"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "lib/luks2/luks2.h" between
cryptsetup-2.3.6.tar.xz and cryptsetup-2.4.0.tar.xz

About: cryptsetup is a utility used to conveniently setup disk encryption based on the dm-crypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format.

luks2.h  (cryptsetup-2.3.6.tar.xz):luks2.h  (cryptsetup-2.4.0.tar.xz)
skipping to change at line 47 skipping to change at line 47
#define LUKS2_CHECKSUM_ALG_L 32 #define LUKS2_CHECKSUM_ALG_L 32
#define LUKS2_CHECKSUM_L 64 #define LUKS2_CHECKSUM_L 64
#define LUKS2_KEYSLOTS_MAX 32 #define LUKS2_KEYSLOTS_MAX 32
#define LUKS2_TOKENS_MAX 32 #define LUKS2_TOKENS_MAX 32
#define LUKS2_SEGMENT_MAX 32 #define LUKS2_SEGMENT_MAX 32
#define LUKS2_BUILTIN_TOKEN_PREFIX "luks2-" #define LUKS2_BUILTIN_TOKEN_PREFIX "luks2-"
#define LUKS2_BUILTIN_TOKEN_PREFIX_LEN 6 #define LUKS2_BUILTIN_TOKEN_PREFIX_LEN 6
#define LUKS2_TOKEN_NAME_MAX 64
#define LUKS2_TOKEN_KEYRING LUKS2_BUILTIN_TOKEN_PREFIX "keyring" #define LUKS2_TOKEN_KEYRING LUKS2_BUILTIN_TOKEN_PREFIX "keyring"
#define LUKS2_DIGEST_MAX 8 #define LUKS2_DIGEST_MAX 8
#define CRYPT_ANY_SEGMENT -1 #define CRYPT_ANY_SEGMENT -1
#define CRYPT_DEFAULT_SEGMENT -2 #define CRYPT_DEFAULT_SEGMENT -2
#define CRYPT_ONE_SEGMENT -3 #define CRYPT_ONE_SEGMENT -3
#define CRYPT_ANY_DIGEST -1 #define CRYPT_ANY_DIGEST -1
/* 20 MiBs */ /* 20 MiBs */
#define LUKS2_DEFAULT_NONE_REENCRYPTION_LENGTH 0x1400000 #define LUKS2_DEFAULT_NONE_REENCRYPTION_LENGTH 0x1400000
/* 1 GiB */ /* 1 GiB */
#define LUKS2_REENCRYPT_MAX_HOTZONE_LENGTH 0x40000000 #define LUKS2_REENCRYPT_MAX_HOTZONE_LENGTH 0x40000000
struct device; struct device;
struct luks2_reencrypt;
struct crypt_lock_handle;
struct crypt_dm_active_device;
struct luks_phdr; /* LUKS1 for conversion */
/* /*
* LUKS2 header on-disk. * LUKS2 header on-disk.
* *
* Binary header is followed by JSON area. * Binary header is followed by JSON area.
* JSON area is followed by keyslot area and data area, * JSON area is followed by keyslot area and data area,
* these are described in JSON metadata. * these are described in JSON metadata.
* *
* Note: uuid, csum_alg are intentionally on the same offset as LUKS1 * Note: uuid, csum_alg are intentionally on the same offset as LUKS1
* (checksum alg replaces hash in LUKS1) * (checksum alg replaces hash in LUKS1)
skipping to change at line 99 skipping to change at line 105
uint64_t hdr_offset; /* offset from device start in bytes */ uint64_t hdr_offset; /* offset from device start in bytes */
char _padding[184]; char _padding[184];
uint8_t csum[LUKS2_CHECKSUM_L]; uint8_t csum[LUKS2_CHECKSUM_L];
char _padding4096[7*512]; char _padding4096[7*512];
/* JSON area starts here */ /* JSON area starts here */
} __attribute__ ((packed)); } __attribute__ ((packed));
/* /*
* LUKS2 header in-memory. * LUKS2 header in-memory.
