- separate corrupted error into "error_partially_encrypted" and "error_partially_decrypted"
- fix to expose the external recovery API and add it to cli tool
Change-Id: I601a83a6a72e22be5c44d13ff830896300c5e578
Signed-off-by: seolheui kim <s414.kim@samsung.com>
typedef enum {
ODE_STATE_UNENCRYPTED = 0x00, /**< Device is not encrypted */
ODE_STATE_ENCRYPTED = 0x01, /**< Device is encrypted */
- ODE_STATE_CORRUPTED = 0x02 /**< Device is corrupted because of encryption error */
+ ODE_STATE_CORRUPTED_ENCRYPTION = 0x02, /**< Device is corrupted because of encryption error */
+ ODE_STATE_CORRUPTED_DECRYPTION = 0x03, /**< Device is corrupted becouse of decryption error */
} ode_state_e;
/**
enum State {
Unencrypted = 0x00,
Encrypted = 0x01,
- Corrupted = 0x02,
+ CorruptedEncryption = 0x02,
+ CorruptedDecryption = 0x03,
+ Invalid = 0x04,
};
virtual int getState() = 0;
enum State {
Unencrypted = 0x00,
Encrypted = 0x01,
- Corrupted = 0x02,
+ CorruptedEncryption = 0x02,
+ CorruptedDecryption = 0x03,
+ Invalid = 0x04,
};
virtual int getState() = 0;
server.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::umount)());
server.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::encrypt)(std::string, unsigned int));
server.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::decrypt)(std::string));
+ server.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::recovery)());
server.expose(this, "", (int)(ExternalEncryptionServer::isPasswordInitialized)());
server.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::initPassword)(std::string));
server.expose(this, PRIVILEGE_PLATFORM, (int)(ExternalEncryptionServer::cleanPassword)(std::string));
}
INFO(SINK, "Decryption started.");
- ::vconf_set_str(VCONFKEY_SDE_CRYPTO_STATE, "error_partially_encrypted");
+ ::vconf_set_str(VCONFKEY_SDE_CRYPTO_STATE, "error_partially_decrypted");
engine->decrypt(masterKey, getOptions());
INFO(SINK, "Decryption completed.");
std::string valueStr(value);
free(value);
- if (valueStr == "encrypted") {
+ if (valueStr == "encrypted")
return State::Encrypted;
- } else if (valueStr == "unencrypted") {
+ else if (valueStr == "unencrypted")
return State::Unencrypted;
- } else {
- return State::Corrupted;
- }
+ else if (valueStr == "error_partially_encrypted")
+ return State::CorruptedEncryption;
+ else if (valueStr == "error_partially_decrypted")
+ return State::CorruptedDecryption;
+
+ return State::Invalid;
}
unsigned int ExternalEncryptionServer::getSupportedOptions()
#include "progress-bar.h"
#include "rmi/common.h"
+#include "ext4-tool.h"
#include "internal-encryption.h"
#include "internal-encryption-common.h"
}
INFO(SINK, "Decryption started.");
- ::vconf_set_str(VCONFKEY_ODE_CRYPTO_STATE, "error_partially_encrypted");
+ ::vconf_set_str(VCONFKEY_ODE_CRYPTO_STATE, "error_partially_decrypted");
engine->decrypt(masterKey, getOptions());
INFO(SINK, "Decryption complete.");
if (state == State::Unencrypted)
return error::NoSuchDevice;
- if (state == State::Corrupted) {
- const char *mkfsPath = "/sbin/mkfs.ext4";
- std::vector<std::string> formatArg = {
- mkfsPath, "-F", engine->getSource()};
- runtime::Process proc(mkfsPath, formatArg);
-
- int ret = proc.execute();
- if (ret < 0)
- throw runtime::Exception("Failed to execute mkfs.ext4");
-
- ret = proc.waitForFinished();
- if (ret < 0 || !WIFEXITED(ret) || WEXITSTATUS(ret) != 0)
- throw runtime::Exception("Failed to wait for finish of format");
- }
+ if (state == State::CorruptedEncryption || state == State::CorruptedDecryption)
+ Ext4Tool::mkfs(engine->getSource());
std::fstream fs;
fs.open("/opt/.factoryreset", std::ios::out);
std::string valueStr(value);
free(value);
- if (valueStr == "encrypted") {
+ if (valueStr == "encrypted")
return State::Encrypted;
- } else if (valueStr == "unencrypted") {
+ else if (valueStr == "unencrypted")
return State::Unencrypted;
- } else {
- return State::Corrupted;
- }
+ else if (valueStr == "error_partially_encrypted")
+ return State::CorruptedEncryption;
+ else if (valueStr == "error_partially_decrypted")
+ return State::CorruptedDecryption;
+
+ return State::Invalid;
}
unsigned int InternalEncryptionServer::getSupportedOptions()
<< " -s, --state=internal|external get state" << std::endl
<< " -w, --waitmnt=internal|external wait for mount"<< std::endl
<< " -c, --clean=DIRECTORY secure-clean" << std::endl
- << " -r, --recovery recovery" << std::endl
+ << " -r, --recovery=internal|external recovery" << std::endl
<< " -h, --help show this" << std::endl
<< std::endl;
case ODE_STATE_UNENCRYPTED:
std::cout << "Unencrypted";
break;
- case ODE_STATE_CORRUPTED:
- std::cout << "Corrupted";
+ case ODE_STATE_CORRUPTED_ENCRYPTION:
+ std::cout << "Corrupted Encryption";
break;
+ case ODE_STATE_CORRUPTED_DECRYPTION:
+ std::cout << "Corrupted Decryption";
+ break;
+ default:
+ std::cout << "Invalid";
}
std::cout << std::endl;
return ret;
}
-static inline int recovery()
+static inline int recovery(const std::string &name)
{
- int ret = 0;
+ int ret = -1;
+
+ if (name == "internal")
+ ret = ode_internal_encryption_recovery();
+ else if (name == "external")
+ ret = ode_external_encryption_recovery();
- ret = ode_internal_encryption_recovery();
if (ret != 0)
std::cerr << "Error : " << ret << std::endl;
{"state", required_argument, 0, 's'},
{"waitmnt", required_argument, 0, 'w'},
{"clean", required_argument, 0, 'c'},
- {"recovery", no_argument, 0, 'r'},
+ {"recovery", required_argument, 0, 'r'},
{0, 0, 0, 0}
};
std::string mapping, device, op;
bool sync = true;
- while ((opt = getopt_long(argc, argv, "m:u:e:d:l:L:p:k:s:w:c:rh", options, &index)) != -1) {
+ while ((opt = getopt_long(argc, argv, "m:u:e:d:l:L:p:k:s:w:c:r:h", options, &index)) != -1) {
switch (opt) {
case 'm':
ret = mount(optarg);
ret = clean(optarg);
break;
case 'r':
- ret = recovery();
+ ret = recovery(optarg);
break;
case 'D':
device = optarg;
projects / platform / core / security / ode.git / commitdiff