DO NOT MERGE Securely encrypt the master key
(cherry-picked from commit 707fd6c7cccc31c0ab0ec1a6ac8b6077c632fc35)
Move all key management into vold
Reuse vold's existing key management through the crypto footer
to manage the device wide keys.
Use ro.crypto.type flag to determine crypto type, which prevents
any issues when running in block encrypted mode, as well as speeding
up boot in block or no encryption.
This is one of four changes to enable this functionality:
https://android-review.googlesource.com/#/c/148586/
https://android-review.googlesource.com/#/c/148604/
https://android-review.googlesource.com/#/c/148606/
https://android-review.googlesource.com/#/c/148607/
Bug: 18151196
Change-Id: I3c68691717a61b5e1df76423ca0c02baff0dab98
diff --git a/cryptfs.h b/cryptfs.h
index 6984944..fa3d351 100644
--- a/cryptfs.h
+++ b/cryptfs.h
@@ -221,12 +221,20 @@
int cryptfs_setup_ext_volume(const char* label, const char* real_blkdev,
const unsigned char* key, int keysize, char* out_crypto_blkdev);
int cryptfs_revert_ext_volume(const char* label);
+ int cryptfs_enable_file();
int cryptfs_getfield(const char *fieldname, char *value, int len);
int cryptfs_setfield(const char *fieldname, const char *value);
int cryptfs_mount_default_encrypted(void);
int cryptfs_get_password_type(void);
const char* cryptfs_get_password(void);
void cryptfs_clear_password(void);
+
+ // Functions for file encryption to use to inherit our encryption logic
+ int cryptfs_create_default_ftr(struct crypt_mnt_ftr* ftr, int key_length);
+ int cryptfs_get_master_key(struct crypt_mnt_ftr* ftr, const char* password,
+ unsigned char* master_key);
+ int cryptfs_set_password(struct crypt_mnt_ftr* ftr, const char* password,
+ const unsigned char* master_key);
#ifdef __cplusplus
}
#endif