+ ecryptfs-more-elegant-aes-key-size-manipulation.patch added to -mm tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The patch titled

     ecryptfs: more elegant AES key size manipulation

has been added to the -mm tree.  Its filename is

     ecryptfs-more-elegant-aes-key-size-manipulation.patch

See http://www.zip.com.au/~akpm/linux/patches/stuff/added-to-mm.txt to find
out what to do about this

------------------------------------------------------
Subject: ecryptfs: more elegant AES key size manipulation
From: Mike Halcrow <mhalcrow@xxxxxxxxxx>


Move logic to deal with AES special cases into the function that performs
string to cipher code mapping.

Signed-off-by: Michael Halcrow <mhalcrow@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---

 fs/ecryptfs/crypto.c          |   33 +++++++++++++++++++++++++-------
 fs/ecryptfs/ecryptfs_kernel.h |    2 -
 fs/ecryptfs/keystore.c        |   21 --------------------
 3 files changed, 28 insertions(+), 28 deletions(-)

diff -puN fs/ecryptfs/crypto.c~ecryptfs-more-elegant-aes-key-size-manipulation fs/ecryptfs/crypto.c
--- 25/fs/ecryptfs/crypto.c~ecryptfs-more-elegant-aes-key-size-manipulation	Tue Jun 20 17:37:43 2006
+++ 25-akpm/fs/ecryptfs/crypto.c	Tue Jun 20 17:37:43 2006
@@ -1042,16 +1042,35 @@ ecryptfs_cipher_code_str_map[] = {
  *
  * Returns zero on no match, or the cipher code on match
  */
-u16 ecryptfs_code_for_cipher_string(char *str)
+u16 ecryptfs_code_for_cipher_string(struct ecryptfs_crypt_stat *crypt_stat)
 {
 	int i;
+	u16 code = 0;
+	struct ecryptfs_cipher_code_str_map_elem *map =
+		ecryptfs_cipher_code_str_map;
 
-	for (i = 0; i < (sizeof(ecryptfs_cipher_code_str_map)
-			 / sizeof(struct ecryptfs_cipher_code_str_map_elem));
-	     i++)
-		if (strcmp(str, ecryptfs_cipher_code_str_map[i].cipher_str)==0)
-			return ecryptfs_cipher_code_str_map[i].cipher_code;
-	return 0;
+	if (strcmp(crypt_stat->cipher, "aes") == 0)
+		switch (crypt_stat->key_size) {
+		case 16:
+			code = RFC2440_CIPHER_AES_128;
+			break;
+		case 24:
+			code = RFC2440_CIPHER_AES_192;
+			break;
+		case 32:
+			code = RFC2440_CIPHER_AES_256;
+		}
+	else
+		for (i = 0; i < (sizeof(ecryptfs_cipher_code_str_map)
+				 / sizeof(struct
+					  ecryptfs_cipher_code_str_map_elem));
+		     i++)
+			if (strcmp(crypt_stat->cipher, map[i].cipher_str)
+			    == 0) {
+				code = map[i].cipher_code;
+				break;
+			}
+	return code;
 }
 