*/ */
typedef struct json_object json_object;
struct luks2_hdr { struct luks2_hdr {
size_t hdr_size; size_t hdr_size;
uint64_t seqid; uint64_t seqid;
unsigned int version; unsigned int version;
char label[LUKS2_LABEL_L]; char label[LUKS2_LABEL_L];
char subsystem[LUKS2_LABEL_L]; char subsystem[LUKS2_LABEL_L];
char checksum_alg[LUKS2_CHECKSUM_ALG_L]; char checksum_alg[LUKS2_CHECKSUM_ALG_L];
uint8_t salt1[LUKS2_SALT_L]; uint8_t salt1[LUKS2_SALT_L];
uint8_t salt2[LUKS2_SALT_L]; uint8_t salt2[LUKS2_SALT_L];
char uuid[LUKS2_UUID_L]; char uuid[LUKS2_UUID_L];
json_object *jobj; void *jobj;
}; };
struct luks2_keyslot_params { struct luks2_keyslot_params {
enum { LUKS2_KEYSLOT_AF_LUKS1 = 0 } af_type; enum { LUKS2_KEYSLOT_AF_LUKS1 = 0 } af_type;
enum { LUKS2_KEYSLOT_AREA_RAW = 0 } area_type; enum { LUKS2_KEYSLOT_AREA_RAW = 0 } area_type;
union { union {
struct { struct {
char hash[LUKS2_CHECKSUM_ALG_L]; // or include luks.h char hash[LUKS2_CHECKSUM_ALG_L]; // or include luks.h
unsigned int stripes; unsigned int stripes;
skipping to change at line 132 skipping to change at line 137
} af; } af;
union { union {
struct { struct {
char encryption[65]; // or include utils_crypt.h char encryption[65]; // or include utils_crypt.h
size_t key_size; size_t key_size;
} raw; } raw;
} area; } area;
}; };
struct reenc_protection {
enum { REENC_PROTECTION_NONE = 0, /* none should be 0 always */
REENC_PROTECTION_CHECKSUM,
REENC_PROTECTION_JOURNAL,
REENC_PROTECTION_DATASHIFT } type;
union {
struct {
} none;
struct {
char hash[LUKS2_CHECKSUM_ALG_L]; // or include luks.h
struct crypt_hash *ch;
size_t hash_size;
/* buffer for checksums */
void *checksums;
size_t checksums_len;
} csum;
struct {
} ds;
} p;
};
struct luks2_reenc_context {
/* reencryption window attributes */
uint64_t offset;
uint64_t progress;
uint64_t length;
uint64_t data_shift;
size_t alignment;
uint64_t device_size;
bool online;
bool fixed_length;
crypt_reencrypt_direction_info direction;
crypt_reencrypt_mode_info mode;
char *device_name;
char *hotzone_name;
char *overlay_name;
uint32_t flags;
/* reencryption window persistence attributes */
struct reenc_protection rp;
int reenc_keyslot;
/* already running reencryption */
json_object *jobj_segs_hot;
json_object *jobj_segs_post;
/* backup segments */
json_object *jobj_segment_new;
int digest_new;
json_object *jobj_segment_old;
int digest_old;
json_object *jobj_segment_moved;
struct volume_key *vks;
void *reenc_buffer;
ssize_t read;
struct crypt_storage_wrapper *cw1;
struct crypt_storage_wrapper *cw2;
uint32_t wflags1;
uint32_t wflags2;
struct crypt_lock_handle *reenc_lock;
};
crypt_reencrypt_info LUKS2_reenc_status(struct luks2_hdr *hdr);
/* /*
* Supportable header sizes (hdr_disk + JSON area) * Supportable header sizes (hdr_disk + JSON area)
* Also used as offset for the 2nd header. * Also used as offset for the 2nd header.
