Remove dead code; move code out of cryptfs that doesn't belong.
Test: Marlin boots Change-Id: I5c3fc21fef336b301981d6eff6f6ea242f30f66c
This commit is contained in:
Paul Crowley
parent
6b756ce5e9
commit
a7ca40bd70
3 changed files with 11 additions and 84 deletions
|
|
@ -19,6 +19,8 @@
|
|||
#include "KeyStorage.h"
|
||||
#include "KeyUtil.h"
|
||||
#include "Utils.h"
|
||||
#include "VoldUtil.h"
|
||||
|
||||
|
||||
#include <algorithm>
|
||||
#include <map>
|
||||
|
|
@ -261,11 +263,18 @@ static bool lookup_key_ref(const std::map<userid_t, std::string>& key_map, useri
|
|||
return true;
|
||||
}
|
||||
|
||||
static void get_file_encryption_modes(const char **contents_mode_ret,
|
||||
const char **filenames_mode_ret)
|
||||
{
|
||||
struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
|
||||
fs_mgr_get_file_encryption_modes(rec, contents_mode_ret, filenames_mode_ret);
|
||||
}
|
||||
|
||||
static bool ensure_policy(const std::string& raw_ref, const std::string& path) {
|
||||
const char *contents_mode;
|
||||
const char *filenames_mode;
|
||||
|
||||
cryptfs_get_file_encryption_modes(&contents_mode, &filenames_mode);
|
||||
get_file_encryption_modes(&contents_mode, &filenames_mode);
|
||||
|
||||
if (e4crypt_policy_ensure(path.c_str(),
|
||||
raw_ref.data(), raw_ref.size(),
|
||||
|
|
@ -330,7 +339,7 @@ bool e4crypt_initialize_global_de() {
|
|||
|
||||
const char *contents_mode;
|
||||
const char *filenames_mode;
|
||||
cryptfs_get_file_encryption_modes(&contents_mode, &filenames_mode);
|
||||
get_file_encryption_modes(&contents_mode, &filenames_mode);
|
||||
std::string modestring = std::string(contents_mode) + ":" + filenames_mode;
|
||||
|
||||
std::string mode_filename = std::string("/data") + e4crypt_key_mode;
|
||||
|
|
|
|||
73
cryptfs.cpp
73
cryptfs.cpp
|
|
@ -2865,76 +2865,3 @@ int cryptfs_isConvertibleToFBE()
|
|||
struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
|
||||
return fs_mgr_is_convertible_to_fbe(rec) ? 1 : 0;
|
||||
}
|
||||
|
||||
int cryptfs_create_default_ftr(struct crypt_mnt_ftr* crypt_ftr, __attribute__((unused))int key_length)
|
||||
{
|
||||
if (cryptfs_init_crypt_mnt_ftr(crypt_ftr)) {
|
||||
SLOGE("Failed to initialize crypt_ftr");
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (create_encrypted_random_key(DEFAULT_PASSWORD, crypt_ftr->master_key,
|
||||
crypt_ftr->salt, crypt_ftr)) {
|
||||
SLOGE("Cannot create encrypted master key\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
//crypt_ftr->keysize = key_length / 8;
|
||||
return 0;
|
||||
}
|
||||
|
||||
int cryptfs_get_master_key(struct crypt_mnt_ftr* ftr, const char* password,
|
||||
unsigned char* master_key)
|
||||
{
|
||||
int rc;
|
||||
|
||||
unsigned char* intermediate_key = 0;
|
||||
size_t intermediate_key_size = 0;
|
||||
|
||||
if (password == 0 || *password == 0) {
|
||||
password = DEFAULT_PASSWORD;
|
||||
}
|
||||
|
||||
rc = decrypt_master_key(password, master_key, ftr, &intermediate_key,
|
||||
&intermediate_key_size);
|
||||
|
||||
if (rc) {
|
||||
SLOGE("Can't calculate intermediate key");
|
||||
return rc;
|
||||
}
|
||||
|
||||
int N = 1 << ftr->N_factor;
|
||||
int r = 1 << ftr->r_factor;
|
||||
int p = 1 << ftr->p_factor;
|
||||
|
||||
unsigned char scrypted_intermediate_key[sizeof(ftr->scrypted_intermediate_key)];
|
||||
|
||||
rc = crypto_scrypt(intermediate_key, intermediate_key_size,
|
||||
ftr->salt, sizeof(ftr->salt), N, r, p,
|
||||
scrypted_intermediate_key,
|
||||
sizeof(scrypted_intermediate_key));
|
||||
|
||||
free(intermediate_key);
|
||||
|
||||
if (rc) {
|
||||
SLOGE("Can't scrypt intermediate key");
|
||||
return rc;
|
||||
}
|
||||
|
||||
return memcmp(scrypted_intermediate_key, ftr->scrypted_intermediate_key,
|
||||
intermediate_key_size);
|
||||
}
|
||||
|
||||
int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
|
||||
const unsigned char* master_key)
|
||||
{
|
||||
return encrypt_master_key(password, ftr->salt, master_key, ftr->master_key,
|
||||
ftr);
|
||||
}
|
||||
|
||||
void cryptfs_get_file_encryption_modes(const char **contents_mode_ret,
|
||||
const char **filenames_mode_ret)
|
||||
{
|
||||
struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
|
||||
fs_mgr_get_file_encryption_modes(rec, contents_mode_ret, filenames_mode_ret);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -246,15 +246,6 @@ extern "C" {
|
|||
void cryptfs_clear_password(void);
|
||||
int cryptfs_isConvertibleToFBE(void);
|
||||
|
||||
// Functions for file encryption to use to inherit our encryption logic
|
||||
int cryptfs_create_default_ftr(struct crypt_mnt_ftr* ftr, int key_length);
|
||||
int cryptfs_get_master_key(struct crypt_mnt_ftr* ftr, const char* password,
|
||||
unsigned char* master_key);
|
||||
int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
|
||||
const unsigned char* master_key);
|
||||
void cryptfs_get_file_encryption_modes(const char **contents_mode_ret,
|
||||
const char **filenames_mode_ret);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Reference in a new issue