From: Sungbae Yoo Date: Fri, 3 Feb 2017 09:40:29 +0000 (+0900) Subject: Fix some bugs and rename password APIs X-Git-Tag: submit/tizen/20170213.020148~10 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=refs%2Fchanges%2F39%2F112939%2F1;p=platform%2Fcore%2Fsecurity%2Fode.git Fix some bugs and rename password APIs Signed-off-by: Sungbae Yoo Change-Id: Iee24def8e36c82897c7d35bddf29b75dfcb34160 --- diff --git a/lib/external-encryption.cpp b/lib/external-encryption.cpp index 5fd1be8..d17b444 100644 --- a/lib/external-encryption.cpp +++ b/lib/external-encryption.cpp @@ -62,29 +62,29 @@ int ExternalEncryption::decrypt(const std::string& password) } } -int ExternalEncryption::isPasswordCreated() +int ExternalEncryption::isPasswordInitialized() { try { - return context->methodCall("ExternalEncryption::isPasswordCreated"); + return context->methodCall("ExternalEncryption::isPasswordInitialized"); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::createPassword(const std::string& password) +int ExternalEncryption::initPassword(const std::string& password) { try { - return context->methodCall("ExternalEncryption::createPassword", + return context->methodCall("ExternalEncryption::initPassword", password); } catch (runtime::Exception& e) { return -1; } } -int ExternalEncryption::deletePassword(const std::string& password) +int ExternalEncryption::cleanPassword(const std::string& password) { try { - return context->methodCall("ExternalEncryption::deletePassword", + return context->methodCall("ExternalEncryption::cleanPassword", password); } catch (runtime::Exception& e) { return -1; diff --git a/lib/internal-encryption.cpp b/lib/internal-encryption.cpp index b6ac308..d1ac2e0 100644 --- a/lib/internal-encryption.cpp +++ b/lib/internal-encryption.cpp @@ -62,29 +62,29 @@ int InternalEncryption::decrypt(const std::string& password) } } -int InternalEncryption::isPasswordCreated() +int InternalEncryption::isPasswordInitialized() { try { - return context->methodCall("InternalEncryption::isPasswordCreated"); + return context->methodCall("InternalEncryption::isPasswordInitialized"); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::createPassword(const std::string& password) +int InternalEncryption::initPassword(const std::string& password) { try { - return context->methodCall("InternalEncryption::createPassword", + return context->methodCall("InternalEncryption::initPassword", password); } catch (runtime::Exception& e) { return -1; } } -int InternalEncryption::deletePassword(const std::string& password) +int InternalEncryption::cleanPassword(const std::string& password) { try { - return context->methodCall("InternalEncryption::deletePassword", + return context->methodCall("InternalEncryption::cleanPassword", password); } catch (runtime::Exception& e) { return -1; diff --git a/lib/ode/external-encryption.cpp b/lib/ode/external-encryption.cpp index 25f8dea..64ba04f 100644 --- a/lib/ode/external-encryption.cpp +++ b/lib/ode/external-encryption.cpp @@ -64,22 +64,22 @@ int ode_external_encryption_decrypt(const char* password) return external.decrypt(password); } -int ode_external_encryption_is_password_created(bool *result) +int ode_external_encryption_is_password_initialized(bool* result) { RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER); ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); ExternalEncryption external = client.createInterface(); - int ret = external.isPasswordCreated(); + int ret = external.isPasswordInitialized(); - RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER); + RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); *result = ret; return ODE_ERROR_NONE; } -int ode_external_encryption_create_password(const char *password) +int ode_external_encryption_init_password(const char* password) { RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER); @@ -87,10 +87,10 @@ int ode_external_encryption_create_password(const char *password) RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); ExternalEncryption external = client.createInterface(); - return external.createPassword(password); + return external.initPassword(password); } -int ode_external_encryption_delete_password(const char *password) +int