diff options
author | Satya Tangirala <satyat@google.com> | 2021-05-11 19:48:47 -0700 |
---|---|---|
committer | Satya Tangirala <satyat@google.com> | 2021-05-12 13:05:35 -0700 |
commit | 6b98fb6122df0705a5169c1deed586200b358244 (patch) | |
tree | 0a5fa152ce2b7cfbc4ce5bde3d4fa37702b57297 | |
parent | 478cea9783d732d2a93bd056463a406801da5378 (diff) | |
download | vold-6b98fb6122df0705a5169c1deed586200b358244.tar.gz |
Remove unused constants and cleanup KeyStorage.cpp
Now that the salt and hardware auth token related code has been removed,
we can remove the associated (and now unused) constants.
Also cleanup some comments and remove includes related to hardware auth
token support.
Bug: 181910578
Test: Cuttlefish boots.
Change-Id: I3733d5c6bbf6989adc165c554ee53faa2484f4b6
-rw-r--r-- | KeyStorage.cpp | 10 | ||||
-rw-r--r-- | KeyStorage.h | 4 |
2 files changed, 1 insertions, 13 deletions
diff --git a/KeyStorage.cpp b/KeyStorage.cpp index 05b7eb3b..954ba7fd 100644 --- a/KeyStorage.cpp +++ b/KeyStorage.cpp @@ -45,8 +45,6 @@ #include <cutils/properties.h> -#include <hardware/hw_auth_token.h> - extern "C" { #include "crypto_scrypt.h" @@ -60,24 +58,18 @@ const KeyAuthentication kEmptyAuthentication{""}; static constexpr size_t AES_KEY_BYTES = 32; static constexpr size_t GCM_NONCE_BYTES = 12; static constexpr size_t GCM_MAC_BYTES = 16; -static constexpr size_t SALT_BYTES = 1 << 4; static constexpr size_t SECDISCARDABLE_BYTES = 1 << 14; -static constexpr size_t STRETCHED_BYTES = 1 << 6; - -static constexpr uint32_t AUTH_TIMEOUT = 30; // Seconds static const char* kCurrentVersion = "1"; static const char* kRmPath = "/system/bin/rm"; static const char* kSecdiscardPath = "/system/bin/secdiscard"; static const char* kStretch_none = "none"; static const char* kStretch_nopassword = "nopassword"; -static const std::string kStretchPrefix_scrypt = "scrypt "; static const char* kHashPrefix_secdiscardable = "Android secdiscardable SHA512"; static const char* kHashPrefix_keygen = "Android key wrapping key generation SHA512"; static const char* kFn_encrypted_key = "encrypted_key"; static const char* kFn_keymaster_key_blob = "keymaster_key_blob"; static const char* kFn_keymaster_key_blob_upgraded = "keymaster_key_blob_upgraded"; -static const char* kFn_salt = "salt"; static const char* kFn_secdiscardable = "secdiscardable"; static const char* kFn_stretching = "stretching"; static const char* kFn_version = "version"; @@ -154,7 +146,7 @@ static bool generateKeyStorageKey(Keymaster& keymaster, const std::string& appId .GcmModeMinMacLen(GCM_MAC_BYTES * 8) .Authorization(km::TAG_APPLICATION_ID, appId) .Authorization(km::TAG_NO_AUTH_REQUIRED); - LOG(DEBUG) << "Generating \"key storage\" key that doesn't need auth token"; + LOG(DEBUG) << "Generating \"key storage\" key"; return generateKeymasterKey(keymaster, paramBuilder, key); } diff --git a/KeyStorage.h b/KeyStorage.h index 09d0aac3..e3189598 100644 --- a/KeyStorage.h +++ b/KeyStorage.h @@ -27,10 +27,6 @@ namespace android { namespace vold { // Represents the information needed to decrypt a disk encryption key. -// If "token" is nonempty, it is passed in as a required Gatekeeper auth token. -// If "token" and "secret" are nonempty, "secret" is appended to the application-specific -// binary needed to unlock. -// If only "secret" is nonempty, it is used to decrypt in a non-Keymaster process. class KeyAuthentication { public: KeyAuthentication(const std::string& s) : secret{s} {}; |