|
|
|
@ -133,9 +133,16 @@ static bool fill_key(const std::string& key, ext4_encryption_key* ext4_key) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static std::string keyname(const std::string& raw_ref) {
|
|
|
|
|
static char const* const NAME_PREFIXES[] = {
|
|
|
|
|
"ext4",
|
|
|
|
|
"f2fs",
|
|
|
|
|
"fscrypt",
|
|
|
|
|
nullptr
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static std::string keyname(const std::string& prefix, const std::string& raw_ref) {
|
|
|
|
|
std::ostringstream o;
|
|
|
|
|
o << "ext4:";
|
|
|
|
|
o << prefix << ":";
|
|
|
|
|
for (auto i : raw_ref) {
|
|
|
|
|
o << std::hex << std::setw(2) << std::setfill('0') << (int)i;
|
|
|
|
|
}
|
|
|
|
@ -158,18 +165,19 @@ static bool install_key(const std::string& key, std::string* raw_ref) {
|
|
|
|
|
ext4_encryption_key ext4_key;
|
|
|
|
|
if (!fill_key(key, &ext4_key)) return false;
|
|
|
|
|
*raw_ref = generate_key_ref(ext4_key.raw, ext4_key.size);
|
|
|
|
|
auto ref = keyname(*raw_ref);
|
|
|
|
|
key_serial_t device_keyring;
|
|
|
|
|
if (!e4crypt_keyring(&device_keyring)) return false;
|
|
|
|
|
key_serial_t key_id =
|
|
|
|
|
add_key("logon", ref.c_str(), (void*)&ext4_key, sizeof(ext4_key), device_keyring);
|
|
|
|
|
if (key_id == -1) {
|
|
|
|
|
PLOG(ERROR) << "Failed to insert key into keyring " << device_keyring;
|
|
|
|
|
return false;
|
|
|
|
|
for (char const* const* name_prefix = NAME_PREFIXES; *name_prefix != nullptr; name_prefix++) {
|
|
|
|
|
auto ref = keyname(*name_prefix, *raw_ref);
|
|
|
|
|
key_serial_t key_id =
|
|
|
|
|
add_key("logon", ref.c_str(), (void*)&ext4_key, sizeof(ext4_key), device_keyring);
|
|
|
|
|
if (key_id == -1) {
|
|
|
|
|
PLOG(ERROR) << "Failed to insert key into keyring " << device_keyring;
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
LOG(DEBUG) << "Added key " << key_id << " (" << ref << ") to keyring " << device_keyring
|
|
|
|
|
<< " in process " << getpid();
|
|
|
|
|
}
|
|
|
|
|
LOG(DEBUG) << "Added key " << key_id << " (" << ref << ") to keyring " << device_keyring
|
|
|
|
|
<< " in process " << getpid();
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|