162306a36Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0-only 262306a36Sopenharmony_ci/* 362306a36Sopenharmony_ci * ecryptfs_format.c: helper functions for the encrypted key type 462306a36Sopenharmony_ci * 562306a36Sopenharmony_ci * Copyright (C) 2006 International Business Machines Corp. 662306a36Sopenharmony_ci * Copyright (C) 2010 Politecnico di Torino, Italy 762306a36Sopenharmony_ci * TORSEC group -- https://security.polito.it 862306a36Sopenharmony_ci * 962306a36Sopenharmony_ci * Authors: 1062306a36Sopenharmony_ci * Michael A. Halcrow <mahalcro@us.ibm.com> 1162306a36Sopenharmony_ci * Tyler Hicks <tyhicks@ou.edu> 1262306a36Sopenharmony_ci * Roberto Sassu <roberto.sassu@polito.it> 1362306a36Sopenharmony_ci */ 1462306a36Sopenharmony_ci 1562306a36Sopenharmony_ci#include <linux/export.h> 1662306a36Sopenharmony_ci#include <linux/string.h> 1762306a36Sopenharmony_ci#include "ecryptfs_format.h" 1862306a36Sopenharmony_ci 1962306a36Sopenharmony_ciu8 *ecryptfs_get_auth_tok_key(struct ecryptfs_auth_tok *auth_tok) 2062306a36Sopenharmony_ci{ 2162306a36Sopenharmony_ci return auth_tok->token.password.session_key_encryption_key; 2262306a36Sopenharmony_ci} 2362306a36Sopenharmony_ciEXPORT_SYMBOL(ecryptfs_get_auth_tok_key); 2462306a36Sopenharmony_ci 2562306a36Sopenharmony_ci/* 2662306a36Sopenharmony_ci * ecryptfs_get_versions() 2762306a36Sopenharmony_ci * 2862306a36Sopenharmony_ci * Source code taken from the software 'ecryptfs-utils' version 83. 2962306a36Sopenharmony_ci * 3062306a36Sopenharmony_ci */ 3162306a36Sopenharmony_civoid ecryptfs_get_versions(int *major, int *minor, int *file_version) 3262306a36Sopenharmony_ci{ 3362306a36Sopenharmony_ci *major = ECRYPTFS_VERSION_MAJOR; 3462306a36Sopenharmony_ci *minor = ECRYPTFS_VERSION_MINOR; 3562306a36Sopenharmony_ci if (file_version) 3662306a36Sopenharmony_ci *file_version = ECRYPTFS_SUPPORTED_FILE_VERSION; 3762306a36Sopenharmony_ci} 3862306a36Sopenharmony_ciEXPORT_SYMBOL(ecryptfs_get_versions); 3962306a36Sopenharmony_ci 4062306a36Sopenharmony_ci/* 4162306a36Sopenharmony_ci * ecryptfs_fill_auth_tok - fill the ecryptfs_auth_tok structure 4262306a36Sopenharmony_ci * 4362306a36Sopenharmony_ci * Fill the ecryptfs_auth_tok structure with required ecryptfs data. 4462306a36Sopenharmony_ci * The source code is inspired to the original function generate_payload() 4562306a36Sopenharmony_ci * shipped with the software 'ecryptfs-utils' version 83. 4662306a36Sopenharmony_ci * 4762306a36Sopenharmony_ci */ 4862306a36Sopenharmony_ciint ecryptfs_fill_auth_tok(struct ecryptfs_auth_tok *auth_tok, 4962306a36Sopenharmony_ci const char *key_desc) 5062306a36Sopenharmony_ci{ 5162306a36Sopenharmony_ci int major, minor; 5262306a36Sopenharmony_ci 5362306a36Sopenharmony_ci ecryptfs_get_versions(&major, &minor, NULL); 5462306a36Sopenharmony_ci auth_tok->version = (((uint16_t)(major << 8) & 0xFF00) 5562306a36Sopenharmony_ci | ((uint16_t)minor & 0x00FF)); 5662306a36Sopenharmony_ci auth_tok->token_type = ECRYPTFS_PASSWORD; 5762306a36Sopenharmony_ci strncpy((char *)auth_tok->token.password.signature, key_desc, 5862306a36Sopenharmony_ci ECRYPTFS_PASSWORD_SIG_SIZE); 5962306a36Sopenharmony_ci auth_tok->token.password.session_key_encryption_key_bytes = 6062306a36Sopenharmony_ci ECRYPTFS_MAX_KEY_BYTES; 6162306a36Sopenharmony_ci /* 6262306a36Sopenharmony_ci * Removed auth_tok->token.password.salt and 6362306a36Sopenharmony_ci * auth_tok->token.password.session_key_encryption_key 6462306a36Sopenharmony_ci * initialization from the original code 6562306a36Sopenharmony_ci */ 6662306a36Sopenharmony_ci /* TODO: Make the hash parameterizable via policy */ 6762306a36Sopenharmony_ci auth_tok->token.password.flags |= 6862306a36Sopenharmony_ci ECRYPTFS_SESSION_KEY_ENCRYPTION_KEY_SET; 6962306a36Sopenharmony_ci /* The kernel code will encrypt the session key. */ 7062306a36Sopenharmony_ci auth_tok->session_key.encrypted_key[0] = 0; 7162306a36Sopenharmony_ci auth_tok->session_key.encrypted_key_size = 0; 7262306a36Sopenharmony_ci /* Default; subject to change by kernel eCryptfs */ 7362306a36Sopenharmony_ci auth_tok->token.password.hash_algo = PGP_DIGEST_ALGO_SHA512; 7462306a36Sopenharmony_ci auth_tok->token.password.flags &= ~(ECRYPTFS_PERSISTENT_PASSWORD); 7562306a36Sopenharmony_ci return 0; 7662306a36Sopenharmony_ci} 7762306a36Sopenharmony_ciEXPORT_SYMBOL(ecryptfs_fill_auth_tok); 78