From: Sungbae Yoo <sungbae.yoo@samsung.com>
Date: Tue, 8 Nov 2016 07:26:54 +0000 (+0900)
Subject: Add implementation to test CAPIs in CLI tool
X-Git-Tag: submit/tizen/20170213.020148~44
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F19%2F96219%2F2;p=platform%2Fcore%2Fsecurity%2Fode.git

Add implementation to test CAPIs in CLI tool

Signed-off-by: Sungbae Yoo <sungbae.yoo@samsung.com>
Change-Id: I6fca218e8ce92a46dfe4867cd86726a4c4fab9e6
---

diff --git a/lib/external-encryption.cpp b/lib/external-encryption.cpp
index 1849e9c..e0cbe12 100644
--- a/lib/external-encryption.cpp
+++ b/lib/external-encryption.cpp
@@ -29,7 +29,7 @@ ExternalEncryption::~ExternalEncryption()
 int ExternalEncryption::mount(const std::string& password)
 {
 	try {
-		return context->methodCall<int>("ExternalEncryption::erase", password);
+		return context->methodCall<int>("ExternalEncryption::mount", password);
 	} catch (runtime::Exception& e) {
 		return -1;
 	}
@@ -38,7 +38,7 @@ int ExternalEncryption::mount(const std::string& password)
 int ExternalEncryption::umount()
 {
 	try {
-		return context->methodCall<int>("ExternalEncryption::clean");
+		return context->methodCall<int>("ExternalEncryption::umount");
 	} catch (runtime::Exception& e) {
 		return -1;
 	}
diff --git a/lib/internal-encryption.cpp b/lib/internal-encryption.cpp
index 517b378..6a15e00 100644
--- a/lib/internal-encryption.cpp
+++ b/lib/internal-encryption.cpp
@@ -29,7 +29,7 @@ InternalEncryption::~InternalEncryption()
 int InternalEncryption::mount(const std::string& password)
 {
 	try {
-		return context->methodCall<int>("InternalEncryption::password", password);
+		return context->methodCall<int>("InternalEncryption::mount", password);
 	} catch (runtime::Exception& e) {
 		return -1;
 	}
diff --git a/server/server.cpp b/server/server.cpp
index 86c673a..4a9cefe 100644
--- a/server/server.cpp
+++ b/server/server.cpp
@@ -16,6 +16,10 @@
 #include <cynara-client.h>
 #include <cynara-session.h>
 
+#include "rmi/secure-erase.h"
+#include "rmi/internal-encryption.h"
+#include "rmi/external-encryption.h"
+
 #include "server.h"
 
 using namespace std::placeholders;
@@ -24,6 +28,10 @@ namespace {
 
 const std::string ODE_MANAGER_ADDRESS = "/tmp/.ode.sock";
 
+std::unique_ptr<ode::SecureErase> secureErase;
+std::unique_ptr<ode::InternalEncryption> internalEncryption;
+std::unique_ptr<ode::ExternalEncryption> externalEncryption;
+
 } // namespace
 
 Server::Server()
@@ -31,6 +39,10 @@ Server::Server()
 	service.reset(new rmi::Service(ODE_MANAGER_ADDRESS));
 
 	service->setPrivilegeChecker(std::bind(&Server::checkPeerPrivilege, this, _1, _2));
+
+	secureErase.reset(new ode::SecureErase(*this));
+	internalEncryption.reset(new ode::InternalEncryption(*this));
+	externalEncryption.reset(new ode::ExternalEncryption(*this));
 }
 
 Server::~Server()
diff --git a/tools/cli/ode-admin-cli.cpp b/tools/cli/ode-admin-cli.cpp
index 9c8f0e2..214bd80 100644
--- a/tools/cli/ode-admin-cli.cpp
+++ b/tools/cli/ode-admin-cli.cpp
@@ -19,24 +19,192 @@
  * @file
  * @brief   CLI tool to encrypt/decrypt storage and secure erase
  */
+#include <unistd.h>
 #include <getopt.h>
+#include <termios.h>
 
 #include <string>
 #include <vector>
 #include <iostream>
 
-#include <klay/exception.h>
-#include <klay/filesystem.h>
+#include <ode/secure-erase.h>
+#include <ode/internal-encryption.h>
+#include <ode/external-encryption.h>
 
 extern char** environ;
 
