commit a7ca40bd70408d96e13abb71f9236000b4650454
author Paul Crowley <paulcrowley@google.com> Fri Oct 06 14:29:33 2017 -0700
committer Paul Crowley <paulcrowley@google.com> Fri Oct 06 14:29:33 2017 -0700
tree 49401415fe64001b4fb429d4c92453c6743f5108
parent 6b756ce5e9546ddbd6eb575e1d88af2faf160ab1

Remove dead code; move code out of cryptfs that doesn't belong.

Test: Marlin boots
Change-Id: I5c3fc21fef336b301981d6eff6f6ea242f30f66c

Ext4Crypt.cpp

diff --git a/Ext4Crypt.cpp b/Ext4Crypt.cpp
index a6c589c..1daf4ba 100644
--- a/Ext4Crypt.cpp
+++ b/Ext4Crypt.cpp
@@ -19,6 +19,8 @@
 #include "KeyStorage.h"
 #include "KeyUtil.h"
 #include "Utils.h"
+#include "VoldUtil.h"
+
 
 #include <algorithm>
 #include <map>
@@ -261,11 +263,18 @@
     return true;
 }
 
+static void get_file_encryption_modes(const char **contents_mode_ret,
+                                       const char **filenames_mode_ret)
+{
+    struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
+    fs_mgr_get_file_encryption_modes(rec, contents_mode_ret, filenames_mode_ret);
+}
+
 static bool ensure_policy(const std::string& raw_ref, const std::string& path) {
     const char *contents_mode;
     const char *filenames_mode;
 
-    cryptfs_get_file_encryption_modes(&contents_mode, &filenames_mode);
+    get_file_encryption_modes(&contents_mode, &filenames_mode);
 
     if (e4crypt_policy_ensure(path.c_str(),
                               raw_ref.data(), raw_ref.size(),
@@ -330,7 +339,7 @@
 
     const char *contents_mode;
     const char *filenames_mode;
-    cryptfs_get_file_encryption_modes(&contents_mode, &filenames_mode);
+    get_file_encryption_modes(&contents_mode, &filenames_mode);
     std::string modestring = std::string(contents_mode) + ":" + filenames_mode;
 
     std::string mode_filename = std::string("/data") + e4crypt_key_mode;

cryptfs.cpp

diff --git a/cryptfs.cpp b/cryptfs.cpp
index d42e00b..2574e39 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -2865,76 +2865,3 @@
     struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
     return fs_mgr_is_convertible_to_fbe(rec) ? 1 : 0;
 }
-
-int cryptfs_create_default_ftr(struct crypt_mnt_ftr* crypt_ftr, __attribute__((unused))int key_length)
-{
-    if (cryptfs_init_crypt_mnt_ftr(crypt_ftr)) {
-        SLOGE("Failed to initialize crypt_ftr");
-        return -1;
-    }
-
-    if (create_encrypted_random_key(DEFAULT_PASSWORD, crypt_ftr->master_key,
-                                    crypt_ftr->salt, crypt_ftr)) {
-        SLOGE("Cannot create encrypted master key\n");
-        return -1;
-    }
-
-    //crypt_ftr->keysize = key_length / 8;
-    return 0;
-}
-
-int cryptfs_get_master_key(struct crypt_mnt_ftr* ftr, const char* password,
-                           unsigned char* master_key)
-{
-    int rc;
-
-    unsigned char* intermediate_key = 0;
-    size_t intermediate_key_size = 0;
-
-    if (password == 0 || *password == 0) {
-        password = DEFAULT_PASSWORD;
-    }
-
-    rc = decrypt_master_key(password, master_key, ftr, &intermediate_key,
-                            &intermediate_key_size);
-
-    if (rc) {
-        SLOGE("Can't calculate intermediate key");
-        return rc;
-    }
-
-    int N = 1 << ftr->N_factor;
-    int r = 1 << ftr->r_factor;
-    int p = 1 << ftr->p_factor;
-
-    unsigned char scrypted_intermediate_key[sizeof(ftr->scrypted_intermediate_key)];
-
-    rc = crypto_scrypt(intermediate_key, intermediate_key_size,
-                       ftr->salt, sizeof(ftr->salt), N, r, p,
-                       scrypted_intermediate_key,
-                       sizeof(scrypted_intermediate_key));
-
-    free(intermediate_key);
-
-    if (rc) {
-        SLOGE("Can't scrypt intermediate key");
-        return rc;
-    }
-
-    return memcmp(scrypted_intermediate_key, ftr->scrypted_intermediate_key,
-                  intermediate_key_size);
-}
-
-int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
-                         const unsigned char* master_key)
-{
-    return encrypt_master_key(password, ftr->salt, master_key, ftr->master_key,
-                              ftr);
-}
-
-void cryptfs_get_file_encryption_modes(const char **contents_mode_ret,
-                                       const char **filenames_mode_ret)
-{
-    struct fstab_rec* rec = fs_mgr_get_entry_for_mount_point(fstab_default, DATA_MNT_POINT);
-    fs_mgr_get_file_encryption_modes(rec, contents_mode_ret, filenames_mode_ret);
-}

cryptfs.h

diff --git a/cryptfs.h b/cryptfs.h
index 2169f54..5642e29 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -246,15 +246,6 @@
   void cryptfs_clear_password(void);
   int cryptfs_isConvertibleToFBE(void);
 
-  // Functions for file encryption to use to inherit our encryption logic
-  int cryptfs_create_default_ftr(struct crypt_mnt_ftr* ftr, int key_length);
-  int cryptfs_get_master_key(struct crypt_mnt_ftr* ftr, const char* password,
-                             unsigned char* master_key);
-  int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
-                           const unsigned char* master_key);
-  void cryptfs_get_file_encryption_modes(const char **contents_mode_ret,
-                                         const char **filenames_mode_ret);
-
 #ifdef __cplusplus
 }
 #endif