 /**
diff -puN fs/ecryptfs/ecryptfs_kernel.h~ecryptfs-more-elegant-aes-key-size-manipulation fs/ecryptfs/ecryptfs_kernel.h
--- 25/fs/ecryptfs/ecryptfs_kernel.h~ecryptfs-more-elegant-aes-key-size-manipulation	Tue Jun 20 17:37:43 2006
+++ 25-akpm/fs/ecryptfs/ecryptfs_kernel.h	Tue Jun 20 17:37:43 2006
@@ -454,7 +454,7 @@ int ecryptfs_new_file_context(struct den
 int contains_ecryptfs_marker(char *data);
 int ecryptfs_read_header_region(char *data, struct dentry *dentry,
 				struct nameidata *nd);
-u16 ecryptfs_code_for_cipher_string(char *str);
+u16 ecryptfs_code_for_cipher_string(struct ecryptfs_crypt_stat *crypt_stat);
 int ecryptfs_cipher_code_to_string(char *str, u16 cipher_code);
 void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat);
 int ecryptfs_generate_key_packet_set(char *dest_base,
diff -puN fs/ecryptfs/keystore.c~ecryptfs-more-elegant-aes-key-size-manipulation fs/ecryptfs/keystore.c
--- 25/fs/ecryptfs/keystore.c~ecryptfs-more-elegant-aes-key-size-manipulation	Tue Jun 20 17:37:43 2006
+++ 25-akpm/fs/ecryptfs/keystore.c	Tue Jun 20 17:37:43 2006
@@ -923,32 +923,13 @@ encrypted_session_key_set:
 	}
 	(*packet_size) += packet_size_length;
 	dest[(*packet_size)++] = 0x04; /* version 4 */
-	cipher_code = ecryptfs_code_for_cipher_string(crypt_stat->cipher);
+	cipher_code = ecryptfs_code_for_cipher_string(crypt_stat);
 	if (cipher_code == 0) {
 		ecryptfs_printk(KERN_WARNING, "Unable to generate code for "
 				"cipher [%s]\n", crypt_stat->cipher);
 		rc = -EINVAL;
 		goto out;
 	}
-	/* If it is AES, we need to get more specific. */
-	if (cipher_code == RFC2440_CIPHER_AES_128){
-		switch (crypt_stat->key_size) {
-		case 16:
-			break;
-		case 24:
-			cipher_code = RFC2440_CIPHER_AES_192;
-			break;
-		case 32:
-			cipher_code = RFC2440_CIPHER_AES_256;
-			break;
-		default:
-			rc = -EINVAL;
-			ecryptfs_printk(KERN_WARNING, "Unsupported AES key "
-					"size: [%d]\n",
-					crypt_stat->key_size);
-			goto out;
-		}
-	}
 	dest[(*packet_size)++] = cipher_code;
 	dest[(*packet_size)++] = 0x03;	/* S2K */
 	dest[(*packet_size)++] = 0x01;	/* MD5 (TODO: parameterize) */
_

Patches currently in -mm which might be from mhalcrow@xxxxxxxxxx are

ecryptfs-fs-makefile-and-fs-kconfig.patch
ecryptfs-fs-makefile-and-fs-kconfig-remove-ecrypt_debug-from-fs-kconfig.patch
ecryptfs-documentation.patch
ecryptfs-makefile.patch
ecryptfs-main-module-functions.patch
ecryptfs-main-module-functions-uint16_t-u16.patch
ecryptfs-header-declarations.patch
ecryptfs-header-declarations-update.patch
ecryptfs-header-declarations-update-convert-signed-data-types-to-unsigned-data-types.patch
ecryptfs-header-declarations-remove-unnecessary-ifndefs.patch
ecryptfs-superblock-operations.patch
ecryptfs-dentry-operations.patch
ecryptfs-file-operations.patch
ecryptfs-file-operations-remove-null-==-syntax.patch
ecryptfs-file-operations-remove-extraneous-read-of-inode-size-from-header.patch
ecryptfs-file-operations-fix.patch
ecryptfs-file-operations-fix-premature-release-of-file_info-memory.patch
ecryptfs-inode-operations.patch
ecryptfs-mmap-operations.patch
mark-address_space_operations-const-vs-ecryptfs-mmap-operations.patch
ecryptfs-keystore.patch
ecryptfs-crypto-functions.patch
ecryptfs-debug-functions.patch
ecryptfs-alpha-build-fix.patch
ecryptfs-convert-assert-to-bug_on.patch
ecryptfs-remove-unnecessary-null-checks.patch
ecryptfs-rewrite-ecryptfs_fsync.patch
ecryptfs-overhaul-file-locking.patch
ecryptfs-dont-muck-with-the-existing-nameidata-structures.patch
ecryptfs-asm-scatterlisth-linux-scatterlisth.patch
ecryptfs-support-for-larger-maximum-key-size.patch
ecryptfs-add-codes-for-additional-ciphers.patch
ecryptfs-unencrypted-key-size-based-on-encrypted-key-size.patch
ecryptfs-packet-and-key-management-update-for-variable-key-size.patch
ecryptfs-add-ecryptfs_-prefix-to-mount-options-key-size-parameter.patch
ecryptfs-set-the-key-size-from-the-default-for-the-mount.patch
ecryptfs-check-for-weak-keys.patch
ecryptfs-add-define-values-for-cipher-codes-from-rfc2440-openpgp.patch
ecryptfs-convert-bits-to-bytes.patch
ecryptfs-more-elegant-aes-key-size-manipulation.patch
ecryptfs-more-elegant-aes-key-size-manipulation-tidy.patch
ecryptfs-more-intelligent-use-of-tfm-objects.patch

-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Kernel Newbies FAQ]     [Kernel Archive]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [Bugtraq]     [Photo]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux