Lines Matching refs:epayload
272 static char *datablob_format(struct encrypted_key_payload *epayload, in datablob_format() argument
276 u8 *iv = epayload->iv; in datablob_format()
287 len = sprintf(ascii_buf, "%s %s %s ", epayload->format, in datablob_format()
288 epayload->master_desc, epayload->datalen); in datablob_format()
390 static struct key *request_master_key(struct encrypted_key_payload *epayload, in request_master_key() argument
395 if (!strncmp(epayload->master_desc, KEY_TRUSTED_PREFIX, in request_master_key()
397 mkey = request_trusted_key(epayload->master_desc + in request_master_key()
400 } else if (!strncmp(epayload->master_desc, KEY_USER_PREFIX, in request_master_key()
402 mkey = request_user_key(epayload->master_desc + in request_master_key()
413 epayload->master_desc); in request_master_key()
416 epayload->master_desc); in request_master_key()
426 static int derived_key_encrypt(struct encrypted_key_payload *epayload, in derived_key_encrypt() argument
438 encrypted_datalen = roundup(epayload->decrypted_datalen, blksize); in derived_key_encrypt()
444 dump_decrypted_data(epayload); in derived_key_encrypt()
447 sg_set_buf(&sg_in[0], epayload->decrypted_data, in derived_key_encrypt()
448 epayload->decrypted_datalen); in derived_key_encrypt()
452 sg_set_buf(sg_out, epayload->encrypted_data, encrypted_datalen); in derived_key_encrypt()
454 memcpy(iv, epayload->iv, sizeof(iv)); in derived_key_encrypt()
463 dump_encrypted_data(epayload, encrypted_datalen); in derived_key_encrypt()
468 static int datablob_hmac_append(struct encrypted_key_payload *epayload, in datablob_hmac_append() argument
479 digest = epayload->format + epayload->datablob_len; in datablob_hmac_append()
481 epayload->format, epayload->datablob_len, in datablob_hmac_append()
490 static int datablob_hmac_verify(struct encrypted_key_payload *epayload, in datablob_hmac_verify() argument
504 len = epayload->datablob_len; in datablob_hmac_verify()
506 p = epayload->master_desc; in datablob_hmac_verify()
507 len -= strlen(epayload->format) + 1; in datablob_hmac_verify()
509 p = epayload->format; in datablob_hmac_verify()
513 ret = crypto_memneq(digest, epayload->format + epayload->datablob_len, in datablob_hmac_verify()
518 epayload->format + epayload->datablob_len, in datablob_hmac_verify()
527 static int derived_key_decrypt(struct encrypted_key_payload *epayload, in derived_key_decrypt() argument
545 encrypted_datalen = roundup(epayload->decrypted_datalen, blksize); in derived_key_decrypt()
550 dump_encrypted_data(epayload, encrypted_datalen); in derived_key_decrypt()
554 sg_set_buf(sg_in, epayload->encrypted_data, encrypted_datalen); in derived_key_decrypt()
555 sg_set_buf(&sg_out[0], epayload->decrypted_data, in derived_key_decrypt()
556 epayload->decrypted_datalen); in derived_key_decrypt()
559 memcpy(iv, epayload->iv, sizeof(iv)); in derived_key_decrypt()
567 dump_decrypted_data(epayload); in derived_key_decrypt()
580 struct encrypted_key_payload *epayload = NULL; in encrypted_key_alloc() local
643 epayload = kzalloc(sizeof(*epayload) + payload_datalen + in encrypted_key_alloc()
645 if (!epayload) in encrypted_key_alloc()
648 epayload->payload_datalen = payload_datalen; in encrypted_key_alloc()
649 epayload->decrypted_datalen = decrypted_datalen; in encrypted_key_alloc()
650 epayload->datablob_len = datablob_len; in encrypted_key_alloc()
651 return epayload; in encrypted_key_alloc()
654 static int encrypted_key_decrypt(struct encrypted_key_payload *epayload, in encrypted_key_decrypt() argument
667 encrypted_datalen = roundup(epayload->decrypted_datalen, blksize); in encrypted_key_decrypt()
673 ret = hex2bin(epayload->iv, hex_encoded_iv, ivsize); in encrypted_key_decrypt()
676 ret = hex2bin(epayload->encrypted_data, hex_encoded_data, in encrypted_key_decrypt()
681 hmac = epayload->format + epayload->datablob_len; in encrypted_key_decrypt()
687 mkey = request_master_key(epayload, &master_key, &master_keylen); in encrypted_key_decrypt()
