1 /*
2  * Copyright (C) 2016 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef _FSCRYPT_H_
18 #define _FSCRYPT_H_
19 
20 #include <string>
21 
22 #ifndef FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32
23 // When FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32 is added to Bionic's linux/fscrypt.h
24 // then this whole stanza should be removed.
25 #define FSCRYPT_POLICY_FLAG_IV_INO_LBLK_32 0x10
26 #endif
27 
28 bool fscrypt_is_native();
29 
30 static const char* fscrypt_unencrypted_folder = "/unencrypted";
31 static const char* fscrypt_key_ref = "/unencrypted/ref";
32 static const char* fscrypt_key_per_boot_ref = "/unencrypted/per_boot_ref";
33 static const char* fscrypt_key_mode = "/unencrypted/mode";
34 
35 namespace android {
36 namespace fscrypt {
37 
38 struct EncryptionOptions {
39     int version;
40     int contents_mode;
41     int filenames_mode;
42     int flags;
43     bool use_hw_wrapped_key;
44 
45     // Ensure that "version" is not valid on creation and so must be explicitly set
46     EncryptionOptions() : version(0) {}
47 };
48 
49 struct EncryptionPolicy {
50     EncryptionOptions options;
51     std::string key_raw_ref;
52 };
53 
54 void BytesToHex(const std::string& bytes, std::string* hex);
55 
56 unsigned int GetFirstApiLevel();
57 
58 bool OptionsToString(const EncryptionOptions& options, std::string* options_string);
59 
60 bool OptionsToStringForApiLevel(unsigned int first_api_level, const EncryptionOptions& options,
61                                 std::string* options_string);
62 
63 bool ParseOptions(const std::string& options_string, EncryptionOptions* options);
64 
65 bool ParseOptionsForApiLevel(unsigned int first_api_level, const std::string& options_string,
66                              EncryptionOptions* options);
67 
68 bool EnsurePolicy(const EncryptionPolicy& policy, const std::string& directory);
69 
70 inline bool operator==(const EncryptionOptions& lhs, const EncryptionOptions& rhs) {
71     return (lhs.version == rhs.version) && (lhs.contents_mode == rhs.contents_mode) &&
72              (lhs.filenames_mode == rhs.filenames_mode) && (lhs.flags == rhs.flags) &&
73              (lhs.use_hw_wrapped_key == rhs.use_hw_wrapped_key);
74 }
75 
76 inline bool operator!=(const EncryptionOptions& lhs, const EncryptionOptions& rhs) {
77     return !(lhs == rhs);
78 }
79 
80 inline bool operator==(const EncryptionPolicy& lhs, const EncryptionPolicy& rhs) {
81     return lhs.key_raw_ref == rhs.key_raw_ref && lhs.options == rhs.options;
82 }
83 
84 inline bool operator!=(const EncryptionPolicy& lhs, const EncryptionPolicy& rhs) {
85     return !(lhs == rhs);
86 }
87 
88 }  // namespace fscrypt
89 }  // namespace android
90 
91 #endif // _FSCRYPT_H_
92