{
}
-int ExtensionEncryption::mount(const std::string& password)
+int ExtensionEncryption::setMountPassword(const std::string& password)
{
try {
- return context->methodCall<int>("ExtensionEncryption::mount", password);
+ return context->methodCall<int>("ExtensionEncryption::setMountPassword", password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int ExtensionEncryption::mount()
+{
+ try {
+ return context->methodCall<int>("ExtensionEncryption::mount");
} catch (runtime::Exception& e) {
return -1;
}
using namespace ode;
-int ode_extension_encryption_mount(const char* password)
+int ode_extension_encryption_set_mount_password(const char* password)
+{
+ RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
+
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExtensionEncryption extension = client.createInterface<ExtensionEncryption>();
+
+ return extension.setMountPassword(password);
+}
+
+int ode_extension_encryption_mount()
{
ODEContext client;
RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
ExtensionEncryption extension = client.createInterface<ExtensionEncryption>();
- return extension.mount(password);
+ return extension.mount();
}
int ode_extension_encryption_umount()
#endif
/**
- * @brief Mount extension storage encrypted with a given password
+ * @brief Set a password to be used by mount of encrypted extension storage
+ * @details Administrator can use this API to set a password for encrypted
+ * extension mount.
+ * @since_tizen 4.0
+ * @param[in] password The password to mount extension storage
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_KEY_REJECTED Password doen't match
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre The password set before must match with what is set by
+ * ode_extension_encryption_init_password().
+ * @see ode_extension_encryption_init_password()
+ * @see ode_extension_encryption_mount()
+ */
+ODE_API int ode_extension_encryption_set_mount_password(const char* password);
+
+/**
+ * @brief Mount encrypted extension storage
* @details Administrator can use this API to mount encrypted extension
* storage.
* @since_tizen 4.0
* @retval #ODE_ERROR_NONE Successful
* @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #ODE_ERROR_TIMED_OUT Time out
- * @retval #ODE_ERROR_KEY_REJECTED Password doesn't match
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
- * @pre The password must match with what is set by
- * ode_extension_encryption_init_password().
- * @see ode_extension_encryption_init_password()
+ * @pre A password must be set by
+ * ode_extension_encryption_set_mount_password().
+ * @see ode_extension_encryption_set_mount_password()
* @see ode_extension_encryption_umount()
*/
-ODE_API int ode_extension_encryption_mount(const char* password);
+ODE_API int ode_extension_encryption_mount();
/**
* @brief Umount extension storage
* @return #ODE_ERROR_NONE on success, otherwise a negative value
* @retval #ODE_ERROR_NONE Successful
* @retval #ODE_ERROR_TIMED_OUT Time out
- * the privilege to call this API
* @see ode_extension_encryption_mount()
* @see ode_extension_encryption_set_mount_event_cb()
*/
ExtensionEncryption(ODEControlContext& ctxt);
~ExtensionEncryption();
- int mount(const std::string& password);
+ int setMountPassword(const std::string& password);
+
+ int mount();
int umount();
int format(const std::string& password);
const char *STORAGED_DBUS_INTERFACE = "org.tizen.system.storage.BlockManager";
std::unique_ptr<EXTENSION_ENGINE> engine;
+KeyManager::data mountKey;
std::mutex apiGuard;
std::mutex stateGuard;
context(ctx),
currentReq(Request::NONE)
{
- context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::mount)(std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::setMountPassword)(std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::mount)());
context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::umount)());
context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::format)(std::string));
context.expose(this, "", (int)(ExtensionEncryption::isPasswordInitialized)());
unsubscribeFromStoraged();
}
-int ExtensionEncryption::mount(const std::string& password)
+int ExtensionEncryption::setMountPassword(const std::string& password)
{
std::lock_guard<std::mutex> guardLock(apiGuard);
- std::unique_lock<std::mutex> stateLock(stateGuard);
-
- if (getStatePriv() != State::Encrypted) {
- ERROR(SINK, "Cannot mount, card not inserted or corrupted");
- return -1;
- }
KeyManager::data pwData(password.begin(), password.end());
KeyManager keyManager(engine->getKeyMeta());
return -2;
}
+ mountKey = keyManager.getMasterKey(pwData);
+
+ return 0;
+}
+
+int ExtensionEncryption::mount()
+{
+ std::lock_guard<std::mutex> guardLock(apiGuard);
+ std::unique_lock<std::mutex> stateLock(stateGuard);
+
+ if (getStatePriv() != State::Encrypted) {
+ ERROR(SINK, "Cannot mount, card not inserted or corrupted");
+ return -1;
+ }
+
if (isMounted()) {
INFO(SINK, "Already mounted");
return 0;
}
- KeyManager::data mountKey = keyManager.getMasterKey(pwData);
INFO(SINK, "Mount extension storage...");
try {
INFO(SINK, "Open the MAP of an extension storage...");
engine->open(CryptsetupEngine::DeviceType::LUKS, EXTENSION_NAME, mountKey);
+ mountKey.clear();
} catch (runtime::Exception &e) {
ERROR(SINK, "Open failed: " + std::string(e.what()));
return -3;
}
} else if (name == "extension") {
std::string password = getPassword();
- ret = ode_extension_encryption_mount(password.c_str());
+ ret = ode_extension_encryption_set_mount_password(password.c_str());
+ if (ret == 0) {
+ ret = ode_extension_encryption_mount();
+ } else {
+ std::cerr << "Password setting failed" << std::endl;
+ }
} else {
printSelectableStorage();
return -1;