diff options
author | Ethan Yonker <dees_troy@teamw.in> | 2016-12-07 20:55:01 +0100 |
---|---|---|
committer | Dees Troy <dees_troy@teamw.in> | 2016-12-13 21:16:42 +0100 |
commit | bd7492de28963b7e74e8e5d3f17ec9a5a287d9c3 (patch) | |
tree | 563c0c0d1edb2dcf81db4c4d0e39f49a37a894c9 /crypto/ext4crypt/KeyStorage.h | |
parent | Add boot slot support (diff) | |
download | android_bootable_recovery-bd7492de28963b7e74e8e5d3f17ec9a5a287d9c3.tar android_bootable_recovery-bd7492de28963b7e74e8e5d3f17ec9a5a287d9c3.tar.gz android_bootable_recovery-bd7492de28963b7e74e8e5d3f17ec9a5a287d9c3.tar.bz2 android_bootable_recovery-bd7492de28963b7e74e8e5d3f17ec9a5a287d9c3.tar.lz android_bootable_recovery-bd7492de28963b7e74e8e5d3f17ec9a5a287d9c3.tar.xz android_bootable_recovery-bd7492de28963b7e74e8e5d3f17ec9a5a287d9c3.tar.zst android_bootable_recovery-bd7492de28963b7e74e8e5d3f17ec9a5a287d9c3.zip |
Diffstat (limited to 'crypto/ext4crypt/KeyStorage.h')
-rw-r--r-- | crypto/ext4crypt/KeyStorage.h | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/crypto/ext4crypt/KeyStorage.h b/crypto/ext4crypt/KeyStorage.h new file mode 100644 index 000000000..63d38da25 --- /dev/null +++ b/crypto/ext4crypt/KeyStorage.h @@ -0,0 +1,53 @@ +/* + * Copyright (C) 2016 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef ANDROID_VOLD_KEYSTORAGE_H +#define ANDROID_VOLD_KEYSTORAGE_H + +#include <string> + +namespace android { +namespace vold { + +// Represents the information needed to decrypt a disk encryption key. +// If "token" is nonempty, it is passed in as a required Gatekeeper auth token. +// If "secret" is nonempty, it is appended to the application-specific +// binary needed to unlock. +class KeyAuthentication { + public: + KeyAuthentication(std::string t, std::string s) : token{t}, secret{s} {}; + const std::string token; + const std::string secret; +}; + +extern const KeyAuthentication kEmptyAuthentication; + +// Create a directory at the named path, and store "key" in it, +// in such a way that it can only be retrieved via Keymaster and +// can be securely deleted. +// It's safe to move/rename the directory after creation. +//bool storeKey(const std::string& dir, const KeyAuthentication& auth, const std::string& key); + +// Retrieve the key from the named directory. +bool retrieveKey(const std::string& dir, const KeyAuthentication& auth, std::string* key); + +// Securely destroy the key stored in the named directory and delete the directory. +bool destroyKey(const std::string& dir); + +} // namespace vold +} // namespace android + +#endif |