int ceph_crypto_key_unarmor(struct ceph_crypto_key *key, const char *inkey)
{
int inlen = strlen(inkey);
int blen = inlen * 3 / 4;
void *buf, *p;
int ret;
dout("crypto_key_unarmor %s\n", inkey);
buf = kmalloc(blen, GFP_NOFS);
if (!buf)
return -ENOMEM;
blen = ceph_unarmor(buf, inkey, inkey+inlen);
if (blen < 0) {
kfree(buf);
return blen;
}
p = buf;
ret = ceph_crypto_key_decode(key, &p, p + blen);
kfree(buf);
if (ret)
return ret;
dout("crypto_key_unarmor key %p type %d len %d\n", key,
key->type, key->len);
return 0;
}
static int add_secret_to_kernel(const char *secret, const char *key_name)
{
/* try to submit key to kernel via the keys api */
key_serial_t serial;
int ret;
int secret_len = strlen(secret);
char payload[((secret_len * 3) / 4) + 4];
char error_buf[80];
ret = ceph_unarmor(payload, payload+sizeof(payload), secret, secret+secret_len);
if (ret < 0) {
fprintf(stderr, "secret is not valid base64: %s.\n",
strerror_r(-ret, error_buf, sizeof(error_buf)));
return ret;
}
serial = add_key("ceph", key_name, payload, sizeof(payload), KEY_SPEC_USER_KEYRING);
if (serial < 0) {
ret = -errno;
fprintf(stderr, "error adding secret to kernel, key name %s: %s.\n",
key_name, strerror_r(-ret, error_buf, sizeof(error_buf)));
}
return ret;
}
