9ad51adeb9
CE keys were cached in vold to support untrusted reset by a device admin, this is now supported by Locksettingservice using synthetic password. This change requires a secret to be provided to retrieve the CE key and re-wrap without the secret when user removes the credential. Test: Set credential, remove credential, swipe to none and vice-versa. Bug: 26948053 Change-Id: I4cb1c035a472477e70c1ff5bf0b2c3fcfad495e5
40 lines
1.7 KiB
C++
40 lines
1.7 KiB
C++
/*
|
|
* Copyright (C) 2015 The Android Open Source Project
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
#include <string>
|
|
|
|
#include <cutils/multiuser.h>
|
|
|
|
bool fscrypt_initialize_systemwide_keys();
|
|
|
|
bool fscrypt_init_user0();
|
|
bool fscrypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
|
|
bool fscrypt_destroy_user_key(userid_t user_id);
|
|
bool fscrypt_add_user_key_auth(userid_t user_id, int serial, const std::string& token,
|
|
const std::string& secret);
|
|
bool fscrypt_clear_user_key_auth(userid_t user_id, int serial, const std::string& token,
|
|
const std::string& secret);
|
|
bool fscrypt_fixate_newest_user_key_auth(userid_t user_id);
|
|
|
|
bool fscrypt_unlock_user_key(userid_t user_id, int serial, const std::string& token,
|
|
const std::string& secret);
|
|
bool fscrypt_lock_user_key(userid_t user_id);
|
|
|
|
bool fscrypt_prepare_user_storage(const std::string& volume_uuid, userid_t user_id, int serial,
|
|
int flags);
|
|
bool fscrypt_destroy_user_storage(const std::string& volume_uuid, userid_t user_id, int flags);
|
|
|
|
bool fscrypt_destroy_volume_keys(const std::string& volume_uuid);
|