Add "cryptfs deleteuserkey" command to vold.

Bug: 19706593 (cherry-picked from commit eebf44563b) Change-Id: I50dc4c39595c06bf0016d6a490130bbbc25de91b
2015-05-19 12:34:09 +01:00 · 2015-05-19 12:34:09 +01:00 · b33e8873ea
commit b33e8873ea
parent 95376d612c
3 changed files with 37 additions and 6 deletions
--- a/CryptCommandListener.cpp
+++ b/CryptCommandListener.cpp
@ -308,6 +308,16 @@ int CryptCommandListener::CryptfsCmd::runCommand(SocketClient *cli,
        SLOGD("cryptfs createnewuserdir");
        dumpArgs(argc, argv, -1);
        rc = e4crypt_create_new_user_dir(argv[2], argv[3]);
+    } else if (!strcmp(argv[1], "deleteuserkey")) {
+        if (argc != 3) {
+            cli->sendMsg(ResponseCode::CommandSyntaxError,
+                "Usage: cryptfs deleteuserkey <userHandle>", false);
+            return 0;
+        }
+        // ext4enc:TODO: send a CommandSyntaxError if argv[2] not an integer
+        SLOGD("cryptfs deleteuserkey");
+        dumpArgs(argc, argv, -1);
+        rc = e4crypt_delete_user_key(argv[2]);
    } else {
        dumpArgs(argc, argv, -1);
        cli->sendMsg(ResponseCode::CommandSyntaxError, "Unknown cryptfs cmd", false);
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@ -493,12 +493,9 @@ int e4crypt_set_field(const char* path, const char* fieldname,
        .Set(fieldname, std::string(value)) ? 0 : -1;
 }

-// ext4enc:TODO this can't be the only place keys are read from /dev/urandom
-// we should unite those places.
-static std::string e4crypt_get_user_key(
+static std::string get_key_path(
    const char *mount_path,
-    const char *user_handle,
-    bool create_if_absent)
+    const char *user_handle)
 {
    // ext4enc:TODO get the path properly
    auto key_dir = android::base::StringPrintf("%s/misc/vold/user_keys",
@ -507,7 +504,17 @@ static std::string e4crypt_get_user_key(
        SLOGE("Unable to create %s (%s)", key_dir.c_str(), strerror(errno));
        return "";
    }
-    auto key_path = key_dir + "/" + user_handle;
+    return key_dir + "/" + user_handle;
+}
+
+// ext4enc:TODO this can't be the only place keys are read from /dev/urandom
+// we should unite those places.
+static std::string e4crypt_get_user_key(
+    const char *mount_path,
+    const char *user_handle,
+    bool create_if_absent)
+{
+    auto key_path = get_key_path(mount_path, user_handle);
    std::string content;
    if (android::base::ReadFileToString(key_path, &content)) {
        if (content.size() != key_length/8) {
@ -612,3 +619,16 @@ int e4crypt_set_user_crypto_policies(const char *dir)
    }
    return 0;
 }
+
+int e4crypt_delete_user_key(const char *user_handle) {
+    SLOGD("e4crypt_delete_user_key(\"%s\")", user_handle);
+    auto key_path = get_key_path(DATA_MNT_POINT, user_handle);
+    // ext4enc:TODO delete it securely.
+    // ext4enc:TODO evict the key from the keyring.
+    if (unlink(key_path.c_str()) != 0 && errno != ENOENT) {
+        SLOGE("Unable to delete user key %s: %s\n",
+            key_path.c_str(), strerror(errno));
+        return -1;
+    }
+    return 0;
+}
--- a/Ext4Crypt.h
+++ b/Ext4Crypt.h
@ -20,5 +20,6 @@ int e4crypt_set_field(const char* path, const char* fieldname,
                      const char* value);
 int e4crypt_set_user_crypto_policies(const char *path);
 int e4crypt_create_new_user_dir(const char *user_handle, const char *path);
+int e4crypt_delete_user_key(const char *user_handle);

 __END_DECLS