本文整理汇总了C++中request_key函数的典型用法代码示例。如果您正苦于以下问题:C++ request_key函数的具体用法?C++ request_key怎么用?C++ request_key使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了request_key函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: request_key
int32_t SSPPushRowRequestOpLogMgr::InformReply(int32_t table_id, int32_t row_id,
int32_t clock, uint32_t curr_version, std::vector<int32_t> *app_thread_ids) {
(*app_thread_ids).clear();
std::pair<int32_t, int32_t> request_key(table_id, row_id);
std::list<RowRequestInfo> &request_list = pending_row_requests_[request_key];
int32_t clock_to_request = -1;
while (!request_list.empty()) {
RowRequestInfo &request = request_list.front();
if (request.clock <= clock) {
// remove the request
app_thread_ids->push_back(request.app_thread_id);
request_list.pop_front();
} else {
if (!request.sent) {
clock_to_request = request.clock;
request.sent = true;
}
break;
}
}
// if there's no request in that list, I can remove the empty list
if (request_list.empty())
pending_row_requests_.erase(request_key);
return clock_to_request;
}示例2: _RequestPass
char * _RequestPass(/*@[email protected]*/ const char * prompt)
{
/*@[email protected]*/ /*@[email protected]*/
static char * password = NULL;
#if defined(HAVE_KEYUTILS_H)
const char * foo = "user rpm:yyyy spoon";
ARGV_t av = NULL;
int xx = argvSplit(&av, foo, NULL);
key_serial_t dest = 0;
key_serial_t key = 0;
if (password != NULL) {
free(password);
password = NULL;
}
assert(av != NULL);
assert(av[0] != NULL);
assert(av[1] != NULL);
assert(av[2] != NULL);
key = request_key(av[0], av[1], av[2], dest);
av = argvFree(av);
/*@[email protected]*/ /* XXX *password may be null. */
xx = keyctl_read_alloc(key, (void **)&password);
/*@[email protected]*/
if (password == NULL)
password = (char *) "";
#endif /* HAVE_KEYUTILS_H */
/*@[email protected]*/
return password;
/*@[email protected]*/
}示例3: validate_user_key
static int validate_user_key(struct fscrypt_info *crypt_info,
struct fscrypt_context *ctx, u8 *raw_key,
u8 *prefix, int prefix_size)
{
u8 *full_key_descriptor;
struct key *keyring_key;
struct fscrypt_key *master_key;
const struct user_key_payload *ukp;
int full_key_len = prefix_size + (FS_KEY_DESCRIPTOR_SIZE * 2) + 1;
int res;
full_key_descriptor = kmalloc(full_key_len, GFP_NOFS);
if (!full_key_descriptor)
return -ENOMEM;
memcpy(full_key_descriptor, prefix, prefix_size);
sprintf(full_key_descriptor + prefix_size,
"%*phN", FS_KEY_DESCRIPTOR_SIZE,
ctx->master_key_descriptor);
full_key_descriptor[full_key_len - 1] = '\0';
keyring_key = request_key(&key_type_logon, full_key_descriptor, NULL);
kfree(full_key_descriptor);
if (IS_ERR(keyring_key))
return PTR_ERR(keyring_key);
if (keyring_key->type != &key_type_logon) {
printk_once(KERN_WARNING
"%s: key type must be logon\n", __func__);
res = -ENOKEY;
goto out;
}
down_read(&keyring_key->sem);
ukp = user_key_payload(keyring_key);
if (ukp->datalen != sizeof(struct fscrypt_key)) {
res = -EINVAL;
up_read(&keyring_key->sem);
goto out;
}
master_key = (struct fscrypt_key *)ukp->data;
BUILD_BUG_ON(FS_AES_128_ECB_KEY_SIZE != FS_KEY_DERIVATION_NONCE_SIZE);
if (master_key->size != FS_AES_256_XTS_KEY_SIZE) {
printk_once(KERN_WARNING
"%s: key size incorrect: %d\n",
__func__, master_key->size);
res = -ENOKEY;
up_read(&keyring_key->sem);
goto out;
}
res = derive_key_aes(ctx->nonce, master_key->raw, raw_key);
up_read(&keyring_key->sem);
if (res)
goto out;
crypt_info->ci_keyring_key = keyring_key;
return 0;
out:
key_put(keyring_key);
return res;
}示例4: integrity_digsig_verify
int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
