Loading libkeyutils/mini_keyctl.cpp +20 −0 Original line number Diff line number Diff line Loading @@ -20,8 +20,11 @@ #include "mini_keyctl_utils.h" #include <stdio.h> #include <unistd.h> #include <android-base/parseint.h> static void Usage(int exit_code) { fprintf(stderr, "usage: mini-keyctl <action> [args,]\n"); fprintf(stderr, " mini-keyctl add <type> <desc> <data> <keyring>\n"); Loading @@ -29,6 +32,7 @@ static void Usage(int exit_code) { fprintf(stderr, " mini-keyctl dadd <type> <desc_prefix> <cert_dir> <keyring>\n"); fprintf(stderr, " mini-keyctl unlink <key> <keyring>\n"); fprintf(stderr, " mini-keyctl restrict_keyring <keyring>\n"); fprintf(stderr, " mini-keyctl security <key>\n"); _exit(exit_code); } Loading Loading @@ -66,7 +70,23 @@ int main(int argc, const char** argv) { key_serial_t key = std::stoi(argv[2], nullptr, 16); const std::string keyring = argv[3]; return Unlink(key, keyring); } else if (action == "security") { if (argc != 3) Usage(1); const char* key_str = argv[2]; key_serial_t key; if (!android::base::ParseInt(key_str, &key)) { fprintf(stderr, "Unparsable key: '%s'\n", key_str); return 1; } std::string context = RetrieveSecurityContext(key); if (context.empty()) { perror(key_str); return 1; } fprintf(stderr, "%s\n", context.c_str()); return 0; } else { fprintf(stderr, "Unrecognized action: %s\n", action.c_str()); Usage(1); } Loading libkeyutils/mini_keyctl_utils.cpp +18 −0 Original line number Diff line number Diff line Loading @@ -210,3 +210,21 @@ int RestrictKeyring(const std::string& keyring) { } return 0; } std::string RetrieveSecurityContext(key_serial_t key) { // Simply assume this size is enough in practice. const int kMaxSupportedSize = 256; std::string context; context.resize(kMaxSupportedSize); long retval = keyctl_get_security(key, context.data(), kMaxSupportedSize); if (retval < 0) { PLOG(ERROR) << "Cannot get security context of key 0x" << std::hex << key; return std::string(); } if (retval > kMaxSupportedSize) { LOG(ERROR) << "The key has unexpectedly long security context than " << kMaxSupportedSize; return std::string(); } context.resize(retval); return context; } libkeyutils/mini_keyctl_utils.h +3 −0 Original line number Diff line number Diff line Loading @@ -46,3 +46,6 @@ int RestrictKeyring(const std::string& keyring); // information in the descritption section depending on the key type, only the first word in the // keyring description is used for searching. bool GetKeyringId(const std::string& keyring_desc, key_serial_t* keyring_id); // Retrieves a key's security context. Return the context string, or empty string on error. std::string RetrieveSecurityContext(key_serial_t key); Loading
libkeyutils/mini_keyctl.cpp +20 −0 Original line number Diff line number Diff line Loading @@ -20,8 +20,11 @@ #include "mini_keyctl_utils.h" #include <stdio.h> #include <unistd.h> #include <android-base/parseint.h> static void Usage(int exit_code) { fprintf(stderr, "usage: mini-keyctl <action> [args,]\n"); fprintf(stderr, " mini-keyctl add <type> <desc> <data> <keyring>\n"); Loading @@ -29,6 +32,7 @@ static void Usage(int exit_code) { fprintf(stderr, " mini-keyctl dadd <type> <desc_prefix> <cert_dir> <keyring>\n"); fprintf(stderr, " mini-keyctl unlink <key> <keyring>\n"); fprintf(stderr, " mini-keyctl restrict_keyring <keyring>\n"); fprintf(stderr, " mini-keyctl security <key>\n"); _exit(exit_code); } Loading Loading @@ -66,7 +70,23 @@ int main(int argc, const char** argv) { key_serial_t key = std::stoi(argv[2], nullptr, 16); const std::string keyring = argv[3]; return Unlink(key, keyring); } else if (action == "security") { if (argc != 3) Usage(1); const char* key_str = argv[2]; key_serial_t key; if (!android::base::ParseInt(key_str, &key)) { fprintf(stderr, "Unparsable key: '%s'\n", key_str); return 1; } std::string context = RetrieveSecurityContext(key); if (context.empty()) { perror(key_str); return 1; } fprintf(stderr, "%s\n", context.c_str()); return 0; } else { fprintf(stderr, "Unrecognized action: %s\n", action.c_str()); Usage(1); } Loading
libkeyutils/mini_keyctl_utils.cpp +18 −0 Original line number Diff line number Diff line Loading @@ -210,3 +210,21 @@ int RestrictKeyring(const std::string& keyring) { } return 0; } std::string RetrieveSecurityContext(key_serial_t key) { // Simply assume this size is enough in practice. const int kMaxSupportedSize = 256; std::string context; context.resize(kMaxSupportedSize); long retval = keyctl_get_security(key, context.data(), kMaxSupportedSize); if (retval < 0) { PLOG(ERROR) << "Cannot get security context of key 0x" << std::hex << key; return std::string(); } if (retval > kMaxSupportedSize) { LOG(ERROR) << "The key has unexpectedly long security context than " << kMaxSupportedSize; return std::string(); } context.resize(retval); return context; }
libkeyutils/mini_keyctl_utils.h +3 −0 Original line number Diff line number Diff line Loading @@ -46,3 +46,6 @@ int RestrictKeyring(const std::string& keyring); // information in the descritption section depending on the key type, only the first word in the // keyring description is used for searching. bool GetKeyringId(const std::string& keyring_desc, key_serial_t* keyring_id); // Retrieves a key's security context. Return the context string, or empty string on error. std::string RetrieveSecurityContext(key_serial_t key);
