1 /*
2  * Copyright (c) 2022-2024 Huawei Device Co., Ltd.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 #ifndef STORAGE_DAEMON_CRYPTO_FSCRYPT_KEYV1_H
16 #define STORAGE_DAEMON_CRYPTO_FSCRYPT_KEYV1_H
17 
18 #include "base_key.h"
19 #include "fscrypt_key_v1_ext.h"
20 #include "libfscrypt/key_control.h"
21 #include "fbex.h"
22 
23 namespace OHOS {
24 namespace StorageDaemon {
25 class FscryptKeyV1 final : public BaseKey {
26 public:
27     FscryptKeyV1() = delete;
28     FscryptKeyV1(const std::string &dir, uint8_t keyLen = CRYPTO_AES_256_XTS_KEY_SIZE) : BaseKey(dir, keyLen)
29     {
30         keyInfo_.version = FSCRYPT_V1;
31         fscryptV1Ext.SetDir(dir);
32     }
33     ~FscryptKeyV1() = default;
34 
35     bool ActiveKey(uint32_t flag = 0, const std::string &mnt = MNT_DATA);
36     bool InactiveKey(uint32_t flag = 0, const std::string &mnt = MNT_DATA);
37     bool LockUserScreen(uint32_t flag = 0, uint32_t sdpClass = 0, const std::string &mnt = MNT_DATA);
38     bool UnlockUserScreen(uint32_t flag = 0, uint32_t sdpClass = 0, const std::string &mnt = MNT_DATA);
39     bool GenerateAppkey(uint32_t userId, uint32_t hashId, std::string &keyId);
40     bool DeleteAppkey(const std::string keyId);
41     void DropCachesIfNeed();
42     bool AddClassE(bool &isNeedEncryptClassE, bool &isSupport, uint32_t status = 0);
43     bool DeleteClassEPinCode(uint32_t userId = 0);
44     bool ChangePinCodeClassE(bool &isFbeSupport, uint32_t userId = 0);
45     bool DecryptClassE(const UserAuth &auth, bool &isSupport, bool &eBufferStatue, uint32_t user = 0,
46                        bool needSyncCandidate = true);
47     bool EncryptClassE(const UserAuth &auth, bool &isSupport, uint32_t user = 0, uint32_t status = 0);
48     bool LockUece(bool &isFbeSupport);
49 
50 private:
51     bool GenerateKeyDesc();
52     bool InstallKeyToKeyring();
53     bool InstallEceSeceKeyToKeyring(uint32_t sdpClass);
54     bool UninstallKeyToKeyring();
55     FscryptKeyV1Ext fscryptV1Ext;
56     bool InstallKeyForAppKeyToKeyring(KeyBlob &appKey);
57     bool UninstallKeyForAppKeyToKeyring(const std::string keyId);
58     bool GenerateAppKeyDesc(KeyBlob appKey);
59     bool DoDecryptClassE(const UserAuth &auth, KeyBlob &eSecretFBE, KeyBlob &decryptedKey,
60                          bool needSyncCandidate = true);
61     FscryptKeyV1Ext fscryptKeyV1Ext;
62 };
63 } // namespace StorageDaemon
64 } // namespace OHOS
65 #endif // STORAGE_DAEMON_CRYPTO_FSCRYPT_KEYV1_H
66