fscrypt: integrate v1 processing into TWRP
Change-Id: I3bf9c14b818f9c3e0570c44c82bf0769fcec907f
diff --git a/crypto/fscrypt/Decrypt.cpp b/crypto/fscrypt/Decrypt.cpp
index 5878d15..0055471 100755
--- a/crypto/fscrypt/Decrypt.cpp
+++ b/crypto/fscrypt/Decrypt.cpp
@@ -98,12 +98,22 @@
}
static bool lookup_ref_key_internal(std::map<userid_t, android::fscrypt::EncryptionPolicy> key_map, const uint8_t* policy, userid_t* user_id) {
+#ifdef USE_FSCRYPT_POLICY_V1
+ char policy_string_hex[FS_KEY_DESCRIPTOR_SIZE_HEX];
+ char key_map_hex[FS_KEY_DESCRIPTOR_SIZE_HEX];
+ bytes_to_hex(policy, FS_KEY_DESCRIPTOR_SIZE, policy_string_hex);
+#else
char policy_string_hex[FSCRYPT_KEY_IDENTIFIER_HEX_SIZE];
char key_map_hex[FSCRYPT_KEY_IDENTIFIER_HEX_SIZE];
bytes_to_hex(policy, FSCRYPT_KEY_IDENTIFIER_SIZE, policy_string_hex);
+#endif
for (std::map<userid_t, android::fscrypt::EncryptionPolicy>::iterator it=key_map.begin(); it!=key_map.end(); ++it) {
+#ifdef USE_FSCRYPT_POLICY_V1
+ bytes_to_hex(reinterpret_cast<const uint8_t*>(&it->second.key_raw_ref[0]), FS_KEY_DESCRIPTOR_SIZE, key_map_hex);
+#else
bytes_to_hex(reinterpret_cast<const uint8_t*>(&it->second.key_raw_ref[0]), FSCRYPT_KEY_IDENTIFIER_SIZE, key_map_hex);
+#endif
std::string key_map_hex_string = std::string(key_map_hex);
if (key_map_hex_string == policy_string_hex) {
*user_id = it->first;
@@ -114,29 +124,49 @@
}
#ifdef USE_FSCRYPT_POLICY_V1
-extern "C" bool lookup_ref_key(fscrypt_policy_v1* v1, uint8_t* policy_type) {
+extern "C" bool lookup_ref_key(fscrypt_policy_v1* fep, uint8_t* policy_type) {
#else
-extern "C" bool lookup_ref_key(fscrypt_policy_v2* v2, uint8_t* policy_type) {
+extern "C" bool lookup_ref_key(fscrypt_policy_v2* fep, uint8_t* policy_type) {
#endif
userid_t user_id = 0;
std::string policy_type_string;
- char policy_hex[FSCRYPT_KEY_IDENTIFIER_HEX_SIZE];
- bytes_to_hex(v2->master_key_identifier, FSCRYPT_KEY_IDENTIFIER_SIZE, policy_hex);
- if (std::strncmp((const char*) v2->master_key_identifier, de_key_raw_ref.c_str(), FSCRYPT_KEY_IDENTIFIER_SIZE) == 0) {
- policy_type_string = "0DK";
+#ifdef USE_FSCRYPT_POLICY_V1
+ char policy_hex[FS_KEY_DESCRIPTOR_SIZE_HEX];
+ bytes_to_hex(fep->master_key_descriptor, FS_KEY_DESCRIPTOR_SIZE, policy_hex);
+ if (std::strncmp((const char*)fep->master_key_descriptor, de_key_raw_ref.c_str(), FS_KEY_DESCRIPTOR_SIZE) == 0) {
+ policy_type_string = SYSTEM_DE_FSCRYPT_POLICY;
memcpy(policy_type, policy_type_string.data(), policy_type_string.size());
return true;
}
- if (!lookup_ref_key_internal(s_de_policies, v2->master_key_identifier, &user_id)) {
- if (!lookup_ref_key_internal(s_ce_policies, v2->master_key_identifier, &user_id)) {
+ if (!lookup_ref_key_internal(s_de_policies, fep->master_key_descriptor, &user_id)) {
+ if (!lookup_ref_key_internal(s_ce_policies, fep->master_key_descriptor, &user_id)) {
return false;
} else {
- policy_type_string = "0CE" + std::to_string(user_id);
