C++ (Cpp) keyctl_search примеры использования

Пример #1

Файл: Ext4Crypt.cpp Проект: Cibernoid/cibernoid-vold

int e4crypt_delete_user_key(const char *user_handle) {
    SLOGD("e4crypt_delete_user_key(\"%s\")", user_handle);
    auto key_path = get_key_path(DATA_MNT_POINT, user_handle);
    auto key = e4crypt_get_key(key_path, false);
    auto ext4_key = fill_key(key);
    auto ref = keyname(generate_key_ref(ext4_key.raw, ext4_key.size));
    auto key_serial = keyctl_search(e4crypt_keyring(), "logon", ref.c_str(), 0);
    if (keyctl_revoke(key_serial) == 0) {
        SLOGD("Revoked key with serial %ld ref %s\n", key_serial, ref.c_str());
    } else {
        SLOGE("Failed to revoke key with serial %ld ref %s: %s\n",
            key_serial, ref.c_str(), strerror(errno));
    }
    int pid = fork();
    if (pid < 0) {
        SLOGE("Unable to fork: %s", strerror(errno));
        return -1;
    }
    if (pid == 0) {
        SLOGD("Forked for secdiscard");
        execl("/system/bin/secdiscard",
            "/system/bin/secdiscard",
            key_path.c_str(),
            NULL);
        SLOGE("Unable to launch secdiscard on %s: %s\n", key_path.c_str(),
            strerror(errno));
        exit(-1);
    }
    // ext4enc:TODO reap the zombie
    return 0;
}

Пример #2

Файл: reauthorize.c Проект: BillTheBest/cockpit

static int
lookup_reauthorize_secret (const char *user,
                           char **secret)
{
  char *buffer = NULL;
  char *name = NULL;
  key_serial_t key;
  int ret;

  if (asprintf (&name, "reauthorize/secret/%s", user) < 0)
    {
      message ("failed to allocate secret name");
      ret = -ENOMEM;
      goto out;
    }

  key = keyctl_search (KEY_SPEC_SESSION_KEYRING, "user", name, 0);
  if (key < 0)
    {
      /* missing key is not an error */
      if (errno == ENOKEY)
        {
          ret = 0;
          *secret = NULL;
          goto out;
        }

      ret = -errno;
      message ("failed to lookup reauthorize secret key: %s: %m", name);
      goto out;
    }

  if (keyctl_describe_alloc (key, &buffer) < 0)
    {
      ret = -errno;
      message ("couldn't describe reauthorize secret key: %s: %m", name);
      goto out;
    }
  if (strncmp (buffer, "user;0;0;001f0000;", 18) != 0)
    {
      ret = -EPERM;
      message ("kernel reauthorize secret key has invalid permissions: %s: %s", name, buffer);
      goto out;
    }

  /* null-terminates */
  if (keyctl_read_alloc (key, (void **)secret) < 0)
    {
      ret = -errno;
      message ("couldn't read kernel reauthorize secret key: %s: %m", name);
      goto out;
    }

  ret = 0;

out:
  free (buffer);
  free (name);
  return ret;
}

Пример #3

Файл: key_management.c Проект: defreez/thesis-ics-external-libecryptfs

int ecryptfs_add_auth_tok_to_keyring(struct ecryptfs_auth_tok *auth_tok,
				     char *auth_tok_sig)
{
	int rc;

	rc = (int)keyctl_search(KEY_SPEC_USER_KEYRING, "user", auth_tok_sig, 0);
	if (rc != -1) { /* we already have this key in keyring; we're done */
		rc = 1;
		goto out;
	} else if ((rc == -1) && (errno != ENOKEY)) {
		int errnum = errno;

		syslog(LOG_ERR, "keyctl_search failed: %m errno=[%d]\n",
		       errnum);
		rc = (errnum < 0) ? errnum : errnum * -1;
		goto out;
	}
	rc = add_key("user", auth_tok_sig, (void *)auth_tok,
		     sizeof(struct ecryptfs_auth_tok), KEY_SPEC_USER_KEYRING);
	if (rc == -1) {
		rc = -errno;
		syslog(LOG_ERR, "Error adding key with sig [%s]; rc = [%d] "
		       "\"%m\"\n", auth_tok_sig, rc);
		if (rc == -EDQUOT)
			syslog(LOG_WARNING, "Error adding key to keyring - keyring is full\n");
		goto out;
	}
	rc = 0;
out:
	return rc;
}