ode_external_encryption_clean_password(const char* password) { RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER); @@ -98,7 +98,7 @@ int ode_external_encryption_delete_password(const char *password) RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); ExternalEncryption external = client.createInterface(); - return external.deletePassword(password); + return external.cleanPassword(password); } int ode_external_encryption_change_password(const char* old_password, @@ -114,7 +114,7 @@ int ode_external_encryption_change_password(const char* old_password, return external.changePassword(old_password, new_password); } -int ode_external_encryption_verify_password(const char *password, int *result) +int ode_external_encryption_verify_password(const char* password, bool* result) { RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER); RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER); @@ -124,7 +124,7 @@ int ode_external_encryption_verify_password(const char *password, int *result) ExternalEncryption external = client.createInterface(); int ret = external.verifyPassword(password); - RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER); + RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); *result = ret; return ODE_ERROR_NONE; @@ -139,7 +139,7 @@ int ode_external_encryption_get_state(int* state) ExternalEncryption external = client.createInterface(); int ret = external.getState(); - RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER); + RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); *state = ret; return ODE_ERROR_NONE; diff --git a/lib/ode/external-encryption.h b/lib/ode/external-encryption.h index b5275e0..e4c6d1b 100644 --- a/lib/ode/external-encryption.h +++ b/lib/ode/external-encryption.h @@ -45,7 +45,7 @@ extern "C" { * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre The password must match with what is set by - * ode_external_encryption_create_password(). + * ode_external_encryption_init_password(). * @see ode_external_encryption_encrypt() * @see ode_external_encryption_umount() */ @@ -102,7 +102,7 @@ ODE_API int ode_external_encryption_encrypt(const char* password, unsigned int o * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre The password must match with what is set by - * ode_external_encryption_create_password(). + * ode_external_encryption_init_password(). * @see ode_external_encryption_encrypt() */ ODE_API int ode_external_encryption_decrypt(const char* password); @@ -121,10 +121,10 @@ ODE_API int ode_external_encryption_decrypt(const char* password); * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API - * @see ode_external_encryption_created_password() - * @see ode_external_encryption_delete_password() + * @see ode_external_encryption_init_password() + * @see ode_external_encryption_clean_password() */ -ODE_API int ode_external_encryption_is_password_created(bool* result); +ODE_API int ode_external_encryption_is_password_initialized(bool* result); /** * @brief Initialize external encryption password to given password @@ -140,17 +140,17 @@ ODE_API int ode_external_encryption_is_password_created(bool* result); * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @see ode_external_encryption_change_password() - * @see ode_external_encryption_delete_password() + * @see ode_external_encryption_clean_password() * @see ode_external_encryption_encrypt() * @see ode_external_encryption_decrypt() * @see ode_external_encryption_mount() */ -ODE_API int ode_external_encryption_create_password(const char* password); +ODE_API int ode_external_encryption_init_password(const char* password); /** * @brief Remove external encryption password * @details Administrator can use this API to delete password that was set - by ode_external_encryption_create_password(). + by ode_external_encryption_init_password(). * @since_tizen 3.0 * @param[in] password The password to delete * @return #ODE_ERROR_NONE on success, otherwise a negative value @@ -162,10 +162,10 @@ ODE_API int ode_external_encryption_create_password(const char* password); * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre The password must match with what is set by - * ode_external_encryption_create_password(). - * @see