const char *digest, int digestlen)
{
if (id >= INTEGRITY_KEYRING_MAX)
return -EINVAL;
if (!keyring[id]) {
keyring[id] =
request_key(&key_type_keyring, keyring_name[id], NULL);
if (IS_ERR(keyring[id])) {
int err = PTR_ERR(keyring[id]);
pr_err("no %s keyring: %d\n", keyring_name[id], err);
keyring[id] = NULL;
return err;
}
}
switch (sig[1]) {
case 1:
/* v1 API expect signature without xattr type */
return digsig_verify(keyring[id], sig + 1, siglen - 1,
digest, digestlen);
case 2:
return asymmetric_verify(keyring[id], sig, siglen,
digest, digestlen);
}
return -EOPNOTSUPP;
}示例5: id_to_sid
static int
id_to_sid(unsigned int cid, uint sidtype, struct cifs_sid *ssid)
{
int rc;
struct key *sidkey;
struct cifs_sid *ksid;
unsigned int ksid_size;
char desc[3 + 10 + 1]; /* 3 byte prefix + 10 bytes for value + NULL */
const struct cred *saved_cred;
rc = snprintf(desc, sizeof(desc), "%ci:%u",
sidtype == SIDOWNER ? 'o' : 'g', cid);
if (rc >= sizeof(desc))
return -EINVAL;
rc = 0;
saved_cred = override_creds(root_cred);
sidkey = request_key(&cifs_idmap_key_type, desc, "");
if (IS_ERR(sidkey)) {
rc = -EINVAL;
cifs_dbg(FYI, "%s: Can't map %cid %u to a SID\n",
__func__, sidtype == SIDOWNER ? 'u' : 'g', cid);
goto out_revert_creds;
} else if (sidkey->datalen < CIFS_SID_BASE_SIZE) {
rc = -EIO;
cifs_dbg(FYI, "%s: Downcall contained malformed key (datalen=%hu)\n",
__func__, sidkey->datalen);
goto invalidate_key;
}
/*
* A sid is usually too large to be embedded in payload.value, but if
* there are no subauthorities and the host has 8-byte pointers, then
* it could be.
*/
ksid = sidkey->datalen <= sizeof(sidkey->payload) ?
(struct cifs_sid *)&sidkey->payload :
(struct cifs_sid *)sidkey->payload.data[0];
ksid_size = CIFS_SID_BASE_SIZE + (ksid->num_subauth * sizeof(__le32));
if (ksid_size > sidkey->datalen) {
rc = -EIO;
cifs_dbg(FYI, "%s: Downcall contained malformed key (datalen=%hu, ksid_size=%u)\n",
__func__, sidkey->datalen, ksid_size);
goto invalidate_key;
}
cifs_copy_sid(ssid, ksid);
out_key_put:
key_put(sidkey);
out_revert_creds:
revert_creds(saved_cred);
return rc;
invalidate_key:
key_invalidate(sidkey);
goto out_key_put;
}示例6: validate_user_key
static int validate_user_key(struct fscrypt_info *crypt_info,
struct fscrypt_context *ctx, u8 *raw_key,
const char *prefix, int min_keysize)
{
char *description;
struct key *keyring_key;
struct fscrypt_key *master_key;
const struct user_key_payload *ukp;
int res;
description = kasprintf(GFP_NOFS, "%s%*phN", prefix,
FS_KEY_DESCRIPTOR_SIZE,
ctx->master_key_descriptor);
if (!description)
return -ENOMEM;
keyring_key = request_key(&key_type_logon, description, NULL);
kfree(description);
if (IS_ERR(keyring_key))
return PTR_ERR(keyring_key);
down_read(&keyring_key->sem);
if (keyring_key->type != &key_type_logon) {
printk_once(KERN_WARNING
"%s: key type must be logon\n", __func__);
res = -ENOKEY;
goto out;
}
ukp = user_key_payload_locked(keyring_key);
if (!ukp) {
/* key was revoked before we acquired its semaphore */
res = -EKEYREVOKED;
goto out;
}
if (ukp->datalen != sizeof(struct fscrypt_key)) {
res = -EINVAL;
goto out;
}
master_key = (struct fscrypt_key *)ukp->data;
BUILD_BUG_ON(FS_AES_128_ECB_KEY_SIZE != FS_KEY_DERIVATION_NONCE_SIZE);
if (master_key->size < min_keysize || master_key->size > FS_MAX_KEY_SIZE
|| master_key->size % AES_BLOCK_SIZE != 0) {
printk_once(KERN_WARNING
"%s: key size incorrect: %d\n",
__func__, master_key->size);
res = -ENOKEY;
goto out;
}
res = derive_key_aes(ctx->nonce, master_key, raw_key);
out:
up_read(&keyring_key->sem);
key_put(keyring_key);
return res;
}示例7: sprintf
/*
* Request an asymmetric key.
