diff options
author | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-02-13 00:06:10 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2020-02-13 00:06:10 +0000 |
commit | bc1b381946e07bcb458fa697df91af37272e2945 (patch) | |
tree | 71fbf501b2dc34ec5ebfcc883f41572c220cbc4d | |
parent | 0658f0f25c1a0ed682947edc088f8200c579acdd (diff) | |
parent | 68324299afa0e02733f937216c448f14910aca15 (diff) | |
download | extras-bc1b381946e07bcb458fa697df91af37272e2945.tar.gz |
Merge "libfscrypt: Support hardware wrapped keys" am: a2654741ab am: bc3044a740 am: 68324299af
Change-Id: I02c01d1ee6f7adc79f229166714a01d4f77758a6
-rw-r--r-- | libfscrypt/fscrypt.cpp | 13 | ||||
-rw-r--r-- | libfscrypt/include/fscrypt/fscrypt.h | 1 |
2 files changed, 13 insertions, 1 deletions
diff --git a/libfscrypt/fscrypt.cpp b/libfscrypt/fscrypt.cpp index a1f1fc4c..9ea8cd33 100644 --- a/libfscrypt/fscrypt.cpp +++ b/libfscrypt/fscrypt.cpp @@ -131,6 +131,12 @@ static bool fscrypt_is_encrypted(int fd) { return ioctl(fd, FS_IOC_GET_ENCRYPTION_POLICY, &policy) == 0 || errno == EINVAL; } +bool operator!=(const EncryptionOptions& lhs, const EncryptionOptions& rhs) { + return !((lhs.version == rhs.version) && (lhs.contents_mode == rhs.contents_mode) && + (lhs.filenames_mode == rhs.filenames_mode) && (lhs.flags == rhs.flags) && + (lhs.use_hw_wrapped_key == rhs.use_hw_wrapped_key)); +} + bool OptionsToString(const EncryptionOptions& options, std::string* options_string) { std::string contents_mode, filenames_mode; if (!LookupModeById(contents_modes, options.contents_mode, &contents_mode)) { @@ -143,12 +149,15 @@ bool OptionsToString(const EncryptionOptions& options, std::string* options_stri if ((options.flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64)) { *options_string += "+inlinecrypt_optimized"; } + if (options.use_hw_wrapped_key) { + *options_string += "+wrappedkey_v0"; + } EncryptionOptions options_check; if (!ParseOptions(*options_string, &options_check)) { LOG(ERROR) << "Internal error serializing options as string: " << *options_string; return false; } - if (memcmp(&options, &options_check, sizeof(options_check)) != 0) { + if (options != options_check) { LOG(ERROR) << "Internal error serializing options as string, round trip failed: " << *options_string; return false; @@ -187,6 +196,8 @@ bool ParseOptions(const std::string& options_string, EncryptionOptions* options) options->version = 2; } else if (flag == "inlinecrypt_optimized") { options->flags |= FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64; + } else if (flag == "wrappedkey_v0") { + options->use_hw_wrapped_key = true; } else { LOG(ERROR) << "Unknown flag: " << flag; return false; diff --git a/libfscrypt/include/fscrypt/fscrypt.h b/libfscrypt/include/fscrypt/fscrypt.h index ca051f4a..18fb4fc3 100644 --- a/libfscrypt/include/fscrypt/fscrypt.h +++ b/libfscrypt/include/fscrypt/fscrypt.h @@ -34,6 +34,7 @@ struct EncryptionOptions { int contents_mode; int filenames_mode; int flags; + bool use_hw_wrapped_key; // Ensure that "version" is not valid on creation and so must be explicitly set EncryptionOptions() : version(0) {} |