pub enum CryptRequest {
CreateKey {
owner: u64,
purpose: KeyPurpose,
responder: CryptCreateKeyResponder,
},
CreateKeyWithId {
owner: u64,
wrapping_key_id: [u8; 16],
object_type: ObjectType,
responder: CryptCreateKeyWithIdResponder,
},
UnwrapKey {
owner: u64,
wrapped_key: WrappedKey,
responder: CryptUnwrapKeyResponder,
},
}Variants§
CreateKey
Creates a new key wrapped with the key identified by wrapping_key_id. owner identifies
the owner of the key and must be supplied to UnwrapKey. The crypt service chooses a
wrapping_key_id which must be supplied to UnwrapKey. The wrapping_key_id has no
meaning to Fxfs.
TODO(https://fxbug.dev/445189846): Add an object_type field to support inline encryption.
CreateKeyWithId
Creates a new key wrapped with the key identified by wrapping_key_id. owner identifies
the owner of the key and must be supplied to UnwrapKey along with wrapping_key_id.
The wrapping_key_id has no meaning to Fxfs.
UnwrapKey
Unwraps a key. owner must be the same as that passed to CreateKey.
This can fail due to permission reasons, but an incorrect key or owner will not fail;
it will just return an unwrapped key that won’t actually decrpyt the data.
ZX_ERR_UNAVAILABLE is returned if the key is known but cannot be unwrapped (e.g. it is
locked).
ZX_ERR_NOT_FOUND is returned if the key is not known. In some cases, implementations are
unable to tell the difference between the two, in which case, ZX_ERR_UNAVAILABLE is
returned.
Implementations§
Source§impl CryptRequest
impl CryptRequest
pub fn into_create_key( self, ) -> Option<(u64, KeyPurpose, CryptCreateKeyResponder)>
pub fn into_create_key_with_id( self, ) -> Option<(u64, [u8; 16], ObjectType, CryptCreateKeyWithIdResponder)>
pub fn into_unwrap_key( self, ) -> Option<(u64, WrappedKey, CryptUnwrapKeyResponder)>
Sourcepub fn method_name(&self) -> &'static str
pub fn method_name(&self) -> &'static str
Name of the method defined in FIDL