From 1c1b80f855e3aa252de60de504ba41d8d0928c7d Mon Sep 17 00:00:00 2001
From: Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
Date: Tue, 28 Nov 2017 16:13:12 +0100
Subject: [PATCH] Properly handle errors related to key storage plugin

- Don't fail if an attempt to remove a non-existing token is made
- Don't fail if the plugin does not recognize the token used for key removal
- Ask the plugin to remove the key before overwriting the token
- Use error codes from ksp API

Change-Id: I9d6e60917b933506cd431d852f859f5c2a29b55f
---
 server/upgrade-support.cpp | 39 ++++++++++++++++++++++++++++++++++-----
 1 file changed, 34 insertions(+), 5 deletions(-)

diff --git a/server/upgrade-support.cpp b/server/upgrade-support.cpp
index bea13da..11c49b8 100644
--- a/server/upgrade-support.cpp
+++ b/server/upgrade-support.cpp
@@ -28,8 +28,12 @@
 
 #include <klay/filesystem.h>
 #include <klay/exception.h>
+
 #include <rmi/common.h>
 
+#include <logger.h>
+#include <ode-key-storage-plugin/ode-key-storage-plugin.h>
+
 namespace ode {
 
 namespace {
@@ -116,7 +120,7 @@ BinaryData KeyStoragePlugin::store(const BinaryData& key)
 	unsigned char* token = NULL;
 	size_t token_len = 0;
 	int ret = storeFn(key.data(), key.size(), &token, &token_len);
-	if (ret != 0)
+	if (ret != ODE_KSP_ERROR_NONE)
 		throw runtime::Exception(std::string("Storing the key failed with ") +
 								 std::to_string(ret));
 
@@ -130,7 +134,7 @@ BinaryData KeyStoragePlugin::load(const BinaryData& token)
 	unsigned char* key = NULL;
 	size_t key_len = 0;
 	int ret = loadFn(token.data(), token.size(), &key, &key_len);
-	if (ret != 0)
+	if (ret != ODE_KSP_ERROR_NONE)
 		throw runtime::Exception(std::string("Loading the key failed with ") +
 								 std::to_string(ret));
 
@@ -142,7 +146,11 @@ BinaryData KeyStoragePlugin::load(const BinaryData& token)
 void KeyStoragePlugin::remove(const BinaryData& token)
 {
 	int ret = removeFn(token.data(), token.size());
-	if (ret != 0)
+	if (ret == ODE_KSP_ERROR_NO_SUCH_FILE) {
+		INFO(SINK, "Key storage plugin does not recognize the token. Ignoring.");
+		return;
+	}
+	if (ret != ODE_KSP_ERROR_NONE)
 		throw runtime::Exception(std::string("Removing the key failed with ") +
 								 std::to_string(ret));
 }
@@ -159,6 +167,10 @@ void readToken(runtime::File &file, BinaryData& token)
 {
 	size_t tokenSize;
 
+	if (!file.exists()) {
+		token.clear();
+		return;
+	}
 	file.open(O_RDONLY);
 
 	file.read(&tokenSize, sizeof(tokenSize));
@@ -188,10 +200,18 @@ void storeMasterKey(const std::string &device, const BinaryData& key)
 {
 	std::lock_guard<std::mutex> lock(opGuard);
 
-	auto& up = KeyStoragePlugin::Instance();
-	auto token = up.store(key);
+	BinaryData token;
 
 	runtime::File file(getTokenFileName(device));
+	readToken(file, token);
+
+	auto& up = KeyStoragePlugin::Instance();
+
+	// remove previous entry if necessary
+	if (!token.empty())
+		up.remove(token);
+
+	token = up.store(key);
 
 	writeToken(file, token);
 }
@@ -205,6 +225,9 @@ BinaryData loadMasterKey(const std::string &device)
 	runtime::File file(getTokenFileName(device));
 	readToken(file, token);
 
+	if (token.empty())
+		throw runtime::Exception("Token opening failed");
+
 	auto& up = KeyStoragePlugin::Instance();
 	return up.load(token);
 }
@@ -218,6 +241,12 @@ void removeMasterKey(const std::string &device)
 	runtime::File file(getTokenFileName(device));
 	readToken(file, token);
 
+	// already removed
+	if (token.empty()) {
+		INFO(SINK, "Token for " + device + " does not exist. Ignoring.");
+		return;
+	}
+
 	auto& up = KeyStoragePlugin::Instance();
 	up.remove(token);
 
-- 
2.7.4