ext4_utils/ext4_crypt.cpp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120

#define TAG "ext4_utils"

#include "ext4_crypt.h"

#include <string>
#include <fstream>
#include <map>

#include <errno.h>
#include <sys/mount.h>

#include <cutils/klog.h>
#include <cutils/properties.h>

#include "unencrypted_properties.h"

namespace {
    std::map<std::string, std::string> s_password_store;
}

bool e4crypt_non_default_key(const char* dir)
{
    int type = e4crypt_get_password_type(dir);

    // ext4enc:TODO Use consts, not 1 here
    return type != -1 && type != 1;
}

int e4crypt_get_password_type(const char* path)
{
    UnencryptedProperties props(path);
    if (props.Get<std::string>(properties::key).empty()) {
        KLOG_INFO(TAG, "No master key, so not ext4enc\n");
        return -1;
    }

    return props.Get<int>(properties::type, 1);
}

int e4crypt_change_password(const char* path, int crypt_type,
                            const char* password)
{
    // ext4enc:TODO Encrypt master key with password securely. Store hash of
    // master key for validation
    UnencryptedProperties props(path);
    if (   props.Set(properties::password, password)
        && props.Set(properties::type, crypt_type))
        return 0;
    return -1;
}

int e4crypt_crypto_complete(const char* path)
{
    KLOG_INFO(TAG, "ext4 crypto complete called on %s\n", path);
    if (UnencryptedProperties(path).Get<std::string>(properties::key).empty()) {
        KLOG_INFO(TAG, "No master key, so not ext4enc\n");
        return -1;
    }

    return 0;
}

int e4crypt_check_passwd(const char* path, const char* password)
{
    UnencryptedProperties props(path);
    if (props.Get<std::string>(properties::key).empty()) {
        KLOG_INFO(TAG, "No master key, so not ext4enc\n");
        return -1;
    }

    auto actual_password = props.Get<std::string>(properties::password);

    if (actual_password == password) {
        s_password_store[path] = password;
        return 0;
    } else {
        return -1;
    }
}

int e4crypt_restart(const char* path)
{
    int rc = 0;

    KLOG_INFO(TAG, "ext4 restart called on %s\n", path);
    property_set("vold.decrypt", "trigger_reset_main");
    KLOG_INFO(TAG, "Just asked init to shut down class main\n");
    sleep(2);

    std::string tmp_path = std::string() + path + "/tmp_mnt";

    // ext4enc:TODO add retry logic
    rc = umount(tmp_path.c_str());
    if (rc) {
        KLOG_ERROR(TAG, "umount %s failed with rc %d, msg %s\n",
                   tmp_path.c_str(), rc, strerror(errno));
        return rc;
    }

    // ext4enc:TODO add retry logic
    rc = umount(path);
    if (rc) {
        KLOG_ERROR(TAG, "umount %s failed with rc %d, msg %s\n",
                   path, rc, strerror(errno));
        return rc;
    }

    return 0;
}

const char* e4crypt_get_password(const char* path)
{
    // ext4enc:TODO scrub password after timeout
    auto i = s_password_store.find(path);
    if (i == s_password_store.end()) {
        return 0;
    } else {
        return i->second.c_str();
    }
}