int ceph_crypto_key_unarmor(struct ceph_crypto_key *key, const char *inkey) { int inlen = strlen(inkey); int blen = inlen * 3 / 4; void *buf, *p; int ret; dout("crypto_key_unarmor %s\n", inkey); buf = kmalloc(blen, GFP_NOFS); if (!buf) return -ENOMEM; blen = ceph_unarmor(buf, inkey, inkey+inlen); if (blen < 0) { kfree(buf); return blen; } p = buf; ret = ceph_crypto_key_decode(key, &p, p + blen); kfree(buf); if (ret) return ret; dout("crypto_key_unarmor key %p type %d len %d\n", key, key->type, key->len); return 0; }
static int add_secret_to_kernel(const char *secret, const char *key_name) { /* try to submit key to kernel via the keys api */ key_serial_t serial; int ret; int secret_len = strlen(secret); char payload[((secret_len * 3) / 4) + 4]; char error_buf[80]; ret = ceph_unarmor(payload, payload+sizeof(payload), secret, secret+secret_len); if (ret < 0) { fprintf(stderr, "secret is not valid base64: %s.\n", strerror_r(-ret, error_buf, sizeof(error_buf))); return ret; } serial = add_key("ceph", key_name, payload, sizeof(payload), KEY_SPEC_USER_KEYRING); if (serial < 0) { ret = -errno; fprintf(stderr, "error adding secret to kernel, key name %s: %s.\n", key_name, strerror_r(-ret, error_buf, sizeof(error_buf))); } return ret; }