commit 9229262d893a8592f7bc1b4e8a8dab7aad8df68c
author Shivaprasad Hongal <shongal@codeaurora.org> Thu Jul 05 14:49:12 2018 -0700
committer Shivaprasad Hongal <shongal@codeaurora.org> Thu Aug 02 10:23:00 2018 -0700
tree efdb78128f971b900e5e55af76232c82ef85243c
parent a737c606d2ada117e729d4e19126fc2370f318a1

vold: Wrapped key support for FBE

Changes to key management in vold such that no keys
are present in the clear in HLOS. Using keymaster to
generate and manage keys.

CRs-Fixed: 2288316

Change-Id: Iaf5bf2eb60c60364f495e6d176e19b4848850028

KeyStorage.h

diff --git a/KeyStorage.h b/KeyStorage.h
index 786e5b4..0c2609e 100644
--- a/KeyStorage.h
+++ b/KeyStorage.h
@@ -17,8 +17,9 @@
 #ifndef ANDROID_VOLD_KEYSTORAGE_H
 #define ANDROID_VOLD_KEYSTORAGE_H
 
+#include "Keymaster.h"
 #include "KeyBuffer.h"
-
+#include <ext4_utils/ext4_crypt.h>
 #include <string>
 
 namespace android {
@@ -39,6 +40,12 @@
     const std::string secret;
 };
 
+enum class KeyType {
+    DE_SYS,
+    DE_USER,
+    CE_USER
+};
+
 extern const KeyAuthentication kEmptyAuthentication;
 
 // Checks if path "path" exists.
@@ -67,6 +74,8 @@
 bool destroyKey(const std::string& dir);
 
 bool runSecdiscardSingle(const std::string& file);
+bool generateWrappedKey(userid_t user_id, KeyType key_type, KeyBuffer* key);
+bool getEphemeralWrappedKey(km::KeyFormat format, KeyBuffer& kmKey, KeyBuffer* key);
 }  // namespace vold
 }  // namespace android