aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorRoberto Sassu <roberto.sassu@polito.it>2011-06-27 07:45:42 -0400
committerMimi Zohar <zohar@linux.vnet.ibm.com>2011-06-27 09:10:45 -0400
commit4e561d388feff18e4b798cef6a1a84a2cc7f20c2 (patch)
tree9208588c7d0e5e75766dd2c98e960840fdc8681e /include
parent7103dff0e598cd634767f17a2958302c515700ca (diff)
encrypted-keys: add key format support
This patch introduces a new parameter, called 'format', that defines the format of data stored by encrypted keys. The 'default' format identifies encrypted keys containing only the symmetric key, while other formats can be defined to support additional information. The 'format' parameter is written in the datablob produced by commands 'keyctl print' or 'keyctl pipe' and is integrity protected by the HMAC. Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Acked-by: Gianluca Ramunno <ramunno@polito.it> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Diffstat (limited to 'include')
-rw-r--r--include/keys/encrypted-type.h13
1 files changed, 11 insertions, 2 deletions
diff --git a/include/keys/encrypted-type.h b/include/keys/encrypted-type.h
index 95855017a32b..1d4541370a64 100644
--- a/include/keys/encrypted-type.h
+++ b/include/keys/encrypted-type.h
@@ -1,6 +1,11 @@
1/* 1/*
2 * Copyright (C) 2010 IBM Corporation 2 * Copyright (C) 2010 IBM Corporation
3 * Author: Mimi Zohar <zohar@us.ibm.com> 3 * Copyright (C) 2010 Politecnico di Torino, Italy
4 * TORSEC group -- http://security.polito.it
5 *
6 * Authors:
7 * Mimi Zohar <zohar@us.ibm.com>
8 * Roberto Sassu <roberto.sassu@polito.it>
4 * 9 *
5 * This program is free software; you can redistribute it and/or modify 10 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by 11 * it under the terms of the GNU General Public License as published by
@@ -15,13 +20,17 @@
15 20
16struct encrypted_key_payload { 21struct encrypted_key_payload {
17 struct rcu_head rcu; 22 struct rcu_head rcu;
23 char *format; /* datablob: format */
18 char *master_desc; /* datablob: master key name */ 24 char *master_desc; /* datablob: master key name */
19 char *datalen; /* datablob: decrypted key length */ 25 char *datalen; /* datablob: decrypted key length */
20 u8 *iv; /* datablob: iv */ 26 u8 *iv; /* datablob: iv */
21 u8 *encrypted_data; /* datablob: encrypted data */ 27 u8 *encrypted_data; /* datablob: encrypted data */
22 unsigned short datablob_len; /* length of datablob */ 28 unsigned short datablob_len; /* length of datablob */
23 unsigned short decrypted_datalen; /* decrypted data length */ 29 unsigned short decrypted_datalen; /* decrypted data length */
24 u8 decrypted_data[0]; /* decrypted data + datablob + hmac */ 30 unsigned short payload_datalen; /* payload data length */
31 unsigned short encrypted_key_format; /* encrypted key format */
32 u8 *decrypted_data; /* decrypted data */
33 u8 payload_data[0]; /* payload data + datablob + hmac */
25}; 34};
26 35
27extern struct key_type key_type_encrypted; 36extern struct key_type key_type_encrypted;