From ea896bbce6b7f21772de779faf0f0c29de845a24 Mon Sep 17 00:00:00 2001
From: Kyungwook Tak <k.tak@samsung.com>
Date: Fri, 11 Sep 2015 12:01:42 +0900
Subject: [PATCH] Disable optional password protection temporary

couldn't remove data which is protected by optional password

Change-Id: I0a0e67ddcf40bd0d0f90585d58469a950317a6f0
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
---
 CMakeLists.txt                       | 7 +++++++
 packaging/key-manager.spec           | 6 ++++++
 src/manager/service/crypto-logic.cpp | 6 ++++++
 3 files changed, 19 insertions(+)

diff --git a/CMakeLists.txt b/CMakeLists.txt
index ab1548c..f67001e 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -65,6 +65,13 @@ ELSE (DEFINED SECURITY_MDFPP_STATE_ENABLE)
     MESSAGE("SECURITY_MDFPP_STATE_ENABLE DISABLED !")
 ENDIF (DEFINED SECURITY_MDFPP_STATE_ENABLE)
 
+IF (DEFINED OPTIONAL_PASSWORD_ENABLE)
+    MESSAGE("OPTIONAL_PASSWORD_ENABLE ON")
+    ADD_DEFINITIONS("-DOPTIONAL_PASSWORD_ENABLE")
+ELSE (DEFINED OPTIONAL_PASSWORD_ENABLE)
+    MESSAGE("OPTIONAL_PASSWORD_ENABLE OFF")
+ENDIF (DEFINED OPTIONAL_PASSWORD_ENABLE)
+
 IF (DEFINED SYSTEMD_ENV_FILE)
     ADD_DEFINITIONS(-DSYSTEMD_ENV_FILE="${SYSTEMD_ENV_FILE}")
 ENDIF (DEFINED SYSTEMD_ENV_FILE)
diff --git a/packaging/key-manager.spec b/packaging/key-manager.spec
index 3634305..ba3b79d 100644
--- a/packaging/key-manager.spec
+++ b/packaging/key-manager.spec
@@ -105,6 +105,9 @@ cp -a %{SOURCE1002} .
 cp -a %{SOURCE1003} .
 cp -a %{SOURCE1004} .
 
+# optional password disabled temporary for milestone release
+%define ckm_optional_password_enable 0
+
 %build
 %if 0%{?sec_build_binary_debug_enable}
     export CFLAGS="$CFLAGS -DTIZEN_DEBUG_ENABLE"
@@ -121,6 +124,9 @@ export LDFLAGS+="-Wl,--rpath=%{_libdir},-Bsymbolic-functions "
 %if "%{sec_product_feature_security_mdfpp_enable}" == "1"
         -DSECURITY_MDFPP_STATE_ENABLE=1 \
 %endif
+%if 0%{?ckm_optional_password_enable}
+        -DOPTIONAL_PASSWORD_ENABLE=1 \
+%endif
         -DSYSTEMD_UNIT_DIR=%{_unitdir} \
         -DSYSTEMD_ENV_FILE="/etc/sysconfig/central-key-manager" \
         -DMOCKUP_SM=%{?mockup_sm:%mockup_sm}%{!?mockup_sm:OFF}
diff --git a/src/manager/service/crypto-logic.cpp b/src/manager/service/crypto-logic.cpp
index 75c9b40..b51e6c4 100644
--- a/src/manager/service/crypto-logic.cpp
+++ b/src/manager/service/crypto-logic.cpp
@@ -152,12 +152,16 @@ void CryptoLogic::encryptRow(const Password &password, DB::Row &row)
 
         crow.tag = dataPair.second;
 
+#ifdef OPTIONAL_PASSWORD_ENABLE
         if (!password.empty()) {
             key = passwordToKey(password, crow.iv, AES_CBC_KEY_SIZE);
 
             crow.data = Crypto::SW::Internals::encryptDataAes(AlgoType::AES_CBC, key, crow.data, crow.iv);
             crow.encryptionScheme |= ENCR_PASSWORD;
         }
+#else
+        (void)password;
+#endif
 
         encBase64(crow.data);
         crow.encryptionScheme |= ENCR_BASE64;
@@ -198,10 +202,12 @@ void CryptoLogic::decryptRow(const Password &password, DB::Row &row)
             decBase64(crow.data);
         }
 
+#ifdef OPTIONAL_PASSWORD_ENABLE
         if (crow.encryptionScheme & ENCR_PASSWORD) {
             key = passwordToKey(password, crow.iv, AES_CBC_KEY_SIZE);
             crow.data = Crypto::SW::Internals::decryptDataAes(AlgoType::AES_CBC, key, crow.data, crow.iv);
         }
+#endif
 
         if (crow.encryptionScheme & ENCR_APPKEY) {
             key = m_keyMap[crow.ownerLabel];
-- 
2.7.4