diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-05 11:56:54 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-05 11:56:54 +0200 |
commit | 06074f69d4662868ab7fa381a59e5d8567f318eb (patch) | |
tree | 0a852f9d23378c8db47757c4014abffee17fa5f1 | |
parent | 4834f6feca73429b093c98cdfa376f6d4c24a18d (diff) | |
download | cryptodev-linux-06074f69d4662868ab7fa381a59e5d8567f318eb.tar.gz cryptodev-linux-06074f69d4662868ab7fa381a59e5d8567f318eb.tar.xz cryptodev-linux-06074f69d4662868ab7fa381a59e5d8567f318eb.zip |
Key wrapping is privileged.
-rw-r--r-- | ncr-key-wrap.c | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c index 52dca51..a15d371 100644 --- a/ncr-key-wrap.c +++ b/ncr-key-wrap.c @@ -36,6 +36,12 @@ #define KEY_WRAP_VERSION 0 +/* To be further checked. If the current implemented key wrapping mechanism + * has no issues, it might be possible to relax the requirement for + * privileged key wrapping. + */ +#define KEY_WRAP_IS_PRIVILEGED + typedef uint8_t val64_t[8]; static const val64_t initA = "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6"; @@ -537,6 +543,13 @@ const void *iv; size_t data_size, iv_size; int ret; +#ifdef KEY_WRAP_IS_PRIVILEGED + if (current_euid() != 0) { + err(); + return -EPERM; + } +#endif + if (wrap->buffer_size < 0) { err(); return -EINVAL; @@ -640,6 +653,13 @@ void* data = NULL; size_t data_size; int ret; +#ifdef KEY_WRAP_IS_PRIVILEGED + if (current_euid() != 0) { + err(); + return -EPERM; + } +#endif + ret = ncr_key_item_get_write(&wkey, lst, wrap->dest_key); if (ret < 0) { err(); @@ -1014,6 +1034,14 @@ static int key_from_packed_data(struct nlattr *tb[], struct key_item_st *key, err(); return ret; } + + +#ifndef KEY_WRAP_IS_PRIVILEGED + /* Do not allow key unwrapping to result to exportable keys + */ + if (current_euid() != 0) + key->flags &= (~NCR_KEY_FLAG_EXPORTABLE); +#endif if (key->type == NCR_KEY_TYPE_SECRET) { if (data_size > NCR_CIPHER_MAX_KEY_LEN) { |