diff options
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/ext4crypt/Android.mk | 7 | ||||
| -rw-r--r-- | crypto/ext4crypt/Ext4Crypt.cpp | 6 | ||||
| -rw-r--r-- | crypto/lollipop/Android.mk | 2 | ||||
| -rw-r--r-- | crypto/lollipop/cryptfs.c | 36 | ||||
| -rw-r--r-- | crypto/scrypt/lib/crypto/crypto_scrypt-neon.c | 2 |
5 files changed, 13 insertions, 40 deletions
diff --git a/crypto/ext4crypt/Android.mk b/crypto/ext4crypt/Android.mk index 693b67518..4aba9ef45 100644 --- a/crypto/ext4crypt/Android.mk +++ b/crypto/ext4crypt/Android.mk @@ -6,7 +6,7 @@ LOCAL_MODULE := libe4crypt LOCAL_MODULE_TAGS := eng optional LOCAL_CFLAGS := LOCAL_SRC_FILES := Decrypt.cpp Ext4Crypt.cpp ScryptParameters.cpp Utils.cpp HashPassword.cpp ext4_crypt.cpp -LOCAL_SHARED_LIBRARIES := libselinux libc libc++ libext4_utils libsoftkeymaster libbase libcrypto libcutils libkeymaster_messages libhardware libprotobuf-cpp-lite +LOCAL_SHARED_LIBRARIES := libselinux libc libc++ libext4_utils libbase libcrypto libcutils libkeymaster_messages libhardware libprotobuf-cpp-lite LOCAL_STATIC_LIBRARIES := libscrypt_static LOCAL_C_INCLUDES := system/extras/ext4_utils system/extras/ext4_utils/include/ext4_utils external/scrypt/lib/crypto system/security/keystore hardware/libhardware/include/hardware system/security/softkeymaster/include/keymaster system/keymaster/include @@ -28,10 +28,13 @@ ifeq ($(shell test $(PLATFORM_SDK_VERSION) -ge 26; echo $$?),0) LOCAL_CFLAGS += -DHAVE_LIBKEYUTILS LOCAL_SHARED_LIBRARIES += libkeyutils endif - LOCAL_ADDITIONAL_DEPENDENCIES := keystore_auth + LOCAL_REQUIRED_MODULES := keystore_auth else LOCAL_SRC_FILES += Keymaster.cpp KeyStorage.cpp endif +ifeq ($(shell test $(PLATFORM_SDK_VERSION) -lt 28; echo $$?),0) + LOCAL_SHARED_LIBRARIES += libsoftkeymaster +endif include $(BUILD_SHARED_LIBRARY) diff --git a/crypto/ext4crypt/Ext4Crypt.cpp b/crypto/ext4crypt/Ext4Crypt.cpp index ea5b1cf88..048a0bd9f 100644 --- a/crypto/ext4crypt/Ext4Crypt.cpp +++ b/crypto/ext4crypt/Ext4Crypt.cpp @@ -312,7 +312,7 @@ bool lookup_key_ref(const std::map<userid_t, std::string>& key_map, userid_t use return true; } -static bool ensure_policy(const std::string& raw_ref, const std::string& path) { +static bool ensure_policy(const std::string& raw_ref __unused, const std::string& path) { LOG(INFO) << "ensure_policy '" << path << "'\n"; return true; return access(path.c_str(), F_OK) == 0; // ensure policy will set a policy if one is not set on an empty folder - we don't want to do this in recovery @@ -438,7 +438,7 @@ static bool parse_hex(const char* hex, std::string* result) { } // TODO: rename to 'install' for consistency, and take flags to know which keys to install -bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token_hex, +bool e4crypt_unlock_user_key(userid_t user_id, int serial __unused, const char* token_hex, const char* secret_hex) { if (e4crypt_is_native()) { if (s_ce_key_raw_refs.count(user_id) != 0) { @@ -469,7 +469,7 @@ bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token_hex return true; } -bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial, +bool e4crypt_prepare_user_storage(const char* volume_uuid, userid_t user_id, int serial __unused, int flags) { if (flags & FLAG_STORAGE_DE) { diff --git a/crypto/lollipop/Android.mk b/crypto/lollipop/Android.mk index 6dc386a29..1be412138 100644 --- a/crypto/lollipop/Android.mk +++ b/crypto/lollipop/Android.mk @@ -24,6 +24,8 @@ ifneq ($(wildcard hardware/libhardware/include/hardware/keymaster0.h),) LOCAL_C_INCLUDES += external/boringssl/src/include endif +LOCAL_CFLAGS += -Wno-unused-function + LOCAL_WHOLE_STATIC_LIBRARIES += libscrypttwrp_static include $(BUILD_SHARED_LIBRARY) diff --git a/crypto/lollipop/cryptfs.c b/crypto/lollipop/cryptfs.c index 80f433bf6..d3bf62955 100644 --- a/crypto/lollipop/cryptfs.c +++ b/crypto/lollipop/cryptfs.c @@ -89,10 +89,7 @@ char *me = "cryptfs"; -static unsigned char saved_master_key[KEY_LEN_BYTES]; -static char *saved_mount_point; static int master_key_saved = 0; -static struct crypt_persist_data *persist_data = NULL; static char key_fname[PROPERTY_VALUE_MAX] = ""; static char real_blkdev[PROPERTY_VALUE_MAX] = ""; static char file_system[PROPERTY_VALUE_MAX] = ""; @@ -629,24 +626,6 @@ static int keymaster_sign_object(struct crypt_mnt_ftr *ftr, } #endif //#ifndef TW_CRYPTO_HAVE_KEYMASTERX -/* Store password when userdata is successfully decrypted and mounted. - * Cleared by cryptfs_clear_password - * - * To avoid a double prompt at boot, we need to store the CryptKeeper - * password and pass it to KeyGuard, which uses it to unlock KeyStore. - * Since the entire framework is torn down and rebuilt after encryption, - * we have to use a daemon or similar to store the password. Since vold - * is secured against IPC except from system processes, it seems a reasonable - * place to store this. - * - * password should be cleared once it has been used. - * - * password is aged out after password_max_age_seconds seconds. - */ -static char* password = 0; -static int password_expiry_time = 0; -static const int password_max_age_seconds = 60; - static void ioctl_init(struct dm_ioctl *io, size_t dataSize, const char *name, unsigned flags) { memset(io, 0, dataSize); @@ -774,7 +753,7 @@ static int get_crypt_ftr_info(char **metadata_fname, off64_t *off) static int get_crypt_ftr_and_key(struct crypt_mnt_ftr *crypt_ftr) { int fd; - unsigned int nr_sec, cnt; + unsigned int cnt; off64_t starting_off; int rc = -1; char *fname = NULL; @@ -979,8 +958,6 @@ static int get_dm_crypt_version(int fd, const char *name, int *version) char buffer[DM_CRYPT_BUF_SIZE]; struct dm_ioctl *io; struct dm_target_versions *v; - int flag; - int i; io = (struct dm_ioctl *) buffer; @@ -996,6 +973,7 @@ static int get_dm_crypt_version(int fd, const char *name, int *version) v = (struct dm_target_versions *) &buffer[sizeof(struct dm_ioctl)]; while (v->next) { #ifdef CONFIG_HW_DISK_ENCRYPTION + int flag; if (is_hw_fde_enabled()) { flag = (!strcmp(v->name, "crypt") || !strcmp(v->name, "req-crypt")); } else { @@ -1022,13 +1000,9 @@ static int create_crypto_blk_dev(struct crypt_mnt_ftr *crypt_ftr, const unsigned const char *real_blk_name, char *crypto_blk_name, const char *name) { char buffer[DM_CRYPT_BUF_SIZE]; - char master_key_ascii[129]; /* Large enough to hold 512 bit key and null */ - char *crypt_params; struct dm_ioctl *io; - struct dm_target_spec *tgt; unsigned int minor; int fd=0; - int i; int retval = -1; int version[3]; char *extra_params; @@ -1223,7 +1197,7 @@ static int scrypt_keymaster(const char *passwd, const unsigned char *salt, unsigned char* master_key = convert_hex_ascii_to_key(passwd, &key_size); if (!master_key) { printf("Failed to convert passwd from hex, using passwd instead\n"); - master_key = strdup(passwd); + master_key = (unsigned char*)strdup(passwd); } rc = crypto_scrypt(master_key, key_size, salt, SALT_LEN, @@ -1365,10 +1339,6 @@ static int test_mount_encrypted_fs(struct crypt_mnt_ftr* crypt_ftr, char crypto_blkdev[MAXPATHLEN]; char tmp_mount_point[64]; int rc = 0; - kdf_func kdf; - void *kdf_params; - int use_keymaster = 0; - int upgrade = 0; unsigned char* intermediate_key = 0; size_t intermediate_key_size = 0; diff --git a/crypto/scrypt/lib/crypto/crypto_scrypt-neon.c b/crypto/scrypt/lib/crypto/crypto_scrypt-neon.c index d05ee1bfe..158bf96f3 100644 --- a/crypto/scrypt/lib/crypto/crypto_scrypt-neon.c +++ b/crypto/scrypt/lib/crypto/crypto_scrypt-neon.c @@ -135,9 +135,7 @@ smix(uint8_t * B, size_t r, uint64_t N, void * V, void * XY) uint8x16_t * X = XY; uint8x16_t * Y = (void *)((uintptr_t)(XY) + 128 * r); uint8x16_t * Z = (void *)((uintptr_t)(XY) + 256 * r); - uint32_t * X32 = (void *)X; uint64_t i, j; - size_t k; /* 1: X <-- B */ blkcpy(X, B, 128 * r); |