{
}
-int ExternalEncryption::mount(const std::string& password)
+int ExternalEncryption::setMountPassword(const std::string& password)
{
try {
- return context->methodCall<int>("ExternalEncryption::mount", password);
+ return context->methodCall<int>("ExternalEncryption::setMountPassword", password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int ExternalEncryption::mount()
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::mount");
} catch (runtime::Exception& e) {
return -1;
}
{
}
-int InternalEncryption::mount(const std::string& password)
+int InternalEncryption::setMountPassword(const std::string& password)
{
try {
- return context->methodCall<int>("InternalEncryption::mount", password);
+ return context->methodCall<int>("InternalEncryption::setMountPassword", password);
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
+int InternalEncryption::mount()
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::mount");
} catch (runtime::Exception& e) {
return -1;
}
ODE_ERROR_FILE_EXISTS = TIZEN_ERROR_FILE_EXISTS, /**< File exists */
ODE_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */
ODE_ERROR_NOT_PERMITTED = TIZEN_ERROR_NOT_PERMITTED, /**< Operation is not permitted */
- ODE_ERROR_KEY_REJECTED = TIZEN_ERROR_KEY_REJECTED /**< Passwor is rejected */
+ ODE_ERROR_KEY_REJECTED = TIZEN_ERROR_KEY_REJECTED, /**< Passwor is rejected */
+ ODE_ERROR_NO_DATA = TIZEN_ERROR_NO_DATA /**< No Data */
} ode_error_type_e;
/*
using namespace ode;
-int ode_external_encryption_mount(const char* password)
+int ode_external_encryption_set_mount_password(const char* password)
{
RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
ExternalEncryption external = client.createInterface<ExternalEncryption>();
- return external.mount(password);
+ return external.setMountPassword(password);
+}
+
+int ode_external_encryption_mount()
+{
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+
+ return external.mount();
}
int ode_external_encryption_umount()
#endif
/**
- * @brief Mount external storage with encryption by given password.
- * @details Administrator can use this API to mount encrypted external
- * storage.
+ * @brief Set a password to be used by mount of encrypted external storage
+ * @details Administrator can use this API to set a password for external
+ * mount external storage with encryption.
* @since_tizen 3.0
* @param[in] password The password to mount external storage
* @return #ODE_ERROR_NONE on success, otherwise a negative value
* @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #ODE_ERROR_TIMED_OUT Time out
* @retval #ODE_ERROR_KEY_REJECTED Password doen't match
- * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
* @pre The password must match with what is set by
* ode_external_encryption_init_password().
- * @see ode_external_encryption_encrypt()
+ * @see ode_external_encryption_init_password()
+ * @see ode_external_encryption_mount()
+ */
+ODE_API int ode_external_encryption_set_mount_password(const char* password);
+
+/**
+ * @brief Mount external storage with encryption
+ * @details Administrator can use this API to mount encrypted external
+ * storage.
+ * @since_tizen 3.0
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NO_DATA Password isn't set
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre A password must be set by
+ * ode_external_encryption_set_mount_password().
+ * @see ode_external_encryption_set_mount_password()
* @see ode_external_encryption_umount()
*/
-ODE_API int ode_external_encryption_mount(const char* password);
+ODE_API int ode_external_encryption_mount();
/**
* @brief Umount external storage
using namespace ode;
-int ode_internal_encryption_mount(const char* password)
+int ode_internal_encryption_set_mount_password(const char* password)
{
RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER);
RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
InternalEncryption internal = client.createInterface<InternalEncryption>();
- return internal.mount(password);
+ return internal.setMountPassword(password);
+}
+
+int ode_internal_encryption_mount()
+{
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+
+ return internal.mount();
}
int ode_internal_encryption_umount()
#endif
/**
- * @brief Mount internal storage with encryption by given password.
- * @details Administrator can use this API to mount encrypted internal
- * storage.
+ * @brief Set a password to be used by mount of encrypted internal storage
+ * @details Administrator can use this API to set a password for internal
+ * mount internal storage with encryption.
* @since_tizen 3.0
* @param[in] password The password to mount internal storage
* @return #ODE_ERROR_NONE on success, otherwise a negative value
* @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #ODE_ERROR_TIMED_OUT Time out
* @retval #ODE_ERROR_KEY_REJECTED Password doen't match
- * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
- * @pre The password must match with what is set by
+ * @pre The password set before must match with what is set by
* ode_internal_encryption_init_password().
- * @see ode_internal_encryption_encrypt()
+ * @see ode_internal_encryption_init_password()
+ * @see ode_internal_encryption_mount()
+ */
+ODE_API int ode_internal_encryption_set_mount_password(const char* password);
+
+/**
+ * @brief Mount internal storage with encryption
+ * @details Administrator can use this API to mount encrypted internal
+ * storage.
+ * @since_tizen 3.0
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NO_DATA Password isn't set
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @pre A password must be set by
+ * ode_internal_encryption_set_mount_password().
