cryptfs: Don't hardcode ikey buffer size

We were hardcoding the size of the ikey buffer, but then had logic which used KEY_LEN_BYTES and IV_LEN_BYTES to offset into the array and describe the length of its contents. In anticipation of allowing the keysize to be set via a property, instead of at compile time, we change this code to make the relation between the keysize and the buffer size explicit. Bug: 73079191 Test: Flashed an encrypted sailfish and it booted. Change-Id: I109a5dc812662220e53163bfb4b5e51bf5abf185
6 years ago · f45a70c416
parent b610e77fd2
commit f45a70c416
1 changed files with 2 additions and 2 deletions
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@ -1109,7 +1109,7 @@ static int encrypt_master_key(const char *passwd, const unsigned char *salt,
                              unsigned char *encrypted_master_key,
                              struct crypt_mnt_ftr *crypt_ftr)
 {
-    unsigned char ikey[32+32] = { 0 }; /* Big enough to hold a 256 bit key and 256 bit IV */
+    unsigned char ikey[KEY_LEN_BYTES+IV_LEN_BYTES] = { 0 };
    EVP_CIPHER_CTX e_ctx;
    int encrypted_len, final_len;
    int rc = 0;
@ -1196,7 +1196,7 @@ static int decrypt_master_key_aux(const char *passwd, unsigned char *salt,
                                  unsigned char** intermediate_key,
                                  size_t* intermediate_key_size)
 {
-  unsigned char ikey[32+32] = { 0 }; /* Big enough to hold a 256 bit key and 256 bit IV */
+  unsigned char ikey[KEY_LEN_BYTES+IV_LEN_BYTES] = { 0 };
  EVP_CIPHER_CTX d_ctx;
  int decrypted_len, final_len;