Пример #4

Файл: rpmku.c Проект: cmjonze/rpm5_tarballs

rpmRC rpmkuFindPubkey(pgpDigParams sigp, /*@out@*/ rpmiob * iobp)
{
    if (iobp != NULL)
	*iobp = NULL;

#if defined(HAVE_KEYUTILS_H)
    if (_kuCache) {
/*@observer@*/
	static const char krprefix[] = "rpm:gpg:pubkey:";
	key_serial_t keyring = (key_serial_t) _kuKeyring;
	char krfp[32];
	char * krn = (char *) alloca(strlen(krprefix) + sizeof("12345678"));
	long key;
	int xx;

	(void) snprintf(krfp, sizeof(krfp), "%08X", pgpGrab(sigp->signid+4, 4));
	krfp[sizeof(krfp)-1] = '\0';
	*krn = '\0';
	(void) stpcpy( stpcpy(krn, krprefix), krfp);

	key = keyctl_search(keyring, "user", krn, 0);
	xx = keyctl_read(key, NULL, 0);
	if (xx > 0) {
	    rpmiob iob = rpmiobNew(xx);
	    xx = keyctl_read(key, (char *)iob->b, iob->blen);
	    if (xx > 0) {
#ifdef	NOTYET
		pubkeysource = xstrdup(krn);
		_kuCache = 0;	/* XXX don't bother caching. */
#endif
	    } else
		iob = rpmiobFree(iob);

	    if (iob != NULL && iobp != NULL) {
		*iobp = iob;
		return RPMRC_OK;
	    } else {
		iob = rpmiobFree(iob);
		return RPMRC_NOTFOUND;
	    }
	} else
	    return RPMRC_NOTFOUND;
    } else
#endif	/* HAVE_KEYUTILS_H */
    return RPMRC_NOTFOUND;
}

Пример #5

Файл: rpmku.c Проект: cmjonze/rpm5_tarballs

const char * rpmkuPassPhrase(const char * passPhrase)
{
    const char * pw;

#if defined(HAVE_KEYUTILS_H)
    if (passPhrase && !strcmp(passPhrase, "@u user rpm:passwd")) {
	key_serial_t keyring = (key_serial_t) _kuKeyring;
	long key;
	int xx;

/*@-moduncon@*/
	key = keyctl_search(keyring, "user", "rpm:passwd", 0);
	pw = NULL;
	xx = keyctl_read_alloc(key, (void **)&pw);
/*@=moduncon@*/
	if (xx < 0)
	    pw = NULL;
    } else
#endif	/* HAVE_KEYUTILS_H */
	pw = xstrdup(passPhrase);
    return pw;
}

Пример #6

Файл: key_management.c Проект: defreez/thesis-ics-external-libecryptfs

int ecryptfs_remove_auth_tok_from_keyring(char *auth_tok_sig)
{
	int rc;

	rc = (int)keyctl_search(KEY_SPEC_USER_KEYRING, "user", auth_tok_sig, 0);
	if (rc < 0) {
		rc = errno;
		syslog(LOG_ERR, "Failed to find key with sig [%s]: %m\n",
		       auth_tok_sig);
		goto out;
	}
	rc = keyctl_unlink(rc, KEY_SPEC_USER_KEYRING);
	if (rc < 0) {
		rc = errno;
		syslog(LOG_ERR, "Failed to unlink key with sig [%s]: %s\n",
		       auth_tok_sig, strerror(rc));
		goto out;
	}
	rc = 0;
out:
	return rc;
}

Пример #7

Файл: Ext4Crypt.cpp Проект: Cibernoid/cibernoid-vold

// Get the keyring we store all keys in
static key_serial_t e4crypt_keyring()
{
    return keyctl_search(KEY_SPEC_SESSION_KEYRING, "keyring", "e4crypt", 0);
}