From: Lukasz Pawelczyk Date: Mon, 18 Sep 2017 13:42:16 +0000 (+0200) Subject: Make headers in RMI define pure virtual interfaces X-Git-Tag: submit/tizen_4.0/20171018.042033~13 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=b2e52ffdf35cac0ac1fc28f9a927a56a374834c8;p=platform%2Fcore%2Fsecurity%2Fode.git Make headers in RMI define pure virtual interfaces - Define *Client and *Server variants as full classes with their own headers inheriting from RMI interfaces. Change-Id: I1aa479f1cdac86c63822d59589dd604ba5e2818f --- diff --git a/lib/extension-encryption.cpp b/lib/extension-encryption.cpp index b71fcb6..40c399a 100644 --- a/lib/extension-encryption.cpp +++ b/lib/extension-encryption.cpp @@ -13,110 +13,109 @@ * See the License for the specific language governing permissions and * limitations under the License */ -#include "rmi/extension-encryption.h" +#include "extension-encryption.h" namespace ode { -ExtensionEncryption::ExtensionEncryption(ODEControlContext& ctx) : - context(ctx), - currentReq(Request::NONE) +ExtensionEncryptionClient::ExtensionEncryptionClient(ODEControlContext& ctx) : + context(ctx) { } -ExtensionEncryption::~ExtensionEncryption() +ExtensionEncryptionClient::~ExtensionEncryptionClient() { } -int ExtensionEncryption::setMountPassword(const std::string& password) +int ExtensionEncryptionClient::setMountPassword(const std::string& password) { try { - return context->methodCall("ExtensionEncryption::setMountPassword", password); + return context->methodCall("ExtensionEncryptionServer::setMountPassword", password); } catch (runtime::Exception& e) { return -1; } } -int ExtensionEncryption::mount() +int ExtensionEncryptionClient::mount() { try { - return context->methodCall("ExtensionEncryption::mount"); + return context->methodCall("ExtensionEncryptionServer::mount"); } catch (runtime::Exception& e) { return -1; } } -int ExtensionEncryption::umount() +int ExtensionEncryptionClient::umount() { try { - return context->methodCall("ExtensionEncryption::umount"); + return context->methodCall("ExtensionEncryptionServer::umount"); } catch (runtime::Exception& e) { return -1; } } -int ExtensionEncryption::format(const std::string& password) +int ExtensionEncryptionClient::format(const std::string& password) { try { - return context->methodCall("ExtensionEncryption::format", password); + return context->methodCall("ExtensionEncryptionServer::format", password); } catch (runtime::Exception& e) { return -1; } } -int ExtensionEncryption::isPasswordInitialized() +int ExtensionEncryptionClient::isPasswordInitialized() { try { - return context->methodCall("ExtensionEncryption::isPasswordInitialized"); + return context->methodCall("ExtensionEncryptionServer::isPasswordInitialized"); } catch (runtime::Exception& e) { return -1; } } -int ExtensionEncryption::initPassword(const std::string& password) +int ExtensionEncryptionClient::initPassword(const std::string& password) { try { - return context->methodCall("ExtensionEncryption::initPassword", + return context->methodCall("ExtensionEncryptionServer::initPassword", password); } catch (runtime::Exception& e) { return -1; } } -int ExtensionEncryption::cleanPassword(const std::string& password) +int ExtensionEncryptionClient::cleanPassword(const std::string& password) { try { - return context->methodCall("ExtensionEncryption::cleanPassword", + return context->methodCall("ExtensionEncryptionServer::cleanPassword", password); } catch (runtime::Exception& e) { return -1; } } -int ExtensionEncryption::changePassword(const std::string& oldPassword, +int ExtensionEncryptionClient::changePassword(const std::string& oldPassword, const std::string& newPassword) { try { - return context->methodCall("ExtensionEncryption::changePassword", + return context->methodCall("ExtensionEncryptionServer::changePassword", oldPassword, newPassword); } catch (runtime::Exception& e) { return -1; } } -int ExtensionEncryption::verifyPassword(const std::string& password) +int ExtensionEncryptionClient::verifyPassword(const std::string& password) { try { - return context->methodCall("ExtensionEncryption::verifyPassword", + return context->methodCall("ExtensionEncryptionServer::verifyPassword", password); } catch (runtime::Exception& e) { return -1; } } -int ExtensionEncryption::getState() +int ExtensionEncryptionClient::getState() { try { - return context->methodCall("ExtensionEncryption::getState"); + return context->methodCall("ExtensionEncryptionServer::getState"); } catch (runtime::Exception& e) { return -1; } diff --git a/lib/extension-encryption.h b/lib/extension-encryption.h new file mode 100644 index 0000000..328f683 --- /dev/null +++ b/lib/extension-encryption.h @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#ifndef __EXTENSION_ENCRYPTION_CLIENT_H__ +#define __EXTENSION_ENCRYPTION_CLIENT_H__ + +#include + +#include "rmi/extension-encryption.h" +#include "context.h" + +namespace ode { + +class ExtensionEncryptionClient final: public ExtensionEncryption { +public: + ExtensionEncryptionClient(ODEControlContext& ctxt); + ~ExtensionEncryptionClient(); + + int setMountPassword(const std::string& password); + + int mount(); + int umount(); + + int format(const std::string& password); + + int isPasswordInitialized(); + int initPassword(const std::string& password); + int cleanPassword(const std::string& password); + int changePassword(const std::string& oldPW, const std::string& newPW); + int verifyPassword(const std::string& password); + + int getState(); + +private: + ODEControlContext& context; +}; + +} // namespace ode + +#endif // __EXTENSION_ENCRYPTION_CLIENT_H__ diff --git a/lib/external-encryption.cpp b/lib/external-encryption.cpp index 5fcb4af..08b89cd 100644 --- a/lib/external-encryption.cpp +++ b/lib/external-encryption.cpp @@ -13,136 +13,136 @@ * See the License for the specific language governing permissions and * limitations under the License */ -#include "rmi/external-encryption.h" +#include "external-encryption.h" namespace ode { -ExternalEncryption::ExternalEncryption(ODEControlContext& ctx) : +ExternalEncryptionClient::ExternalEncryptionClient(ODEControlContext& ctx) : context(ctx) { } -ExternalEncryption::~ExternalEncryption() +ExternalEncryptionClient::~ExternalEncryptionClient() { } -int ExternalEncryption::setMountPassword(const std::string& password) +int ExternalEncryptionClient::setMountPassword(const std::string& password) { try { - return context->methodCall("ExternalEncryption::setMountPassword", password); + return context->methodCall("ExternalEncryptionServer::setMountPassword", password); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::mount() +int ExternalEncryptionClient::mount() { try { - return context->methodCall("ExternalEncryption::mount"); + return context->methodCall("ExternalEncryptionServer::mount"); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::umount() +int ExternalEncryptionClient::umount() { try { - return context->methodCall("ExternalEncryption::umount"); + return context->methodCall("ExternalEncryptionServer::umount"); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::encrypt(const std::string& password, unsigned int options) +int ExternalEncryptionClient::encrypt(const std::string& password, unsigned int options) { try { - return context->methodCall("ExternalEncryption::encrypt", password, options); + return context->methodCall("ExternalEncryptionServer::encrypt", password, options); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::decrypt(const std::string& password) +int ExternalEncryptionClient::decrypt(const std::string& password) { try { - return context->methodCall("ExternalEncryption::decrypt", password); + return context->methodCall("ExternalEncryptionServer::decrypt", password); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::recovery() +int ExternalEncryptionClient::recovery() { try { - return context->methodCall("ExternalEncryption::recovery"); + return context->methodCall("ExternalEncryptionServer::recovery"); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::isPasswordInitialized() +int ExternalEncryptionClient::isPasswordInitialized() { try { - return context->methodCall("ExternalEncryption::isPasswordInitialized"); + return context->methodCall("ExternalEncryptionServer::isPasswordInitialized"); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::initPassword(const std::string& password) +int ExternalEncryptionClient::initPassword(const std::string& password) { try { - return context->methodCall("ExternalEncryption::initPassword", + return context->methodCall("ExternalEncryptionServer::initPassword", password); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::cleanPassword(const