}
}
-int ExternalEncryption::verifyPassword(const std::string& password)
+int ExternalEncryption::isPasswordCreated()
{
try {
- return context->methodCall<int>("ExternalEncryption::verifyPassword",
+ return context->methodCall<int>("ExternalEncryption::isPasswordCreated");
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int ExternalEncryption::createPassword(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::createPassword",
+ password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int ExternalEncryption::deletePassword(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::deletePassword",
password);
} catch (runtime::Exception& e) {
return -1;
}
}
+int ExternalEncryption::verifyPassword(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::verifyPassword",
+ password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
int ExternalEncryption::getState()
{
try {
}
}
-int InternalEncryption::verifyPassword(const std::string& password)
+int InternalEncryption::isPasswordCreated()
{
try {
- return context->methodCall<int>("InternalEncryption::verifyPassword",
+ return context->methodCall<int>("InternalEncryption::isPasswordCreated");
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int InternalEncryption::createPassword(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::createPassword",
+ password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int InternalEncryption::deletePassword(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::deletePassword",
password);
} catch (runtime::Exception& e) {
return -1;
}
}
+int InternalEncryption::verifyPassword(const std::string& password)
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::verifyPassword",
+ password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
int InternalEncryption::getState()
{
try {
return external.decrypt(password);
}
-int ode_external_encryption_verify_password(const char *password, int *result)
+int ode_external_encryption_is_password_created(bool *result)
{
- RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER);
ODEContext client;
RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
ExternalEncryption external = client.createInterface<ExternalEncryption>();
- int ret = external.verifyPassword(password);
+ int ret = external.isPasswordCreated();
RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER);
return ODE_ERROR_NONE;
}
+int ode_external_encryption_create_password(const char *password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+
+ return external.createPassword(password);
+}
+
+int ode_external_encryption_delete_password(const char *password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+
+ return external.deletePassword(password);
+}
+
int ode_external_encryption_change_password(const char* old_password,
const char* new_password)
{
return external.changePassword(old_password, new_password);
}
+int ode_external_encryption_verify_password(const char *password, int *result)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+ int ret = external.verifyPassword(password);
+
+ RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER);
+
+ *result = ret;
+ return ODE_ERROR_NONE;
+}
+
int ode_external_encryption_get_state(int* state)
{
RET_ON_FAILURE(state, ODE_ERROR_INVALID_PARAMETER);
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
- * @pre The password must matched with what used for encryption.
+ * @pre The password must match with what is set by
+ * ode_external_encryption_create_password().
* @see ode_external_encryption_encrypt()
* @see ode_external_encryption_umount()
*/
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
- * @pre The password must matched with what used for encryption.
+ * @pre The password must match with what is set by
+ * ode_external_encryption_create_password().
* @see ode_external_encryption_encrypt()
*/
ODE_API int ode_external_encryption_decrypt(const char* password);
/**
+ * @brief Checks whether the external encryption password was created
+ * @details Administrator can use this API to check if the password that
+ will be used for external storage encryption/decryption
+ exists.
+ * @since_tizen 3.0
+ * @param[out] result Whether encryption password was created
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_external_encryption_created_password()
+ * @see ode_external_encryption_delete_password()
+ */
+ODE_API int ode_external_encryption_is_password_created(bool* result);
+
+/**
+ * @brief Initialize external encryption password to given password
+ * @details Administrator can use this API to set new password that will be
+ used for external storage encryption/decryption.
+ * @since_tizen 3.0
+ * @param[in] password The password to set
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_external_encryption_change_password()
+ * @see ode_external_encryption_delete_password()
+ * @see ode_external_encryption_encrypt()
+ * @see ode_external_encryption_decrypt()
+ * @see ode_external_encryption_mount()
+ */
+ODE_API int ode_external_encryption_create_password(const char* password);
+
+/**
+ * @brief Remove external encryption password
+ * @details Administrator can use this API to delete password that was set
+ by ode_external_encryption_create_password().
+ * @since_tizen 3.0
+ * @param[in] password The password to delete
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED old_password doen't match
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must match with what is set by
+ * ode_external_encryption_create_password().
+ * @see ode_external_encryption_create_password()
+ */
+ODE_API int ode_external_encryption_delete_password(const char* password);
+
+/**
* @brief Change the password for external storage.
* @details Administrator can use this API to change password for external
* storage.
