From 90edd2e867b238e71ee198e3460e289cd7dee54c Mon Sep 17 00:00:00 2001 From: Peter Cai Date: Thu, 23 May 2019 16:32:22 +0800 Subject: ext4crypt: support wrappedkey for FBE Qualcomm devices use a special `wrappedkey` mode for FBE. This is ported from CAF https://source.codeaurora.org/quic/la/platform/system/vold/commit/?h=LA.UM.7.8.r4-01000-SDM710.0&id=9229262d893a8592f7bc1b4e8a8dab7aad8df68c, originally by folks at Mokee for vold https://mokeedev.review/c/MoKee/android_system_vold/+/34102. This patch ports the above changes to `ext4crypt`, which we can use in recovery. Note that since we do not have `fs_mgr` in the recovery, we cannot read the `wrappedkey` flag from fstab. Instead, similar to `fbe.contents`, we use a special property `fbe.data.wrappedkey` to indicate support for wrappedkey mode. Devices that need to use this should set this property to `true` to activate corresponding code. Change-Id: I79c2855d577156670b45c10c7c7b1fcd9fece8d9 --- crypto/ext4crypt/Keymaster4.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'crypto/ext4crypt/Keymaster4.h') diff --git a/crypto/ext4crypt/Keymaster4.h b/crypto/ext4crypt/Keymaster4.h index 37bff4e3a..14c230bfd 100644 --- a/crypto/ext4crypt/Keymaster4.h +++ b/crypto/ext4crypt/Keymaster4.h @@ -102,6 +102,9 @@ class Keymaster { explicit operator bool() { return mDevice.get() != nullptr; } // Generate a key in the keymaster from the given params. bool generateKey(const km::AuthorizationSet& inParams, std::string* key); + // Export a key from keymaster. + bool exportKey(km::KeyFormat format, KeyBuffer& kmKey, const std::string& clientId, + const std::string& appData, std::string* key); // If the keymaster supports it, permanently delete a key. bool deleteKey(const std::string& key); // Replace stored key blob in response to KM_ERROR_KEY_REQUIRES_UPGRADE. -- cgit v1.2.3