cryptfs: Don't hardcode ikey buffer size

We were hardcoding the size of the ikey buffer, but then had logic
which used KEY_LEN_BYTES and IV_LEN_BYTES to offset into the array
and describe the length of its contents.

In anticipation of allowing the keysize to be set via a property,
instead of at compile time, we change this code to make the relation
between the keysize and the buffer size explicit.

Bug: 73079191
Test: Flashed an encrypted sailfish and it booted.
Change-Id: I109a5dc812662220e53163bfb4b5e51bf5abf185
This commit is contained in:
Greg Kaiser 2018-02-09 13:41:12 -08:00
parent b610e77fd2
commit f45a70c416

View file

@ -1109,7 +1109,7 @@ static int encrypt_master_key(const char *passwd, const unsigned char *salt,
unsigned char *encrypted_master_key,
struct crypt_mnt_ftr *crypt_ftr)
{
unsigned char ikey[32+32] = { 0 }; /* Big enough to hold a 256 bit key and 256 bit IV */
unsigned char ikey[KEY_LEN_BYTES+IV_LEN_BYTES] = { 0 };
EVP_CIPHER_CTX e_ctx;
int encrypted_len, final_len;
int rc = 0;
@ -1196,7 +1196,7 @@ static int decrypt_master_key_aux(const char *passwd, unsigned char *salt,
unsigned char** intermediate_key,
size_t* intermediate_key_size)
{
unsigned char ikey[32+32] = { 0 }; /* Big enough to hold a 256 bit key and 256 bit IV */
unsigned char ikey[KEY_LEN_BYTES+IV_LEN_BYTES] = { 0 };
EVP_CIPHER_CTX d_ctx;
int decrypted_len, final_len;