user_pass),
delete[] resized_user;
return concat_user_pass;
}
+
+const char* KeyProvider::getConvertedStr(const Password &password)
+{
+#ifdef PASSWORD_PROTECTION_DISABLE
+ (void ) password;
+ return "";
+#else
+ return password.c_str();
+#endif
+}