*/ */
#define LUKS2_HDR_16K_LEN 0x4000 #define LUKS2_HDR_16K_LEN 0x4000
#define LUKS2_HDR_BIN_LEN sizeof(struct luks2_hdr_disk) #define LUKS2_HDR_BIN_LEN sizeof(struct luks2_hdr_disk)
//#define LUKS2_DEFAULT_HDR_SIZE 0x400000 /* 4 MiB */ //#define LUKS2_DEFAULT_HDR_SIZE 0x400000 /* 4 MiB */
#define LUKS2_DEFAULT_HDR_SIZE 0x1000000 /* 16 MiB */ #define LUKS2_DEFAULT_HDR_SIZE 0x1000000 /* 16 MiB */
skipping to change at line 225 skipping to change at line 159
#define LUKS2_HDR_OFFSET_MAX 0x400000 /* 4 MiB */ #define LUKS2_HDR_OFFSET_MAX 0x400000 /* 4 MiB */
/* Offsets for secondary header (for scan if primary header is corrupted). */ /* Offsets for secondary header (for scan if primary header is corrupted). */
#define LUKS2_HDR2_OFFSETS { 0x04000, 0x008000, 0x010000, 0x020000, \ #define LUKS2_HDR2_OFFSETS { 0x04000, 0x008000, 0x010000, 0x020000, \
0x40000, 0x080000, 0x100000, 0x200000, LUKS2_HDR_OF FSET_MAX } 0x40000, 0x080000, 0x100000, 0x200000, LUKS2_HDR_OF FSET_MAX }
int LUKS2_hdr_version_unlocked(struct crypt_device *cd, int LUKS2_hdr_version_unlocked(struct crypt_device *cd,
const char *backup_file); const char *backup_file);
int LUKS2_device_write_lock(struct crypt_device *cd,
struct luks2_hdr *hdr, struct device *device);
int LUKS2_hdr_read(struct crypt_device *cd, struct luks2_hdr *hdr, int repair); int LUKS2_hdr_read(struct crypt_device *cd, struct luks2_hdr *hdr, int repair);
int LUKS2_hdr_write(struct crypt_device *cd, struct luks2_hdr *hdr); int LUKS2_hdr_write(struct crypt_device *cd, struct luks2_hdr *hdr);
int LUKS2_hdr_write_force(struct crypt_device *cd, struct luks2_hdr *hdr); int LUKS2_hdr_write_force(struct crypt_device *cd, struct luks2_hdr *hdr);
int LUKS2_hdr_dump(struct crypt_device *cd, struct luks2_hdr *hdr); int LUKS2_hdr_dump(struct crypt_device *cd, struct luks2_hdr *hdr);
int LUKS2_hdr_dump_json(struct crypt_device *cd, struct luks2_hdr *hdr, c onst char **json);
int LUKS2_hdr_uuid(struct crypt_device *cd, int LUKS2_hdr_uuid(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
const char *uuid); const char *uuid);
int LUKS2_hdr_labels(struct crypt_device *cd, int LUKS2_hdr_labels(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
const char *label, const char *label,
const char *subsystem, const char *subsystem,
int commit); int commit);
void LUKS2_hdr_free(struct crypt_device *cd, struct luks2_hdr *hdr); void LUKS2_hdr_free(struct crypt_device *cd, struct luks2_hdr *hdr);
int LUKS2_hdr_backup(struct crypt_device *cd, int LUKS2_hdr_backup(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
const char *backup_file); const char *backup_file);
int LUKS2_hdr_restore(struct crypt_device *cd, int LUKS2_hdr_restore(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
const char *backup_file); const char *backup_file);
uint64_t LUKS2_hdr_and_areas_size(json_object *jobj); uint64_t LUKS2_hdr_and_areas_size(struct luks2_hdr *hdr);
uint64_t LUKS2_keyslots_size(json_object *jobj); uint64_t LUKS2_keyslots_size(struct luks2_hdr *hdr);
uint64_t LUKS2_metadata_size(json_object *jobj); uint64_t LUKS2_metadata_size(struct luks2_hdr *hdr);
int LUKS2_keyslot_cipher_incompatible(struct crypt_device *cd, const char *ciphe r_spec); int LUKS2_keyslot_cipher_incompatible(struct crypt_device *cd, const char *ciphe r_spec);
/* /*
* Generic LUKS2 keyslot * Generic LUKS2 keyslot
*/ */
int LUKS2_keyslot_open(struct crypt_device *cd, int LUKS2_keyslot_open(struct crypt_device *cd,
int keyslot, int keyslot,
int segment, int segment,
