From 253368a0726120efa57664cdd1d088af099a3d81 Mon Sep 17 00:00:00 2001 From: Ethan Yonker Date: Tue, 25 Nov 2014 15:00:52 -0600 Subject: Reduce libs needed for decrypt and clean up old decypt files Trim cryptfs.c to remove functions that TWRP does not use for decrypt and remove the need for libfs_mgr from cryptfs.c by passing some items to cryptfs.c from the partition manager. Add support for new fstab flags: encryptable and forceencrypt=/path/to/cryptokey For example: flags=forceencrypt=/dev/block/platform/sdhci-tegra.3/by-name/MD1 Note that "footer" is the default, so you do not need to set this flag on devices that use the footer for the crypto key. Also add mounttodecrypt if you need to mount a partition during the decrypt cycle for firmware of proprietary libs. Clean up decrypt and only support one version Android 5.0 lollipop decrypt should be backwards compatible with older versions so we will only support one version, 1.3 that came with 5.0 lollipop. Remove support for Samsung TouchWiz decrypt. It does not work with the latest versions of Samsung encryption anyway and it has not been updated to work with any AOSP decryption higher than 1.1 Change-Id: I2d9c6e31df50268c91ee642c2fa090f901d9d5c9 --- crypto/ics/cryptfs.h | 86 ---------------------------------------------------- 1 file changed, 86 deletions(-) delete mode 100644 crypto/ics/cryptfs.h (limited to 'crypto/ics/cryptfs.h') diff --git a/crypto/ics/cryptfs.h b/crypto/ics/cryptfs.h deleted file mode 100644 index 8c8037659..000000000 --- a/crypto/ics/cryptfs.h +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (C) 2010 The Android Open Source Project - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -/* This structure starts 16,384 bytes before the end of a hardware - * partition that is encrypted. - * Immediately following this structure is the encrypted key. - * The keysize field tells how long the key is, in bytes. - * Then there is 32 bytes of padding, - * Finally there is the salt used with the user password. - * The salt is fixed at 16 bytes long. - * Obviously, the filesystem does not include the last 16 kbytes - * of the partition. - */ - -#ifndef __CRYPTFS_H__ -#define __CRYPTFS_H__ - -#ifdef TW_INCLUDE_CRYPTO_SAMSUNG -#include "../libcrypt_samsung/include/libcrypt_samsung.h" -#endif - -#define CRYPT_FOOTER_OFFSET 0x4000 - -#define MAX_CRYPTO_TYPE_NAME_LEN 64 - -#define SALT_LEN 16 -#define KEY_TO_SALT_PADDING 32 - -/* definitions of flags in the structure below */ -#define CRYPT_MNT_KEY_UNENCRYPTED 0x1 /* The key for the partition is not encrypted. */ -#define CRYPT_ENCRYPTION_IN_PROGRESS 0x2 /* Set when starting encryption, - * clear when done before rebooting */ - -#ifdef TW_INCLUDE_CRYPTO_SAMSUNG -#define CRYPT_MNT_MAGIC_SAMSUNG 0xD0B5B1C5 -#endif -#define CRYPT_MNT_MAGIC 0xD0B5B1C4 - -#define __le32 unsigned int -#define __le16 unsigned short int - -#pragma pack(1) - -struct crypt_mnt_ftr { - __le32 magic; /* See above */ - __le16 major_version; - __le16 minor_version; - __le32 ftr_size; /* in bytes, not including key following */ - __le32 flags; /* See above */ - __le32 keysize; /* in bytes */ - __le32 spare1; /* ignored */ - __le64 fs_size; /* Size of the encrypted fs, in 512 byte sectors */ - __le32 failed_decrypt_count; /* count of # of failed attempts to decrypt and - mount, set to 0 on successful mount */ - char crypto_type_name[MAX_CRYPTO_TYPE_NAME_LEN]; /* The type of encryption - needed to decrypt this - partition, null terminated */ -}; - -#pragma pack() - - -#ifdef __cplusplus -extern "C" { -#endif - int cryptfs_check_footer(void); - int cryptfs_check_passwd(const char *pw); -#ifdef __cplusplus -} -#endif - -#endif // __CRYPTFS_H__ - -- cgit v1.2.3