-static inline void usage(const std::string name)
+static inline int usage(const std::string name)
 {
 	std::cout << "Usage: " << name << " [Option]" << std::endl
 			  << std::endl
 			  << "Options :" << std::endl
-			  << "   -h, --help         show this" << std::endl
+			  << "   -m, --mount=internal|external    mount" << std::endl
+			  << "   -u, --umount=internal|external   umount" << std::endl
+			  << "   -e, --encrypt=internal|external  encrypt" << std::endl
+			  << "   -d, --decrypt=internal|external  decrypt" << std::endl
+			  << "   -s, --state=internal|external    get state" << std::endl
+			  << "   -r, --erase=FILE|DIRECTORY       secure-erase" << std::endl
+			  << "   -c, --clean=DIRECTORY            secure-clean" << std::endl
+			  << "   -h, --help                       show this" << std::endl
 			  << std::endl;
+
+	return -1;
+}
+
+static inline std::string getPassword() {
+	std::string password;
+
+	std::cout << "Password: ";
+
+	struct termios oldt;
+	tcgetattr(STDIN_FILENO, &oldt);
+
+	termios newt = oldt;
+	newt.c_lflag &= ~ECHO;
+	tcsetattr(STDIN_FILENO, TCSANOW, &newt);
+
+	std::cin >> password;
+
+	tcsetattr(STDIN_FILENO, TCSANOW, &oldt);
+	std::cout << std::endl;
+
+	return password;
+}
+
+static inline void printSelectableStorage()
+{
+	std::cerr << "Just choose one among followings :" << std::endl
+			  << "internal, external" << std::endl;
+}
+
+static inline int mount(const std::string name)
+{
+	int ret;
+
+	if (name == "internal") {
+		std::string password = getPassword();
+		ret = ode_internal_encryption_mount(password.c_str());
+	} else if (name == "external") {
+		std::string password = getPassword();
+		ret = ode_external_encryption_mount(password.c_str());
+	} else {
+		printSelectableStorage();
+		return -1;
+	}
+
+	if (ret != 0) {
+		std::cerr << "Error : " << ret <<std::endl;
+	}
+
+	return ret;
+}
+
+static inline int umount(const std::string name)
+{
+	int ret;
+
+	if (name == "internal") {
+		ret = ode_internal_encryption_umount();
+	} else if (name == "external") {
+		ret = ode_external_encryption_umount();
+	} else {
+		printSelectableStorage();
+		return -1;
+	}
+
+	if (ret != 0) {
+		std::cerr << "Error : " << ret <<std::endl;
+	}
+
+	return ret;
+}
+
+static inline int encrypt_storage(const std::string name)
+{
+	int ret;
+
+	if (name == "internal") {
+		std::string password = getPassword();
+		ret = ode_internal_encryption_encrypt(password.c_str());
+	} else if (name == "external") {
+		std::string password = getPassword();
+		ret = ode_external_encryption_encrypt(password.c_str());
+	} else {
+		printSelectableStorage();
+		return -1;
+	}
+
+	if (ret != 0) {
+		std::cerr << "Error : " << ret <<std::endl;
+	}
+
+	return ret;
+}
+
+static inline int decrypt_storage(const std::string name)
+{
+	int ret;
+
+	if (name == "internal") {
+		std::string password = getPassword();
+		ret = ode_internal_encryption_decrypt(password.c_str());
+	} else if (name == "external") {
+		std::string password = getPassword();
+		ret = ode_external_encryption_decrypt(password.c_str());
+	} else {
+		printSelectableStorage();
+		return -1;
+	}
+
+	if (ret != 0) {
+		std::cerr << "Error : " << ret <<std::endl;
+	}
+
+	return ret;
+}
+
+static inline int get_state(const std::string name)
+{
+	int ret, state;
+
+	if (name == "internal") {
+		ret = ode_internal_encryption_get_state(&state);
+	} else if (name == "external") {
+		ret = ode_external_encryption_get_state(&state);
+	} else {
+		printSelectableStorage();
+		return -1;
+	}
+
+	if (ret != 0) {
+		std::cerr << "Error : " << ret <<std::endl;
+	}
+
+	return ret;
+}
+
+static inline int erase(const std::string name)
+{
+	int ret;
+
+	ret = ode_secure_erase(name.c_str());
+	if (ret != 0) {
+		std::cerr << "Error : " << ret <<std::endl;
+	}
+
+	return ret;
+}
+
+static inline int clean(const std::string name)
+{
+	int ret;
+
+	ret = ode_secure_clean(name.c_str());
+	if (ret != 0) {
+		std::cerr << "Error : " << ret <<std::endl;
+	}
+
+	return ret;
 }
 
 int main(int argc, char* argv[])
@@ -45,6 +213,13 @@ int main(int argc, char* argv[])
 
 	struct option options[] = {
 		{"help", no_argument, 0, 'h'},
+		{"mount", required_argument, 0, 'm'},
+		{"umount", required_argument, 0, 'u'},
+		{"encrypt", required_argument, 0, 'e'},
+		{"decrypt", required_argument, 0, 'd'},
+		{"state", required_argument, 0, 's'},
+		{"erase", required_argument, 0, 'r'},
+		{"clean", required_argument, 0, 'c'},
 		{0, 0, 0, 0}
 	};
 
@@ -53,14 +228,32 @@ int main(int argc, char* argv[])
 		return EXIT_SUCCESS;
 	}
 
-	while ((opt = getopt_long(argc, argv, "e:h", options, &index)) != -1) {
+	while ((opt = getopt_long(argc, argv, "m:u:e:d:s:r:c:h", options, &index)) != -1) {
 		switch (opt) {
-		case 'h':
-			usage(argv[0]);
+		case 'm':
+			ret = mount(optarg);
+			break;
+		case 'u':
+			ret = umount(optarg);
+			break;
+		case 'e':
+			ret = encrypt_storage(optarg);
+			break;
+		case 'd':
+			ret = decrypt_storage(optarg);
 			break;
+		case 's':
+			ret = get_state(optarg);
+			break;
+		case 'r':
+			ret = erase(optarg);
+			break;
+		case 'c':
+			ret = clean(optarg);
+			break;
+		case 'h':
 		default:
-			usage(argv[0]);
-			ret = -1;
+			ret = usage(argv[0]);
 		}
 	}