Lines Matching defs:auth_tok
448 * @auth_tok: authentication token
455 struct ecryptfs_auth_tok **auth_tok)
459 (*auth_tok) = ecryptfs_get_key_payload_data(auth_tok_key);
460 if (IS_ERR(*auth_tok)) {
461 rc = PTR_ERR(*auth_tok);
462 *auth_tok = NULL;
466 if (ecryptfs_verify_version((*auth_tok)->version)) {
474 if ((*auth_tok)->token_type != ECRYPTFS_PASSWORD
475 && (*auth_tok)->token_type != ECRYPTFS_PRIVATE_KEY) {
476 printk(KERN_ERR "Invalid auth_tok structure "
488 struct ecryptfs_auth_tok **auth_tok,
495 (*auth_tok) = NULL;
517 walker->global_auth_tok_key, auth_tok);
542 * @auth_tok: Set to the matching auth_tok; NULL if not found
544 * @sig: Sig of auth_tok to find
546 * For now, this function simply looks at the registered auth_tok's
549 * potentially try a lot harder to find auth_tok's (e.g., by calling
550 * out to ecryptfsd to dynamically retrieve an auth_tok object) so
551 * that static registration of auth_tok's will no longer be necessary.
558 struct ecryptfs_auth_tok **auth_tok,
564 rc = ecryptfs_find_global_auth_tok_for_sig(auth_tok_key, auth_tok,
576 rc = ecryptfs_keyring_auth_tok_for_sig(auth_tok_key, auth_tok,
598 struct ecryptfs_auth_tok *auth_tok;
637 &s->auth_tok, mount_crypt_stat,
738 if (s->auth_tok->token_type != ECRYPTFS_PASSWORD) {
763 (u8 *)s->auth_tok->token.password.session_key_encryption_key,
764 s->auth_tok->token.password.session_key_encryption_key_bytes,
818 s->auth_tok->token.password.session_key_encryption_key,
822 "rc = [%d]. s->auth_tok->token.password.session_key_"
826 s->auth_tok->token.password.session_key_encryption_key,
868 struct ecryptfs_auth_tok *auth_tok;
964 &s->auth_tok, mount_crypt_stat,
1026 if (s->auth_tok->token_type != ECRYPTFS_PASSWORD) {
1034 s->auth_tok->token.password.session_key_encryption_key,
1038 "rc = [%d]. s->auth_tok->token.password.session_key_"
1042 s->auth_tok->token.password.session_key_encryption_key,
1100 ecryptfs_get_auth_tok_sig(char **sig, struct ecryptfs_auth_tok *auth_tok)
1105 switch (auth_tok->token_type) {
1107 (*sig) = auth_tok->token.password.signature;
1110 (*sig) = auth_tok->token.private_key.signature;
1113 printk(KERN_ERR "Cannot get sig for auth_tok of type [%d]\n",
1114 auth_tok->token_type);
1121 * decrypt_pki_encrypted_session_key - Decrypt the session key with the given auth_tok.
1122 * @auth_tok: The key authentication token used to decrypt the session key
1128 decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
1139 rc = ecryptfs_get_auth_tok_sig(&auth_tok_sig, auth_tok);
1142 auth_tok->token_type);
1145 rc = write_tag_64_packet(auth_tok_sig, &(auth_tok->session_key),
1164 rc = parse_tag_65_packet(&(auth_tok->session_key),
1171 auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY;
1172 memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key,
1173 auth_tok->session_key.decrypted_key_size);
1174 crypt_stat->key_size = auth_tok->session_key.decrypted_key_size;
1272 (*new_auth_tok) = &auth_tok_list_item->auth_tok;
1406 (*new_auth_tok) = &auth_tok_list_item->auth_tok;
1612 struct ecryptfs_auth_tok **auth_tok,
1629 rc = ecryptfs_verify_auth_tok_from_key(*auth_tok_key, auth_tok);
1641 * decrypt_passphrase_encrypted_session_key - Decrypt the session key with the given auth_tok.
1642 * @auth_tok: The passphrase authentication token to use to encrypt the FEK
1648 decrypt_passphrase_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok,
1661 auth_tok->token.password.session_key_encryption_key_bytes);
1663 auth_tok->token.password.session_key_encryption_key,
1664 auth_tok->token.password.session_key_encryption_key_bytes);
1674 rc = virt_to_scatterlist(auth_tok->session_key.encrypted_key,
1675 auth_tok->session_key.encrypted_key_size,
1679 "auth_tok->session_key.encrypted_key to scatterlist; "
1681 "auth_tok->session_key.encrypted_key_size = [%d]\n", rc,
1682 auth_tok->session_key.encrypted_key_size);
1685 auth_tok->session_key.decrypted_key_size =
1686 auth_tok->session_key.encrypted_key_size;
1687 rc = virt_to_scatterlist(auth_tok->session_key.decrypted_key,
1688 auth_tok->session_key.decrypted_key_size,
1692 "auth_tok->session_key.decrypted_key to scatterlist; "
1710 tfm, auth_tok->token.password.session_key_encryption_key,
1719 auth_tok->session_key.encrypted_key_size,
1727 auth_tok->session_key.flags |= ECRYPTFS_CONTAINS_DECRYPTED_KEY;
1728 memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key,
1729 auth_tok->session_key.decrypted_key_size);
1863 * necessary to decrypt the EFEK in the auth_tok parsed from
1869 candidate_auth_tok = &auth_tok_list_item->auth_tok;
1934 == &auth_tok_list_item->auth_tok) {
1964 struct ecryptfs_auth_tok *auth_tok,
1974 rc = write_tag_66_packet(auth_tok->token.private_key.signature,
2011 * @auth_tok
2012 * @auth_tok: The authentication token used for generating the tag 1 packet
2022 struct key *auth_tok_key, struct ecryptfs_auth_tok *auth_tok,
2033 ecryptfs_from_hex(key_rec->sig, auth_tok->token.private_key.signature,
2038 auth_tok->session_key.encrypted_key[i];
2041 auth_tok->session_key.encrypted_key,
2042 auth_tok->session_key.encrypted_key_size);
2047 if (auth_tok->session_key.encrypted_key_size == 0)
2048 auth_tok->session_key.encrypted_key_size =
2049 auth_tok->token.private_key.key_size;
2050 rc = pki_encrypt_session_key(auth_tok_key, auth_tok, crypt_stat,
2167 * @auth_tok: Authentication token
2177 struct ecryptfs_auth_tok *auth_tok,
2197 ecryptfs_from_hex(key_rec->sig, auth_tok->token.password.signature,
2217 if (auth_tok->session_key.encrypted_key_size == 0)
2218 auth_tok->session_key.encrypted_key_size =
2223 auth_tok->session_key.encrypted_key_size = 32;
2225 auth_tok->session_key.encrypted_key_size = crypt_stat->key_size;
2227 auth_tok->session_key.encrypted_key_size;
2229 for (i = 0; i < auth_tok->session_key.encrypted_key_size; i++)
2231 auth_tok->session_key.encrypted_key[i];
2234 "using auth_tok->session_key.encrypted_key, "
2238 auth_tok->session_key.encrypted_key,
2242 if (auth_tok->token.password.flags &
2246 auth_tok->token.password.
2249 auth_tok->token.password.session_key_encryption_key,
2368 memcpy(&dest[(*packet_size)], auth_tok->token.password.salt,
2406 struct ecryptfs_auth_tok *auth_tok;
2427 &auth_tok,
2436 if (auth_tok->token_type == ECRYPTFS_PASSWORD) {
2438 &max, auth_tok,
2459 } else if (auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) {
2461 auth_tok_key, auth_tok,