1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <android-base/result.h> 20 21 #include <map> 22 #include <string> 23 #include <vector> 24 25 android::base::Result<void> addCertToFsVerityKeyring(const std::string& path, const char* keyName); 26 android::base::Result<std::vector<uint8_t>> createDigest(const std::string& path); 27 android::base::Result<std::string> enableFsVerity(int fd); 28 bool SupportsFsVerity(); 29 android::base::Result<std::map<std::string, std::string>> 30 verifyAllFilesInVerity(const std::string& path); 31 32 // Note that this function will skip files that are already in fs-verity, and 33 // for those files it will return the existing digest. 34 android::base::Result<std::map<std::string, std::string>> 35 addFilesToVerityRecursive(const std::string& path); 36 37 // Enable verity on the provided file, using the given PKCS7 signature. 38 android::base::Result<void> enableFsVerity(const std::string& path); 39 40 android::base::Result<void> 41 verifyAllFilesUsingCompOs(const std::string& directory_path, 42 const std::map<std::string, std::string>& digests); 43