}
}
+int ExternalEncryption::recovery()
+{
+ try {
+ return context->methodCall<int>("ExternalEncryption::recovery");
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
int ExternalEncryption::isPasswordInitialized()
{
try {
}
}
+int InternalEncryption::recovery()
+{
+ try {
+ return context->methodCall<int>("InternalEncryption::recovery");
+ } catch (runtime::Exception& e) {
+ return -1;
+ }
+}
+
int InternalEncryption::isPasswordInitialized()
{
try {
return external.decrypt(password);
}
+int ode_external_encryption_recovery()
+{
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ ExternalEncryption external = client.createInterface<ExternalEncryption>();
+
+ return external.recovery();
+}
+
int ode_external_encryption_is_password_initialized(bool* result)
{
RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER);
* @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #ODE_ERROR_TIMED_OUT Time out
* @retval #ODE_ERROR_KEY_REJECTED Password doen't match
- * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
* @retval #ODE_ERROR_NONE Successful
* @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #ODE_ERROR_TIMED_OUT Time out
- * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
ODE_API int ode_external_encryption_decrypt(const char* password);
/**
+ * @brief Recovery external encryption when there is something wrong.
+ * @details Administrator can use this API to recovery encrypted external
+ * storage when the password is missing or the encryption is
+ * corrupted. Note that this API will be erase all the contents
+ * in external storage.
+ * @since_tizen 3.0
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_external_encryption_encrypt()
+ */
+ODE_API int ode_external_encryption_recovery();
+
+/**
* @brief Checks whether the external encryption password was created
* @details Administrator can use this API to check if the password that
will be used for external storage encryption/decryption
return internal.decrypt(password);
}
+int ode_internal_encryption_recovery()
+{
+ ODEContext client;
+ RET_ON_FAILURE(client.connect() == 0, ODE_ERROR_CONNECTION_REFUSED);
+ InternalEncryption internal = client.createInterface<InternalEncryption>();
+
+ return internal.recovery();
+}
+
int ode_internal_encryption_is_password_initialized(bool* result)
{
RET_ON_FAILURE(result, ODE_ERROR_INVALID_PARAMETER);
* @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #ODE_ERROR_TIMED_OUT Time out
* @retval #ODE_ERROR_KEY_REJECTED Password doen't match
- * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
* @retval #ODE_ERROR_NONE Successful
* @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
* @retval #ODE_ERROR_TIMED_OUT Time out
- * @retval #ODE_ERROR_NO_SUCH_FILE No such file or directory
* @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
* @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
* the privilege to call this API
ODE_API int ode_internal_encryption_decrypt(const char* password);
/**
+ * @brief Recovery internal encryption when there is something wrong.
+ * @details Administrator can use this API to recovery encrypted internal
+ * storage when the password is missing or the encryption is
+ * corrupted. Note that this API will be erase all the contents
+ * in internal storage.
+ * @since_tizen 3.0
+ * @return #ODE_ERROR_NONE on success, otherwise a negative value
+ * @retval #ODE_ERROR_NONE Successful
+ * @retval #ODE_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #ODE_ERROR_TIMED_OUT Time out
+ * @retval #ODE_ERROR_NOT_PERMITTED Operation not permitted
+ * @retval #ODE_ERROR_PERMISSION_DENIED The application does not have
+ * the privilege to call this API
+ * @see ode_internal_encryption_encrypt()
+ */
+ODE_API int ode_intternal_encryption_recovery();
+
+/**
* @brief Checks whether the internal encryption password was created
* @details Administrator can use this API to check if the password that
will be used for internal storage encryption/decryption
/**
* @brief Get supported options for encryption of internal storage.
* @details Administrator can use this API to get which options are
- supported for encryption of external storage.
+ supported for encryption of internal storage.
* @since_tizen 3.0
* @param[out] option The logical OR of supported options in internal storage
* @return #ODE_ERROR_NONE on success, otherwise a negative value
int encrypt(const std::string& password, unsigned int options);
int decrypt(const std::string& password);
+ int recovery();
+
int isPasswordInitialized();
int initPassword(const std::string& password);
int cleanPassword(const std::string& password);
int encrypt(const std::string& password, unsigned int options);
int decrypt(const std::string& password);
+ int recovery();
+
int isPasswordInitialized();
int initPassword(const std::string& password);
int cleanPassword(const std::string& password);
return 0;
}
+int ExternalEncryption::recovery()
+{
+ if (getState() == State::Unencrypted) {
+ return -1;
+ }
+
+ for (runtime::DirectoryIterator iter(engine->getSource()), end;
+ iter != end; ++iter) {
+ iter->remove(true);
+ }
+
+ engine->clearKeyMeta();
+ ::vconf_set_str(EXTERNAL_STATE_VCONF_KEY, "unencrypted");
+
+ return 0;
+}
+
int ExternalEncryption::isPasswordInitialized()
{
if (engine->isKeyMetaSet()) {
#define PRIVILEGE_PLATFORM "http://tizen.org/privilege/internal/default/platform"
+const std::string PROG_FACTORY_RESET = "/usr/bin/dbus-send";
+const std::vector<std::string> wipeCommand = {
+ PROG_FACTORY_RESET,
+ "--system",
+ "--type=signal",
+ "--print-reply",
+ "--dest=com.samsung.factoryreset",
+ "/com/samsung/factoryreset",
+ "com.samsung.factoryreset.start.setting"
+};
+
namespace ode {
namespace {
return 0;
}
+int InternalEncryption::recovery()
+{
+ if (getState() != State::Unencrypted) {
+ return -1;
+ }
+
+ //TODO
+ runtime::Process proc(PROG_FACTORY_RESET, wipeCommand);
+ if (proc.execute() == -1) {
+ ERROR("Failed to launch factory-reset");
+ return -2;
+ }
+
+ return 0;
+}
+
int InternalEncryption::isPasswordInitialized()
{
if (engine->isKeyMetaSet()) {
evas_object_del(popup_data->popup);
popup_data->popup = NULL;
- /* [TBD] erase external storage data */
+ ode_external_encryption_recovery();
+
return;
}
projects / platform / core / security / ode.git / commitdiff