+ policy_type_string = USER_CE_FSCRYPT_POLICY + std::to_string(user_id);
}
} else {
- policy_type_string = "0DE" + std::to_string(user_id);
+ policy_type_string = USER_DE_FSCRYPT_POLICY + std::to_string(user_id);
}
+#else
+ char policy_hex[FSCRYPT_KEY_IDENTIFIER_HEX_SIZE];
+ bytes_to_hex(fep->master_key_identifier, FSCRYPT_KEY_IDENTIFIER_SIZE, policy_hex);
+ if (std::strncmp((const char*)fep->master_key_identifier, de_key_raw_ref.c_str(), FSCRYPT_KEY_IDENTIFIER_SIZE) == 0) {
+ policy_type_string = SYSTEM_DE_FSCRYPT_POLICY;
+ memcpy(policy_type, policy_type_string.data(), policy_type_string.size());
+ return true;
+ }
+ if (!lookup_ref_key_internal(s_de_policies, fep->master_key_identifier, &user_id)) {
+ if (!lookup_ref_key_internal(s_ce_policies, fep->master_key_identifier, &user_id)) {
+ return false;
+ } else {
+ policy_type_string = USER_CE_FSCRYPT_POLICY + std::to_string(user_id);
+ }
+ } else {
+ policy_type_string = USER_DE_FSCRYPT_POLICY + std::to_string(user_id);
+ }
+#endif
+
memcpy(policy_type, policy_type_string.data(), policy_type_string.size());
LOG(INFO) << "storing policy type: " << policy_type;
return true;
@@ -144,30 +174,39 @@
extern "C" bool lookup_ref_tar(const uint8_t* policy_type, uint8_t* policy) {
std::string policy_type_string = std::string((char *) policy_type);
+#ifdef USE_FSCRYPT_POLICY_V1
+ char policy_hex[FS_KEY_DESCRIPTOR_SIZE_HEX];
+ bytes_to_hex(policy_type, FS_KEY_DESCRIPTOR_SIZE, policy_hex);
+#else
char policy_hex[FSCRYPT_KEY_IDENTIFIER_HEX_SIZE];
bytes_to_hex(policy_type, FSCRYPT_KEY_IDENTIFIER_SIZE, policy_hex);
+#endif
userid_t user_id = atoi(policy_type_string.substr(3, 4).c_str());
// TODO Update version # and make magic strings
- if (policy_type_string.substr(0,1) != "0") {
+#ifdef USE_FSCRYPT_POLICY_V1
+ if (policy_type_string.substr(0,1) != FSCRYPT_V1) {
+#else
+ if (policy_type_string.substr(0,1) != FSCRYPT_V2) {
+#endif
LOG(ERROR) << "Unexpected version:" << policy_type[0];
return false;
}
- if (policy_type_string.substr(1, 2) == "DK") {
+ if (policy_type_string.substr(1, 2) == SYSTEM_DE_KEY) {
memcpy(policy, de_key_raw_ref.data(), de_key_raw_ref.size());
return true;
}
std::string raw_ref;
- if (policy_type_string.substr(1, 1) == "D") {
+ if (policy_type_string.substr(1, 1) == USER_DE_KEY) {
if (lookup_key_ref(s_de_policies, user_id, &raw_ref)) {
memcpy(policy, raw_ref.data(), raw_ref.size());
} else
return false;
- } else if (policy_type_string.substr(1, 1) == "C") {
+ } else if (policy_type_string.substr(1, 1) == USER_CE_KEY) {
if (lookup_key_ref(s_ce_policies, user_id, &raw_ref)) {
memcpy(policy, raw_ref.data(), raw_ref.size());
} else
@@ -176,9 +215,6 @@
LOG(ERROR) << "unknown policy type: " << policy_type;
return false;
}
-
- char found_policy_hex[FSCRYPT_KEY_IDENTIFIER_HEX_SIZE];
- bytes_to_hex(policy, FSCRYPT_KEY_IDENTIFIER_SIZE, found_policy_hex);
return true;
}