encrypted-keys: add ecryptfs format support
authorRoberto Sassu <roberto.sassu@polito.it>
Mon, 27 Jun 2011 11:45:44 +0000 (13:45 +0200)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Mon, 27 Jun 2011 13:11:17 +0000 (09:11 -0400)
commit79a73d188726b473ca3bf483244bc96096831905
tree787ba050c91981cae2524b1e95e415424b067e64
parentf8f8527103a264b5e4ab2ce5c1743b28f3219d90
encrypted-keys: add ecryptfs format support

The 'encrypted' key type defines its own payload format which contains a
symmetric key randomly generated that cannot be used directly to mount
an eCryptfs filesystem, because it expects an authentication token
structure.

This patch introduces the new format 'ecryptfs' that allows to store an
authentication token structure inside the encrypted key payload containing
a randomly generated symmetric key, as the same for the format 'default'.

More details about the usage of encrypted keys with the eCryptfs
filesystem can be found in the file 'Documentation/keys-ecryptfs.txt'.

Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
Acked-by: Tyler Hicks <tyhicks@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Documentation/keys-ecryptfs.txt [new file with mode: 0644]
Documentation/security/keys-trusted-encrypted.txt
security/keys/Makefile
security/keys/ecryptfs_format.c [new file with mode: 0644]
security/keys/ecryptfs_format.h [new file with mode: 0644]
security/keys/encrypted.c