diff options
author | Satya Tangirala <satyat@google.com> | 2021-03-22 23:29:15 -0700 |
---|---|---|
committer | Satya Tangirala <satyat@google.com> | 2021-04-08 00:47:54 +0000 |
commit | 23452c1e3a2178283a56e8f1577e0367d1daaf7b (patch) | |
tree | b7b56facd873c3443b15666f7f516580b138642e /cryptfs.cpp | |
parent | e8de4ffd73b7da76dfae8ee959226dca9df45ae5 (diff) | |
download | vold-23452c1e3a2178283a56e8f1577e0367d1daaf7b.tar.gz |
Remove Keymaster::isSecure() and simplify callers
Now that isSecure() always returns true, we can remove it and simplify
all the callers (i.e. cryptfs). Refer to the commit description for
Iaebfef082eca0da8a305043fafb6d85e5de14cf8 for why this function always
return true.
Bug: 181910578
Test: Cuttlefish and bramble boot
Change-Id: I185dd8180bd7842b05295263f0b1aa7205329a88
Diffstat (limited to 'cryptfs.cpp')
-rw-r--r-- | cryptfs.cpp | 29 |
1 files changed, 2 insertions, 27 deletions
diff --git a/cryptfs.cpp b/cryptfs.cpp index deba6daf..5764b5d6 100644 --- a/cryptfs.cpp +++ b/cryptfs.cpp @@ -328,11 +328,6 @@ const KeyGeneration cryptfs_get_keygen() { return KeyGeneration{get_crypto_type().get_keysize(), true, false}; } -/* Should we use keymaster? */ -static int keymaster_check_compatibility() { - return keymaster_compatibility_cryptfs_scrypt(); -} - static bool write_string_to_buf(const std::string& towrite, uint8_t* buffer, uint32_t buffer_size, uint32_t* out_size) { if (!buffer || !out_size) { @@ -1834,7 +1829,6 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr, const char* char tmp_mount_point[64]; unsigned int orig_failed_decrypt_count; int rc; - int use_keymaster = 0; int upgrade = 0; unsigned char* intermediate_key = 0; size_t intermediate_key_size = 0; @@ -1916,15 +1910,9 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr, const char* rc = 0; // Upgrade if we're not using the latest KDF. - use_keymaster = keymaster_check_compatibility(); - if (crypt_ftr->kdf_type == KDF_SCRYPT_KEYMASTER) { - // Don't allow downgrade - } else if (use_keymaster == 1 && crypt_ftr->kdf_type != KDF_SCRYPT_KEYMASTER) { + if (crypt_ftr->kdf_type != KDF_SCRYPT_KEYMASTER) { crypt_ftr->kdf_type = KDF_SCRYPT_KEYMASTER; upgrade = 1; - } else if (use_keymaster == 0 && crypt_ftr->kdf_type != KDF_SCRYPT) { - crypt_ftr->kdf_type = KDF_SCRYPT; - upgrade = 1; } if (upgrade) { @@ -2128,20 +2116,7 @@ static int cryptfs_init_crypt_mnt_ftr(struct crypt_mnt_ftr* ftr) { ftr->minor_version = CURRENT_MINOR_VERSION; ftr->ftr_size = sizeof(struct crypt_mnt_ftr); ftr->keysize = get_crypto_type().get_keysize(); - - switch (keymaster_check_compatibility()) { - case 1: - ftr->kdf_type = KDF_SCRYPT_KEYMASTER; - break; - - case 0: - ftr->kdf_type = KDF_SCRYPT; - break; - - default: - SLOGE("keymaster_check_compatibility failed"); - return -1; - } + ftr->kdf_type = KDF_SCRYPT_KEYMASTER; get_device_scrypt_params(ftr); |