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
- * @pre The password must matched with what used for encryption.
+ * @pre The password must match with what is set by
+ * ode_external_encryption_create_password().
* @see ode_external_encryption_encrypt()
*/
ODE_API int ode_external_encryption_change_password(const char* old_password,
const char* new_password);
/**
+ * @brief Verify if given password is external encryption password.
+ * @details Administrator can use this API to find if a password is used
+ by external encryption
+ * @since_tizen 3.0
+ * @param[out] password The password to be verified
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must match with what is set by
+ * ode_external_encryption_create_password().
+ * @see ode_external_encryption_encrypt()
+ */
+ODE_API int ode_external_encryption_verify_password(const char *password);
+
+/**
* @brief Get current encryption state of external storage.
* @details Administrator can use this API to get current encryption state
* of external storage.
ODE_API int ode_external_encryption_get_supported_options(unsigned int* options);
/**
- * @brief Verify if given password is external encryption password.
- * @details Administrator can use this API to find if a password is used
- by external encryption
- * @since_tizen 3.0
- * @param[out] password The password to be verified
- * @return #ODE_ERROR_NONE on success, otherwise a negative value
- * @retval #ODE_ERROR_NONE Successful
- * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ODE_ERROR_TIMED_OUT Time out
- * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
- * the privilege to call this API
- * @see ode_external_encryption_encrypt()
- */
-ODE_API int ode_external_encryption_verify_password(const char *password);
-
-/**
* @}
*/
return internal.decrypt(password);
}
-int ode_internal_encryption_verify_password(const char *password, int *result)
+int ode_internal_encryption_is_password_created(int *result)
{
- RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER);
ODEContext client;
RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
InternalEncryption internal = client.createInterface<InternalEncryption>();
- int ret = internal.verifyPassword(password);
+ int ret = internal.isPasswordCreated();
RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER);
return ODE_ERROR_NONE;
}
+int ode_internal_encryption_create_password(const char *password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+
+ return internal.createPassword(password);
+}
+
+int ode_internal_encryption_delete_password(const char *password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+
+ return internal.deletePassword(password);
+}
+
int ode_internal_encryption_change_password(const char* old_password,
const char* new_password)
{
return internal.changePassword(old_password, new_password);
}
+int ode_internal_encryption_verify_password(const char *password, int *result)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+ RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+ int ret = internal.verifyPassword(password);
+
+ RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER);
+
+ *result = ret;
+ return ODE_ERROR_NONE;
+}
+
int ode_internal_encryption_get_state(int* state)
{
RET_ON_FAILURE(state, ODE_ERROR_INVALID_PARAMETER);
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
- * @pre The password must matched with what used for encryption.
+ * @pre The password must match with what is set by
+ * ode_internal_encryption_create_password().
* @see ode_internal_encryption_encrypt()
* @see ode_internal_encryption_umount()
*/
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* @retval #ODE_ERROR_NOT_SUPPORTED Given options are not supported
* the privilege to call this API
+ * @pre The password must match with what is set by
+ * ode_internal_encryption_create_password().
* @see ode_internal_encryption_mount()
* @see ode_internal_encryption_decrypt()
* @see ode_internal_encryption_get_supported_options()
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
- * @pre The password must matched with what used for encryption.
+ * @pre The password must match with what is set by
+ * ode_internal_encryption_create_password().
* @see ode_internal_encryption_encrypt()
*/
ODE_API int ode_internal_encryption_decrypt(const char* password);
/**
+ * @brief Checks whether the internal encryption password was created
+ * @details Administrator can use this API to check if the password that
+ will be used for internal storage encryption/decryption
+ exists.
+ * @since_tizen 3.0
+ * @param[out] result Whether encryption password was created
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_internal_encryption_created_password()
+ * @see ode_internal_encryption_delete_password()
+ */
+ODE_API int ode_internal_encryption_is_password_created(bool* result);
+
+/**
+ * @brief Initialize internal encryption password to given password
+ * @details Administrator can use this API to set new password that will be
+ used for internal storage encryption/decryption.
+ * @since_tizen 3.0
+ * @param[in] password The password to set
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_internal_encryption_change_password()
+ * @see ode_internal_encryption_delete_password()
+ * @see ode_internal_encryption_encrypt()
+ * @see ode_internal_encryption_decrypt()
+ * @see ode_internal_encryption_mount()
+ */
+ODE_API int ode_internal_encryption_create_password(const char* password);
+
+/**
+ * @brief Remove internal encryption password
+ * @details Administrator can use this API to delete password that was set
+ by ode_internal_encryption_create_password().