std::string& password) +int ExternalEncryptionClient::cleanPassword(const std::string& password) { try { - return context->methodCall("ExternalEncryption::cleanPassword", + return context->methodCall("ExternalEncryptionServer::cleanPassword", password); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::changePassword(const std::string& oldPassword, +int ExternalEncryptionClient::changePassword(const std::string& oldPassword, const std::string& newPassword) { try { - return context->methodCall("ExternalEncryption::changePassword", + return context->methodCall("ExternalEncryptionServer::changePassword", oldPassword, newPassword); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::verifyPassword(const std::string& password) +int ExternalEncryptionClient::verifyPassword(const std::string& password) { try { - return context->methodCall("ExternalEncryption::verifyPassword", + return context->methodCall("ExternalEncryptionServer::verifyPassword", password); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::getState() +int ExternalEncryptionClient::getState() { try { - return context->methodCall("ExternalEncryption::getState"); + return context->methodCall("ExternalEncryptionServer::getState"); } catch (runtime::Exception& e) { return -1; } } -unsigned int ExternalEncryption::getSupportedOptions() +unsigned int ExternalEncryptionClient::getSupportedOptions() { try { - return context->methodCall("ExternalEncryption::getSupportedOptions"); + return context->methodCall("ExternalEncryptionServer::getSupportedOptions"); } catch (runtime::Exception& e) { return -1; } diff --git a/lib/external-encryption.h b/lib/external-encryption.h new file mode 100644 index 0000000..4149351 --- /dev/null +++ b/lib/external-encryption.h @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#ifndef __EXTERNAL_ENCRYPTION_CLIENT_H__ +#define __EXTERNAL_ENCRYPTION_CLIENT_H__ + +#include + +#include "rmi/extension-encryption.h" +#include "context.h" + +namespace ode { + +class ExternalEncryptionClient { +public: + ExternalEncryptionClient(ODEControlContext& ctxt); + ~ExternalEncryptionClient(); + + int setMountPassword(const std::string& password); + + int mount(); + int umount(); + + int encrypt(const std::string& password, unsigned int options); + int decrypt(const std::string& password); + + int recovery(); + + int isPasswordInitialized(); + int initPassword(const std::string& password); + int cleanPassword(const std::string& password); + int changePassword(const std::string& oldPW, const std::string& newPW); + int verifyPassword(const std::string& password); + + int getState(); + + unsigned int getSupportedOptions(); + +private: + ODEControlContext& context; +}; + +} // namespace ode + +#endif // __EXTERNAL_ENCRYPTION_CLIENT_H__ diff --git a/lib/internal-encryption.cpp b/lib/internal-encryption.cpp index 7b5aed1..77d556a 100644 --- a/lib/internal-encryption.cpp +++ b/lib/internal-encryption.cpp @@ -13,136 +13,136 @@ * See the License for the specific language governing permissions and * limitations under the License */ -#include "rmi/internal-encryption.h" +#include "internal-encryption.h" namespace ode { -InternalEncryption::InternalEncryption(ODEControlContext& ctx) : +InternalEncryptionClient::InternalEncryptionClient(ODEControlContext& ctx) : context(ctx) { } -InternalEncryption::~InternalEncryption() +InternalEncryptionClient::~InternalEncryptionClient() { } -int InternalEncryption::setMountPassword(const std::string& password) +int InternalEncryptionClient::setMountPassword(const std::string& password) { try { - return context->methodCall("InternalEncryption::setMountPassword", password); + return context->methodCall("InternalEncryptionServer::setMountPassword", password); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::mount() +int InternalEncryptionClient::mount() { try { - return context->methodCall("InternalEncryption::mount"); + return context->methodCall("InternalEncryptionServer::mount"); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::umount() +int InternalEncryptionClient::umount() { try { - return context->methodCall("InternalEncryption::umount"); + return context->methodCall("InternalEncryptionServer::umount"); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::encrypt(const std::string& password, unsigned int options) +int InternalEncryptionClient::encrypt(const std::string& password, unsigned int options) { try { - return context->methodCall("InternalEncryption::encrypt", password, options); + return context->methodCall("InternalEncryptionServer::encrypt", password, options); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::decrypt(const std::string& password) +int InternalEncryptionClient::decrypt(const std::string& password) { try { - return context->methodCall("InternalEncryption::decrypt", password); + return context->methodCall("InternalEncryptionServer::decrypt", password); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::recovery() +int InternalEncryptionClient::recovery() { try { - return context->methodCall("InternalEncryption::recovery"); + return context->methodCall("InternalEncryptionServer::recovery"); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::isPasswordInitialized() +int InternalEncryptionClient::isPasswordInitialized() { try { - return context->methodCall("InternalEncryption::isPasswordInitialized"); + return context->methodCall("InternalEncryptionServer::isPasswordInitialized"); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::initPassword(const std::string& password) +int InternalEncryptionClient::initPassword(const std::string& password) { try { - return context->methodCall("InternalEncryption::initPassword", + return context->methodCall("InternalEncryptionServer::initPassword", password); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::cleanPassword(const std::string& password) +int InternalEncryptionClient::cleanPassword(const std::string& password) { try { - return context->methodCall("InternalEncryption::cleanPassword", + return context->methodCall("InternalEncryptionServer::cleanPassword", password); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::changePassword(const std::string& oldPassword, +int InternalEncryptionClient::changePassword(const std::string& oldPassword, const std::string& newPassword) { try { - return context->methodCall("InternalEncryption::changePassword", + return context->methodCall("InternalEncryptionServer::changePassword", oldPassword, newPassword); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::verifyPassword(const std::string& password) +int InternalEncryptionClient::verifyPassword(const std::string& password) { try { - return context->methodCall("InternalEncryption::verifyPassword", + return context->methodCall("InternalEncryptionServer::verifyPassword", password); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::getState() +int InternalEncryptionClient::getState() { try { - return context->methodCall("InternalEncryption::getState"); + return context->methodCall("InternalEncryptionServer::getState"); } catch (runtime::Exception& e) { return -1; } } -unsigned int InternalEncryption::getSupportedOptions() +unsigned int InternalEncryptionClient::getSupportedOptions() { try { - return context->methodCall("InternalEncryption::getSupportedOptions"); + return context->methodCall("InternalEncryptionServer::getSupportedOptions"); } catch (runtime::Exception& e) { return -1; } diff --git a/lib/internal-encryption.h b/lib/internal-encryption.h new file mode 100644 index 0000000..1cff276 --- /dev/null +++ b/lib/internal-encryption.h @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#ifndef __INTERNAL_ENCRYPTION_CLIENT_H__ +#define __INTERNAL_ENCRYPTION_CLIENT_H__ + +#include + +#include "rmi/internal-encryption.h" +#include "context.h" + +namespace ode { + +class InternalEncryptionClient final: public InternalEncryption { +public: + InternalEncryptionClient(ODEControlContext& ctxt); + ~InternalEncryptionClient(); + + int setMountPassword(const std::string& password); + + int mount(); + int umount(); + + int encrypt(const std::string& password, unsigned int options); + int decrypt(const std::string& password); + + int recovery(); + + int isPasswordInitialized(); + int initPassword(const std::string& password); + int cleanPassword(const std::string& password); + int changePassword(const std::string& oldPW, const std::string& newPW); + int verifyPassword(const std::string& password); + + int getState(); + + unsigned int getSupportedOptions(); + +private: + ODEControlContext& context; +}; + +} // namespace ode + +#endif // __INTERNAL_ENCRYPTION_CLIENT_H__ diff --git a/lib/ode/extension-encryption.cpp b/lib/ode/extension-encryption.cpp index 65a091e..abaf4c5 100644 --- a/lib/ode/extension-encryption.cpp +++ b/lib/ode/extension-encryption.cpp @@ -18,7 +18,7 @@ #include "extension-encryption.h" #include "client.h" -#include "rmi/extension-encryption.h" +#include "lib/extension-encryption.h" using namespace ode; @@ -28,7 +28,7 @@ int ode_extension_encryption_set_mount_password(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); return extension.setMountPassword(password); } @@ -37,7 +37,7 @@ int ode_extension_encryption_mount() { ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); return extension.mount(); } @@ -46,7 +46,7 @@ int ode_extension_encryption_umount() { ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); return extension.umount(); } @@ -57,7 +57,7 @@ int ode_extension_encryption_format(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); return extension.format(password); } @@ -68,7 +68,7 @@ int ode_extension_encryption_is_password_initialized(bool* result) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); int ret = extension.isPasswordInitialized(); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); @@ -83,7 +83,7 @@ int ode_extension_encryption_init_password(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); return extension.initPassword(password); } @@ -94,7 +94,7 @@ int ode_extension_encryption_clean_password(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); return extension.cleanPassword(password); } @@ -107,7 +107,7 @@ int ode_extension_encryption_change_password(const char* old_password, ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); return extension.changePassword(old_password, new_password); } @@ -119,7 +119,7 @@ int ode_extension_encryption_verify_password(const char* password, bool* result) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); int ret = extension.verifyPassword(password); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); @@ -134,7 +134,7 @@ int ode_extension_encryption_get_state(int* state) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExtensionEncryption extension = client.createInterface(); + ExtensionEncryptionClient extension = client.createInterface(); int ret = extension.getState(); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); diff --git a/lib/ode/external-encryption.cpp b/lib/ode/external-encryption.cpp index b22b50d..7a4c014 100644 --- a/lib/ode/external-encryption.cpp +++ b/lib/ode/external-encryption.cpp @@ -18,7 +18,7 @@ #include "external-encryption.h" #include "client.h" -#include "rmi/external-encryption.h" +#include "lib/external-encryption.h" using namespace ode; @@ -28,7 +28,7 @@ int ode_external_encryption_set_mount_password(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); return external.setMountPassword(password); } @@ -37,7 +37,7 @@ int ode_external_encryption_mount() { ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); return external.mount(); } @@ -46,7 +46,7 @@ int ode_external_encryption_umount() { ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); return external.umount(); } @@ -57,7 +57,7 @@ int ode_external_encryption_encrypt(const char* password, unsigned int options) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); return external.encrypt(password, options); } @@ -68,7 +68,7 @@ int ode_external_encryption_decrypt(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); return external.decrypt(password); } @@ -77,7 +77,7 @@ int ode_external_encryption_recovery() { ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); return external.recovery(); } @@ -88,7 +88,7 @@ int ode_external_encryption_is_password_initialized(bool* result) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); int ret = external.isPasswordInitialized(); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); @@ -103,7 +103,7 @@ int ode_external_encryption_init_password(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); return external.initPassword(password); } @@ -114,7 +114,7 @@ int ode_external_encryption_clean_password(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); return external.cleanPassword(password); } @@ -127,7 +127,7 @@ int ode_external_encryption_change_password(const char* old_password, ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); return external.changePassword(old_password, new_password); } @@ -139,7 +139,7 @@ int ode_external_encryption_verify_password(const char* password, bool* result) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); int ret = external.verifyPassword(password); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); @@ -154,7 +154,7 @@ int ode_external_encryption_get_state(int* state) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); int ret = external.getState(); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); @@ -169,7 +169,7 @@ int ode_external_encryption_get_supported_options(unsigned int* options) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - ExternalEncryption external = client.createInterface(); + ExternalEncryptionClient external = client.createInterface(); *options = external.getSupportedOptions(); return ODE_ERROR_NONE; } diff --git a/lib/ode/internal-encryption.cpp b/lib/ode/internal-encryption.cpp index d5ad13d..624b269 100644 --- a/lib/ode/internal-encryption.cpp +++ b/lib/ode/internal-encryption.cpp @@ -18,7 +18,7 @@ #include "internal-encryption.h" #include "client.h" -#include "rmi/internal-encryption.h" +#include "lib/internal-encryption.h" using namespace ode; @@ -28,7 +28,7 @@ int ode_internal_encryption_set_mount_password(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); return internal.setMountPassword(password); } @@ -37,7 +37,7 @@ int ode_internal_encryption_mount() { ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); return internal.mount(); } @@ -46,7 +46,7 @@ int ode_internal_encryption_umount() { ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); return internal.umount(); } @@ -57,7 +57,7 @@ int ode_internal_encryption_encrypt(const char* password, unsigned int options) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); return internal.encrypt(password, options); } @@ -68,7 +68,7 @@ int ode_internal_encryption_decrypt(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); return internal.decrypt(password); } @@ -77,7 +77,7 @@ int ode_internal_encryption_recovery() { ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); return internal.recovery(); } @@ -88,7 +88,7 @@ int ode_internal_encryption_is_password_initialized(bool* result) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); int ret = internal.isPasswordInitialized(); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); @@ -103,7 +103,7 @@ int ode_internal_encryption_init_password(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); return internal.initPassword(password); } @@ -114,7 +114,7 @@ int ode_internal_encryption_clean_password(const char* password) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); return internal.cleanPassword(password); } @@ -127,7 +127,7 @@ int ode_internal_encryption_change_password(const char* old_password, ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); return internal.changePassword(old_password, new_password); } @@ -139,7 +139,7 @@ int ode_internal_encryption_verify_password(const char* password, bool* result) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); int ret = internal.verifyPassword(password); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); @@ -154,7 +154,7 @@ int ode_internal_encryption_get_state(int* state) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); int ret = internal.getState(); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); @@ -169,7 +169,7 @@ int ode_internal_encryption_get_supported_options(unsigned int* options) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - InternalEncryption internal = client.createInterface(); + InternalEncryptionClient internal = client.createInterface(); *options = internal.getSupportedOptions(); return ODE_ERROR_NONE; } @@ -183,7 +183,7 @@ int ode_internal_encryption_set_mount_event_cb(ode_mount_event_cb callback, void mountEventCallbackContext.reset(new ODEContext); RET_ON_FAILURE(mountEventCallbackContext->connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - int ret = mountEventCallbackContext->subscribeSignal("InternalEncryption::mount", callback, user_data); + int ret = mountEventCallbackContext->subscribeSignal("InternalEncryptionServer::mount", callback, user_data); RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); return ODE_ERROR_NONE; diff --git a/lib/ode/secure-erase.cpp b/lib/ode/secure-erase.cpp index ff84342..5bda353 100644 --- a/lib/ode/secure-erase.cpp +++ b/lib/ode/secure-erase.cpp @@ -18,7 +18,7 @@ #include "secure-erase.h" #include "client.h" -#include "rmi/secure-erase.h" +#include "lib/secure-erase.h" using namespace ode; @@ -28,7 +28,7 @@ int ode_secure_clean(const char* name) ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); - SecureErase secure = client.createInterface(); + SecureEraseClient secure = client.createInterface(); return secure.clean(name); } diff --git a/lib/secure-erase.cpp b/lib/secure-erase.cpp index 2d397e5..579437e 100644 --- a/lib/secure-erase.cpp +++ b/lib/secure-erase.cpp @@ -13,23 +13,23 @@ * See the License for the specific language governing permissions and * limitations under the License */ -#include "rmi/secure-erase.h" +#include "secure-erase.h" namespace ode { -SecureErase::SecureErase(ODEControlContext& ctx) : +SecureEraseClient::SecureEraseClient(ODEControlContext& ctx) : context(ctx) { } -SecureErase::~SecureErase() +SecureEraseClient::~SecureEraseClient() { } -int SecureErase::clean(const std::string& name) +int SecureEraseClient::clean(const std::string& name) { try { - return context->methodCall("SecureErase::clean", name); + return context->methodCall("SecureEraseServer::clean", name); } catch (runtime::Exception& e) { return -1; } diff --git a/lib/secure-erase.h b/lib/secure-erase.h new file mode 100644 index 0000000..0434a51 --- /dev/null +++ b/lib/secure-erase.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#ifndef __SECURE_ERASE_CLIENT_H__ +#define __SECURE_ERASE_CLIENT_H__ + +#include + +#include "rmi/secure-erase.h" +#include "context.h" + +namespace ode { + +class SecureEraseClient final: public SecureErase { +public: + SecureEraseClient(ODEControlContext& ctxt); + ~SecureEraseClient(); + + int clean(const std::string& name); + +private: + ODEControlContext& context; +}; + +} // namespace ode +#endif // __SECURE_ERASE_CLIENT_H__ diff --git a/rmi/extension-encryption.h b/rmi/extension-encryption.h index 31f366a..d525ef6 100644 --- a/rmi/extension-encryption.h +++ b/rmi/extension-encryption.h @@ -18,11 +18,6 @@ #define __EXTENSION_ENCRYPTION_H__ #include -#include - -#include - -#include "context.h" namespace ode { @@ -31,97 +26,27 @@ namespace ode { * such as SD card, used as an extension of the internal memory. */ -class ExtensionEncryption final { +class ExtensionEncryption { public: - ExtensionEncryption(ODEControlContext& ctxt); - ~ExtensionEncryption(); - - int setMountPassword(const std::string& password); + virtual int setMountPassword(const std::string& password) = 0; - int mount(); - int umount(); + virtual int mount() = 0; + virtual int umount() = 0; - int format(const std::string& password); + virtual int format(const std::string& password) = 0; - int isPasswordInitialized(); - int initPassword(const std::string& password); - int cleanPassword(const std::string& password); - int changePassword(const std::string& oldPW, const std::string& newPW); - int verifyPassword(const std::string& password); + virtual int isPasswordInitialized() = 0; + virtual int initPassword(const std::string& password) = 0; + virtual int cleanPassword(const std::string& password) = 0; + virtual int changePassword(const std::string& oldPW, const std::string& newPW) = 0; + virtual int verifyPassword(const std::string& password) = 0; enum State { Encrypted = 0x01, Corrupted = 0x02, }; - int getState(); - -private: - enum Operation { - ADDED = 0, - CHANGED, - REMOVED, - - OPERATION_MAX - }; - - enum Device { - MMC = 0, - MAP, - - DEVICE_MAX - }; - - enum Request { - NONE = 0, - MOUNT, - UMOUNT - }; - - struct DevInfo { - std::string mntPath; - std::string fsType; - std::string sysPath; - bool mounted; - int storagedId; - - DevInfo() : mounted(false), storagedId(-1) {} - ~DevInfo() {} - - void clear() { - mntPath.clear(); - fsType.clear(); - sysPath.clear(); - mounted = false; - storagedId = -1; - } - }; - - void logStoragedEvent(Operation op, Device d); - void handleDevice(Operation op, - const std::vector &intparams, - const std::vector &strparams); - void parseVariant(Operation op, dbus::Variant parameters); - void queryStoraged(); - void subscribeToStoraged(); - void unsubscribeFromStoraged(); - - bool storagedMount(std::unique_lock &lock); - bool storagedUnmount(std::unique_lock &lock); - - int getStatePriv() const; - bool isInserted() const; - bool isOpened() const; - bool isMounted() const; - - ODEControlContext& context; - - // currently inserted card information, empty if no card: - DevInfo info[DEVICE_MAX]; - - dbus::Connection::SubscriptionId subId[OPERATION_MAX]; - - Request currentReq; + virtual int getState() = 0; }; } // namespace ode diff --git a/rmi/external-encryption.h b/rmi/external-encryption.h index 5223413..39ffa50 100644 --- a/rmi/external-encryption.h +++ b/rmi/external-encryption.h @@ -17,7 +17,7 @@ #ifndef __EXTERNAL_ENCRYPTION_H__ #define __EXTERNAL_ENCRYPTION_H__ -#include "context.h" +#include namespace ode { @@ -26,26 +26,23 @@ namespace ode { * such as SD card. */ -class ExternalEncryption final { +class ExternalEncryption { public: - ExternalEncryption(ODEControlContext& ctxt); - ~ExternalEncryption(); + virtual int setMountPassword(const std::string& password) = 0; - int setMountPassword(const std::string& password); + virtual int mount() = 0; + virtual int umount() = 0; - int mount(); - int umount(); + virtual int encrypt(const std::string& password, unsigned int options) = 0; + virtual int decrypt(const std::string& password) = 0; - int encrypt(const std::string& password, unsigned int options); - int decrypt(const std::string& password); + virtual int recovery() = 0; - int recovery(); - - int isPasswordInitialized(); - int initPassword(const std::string& password); - int cleanPassword(const std::string& password); - int changePassword(const std::string& oldPW, const std::string& newPW); - int verifyPassword(const std::string& password); + virtual int isPasswordInitialized() = 0; + virtual int initPassword(const std::string& password) = 0; + virtual int cleanPassword(const std::string& password) = 0; + virtual int changePassword(const std::string& oldPW, const std::string& newPW) = 0; + virtual int verifyPassword(const std::string& password) = 0; enum State { Unencrypted = 0x00, @@ -53,18 +50,16 @@ public: Corrupted = 0x02, }; - int getState(); + virtual int getState() = 0; enum Option { OnlyNewFile = 1 << 0, ExceptForMediaFile = 1 << 1, }; - unsigned int getSupportedOptions(); - -private: - ODEControlContext& context; + virtual unsigned int getSupportedOptions() = 0; }; } // namespace ode + #endif // __EXTERNAL_ENCRYPTION_H__ diff --git a/rmi/internal-encryption.h b/rmi/internal-encryption.h index 2c8ed9e..437e86b 100644 --- a/rmi/internal-encryption.h +++ b/rmi/internal-encryption.h @@ -17,7 +17,7 @@ #ifndef __INTERNAL_ENCRYPTION_H__ #define __INTERNAL_ENCRYPTION_H__ -#include "context.h" +#include namespace ode { @@ -25,26 +25,23 @@ namespace ode { * This class provides APIs to manage the encryption of internal stroage. */ -class InternalEncryption final { +class InternalEncryption { public: - InternalEncryption(ODEControlContext& ctxt); - ~InternalEncryption(); + virtual int setMountPassword(const std::string& password) = 0; - int setMountPassword(const std::string& password); + virtual int mount() = 0; + virtual int umount() = 0; - int mount(); - int umount(); + virtual int encrypt(const std::string& password, unsigned int options) = 0; + virtual int decrypt(const std::string& password) = 0; - int encrypt(const std::string& password, unsigned int options); - int decrypt(const std::string& password); + virtual int recovery() = 0; - int recovery(); - - int isPasswordInitialized(); - int initPassword(const std::string& password); - int cleanPassword(const std::string& password); - int changePassword(const std::string& oldPW, const std::string& newPW); - int verifyPassword(const std::string& password); + virtual int isPasswordInitialized() = 0; + virtual int initPassword(const std::string& password) = 0; + virtual int cleanPassword(const std::string& password) = 0; + virtual int changePassword(const std::string& oldPW, const std::string& newPW) = 0; + virtual int verifyPassword(const std::string& password) = 0; enum State { Unencrypted = 0x00, @@ -52,17 +49,15 @@ public: Corrupted = 0x02, }; - int getState(); + virtual int getState() = 0; enum Option { IncludeUnusedRegion = 1 << 0, }; - unsigned int getSupportedOptions(); - -private: - ODEControlContext& context; + virtual unsigned int getSupportedOptions() = 