diff options
| author | Joseph Richey <joerichey@google.com> | 2017-07-14 12:07:33 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-07-14 12:07:33 -0700 |
| commit | e5cb8079aea929b1abd8d4279afc55983a5d0764 (patch) | |
| tree | e35fb083482d26499038ca559fb5e345697d2542 /crypto/key.go | |
| parent | 419fd9f24c2805c75a84da1cb52516de25dcecdd (diff) | |
| parent | 480527993359c477849ccbd2c4d369df54807903 (diff) | |
Merge pull request #16 from google/fix
Use Description when placing keys in the keyring
Diffstat (limited to 'crypto/key.go')
| -rw-r--r-- | crypto/key.go | 23 |
1 files changed, 8 insertions, 15 deletions
diff --git a/crypto/key.go b/crypto/key.go index 6781c1d..cffe2b4 100644 --- a/crypto/key.go +++ b/crypto/key.go @@ -240,15 +240,14 @@ func getKeyring() (int, error) { } // FindPolicyKey tries to locate a policy key in the kernel keyring with the -// provided descriptor and service. The keyring and key ids are returned if we -// can find the key. An error is returned if the key does not exist. -func FindPolicyKey(descriptor, service string) (keyringID, keyID int, err error) { +// provided description. The keyring and key ids are returned if we can find the +// key. An error is returned if the key does not exist. +func FindPolicyKey(description string) (keyringID, keyID int, err error) { keyringID, err = getKeyring() if err != nil { return } - description := service + descriptor keyID, err = unix.KeyctlSearch(keyringID, keyType, description, 0) log.Printf("unix.KeyctlSearch(%d, %s, %s) = %d, %v", keyringID, keyType, description, keyID, err) if err != nil { @@ -258,10 +257,9 @@ func FindPolicyKey(descriptor, service string) (keyringID, keyID int, err error) } // RemovePolicyKey tries to remove a policy key from the kernel keyring with the -// provided descriptor and service. An error is returned if the key does not -// exist. -func RemovePolicyKey(descriptor, service string) error { - keyringID, keyID, err := FindPolicyKey(descriptor, service) +// provided description. An error is returned if the key does not exist. +func RemovePolicyKey(description string) error { + keyringID, keyID, err := FindPolicyKey(description) if err != nil { return err } @@ -275,15 +273,11 @@ func RemovePolicyKey(descriptor, service string) error { } // InsertPolicyKey puts the provided policy key into the kernel keyring with the -// provided descriptor, provided service prefix, and type logon. The key and -// descriptor must have the appropriate lengths. -func InsertPolicyKey(key *Key, descriptor, service string) error { +// provided description, and type logon. The key must be a policy key. +func InsertPolicyKey(key *Key, description string) error { if err := util.CheckValidLength(metadata.PolicyKeyLen, key.Len()); err != nil { return errors.Wrap(err, "policy key") } - if err := util.CheckValidLength(metadata.DescriptorLen, len(descriptor)); err != nil { - return errors.Wrap(err, "descriptor") - } // Create our payload (containing an FscryptKey) payload, err := newBlankKey(int(unsafe.Sizeof(unix.FscryptKey{}))) @@ -304,7 +298,6 @@ func InsertPolicyKey(key *Key, descriptor, service string) error { return err } - description := service + descriptor keyID, err := unix.AddKey(keyType, description, payload.data, keyringID) log.Printf("unix.AddKey(%s, %s, <payload>, %d) = %d, %v", keyType, description, keyringID, keyID, err) |