+ * @since_tizen 3.0
+ * @param[in] password The password to delete
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED old_password doen't match
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must match with what is set by
+ * ode_internal_encryption_create_password().
+ * @see ode_internal_encryption_create_password()
+ */
+ODE_API int ode_internal_encryption_delete_password(const char* password);
+
+/**
* @brief Change the password for internal storage.
* @details Administrator can use this API to change password for internal
* storage.
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
- * @pre The password must matched with what used for encryption.
- * @see ode_internal_encryption_encrypt()
+ * @pre Old password must match with what is set by
+ * ode_internal_encryption_create_password().
+ * @see ode_internal_encryption_create_password()
*/
ODE_API int ode_internal_encryption_change_password(const char* old_password,
const char* new_password);
/**
+ * @brief Verify if given password is internal encryption password.
+ * @details Administrator can use this API to find if a password is used
+ by internal encryption
+ * @since_tizen 3.0
+ * @param[out] password The password to be verified
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password must match with what is set by
+ * ode_internal_encryption_create_password().
+ * @see ode_internal_encryption_create_password()
+ * @see ode_internal_encryption_change_password()
+ */
+ODE_API int ode_internal_encryption_verify_password(const char *password);
+
+/**
* @brief Get current encryption state of internal storage.
* @details Administrator can use this API to get current encryption state
* of internal storage.
*/
ODE_API int ode_internal_encryption_get_supported_options(unsigned int* options);
-/**
- * @brief Verify if given password is internal encryption password.
- * @details Administrator can use this API to find if a password is used
- by internal encryption
- * @since_tizen 3.0
- * @param[out] password The password to be verified
- * @return #ODE_ERROR_NONE on success, otherwise a negative value
- * @retval #ODE_ERROR_NONE Successful
- * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
- * @retval #ODE_ERROR_TIMED_OUT Time out
- * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
- * the privilege to call this API
- * @see ode_internal_encryption_encrypt()
- */
-ODE_API int ode_internal_encryption_verify_password(const char *password);
-
/*
* @}
*/
int encrypt(const std::string& password, unsigned int options);
int decrypt(const std::string& password);
- int verifyPassword(const std::string& password);
+ int isPasswordCreated();
+ int createPassword(const std::string& password);
+ int deletePassword(const std::string& password);
int changePassword(const std::string& oldPW, const std::string& newPW);
+ int verifyPassword(const std::string& password);
enum State {
Unencrypted = 0x00,
int encrypt(const std::string& password, unsigned int options);
int decrypt(const std::string& password);
- int verifyPassword(const std::string& password);
+ int isPasswordCreated();
+ int createPassword(const std::string& password);
+ int deletePassword(const std::string& password);
int changePassword(const std::string& oldPW, const std::string& newPW);
+ int verifyPassword(const std::string& password);
enum State {
Unencrypted = 0x00,
destroyCryptoBlkDev(DM_LABEL);
}
+bool DMCryptEngine::isKeyMetaCreated()
+{
+ return FileFooter::exist(source);
+}
+
const DMCryptEngine::data DMCryptEngine::getKeyMeta()
{
return FileFooter::read(source);
FileFooter::write(source, meta);
}
+void DMCryptEngine::clearKeyMeta()
+{
+ FileFooter::clear(source);
+}
+
unsigned int DMCryptEngine::getSupportedOptions()
{
return OPTION_INCLUDE_UNUSED_REGION;
void encrypt(const data &key, unsigned int options);
void decrypt(const data &key, unsigned int options);
+ bool isKeyMetaCreated();
const data getKeyMeta();
