fs_crypto_domain_key_change()

Updated: April 19, 2023

Change the key needed to unlock the specified domain

Synopsis:

#include <fs_crypto_api.h>
#include <sys/fs_crypto.h>

int fs_crypto_domain_key_change( const char *path,
                                 int domain,
                                 int length,
                                 const uint8_t org_key[],
                                 const uint8_t new_key[],
                                 int *preply );

Arguments:

path
The path to the filesystem's mountpoint.
domain
The number of the domain that you want to change the key for.
length
The number of bytes available in the key arrays. The keys must both be the same size.
org_key
The binary representation of the original key.
new_key
The binary representation of the new key.
preply
A pointer to a location where the function can store additional success or error information.

Library:

libfscrypto

Use the -l fscrypto option to qcc to link against this library.

Description:

The fs_crypto_domain_key_change() function changes the key needed to unlock the specified domain.

Note:
  • In order to use filesystem encryption, download the Encrypted Filesystem package from the QNX Software Center.
  • You must be in the group that owns the filesystem's mountpoint in order to change the key for a domain.

This function sets the variable pointed to by preply to one of the following values:

FS_CRYPTO_REPLY_BAD_KEY
One of the keys was invalid.
FS_CRYPTO_REPLY_COMPLETE
The key was successfully changed.
FS_CRYPTO_REPLY_ERRNO
See the error code for more information.
FS_CRYPTO_REPLY_INVALID
The command wasn't completed successfully.
FS_CRYPTO_REPLY_UNKNOWN_DOMAIN
There's no domain with the given number.

Returns:

EOK
Success.
EINVAL
Invalid arguments.
ENOMEM
Insufficient free memory.

This function can also return any of the errors indicated by devctl() or open().

Classification:

QNX Neutrino

Safety:  
Cancellation point Yes
Interrupt handler No
Signal handler No
Thread Yes