From fc79aa6375a3849eb8f286fea3959c04d5ac6af2 Mon Sep 17 00:00:00 2001 From: mauronofrio Date: Sat, 23 Nov 2019 23:13:04 +0100 Subject: [PATCH] Encryption: don't try wrapped key if not needed This commit is used to directly use the wrapped key decryption when the "wrappedkey" flag is set in the fstab. Change-Id: I74310c3bbec378ee684a8f6d0395a9776dd22abf (cherry picked from commit 1db943295de9728e364bf0e75bfe9f1a98d413a1) --- partition.cpp | 11 +++++++++-- partitionmanager.cpp | 13 ++++++++++--- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/partition.cpp b/partition.cpp index 5626e5c4..7f4189a6 100644 --- a/partition.cpp +++ b/partition.cpp @@ -685,11 +685,18 @@ void TWPartition::Setup_Data_Partition(bool Display_Error) { } else { if (!Decrypt_FBE_DE()) { - LOGINFO("Trying wrapped key.\n"); - property_set("fbe.data.wrappedkey", "true"); + char wrappedvalue[PROPERTY_VALUE_MAX]; + property_get("fbe.data.wrappedkey", wrappedvalue, ""); + std::string wrappedkeyvalue(wrappedvalue); + if (wrappedkeyvalue == "true") { + LOGERR("Unable to decrypt FBE device\n"); + } else { + LOGINFO("Trying wrapped key.\n"); + property_set("fbe.data.wrappedkey", "true"); if (!Decrypt_FBE_DE()) { LOGERR("Unable to decrypt FBE device\n"); } + } } } if (datamedia && (!Is_Encrypted || (Is_Encrypted && Is_Decrypted))) { diff --git a/partitionmanager.cpp b/partitionmanager.cpp index 159ceadc..b6918f3b 100755 --- a/partitionmanager.cpp +++ b/partitionmanager.cpp @@ -304,10 +304,17 @@ int TWPartitionManager::Process_Fstab(string Fstab_Filename, bool Display_Error, usleep(500); if (Decrypt_Data->Mount(false)) { if (!Decrypt_Data->Decrypt_FBE_DE()) { - LOGINFO("Trying wrapped key.\n"); - property_set("fbe.data.wrappedkey", "true"); - if (!Decrypt_Data->Decrypt_FBE_DE()) { + char wrappedvalue[PROPERTY_VALUE_MAX]; + property_get("fbe.data.wrappedkey", wrappedvalue, ""); + std::string wrappedkeyvalue(wrappedvalue); + if (wrappedkeyvalue == "true") { LOGERR("Unable to decrypt FBE device\n"); + } else { + LOGINFO("Trying wrapped key.\n"); + property_set("fbe.data.wrappedkey", "true"); + if (!Decrypt_Data->Decrypt_FBE_DE()) { + LOGERR("Unable to decrypt FBE device\n"); + } } }