| Roberto Sassu | 79a73d1 | 2011-06-27 13:45:44 +0200 | [diff] [blame] | 1 | /* |
| 2 | * ecryptfs_format.c: helper functions for the encrypted key type |
| 3 | * |
| 4 | * Copyright (C) 2006 International Business Machines Corp. |
| 5 | * Copyright (C) 2010 Politecnico di Torino, Italy |
| 6 | * TORSEC group -- http://security.polito.it |
| 7 | * |
| 8 | * Authors: |
| 9 | * Michael A. Halcrow <mahalcro@us.ibm.com> |
| 10 | * Tyler Hicks <tyhicks@ou.edu> |
| 11 | * Roberto Sassu <roberto.sassu@polito.it> |
| 12 | * |
| 13 | * This program is free software; you can redistribute it and/or modify |
| 14 | * it under the terms of the GNU General Public License as published by |
| 15 | * the Free Software Foundation, version 2 of the License. |
| 16 | */ |
| 17 | |
| 18 | #include <linux/module.h> |
| 19 | #include "ecryptfs_format.h" |
| 20 | |
| 21 | u8 *ecryptfs_get_auth_tok_key(struct ecryptfs_auth_tok *auth_tok) |
| 22 | { |
| 23 | return auth_tok->token.password.session_key_encryption_key; |
| 24 | } |
| 25 | EXPORT_SYMBOL(ecryptfs_get_auth_tok_key); |
| 26 | |
| 27 | /* |
| 28 | * ecryptfs_get_versions() |
| 29 | * |
| 30 | * Source code taken from the software 'ecryptfs-utils' version 83. |
| 31 | * |
| 32 | */ |
| 33 | void ecryptfs_get_versions(int *major, int *minor, int *file_version) |
| 34 | { |
| 35 | *major = ECRYPTFS_VERSION_MAJOR; |
| 36 | *minor = ECRYPTFS_VERSION_MINOR; |
| 37 | if (file_version) |
| 38 | *file_version = ECRYPTFS_SUPPORTED_FILE_VERSION; |
| 39 | } |
| 40 | EXPORT_SYMBOL(ecryptfs_get_versions); |
| 41 | |
| 42 | /* |
| 43 | * ecryptfs_fill_auth_tok - fill the ecryptfs_auth_tok structure |
| 44 | * |
| 45 | * Fill the ecryptfs_auth_tok structure with required ecryptfs data. |
| 46 | * The source code is inspired to the original function generate_payload() |
| 47 | * shipped with the software 'ecryptfs-utils' version 83. |
| 48 | * |
| 49 | */ |
| 50 | int ecryptfs_fill_auth_tok(struct ecryptfs_auth_tok *auth_tok, |
| 51 | const char *key_desc) |
| 52 | { |
| 53 | int major, minor; |
| 54 | |
| 55 | ecryptfs_get_versions(&major, &minor, NULL); |
| 56 | auth_tok->version = (((uint16_t)(major << 8) & 0xFF00) |
| 57 | | ((uint16_t)minor & 0x00FF)); |
| 58 | auth_tok->token_type = ECRYPTFS_PASSWORD; |
| 59 | strncpy((char *)auth_tok->token.password.signature, key_desc, |
| 60 | ECRYPTFS_PASSWORD_SIG_SIZE); |
| 61 | auth_tok->token.password.session_key_encryption_key_bytes = |
| 62 | ECRYPTFS_MAX_KEY_BYTES; |
| 63 | /* |
| 64 | * Removed auth_tok->token.password.salt and |
| 65 | * auth_tok->token.password.session_key_encryption_key |
| 66 | * initialization from the original code |
| 67 | */ |
| 68 | /* TODO: Make the hash parameterizable via policy */ |
| 69 | auth_tok->token.password.flags |= |
| 70 | ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET; |
| 71 | /* The kernel code will encrypt the session key. */ |
| 72 | auth_tok->session_key.encrypted_key[0] = 0; |
| 73 | auth_tok->session_key.encrypted_key_size = 0; |
| 74 | /* Default; subject to change by kernel eCryptfs */ |
| 75 | auth_tok->token.password.hash_algo = PGP_DIGEST_ALGO_SHA512; |
| 76 | auth_tok->token.password.flags &= ~(ECRYPTFS_PERSISTENT_PASSWORD); |
| 77 | return 0; |
| 78 | } |
| 79 | EXPORT_SYMBOL(ecryptfs_fill_auth_tok); |
| 80 | |
| 81 | MODULE_LICENSE("GPL"); |