*/
static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
{
struct key *key;
char name[12];
sprintf(name, "id:%08x", keyid);
pr_debug("key search: \"%s\"\n", name);
key = get_ima_blacklist_keyring();
if (key) {
key_ref_t kref;
kref = keyring_search(make_key_ref(key, 1),
&key_type_asymmetric, name);
if (!IS_ERR(kref)) {
pr_err("Key '%s' is in ima_blacklist_keyring\n", name);
return ERR_PTR(-EKEYREJECTED);
}
}
if (keyring) {
/* search in specific keyring */
key_ref_t kref;
kref = keyring_search(make_key_ref(keyring, 1),
&key_type_asymmetric, name);
if (IS_ERR(kref))
key = ERR_CAST(kref);
else
key = key_ref_to_ptr(kref);
} else {
key = request_key(&key_type_asymmetric, name, NULL);
}
if (IS_ERR(key)) {
pr_err_ratelimited("Request for unknown key '%s' err %ld\n",
name, PTR_ERR(key));
switch (PTR_ERR(key)) {
/* Hide some search errors */
case -EACCES:
case -ENOTDIR:
case -EAGAIN:
return ERR_PTR(-ENOKEY);
default:
return key;
}
}
pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key));
return key;
}示例8: nfs_idmap_request_key
static ssize_t nfs_idmap_request_key(struct key_type *key_type,
const char *name, size_t namelen,
const char *type, void *data,
size_t data_size, struct idmap *idmap)
{
const struct cred *saved_cred;
struct key *rkey;
char *desc;
struct user_key_payload *payload;
ssize_t ret;
ret = nfs_idmap_get_desc(name, namelen, type, strlen(type), &desc);
if (ret <= 0)
goto out;
saved_cred = override_creds(id_resolver_cache);
if (idmap)
rkey = request_key_with_auxdata(key_type, desc, "", 0, idmap);
else
rkey = request_key(&key_type_id_resolver, desc, "");
revert_creds(saved_cred);
kfree(desc);
if (IS_ERR(rkey)) {
ret = PTR_ERR(rkey);
goto out;
}
rcu_read_lock();
rkey->perm |= KEY_USR_VIEW;
ret = key_validate(rkey);
if (ret < 0)
goto out_up;
payload = rcu_dereference(rkey->payload.data);
if (IS_ERR_OR_NULL(payload)) {
ret = PTR_ERR(payload);
goto out_up;
}
ret = payload->datalen;
if (ret > 0 && ret <= data_size)
memcpy(data, payload->data, ret);
else
ret = -EINVAL;
out_up:
rcu_read_unlock();
key_put(rkey);
out:
return ret;
}示例9: QVERIFY
void KSecretServiceTest::setupKeyring()
{
const char* KSS_TEST_USER = "USER";
QVERIFY(qEnvironmentVariableIsSet(KSS_TEST_USER));
QVERIFY(!qEnvironmentVariableIsEmpty(KSS_TEST_USER));
auto testUser = qgetenv(KSS_TEST_USER);
const char* KSS_TEST_PASSWORD = "KSS_TEST_PASSWORD";
QVERIFY(qEnvironmentVariableIsSet(KSS_TEST_PASSWORD));
QVERIFY(!qEnvironmentVariableIsEmpty(KSS_TEST_PASSWORD));
auto testPass = qgetenv(KSS_TEST_PASSWORD);
const char* KEYNAME_ENCRYPTING = "ksecrets-test:encrypting";
const char* KEYNAME_MAC = "ksecrets-test:mac";
/* second prevention measure - change keyring keynames */
sharedConfig->group(QLatin1String("keyring"))
.writeEntry("keyname_encrypt", KEYNAME_ENCRYPTING);
sharedConfig->group(QLatin1String("keyring"))
.writeEntry("keyname_mac", KEYNAME_MAC);
/* third prevention measure - the encrypting key should not be present
* into the kernel keyring */
key_serial_t key;
key = request_key("user", KEYNAME_ENCRYPTING, 0, KEY_SPEC_SESSION_KEYRING);
QVERIFY(-1 == key);
/* now go setup user's keyring */
QVERIFY(1 == kss_set_credentials(testUser.constData(), testPass.constData(), secretsFilePath.toLocal8Bit().constData()));
// the right keys should be present into the kernel keyring
key = request_key("user", KEYNAME_ENCRYPTING, 0, KEY_SPEC_SESSION_KEYRING);
QVERIFY(-1 != key);
key = request_key("user", KEYNAME_MAC, 0, KEY_SPEC_SESSION_KEYRING);
QVERIFY(-1 != key);
}示例10: do_test
static void do_test(void)
{
key_serial_t key;
key = add_key("user", "ltptestkey", "a", 1, KEY_SPEC_SESSION_KEYRING);
if (key == -1)
tst_brk(TBROK, "Failed to add key");
request_key("keyring", "foo", "bar", KEY_SPEC_THREAD_KEYRING);
TEST(keyctl(KEYCTL_UNLINK, key, KEY_SPEC_SESSION_KEYRING));
if (TEST_RETURN)
tst_res(TFAIL | TTERRNO, "keyctl unlink failed");
else
tst_res(TPASS, "Bug not reproduced");
}示例11: request_key
/*
* request_user_key - request the user key
*
* Use a user provided key to encrypt/decrypt an encrypted-key.
