~mrooney/ecryptfs/nautilus-integration

Viewing changes to src/key_mod/ecryptfs_key_mod_tspi.c

Committer: Dustin Kirkland
Date: 2009-04-30 23:58:11 UTC
Revision ID: kirkland@canonical.com-20090430235811-pxv6pp7edjkrg9kp

[ Frédéric Guihéry ]
  * key_mod/ecryptfs_key_mod_tspi.c, utils/ecryptfs_generate_tpm_key.c:
    the SRK password should be set to 20 bytes of NULL (wellknown
    password), in order for different tools to request key protection
    with the Storage Root Key

Signed-off-by: Dustin Kirkland <kirkland@canonical.com>

files modified:
debian/changelog

src/key_mod/ecryptfs_key_mod_tspi.c

src/utils/ecryptfs_generate_tpm_key.c

Show diffs side-by-side

added added

removed removed

src/key_mod/ecryptfs_key_mod_tspi.c

317

struct tspi_data tspi_data;

318

struct ecryptfs_tspi_connect_ticket *ticket;

319

int rc = 0;

320

BYTE wellknown[] = TSS_WELL_KNOWN_SECRET;

320

321

322

pthread_mutex_lock(&encrypt_lock);

322

323

(*to_size) = 0;

345

346

rc = -EIO;

346

347

goto out;

347

348

}

348

if ((result = Tspi_Policy_SetSecret(h_srk_policy, TSS_SECRET_MODE_PLAIN,

349

0, NULL))

349

if ((result = Tspi_Policy_SetSecret(h_srk_policy,

350

TSS_SECRET_MODE_SHA1,

351

sizeof(wellknown), wellknown))

350

352

!= TSS_SUCCESS) {

351

353

syslog(LOG_ERR, "Tspi_Policy_SetSecret failed: [%s]\n",

352

354

Trspi_Error_String(result));

415

417