Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / android_system_vold / e17a9c4ad3ebb4051853a4860b18973e1a01ce11^! / . / cryptfs.h
commite17a9c4ad3ebb4051853a4860b18973e1a01ce11[log] [tgz]
authorShawn Willden <swillden@google.com>Mon Sep 08 13:04:08 2014 -0600
committerRom Lemarchand <romlem@google.com>Tue Sep 09 16:11:35 2014 +0000
tree11c0255654132a6bbaa2ca984aa03833f78b0dbb
parentb2f682bda8443fb93ab67f19be84fd80d5ed2838 [diff] [blame]
Change cryptfs keymaster padding to ensure the high bit is never 1,
to ensure the padded message is never larger than the RSA public
modulus.

Bug: 17358530

Change-Id: I4dc488399c4ecfa2d24cacb839a9087e65475947

diff --git a/cryptfs.h b/cryptfs.h
index 8aa1d1c..490bc11 100644
--- a/cryptfs.h
+++ b/cryptfs.h

@@ -72,8 +72,11 @@
 /* Key Derivation Function algorithms */
 #define KDF_PBKDF2 1
 #define KDF_SCRYPT 2
-#define KDF_SCRYPT_KEYMASTER_IMPROPER 3
-#define KDF_SCRYPT_KEYMASTER 4
+/* TODO(paullawrence): Remove KDF_SCRYPT_KEYMASTER_UNPADDED and KDF_SCRYPT_KEYMASTER_BADLY_PADDED
+ * when it is safe to do so. */
+#define KDF_SCRYPT_KEYMASTER_UNPADDED 3
+#define KDF_SCRYPT_KEYMASTER_BADLY_PADDED 4
+#define KDF_SCRYPT_KEYMASTER 5
 
 /* Maximum allowed keymaster blob size. */
 #define KEYMASTER_BLOB_SIZE 2048
@@ -220,4 +223,3 @@
 #ifdef __cplusplus
 }
 #endif
-