1245 if (unlikely(ecryptfs_verbosity > 0)) {
1246 ecryptfs_printk(KERN_DEBUG,
1247 "Considering cadidate auth tok:\n");
1248 ecryptfs_dump_auth_tok(candidate_auth_tok);
1249 }
1250 rc = ecryptfs_get_auth_tok_sig(&candidate_auth_tok_sig,
1251 candidate_auth_tok);
1252 if (rc) {
1253 printk(KERN_ERR
1254 "Unrecognized candidate auth tok type: [%d]\n",
1255 candidate_auth_tok->token_type);
1256 rc = -EINVAL;
1257 goto out_wipe_list;
1258 }
1259 ecryptfs_find_auth_tok_for_sig(&matching_auth_tok, crypt_stat,
1260 candidate_auth_tok_sig);
1261 if (matching_auth_tok) {
1262 found_auth_tok = 1;
1263 goto found_matching_auth_tok;
1264 }
1265 }
1266 if (!found_auth_tok) {
1267 ecryptfs_printk(KERN_ERR, "Could not find a usable "
1268 "authentication token\n");
1269 rc = -EIO;
1270 goto out_wipe_list;
1271 }
1272found_matching_auth_tok:
1273 if (candidate_auth_tok->token_type == ECRYPTFS_PRIVATE_KEY) {
1274 memcpy(&(candidate_auth_tok->token.private_key),
1275 &(matching_auth_tok->token.private_key),
1276 sizeof(struct ecryptfs_private_key));
1277 rc = decrypt_pki_encrypted_session_key(candidate_auth_tok,
1278 crypt_stat);
1279 } else if (candidate_auth_tok->token_type == ECRYPTFS_PASSWORD) {
1280 memcpy(&(candidate_auth_tok->token.password),
1281 &(matching_auth_tok->token.password),
1282 sizeof(struct ecryptfs_password));
1283 rc = decrypt_passphrase_encrypted_session_key(
1284 candidate_auth_tok, crypt_stat);
1285 }