From 7103dff0e598cd634767f17a2958302c515700ca Mon Sep 17 00:00:00 2001 From: Roberto Sassu Date: Mon, 27 Jun 2011 13:45:41 +0200 Subject: encrypted-keys: added additional debug messages Some debug messages have been added in the function datablob_parse() in order to better identify errors returned when dealing with 'encrypted' keys. Changelog from version v4: - made the debug messages more understandable Signed-off-by: Roberto Sassu Acked-by: Gianluca Ramunno Signed-off-by: Mimi Zohar --- security/keys/encrypted.c | 45 ++++++++++++++++++++++++++++++++++----------- 1 file changed, 34 insertions(+), 11 deletions(-) (limited to 'security') diff --git a/security/keys/encrypted.c b/security/keys/encrypted.c index 3ff2f72dad94..f36a105de791 100644 --- a/security/keys/encrypted.c +++ b/security/keys/encrypted.c @@ -133,46 +133,69 @@ static int datablob_parse(char *datablob, char **master_desc, substring_t args[MAX_OPT_ARGS]; int ret = -EINVAL; int key_cmd; - char *p; + char *keyword; - p = strsep(&datablob, " \t"); - if (!p) + keyword = strsep(&datablob, " \t"); + if (!keyword) { + pr_info("encrypted_key: insufficient parameters specified\n"); return ret; - key_cmd = match_token(p, key_tokens, args); + } + key_cmd = match_token(keyword, key_tokens, args); *master_desc = strsep(&datablob, " \t"); - if (!*master_desc) + if (!*master_desc) { + pr_info("encrypted_key: master key parameter is missing\n"); goto out; + } - if (valid_master_desc(*master_desc, NULL) < 0) + if (valid_master_desc(*master_desc, NULL) < 0) { + pr_info("encrypted_key: master key parameter \'%s\' " + "is invalid\n", *master_desc); goto out; + } if (decrypted_datalen) { *decrypted_datalen = strsep(&datablob, " \t"); - if (!*decrypted_datalen) + if (!*decrypted_datalen) { + pr_info("encrypted_key: keylen parameter is missing\n"); goto out; + } } switch (key_cmd) { case Opt_new: - if (!decrypted_datalen) + if (!decrypted_datalen) { + pr_info("encrypted_key: keyword \'%s\' not allowed " + "when called from .update method\n", keyword); break; + } ret = 0; break; case Opt_load: - if (!decrypted_datalen) + if (!decrypted_datalen) { + pr_info("encrypted_key: keyword \'%s\' not allowed " + "when called from .update method\n", keyword); break; + } *hex_encoded_iv = strsep(&datablob, " \t"); - if (!*hex_encoded_iv) + if (!*hex_encoded_iv) { + pr_info("encrypted_key: hex blob is missing\n"); break; + } ret = 0; break; case Opt_update: - if (decrypted_datalen) + if (decrypted_datalen) { + pr_info("encrypted_key: keyword \'%s\' not allowed " + "when called from .instantiate method\n", + keyword); break; + } ret = 0; break; case Opt_err: + pr_info("encrypted_key: keyword \'%s\' not recognized\n", + keyword); break; } out: -- cgit v1.2.3