const char *password, const char *password,
skipping to change at line 283 skipping to change at line 215
struct volume_key **vks); struct volume_key **vks);
int LUKS2_keyslot_store(struct crypt_device *cd, int LUKS2_keyslot_store(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int keyslot, int keyslot,
const char *password, const char *password,
size_t password_len, size_t password_len,
const struct volume_key *vk, const struct volume_key *vk,
const struct luks2_keyslot_params *params); const struct luks2_keyslot_params *params);
int LUKS2_keyslot_reencrypt_store(struct crypt_device *cd,
struct luks2_hdr *hdr,
int keyslot,
const void *buffer,
size_t buffer_length);
int LUKS2_keyslot_reencrypt_create(struct crypt_device *cd,
struct luks2_hdr *hdr,
int keyslot,
const struct crypt_params_reencrypt *params);
int reenc_keyslot_update(struct crypt_device *cd,
const struct luks2_reenc_context *rh);
int LUKS2_keyslot_wipe(struct crypt_device *cd, int LUKS2_keyslot_wipe(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int keyslot, int keyslot,
int wipe_area_only); int wipe_area_only);
int LUKS2_keyslot_dump(struct crypt_device *cd,
int keyslot);
crypt_keyslot_priority LUKS2_keyslot_priority_get(struct crypt_device *cd, crypt_keyslot_priority LUKS2_keyslot_priority_get(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int keyslot); int keyslot);
int LUKS2_keyslot_priority_set(struct crypt_device *cd, int LUKS2_keyslot_priority_set(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int keyslot, int keyslot,
crypt_keyslot_priority priority, crypt_keyslot_priority priority,
int commit); int commit);
int LUKS2_keyslot_swap(struct crypt_device *cd,
struct luks2_hdr *hdr,
int keyslot,
int keyslot2);
/* /*
* Generic LUKS2 token * Generic LUKS2 token
*/ */
int LUKS2_token_json_get(struct crypt_device *cd, int LUKS2_token_json_get(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int token, int token,
const char **json); const char **json);
int LUKS2_token_assign(struct crypt_device *cd, int LUKS2_token_assign(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
skipping to change at line 352 skipping to change at line 272
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int token, int token,
const char *json, const char *json,
int commit); int commit);
crypt_token_info LUKS2_token_status(struct crypt_device *cd, crypt_token_info LUKS2_token_status(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int token, int token,
const char **type); const char **type);
int LUKS2_builtin_token_get(struct crypt_device *cd, int LUKS2_token_open_and_activate(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int token, int token,
const char *name,
const char *type, const char *type,
void *params); const char *pin,
size_t pin_size,
uint32_t flags,
void *usrptr);
int LUKS2_builtin_token_create(struct crypt_device *cd, int LUKS2_token_keyring_get(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int token, int token,
const char *type, struct crypt_token_params_luks2_keyring *keyring_params);
const void *params,
int commit);
int LUKS2_token_open_and_activate(struct crypt_device *cd, int LUKS2_token_keyring_json(char *buffer, size_t buffer_size,
struct luks2_hdr *hdr, const struct crypt_token_params_luks2_keyring *keyring_params);
int token,
const char *name,
uint32_t flags,
void *usrptr);
int LUKS2_token_open_and_activate_any(struct crypt_device *cd,
struct luks2_hdr *hdr,
const char *name,
uint32_t flags);
