When we forget a volume, forget per-volume key Protect all per-volume-per-user keys with a per-volume key, which is forgotten when the volume is forgotten. This means that the user's key is securely lost even when their storage is encrypted at forgetting time. Bug: 25861755 Test: create a volume, forget it, check logs and filesystem. Change-Id: I8df77bc91bbfa2258e082ddd54d6160dbf39b378

commit: 26a53888a4efa4a966db189dd0b614f7573b2760 [log] [tgz]
author: Paul Crowley <paulcrowley@google.com> Thu Oct 26 11:16:39 2017 -0700
committer: Paul Crowley <paulcrowley@google.com> Thu Oct 26 12:19:09 2017 -0700
tree: e9dd12e8c9013fae4064fc073243888cf1f9b58b
parent: c6433a299df633c45d714a20fe3672b9b86d9312 [diff] [blame]
diff --git a/KeyUtil.h b/KeyUtil.h
index 412b0ae..a85eca1 100644
--- a/KeyUtil.h
+++ b/KeyUtil.h

@@ -18,6 +18,7 @@
 #define ANDROID_VOLD_KEYUTIL_H
 
 #include "KeyBuffer.h"
+#include "KeyStorage.h"
 
 #include <string>
 #include <memory>
@@ -28,8 +29,9 @@
 bool randomKey(KeyBuffer* key);
 bool installKey(const KeyBuffer& key, std::string* raw_ref);
 bool evictKey(const std::string& raw_ref);
-bool retrieveAndInstallKey(bool create_if_absent, const std::string& key_path,
-                           const std::string& tmp_path, std::string* key_ref);
+bool retrieveAndInstallKey(bool create_if_absent, const KeyAuthentication& key_authentication,
+                           const std::string& key_path, const std::string& tmp_path,
+                           std::string* key_ref);
 bool retrieveKey(bool create_if_absent, const std::string& key_path,
                  const std::string& tmp_path, KeyBuffer* key);
commit	26a53888a4efa4a966db189dd0b614f7573b2760	[log] [tgz]
author	Paul Crowley <paulcrowley@google.com>	Thu Oct 26 11:16:39 2017 -0700
committer	Paul Crowley <paulcrowley@google.com>	Thu Oct 26 12:19:09 2017 -0700
tree	e9dd12e8c9013fae4064fc073243888cf1f9b58b
parent	c6433a299df633c45d714a20fe3672b9b86d9312 [diff] [blame]