summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMiloslav Trmač <mitr@redhat.com>2010-08-25 00:53:56 +0200
committerMiloslav Trmač <mitr@redhat.com>2010-08-25 00:53:56 +0200
commit6db12e213dfd6793203c9875e6765c7d27f3dd1f (patch)
treefcef75a8eae888bdbb19c5fad90f4fb42c5e000b
parent5ec167e240a8002bba3cc37e22553c888c7d4133 (diff)
downloadkernel-crypto-6db12e213dfd6793203c9875e6765c7d27f3dd1f.tar.gz
kernel-crypto-6db12e213dfd6793203c9875e6765c7d27f3dd1f.tar.xz
kernel-crypto-6db12e213dfd6793203c9875e6765c7d27f3dd1f.zip
Simplify key flag updates
-rw-r--r--ncr-int.h2
-rw-r--r--ncr-key-wrap.c22
-rw-r--r--ncr-key.c63
3 files changed, 36 insertions, 51 deletions
diff --git a/ncr-int.h b/ncr-int.h
index 5e86aff5641..2baea659f4a 100644
--- a/ncr-int.h
+++ b/ncr-int.h
@@ -137,7 +137,7 @@ int ncr_key_derive(struct ncr_lists *lst, const struct ncr_key_derive *data,
struct nlattr *tb[]);
void ncr_key_clear(struct key_item_st* item);
-int ncr_key_assign_flags(struct key_item_st *item, unsigned int flags);
+int ncr_key_update_flags(struct key_item_st *item, const struct nlattr *nla);
/* key handling */
int ncr_key_init(struct ncr_lists *lst);
diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c
index c409bb93fda..8ca23b8b20f 100644
--- a/ncr-key-wrap.c
+++ b/ncr-key-wrap.c
@@ -471,13 +471,10 @@ const uint8_t *iv;
goto cleanup;
}
- nla = tb[NCR_ATTR_KEY_FLAGS];
- if (nla != NULL) {
- ret = ncr_key_assign_flags(output, nla_get_u32(nla));
- if (ret != 0) {
- err();
- goto cleanup;
- }
+ ret = ncr_key_update_flags(output, tb[NCR_ATTR_KEY_FLAGS]);
+ if (ret != 0) {
+ err();
+ goto cleanup;
}
memset(&output->key, 0, sizeof(output->key));
@@ -889,13 +886,10 @@ static int key_from_packed_data(struct nlattr *tb[], struct key_item_st *key,
}
key->type = nla_get_u32(nla);
- nla = tb[NCR_ATTR_KEY_FLAGS];
- if (nla != NULL) {
- ret = ncr_key_assign_flags(key, nla_get_u32(nla));
- if (ret != 0) {
- err();
- return ret;
- }
+ ret = ncr_key_update_flags(key, tb[NCR_ATTR_KEY_FLAGS]);
+ if (ret != 0) {
+ err();
+ return ret;
}
if (key->type == NCR_KEY_TYPE_SECRET) {
diff --git a/ncr-key.c b/ncr-key.c
index 4942bc451d0..a82c907eb5e 100644
--- a/ncr-key.c
+++ b/ncr-key.c
@@ -287,8 +287,13 @@ fail:
}
-int ncr_key_assign_flags(struct key_item_st* item, unsigned int flags)
+int ncr_key_update_flags(struct key_item_st* item, const struct nlattr *nla)
{
+ uint32_t flags;
+
+ if (nla == NULL)
+ return 0;
+ flags = nla_get_u32(nla);
if (!capable(CAP_SYS_ADMIN) && (flags & NCR_KEY_FLAG_WRAPPING) != 0)
return -EPERM;
item->flags = flags;
@@ -341,13 +346,10 @@ size_t tmp_size;
goto fail;
}
- nla = tb[NCR_ATTR_KEY_FLAGS];
- if (nla != NULL) {
- ret = ncr_key_assign_flags(item, nla_get_u32(nla));
- if (ret < 0) {
- err();
- goto fail;
- }
+ ret = ncr_key_update_flags(item, tb[NCR_ATTR_KEY_FLAGS]);
+ if (ret < 0) {
+ err();
+ goto fail;
}
nla = tb[NCR_ATTR_KEY_ID];
@@ -434,13 +436,10 @@ size_t size;
ncr_key_clear(item);
/* we generate only secret keys */
- nla = tb[NCR_ATTR_KEY_FLAGS];
- if (nla != NULL) {
- ret = ncr_key_assign_flags(item, nla_get_u32(nla));
- if (ret < 0) {
- err();
- goto fail;
- }
+ ret = ncr_key_update_flags(item, tb[NCR_ATTR_KEY_FLAGS]);
+ if (ret < 0) {
+ err();
+ goto fail;
}
algo = _ncr_nla_to_properties(tb[NCR_ATTR_ALGORITHM]);
@@ -662,7 +661,6 @@ int ncr_key_generate_pair(struct ncr_lists *lst,
const struct ncr_key_generate_pair *gen,
struct nlattr *tb[])
{
-const struct nlattr *nla;
struct key_item_st* private = NULL;
struct key_item_st* public = NULL;
int ret;
@@ -692,18 +690,15 @@ int ret;
}
public->type = public->algorithm->key_type;
private->type = NCR_KEY_TYPE_PRIVATE;
- nla = tb[NCR_ATTR_KEY_FLAGS];
- if (nla != NULL) {
- ret = ncr_key_assign_flags(private, nla_get_u32(nla));
- if (ret < 0) {
- err();
- goto fail;
- }
- ret = ncr_key_assign_flags(public, nla_get_u32(nla));
- if (ret < 0) {
- err();
- goto fail;
- }
+ ret = ncr_key_update_flags(private, tb[NCR_ATTR_KEY_FLAGS]);
+ if (ret < 0) {
+ err();
+ goto fail;
+ }
+ ret = ncr_key_update_flags(public, tb[NCR_ATTR_KEY_FLAGS]);
+ if (ret < 0) {
+ err();
+ goto fail;
}
public->flags |= (NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE);
@@ -736,7 +731,6 @@ fail:
int ncr_key_derive(struct ncr_lists *lst, const struct ncr_key_derive *data,
struct nlattr *tb[])
{
-const struct nlattr *nla;
int ret;
struct key_item_st* key = NULL;
struct key_item_st* newkey = NULL;
@@ -763,13 +757,10 @@ struct key_item_st* newkey = NULL;
ncr_key_clear(newkey);
- nla = tb[NCR_ATTR_KEY_FLAGS];
- if (nla != NULL) {
- ret = ncr_key_assign_flags(newkey, nla_get_u32(nla));
- if (ret < 0) {
- err();
- goto fail;
- }
+ ret = ncr_key_update_flags(newkey, tb[NCR_ATTR_KEY_FLAGS]);
+ if (ret < 0) {
+ err();
+ goto fail;
}
switch (key->type) {