tequilaOS/platform_system_core
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
51790 commits 1 branch 0 tags 215 MiB
Commit graph

5 commits

Author SHA1 Message Date
Victor Hsieh
59183120c2 Initialize fs-verity keys in shell script 
This gives us two benefits:
  - Better compatibility to keyctl(1), which doesn't have "dadd"
  - Pave the way to specify key's security labels, since keyctl(1)
    doesn't support, and we want to avoid adding incompatible option.

Test: See keys loaded in /proc/keys
Bug: 128607724
Change-Id: Ia45f6e9dea80d037c0820cf1fd2bc9d7c8bb6302
 2019-03-22 09:18:00 -07:00
Victor Hsieh
0fb290bb8a mini-keyctl: use ParseInt to parse keys 
- Valid ID format examples: 0x90a, 123
 - ID like 90a will not work now.

Bug: None
Test: mini-keyctl unlink 0x11d25c86 0x2873c96d

Change-Id: I057bce0a49a60f475d54b23e28dc18db25124466
 2019-03-18 13:57:05 -07:00
Victor Hsieh
327037f063 mini-keyctl: support printing security label 
Test: mini-keyctl security <key_id>
Bug: 128607724
Change-Id: If92b41d0aa96d626933546391b964ca2a8a48703
 2019-03-15 16:01:01 -07:00
Xiaoyong Zhou
b29b27ec7f Change mini-keyctl command format. 
This CL change the mini-keyctl tool to make it compitable with libkeyctl
tool to make it more useful.

Bug: 112038861
Test: mini-keyctl padd asymmetric 'desc' .fs-verity < /path/to/cert.der
Test: mini-keyctl unlink <key_id> <keyring_id>
Test: mini-keyctl restrict_keyring <keyring_id>

Change-Id: I950f07c7718f173823ce5a5cd08e0d1a0e23a007
 2019-03-08 09:59:42 -08:00
Xiaoyong Zhou
4a5c352e6d Add a tool to add keys to keyring. 
This CL adds a binary to load keys to a keyring.

Bug: 112038861
Test: mini-keyctl -k .fsverity -c PATH_CONTAINER_CERTS
Test: cat /proc/keys and find the newly added keys
Change-Id: Iead68618ea194e9412616c5c6cff885e3cf78520
 2019-01-30 13:08:31 -08:00