Correctly handle a key upgrade error from keymaster by upgrading the
FDE RSA key and writing the new key blob to disk.
Bug: 69792304
Test: Roll back PLATFORM_SECURITY_PATCH a month, wipe and reboot, roll
forwards again, check logs with and without this patch.
Change-Id: I220d2dd4e3d791f636e9bc5f063064cecbf1b88a
Disk encryption keys are derived using scrypt. If available, this is
done by means of keymaster. An RSA key is generated and password is
signed by that key. The signature is used as the key.
With the hidlization of the keymaster HAL, this code had to be ported.
This test checks the equivalence of the legacy implementation with
the new hildized one.
Test: run /data/nativetest/vold_cryptfs_scrypt_hidlization_equivalence_test/vold_cryptfs_scrypt_hidlization_equivalence_test
Bug: 35028230
Bug: 32020919
Change-Id: Iabf4686dbff5341791ba3a98d7c95c5058c234f9
standard build; make it use only static libraries as per documented
limitations of APCT.
Bug: 33384925
Test: This is a test.
Change-Id: I794adbfa3376795120cfbca1e9322093960009b5
The libcrypto and libssl modules (and their respective static and host
versions) use LOCAL_EXPORT_C_INCLUDE_DIRS thus just including the module
is sufficient.
Additionally, cryptfs.h was including an OpenSSL header just to get the
length of a SHA-256 hash. Rather than force all users of this header to
also depend on libcrypto, it's easier just to define that value in the
header file.
Change-Id: I3e3e0db906a212e1093944b298e4a8ff2e2fb07d
