add_key - 新增到核心的金鑰管理機制一個鍵
|
#include <keyutils.h> key_serial_t add_key(const char *type, const char *description, const void *payload, size_t plen, key_serial_t keyring); |
add_key() 要求核心給定型別和描述來建立或更新一個鍵,它的有效載荷plen 長度範例,將它安裝到提名 keyringand,返回其序列號。
金鑰型別可能會拒絕該資料,如果它是在錯誤的格式或以其他方式無效。
如果目標的鑰匙圈已經包含匹配指定型別和描述,然後,如果金鑰型別支援一個鍵,該鍵將被更新,而不是建立一個新的金鑰,如果沒有,將建立一個新的金鑰,它將取代連結到現存的核心,從鑰匙圈。
目的地鑰匙圈序號可能是一個有效的鑰匙圈,主呼叫寫入許可權,或者它可以是一個特殊的金鑰環ID:
| 標籤 | 描述 |
|---|---|
| KEY_SPEC_THREAD_KEYRING | This specifies the caller’s thread-specific keyring. |
| KEY_SPEC_PROCESS_KEYRING | This specifies the caller’s process-specific keyring. |
| KEY_SPEC_SESSION_KEYRING | This specifies the caller’s session-specific keyring. |
| KEY_SPEC_USER_KEYRING | This specifies the caller’s UID-specific keyring. |
| KEY_SPEC_USER_SESSION_KEYRING | This specifies the caller’s UID-session keyring. |
有很多可供選擇的核心金鑰管理程式碼的金鑰型別,而這些可以被指定為這個函式:
| 標籤 | 描述 |
|---|---|
| “user” | Keys of the user-defined key type may contain a blob of arbitrary data, and thedescription may be any valid string, though it is preferred that the description be prefixed with a string representing the service to which the key is of interest and a colon (for instance “afs:mykey”). The payload may be empty or NULL for keys of this type. |
| “keyring” | Keyrings are special key types that may contain links to sequences of other keys of any type. If this interface is used to create a keyring, then a NULL payload should be specified, andplen should be zero. |
成功 add_key() 返回序列號金鑰,它建立或更新。錯誤將返回值-1並且errno將被設定為一個適當的錯誤。
| 標籤 | 描述 |
|---|---|
| ENOKEY | The keyring doesn’t exist. |
| EKEYEXPIRED | The keyring has expired. |
| EKEYREVOKED | The keyring has been revoked. |
| EINVAL | The payload data was invalid. |
| ENOMEM | Insufficient memory to create a key. |
| EDQUOT | The key quota for this user would be exceeded by creating this key or linking it to the keyring. |
| EACCES | The keyring wasn’t available for modification by the user. |
雖然這是一個Linux系統呼叫,它是在libc中不存在,但可以發現合適的 libkey 工具。連結時,lkey 工具應指定給連結器。