int LUKS2_tokens_count(struct luks2_hdr *hdr); void crypt_token_unload_external_all(struct crypt_device *cd);
/*
* Generic LUKS2 segment
*/
uint64_t json_segment_get_offset(json_object *jobj_segment, unsigned blockwise);
const char *json_segment_type(json_object *jobj_segment);
uint64_t json_segment_get_iv_offset(json_object *jobj_segment);
uint64_t json_segment_get_size(json_object *jobj_segment, unsigned blockwise);
const char *json_segment_get_cipher(json_object *jobj_segment);
int json_segment_get_sector_size(json_object *jobj_segment);
bool json_segment_is_backup(json_object *jobj_segment);
json_object *json_segments_get_segment(json_object *jobj_segments, int segment);
unsigned json_segments_count(json_object *jobj_segments);
void json_segment_remove_flag(json_object *jobj_segment, const char *flag);
uint64_t json_segments_get_minimal_offset(json_object *jobj_segments, unsigned b
lockwise);
json_object *json_segment_create_linear(uint64_t offset, const uint64_t *length,
unsigned reencryption);
json_object *json_segment_create_crypt(uint64_t offset, uint64_t iv_offset, cons
t uint64_t *length, const char *cipher, uint32_t sector_size, unsigned reencrypt
ion);
int json_segments_segment_in_reencrypt(json_object *jobj_segments);
int LUKS2_segments_count(struct luks2_hdr *hdr);
int LUKS2_segment_first_unused_id(struct luks2_hdr *hdr);
int LUKS2_segment_set_flag(json_object *jobj_segment, const char *flag);
json_object *LUKS2_get_segment_by_flag(struct luks2_hdr *hdr, const char *flag);
int LUKS2_get_segment_id_by_flag(struct luks2_hdr *hdr, const char *flag);
int LUKS2_segments_set(struct crypt_device *cd,
struct luks2_hdr *hdr,
json_object *jobj_segments,
int commit);
uint64_t LUKS2_segment_offset(struct luks2_hdr *hdr,
int segment,
unsigned blockwise);
uint64_t LUKS2_segment_size(struct luks2_hdr *hdr,
int segment,
unsigned blockwise);
int LUKS2_segment_is_type(struct luks2_hdr *hdr,
int segment,
const char *type);
int LUKS2_segment_by_type(struct luks2_hdr *hdr,
const char *type);
int LUKS2_last_segment_by_type(struct luks2_hdr *hdr,
const char *type);
int LUKS2_get_default_segment(struct luks2_hdr *hdr);
int LUKS2_reencrypt_digest_new(struct luks2_hdr *hdr);
int LUKS2_reencrypt_digest_old(struct luks2_hdr *hdr);
int LUKS2_reencrypt_data_offset(struct luks2_hdr *hdr, bool blockwise);
/* /*
* Generic LUKS2 digest * Generic LUKS2 digest
*/ */
int LUKS2_digest_any_matching(struct crypt_device *cd, int LUKS2_digest_any_matching(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
const struct volume_key *vk); const struct volume_key *vk);
int LUKS2_digest_by_segment(struct luks2_hdr *hdr, int segment);
int LUKS2_digest_verify_by_digest(struct crypt_device *cd,
struct luks2_hdr *hdr,
int digest,
const struct volume_key *vk);
int LUKS2_digest_verify_by_segment(struct crypt_device *cd, int LUKS2_digest_verify_by_segment(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int segment, int segment,
const struct volume_key *vk); const struct volume_key *vk);
void LUKS2_digests_erase_unused(struct crypt_device *cd,
struct luks2_hdr *hdr);
int LUKS2_digest_verify(struct crypt_device *cd, int LUKS2_digest_verify(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
const struct volume_key *vk, const struct volume_key *vk,
int keyslot); int keyslot);
int LUKS2_digest_dump(struct crypt_device *cd,
int digest);
int LUKS2_digest_assign(struct crypt_device *cd, int LUKS2_digest_assign(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int keyslot, int keyslot,
int digest, int digest,
