Skip to content

Commit

Permalink
Encryption: don't try wrapped key if not needed
Browse files Browse the repository at this point in the history
This commit is used to directly use the wrapped key
decryption when the "wrappedkey" flag is set in the
fstab.

Change-Id: I74310c3bbec378ee684a8f6d0395a9776dd22abf
  • Loading branch information
mauronofrio committed May 11, 2020
1 parent 40ed06e commit 1db9432
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 5 deletions.
11 changes: 9 additions & 2 deletions partition.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -685,11 +685,18 @@ void TWPartition::Setup_Data_Partition(bool Display_Error) {
} else {

if (!Decrypt_FBE_DE()) {
LOGINFO("Trying wrapped key.\n");
property_set("fbe.data.wrappedkey", "true");
char wrappedvalue[PROPERTY_VALUE_MAX];
property_get("fbe.data.wrappedkey", wrappedvalue, "");
std::string wrappedkeyvalue(wrappedvalue);
if (wrappedkeyvalue == "true") {
LOGERR("Unable to decrypt FBE device\n");
} else {
LOGINFO("Trying wrapped key.\n");
property_set("fbe.data.wrappedkey", "true");
if (!Decrypt_FBE_DE()) {
LOGINFO("Unable to decrypt device\n");
}
}
}
}
if (datamedia && (!Is_Encrypted || (Is_Encrypted && Is_Decrypted))) {
Expand Down
13 changes: 10 additions & 3 deletions partitionmanager.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -304,10 +304,17 @@ int TWPartitionManager::Process_Fstab(string Fstab_Filename, bool Display_Error,
usleep(500);
if (Decrypt_Data->Mount(false)) {
if (!Decrypt_Data->Decrypt_FBE_DE()) {
LOGINFO("Trying wrapped key.\n");
property_set("fbe.data.wrappedkey", "true");
if (!Decrypt_Data->Decrypt_FBE_DE()) {
char wrappedvalue[PROPERTY_VALUE_MAX];
property_get("fbe.data.wrappedkey", wrappedvalue, "");
std::string wrappedkeyvalue(wrappedvalue);
if (wrappedkeyvalue == "true") {
LOGERR("Unable to decrypt FBE device\n");
} else {
LOGINFO("Trying wrapped key.\n");
property_set("fbe.data.wrappedkey", "true");
if (!Decrypt_Data->Decrypt_FBE_DE()) {
LOGERR("Unable to decrypt FBE device\n");
}
}
}

Expand Down

0 comments on commit 1db9432

Please sign in to comment.