Set the unencrypted key size based on the encrypted key size. Code to
handle the special case of AES-192; since the encrypted key size must
be a multiple of the cipher block size, we have 32 bytes of encrypted
key data, and we only take the first 24 bytes of the decrypted key
data.
Signed-off-by: Michael Halcrow <mhalcrow@xxxxxxxxxx>
---
fs/ecryptfs/keystore.c | 9 +++------
1 files changed, 3 insertions(+), 6 deletions(-)
de5316936897d0a932f5bf15f5dfb1325db39fc0
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index a83914c..253901a 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -247,15 +247,12 @@ parse_tag_3_packet(struct ecryptfs_crypt
/* A little extra work to differentiate among the AES key
* sizes; see RFC2440 */
switch(data[(*packet_size)++]) {
- case 0x07:
- crypt_stat->key_size_bits = 128;
- break;
case 0x08:
crypt_stat->key_size_bits = 192;
break;
- case 0x09:
- crypt_stat->key_size_bits = 256;
- break;
+ default:
+ crypt_stat->key_size_bits =
+ (*new_auth_tok)->session_key.encrypted_key_size << 3;
}
if (unlikely((*packet_size) > max_packet_size)) {
ecryptfs_printk(KERN_ERR, "Packet size exceeds max\n");
--
1.3.3
-
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
