diff options
author | Miloslav Trmač <mitr@redhat.com> | 2010-08-25 00:53:56 +0200 |
---|---|---|
committer | Miloslav Trmač <mitr@redhat.com> | 2010-08-25 00:53:56 +0200 |
commit | 6db12e213dfd6793203c9875e6765c7d27f3dd1f (patch) | |
tree | fcef75a8eae888bdbb19c5fad90f4fb42c5e000b | |
parent | 5ec167e240a8002bba3cc37e22553c888c7d4133 (diff) | |
download | kernel-crypto-6db12e213dfd6793203c9875e6765c7d27f3dd1f.tar.gz kernel-crypto-6db12e213dfd6793203c9875e6765c7d27f3dd1f.tar.xz kernel-crypto-6db12e213dfd6793203c9875e6765c7d27f3dd1f.zip |
Simplify key flag updates
-rw-r--r-- | ncr-int.h | 2 | ||||
-rw-r--r-- | ncr-key-wrap.c | 22 | ||||
-rw-r--r-- | ncr-key.c | 63 |
3 files changed, 36 insertions, 51 deletions
diff --git a/ncr-int.h b/ncr-int.h index 5e86aff5641..2baea659f4a 100644 --- a/ncr-int.h +++ b/ncr-int.h @@ -137,7 +137,7 @@ int ncr_key_derive(struct ncr_lists *lst, const struct ncr_key_derive *data, struct nlattr *tb[]); void ncr_key_clear(struct key_item_st* item); -int ncr_key_assign_flags(struct key_item_st *item, unsigned int flags); +int ncr_key_update_flags(struct key_item_st *item, const struct nlattr *nla); /* key handling */ int ncr_key_init(struct ncr_lists *lst); diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c index c409bb93fda..8ca23b8b20f 100644 --- a/ncr-key-wrap.c +++ b/ncr-key-wrap.c @@ -471,13 +471,10 @@ const uint8_t *iv; goto cleanup; } - nla = tb[NCR_ATTR_KEY_FLAGS]; - if (nla != NULL) { - ret = ncr_key_assign_flags(output, nla_get_u32(nla)); - if (ret != 0) { - err(); - goto cleanup; - } + ret = ncr_key_update_flags(output, tb[NCR_ATTR_KEY_FLAGS]); + if (ret != 0) { + err(); + goto cleanup; } memset(&output->key, 0, sizeof(output->key)); @@ -889,13 +886,10 @@ static int key_from_packed_data(struct nlattr *tb[], struct key_item_st *key, } key->type = nla_get_u32(nla); - nla = tb[NCR_ATTR_KEY_FLAGS]; - if (nla != NULL) { - ret = ncr_key_assign_flags(key, nla_get_u32(nla)); - if (ret != 0) { - err(); - return ret; - } + ret = ncr_key_update_flags(key, tb[NCR_ATTR_KEY_FLAGS]); + if (ret != 0) { + err(); + return ret; } if (key->type == NCR_KEY_TYPE_SECRET) { diff --git a/ncr-key.c b/ncr-key.c index 4942bc451d0..a82c907eb5e 100644 --- a/ncr-key.c +++ b/ncr-key.c @@ -287,8 +287,13 @@ fail: } -int ncr_key_assign_flags(struct key_item_st* item, unsigned int flags) +int ncr_key_update_flags(struct key_item_st* item, const struct nlattr *nla) { + uint32_t flags; + + if (nla == NULL) + return 0; + flags = nla_get_u32(nla); if (!capable(CAP_SYS_ADMIN) && (flags & NCR_KEY_FLAG_WRAPPING) != 0) return -EPERM; item->flags = flags; @@ -341,13 +346,10 @@ size_t tmp_size; goto fail; } - nla = tb[NCR_ATTR_KEY_FLAGS]; - if (nla != NULL) { - ret = ncr_key_assign_flags(item, nla_get_u32(nla)); - if (ret < 0) { - err(); - goto fail; - } + ret = ncr_key_update_flags(item, tb[NCR_ATTR_KEY_FLAGS]); + if (ret < 0) { + err(); + goto fail; } nla = tb[NCR_ATTR_KEY_ID]; @@ -434,13 +436,10 @@ size_t size; ncr_key_clear(item); /* we generate only secret keys */ - nla = tb[NCR_ATTR_KEY_FLAGS]; - if (nla != NULL) { - ret = ncr_key_assign_flags(item, nla_get_u32(nla)); - if (ret < 0) { - err(); - goto fail; - } + ret = ncr_key_update_flags(item, tb[NCR_ATTR_KEY_FLAGS]); + if (ret < 0) { + err(); + goto fail; } algo = _ncr_nla_to_properties(tb[NCR_ATTR_ALGORITHM]); @@ -662,7 +661,6 @@ int ncr_key_generate_pair(struct ncr_lists *lst, const struct ncr_key_generate_pair *gen, struct nlattr *tb[]) { -const struct nlattr *nla; struct key_item_st* private = NULL; struct key_item_st* public = NULL; int ret; @@ -692,18 +690,15 @@ int ret; } public->type = public->algorithm->key_type; private->type = NCR_KEY_TYPE_PRIVATE; - nla = tb[NCR_ATTR_KEY_FLAGS]; - if (nla != NULL) { - ret = ncr_key_assign_flags(private, nla_get_u32(nla)); - if (ret < 0) { - err(); - goto fail; - } - ret = ncr_key_assign_flags(public, nla_get_u32(nla)); - if (ret < 0) { - err(); - goto fail; - } + ret = ncr_key_update_flags(private, tb[NCR_ATTR_KEY_FLAGS]); + if (ret < 0) { + err(); + goto fail; + } + ret = ncr_key_update_flags(public, tb[NCR_ATTR_KEY_FLAGS]); + if (ret < 0) { + err(); + goto fail; } public->flags |= (NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE); @@ -736,7 +731,6 @@ fail: int ncr_key_derive(struct ncr_lists *lst, const struct ncr_key_derive *data, struct nlattr *tb[]) { -const struct nlattr *nla; int ret; struct key_item_st* key = NULL; struct key_item_st* newkey = NULL; @@ -763,13 +757,10 @@ struct key_item_st* newkey = NULL; ncr_key_clear(newkey); - nla = tb[NCR_ATTR_KEY_FLAGS]; - if (nla != NULL) { - ret = ncr_key_assign_flags(newkey, nla_get_u32(nla)); - if (ret < 0) { - err(); - goto fail; - } + ret = ncr_key_update_flags(newkey, tb[NCR_ATTR_KEY_FLAGS]); + if (ret < 0) { + err(); + goto fail; } switch (key->type) { |