0; }; } // namespace ode + #endif // __INTERNAL_ENCRYPTION_H__ diff --git a/rmi/secure-erase.h b/rmi/secure-erase.h index a64ee99..d9af2b4 100644 --- a/rmi/secure-erase.h +++ b/rmi/secure-erase.h @@ -17,23 +17,15 @@ #ifndef __SECURE_ERASE_H__ #define __SECURE_ERASE_H__ -#include "context.h" - namespace ode { /** * This class provides APIs to secure actions(erase/clean). */ -class SecureErase final { +class SecureErase { public: - SecureErase(ODEControlContext& ctxt); - ~SecureErase(); - - int clean(const std::string& name); - -private: - ODEControlContext& context; + virtual int clean(const std::string& name) = 0; }; } // namespace ode diff --git a/server/extension-encryption.cpp b/server/extension-encryption.cpp index aa5e176..e085d05 100644 --- a/server/extension-encryption.cpp +++ b/server/extension-encryption.cpp @@ -13,8 +13,6 @@ * See the License for the specific language governing permissions and * limitations under the License */ -#include - #include #include @@ -26,10 +24,8 @@ #include "misc.h" #include "logger.h" #include "ext4-tool.h" -#include "engine/encryption/cryptsetup-engine.h" -#include "key-manager/key-manager.h" -#include "rmi/extension-encryption.h" +#include "extension-encryption.h" #define EXTENSION_NAME_DEF "extension" @@ -37,8 +33,6 @@ namespace ode { namespace { -typedef CryptsetupEngine EXTENSION_ENGINE; - const size_t DEFAULT_KEY_SIZE = 64; const char *EXTENSION_DEV_PATH = "/dev/mmcblk1p1"; @@ -52,13 +46,6 @@ const char *STORAGED_DBUS_BUSNAME = "org.tizen.system.storage"; const char *STORAGED_DBUS_OBJECT = "/Org/Tizen/System/Storage/Block/Manager"; const char *STORAGED_DBUS_INTERFACE = "org.tizen.system.storage.BlockManager"; -std::unique_ptr engine; -KeyManager::data mountKey; - -std::mutex apiGuard; -std::mutex stateGuard; -std::condition_variable storagedCv; - bool findKillAndUmount(const std::string &devPath) { for(;;) { @@ -86,22 +73,22 @@ bool findKillAndUmount(const std::string &devPath) } // namsepace -ExtensionEncryption::ExtensionEncryption(ODEControlContext &ctx) : +ExtensionEncryptionServer::ExtensionEncryptionServer(ODEControlContext &ctx) : context(ctx), currentReq(Request::NONE) { - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::setMountPassword)(std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::mount)()); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::umount)()); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::format)(std::string)); - context.expose(this, "", (int)(ExtensionEncryption::isPasswordInitialized)()); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::initPassword)(std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::cleanPassword)(std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::changePassword)(std::string, std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryption::verifyPassword)(std::string)); - context.expose(this, "", (int)(ExtensionEncryption::getState)()); - - context.createNotification("ExtensionEncryption::mount"); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryptionServer::setMountPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryptionServer::mount)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryptionServer::umount)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryptionServer::format)(std::string)); + context.expose(this, "", (int)(ExtensionEncryptionServer::isPasswordInitialized)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryptionServer::initPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryptionServer::cleanPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryptionServer::changePassword)(std::string, std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExtensionEncryptionServer::verifyPassword)(std::string)); + context.expose(this, "", (int)(ExtensionEncryptionServer::getState)()); + + context.createNotification("ExtensionEncryptionServer::mount"); // TODO: think about handling more than one card / more than one engine // it would require global API change to select which card is handled atm @@ -111,12 +98,12 @@ ExtensionEncryption::ExtensionEncryption(ODEControlContext &ctx) : subscribeToStoraged(); } -ExtensionEncryption::~ExtensionEncryption() +ExtensionEncryptionServer::~ExtensionEncryptionServer() { unsubscribeFromStoraged(); } -int ExtensionEncryption::setMountPassword(const std::string& password) +int ExtensionEncryptionServer::setMountPassword(const std::string& password) { std::lock_guard guardLock(apiGuard); @@ -133,7 +120,7 @@ int ExtensionEncryption::setMountPassword(const std::string& password) return 0; } -int ExtensionEncryption::mount() +int ExtensionEncryptionServer::mount() { std::lock_guard guardLock(apiGuard); std::unique_lock stateLock(stateGuard); @@ -178,11 +165,11 @@ int ExtensionEncryption::mount() } } - context.notify("ExtensionEncryption::mount"); + context.notify("ExtensionEncryptionServer::mount"); return 0; } -int ExtensionEncryption::umount() +int ExtensionEncryptionServer::umount() { std::lock_guard guardLock(apiGuard); std::unique_lock stateLock(stateGuard); @@ -222,7 +209,7 @@ int ExtensionEncryption::umount() return 0; } -int ExtensionEncryption::format(const std::string &password) +int ExtensionEncryptionServer::format(const std::string &password) { int status = 0; std::condition_variable workerCv; @@ -312,7 +299,7 @@ int ExtensionEncryption::format(const std::string &password) return 0; } -int ExtensionEncryption::isPasswordInitialized() +int ExtensionEncryptionServer::isPasswordInitialized() { std::lock_guard guardLock(apiGuard); @@ -323,7 +310,7 @@ int ExtensionEncryption::isPasswordInitialized() return 0; } -int ExtensionEncryption::initPassword(const std::string& password) +int ExtensionEncryptionServer::initPassword(const std::string& password) { std::lock_guard guardLock(apiGuard); @@ -335,7 +322,7 @@ int ExtensionEncryption::initPassword(const std::string& password) return 0; } -int ExtensionEncryption::cleanPassword(const std::string& password) +int ExtensionEncryptionServer::cleanPassword(const std::string& password) { std::lock_guard guardLock(apiGuard); @@ -351,7 +338,7 @@ int ExtensionEncryption::cleanPassword(const std::string& password) return 0; } -int ExtensionEncryption::changePassword(const std::string &oldPassword, +int ExtensionEncryptionServer::changePassword(const std::string &oldPassword, const std::string &newPassword) { std::lock_guard guardLock(apiGuard); @@ -371,7 +358,7 @@ int ExtensionEncryption::changePassword(const std::string &oldPassword, return 0; } -int ExtensionEncryption::verifyPassword(const std::string& password) +int ExtensionEncryptionServer::verifyPassword(const std::string& password) { std::lock_guard guardLock(apiGuard); @@ -385,7 +372,7 @@ int ExtensionEncryption::verifyPassword(const std::string& password) return 0; } -int ExtensionEncryption::getState() +int ExtensionEncryptionServer::getState() { std::lock_guard guardLock(apiGuard); std::unique_lock stateLock(stateGuard); @@ -393,7 +380,7 @@ int ExtensionEncryption::getState() return getStatePriv(); } -void ExtensionEncryption::logStoragedEvent(Operation op, Device d) +void ExtensionEncryptionServer::logStoragedEvent(Operation op, Device d) { DEBUG(SINK, "Storaged event:"); @@ -429,9 +416,9 @@ void ExtensionEncryption::logStoragedEvent(Operation op, Device d) DEBUG(SINK, " ID: " + std::to_string(info[d].storagedId)); } -void ExtensionEncryption::handleDevice(Operation op, - const std::vector &intparams, - const std::vector &strparams) +void ExtensionEncryptionServer::handleDevice(Operation op, + const std::vector &intparams, + const std::vector &strparams) { Device d; @@ -499,7 +486,7 @@ void ExtensionEncryption::handleDevice(Operation op, } } -void ExtensionEncryption::parseVariant(Operation op, dbus::Variant parameters) +void ExtensionEncryptionServer::parseVariant(Operation op, dbus::Variant parameters) { std::vector intparams(6); std::vector strparams(7); @@ -522,7 +509,7 @@ void ExtensionEncryption::parseVariant(Operation op, dbus::Variant parameters) handleDevice(op, intparams, strparams); } -void ExtensionEncryption::queryStoraged() +void ExtensionEncryptionServer::queryStoraged() { INFO(SINK, "Querying the storaged for devices..."); @@ -563,13 +550,13 @@ void ExtensionEncryption::queryStoraged() } } -void ExtensionEncryption::subscribeToStoraged() +void ExtensionEncryptionServer::subscribeToStoraged() { dbus::Connection &systemDBus = dbus::Connection::getSystem(); auto subscribe = [&systemDBus, this](Operation op, const std::string &method) { dbus::Connection::SignalCallback callback = - std::bind(&ExtensionEncryption::parseVariant, + std::bind(&ExtensionEncryptionServer::parseVariant, this, op, std::placeholders::_1); @@ -586,7 +573,7 @@ void ExtensionEncryption::subscribeToStoraged() subscribe(Operation::REMOVED, "DeviceRemoved"); } -void ExtensionEncryption::unsubscribeFromStoraged() +void ExtensionEncryptionServer::unsubscribeFromStoraged() { dbus::Connection &systemDBus = dbus::Connection::getSystem(); @@ -595,7 +582,7 @@ void ExtensionEncryption::unsubscribeFromStoraged() systemDBus.unsubscribeSignal(subId[Operation::REMOVED]); } -bool ExtensionEncryption::storagedMount(std::unique_lock &lock) +bool ExtensionEncryptionServer::storagedMount(std::unique_lock &lock) { currentReq = Request::MOUNT; @@ -633,7 +620,7 @@ bool ExtensionEncryption::storagedMount(std::unique_lock &lock) return true; } -bool ExtensionEncryption::storagedUnmount(std::unique_lock &lock) +bool ExtensionEncryptionServer::storagedUnmount(std::unique_lock &lock) { currentReq = Request::UMOUNT; @@ -671,7 +658,7 @@ bool ExtensionEncryption::storagedUnmount(std::unique_lock &lock) return true; } -int ExtensionEncryption::getStatePriv() const +int ExtensionEncryptionServer::getStatePriv() const { if (!isInserted()) { ERROR(SINK, "Cannot check state, card not inserted"); @@ -684,17 +671,17 @@ int ExtensionEncryption::getStatePriv() const return State::Corrupted; } -bool ExtensionEncryption::isInserted() const +bool ExtensionEncryptionServer::isInserted() const { return info[Device::MMC].storagedId >= 0; } -bool ExtensionEncryption::isOpened() const +bool ExtensionEncryptionServer::isOpened() const { return info[Device::MAP].storagedId >= 0; } -bool ExtensionEncryption::isMounted() const +bool ExtensionEncryptionServer::isMounted() const { return info[Device::MAP].mounted; } diff --git a/server/extension-encryption.h b/server/extension-encryption.h new file mode 100644 index 0000000..5f2a08f --- /dev/null +++ b/server/extension-encryption.h @@ -0,0 +1,132 @@ +/* + * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#ifndef __EXTENSION_ENCRYPTION_SERVER_H__ +#define __EXTENSION_ENCRYPTION_SERVER_H__ + +#include +#include +#include +#include + +#include "context.h" +#include "rmi/extension-encryption.h" +#include "key-manager/key-manager.h" +#include "engine/encryption/cryptsetup-engine.h" + +namespace ode { + +typedef CryptsetupEngine EXTENSION_ENGINE; + +class ExtensionEncryptionServer final: public ExtensionEncryption { +public: + ExtensionEncryptionServer(ODEControlContext& ctxt); + ~ExtensionEncryptionServer(); + + int setMountPassword(const std::string& password); + + int mount(); + int umount(); + + int format(const std::string& password); + + int isPasswordInitialized(); + int initPassword(const std::string& password); + int cleanPassword(const std::string& password); + int changePassword(const std::string& oldPW, const std::string& newPW); + int verifyPassword(const std::string& password); + + int getState(); + +private: + enum Operation { + ADDED = 0, + CHANGED, + REMOVED, + + OPERATION_MAX + }; + + enum Device { + MMC = 0, + MAP, + + DEVICE_MAX + }; + + enum Request { + NONE = 0, + MOUNT, + UMOUNT + }; + + struct DevInfo { + std::string mntPath; + std::string fsType; + std::string sysPath; + bool mounted; + int storagedId; + + DevInfo() : mounted(false), storagedId(-1) {} + ~DevInfo() {} + + void clear() { + mntPath.clear(); + fsType.clear(); + sysPath.clear(); + mounted = false; + storagedId = -1; + } + }; + + void logStoragedEvent(Operation op, Device d); + void handleDevice(Operation op, + const std::vector &intparams, + const std::vector &strparams); + + void parseVariant(Operation op, dbus::Variant parameters); + void queryStoraged(); + void subscribeToStoraged(); + void unsubscribeFromStoraged(); + + bool storagedMount(std::unique_lock &lock); + bool storagedUnmount(std::unique_lock &lock); + + int getStatePriv() const; + bool isInserted() const; + bool isOpened() const; + bool isMounted() const; + + ODEControlContext& context; + + // currently inserted card information, empty if no card: + DevInfo info[DEVICE_MAX]; + + dbus::Connection::SubscriptionId subId[OPERATION_MAX]; + + Request currentReq; + + std::unique_ptr engine; + KeyManager::data mountKey; + + std::mutex apiGuard; + std::mutex stateGuard; + std::condition_variable storagedCv; +}; + +} // namespace ode + +#endif // __EXTENSION_ENCRYPTION_SERVER_H__ diff --git a/server/external-encryption.cpp b/server/external-encryption.cpp index bc6a488..d20c382 100644 --- a/server/external-encryption.cpp +++ b/server/external-encryption.cpp @@ -31,10 +31,8 @@ #include "launchpad.h" #include "app-bundle.h" #include "progress-bar.h" -#include "engine/encryption/ecryptfs-engine.h" -#include "key-manager/key-manager.h" -#include "rmi/external-encryption.h" +#include "external-encryption.h" #define EXTERNAL_PATH "/opt/media/SDCardA1" #define EXTERNAL_STATE_VCONF_KEY VCONFKEY_SDE_CRYPTO_STATE @@ -47,10 +45,6 @@ namespace ode { namespace { -typedef EcryptfsEngine EXTERNAL_ENGINE; - -std::unique_ptr engine; -KeyManager::data mountKey; bool isBootCompleted = false; void externalCallback(dbus::Variant parameters) @@ -194,23 +188,23 @@ void setOptions(unsigned int options) } // namsepace -ExternalEncryption::ExternalEncryption(ODEControlContext &ctx) : +ExternalEncryptionServer::ExternalEncryptionServer(ODEControlContext &ctx) : context(ctx) { - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::setMountPassword)(std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::mount)()); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::umount)()); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::encrypt)(std::string, unsigned int)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::decrypt)(std::string)); - context.expose(this, "", (int)(ExternalEncryption::isPasswordInitialized)()); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::initPassword)(std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::cleanPassword)(std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::changePassword)(std::string, std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryption::verifyPassword)(std::string)); - context.expose(this, "", (int)(ExternalEncryption::getState)()); - context.expose(this, "", (unsigned int)(ExternalEncryption::getSupportedOptions)()); - - context.createNotification("ExternalEncryption::mount"); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::setMountPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::mount)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::umount)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::encrypt)(std::string, unsigned int)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::decrypt)(std::string)); + context.expose(this, "", (int)(ExternalEncryptionServer::isPasswordInitialized)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::initPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::cleanPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::changePassword)(std::string, std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::verifyPassword)(std::string)); + context.expose(this, "", (int)(ExternalEncryptionServer::getState)()); + context.expose(this, "", (unsigned int)(ExternalEncryptionServer::getSupportedOptions)()); + + context.createNotification("ExternalEncryptionServer::mount"); engine.reset(new EXTERNAL_ENGINE( EXTERNAL_PATH, EXTERNAL_PATH, @@ -223,12 +217,11 @@ ExternalEncryption::ExternalEncryption(ODEControlContext &ctx) : externalAddEventReceiver(); } -ExternalEncryption::~ExternalEncryption() +ExternalEncryptionServer::~ExternalEncryptionServer() { } - -int ExternalEncryption::setMountPassword(const std::string& password) +int ExternalEncryptionServer::setMountPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager(engine->getKeyMeta()); @@ -236,12 +229,12 @@ int ExternalEncryption::setMountPassword(const std::string& password) return -2; } - ode::mountKey = keyManager.getMasterKey(pwData); + mountKey = keyManager.getMasterKey(pwData); return 0; } -int ExternalEncryption::mount() +int ExternalEncryptionServer::mount() { if (getState() != State::Encrypted) { return -1; @@ -255,12 +248,12 @@ int ExternalEncryption::mount() engine->mount(mountKey, getOptions()); mountKey.clear(); - context.notify("ExternalEncryption::mount"); + context.notify("ExternalEncryptionServer::mount"); return 0; } -int ExternalEncryption::umount() +int ExternalEncryptionServer::umount() { if (getState() != State::Encrypted) { return -1; @@ -279,7 +272,7 @@ int ExternalEncryption::umount() return 0; } -int ExternalEncryption::encrypt(const std::string &password, unsigned int options) +int ExternalEncryptionServer::encrypt(const std::string &password, unsigned