All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH v2 1/2] key: Add basic keystore support
@ 2016-03-04 18:18 Mat Martineau
  2016-03-04 18:18 ` [PATCH v2 2/2] key: Add keystore unit test Mat Martineau
  2016-03-04 20:58 ` [PATCH v2 1/2] key: Add basic keystore support Denis Kenzior
  0 siblings, 2 replies; 3+ messages in thread
From: Mat Martineau @ 2016-03-04 18:18 UTC (permalink / raw)
  To: ell

[-- Attachment #1: Type: text/plain, Size: 6646 bytes --]

---
 Makefile.am |   6 ++-
 ell/ell.h   |   1 +
 ell/key.c   | 154 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 ell/key.h   |  55 ++++++++++++++++++++++
 4 files changed, 214 insertions(+), 2 deletions(-)
 create mode 100644 ell/key.c
 create mode 100644 ell/key.h

diff --git a/Makefile.am b/Makefile.am
index 55ab8e6..e5a8f94 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -41,7 +41,8 @@ pkginclude_HEADERS = ell/ell.h \
 			ell/base64.h \
 			ell/pem.h \
 			ell/tls.h \
-			ell/uuid.h
+			ell/uuid.h \
+			ell/key.h
 
 lib_LTLIBRARIES = ell/libell.la
 
@@ -88,7 +89,8 @@ ell_libell_la_SOURCES = $(linux_headers) \
 			ell/tls-private.h \
 			ell/tls.c \
 			ell/tls-record.c \
-			ell/uuid.c
+			ell/uuid.c \
+			ell/key.c
 
 ell_libell_la_LDFLAGS = -no-undefined \
 			-version-info $(ELL_CURRENT):$(ELL_REVISION):$(ELL_AGE)
diff --git a/ell/ell.h b/ell/ell.h
index 8cec756..390743f 100644
--- a/ell/ell.h
+++ b/ell/ell.h
@@ -43,6 +43,7 @@
 #include <ell/pem.h>
 #include <ell/tls.h>
 #include <ell/uuid.h>
+#include <ell/key.h>
 
 #include <ell/netlink.h>
 #include <ell/genl.h>
diff --git a/ell/key.c b/ell/key.c
new file mode 100644
index 0000000..6ec8541
--- /dev/null
+++ b/ell/key.c
@@ -0,0 +1,154 @@
+/*
+ *
+ *  Embedded Linux library
+ *
+ *  Copyright (C) 2016  Intel Corporation. All rights reserved.
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#define _GNU_SOURCE
+#include <unistd.h>
+#include <stdint.h>
+#include <sys/syscall.h>
+#include <linux/keyctl.h>
+
+#include "private.h"
+#include "util.h"
+#include "key.h"
+
+static int32_t keyring_base;
+
+struct l_key {
+	int type;
+	int32_t serial;
+};
+
+static const char * const key_type_names[] = {
+	[L_KEY_RAW] = "user",
+	[L_KEY_ASYMMETRIC] = "asymmetric",
+};
+
+static long kernel_add_key(const char *type, const char *description,
+				const void *payload, size_t len, int32_t keyring)
+{
+	return syscall(__NR_add_key, type, description, payload, len, keyring);
+}
+
+static long kernel_read_key(int32_t serial, const void *payload, size_t len)
+{
+	return syscall(__NR_keyctl, KEYCTL_READ, serial, payload, len);
+}
+
+static long kernel_update_key(int32_t serial, const void *payload, size_t len)
+{
+	return syscall(__NR_keyctl, KEYCTL_UPDATE, serial, payload, len);
+}
+
+static long kernel_revoke_key(int32_t serial)
+{
+	return syscall(__NR_keyctl, KEYCTL_REVOKE, serial);
+}
+
+static bool setup_keyring_base(void)
+{
+	keyring_base = kernel_add_key("keyring", "ell", 0, 0,
+					KEY_SPEC_THREAD_KEYRING);
+
+	if (keyring_base <= 0) {
+		keyring_base = 0;
+		return false;
+	}
+
+	return true;
+}
+
+LIB_EXPORT struct l_key *l_key_new(enum l_key_type type, const void *payload,
+					size_t payload_length)
+{
+	struct l_key *key;
+
+	if (unlikely(!payload))
+		return NULL;
+
+	if (unlikely((size_t)type >= L_ARRAY_SIZE(key_type_names)))
+		return NULL;
+
+	if (!keyring_base && !setup_keyring_base()) {
+		return NULL;
+	}
+
+	key = l_new(struct l_key, 1);
+	key->type = type;
+	key->serial = kernel_add_key(key_type_names[type], "ell", payload,
+					payload_length, keyring_base);
+
+	if (key->serial < 0) {
+		l_free(key);
+		key = NULL;
+	}
+
+	return key;
+}
+
+LIB_EXPORT void l_key_free(struct l_key *key)
+{
+	if (unlikely(!key))
+		return;
+
+	kernel_revoke_key(key->serial);
+
+	l_free(key);
+}
+
+LIB_EXPORT bool l_key_update(struct l_key *key, const void *payload, size_t len)
+{
+	long error;
+
+	if (unlikely(!key))
+		return false;
+
+	error = kernel_update_key(key->serial, payload, len);
+
+	return error == 0;
+}
+
+LIB_EXPORT bool l_key_extract(struct l_key *key, void *payload, size_t *len)
+{
+	long keylen;
+
+	if (unlikely(!key))
+		return false;
+
+	keylen = kernel_read_key(key->serial, payload, *len);
+
+	if (keylen < 0 || (size_t)keylen > *len) {
+		memset(payload, 0, *len);
+		return false;
+	}
+
+	*len = keylen;
+	return true;
+}
+
+LIB_EXPORT ssize_t l_key_get_size(struct l_key *key)
+{
+	return kernel_read_key(key->serial, NULL, 0);
+}
diff --git a/ell/key.h b/ell/key.h
new file mode 100644
index 0000000..73c2c97
--- /dev/null
+++ b/ell/key.h
@@ -0,0 +1,55 @@
+/*
+ *
+ *  Embedded Linux library
+ *
+ *  Copyright (C) 2016  Intel Corporation. All rights reserved.
+ *
+ *  This library is free software; you can redistribute it and/or
+ *  modify it under the terms of the GNU Lesser General Public
+ *  License as published by the Free Software Foundation; either
+ *  version 2.1 of the License, or (at your option) any later version.
+ *
+ *  This library is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ *  Lesser General Public License for more details.
+ *
+ *  You should have received a copy of the GNU Lesser General Public
+ *  License along with this library; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+ *
+ */
+
+#ifndef __ELL_KEY_H
+#define __ELL_KEY_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stddef.h>
+#include <stdbool.h>
+
+struct l_key;
+
+enum l_key_type {
+	L_KEY_RAW = 0,
+	L_KEY_ASYMMETRIC
+};
+
+struct l_key *l_key_new(enum l_key_type type, const void *payload,
+			size_t payload_length);
+
+void l_key_free(struct l_key *key);
+
+bool l_key_update(struct l_key *key, const void *payload, size_t len);
+
+bool l_key_extract(struct l_key *key, void *payload, size_t *len);
+
+ssize_t l_key_get_size(struct l_key *key);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __ELL_KEY_H */
-- 
2.7.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-03-04 20:58 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-03-04 18:18 [PATCH v2 1/2] key: Add basic keystore support Mat Martineau
2016-03-04 18:18 ` [PATCH v2 2/2] key: Add keystore unit test Mat Martineau
2016-03-04 20:58 ` [PATCH v2 1/2] key: Add basic keystore support Denis Kenzior

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.