Merge "cryptfs: check for errors in create_encrypted_random_key()"
diff --git a/cryptfs.cpp b/cryptfs.cpp
index d661952..ce01f1f 100644
--- a/cryptfs.cpp
+++ b/cryptfs.cpp
@@ -1398,14 +1398,15 @@
static int create_encrypted_random_key(const char* passwd, unsigned char* master_key,
unsigned char* salt, struct crypt_mnt_ftr* crypt_ftr) {
- int fd;
unsigned char key_buf[MAX_KEY_LEN];
- /* Get some random bits for a key */
- fd = open("/dev/urandom", O_RDONLY | O_CLOEXEC);
- read(fd, key_buf, sizeof(key_buf));
- read(fd, salt, SALT_LEN);
- close(fd);
+ /* Get some random bits for a key and salt */
+ if (android::vold::ReadRandomBytes(sizeof(key_buf), reinterpret_cast<char*>(key_buf)) != 0) {
+ return -1;
+ }
+ if (android::vold::ReadRandomBytes(SALT_LEN, reinterpret_cast<char*>(salt)) != 0) {
+ return -1;
+ }
/* Now encrypt it with the password */
return encrypt_master_key(passwd, salt, key_buf, master_key, crypt_ftr);