ode_external_encryption_create_password() + * ode_external_encryption_init_password(). + * @see ode_external_encryption_init_password() */ -ODE_API int ode_external_encryption_delete_password(const char* password); +ODE_API int ode_external_encryption_clean_password(const char* password); /** * @brief Change the password for external storage. @@ -183,7 +183,7 @@ ODE_API int ode_external_encryption_delete_password(const char* password); * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre The password must match with what is set by - * ode_external_encryption_create_password(). + * ode_external_encryption_init_password(). * @see ode_external_encryption_encrypt() */ ODE_API int ode_external_encryption_change_password(const char* old_password, @@ -194,7 +194,8 @@ ODE_API int ode_external_encryption_change_password(const char* old_password, * @details Administrator can use this API to find if a password is used by external encryption * @since_tizen 3.0 - * @param[out] password The password to be verified + * @param[int] password The password to be verified + * @param[out] result The result of verification * @return #ODE_ERROR_NONE on success, otherwise a negative value * @retval #ODE_ERROR_NONE Successful * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter @@ -202,10 +203,10 @@ ODE_API int ode_external_encryption_change_password(const char* old_password, * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre The password must match with what is set by - * ode_external_encryption_create_password(). + * ode_external_encryption_init_password(). * @see ode_external_encryption_encrypt() */ -ODE_API int ode_external_encryption_verify_password(const char *password); +ODE_API int ode_external_encryption_verify_password(const char* password, bool* result); /** * @brief Get current encryption state of external storage. diff --git a/lib/ode/internal-encryption.cpp b/lib/ode/internal-encryption.cpp index 9f62e04..16947f8 100644 --- a/lib/ode/internal-encryption.cpp +++ b/lib/ode/internal-encryption.cpp @@ -64,22 +64,22 @@ int ode_internal_encryption_decrypt(const char* password) return internal.decrypt(password); } -int ode_internal_encryption_is_password_created(int *result) +int ode_internal_encryption_is_password_initialized(bool* result) { RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER); ODEContext client; RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); InternalEncryption internal = client.createInterface(); - int ret = internal.isPasswordCreated(); + int ret = internal.isPasswordInitialized(); - RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER); + RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); *result = ret; return ODE_ERROR_NONE; } -int ode_internal_encryption_create_password(const char *password) +int ode_internal_encryption_init_password(const char* password) { RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER); @@ -87,10 +87,10 @@ int ode_internal_encryption_create_password(const char *password) RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); InternalEncryption internal = client.createInterface(); - return internal.createPassword(password); + return internal.initPassword(password); } -int ode_internal_encryption_delete_password(const char *password) +int ode_internal_encryption_clean_password(const char* password) { RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER); @@ -98,7 +98,7 @@ int ode_internal_encryption_delete_password(const char *password) RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED); InternalEncryption internal = client.createInterface(); - return internal.deletePassword(password); + return internal.cleanPassword(password); } int ode_internal_encryption_change_password(const char* old_password, @@ -114,7 +114,7 @@ int ode_internal_encryption_change_password(const char* old_password, return internal.changePassword(old_password, new_password); } -int ode_internal_encryption_verify_password(const char *password, int *result) +int ode_internal_encryption_verify_password(const char* password, bool* result) { RET_ON_FAILURE(password, ODE_ERROR_INVALID_PARAMETER); RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER); @@ -124,7 +124,7 @@ int ode_internal_encryption_verify_password(const char *password, int *result) InternalEncryption internal = client.createInterface(); int ret = internal.verifyPassword(password); - RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER); + RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); *result = ret; return ODE_ERROR_NONE; @@ -139,7 +139,7 @@ int ode_internal_encryption_get_state(int* state) InternalEncryption internal = client.createInterface(); int ret = internal.getState(); - RET_ON_FAILURE(ret < 0, ODE_ERROR_INVALID_PARAMETER); + RET_ON_FAILURE(ret >= 0, ODE_ERROR_INVALID_PARAMETER); *state = ret; return ODE_ERROR_NONE; diff --git a/lib/ode/internal-encryption.h b/lib/ode/internal-encryption.h index f29b31a..76d6220 100644 --- a/lib/ode/internal-encryption.h +++ b/lib/ode/internal-encryption.h @@ -44,7 +44,7 @@ extern "C" { * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre The password must match with what is set by - * ode_internal_encryption_create_password(). + * ode_internal_encryption_init_password(). * @see ode_internal_encryption_encrypt() * @see ode_internal_encryption_umount() */ @@ -82,7 +82,7 @@ ODE_API int ode_internal_encryption_umount(); * @retval #ODE_ERROR_NOT_SUPPORTED Given options are not supported * the privilege to call this API * @pre The password must match with what is set by - * ode_internal_encryption_create_password(). + * ode_internal_encryption_init_password(). * @see ode_internal_encryption_mount() * @see ode_internal_encryption_decrypt() * @see ode_internal_encryption_get_supported_options() @@ -103,7 +103,7 @@ ODE_API int ode_internal_encryption_encrypt(const char* password, unsigned int o * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre The password must match with what is set by - * ode_internal_encryption_create_password(). + * ode_internal_encryption_init_password(). * @see ode_internal_encryption_encrypt() */ ODE_API int ode_internal_encryption_decrypt(const char* password); @@ -122,10 +122,10 @@ ODE_API int ode_internal_encryption_decrypt(const char* password); * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API - * @see ode_internal_encryption_created_password() - * @see ode_internal_encryption_delete_password() + * @see ode_internal_encryption_init_password() + * @see ode_internal_encryption_clean_password() */ -ODE_API int ode_internal_encryption_is_password_created(bool* result); +ODE_API int ode_internal_encryption_is_password_initialized(bool* result); /** * @brief Initialize internal encryption password to given password @@ -141,17 +141,17 @@ ODE_API int ode_internal_encryption_is_password_created(bool* result); * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @see ode_internal_encryption_change_password() - * @see ode_internal_encryption_delete_password() + * @see ode_internal_encryption_clean_password() * @see ode_internal_encryption_encrypt() * @see ode_internal_encryption_decrypt() * @see ode_internal_encryption_mount() */ -ODE_API int ode_internal_encryption_create_password(const char* password); +ODE_API int ode_internal_encryption_init_password(const char* password); /** * @brief Remove internal encryption password * @details Administrator can use this API to delete password that was set - by ode_internal_encryption_create_password(). + by ode_internal_encryption_init_password(). * @since_tizen 3.0 * @param[in] password The password to delete * @return #ODE_ERROR_NONE on success, otherwise a negative value @@ -163,10 +163,10 @@ ODE_API int ode_internal_encryption_create_password(const char* password); * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre The password must match with what is set by - * ode_internal_encryption_create_password(). - * @see ode_internal_encryption_create_password() + * ode_internal_encryption_init_password(). + * @see ode_internal_encryption_init_password() */ -ODE_API int ode_internal_encryption_delete_password(const char* password); +ODE_API int ode_internal_encryption_clean_password(const char* password); /** * @brief Change the password for internal storage. @@ -184,8 +184,8 @@ ODE_API int ode_internal_encryption_delete_password(const char* password); * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre Old password must match with what is set by - * ode_internal_encryption_create_password(). - * @see ode_internal_encryption_create_password() + * ode_internal_encryption_init_password(). + * @see ode_internal_encryption_init_password() */ ODE_API int ode_internal_encryption_change_password(const char* old_password, const char* new_password); @@ -195,7 +195,8 @@ ODE_API int ode_internal_encryption_change_password(const char* old_password, * @details Administrator can use this API to find if a password is used by internal encryption * @since_tizen 3.0 - * @param[out] password The password to be verified + * @param[in] password The password to be verified + * @param[out] result The result of verification * @return #ODE_ERROR_NONE on success, otherwise a negative value * @retval #ODE_ERROR_NONE Successful * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter @@ -203,11 +204,11 @@ ODE_API int ode_internal_encryption_change_password(const char* old_password, * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have * the privilege to call this API * @pre The password must match with what is set by - * ode_internal_encryption_create_password(). - * @see ode_internal_encryption_create_password() + * ode_internal_encryption_init_password(). + * @see ode_internal_encryption_init_password() * @see ode_internal_encryption_change_password() */ -ODE_API int ode_internal_encryption_verify_password(const char *password); +ODE_API int ode_internal_encryption_verify_password(const char* password, bool* result); /** * @brief Get current encryption state of internal storage. diff --git a/rmi/external-encryption.h b/rmi/external-encryption.h index f475842..da1c9c5 100644 --- a/rmi/external-encryption.h +++ b/rmi/external-encryption.h @@ -39,9 +39,9 @@ public: int encrypt(const std::string& password, unsigned int options); int decrypt(const std::string& password); - int isPasswordCreated(); - int createPassword(const std::string& password); - int deletePassword(const std::string& password); + int isPasswordInitialized(); + int initPassword(const std::string& password); + int cleanPassword(const std::string& password); int changePassword(const std::string& oldPW, const std::string& newPW); int verifyPassword(const std::string& password); diff --git a/rmi/internal-encryption.h b/rmi/internal-encryption.h index 28cb193..d6c3d85 100644 --- a/rmi/internal-encryption.h +++ b/rmi/internal-encryption.h @@ -36,9 +36,9 @@ public: int encrypt(const std::string& password, unsigned int options); int decrypt(const std::string& password); - int isPasswordCreated(); - int createPassword(const std::string& password); - int deletePassword(const std::string& password); + int isPasswordInitialized(); + int initPassword(const std::string& password); + int cleanPassword(const std::string& password); int changePassword(const std::string& oldPW, const std::string& newPW); int verifyPassword(const std::string& password); diff --git a/server/engine/dmcrypt-engine.cpp b/server/engine/dmcrypt-engine.cpp index 5286210..27d4075 100644 --- a/server/engine/dmcrypt-engine.cpp +++ b/server/engine/dmcrypt-engine.cpp @@ -344,7 +344,7 @@ void DMCryptEngine::decrypt(const DMCryptEngine::data &key, unsigned int options destroyCryptoBlkDev(DM_LABEL); } -bool DMCryptEngine::isKeyMetaCreated() +bool DMCryptEngine::isKeyMetaSet() { return FileFooter::exist(source); } diff --git a/server/engine/dmcrypt-engine.h b/server/engine/dmcrypt-engine.h index da57559..8f71f44 100644 --- a/server/engine/dmcrypt-engine.h +++ b/server/engine/dmcrypt-engine.h @@ -68,7 +68,7 @@ public: void encrypt(const data &key, unsigned int options); void decrypt(const data &key, unsigned int options); - bool isKeyMetaCreated(); + bool isKeyMetaSet(); const data getKeyMeta(); void setKeyMeta(const data &data); void clearKeyMeta(); diff --git a/server/engine/ecryptfs-engine.cpp b/server/engine/ecryptfs-engine.cpp index a3666cf..56fe6f7 100644 --- a/server/engine/ecryptfs-engine.cpp +++ b/server/engine/ecryptfs-engine.cpp @@ -403,7 +403,7 @@ void EcryptfsEngine::decrypt(const data &key, unsigned int options) progress.done(); } -bool EcryptfsEngine::isKeyMetaCreated() +bool EcryptfsEngine::isKeyMetaSet() { return