int options) { if (getState() != State::Unencrypted) { return -1; @@ -302,7 +295,7 @@ int ExternalEncryption::encrypt(const std::string &password, unsigned int option setOptions(options & getSupportedOptions()); INFO(SINK, "Encryption completed"); ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "encrypted"); - context.notify("ExternalEncryption::mount"); + context.notify("ExternalEncryptionServer::mount"); INFO(SINK, "Sync disk..."); sync(); } catch (runtime::Exception &e) { @@ -317,7 +310,7 @@ int ExternalEncryption::encrypt(const std::string &password, unsigned int option return 0; } -int ExternalEncryption::decrypt(const std::string &password) +int ExternalEncryptionServer::decrypt(const std::string &password) { if (getState() != State::Encrypted) { return -1; @@ -363,7 +356,7 @@ int ExternalEncryption::decrypt(const std::string &password) return 0; } -int ExternalEncryption::recovery() +int ExternalEncryptionServer::recovery() { if (getState() == State::Unencrypted) { return -1; @@ -380,7 +373,7 @@ int ExternalEncryption::recovery() return 0; } -int ExternalEncryption::isPasswordInitialized() +int ExternalEncryptionServer::isPasswordInitialized() { if (engine->isKeyMetaSet()) { return 1; @@ -388,7 +381,7 @@ int ExternalEncryption::isPasswordInitialized() return 0; } -int ExternalEncryption::initPassword(const std::string& password) +int ExternalEncryptionServer::initPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager; @@ -398,7 +391,7 @@ int ExternalEncryption::initPassword(const std::string& password) return 0; } -int ExternalEncryption::cleanPassword(const std::string& password) +int ExternalEncryptionServer::cleanPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager(engine->getKeyMeta()); @@ -411,7 +404,7 @@ int ExternalEncryption::cleanPassword(const std::string& password) return 0; } -int ExternalEncryption::changePassword(const std::string &oldPassword, +int ExternalEncryptionServer::changePassword(const std::string &oldPassword, const std::string &newPassword) { KeyManager::data oldPwData(oldPassword.begin(), oldPassword.end()); @@ -428,7 +421,7 @@ int ExternalEncryption::changePassword(const std::string &oldPassword, return 0; } -int ExternalEncryption::verifyPassword(const std::string& password) +int ExternalEncryptionServer::verifyPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager(engine->getKeyMeta()); @@ -439,7 +432,7 @@ int ExternalEncryption::verifyPassword(const std::string& password) return 0; } -int ExternalEncryption::getState() +int ExternalEncryptionServer::getState() { char *value = ::vconf_get_str(EXTERNAL_STATE_VCONF_KEY); if (value == NULL) { @@ -460,7 +453,7 @@ int ExternalEncryption::getState() return 0; } -unsigned int ExternalEncryption::getSupportedOptions() +unsigned int ExternalEncryptionServer::getSupportedOptions() { return engine->getSupportedOptions(); } diff --git a/server/external-encryption.h b/server/external-encryption.h new file mode 100644 index 0000000..0ec5dd4 --- /dev/null +++ b/server/external-encryption.h @@ -0,0 +1,69 @@ +/* + * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#ifndef __EXTERNAL_ENCRYPTION_SERVER_H__ +#define __EXTERNAL_ENCRYPTION_SERVER_H__ + +#include +#include +#include + +#include + +#include "context.h" +#include "rmi/external-encryption.h" +#include "key-manager/key-manager.h" +#include "engine/encryption/ecryptfs-engine.h" + +namespace ode { + +typedef EcryptfsEngine EXTERNAL_ENGINE; + +class ExternalEncryptionServer final: public ExternalEncryption { +public: + ExternalEncryptionServer(ODEControlContext& ctxt); + ~ExternalEncryptionServer(); + + int setMountPassword(const std::string& password); + + int mount(); + int umount(); + + int encrypt(const std::string& password, unsigned int options); + int decrypt(const std::string& password); + + int recovery(); + + int isPasswordInitialized(); + int initPassword(const std::string& password); + int cleanPassword(const std::string& password); + int changePassword(const std::string& oldPW, const std::string& newPW); + int verifyPassword(const std::string& password); + + int getState(); + + unsigned int getSupportedOptions(); + +private: + ODEControlContext& context; + + std::unique_ptr engine; + KeyManager::data mountKey; +}; + +} // namespace ode + +#endif // __EXTERNAL_ENCRYPTION_SERVER_H__ diff --git a/server/internal-encryption.cpp b/server/internal-encryption.cpp index a873a17..30ff4a0 100644 --- a/server/internal-encryption.cpp +++ b/server/internal-encryption.cpp @@ -36,17 +36,13 @@ #include "misc.h" #include "logger.h" #include "progress-bar.h" -#include "engine/encryption/dmcrypt-engine.h" -#include "key-manager/key-manager.h" -#include "rmi/internal-encryption.h" +#include "internal-encryption.h" namespace ode { namespace { -typedef DMCryptEngine INTERNAL_ENGINE; - const char *INTERNAL_DEV_PATH = "/dev/disk/by-partlabel"; const char *INTERNAL_DEV_NAME = "USER"; const char *INTERNAL_PATH = "/opt/usr"; @@ -65,9 +61,6 @@ const std::vector wipeCommand = { "com.samsung.factoryreset.start.setting" }; -std::unique_ptr engine; -KeyManager::data mountKey; - std::string findDevPath() { std::string source = INTERNAL_DEV_PATH + std::string("/") + INTERNAL_DEV_NAME; @@ -235,23 +228,23 @@ void setOptions(unsigned int options) } -InternalEncryption::InternalEncryption(ODEControlContext& ctx) : +InternalEncryptionServer::InternalEncryptionServer(ODEControlContext& ctx) : context(ctx) { - context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::setMountPassword)(std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::mount)()); - context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::umount)()); - context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::encrypt)(std::string, unsigned int)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::decrypt)(std::string)); - context.expose(this, "", (int)(InternalEncryption::isPasswordInitialized)()); - context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::initPassword)(std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::cleanPassword)(std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::changePassword)(std::string, std::string)); - context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryption::verifyPassword)(std::string)); - context.expose(this, "", (int)(InternalEncryption::getState)()); - context.expose(this, "", (unsigned int)(InternalEncryption::getSupportedOptions)()); - - context.createNotification("InternalEncryption::mount"); + context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::setMountPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::mount)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::umount)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::encrypt)(std::string, unsigned int)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::decrypt)(std::string)); + context.expose(this, "", (int)(InternalEncryptionServer::isPasswordInitialized)()); + context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::initPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::cleanPassword)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::changePassword)(std::string, std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(InternalEncryptionServer::verifyPassword)(std::string)); + context.expose(this, "", (int)(InternalEncryptionServer::getState)()); + context.expose(this, "", (unsigned int)(InternalEncryptionServer::getSupportedOptions)()); + + context.createNotification("InternalEncryptionServer::mount"); std::string source = findDevPath(); @@ -264,11 +257,11 @@ InternalEncryption::InternalEncryption(ODEControlContext& ctx) : )); } -InternalEncryption::~InternalEncryption() +InternalEncryptionServer::~InternalEncryptionServer() { } -int InternalEncryption::setMountPassword(const std::string& password) +int InternalEncryptionServer::setMountPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager(engine->getKeyMeta()); @@ -276,12 +269,12 @@ int InternalEncryption::setMountPassword(const std::string& password) return -2; } - ode::mountKey = keyManager.getMasterKey(pwData); + mountKey = keyManager.getMasterKey(pwData); return 0; } -int InternalEncryption::mount() +int InternalEncryptionServer::mount() { if (getState() != State::Encrypted) { return -1; @@ -297,7 +290,7 @@ int InternalEncryption::mount() engine->mount(mountKey, getOptions()); mountKey.clear(); - context.notify("InternalEncryption::mount"); + context.notify("InternalEncryptionServer::mount"); runtime::File("/tmp/.lazy_mount").create(O_WRONLY); runtime::File("/tmp/.unlock_mnt").create(O_WRONLY); @@ -309,7 +302,7 @@ int InternalEncryption::mount() return 