diff -r 9e9792ae22e3 -r 86979fe66c4c terminalsecurity/SCP/SCPServer/src/SCPServer.cpp --- a/terminalsecurity/SCP/SCPServer/src/SCPServer.cpp Mon Mar 15 12:43:15 2010 +0200 +++ b/terminalsecurity/SCP/SCPServer/src/SCPServer.cpp Wed Mar 31 23:00:03 2010 +0300 @@ -51,7 +51,7 @@ #include // For Device encryption #include -#include +#include // ==================== LOCAL FUNCTIONS ==================== @@ -114,11 +114,16 @@ // Assign default config flag iConfiguration.iConfigFlag = KSCPConfigUnknown; + iConfiguration.iConfigChecked = EFalse; // Assign the default codes iConfiguration.iSecCode.Zero(); iConfiguration.iSecCode.Append( KSCPDefaultSecCode ); + // Assign the default codes + iConfiguration.iCryptoCode.Zero(); + iConfiguration.iCryptoCode.Append( KSCPDefaultSecCode ); + //#ifdef __SAP_DEVICE_LOCK_ENHANCEMENTS if(FeatureManager::FeatureSupported(KFeatureIdSapDeviceLockEnhancements)) { @@ -164,6 +169,25 @@ { Dprint( (_L("CSCPServer::ConstructL(): Configration read OK") )); } + + + //If Configuration is not validated already, validate it + + if (!iConfiguration.iConfigChecked) + { + TInt valerr = KErrNone; + TRAP( valerr, ValidateConfigurationL( KSCPComplete )); + if (valerr != KErrNone) + { + Dprint( (_L("CSCPServer::ConstructL(): Configuration Validation failed: %d"), valerr )); + } + else + { + Dprint( (_L("CSCPServer::ConstructL(): Configuration Validation Passed"))); + } + } + + Dprint( (_L("CSCPServer::ConstructL(): Connecting to CenRep") )); iALPeriodRep = CRepository::NewL( KCRUidSecuritySettings ); @@ -631,7 +655,21 @@ { Dprint( (_L("--> CSCPServer::ValidateConfigurationL()") )); - if ( iConfiguration.iConfigFlag == KSCPConfigOK ) + RMobilePhone::TMobilePassword storedCode; + storedCode.Zero(); + User::LeaveIfError(GetCode(storedCode)); + + + Dprint( (_L("CSCPServer::ValidateConfigurationL(): Checking code: %s"), storedCode.PtrZ() )); + // Check that the ISA code is stored correctly + TRAPD( err, CheckISACodeL( storedCode ) ); + //Bool for the correction of Defaultlockcode cenrep + TBool lCorrectDefaultlockcode = EFalse; + + Dprint( (_L("CSCPServer::ValidateConfigurationL(): iConfigFlag = %d, iConfigChecked = %d"), iConfiguration.iConfigFlag, iConfiguration.iConfigChecked)); + + if ((iConfiguration.iConfigFlag == KSCPConfigOK) + && (iConfiguration.iConfigChecked) && (err == KErrNone)) { // The configuration has already been checked, exit Dprint( (_L("CSCPServer::ValidateConfigurationL(): Configuration is non-default.") )); @@ -643,10 +681,7 @@ User::Leave( KErrAccessDenied ); } - RMobilePhone::TMobilePassword storedCode; - storedCode.Zero(); - - User::LeaveIfError( GetCode( storedCode ) ); + TInt hashedISAcode; TSCPSecCode hashedCode; //#ifdef __SAP_DEVICE_LOCK_ENHANCEMENTS @@ -659,10 +694,13 @@ } //#endif // __SAP_DEVICE_LOCK_ENHANCEMENTS - Dprint( (_L("CSCPServer::ValidateConfigurationL(): Checking code: %s"), storedCode.PtrZ() )); + - // Check that the ISA code is stored correctly - TRAPD( err, CheckISACodeL( storedCode ) ); + + if (err != KErrNone) + { + lCorrectDefaultlockcode = ETrue; + } if ( err == KErrNone ) { iConfiguration.iConfigFlag = KSCPConfigOK; @@ -710,11 +748,42 @@ if ( StoreCode( hashedCode ) == KErrNone ) { iConfiguration.iConfigFlag = KSCPConfigOK; + lCorrectDefaultlockcode = ETrue; } } } -} + + //If Correction of Defaultlockcode cenrep is required for the mismatch between Config and ISA + if (lCorrectDefaultlockcode) + { + TInt lDefCode = -1; + CRepository* lRepository = CRepository::NewL(KCRUidSCPLockCode); + CleanupStack::PushL(lRepository); + TInt lRet = lRepository->Get(KSCPLockCodeDefaultLockCode, + lDefCode); + if (lRet == KErrNone && lDefCode != -1) + { + if (lDefCode == 12345) + { + //Although lock code is already set, due to some unexpected condition + //like C drive wipe, cenrep status is wrongly shown. Correcting it here. + lRepository->Set(KSCPLockCodeDefaultLockCode, 0); + Dprint( (_L("RSCPClient::ValidateConfigurationL(): Corrected the Default lock code cenrep status to 0") )); + } + else if (lDefCode == 0) + { + //If only ISA side is formatted, then the lock code on ISA side is default; + //Cenrep status remains wrongly as the lock code is already set. Correcting it here. + lRepository->Set(KSCPLockCodeDefaultLockCode, 12345); + Dprint( (_L("RSCPClient::ValidateConfigurationL(): Corrected the Default lock code cenrep status to 12345") )); + } + } + CleanupStack::PopAndDestroy(lRepository); + } + } //#endif // __SAP_DEVICE_LOCK_ENHANCEMENTS + //Set the flag to True, after config is validated + iConfiguration.iConfigChecked = ETrue; TRAPD( err2, iConfiguration.WriteSetupL() ); if ( err2 != KErrNone ) @@ -2475,9 +2544,7 @@ TBool CSCPServer::IsDeviceMemoryEncrypted() { Dprint(_L("CSCPServer::IsDeviceMemoryEncrypted >>")); - TBool ret(EFalse); - //First check if the feature is supported on device TRAPD(ferr, FeatureManager::InitializeLibL()); if (ferr != KErrNone) @@ -2489,42 +2556,74 @@ FeatureManager::UnInitializeLib(); //If feature is supported, check if any drive is encrypted. + + + if (ret) { - CDevEncSession* devEncSession = new CDevEncSession( EDriveC ); + RLibrary library; + CDevEncSessionBase* devEncSession = NULL; + TInt err = library.Load(KDevEncCommonUtils); + if (err != KErrNone) + { + Dprint(_L("Error in finding the library... %d"), err); + ret = EFalse; + } + else + { + TLibraryFunction entry = library.Lookup(1); + + if (!entry) + { + Dprint(_L("Error in loading the library...")); + ret = EFalse; + } + else + { + devEncSession = (CDevEncSessionBase*) entry(); + Dprint(_L("Library is found and loaded successfully...")); + } + } + if (!devEncSession) { Dprint(_L("Can't instantiate device encryption session..")); - return EFalse; - } - - TInt err = devEncSession->Connect(); - if (err == KErrNone) - { - //Session with device encryption is established. Check if any drive is encrypted - TInt encStatus (KErrNone); - TInt err = devEncSession->DiskStatus( encStatus ); - Dprint(_L("err = %d, encstatus = %d"), err, encStatus); - if ( err == KErrNone && encStatus != EDecrypted ) - { - Dprint(_L("Memory is encrypted")); - ret = ETrue; - } - else - { - Dprint(_L("Memory is not encrypted")); - ret = EFalse; - } - } - else - { - Dprint(_L("Error %d while establishing connection with device encryption engine"), err); ret = EFalse; } - - delete devEncSession; devEncSession = NULL; - } + else + { + devEncSession->SetDrive( EDriveC ); + TInt err = devEncSession->Connect(); + if (err == KErrNone) + { + //Session with device encryption is established. Check if any drive is encrypted + TInt encStatus (KErrNone); + TInt err = devEncSession->DiskStatus( encStatus ); + devEncSession->Close(); + Dprint(_L("err = %d, encstatus = %d"), err, encStatus); + if ( err == KErrNone && encStatus != EDecrypted ) + { + Dprint(_L("Memory is encrypted")); + ret = ETrue; + } + else + { + Dprint(_L("Memory is not encrypted")); + ret = EFalse; + } + } + else + { + Dprint(_L("Error %d while establishing connection with device encryption engine"), err); + ret = EFalse; + } + } + delete devEncSession; devEncSession = NULL; + + if (library.Handle()) + library.Close(); + } Dprint(_L("CSCPServer::IsDeviceMemoryEncrypted, ret = %d <<"), ret); return ret;