← Back to branch summary

~ecryptfs/ecryptfs/trunk

« back to all changes in this revision

Viewing changes to src/libecryptfs/main.c

  • Committer: Dustin Kirkland
  • Date: 2009-01-23 01:37:41 UTC
  • Revision ID: git-v1:df59c25472f00440f42a8e234eb0e42a5e1e1753
revert special fnek functions

As it happens, the special generate_fnek() and insert filename encryption
key functions aren't necessary.  Revert these changes.  We just need to
add a second passphrase with a different salt.

Signed-off-by: Dustin Kirkland <kirkland@canonical.com>

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/libecryptfs/main.c
172
172
}
173
173
 
174
174
/**
175
 
 * @fnek An allocated char array into which the generated
176
 
 * passphrase is written; ECRYPTFS_MAX_PASSPHRASE_BYTES bytes should be
177
 
 * allocated
178
 
 *
179
 
 * @passphrase A NULL-terminated char array
180
 
 *
181
 
 * @salt A salt
182
 
 *
183
 
 * @passphrase_sig An allocated char array into which the generated
184
 
 * signature is written; PASSWORD_SIG_SIZE bytes should be allocated
185
 
 *
186
 
 */
187
 
int
188
 
generate_fnek(char *fnek, char *salt, char *passphrase)
189
 
{
190
 
        char salt_and_passphrase[ECRYPTFS_MAX_PASSPHRASE_BYTES
191
 
                                 + ECRYPTFS_SALT_SIZE];
192
 
        int passphrase_size;
193
 
#ifdef ENABLE_NSS
194
 
        int alg = SEC_OID_SHA512;
195
 
#else
196
 
        int alg = GCRY_MD_SHA512;
197
 
#endif /* #ifdef ENABLE_NSS */
198
 
        int dig_len = SHA512_DIGEST_LENGTH;
199
 
        char buf[SHA512_DIGEST_LENGTH];
200
 
        int hash_iterations = ECRYPTFS_DEFAULT_NUM_FNEK_HASH_ITERATIONS;
201
 
        int rc = 0;
202
 
 
203
 
        passphrase_size = strlen(passphrase);
204
 
        if (passphrase_size > ECRYPTFS_MAX_PASSPHRASE_BYTES) {
205
 
                fnek = NULL;
206
 
                syslog(LOG_ERR, "Passphrase too large (%d bytes)\n",
207
 
                       passphrase_size);
208
 
                return -EINVAL;
209
 
        }
210
 
        memcpy(salt_and_passphrase, salt, ECRYPTFS_SALT_SIZE);
211
 
        memcpy((salt_and_passphrase + ECRYPTFS_SALT_SIZE), passphrase,
212
 
                passphrase_size);
213
 
        if ((rc = do_hash(salt_and_passphrase,
214
 
                          (ECRYPTFS_SALT_SIZE + passphrase_size), buf, alg))) {
215
 
                return rc;
216
 
        }
217
 
        hash_iterations--;
218
 
        while (hash_iterations--) {
219
 
                if ((rc = do_hash(buf, dig_len, buf, alg))) {
220
 
                        return rc;
221
 
                }
222
 
        }
223
 
        if ((rc = do_hash(buf, dig_len, buf, alg))) {
224
 
                return rc;
225
 
        }
226
 
        to_hex(fnek, buf, ECRYPTFS_MAX_KEY_BYTES/4);
227
 
        return 0;
228
 
}
229
 
 
230
 
/**
231
175
 * @return Zero on success
232
176
 */
233
177
int