return _result;
}
+ public int encryptWipeStorage(int type, String password) throws RemoteException {
+ Parcel _data = Parcel.obtain();
+ Parcel _reply = Parcel.obtain();
+ int _result;
+ try {
+ _data.writeInterfaceToken(DESCRIPTOR);
+ _data.writeInt(type);
+ _data.writeString(password);
+ mRemote.transact(Stub.TRANSACTION_encryptWipeStorage, _data, _reply, 0);
+ _reply.readException();
+ _result = _reply.readInt();
+ } finally {
+ _reply.recycle();
+ _data.recycle();
+ }
+ return _result;
+ }
+
public int changeEncryptionPassword(int type, String password) throws RemoteException {
Parcel _data = Parcel.obtain();
Parcel _reply = Parcel.obtain();
static final int TRANSACTION_fixateNewestUserKeyAuth = IBinder.FIRST_CALL_TRANSACTION + 71;
+ static final int TRANSACTION_encryptWipeStorage = IBinder.FIRST_CALL_TRANSACTION + 72;
+
/**
* Cast an IBinder object into an IMountService interface, generating a
* proxy if needed.
reply.writeInt(result);
return true;
}
+ case TRANSACTION_encryptWipeStorage: {
+ data.enforceInterface(DESCRIPTOR);
+ int type = data.readInt();
+ String password = data.readString();
+ int result = encryptWipeStorage(type, password);
+ reply.writeNoException();
+ reply.writeInt(result);
+ return true;
+ }
case TRANSACTION_changeEncryptionPassword: {
data.enforceInterface(DESCRIPTOR);
int type = data.readInt();
* Returns whether or not the external storage is emulated.
*/
public boolean isExternalStorageEmulated() throws RemoteException;
-
+ /** The volume has been encrypted succesfully and MDTP state is 'activated'. */
+ static final int ENCRYPTION_STATE_OK_MDTP_ACTIVATED = 2;
/** The volume is not encrypted. */
static final int ENCRYPTION_STATE_NONE = 1;
/** The volume has been encrypted succesfully. */
static final int ENCRYPTION_STATE_ERROR_INCONSISTENT = -3;
/** Underlying data is corrupt */
static final int ENCRYPTION_STATE_ERROR_CORRUPT = -4;
+ /** The volume is in a bad state and MDTP state is 'activated'.*/
+ static final int ENCRYPTION_STATE_ERROR_MDTP_ACTIVATED = -5;
/**
* Determines the encryption state of the volume.
public int encryptStorage(int type, String password) throws RemoteException;
/**
+ * Encrypts and wipes storage.
+ */
+ public int encryptWipeStorage(int type, String password) throws RemoteException;
+
+ /**
* Changes the encryption password.
*/
public int changeEncryptionPassword(int type, String password)
virtual bool getMountedObbPath(const String16& filename, String16& path) = 0;
virtual int32_t decryptStorage(const String16& password) = 0;
virtual int32_t encryptStorage(const String16& password) = 0;
+ virtual int32_t encryptWipeStorage(const String16& password) = 0;
};
// ----------------------------------------------------------------------------
TRANSACTION_isExternalStorageEmulated,
TRANSACTION_decryptStorage,
TRANSACTION_encryptStorage,
+ TRANSACTION_encryptWipeStorage = IBinder::FIRST_CALL_TRANSACTION + 72,
};
class BpMountService: public BpInterface<IMountService>
}
return reply.readInt32();
}
+
+ int32_t encryptWipeStorage(const String16& password)
+ {
+ Parcel data, reply;
+ data.writeInterfaceToken(IMountService::getInterfaceDescriptor());
+ data.writeString16(password);
+ if (remote()->transact(TRANSACTION_encryptWipeStorage, data, &reply) != NO_ERROR) {
+ ALOGD("encryptWipeStorage could not contact remote\n");
+ return -1;
+ }
+ int32_t err = reply.readExceptionCode();
+ if (err < 0) {
+ ALOGD("encryptWipeStorage caught exception %d\n", err);
+ return err;
+ }
+ return reply.readInt32();
+ }
};
IMPLEMENT_META_INTERFACE(MountService, "IMountService")
}
}
- public int encryptStorage(int type, String password) {
+ private int encryptStorageExtended(int type, String password, boolean wipe) {
if (TextUtils.isEmpty(password) && type != StorageManager.CRYPT_TYPE_DEFAULT) {
throw new IllegalArgumentException("password cannot be empty");
}
try {
if (type == StorageManager.CRYPT_TYPE_DEFAULT) {
- mCryptConnector.execute("cryptfs", "enablecrypto", "inplace",
+ mCryptConnector.execute("cryptfs", "enablecrypto", wipe ? "wipe" : "inplace",
CRYPTO_TYPES[type]);
} else {
- mCryptConnector.execute("cryptfs", "enablecrypto", "inplace",
+ mCryptConnector.execute("cryptfs", "enablecrypto", wipe ? "wipe" : "inplace",
CRYPTO_TYPES[type], new SensitiveArg(password));
}
} catch (NativeDaemonConnectorException e) {
return 0;
}
+ /** Encrypt Storage given a password.
+ * @param type The password type.
+ * @param password The password to be used in encryption.
+ */
+ public int encryptStorage(int type, String password) {
+ return encryptStorageExtended(type, password, false);
+ }
+
+ /** Encrypt Storage given a password after wiping it.
+ * @param type The password type.
+ * @param password The password to be used in encryption.
+ */
+ public int encryptWipeStorage(int type, String password) {
+ return encryptStorageExtended(type, password, true);
+ }
+
/** Set the password for encrypting the master key.
* @param type One of the CRYPTO_TYPE_XXX consts defined in StorageManager.
* @param password The password to set.