void setKeyMeta(const data &data);
+ void clearKeyMeta();
unsigned int getSupportedOptions();
progress.done();
}
+bool EcryptfsEngine::isKeyMetaCreated()
+{
+ return FileFooter::exist(source);
+}
+
const EcryptfsEngine::data EcryptfsEngine::getKeyMeta()
{
return FileFooter::read(source);
FileFooter::write(source, meta);
}
+void EcryptfsEngine::clearKeyMeta()
+{
+ FileFooter::clear(source);
+}
+
unsigned int EcryptfsEngine::getSupportedOptions()
{
return SUPPORTED_OPTIONS;
void encrypt(const data& key, unsigned int);
void decrypt(const data& key, unsigned int);
+ bool isKeyMetaCreated();
const data getKeyMeta();
void setKeyMeta(const data &data);
+ void clearKeyMeta();
unsigned int getSupportedOptions();
::remove(secondMountPoint.c_str());
}
+bool Ext4Engine::isKeyMetaCreated()
+{
+ return FileFooter::exist(source);
+}
+
const Ext4Engine::data Ext4Engine::getKeyMeta()
{
return FileFooter::read(source);
FileFooter::write(source, data);
}
+void Ext4Engine::clearKeyMeta()
+{
+ FileFooter::clear(source);
+}
+
unsigned int Ext4Engine::getSupportedOptions()
{
return 0;
void encrypt(const data &key, unsigned int options);
void decrypt(const data &key, unsigned int options);
+ bool isKeyMetaCreated();
const data getKeyMeta();
void setKeyMeta(const data &data);
+ void clearKeyMeta();
unsigned int getSupportedOptions();
// TODO
// Password Popup
// std::string pw = "tizen";
-// KeyManager::data pwData(pw.begin(), pw.end());
-// engine.mount(keyManager.getDEK(pwData));
+// KeyManager::data data(pw.begin(), pw.end());
+// engine.mount(keyManager.getDEK(data));
}
}
context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::umount));
context.registerParametricMethod(this, "", (int)(ExternalEncryption::encrypt)(std::string, unsigned int));
context.registerParametricMethod(this, "", (int)(ExternalEncryption::decrypt)(std::string));
+ context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::isPasswordCreated));
+ context.registerParametricMethod(this, "", (int)(ExternalEncryption::createPassword)(std::string));
+ context.registerParametricMethod(this, "", (int)(ExternalEncryption::deletePassword)(std::string));
context.registerParametricMethod(this, "", (int)(ExternalEncryption::changePassword)(std::string, std::string));
+ context.registerParametricMethod(this, "", (int)(ExternalEncryption::verifyPassword)(std::string));
context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::getState));
context.registerNonparametricMethod(this, "", (unsigned int)(ExternalEncryption::getSupportedOptions));
int ExternalEncryption::mount(const std::string &password)
{
- KeyManager::data pwData(password.begin(), password.end());
+ KeyManager::data data(password.begin(), password.end());
KeyManager keyManager(engine.getKeyMeta());
- if (!keyManager.verifyPassword(pwData)) {
+ if (!keyManager.verifyPassword(data)) {
return -2;
}
- engine.mount(keyManager.getMasterKey(pwData), getOptions());
+ engine.mount(keyManager.getMasterKey(data), getOptions());
return 0;
}
int ExternalEncryption::encrypt(const std::string &password, unsigned int options)
{
KeyManager::data pwData(password.begin(), password.end());
- KeyManager keyManager;
+ KeyManager keyManager(engine.getKeyMeta());
- keyManager.initPassword(pwData);
- engine.setKeyMeta(keyManager.serialize());
+ if (!keyManager.verifyPassword(pwData)) {
+ return -2;
+ }
KeyManager::data MasterKey = keyManager.getMasterKey(pwData);
auto encryptWorker = [&MasterKey, options, this]() {
return 0;
}
-int ExternalEncryption::verifyPassword(const std::string& password)
+int ExternalEncryption::isPasswordCreated()
+{
+ if (engine.isKeyMetaCreated()) {
+ return 1;
+ }
+ return 0;
+}
+
+
+int ExternalEncryption::createPassword(const std::string& password)
{
- KeyManager::data data(password.begin(), password.end());
- KeyManager keyManager(engine.getKeyMeta());
+ KeyManager::data pwData(password.begin(), password.end());