0; } -int InternalEncryption::umount() +int InternalEncryptionServer::umount() { if (getState() != State::Encrypted) { return -1; @@ -333,7 +326,7 @@ int InternalEncryption::umount() return 0; } -int InternalEncryption::encrypt(const std::string& password, unsigned int options) +int InternalEncryptionServer::encrypt(const std::string& password, unsigned int options) { if (getState() != State::Unencrypted) { return -1; @@ -378,7 +371,7 @@ int InternalEncryption::encrypt(const std::string& password, unsigned int option INFO(SINK, "Encryption completed"); ::vconf_set_str(VCONFKEY_ODE_CRYPTO_STATE, "encrypted"); - context.notify("InternalEncryption::mount"); + context.notify("InternalEncryptionServer::mount"); INFO(SINK, "Syncing disk and rebooting..."); ::sync(); @@ -395,7 +388,7 @@ int InternalEncryption::encrypt(const std::string& password, unsigned int option return 0; } -int InternalEncryption::decrypt(const std::string& password) +int InternalEncryptionServer::decrypt(const std::string& password) { if (getState() != State::Encrypted) { return -1; @@ -451,7 +444,7 @@ int InternalEncryption::decrypt(const std::string& password) return 0; } -int InternalEncryption::recovery() +int InternalEncryptionServer::recovery() { if (getState() != State::Unencrypted) { return -1; @@ -467,7 +460,7 @@ int InternalEncryption::recovery() return 0; } -int InternalEncryption::isPasswordInitialized() +int InternalEncryptionServer::isPasswordInitialized() { if (engine->isKeyMetaSet()) { return 1; @@ -475,7 +468,7 @@ int InternalEncryption::isPasswordInitialized() return 0; } -int InternalEncryption::initPassword(const std::string& password) +int InternalEncryptionServer::initPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager; @@ -485,7 +478,7 @@ int InternalEncryption::initPassword(const std::string& password) return 0; } -int InternalEncryption::cleanPassword(const std::string& password) +int InternalEncryptionServer::cleanPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager(engine->getKeyMeta()); @@ -498,7 +491,7 @@ int InternalEncryption::cleanPassword(const std::string& password) return 0; } -int InternalEncryption::changePassword(const std::string& oldPassword, +int InternalEncryptionServer::changePassword(const std::string& oldPassword, const std::string& newPassword) { KeyManager::data oldPwData(oldPassword.begin(), oldPassword.end()); @@ -515,7 +508,7 @@ int InternalEncryption::changePassword(const std::string& oldPassword, return 0; } -int InternalEncryption::verifyPassword(const std::string& password) +int InternalEncryptionServer::verifyPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager(engine->getKeyMeta()); @@ -526,7 +519,7 @@ int InternalEncryption::verifyPassword(const std::string& password) return 0; } -int InternalEncryption::getState() +int InternalEncryptionServer::getState() { char *value = ::vconf_get_str(VCONFKEY_ODE_CRYPTO_STATE); if (value == NULL) { @@ -547,7 +540,7 @@ int InternalEncryption::getState() return 0; } -unsigned int InternalEncryption::getSupportedOptions() +unsigned int InternalEncryptionServer::getSupportedOptions() { return engine->getSupportedOptions(); } diff --git a/server/internal-encryption.h b/server/internal-encryption.h new file mode 100644 index 0000000..ea48de3 --- /dev/null +++ b/server/internal-encryption.h @@ -0,0 +1,66 @@ +/* + * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#ifndef __INTERNAL_ENCRYPTION_SERVER_H__ +#define __INTERNAL_ENCRYPTION_SERVER_H__ + +#include +#include + +#include "context.h" +#include "rmi/internal-encryption.h" +#include "key-manager/key-manager.h" +#include "engine/encryption/dmcrypt-engine.h" + +namespace ode { + +typedef DMCryptEngine INTERNAL_ENGINE; + +class InternalEncryptionServer final: public InternalEncryption { +public: + InternalEncryptionServer(ODEControlContext& ctxt); + ~InternalEncryptionServer(); + + int setMountPassword(const std::string& password); + + int mount(); + int umount(); + + int encrypt(const std::string& password, unsigned int options); + int decrypt(const std::string& password); + + int recovery(); + + int isPasswordInitialized(); + int initPassword(const std::string& password); + int cleanPassword(const std::string& password); + int changePassword(const std::string& oldPW, const std::string& newPW); + int verifyPassword(const std::string& password); + + int getState(); + + unsigned int getSupportedOptions(); + +private: + ODEControlContext& context; + + std::unique_ptr engine; + KeyManager::data mountKey; +}; + +} // namespace ode + +#endif // __INTERNAL_ENCRYPTION_SERVER_H__ diff --git a/server/secure-erase.cpp b/server/secure-erase.cpp index da67643..f4d036e 100644 --- a/server/secure-erase.cpp +++ b/server/secure-erase.cpp @@ -20,17 +20,14 @@ #include #include "ext4-tool.h" -#include "engine/erase/erase-engine.h" -#include "rmi/secure-erase.h" -#define ERASE_ENGINE EraseEngine -#define PRIVILEGE_PLATFORM "http://tizen.org/privilege/internal/default/platform" +#include "secure-erase.h" namespace ode { namespace { typedef std::unordered_map DeviceList; -std::unique_ptr engine; +const char *PRIVILEGE_PLATFORM = "http://tizen.org/privilege/internal/default/platform"; std::string findDevPath(const std::string &mntPath) { @@ -50,10 +47,10 @@ std::string findDevPath(const std::string &mntPath) } } /* namespace */ -SecureErase::SecureErase(ODEControlContext &ctx) : +SecureEraseServer::SecureEraseServer(ODEControlContext &ctx) : context(ctx) { - context.expose(this, PRIVILEGE_PLATFORM, (int)(SecureErase::clean)(std::string)); + context.expose(this, PRIVILEGE_PLATFORM, (int)(SecureEraseServer::clean)(std::string)); engine.reset(new ERASE_ENGINE(ProgressBar([](int v) { ::vconf_set_str(VCONFKEY_ODE_ERASE_PROGRESS, std::to_string(v).c_str()); @@ -61,11 +58,11 @@ SecureErase::SecureErase(ODEControlContext &ctx) : ); } -SecureErase::~SecureErase() +SecureEraseServer::~SecureEraseServer() { } -int SecureErase::clean(const std::string &name) +int SecureEraseServer::clean(const std::string &name) { auto cleanWorker = [name, this]() { try { diff --git a/server/secure-erase.h b/server/secure-erase.h new file mode 100644 index 0000000..acfd91f --- /dev/null +++ b/server/secure-erase.h @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2015-2017 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + */ + +#ifndef __SECURE_ERASE_SERVER_H__ +#define __SECURE_ERASE_SERVER_H__ + +#include +#include + +#include "context.h" +#include "rmi/secure-erase.h" +#include "engine/erase/mmc-engine.h" + +namespace ode { + +typedef MMCEraseEngine ERASE_ENGINE; + +class SecureEraseServer final: public SecureErase { +public: + SecureEraseServer(ODEControlContext& ctxt); + ~SecureEraseServer(); + + int erase(const std::string& name); + int clean(const std::string& name); + +private: + ODEControlContext& context; + + std::unique_ptr engine; +}; + +} // namespace ode +#endif // __SECURE_ERASE_SERVER_H__ diff --git a/server/server.cpp b/server/server.cpp index c5824b0..5baf9f7 100644 --- a/server/server.cpp +++ b/server/server.cpp @@ -19,10 +19,10 @@ #include #include "logger.h" -#include "rmi/secure-erase.h" -#include "rmi/internal-encryption.h" -#include "rmi/external-encryption.h" -#include "rmi/extension-encryption.h" +#include "secure-erase.h" +#include "internal-encryption.h" +#include "external-encryption.h" +#include "extension-encryption.h" #include "key-manager/key-generator.h" #include "server.h" @@ -33,10 +33,10 @@ namespace { const std::string ODE_MANAGER_ADDRESS = "/tmp/.ode.sock"; -std::unique_ptr secureErase; -std::unique_ptr internalEncryption; -std::unique_ptr externalEncryption; -std::unique_ptr extensionEncryption; +std::unique_ptr secureErase; +std::unique_ptr internalEncryption; +std::unique_ptr externalEncryption; +std::unique_ptr extensionEncryption; std::unique_ptr _sink = nullptr; } // namespace @@ -57,10 +57,10 @@ Server::Server() service->expose(this, "", (runtime::FileDescriptor)(Server::registerNotificationSubscriber)(std::string)); service->expose(this, "", (int)(Server::unregisterNotificationSubscriber)(std::string, int)); - secureErase.reset(new ode::SecureErase(*this)); - internalEncryption.reset(new ode::InternalEncryption(*this)); - externalEncryption.reset(new ode::ExternalEncryption(*this)); - extensionEncryption.reset(new ode::ExtensionEncryption(*this)); + secureErase.reset(new ode::SecureEraseServer(*this)); + internalEncryption.reset(new ode::InternalEncryptionServer(*this)); + externalEncryption.reset(new ode::ExternalEncryptionServer(*this)); + extensionEncryption.reset(new ode::ExtensionEncryptionServer(*this)); ode::KeyGenerator::init(); }