Commit | Line | Data |
---|---|---|
79a73d18 RS |
1 | /* |
2 | * ecryptfs_format.c: helper functions for the encrypted key type | |
3 | * | |
4 | * Copyright (C) 2006 International Business Machines Corp. | |
5 | * Copyright (C) 2010 Politecnico di Torino, Italy | |
6 | * TORSEC group -- http://security.polito.it | |
7 | * | |
8 | * Authors: | |
9 | * Michael A. Halcrow <mahalcro@us.ibm.com> | |
10 | * Tyler Hicks <tyhicks@ou.edu> | |
11 | * Roberto Sassu <roberto.sassu@polito.it> | |
12 | * | |
13 | * This program is free software; you can redistribute it and/or modify | |
14 | * it under the terms of the GNU General Public License as published by | |
15 | * the Free Software Foundation, version 2 of the License. | |
16 | */ | |
17 | ||
a7986080 PG |
18 | #include <linux/export.h> |
19 | #include <linux/string.h> | |
79a73d18 RS |
20 | #include "ecryptfs_format.h" |
21 | ||
22 | u8 *ecryptfs_get_auth_tok_key(struct ecryptfs_auth_tok *auth_tok) | |
23 | { | |
24 | return auth_tok->token.password.session_key_encryption_key; | |
25 | } | |
26 | EXPORT_SYMBOL(ecryptfs_get_auth_tok_key); | |
27 | ||
28 | /* | |
29 | * ecryptfs_get_versions() | |
30 | * | |
31 | * Source code taken from the software 'ecryptfs-utils' version 83. | |
32 | * | |
33 | */ | |
34 | void ecryptfs_get_versions(int *major, int *minor, int *file_version) | |
35 | { | |
36 | *major = ECRYPTFS_VERSION_MAJOR; | |
37 | *minor = ECRYPTFS_VERSION_MINOR; | |
38 | if (file_version) | |
39 | *file_version = ECRYPTFS_SUPPORTED_FILE_VERSION; | |
40 | } | |
41 | EXPORT_SYMBOL(ecryptfs_get_versions); | |
42 | ||
43 | /* | |
44 | * ecryptfs_fill_auth_tok - fill the ecryptfs_auth_tok structure | |
45 | * | |
46 | * Fill the ecryptfs_auth_tok structure with required ecryptfs data. | |
47 | * The source code is inspired to the original function generate_payload() | |
48 | * shipped with the software 'ecryptfs-utils' version 83. | |
49 | * | |
50 | */ | |
51 | int ecryptfs_fill_auth_tok(struct ecryptfs_auth_tok *auth_tok, | |
52 | const char *key_desc) | |
53 | { | |
54 | int major, minor; | |
55 | ||
56 | ecryptfs_get_versions(&major, &minor, NULL); | |
57 | auth_tok->version = (((uint16_t)(major << 8) & 0xFF00) | |
58 | | ((uint16_t)minor & 0x00FF)); | |
59 | auth_tok->token_type = ECRYPTFS_PASSWORD; | |
60 | strncpy((char *)auth_tok->token.password.signature, key_desc, | |
61 | ECRYPTFS_PASSWORD_SIG_SIZE); | |
62 | auth_tok->token.password.session_key_encryption_key_bytes = | |
63 | ECRYPTFS_MAX_KEY_BYTES; | |
64 | /* | |
65 | * Removed auth_tok->token.password.salt and | |
66 | * auth_tok->token.password.session_key_encryption_key | |
67 | * initialization from the original code | |
68 | */ | |
69 | /* TODO: Make the hash parameterizable via policy */ | |
70 | auth_tok->token.password.flags |= | |
71 | ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET; | |
72 | /* The kernel code will encrypt the session key. */ | |
73 | auth_tok->session_key.encrypted_key[0] = 0; | |
74 | auth_tok->session_key.encrypted_key_size = 0; | |
75 | /* Default; subject to change by kernel eCryptfs */ | |
76 | auth_tok->token.password.hash_algo = PGP_DIGEST_ALGO_SHA512; | |
77 | auth_tok->token.password.flags &= ~(ECRYPTFS_PERSISTENT_PASSWORD); | |
78 | return 0; | |
79 | } | |
80 | EXPORT_SYMBOL(ecryptfs_fill_auth_tok); |