+ KeyManager keyManager;
- if (!keyManager.verifyPassword(data)) {
- return 1;
- }
- return 0;
+ if (engine.isKeyMetaCreated()) {
+ return -2;
+ }
+
+ keyManager.initPassword(pwData);
+ engine.setKeyMeta(keyManager.serialize());
+ return 0;
+}
+
+int ExternalEncryption::deletePassword(const std::string& password)
+{
+ KeyManager::data pwData(password.begin(), password.end());
+ KeyManager keyManager(engine.getKeyMeta());
+
+ if (!keyManager.verifyPassword(pwData)) {
+ return -2;
+ }
+
+ engine.clearKeyMeta();
+ return 0;
}
int ExternalEncryption::changePassword(const std::string &oldPassword,
return 0;
}
+int ExternalEncryption::verifyPassword(const std::string& password)
+{
+ KeyManager::data pwData(password.begin(), password.end());
+ KeyManager keyManager(engine.getKeyMeta());
+
+ if (!keyManager.verifyPassword(pwData)) {
+ return 1;
+ }
+ return 0;
+}
+
+
+
int ExternalEncryption::getState()
{
char *value = ::vconf_get_str(EXTERNAL_STATE_VCONF_KEY);
} // namsepace
+bool FileFooter::exist(const std::string &key)
+{
+ std::string fileName(getFileName(key));
+
+ INFO("Footer file : " + fileName);
+
+ runtime::File file(fileName);
+
+ return file.exists();
+}
+
const FileFooter::data FileFooter::read(const std::string &key)
{
std::string fileName(getFileName(key));
file.write(value.data(), value.size());
}
+void FileFooter::clear(const std::string &key)
+{
+ std::string fileName(getFileName(key));
+
+ INFO("Footer file : " + fileName);
+
+ runtime::File file(fileName);
+
+ file.remove();
+}
+
} // namespace ode
typedef std::vector<unsigned char> data;
+ static bool exist(const std::string &key);
static const data read(const std::string &key);
static void write(const std::string &key, const data &value);
+ static void clear(const std::string &key);
};
} // namespace ode
InternalEncryption::InternalEncryption(ODEControlContext& ctx) :
context(ctx)
{
- context.registerNonparametricMethod(this, "", (int)(InternalEncryption::getState));
- context.registerNonparametricMethod(this, "", (unsigned int)(InternalEncryption::getSupportedOptions));
context.registerParametricMethod(this, "", (int)(InternalEncryption::mount)(std::string));
context.registerNonparametricMethod(this, "", (int)(InternalEncryption::umount));
context.registerParametricMethod(this, "", (int)(InternalEncryption::encrypt)(std::string, unsigned int));
context.registerParametricMethod(this, "", (int)(InternalEncryption::decrypt)(std::string));
+ context.registerNonparametricMethod(this, "", (int)(InternalEncryption::isPasswordCreated));
+ context.registerParametricMethod(this, "", (int)(InternalEncryption::createPassword)(std::string));
+ context.registerParametricMethod(this, "", (int)(InternalEncryption::deletePassword)(std::string));
context.registerParametricMethod(this, "", (int)(InternalEncryption::changePassword)(std::string, std::string));
+ context.registerParametricMethod(this, "", (int)(InternalEncryption::verifyPassword)(std::string));
+ context.registerNonparametricMethod(this, "", (int)(InternalEncryption::getState));
+ context.registerNonparametricMethod(this, "", (unsigned int)(InternalEncryption::getSupportedOptions));
}
InternalEncryption::~InternalEncryption()
}
KeyManager::data pwData(password.begin(), password.end());
- KeyManager keyManager;
+ KeyManager keyManager(engine.getKeyMeta());
- keyManager.initPassword(pwData);
- engine.setKeyMeta(keyManager.serialize());
+ if (!keyManager.verifyPassword(pwData)) {
+ return -2;
+ }
KeyManager::data MasterKey = keyManager.getMasterKey(pwData);
auto encryptWorker = [&MasterKey, options, this]() {
return 0;
}
-int InternalEncryption::verifyPassword(const std::string& password)
+int InternalEncryption::isPasswordCreated()
{
- KeyManager::data data(password.begin(), password.end());
+ if (engine.isKeyMetaCreated()) {
+ return 1;
+ }
+ return 0;
+}
+
+int InternalEncryption::createPassword(const std::string& password)
+{
