cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

ecryptfs_format.c (2466B)

      1// SPDX-License-Identifier: GPL-2.0-only
      2/*
      3 * ecryptfs_format.c: helper functions for the encrypted key type
      4 *
      5 * Copyright (C) 2006 International Business Machines Corp.
      6 * Copyright (C) 2010 Politecnico di Torino, Italy
      7 *                    TORSEC group -- https://security.polito.it
      8 *
      9 * Authors:
     10 * Michael A. Halcrow <mahalcro@us.ibm.com>
     11 * Tyler Hicks <tyhicks@ou.edu>
     12 * Roberto Sassu <roberto.sassu@polito.it>
     13 */
     14
     15#include <linux/export.h>
     16#include <linux/string.h>
     17#include "ecryptfs_format.h"
     18
     19u8 *ecryptfs_get_auth_tok_key(struct ecryptfs_auth_tok *auth_tok)
     20{
     21	return auth_tok->token.password.session_key_encryption_key;
     22}
     23EXPORT_SYMBOL(ecryptfs_get_auth_tok_key);
     24
     25/*
     26 * ecryptfs_get_versions()
     27 *
     28 * Source code taken from the software 'ecryptfs-utils' version 83.
     29 *
     30 */
     31void ecryptfs_get_versions(int *major, int *minor, int *file_version)
     32{
     33	*major = ECRYPTFS_VERSION_MAJOR;
     34	*minor = ECRYPTFS_VERSION_MINOR;
     35	if (file_version)
     36		*file_version = ECRYPTFS_SUPPORTED_FILE_VERSION;
     37}
     38EXPORT_SYMBOL(ecryptfs_get_versions);
     39
     40/*
     41 * ecryptfs_fill_auth_tok - fill the ecryptfs_auth_tok structure
     42 *
     43 * Fill the ecryptfs_auth_tok structure with required ecryptfs data.
     44 * The source code is inspired to the original function generate_payload()
     45 * shipped with the software 'ecryptfs-utils' version 83.
     46 *
     47 */
     48int ecryptfs_fill_auth_tok(struct ecryptfs_auth_tok *auth_tok,
     49			   const char *key_desc)
     50{
     51	int major, minor;
     52
     53	ecryptfs_get_versions(&major, &minor, NULL);
     54	auth_tok->version = (((uint16_t)(major << 8) & 0xFF00)
     55			     | ((uint16_t)minor & 0x00FF));
     56	auth_tok->token_type = ECRYPTFS_PASSWORD;
     57	strncpy((char *)auth_tok->token.password.signature, key_desc,
     58		ECRYPTFS_PASSWORD_SIG_SIZE);
     59	auth_tok->token.password.session_key_encryption_key_bytes =
     60		ECRYPTFS_MAX_KEY_BYTES;
     61	/*
     62	 * Removed auth_tok->token.password.salt and
     63	 * auth_tok->token.password.session_key_encryption_key
     64	 * initialization from the original code
     65	 */
     66	/* TODO: Make the hash parameterizable via policy */
     67	auth_tok->token.password.flags |=
     68		ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET;
     69	/* The kernel code will encrypt the session key. */
     70	auth_tok->session_key.encrypted_key[0] = 0;
     71	auth_tok->session_key.encrypted_key_size = 0;
     72	/* Default; subject to change by kernel eCryptfs */
     73	auth_tok->token.password.hash_algo = PGP_DIGEST_ALGO_SHA512;
     74	auth_tok->token.password.flags &= ~(ECRYPTFS_PERSISTENT_PASSWORD);
     75	return 0;
     76}
     77EXPORT_SYMBOL(ecryptfs_fill_auth_tok);