class FdioVolume

class FdioVolume

Defined at line 21 of file ../../src/security/lib/zxcrypt/fdio-volume.h

|zxcrypt::FdioVolume| is a zxcrypt volume with an underlying block device. It can be used on the

host to prepare zxcrypt images, and is often more convenient for testing.

Public Methods

void FdioVolume (fidl::ClientEnd<fuchsia_storage_block::Block> channel)

Defined at line 33 of file ../../src/security/lib/zxcrypt/fdio-volume.cc

zx::result<std::unique_ptr<FdioVolume>> Create (fidl::ClientEnd<fuchsia_storage_block::Block> channel, const crypto::Secret & key)

Creates a new zxcrypt volume associated with the given block volume, |channel|. This will

format the block device as zxcrypt using the given |key|, which will be associated with key

slot 0. Note that |key| is not strengthened and MUST have cryptographic key length of at least

128 bits.

Defined at line 56 of file ../../src/security/lib/zxcrypt/fdio-volume.cc

zx::result<std::unique_ptr<FdioVolume>> Unlock (fidl::ClientEnd<fuchsia_storage_block::Block> channel, const crypto::Secret & key, key_slot_t slot)

This is a convenience method that calls |Init| and then |Unlock|.

Defined at line 72 of file ../../src/security/lib/zxcrypt/fdio-volume.cc

zx::result<std::unique_ptr<FdioVolume>> Init (fidl::ClientEnd<fuchsia_storage_block::Block> channel)

Returns a new volume object corresponding to the block device given by

|channel| and populated with the block and FVM information.

Defined at line 36 of file ../../src/security/lib/zxcrypt/fdio-volume.cc

zx_status_t Unlock (const crypto::Secret & key, key_slot_t slot)

Opens a zxcrypt volume using the |key| corresponding to given key |slot|.

Defined at line 87 of file ../../src/security/lib/zxcrypt/fdio-volume.cc

zx_status_t Enroll (const crypto::Secret & key, key_slot_t slot)

Adds a given |key| to the given key |slot|. This key can then be used to |Open| the

zxcrypt device. This method can only be called if the volume belongs to libzxcrypt.

Defined at line 92 of file ../../src/security/lib/zxcrypt/fdio-volume.cc

zx_status_t Revoke (key_slot_t slot)

Removes the root key in the given key |slot|. This key can no longer be used to |Open| the

zxcrypt device. This method can only be called if the volume belongs to libzxcrypt.

Defined at line 105 of file ../../src/security/lib/zxcrypt/fdio-volume.cc

Friends

class TestDevice