int e4crypt_delete_user_key(const char *user_handle) { SLOGD("e4crypt_delete_user_key(\"%s\")", user_handle); auto key_path = get_key_path(DATA_MNT_POINT, user_handle); auto key = e4crypt_get_key(key_path, false); auto ext4_key = fill_key(key); auto ref = keyname(generate_key_ref(ext4_key.raw, ext4_key.size)); auto key_serial = keyctl_search(e4crypt_keyring(), "logon", ref.c_str(), 0); if (keyctl_revoke(key_serial) == 0) { SLOGD("Revoked key with serial %ld ref %s\n", key_serial, ref.c_str()); } else { SLOGE("Failed to revoke key with serial %ld ref %s: %s\n", key_serial, ref.c_str(), strerror(errno)); } int pid = fork(); if (pid < 0) { SLOGE("Unable to fork: %s", strerror(errno)); return -1; } if (pid == 0) { SLOGD("Forked for secdiscard"); execl("/system/bin/secdiscard", "/system/bin/secdiscard", key_path.c_str(), NULL); SLOGE("Unable to launch secdiscard on %s: %s\n", key_path.c_str(), strerror(errno)); exit(-1); } // ext4enc:TODO reap the zombie return 0; }
static int e4crypt_set_user_policy(const char *mount_path, const char *user_handle, const char *path, bool create_if_absent) { SLOGD("e4crypt_set_user_policy for %s", user_handle); auto user_key = e4crypt_get_key( get_key_path(mount_path, user_handle), create_if_absent); if (user_key.empty()) { return -1; } auto raw_ref = e4crypt_install_key(user_key); if (raw_ref.empty()) { return -1; } return do_policy_set(path, raw_ref.c_str(), raw_ref.size()); }
static _noreturn_ void add_keys(char **keys, int count) { /* command + end-of-opts + NULL + keys */ const char *home_dir = get_home_dir(); char *args[count + 3]; int i; args[0] = "/usr/bin/ssh-add"; args[1] = "--"; for (i = 0; i < count; i++) args[2 + i] = get_key_path(home_dir, keys[i]); args[2 + count] = NULL; execv(args[0], args); err(EXIT_FAILURE, "failed to launch ssh-add"); }
wchar_t *get_full_key_pathW(HKEY registry, const wchar_t *in, PKEY_NAME_INFORMATION keybuf, unsigned int len) { OBJECT_ATTRIBUTES objattr; UNICODE_STRING keystr; const wchar_t *p; wchar_t *u; wchar_t *ret; unsigned short idx = 0; memset(&objattr, 0, sizeof(objattr)); keystr.Buffer = calloc(1, MAX_KEY_BUFLEN); keystr.MaximumLength = MAX_KEY_BUFLEN; objattr.ObjectName = &keystr; if (in) { for (p = in, u = keystr.Buffer; *p && idx < (MAX_KEY_BUFLEN / sizeof(wchar_t) - 1); p++, u++, idx++) { *u = *p; // normalize duplicate backslashes in the user-provided string as the registry APIs will use them without error if (*p == L'\\') { while (*(p + 1) == L'\\') p++; } } keystr.Length = idx * sizeof(wchar_t); } else { keystr.Buffer[0] = L'\0'; keystr.Length = 0; } objattr.RootDirectory = registry; ret = get_key_path(&objattr, keybuf, len); free(keystr.Buffer); return ret; }