*/
static struct key *request_user_key(const char *master_desc, const u8 **master_key,
size_t *master_keylen)
{
const struct user_key_payload *upayload;
struct key *ukey;
ukey = request_key(&key_type_user, master_desc, NULL);
if (IS_ERR(ukey))
goto error;
down_read(&ukey->sem);
upayload = user_key_payload(ukey);
*master_key = upayload->data;
*master_keylen = upayload->datalen;
error:
return ukey;
}示例12: request_key
struct key *request_trusted_key(const char *trusted_desc,
u8 **master_key, size_t *master_keylen)
{
struct trusted_key_payload *tpayload;
struct key *tkey;
tkey = request_key(&key_type_trusted, trusted_desc, NULL);
if (IS_ERR(tkey))
goto error;
down_read(&tkey->sem);
tpayload = tkey->payload.data;
*master_key = tpayload->key;
*master_keylen = tpayload->key_len;
error:
return tkey;
}示例13: verify_request_key
static void verify_request_key(unsigned int n)
{
struct test_case *tc = tcases + n;
TEST(request_key("keyring", tc->des, NULL, *tc->id));
if (TST_RET != -1) {
tst_res(TFAIL, "request_key() succeed unexpectly");
return;
}
if (TST_ERR == tc->exp_err) {
tst_res(TPASS | TTERRNO, "request_key() failed expectly");
return;
}
tst_res(TFAIL | TTERRNO, "request_key() failed unexpectly, "
"expected %s", tst_strerrno(tc->exp_err));
}示例14: get_secret
/* get secret from key store */
static int get_secret(struct ceph_crypto_key *dst, const char *name) {
struct key *ukey;
int key_err;
int err = 0;
struct ceph_crypto_key *ckey;
ukey = request_key(&key_type_ceph, name, NULL);
if (!ukey || IS_ERR(ukey)) {
/* request_key errors don't map nicely to mount(2)
errors; don't even try, but still printk */
key_err = PTR_ERR(ukey);
switch (key_err) {
case -ENOKEY:
pr_warn("ceph: Mount failed due to key not found: %s\n",
name);
break;
case -EKEYEXPIRED:
pr_warn("ceph: Mount failed due to expired key: %s\n",
name);
break;
case -EKEYREVOKED:
pr_warn("ceph: Mount failed due to revoked key: %s\n",
name);
break;
default:
pr_warn("ceph: Mount failed due to unknown key error %d: %s\n",
key_err, name);
}
err = -EPERM;
goto out;
}
ckey = ukey->payload.data[0];
err = ceph_crypto_key_clone(dst, ckey);
if (err)
goto out_key;
/* pass through, err is 0 */
out_key:
key_put(ukey);
out:
return err;
}示例15: getKey
char* getKey(char *login)
{
char buffer[255];
memset(buffer,0,sizeof(buffer));
int ret;
// ищем номер пользовательского ключа
ret = request_key("user", login, NULL, 0);
if (ret < 0)
{
return "";
};
// Возвращаем значение ключа
ret = keyctl_read(ret, buffer, sizeof(buffer));
if (ret < 0)
{
return "";
};
return buffer;
};