From 5af856b298c4208652493a10d2b466819a4385c9 Mon Sep 17 00:00:00 2001 From: Krzysztof Jackiewicz Date: Fri, 17 Nov 2017 14:46:47 +0100 Subject: [PATCH] Add upgrade related operations to ode-admin-cli Change-Id: I6157f0071a84fbdf157545abcf20d8462d7d5e6a --- tools/cli/ode-admin-cli.cpp | 52 ++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 49 insertions(+), 3 deletions(-) diff --git a/tools/cli/ode-admin-cli.cpp b/tools/cli/ode-admin-cli.cpp index 3a0a77c..dc4e110 100644 --- a/tools/cli/ode-admin-cli.cpp +++ b/tools/cli/ode-admin-cli.cpp @@ -34,6 +34,7 @@ #include #include #include +#include extern char** environ; @@ -54,10 +55,12 @@ static inline int usage(const std::string name) << " require -D and/or -M option." << std::endl << " -L --luks_sync=format|open|close perform LUKS operation using synchronous" << std::endl << " API. May also require -D and/or -M option." << std::endl - << " -D --device= device path required for LUKS format and" << std::endl - << " LUKS open operations" << std::endl + << " -D --device= device path" << std::endl << " -M --mapping= mapping name required for LUKS open and" << std::endl << " LUKS close operations" << std::endl + << " -k, --keys=store|remove Store/remove the master key of given device" << std::endl + << " for the purpose of system upgrade. Requires" << std::endl + << " -D option" << std::endl << " -p, --changepw=internal|external change password" << std::endl << " -s, --state=internal|external get state" << std::endl << " -w, --waitmnt=internal|external wait for mount"<< std::endl @@ -466,6 +469,34 @@ static inline int luks(bool sync, } } +static inline int keys(const std::string& name, const std::string& device) +{ + if (name == "store") { + if (device.empty()) + return usage(name); + + std::string password = getPassword(); + + int ret = ode_key_store_master_key(device.c_str(), password.c_str()); + if (ret != ODE_ERROR_NONE) + std::cerr << "Error : " << ret << std::endl; + return -1; + } + + if (name == "remove") { + if (device.empty()) + return usage(name); + + int ret = ode_key_remove_master_key(device.c_str()); + if (ret != ODE_ERROR_NONE) + std::cerr << "Error : " << ret << std::endl; + return -1; + } + + std::cerr << "Wrong arguments (store|remove)" << std::endl; + return -1; +} + static inline int change_password(const std::string name) { int ret; @@ -586,6 +617,7 @@ int main(int argc, char* argv[]) {"decrypt", required_argument, 0, 'd'}, {"luks" , required_argument, 0, 'l'}, {"luks_sync" , required_argument, 0, 'L'}, + {"keys" , required_argument, 0, 'k'}, {"state", required_argument, 0, 's'}, {"waitmnt", required_argument, 0, 'w'}, {"clean", required_argument, 0, 'c'}, @@ -607,7 +639,7 @@ int main(int argc, char* argv[]) std::string mapping, device, op; bool sync = true; - while ((opt = getopt_long(argc, argv, "m:u:e:d:l:L:p:s:w:c:h", options, &index)) != -1) { + while ((opt = getopt_long(argc, argv, "m:u:e:d:l:L:p:k:s:w:c:h", options, &index)) != -1) { switch (opt) { case 'm': ret = mount(optarg); @@ -641,6 +673,20 @@ int main(int argc, char* argv[]) if (ret == 0) ret = luks(sync, op, device, mapping); break; + case 'k': + op = optarg; + while ((luks_opt = getopt_long(argc, argv, "D:", luks_options, &index)) != -1) { + switch (luks_opt) { + case 'D': + device = optarg; + break; + default: + ret = usage(argv[0]); + } + } + if (ret == 0) + ret = keys(op, device); + break; case 'p': ret = change_password(optarg); break; -- 2.7.4