+ * @see ode_internal_encryption_set_mount_password()
* @see ode_internal_encryption_umount()
*/
-ODE_API int ode_internal_encryption_mount(const char* password);
+ODE_API int ode_internal_encryption_mount();
/**
* @brief Umount internal storage
ExternalEncryption(ODEControlContext& ctxt);
~ExternalEncryption();
- unsigned int getSupportedOptions();
+ int setMountPassword(const std::string& password);
- int mount(const std::string& password);
+ int mount();
int umount();
int encrypt(const std::string& password, unsigned int options);
ExceptForMediaFile = 1 << 1,
};
+ unsigned int getSupportedOptions();
+
private:
ODEControlContext& context;
};
InternalEncryption(ODEControlContext& ctxt);
~InternalEncryption();
- int mount(const std::string& password);
+ int setMountPassword(const std::string& password);
+
+ int mount();
int umount();
int encrypt(const std::string& password, unsigned int options);
namespace {
std::unique_ptr<EXTERNAL_ENGINE> engine;
+KeyManager::data mountKey;
void killDependedApplications()
{
ExternalEncryption::ExternalEncryption(ODEControlContext &ctx) :
context(ctx)
{
- context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::mount)(std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::setMountPassword)(std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::mount)());
context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::umount)());
context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::encrypt)(std::string, unsigned int));
context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::decrypt)(std::string));
{
}
-int ExternalEncryption::mount(const std::string &password)
+
+int ExternalEncryption::setMountPassword(const std::string& password)
{
- if (getState() != State::Encrypted) {
- return -1;
+ KeyManager::data pwData(password.begin(), password.end());
+ KeyManager keyManager(engine->getKeyMeta());
+ if (!keyManager.verifyPassword(pwData)) {
+ return -2;
}
- KeyManager::data data(password.begin(), password.end());
- KeyManager keyManager(engine->getKeyMeta());
+ ode::mountKey = keyManager.getMasterKey(pwData);
- if (!keyManager.verifyPassword(data)) {
- return -2;
+ return 0;
+}
+
+int ExternalEncryption::mount()
+{
+ if (getState() != State::Encrypted) {
+ return -1;
}
if (engine->isMounted()) {
return 0;
}
- engine->mount(keyManager.getMasterKey(data), getOptions());
+ engine->mount(mountKey, getOptions());
+ mountKey.clear();
+
context.notify("ExternalEncryption::mount");
return 0;
namespace {
std::unique_ptr<INTERNAL_ENGINE> engine;
+KeyManager::data mountKey;
void stopSystemdUserSessions() {
std::vector<std::string> userSessionServices;
InternalEncryption::InternalEncryption(ODEControlContext& ctx) :
context(ctx)
{
- context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::mount)(std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::setMountPassword)(std::string));
+ context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::mount)());
context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::umount)());
context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::encrypt)(std::string, unsigned int));
context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::decrypt)(std::string));
{
}
-int InternalEncryption::mount(const std::string& password)
+int InternalEncryption::setMountPassword(const std::string& password)
{
- if (getState() != State::Encrypted) {
- return -1;
- }
-
KeyManager::data pwData(password.begin(), password.end());
KeyManager keyManager(engine->getKeyMeta());
-
if (!keyManager.verifyPassword(pwData)) {
return -2;
}
+ ode::mountKey = keyManager.getMasterKey(pwData);
+
+ return 0;
+}
+
+int InternalEncryption::mount()
+{
+ if (getState() != State::Encrypted) {
+ return -1;
+ }
+
if (engine->isMounted()) {
INFO("Already mounted");
return 0;
}
- engine->mount(keyManager.getMasterKey(pwData), getOptions());
+ engine->mount(mountKey, getOptions());
+ mountKey.clear();
+
context.notify("InternalEncryption::mount");
return 0;
ode_internal_encryption_verify_password(key, &result);
if (result) {
dlog_print(DLOG_ERROR, LOG_TAG, "Correct password.");
- ode_internal_encryption_mount(key);
+ ode_internal_encryption_set_mount_password(key);
+ ode_internal_encryption_mount();
exit(0);
} else {
dlog_print(DLOG_ERROR, LOG_TAG, "Incorrect password.");
}
break;
case INSERT_SD_CARD:
- ret = ode_external_encryption_mount(data->entry_data);
+ ret = ode_external_encryption_set_mount_password(data->entry_data);
+ if (ret != ODE_ERROR_NONE) {
+ dlog_print(DLOG_ERROR, LOG_TAG, "failed to set mount password for external storage");
+ return;
+ }
+ ret = ode_external_encryption_mount();
if (ret != ODE_ERROR_NONE) {
dlog_print(DLOG_ERROR, LOG_TAG, "failed to mount external storage");
return;
if (name == "internal") {
std::string password = getPassword();
- ret = ode_internal_encryption_mount(password.c_str());
+ ret = ode_internal_encryption_set_mount_password(password.c_str());
+ if (ret == 0) {
+ ret = ode_internal_encryption_mount();
+ } else {
+ std::cerr << "Password setting failed" << std::endl;
+ }
} else if (name == "external") {
std::string password = getPassword();
- ret = ode_external_encryption_mount(password.c_str());
+ ret = ode_external_encryption_set_mount_password(password.c_str());
+ if (ret == 0) {
+ ret = ode_external_encryption_mount();
+ } else {
+ std::cerr << "Password setting failed" << std::endl;
+ }
} else {
printSelectableStorage();
return -1;
projects / platform / core / security / ode.git / commitdiff