From 53d15f466a665e4e564af3afdcbcfe9ff1c91331 Mon Sep 17 00:00:00 2001
From: Joe Richey <joerichey@google.com>
Date: Thu, 2 Mar 2017 11:47:07 -0800
Subject: crypto: insert key into keyring from go

This commit adds in the ability to insert Keys into the kernel keyring
from go code. This is done via a patched version of x/sys/unix. We
also expose the specific requirements for keys that will be placed in
the keyring, namely PolicyKeyLen. The legacy services are also exposed.

Change-Id: I177928c9aa676cae13b749042b9a3996e7490f68
---
 metadata/policy.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'metadata/policy.go')

diff --git a/metadata/policy.go b/metadata/policy.go
index ae8b869..8c67f52 100644
--- a/metadata/policy.go
+++ b/metadata/policy.go
@@ -120,12 +120,13 @@ func GetPolicy(path string) (*PolicyData, error) {
 // policy. Returns an error if we cannot set the policy for any reason (not a
 // directory, invalid options or KeyDescriptor, etc).
 func SetPolicy(path string, data *PolicyData) error {
-	// Convert the padding value to a flag and the policyID to a byte array
+	// Convert the padding value to a flag
 	paddingFlag, ok := util.Lookup(data.Options.Padding, paddingArray, flagsArray)
 	if !ok {
 		return util.InvalidInputF("padding of %d", data.Options.Padding)
 	}
 
+	// Convert the policyDescriptor to a byte array
 	if len(data.KeyDescriptor) != DescriptorLen {
 		return util.InvalidLengthError("policy descriptor", DescriptorLen, len(data.KeyDescriptor))
 	}
-- 
cgit v1.2.3