691 ret = datablob_hmac_verify(epayload, format, master_key, master_keylen); in encrypted_key_decrypt()
701 ret = derived_key_decrypt(epayload, derived_key, sizeof derived_key); in encrypted_key_decrypt()
711 static void __ekey_init(struct encrypted_key_payload *epayload, in __ekey_init() argument
718 epayload->format = epayload->payload_data + epayload->payload_datalen; in __ekey_init()
719 epayload->master_desc = epayload->format + format_len + 1; in __ekey_init()
720 epayload->datalen = epayload->master_desc + strlen(master_desc) + 1; in __ekey_init()
721 epayload->iv = epayload->datalen + strlen(datalen) + 1; in __ekey_init()
722 epayload->encrypted_data = epayload->iv + ivsize + 1; in __ekey_init()
723 epayload->decrypted_data = epayload->payload_data; in __ekey_init()
726 memcpy(epayload->format, key_format_default, format_len); in __ekey_init()
729 epayload->decrypted_data = in __ekey_init()
730 ecryptfs_get_auth_tok_key((struct ecryptfs_auth_tok *)epayload->payload_data); in __ekey_init()
732 memcpy(epayload->format, format, format_len); in __ekey_init()
735 memcpy(epayload->master_desc, master_desc, strlen(master_desc)); in __ekey_init()
736 memcpy(epayload->datalen, datalen, strlen(datalen)); in __ekey_init()
746 static int encrypted_init(struct encrypted_key_payload *epayload, in encrypted_init() argument
758 ecryptfs_fill_auth_tok((struct ecryptfs_auth_tok *)epayload->payload_data, in encrypted_init()
762 __ekey_init(epayload, format, master_desc, datalen); in encrypted_init()
764 ret = encrypted_key_decrypt(epayload, format, hex_encoded_iv); in encrypted_init()
766 get_random_bytes(epayload->iv, ivsize); in encrypted_init()
767 ret = hex2bin(epayload->decrypted_data, decrypted_data, in encrypted_init()
768 epayload->decrypted_datalen); in encrypted_init()
770 get_random_bytes(epayload->iv, ivsize); in encrypted_init()
771 get_random_bytes(epayload->decrypted_data, epayload->decrypted_datalen); in encrypted_init()
789 struct encrypted_key_payload *epayload = NULL; in encrypted_instantiate() local
812 epayload = encrypted_key_alloc(key, format, master_desc, in encrypted_instantiate()
814 if (IS_ERR(epayload)) { in encrypted_instantiate()
815 ret = PTR_ERR(epayload); in encrypted_instantiate()
818 ret = encrypted_init(epayload, key->description, format, master_desc, in encrypted_instantiate()
821 kfree_sensitive(epayload); in encrypted_instantiate()
825 rcu_assign_keypointer(key, epayload); in encrypted_instantiate()
833 struct encrypted_key_payload *epayload; in encrypted_rcu_free() local
835 epayload = container_of(rcu, struct encrypted_key_payload, rcu); in encrypted_rcu_free()
836 kfree_sensitive(epayload); in encrypted_rcu_free()
850 struct encrypted_key_payload *epayload = key->payload.data[0]; in encrypted_update() local
873 ret = valid_master_desc(new_master_desc, epayload->master_desc); in encrypted_update()
877 new_epayload = encrypted_key_alloc(key, epayload->format, in encrypted_update()
878 new_master_desc, epayload->datalen, NULL); in encrypted_update()
884 __ekey_init(new_epayload, epayload->format, new_master_desc, in encrypted_update()
885 epayload->datalen); in encrypted_update()
887 memcpy(new_epayload->iv, epayload->iv, ivsize); in encrypted_update()
888 memcpy(new_epayload->payload_data, epayload->payload_data, in encrypted_update()
889 epayload->payload_datalen); in encrypted_update()
892 call_rcu(&epayload->rcu, encrypted_rcu_free); in encrypted_update()
909 struct encrypted_key_payload *epayload; in encrypted_read() local
918 epayload = dereference_key_locked(key); in encrypted_read()
921 asciiblob_len = epayload->datablob_len + ivsize + 1 in encrypted_read()
922 + roundup(epayload->decrypted_datalen, blksize) in encrypted_read()
928 mkey = request_master_key(epayload, &master_key, &master_keylen); in encrypted_read()
936 ret = derived_key_encrypt(epayload, derived_key, sizeof derived_key); in encrypted_read()
940 ret = datablob_hmac_append(epayload, master_key, master_keylen); in encrypted_read()
944 ascii_buf = datablob_format(epayload, asciiblob_len); in encrypted_read()