FileFooter::exist(source); } diff --git a/server/engine/ecryptfs-engine.h b/server/engine/ecryptfs-engine.h index 9a61f18..fe86f86 100644 --- a/server/engine/ecryptfs-engine.h +++ b/server/engine/ecryptfs-engine.h @@ -61,7 +61,7 @@ public: void encrypt(const data& key, unsigned int); void decrypt(const data& key, unsigned int); - bool isKeyMetaCreated(); + bool isKeyMetaSet(); const data getKeyMeta(); void setKeyMeta(const data &data); void clearKeyMeta(); diff --git a/server/engine/ext4-engine.cpp b/server/engine/ext4-engine.cpp index c4c0ce6..e04801a 100644 --- a/server/engine/ext4-engine.cpp +++ b/server/engine/ext4-engine.cpp @@ -494,7 +494,7 @@ void Ext4Engine::decrypt(const Ext4Engine::data& key, unsigned int options) ::remove(secondMountPoint.c_str()); } -bool Ext4Engine::isKeyMetaCreated() +bool Ext4Engine::isKeyMetaSet() { return FileFooter::exist(source); } diff --git a/server/engine/ext4-engine.h b/server/engine/ext4-engine.h index 00ceb1f..eb233f4 100644 --- a/server/engine/ext4-engine.h +++ b/server/engine/ext4-engine.h @@ -53,7 +53,7 @@ public: void encrypt(const data &key, unsigned int options); void decrypt(const data &key, unsigned int options); - bool isKeyMetaCreated(); + bool isKeyMetaSet(); const data getKeyMeta(); void setKeyMeta(const data &data); void clearKeyMeta(); diff --git a/server/external-encryption.cpp b/server/external-encryption.cpp index 7374913..8363b6d 100644 --- a/server/external-encryption.cpp +++ b/server/external-encryption.cpp @@ -152,9 +152,9 @@ ExternalEncryption::ExternalEncryption(ODEControlContext &ctx) : context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::umount)); context.registerParametricMethod(this, "", (int)(ExternalEncryption::encrypt)(std::string, unsigned int)); context.registerParametricMethod(this, "", (int)(ExternalEncryption::decrypt)(std::string)); - context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::isPasswordCreated)); - context.registerParametricMethod(this, "", (int)(ExternalEncryption::createPassword)(std::string)); - context.registerParametricMethod(this, "", (int)(ExternalEncryption::deletePassword)(std::string)); + context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::isPasswordInitialized)); + context.registerParametricMethod(this, "", (int)(ExternalEncryption::initPassword)(std::string)); + context.registerParametricMethod(this, "", (int)(ExternalEncryption::cleanPassword)(std::string)); context.registerParametricMethod(this, "", (int)(ExternalEncryption::changePassword)(std::string, std::string)); context.registerParametricMethod(this, "", (int)(ExternalEncryption::verifyPassword)(std::string)); context.registerNonparametricMethod(this, "", (int)(ExternalEncryption::getState)); @@ -248,30 +248,25 @@ int ExternalEncryption::decrypt(const std::string &password) return 0; } -int ExternalEncryption::isPasswordCreated() +int ExternalEncryption::isPasswordInitialized() { - if (engine.isKeyMetaCreated()) { + if (engine.isKeyMetaSet()) { return 1; } return 0; } - -int ExternalEncryption::createPassword(const std::string& password) +int ExternalEncryption::initPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager; - if (engine.isKeyMetaCreated()) { - return -2; - } - keyManager.initPassword(pwData); engine.setKeyMeta(keyManager.serialize()); return 0; } -int ExternalEncryption::deletePassword(const std::string& password) +int ExternalEncryption::cleanPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager(engine.getKeyMeta()); @@ -306,7 +301,7 @@ int ExternalEncryption::verifyPassword(const std::string& password) KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager(engine.getKeyMeta()); - if (!keyManager.verifyPassword(pwData)) { + if (keyManager.verifyPassword(pwData)) { return 1; } return 0; diff --git a/server/internal-encryption.cpp b/server/internal-encryption.cpp index 8c279b0..a8f3ad6 100644 --- a/server/internal-encryption.cpp +++ b/server/internal-encryption.cpp @@ -120,9 +120,9 @@ InternalEncryption::InternalEncryption(ODEControlContext& ctx) : context.registerNonparametricMethod(this, "", (int)(InternalEncryption::umount)); context.registerParametricMethod(this, "", (int)(InternalEncryption::encrypt)(std::string, unsigned