+ KeyManager::data pwData(password.begin(), password.end());
+ KeyManager keyManager;
+
+ if (engine.isKeyMetaCreated()) {
+ return -2;
+ }
+
+ keyManager.initPassword(pwData);
+ engine.setKeyMeta(keyManager.serialize());
+ return 0;
+}
+
+int InternalEncryption::deletePassword(const std::string& password)
+{
+ KeyManager::data pwData(password.begin(), password.end());
KeyManager keyManager(engine.getKeyMeta());
- if (keyManager.verifyPassword(data)) {
- return 1;
+ if (!keyManager.verifyPassword(pwData)) {
+ return -2;
}
+
+ engine.clearKeyMeta();
return 0;
}
return 0;
}
+int InternalEncryption::verifyPassword(const std::string& password)
+{
+ KeyManager::data pwData(password.begin(), password.end());
+ KeyManager keyManager(engine.getKeyMeta());
+
+ if (keyManager.verifyPassword(pwData)) {
+ return 1;
+ }
+ return 0;
+}
+
+
+
int InternalEncryption::getState()
{
char *value = ::vconf_get_str(INTERNAL_STATE_VCONF_KEY);
int ret;
if (name == "internal") {
- unsigned int options;
- ret = ode_internal_encryption_get_supported_options(&options);
- if (ret == 0) {
- char answer;
- if (options & ODE_OPTION_INTERNAL_INCLUDE_UNUSED_REGION) {
- std::cout << "Encrypt All (include unused region)? (y/n) ";
- std::cin >> answer;
- if (answer != 'Y' && answer != 'y') {
- options &= ~ODE_OPTION_INTERNAL_INCLUDE_UNUSED_REGION;
- }
+ std::string password = getPassword();
+ ode_internal_encryption_create_password(password.c_str());
+
+ unsigned int options = 0;
+ ode_internal_encryption_get_supported_options(&options);
+
+ char answer;
+ if (options & ODE_OPTION_INTERNAL_INCLUDE_UNUSED_REGION) {
+ std::cout << "Encrypt All (include unused region)? (y/n) ";
+ std::cin >> answer;
+ if (answer != 'Y' && answer != 'y') {
+ options &= ~ODE_OPTION_INTERNAL_INCLUDE_UNUSED_REGION;
}
- std::string password = getPassword();
- ret = ode_internal_encryption_encrypt(password.c_str(), options);
}
+ ret = ode_internal_encryption_encrypt(password.c_str(), options);
} else if (name == "external") {
+ std::string password = getPassword();
+ ode_external_encryption_create_password(password.c_str());
+
unsigned int options;
- ret = ode_external_encryption_get_supported_options(&options);
- if (ret == 0) {
- char answer;
- if (options & ODE_OPTION_EXTERNAL_ONLY_NEW_FILE) {
- std::cout << "Encrypt new files only? (y/n) ";
- std::cin >> answer;
- if (answer != 'Y' && answer != 'y') {
- options &= ~ODE_OPTION_EXTERNAL_ONLY_NEW_FILE;
- }
+ ode_external_encryption_get_supported_options(&options);
+
+ char answer;
+ if (options & ODE_OPTION_EXTERNAL_ONLY_NEW_FILE) {
+ std::cout << "Encrypt new files only? (y/n) ";
+ std::cin >> answer;
+ if (answer != 'Y' && answer != 'y') {
+ options &= ~ODE_OPTION_EXTERNAL_ONLY_NEW_FILE;
}
- if (options & ODE_OPTION_EXTERNAL_EXCEPT_FOR_MEDIA_FILE) {
- std::cout << "Encrypt non-media files only? (y/n) ";
- std::cin >> answer;
- if (answer != 'Y' && answer != 'y') {
- options &= ~ODE_OPTION_EXTERNAL_EXCEPT_FOR_MEDIA_FILE;
- }
+ }
+ if (options & ODE_OPTION_EXTERNAL_EXCEPT_FOR_MEDIA_FILE) {
+ std::cout << "Encrypt non-media files only? (y/n) ";
+ std::cin >> answer;
+ if (answer != 'Y' && answer != 'y') {
+ options &= ~ODE_OPTION_EXTERNAL_EXCEPT_FOR_MEDIA_FILE;
}
- std::string password = getPassword();
- ret = ode_external_encryption_encrypt(password.c_str(), options);
}
+ ret = ode_external_encryption_encrypt(password.c_str(), options);
} else {
printSelectableStorage();
return -1;
if (name == "internal") {
std::string password = getPassword();
ret = ode_internal_encryption_decrypt(password.c_str());
+ ode_internal_encryption_delete_password(password.c_str());
} else if (name == "external") {
std::string password = getPassword();
ret = ode_external_encryption_decrypt(password.c_str());
+ ode_external_encryption_delete_password(password.c_str());
} else {
printSelectableStorage();
return -1;
projects / platform / core / security / ode.git / commitdiff