Add encryption in incidentd. + Sections which require encryption will be encryted on disk. + When the sections are requested by clients (e.g., permission controller, report assignee), incidentd will decrypte the data. + For efficiency, encryption is done ONLY for sections that require encryption. + Use Keystore API for key management. Bug: 131084614 Test: incidentd_test Change-Id: I84d6b86807ba5bbde1051e847b2df6e79e6b5be5

commit: 43706b44705640aec6c3230c25502f6207d01c3d [log] [tgz]
author: Yao Chen <yaochen@google.com> Sun Apr 21 14:34:30 2019 -0700
committer: Yao Chen <yaochen@google.com> Tue Apr 23 15:20:38 2019 -0700
tree: 70cff4df7ff27b2ac82ca5b2812f838740a39564
parent: 7feb1a1f7d0526dc0518be1ee5068ef51a48e074 [diff] [blame]
diff --git a/cmds/incidentd/src/Privacy.cpp b/cmds/incidentd/src/Privacy.cpp
index 386303b..91f0dd3 100644
--- a/cmds/incidentd/src/Privacy.cpp
+++ b/cmds/incidentd/src/Privacy.cpp

@@ -37,6 +37,8 @@
     return NULL;
 }
 
+bool sectionEncryption(int section_id) { return section_id == 3025 /*restricted image section*/; }
+
 static bool isAllowed(const uint8_t policy, const uint8_t check) {
     switch (check) {
         case PRIVACY_POLICY_LOCAL:
commit	43706b44705640aec6c3230c25502f6207d01c3d	[log] [tgz]
author	Yao Chen <yaochen@google.com>	Sun Apr 21 14:34:30 2019 -0700
committer	Yao Chen <yaochen@google.com>	Tue Apr 23 15:20:38 2019 -0700
tree	70cff4df7ff27b2ac82ca5b2812f838740a39564
parent	7feb1a1f7d0526dc0518be1ee5068ef51a48e074 [diff] [blame]