1/*
 2 * ecryptfs_format.c: helper functions for the encrypted key type
 3 *
 4 * Copyright (C) 2006 International Business Machines Corp.
 5 * Copyright (C) 2010 Politecnico di Torino, Italy
 6 *                    TORSEC group -- http://security.polito.it
 7 *
 8 * Authors:
 9 * Michael A. Halcrow <mahalcro@us.ibm.com>
10 * Tyler Hicks <tyhicks@ou.edu>
11 * Roberto Sassu <roberto.sassu@polito.it>
12 *
13 * This program is free software; you can redistribute it and/or modify
14 * it under the terms of the GNU General Public License as published by
15 * the Free Software Foundation, version 2 of the License.
16 */
17
18#include <linux/module.h>
 
19#include "ecryptfs_format.h"
20
21u8 *ecryptfs_get_auth_tok_key(struct ecryptfs_auth_tok *auth_tok)
22{
23	return auth_tok->token.password.session_key_encryption_key;
24}
25EXPORT_SYMBOL(ecryptfs_get_auth_tok_key);
26
27/*
28 * ecryptfs_get_versions()
29 *
30 * Source code taken from the software 'ecryptfs-utils' version 83.
31 *
32 */
33void ecryptfs_get_versions(int *major, int *minor, int *file_version)
34{
35	*major = ECRYPTFS_VERSION_MAJOR;
36	*minor = ECRYPTFS_VERSION_MINOR;
37	if (file_version)
38		*file_version = ECRYPTFS_SUPPORTED_FILE_VERSION;
39}
40EXPORT_SYMBOL(ecryptfs_get_versions);
41
42/*
43 * ecryptfs_fill_auth_tok - fill the ecryptfs_auth_tok structure
44 *
45 * Fill the ecryptfs_auth_tok structure with required ecryptfs data.
46 * The source code is inspired to the original function generate_payload()
47 * shipped with the software 'ecryptfs-utils' version 83.
48 *
49 */
50int ecryptfs_fill_auth_tok(struct ecryptfs_auth_tok *auth_tok,
51			   const char *key_desc)
52{
53	int major, minor;
54
55	ecryptfs_get_versions(&major, &minor, NULL);
56	auth_tok->version = (((uint16_t)(major << 8) & 0xFF00)
57			     | ((uint16_t)minor & 0x00FF));
58	auth_tok->token_type = ECRYPTFS_PASSWORD;
59	strncpy((char *)auth_tok->token.password.signature, key_desc,
60		ECRYPTFS_PASSWORD_SIG_SIZE);
61	auth_tok->token.password.session_key_encryption_key_bytes =
62		ECRYPTFS_MAX_KEY_BYTES;
63	/*
64	 * Removed auth_tok->token.password.salt and
65	 * auth_tok->token.password.session_key_encryption_key
66	 * initialization from the original code
67	 */
68	/* TODO: Make the hash parameterizable via policy */
69	auth_tok->token.password.flags |=
70		ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET;
71	/* The kernel code will encrypt the session key. */
72	auth_tok->session_key.encrypted_key[0] = 0;
73	auth_tok->session_key.encrypted_key_size = 0;
74	/* Default; subject to change by kernel eCryptfs */
75	auth_tok->token.password.hash_algo = PGP_DIGEST_ALGO_SHA512;
76	auth_tok->token.password.flags &= ~(ECRYPTFS_PERSISTENT_PASSWORD);
77	return 0;
78}
79EXPORT_SYMBOL(ecryptfs_fill_auth_tok);
80
81MODULE_LICENSE("GPL");

 1// SPDX-License-Identifier: GPL-2.0-only
 2/*
 3 * ecryptfs_format.c: helper functions for the encrypted key type
 4 *
 5 * Copyright (C) 2006 International Business Machines Corp.
 6 * Copyright (C) 2010 Politecnico di Torino, Italy
 7 *                    TORSEC group -- https://security.polito.it
 8 *
 9 * Authors:
10 * Michael A. Halcrow <mahalcro@us.ibm.com>
11 * Tyler Hicks <tyhicks@ou.edu>
12 * Roberto Sassu <roberto.sassu@polito.it>
 
 
 
 
13 */
14
15#include <linux/export.h>
16#include <linux/string.h>
17#include "ecryptfs_format.h"
18
19u8 *ecryptfs_get_auth_tok_key(struct ecryptfs_auth_tok *auth_tok)
20{
21	return auth_tok->token.password.session_key_encryption_key;
22}
23EXPORT_SYMBOL(ecryptfs_get_auth_tok_key);
24
25/*
26 * ecryptfs_get_versions()
27 *
28 * Source code taken from the software 'ecryptfs-utils' version 83.
29 *
30 */
31void ecryptfs_get_versions(int *major, int *minor, int *file_version)
32{
33	*major = ECRYPTFS_VERSION_MAJOR;
34	*minor = ECRYPTFS_VERSION_MINOR;
35	if (file_version)
36		*file_version = ECRYPTFS_SUPPORTED_FILE_VERSION;
37}
38EXPORT_SYMBOL(ecryptfs_get_versions);
39
40/*
41 * ecryptfs_fill_auth_tok - fill the ecryptfs_auth_tok structure
42 *
43 * Fill the ecryptfs_auth_tok structure with required ecryptfs data.
44 * The source code is inspired to the original function generate_payload()
45 * shipped with the software 'ecryptfs-utils' version 83.
46 *
47 */
48int ecryptfs_fill_auth_tok(struct ecryptfs_auth_tok *auth_tok,
49			   const char *key_desc)
50{
51	int major, minor;
52
53	ecryptfs_get_versions(&major, &minor, NULL);
54	auth_tok->version = (((uint16_t)(major << 8) & 0xFF00)
55			     | ((uint16_t)minor & 0x00FF));
56	auth_tok->token_type = ECRYPTFS_PASSWORD;
57	strncpy((char *)auth_tok->token.password.signature, key_desc,
58		ECRYPTFS_PASSWORD_SIG_SIZE);
59	auth_tok->token.password.session_key_encryption_key_bytes =
60		ECRYPTFS_MAX_KEY_BYTES;
61	/*
62	 * Removed auth_tok->token.password.salt and
63	 * auth_tok->token.password.session_key_encryption_key
64	 * initialization from the original code
65	 */
66	/* TODO: Make the hash parameterizable via policy */
67	auth_tok->token.password.flags |=
68		ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET;
69	/* The kernel code will encrypt the session key. */
70	auth_tok->session_key.encrypted_key[0] = 0;
71	auth_tok->session_key.encrypted_key_size = 0;
72	/* Default; subject to change by kernel eCryptfs */
73	auth_tok->token.password.hash_algo = PGP_DIGEST_ALGO_SHA512;
74	auth_tok->token.password.flags &= ~(ECRYPTFS_PERSISTENT_PASSWORD);
75	return 0;
76}
77EXPORT_SYMBOL(ecryptfs_fill_auth_tok);