Two phases to set the password for disk encryption In one phase, we make the new password work, and in the second we make it the only one which works ("fixation"). This means that we can set the password in Gatekeeper between these two phases, and a crash doesn't break things. Unlocking a user automatically fixates the presented credential. Bug: 28154455 Change-Id: I54623c8652f0c9f72dd60388a7dc0ab2d48e81c7

commit: 92c5eeb46779f0fa1c9e6db6b0d632d960cbb2e4 [log] [tgz]
author: Paul Crowley <paulcrowley@google.com> Fri Apr 22 12:09:54 2016 -0700
committer: Paul Crowley <paulcrowley@google.com> Fri May 06 11:09:39 2016 -0700
tree: 8f843d4c4e161205d41f4421017103e22c50f8eb
parent: b3de337acd7ad07de1ed30d24fdfd628d1d8590b [diff] [blame]
diff --git a/Ext4Crypt.h b/Ext4Crypt.h
index 89cfbab..2dcc197 100644
--- a/Ext4Crypt.h
+++ b/Ext4Crypt.h

@@ -28,8 +28,9 @@
 bool e4crypt_init_user0();
 bool e4crypt_vold_create_user_key(userid_t user_id, int serial, bool ephemeral);
 bool e4crypt_destroy_user_key(userid_t user_id);
-bool e4crypt_change_user_key(userid_t user_id, int serial, const char* token,
-                             const char* old_secret, const char* new_secret);
+bool e4crypt_add_user_key_auth(userid_t user_id, int serial, const char* token,
+                               const char* secret);
+bool e4crypt_fixate_newest_user_key_auth(userid_t user_id);
 
 bool e4crypt_unlock_user_key(userid_t user_id, int serial, const char* token, const char* secret);
 bool e4crypt_lock_user_key(userid_t user_id);
commit	92c5eeb46779f0fa1c9e6db6b0d632d960cbb2e4	[log] [tgz]
author	Paul Crowley <paulcrowley@google.com>	Fri Apr 22 12:09:54 2016 -0700
committer	Paul Crowley <paulcrowley@google.com>	Fri May 06 11:09:39 2016 -0700
tree	8f843d4c4e161205d41f4421017103e22c50f8eb
parent	b3de337acd7ad07de1ed30d24fdfd628d1d8590b [diff] [blame]