에프에이리눅스 / fullcycle-jenkins-joy

Blame view

kernel/linux-rt-4.4.41/security/keys/encrypted-keys/ecryptfs_format.c 2.57 KB
edit raw normal view history
5113f6f70   김현기   kernel add 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
  /*
   * ecryptfs_format.c: helper functions for the encrypted key type
   *
   * Copyright (C) 2006 International Business Machines Corp.
   * Copyright (C) 2010 Politecnico di Torino, Italy
   *                    TORSEC group -- http://security.polito.it
   *
   * Authors:
   * Michael A. Halcrow <mahalcro@us.ibm.com>
   * Tyler Hicks <tyhicks@ou.edu>
   * Roberto Sassu <roberto.sassu@polito.it>
   *
   * This program is free software; you can redistribute it and/or modify
   * it under the terms of the GNU General Public License as published by
   * the Free Software Foundation, version 2 of the License.
   */
  
  #include <linux/module.h>
  #include "ecryptfs_format.h"
  
  u8 *ecryptfs_get_auth_tok_key(struct ecryptfs_auth_tok *auth_tok)
  {
  	return auth_tok->token.password.session_key_encryption_key;
  }
  EXPORT_SYMBOL(ecryptfs_get_auth_tok_key);
  
  /*
   * ecryptfs_get_versions()
   *
   * Source code taken from the software 'ecryptfs-utils' version 83.
   *
   */
  void ecryptfs_get_versions(int *major, int *minor, int *file_version)
  {
  	*major = ECRYPTFS_VERSION_MAJOR;
  	*minor = ECRYPTFS_VERSION_MINOR;
  	if (file_version)
  		*file_version = ECRYPTFS_SUPPORTED_FILE_VERSION;
  }
  EXPORT_SYMBOL(ecryptfs_get_versions);
  
  /*
   * ecryptfs_fill_auth_tok - fill the ecryptfs_auth_tok structure
   *
   * Fill the ecryptfs_auth_tok structure with required ecryptfs data.
   * The source code is inspired to the original function generate_payload()
   * shipped with the software 'ecryptfs-utils' version 83.
   *
   */
  int ecryptfs_fill_auth_tok(struct ecryptfs_auth_tok *auth_tok,
  			   const char *key_desc)
  {
  	int major, minor;
  
  	ecryptfs_get_versions(&major, &minor, NULL);
  	auth_tok->version = (((uint16_t)(major << 8) & 0xFF00)
  			     | ((uint16_t)minor & 0x00FF));
  	auth_tok->token_type = ECRYPTFS_PASSWORD;
  	strncpy((char *)auth_tok->token.password.signature, key_desc,
  		ECRYPTFS_PASSWORD_SIG_SIZE);
  	auth_tok->token.password.session_key_encryption_key_bytes =
  		ECRYPTFS_MAX_KEY_BYTES;
  	/*
  	 * Removed auth_tok->token.password.salt and
  	 * auth_tok->token.password.session_key_encryption_key
  	 * initialization from the original code
  	 */
  	/* TODO: Make the hash parameterizable via policy */
  	auth_tok->token.password.flags |=
  		ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET;
  	/* The kernel code will encrypt the session key. */
  	auth_tok->session_key.encrypted_key[0] = 0;
  	auth_tok->session_key.encrypted_key_size = 0;
  	/* Default; subject to change by kernel eCryptfs */
  	auth_tok->token.password.hash_algo = PGP_DIGEST_ALGO_SHA512;
  	auth_tok->token.password.flags &= ~(ECRYPTFS_PERSISTENT_PASSWORD);
  	return 0;
  }
  EXPORT_SYMBOL(ecryptfs_fill_auth_tok);
  
  MODULE_LICENSE("GPL");