zxcrypt

Namespaces

```
namespace testing
```

Enumerations

enum Activity

Name	Value
Create	0
Unseal	1

Describes what activity we are performing: creating a new volume from

scratch, or unsealing an existing volume. Different activities may prefer

different key sources for migration reasons.

Defined at line 25 of file ../../src/security/lib/zxcrypt/client.h

enum KeySourcePolicy

Name	Value
NullSource	0
TeeRequiredSource	1
TeeTransitionalSource	2
TeeOpportunisticSource	3

Defined at line 30 of file ../../src/security/lib/zxcrypt/client.h

enum KeySource

Name	Value
kNullSource	0
kTeeSource	1

Defined at line 48 of file ../../src/security/lib/zxcrypt/client.h

Records

Functions

void SyncComplete (void * cookie, zx_status_t status, block_op_t * block)

Defined at line 27 of file ../../src/security/lib/zxcrypt/ddk-volume.cc

```
zx_status_t SyncIO (zx_device_t * dev, uint8_t opcode, void * buf, size_t off, size_t len)
```
Performs synchronous I/O

Defined at line 35 of file ../../src/security/lib/zxcrypt/ddk-volume.cc
```
extra_op_t * BlockToExtra (block_op_t * block, size_t op_size)
```
Translates |block_op_t|s to |extra_op_t|s and vice versa.

Defined at line 53 of file ../../src/devices/block/drivers/zxcrypt/extra.cc
```
block_op_t * ExtraToBlock (extra_op_t * extra, size_t op_size)
```
Defined at line 62 of file ../../src/devices/block/drivers/zxcrypt/extra.cc
```
zx::result<KeySourcePolicy> SelectKeySourcePolicy ()
```
Reads /pkg/config/zxcrypt to determine what key source policy was selected for this product at

build time.

Returns the appropriate KeySourcePolicy value if the file contents exactly match a known

configuration value.

Returns ZX_ERR_NOT_FOUND if the config file was not present

Returns ZX_ERR_IO if the config file could not be read

Returns ZX_ERR_BAD_STATE if the config value was not recognized.

Defined at line 68 of file ../../src/security/lib/zxcrypt/client.cc
```
fbl::Vector<KeySource> ComputeEffectiveCreatePolicy (KeySourcePolicy ksp)
```
Returns a ordered vector of |KeySource|s, representing all key sources,

ordered from most-preferred to least-preferred, that we should try for the

purposes of creating a new volume

Defined at line 109 of file ../../src/security/lib/zxcrypt/client.cc
```
fbl::Vector<KeySource> ComputeEffectiveUnsealPolicy (KeySourcePolicy ksp)
```
Returns a ordered vector of |KeySource|s, representing all key sources,

ordered from most-preferred to least-preferred, that we should try for the

purposes of unsealing an existing volume

Defined at line 130 of file ../../src/security/lib/zxcrypt/client.cc
```
fbl::Vector<KeySource> ComputeEffectivePolicy (KeySourcePolicy ksp, Activity activity)
```
Computes the ordered list of key sources that should be used in the context

of |activity| under the key source policy |ksp|.

Defined at line 148 of file ../../src/security/lib/zxcrypt/client.cc
```
zx_status_t TryWithImplicitKeys (Activity activityfit::function<zx_status_t (std::unique_ptr<uint8_t[]>, size_t)> callback)
```
Calls |callback| on a key provided by each key source appropriate for

|activity| until either the callback returns ZX_OK or the callback has

returned some error on all candidate key sources. The caller must have

access to /boot/config/zxcrypt in its namespace to use this function.

Defined at line 162 of file ../../src/security/lib/zxcrypt/client.cc

Variables

const char * kDriverLib

Defined at line 34 of file ../../src/security/lib/zxcrypt/client.cc