Encryption: don't try wrapped key if not needed
This commit is used to directly use the wrapped key
decryption when the "wrappedkey" flag is set in the
fstab.
Change-Id: I74310c3bbec378ee684a8f6d0395a9776dd22abf
(cherry picked from commit 1db943295de9728e364bf0e75bfe9f1a98d413a1)
diff --git a/partitionmanager.cpp b/partitionmanager.cpp
index 159cead..b6918f3 100755
--- a/partitionmanager.cpp
+++ b/partitionmanager.cpp
@@ -304,10 +304,17 @@
usleep(500);
if (Decrypt_Data->Mount(false)) {
if (!Decrypt_Data->Decrypt_FBE_DE()) {
- LOGINFO("Trying wrapped key.\n");
- property_set("fbe.data.wrappedkey", "true");
- if (!Decrypt_Data->Decrypt_FBE_DE()) {
+ char wrappedvalue[PROPERTY_VALUE_MAX];
+ property_get("fbe.data.wrappedkey", wrappedvalue, "");
+ std::string wrappedkeyvalue(wrappedvalue);
+ if (wrappedkeyvalue == "true") {
LOGERR("Unable to decrypt FBE device\n");
+ } else {
+ LOGINFO("Trying wrapped key.\n");
+ property_set("fbe.data.wrappedkey", "true");
+ if (!Decrypt_Data->Decrypt_FBE_DE()) {
+ LOGERR("Unable to decrypt FBE device\n");
+ }
}
}