From: Mike Halcrow <mhalcrow@us.ibm.com>
To: Andrew Morton <akpm@osdl.org>
Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Mike Halcrow <mhalcrow@us.ibm.com>,
Mike Halcrow <mike@halcrow.us>
Subject: [PATCH 9/12] Add #define values for cipher codes from RFC2440 (OpenPGP)
Date: Tue, 20 Jun 2006 16:24:09 -0500 [thread overview]
Message-ID: <E1Fsnhh-0007A6-WD@localhost.localdomain> (raw)
In-Reply-To: <20060620212134.GB18701@us.ibm.com>
Add #define values for cipher codes from RFC2440 (OpenPGP).
Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>
---
fs/ecryptfs/crypto.c | 19 +++++++++----------
fs/ecryptfs/ecryptfs_kernel.h | 9 +++++++++
fs/ecryptfs/keystore.c | 8 ++++----
3 files changed, 22 insertions(+), 14 deletions(-)
892f18996cb6a98db0065db51395998eea989fa8
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 5292220..426e5e4 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -1023,18 +1023,17 @@ struct ecryptfs_cipher_code_str_map_elem
/* Add support for additional ciphers by adding elements here. The
* cipher_code is whatever OpenPGP applicatoins use to identify the
- * ciphers. */
-/* List in order of probability. */
+ * ciphers. List in order of probability. */
static struct ecryptfs_cipher_code_str_map_elem
ecryptfs_cipher_code_str_map[] = {
- {"aes", 0x07}, /* AES-128 */
- {"blowfish", 0x04},
- {"des3_ede", 0x02},
- {"cast5", 0x03},
- {"twofish", 0x0a},
- {"cast6", 0x0b},
- {"aes", 0x08}, /* AES-192 */
- {"aes", 0x09} /* AES-256 */
+ {"aes",RFC2440_CIPHER_AES_128 },
+ {"blowfish", RFC2440_CIPHER_BLOWFISH},
+ {"des3_ede", RFC2440_CIPHER_DES3_EDE},
+ {"cast5", RFC2440_CIPHER_CAST_5},
+ {"twofish", RFC2440_CIPHER_TWOFISH},
+ {"cast6", RFC2440_CIPHER_CAST_6},
+ {"aes", RFC2440_CIPHER_AES_192},
+ {"aes", RFC2440_CIPHER_AES_256}
};
/**
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index 4dc95af..39057a8 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -53,6 +53,15 @@ #define ECRYPTFS_DEFAULT_HEADER_EXTENT_S
#define ECRYPTFS_DEFAULT_EXTENT_SIZE 4096
#define ECRYPTFS_MINIMUM_HEADER_EXTENT_SIZE 8192
+#define RFC2440_CIPHER_DES3_EDE 0x02
+#define RFC2440_CIPHER_CAST_5 0x03
+#define RFC2440_CIPHER_BLOWFISH 0x04
+#define RFC2440_CIPHER_AES_128 0x07
+#define RFC2440_CIPHER_AES_192 0x08
+#define RFC2440_CIPHER_AES_256 0x09
+#define RFC2440_CIPHER_TWOFISH 0x0a
+#define RFC2440_CIPHER_CAST_6 0x0b
+
#define ECRYPTFS_SET_FLAG(flag_bit_vector, flag) (flag_bit_vector |= (flag))
#define ECRYPTFS_CLEAR_FLAG(flag_bit_vector, flag) (flag_bit_vector &= ~(flag))
#define ECRYPTFS_CHECK_FLAG(flag_bit_vector, flag) (flag_bit_vector & (flag))
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index 101773f..d301ac8 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -247,7 +247,7 @@ parse_tag_3_packet(struct ecryptfs_crypt
/* A little extra work to differentiate among the AES key
* sizes; see RFC2440 */
switch(data[(*packet_size)++]) {
- case 0x08:
+ case RFC2440_CIPHER_AES_192:
crypt_stat->key_size_bits = 192;
break;
default:
@@ -931,15 +931,15 @@ encrypted_session_key_set:
goto out;
}
/* If it is AES, we need to get more specific. */
- if (cipher_code == 0x07) {
+ if (cipher_code == RFC2440_CIPHER_AES_128){
switch (crypt_stat->key_size_bits) {
case 128:
break;
case 192:
- cipher_code = 0x08; /* AES-192 */
+ cipher_code = RFC2440_CIPHER_AES_192;
break;
case 256:
- cipher_code = 0x09; /* AES-256 */
+ cipher_code = RFC2440_CIPHER_AES_256;
break;
default:
rc = -EINVAL;
--
1.3.3
next prev parent reply other threads:[~2006-06-20 21:26 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-20 21:21 [PATCH 0/12] eCryptfs minor fixes; support for cipher/key size selection Michael Halcrow
2006-06-20 21:22 ` [PATCH 1/12] asm/scatterlist.h -> linux/scatterlist.h Mike Halcrow
2006-06-20 21:22 ` [PATCH 2/12] Support for larger maximum key size Mike Halcrow
2006-06-21 14:49 ` Timothy R. Chavez
2006-06-21 15:50 ` Michael Halcrow
2006-06-20 21:23 ` [PATCH 3/12] Add codes for additional ciphers Mike Halcrow
2006-06-21 15:08 ` Timothy R. Chavez
2006-06-20 21:23 ` [PATCH 4/12] Unencrypted key size based on encrypted key size Mike Halcrow
2006-06-20 21:23 ` [PATCH 5/12] Packet and key management update for variable " Mike Halcrow
2006-06-20 21:23 ` [PATCH 6/12] Add ecryptfs_ prefix to mount options; key size parameter Mike Halcrow
2006-06-20 21:23 ` [PATCH 7/12] Set the key size from the default for the mount Mike Halcrow
2006-06-20 21:23 ` [PATCH 8/12] Check for weak keys Mike Halcrow
2006-06-20 21:24 ` Mike Halcrow [this message]
2006-06-20 21:24 ` [PATCH 10/12] Convert bits to bytes Mike Halcrow
2006-06-20 21:24 ` [PATCH 11/12] More elegant AES key size manipulation Mike Halcrow
2006-06-20 21:24 ` [PATCH 12/12] More intelligent use of TFM objects Mike Halcrow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E1Fsnhh-0007A6-WD@localhost.localdomain \
--to=mhalcrow@us.ibm.com \
--cc=akpm@osdl.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mike@halcrow.us \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.