int)); context.registerParametricMethod(this, "", (int)(InternalEncryption::decrypt)(std::string)); - context.registerNonparametricMethod(this, "", (int)(InternalEncryption::isPasswordCreated)); - context.registerParametricMethod(this, "", (int)(InternalEncryption::createPassword)(std::string)); - context.registerParametricMethod(this, "", (int)(InternalEncryption::deletePassword)(std::string)); + context.registerNonparametricMethod(this, "", (int)(InternalEncryption::isPasswordInitialized)); + context.registerParametricMethod(this, "", (int)(InternalEncryption::initPassword)(std::string)); + context.registerParametricMethod(this, "", (int)(InternalEncryption::cleanPassword)(std::string)); context.registerParametricMethod(this, "", (int)(InternalEncryption::changePassword)(std::string, std::string)); context.registerParametricMethod(this, "", (int)(InternalEncryption::verifyPassword)(std::string)); context.registerNonparametricMethod(this, "", (int)(InternalEncryption::getState)); @@ -249,29 +249,25 @@ int InternalEncryption::decrypt(const std::string& password) return 0; } -int InternalEncryption::isPasswordCreated() +int InternalEncryption::isPasswordInitialized() { - if (engine.isKeyMetaCreated()) { + if (engine.isKeyMetaSet()) { return 1; } return 0; } -int InternalEncryption::createPassword(const std::string& password) +int InternalEncryption::initPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager; - if (engine.isKeyMetaCreated()) { - return -2; - } - keyManager.initPassword(pwData); engine.setKeyMeta(keyManager.serialize()); return 0; } -int InternalEncryption::deletePassword(const std::string& password) +int InternalEncryption::cleanPassword(const std::string& password) { KeyManager::data pwData(password.begin(), password.end()); KeyManager keyManager(engine.getKeyMeta()); diff --git a/tools/cli/ode-admin-cli.cpp b/tools/cli/ode-admin-cli.cpp index 0625f4d..7d6f0d2 100644 --- a/tools/cli/ode-admin-cli.cpp +++ b/tools/cli/ode-admin-cli.cpp @@ -125,8 +125,24 @@ static inline int encrypt_storage(const std::string name) int ret; if (name == "internal") { + bool result = false; + ode_internal_encryption_is_password_initialized(&result); + + if (!result) { + std::cout << "New "; + std::string password = getPassword(); + ode_internal_encryption_init_password(password.c_str()); + } + + result = false; + std::cout << "Confirm "; std::string password = getPassword(); - ode_internal_encryption_create_password(password.c_str()); + ode_internal_encryption_verify_password(password.c_str(), &result); + + if (!result) { + std::cerr << "Confirm password doesn't match" << std::endl; + return -1; + } unsigned int options = 0; ode_internal_encryption_get_supported_options(&options); @@ -141,8 +157,24 @@ static inline int encrypt_storage(const std::string name) } ret = ode_internal_encryption_encrypt(password.c_str(), options); } else if (name == "external") { + bool result = false; + ode_external_encryption_is_password_initialized(&result); + + if (!result) { + std::cout << "New "; + std::string password = getPassword(); + ode_external_encryption_init_password(password.c_str()); + } + + result = false; + std::cout << "Confirm "; std::string password = getPassword(); - ode_external_encryption_create_password(password.c_str()); + ode_external_encryption_verify_password(password.c_str(), &result); + + if (!result) { + std::cerr << "Confirm password doesn't match" << std::endl; + return -1; + } unsigned int options; ode_external_encryption_get_supported_options(&options); @@ -182,11 +214,15 @@ static inline int decrypt_storage(const std::string name) if (name == "internal") { std::string password = getPassword(); ret = ode_internal_encryption_decrypt(password.c_str()); - ode_internal_encryption_delete_password(password.c_str()); + if (ret == 0) { + ode_internal_encryption_clean_password(password.c_str()); + } } else if (name == "external") { std::string password = getPassword(); ret = ode_external_encryption_decrypt(password.c_str()); - ode_external_encryption_delete_password(password.c_str()); + if (ret == 0) { + ode_external_encryption_clean_password(password.c_str()); + } } else { printSelectableStorage(); return -1;