int assign, int assign,
int commit); int commit);
int LUKS2_digest_segment_assign(struct crypt_device *cd, int LUKS2_digest_segment_assign(struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
int segment, int segment,
int digest, int digest,
int assign, int assign,
int commit); int commit);
int LUKS2_digest_by_keyslot(struct luks2_hdr *hdr, int keyslot); int LUKS2_digest_by_keyslot(struct luks2_hdr *hdr, int keyslot);
int LUKS2_digest_by_segment(struct luks2_hdr *hdr, int segment);
int LUKS2_digest_create(struct crypt_device *cd, int LUKS2_digest_create(struct crypt_device *cd,
const char *type, const char *type,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
const struct volume_key *vk); const struct volume_key *vk);
/* /*
* LUKS2 generic * LUKS2 generic
*/ */
int LUKS2_activate(struct crypt_device *cd, int LUKS2_activate(struct crypt_device *cd,
const char *name, const char *name,
struct volume_key *vk, struct volume_key *vk,
uint32_t flags); uint32_t flags);
int LUKS2_activate_multi(struct crypt_device *cd, int LUKS2_activate_multi(struct crypt_device *cd,
const char *name, const char *name,
struct volume_key *vks, struct volume_key *vks,
uint64_t device_size, uint64_t device_size,
uint32_t flags); uint32_t flags);
struct crypt_dm_active_device;
int LUKS2_deactivate(struct crypt_device *cd, int LUKS2_deactivate(struct crypt_device *cd,
const char *name, const char *name,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
struct crypt_dm_active_device *dmd, struct crypt_dm_active_device *dmd,
uint32_t flags); uint32_t flags);
int LUKS2_reload(struct crypt_device *cd,
const char *name,
struct volume_key *vks,
uint64_t device_size,
uint32_t flags);
int LUKS2_generate_hdr( int LUKS2_generate_hdr(
struct crypt_device *cd, struct crypt_device *cd,
struct luks2_hdr *hdr, struct luks2_hdr *hdr,
const struct volume_key *vk, const struct volume_key *vk,
const char *cipherName, const char *cipherName,
const char *cipherMode, const char *cipherMode,
const char *integrity, const char *integrity,
const char *uuid, const char *uuid,
unsigned int sector_size, unsigned int sector_size,
uint64_t data_offset, uint64_t data_offset,
skipping to change at line 546 skipping to change at line 383
uint64_t LUKS2_get_data_offset(struct luks2_hdr *hdr); uint64_t LUKS2_get_data_offset(struct luks2_hdr *hdr);
int LUKS2_get_data_size(struct luks2_hdr *hdr, uint64_t *size, bool *dynamic); int LUKS2_get_data_size(struct luks2_hdr *hdr, uint64_t *size, bool *dynamic);
int LUKS2_get_sector_size(struct luks2_hdr *hdr); int LUKS2_get_sector_size(struct luks2_hdr *hdr);
const char *LUKS2_get_cipher(struct luks2_hdr *hdr, int segment); const char *LUKS2_get_cipher(struct luks2_hdr *hdr, int segment);
const char *LUKS2_get_integrity(struct luks2_hdr *hdr, int segment); const char *LUKS2_get_integrity(struct luks2_hdr *hdr, int segment);
int LUKS2_keyslot_params_default(struct crypt_device *cd, struct luks2_hdr *hdr, int LUKS2_keyslot_params_default(struct crypt_device *cd, struct luks2_hdr *hdr,
struct luks2_keyslot_params *params); struct luks2_keyslot_params *params);
int LUKS2_get_volume_key_size(struct luks2_hdr *hdr, int segment); int LUKS2_get_volume_key_size(struct luks2_hdr *hdr, int segment);
int LUKS2_get_keyslot_stored_key_size(struct luks2_hdr *hdr, int keyslot); int LUKS2_get_keyslot_stored_key_size(struct luks2_hdr *hdr, int keyslot);
const char *LUKS2_get_keyslot_cipher(struct luks2_hdr *hdr, int keyslot, size_t *key_size); const char *LUKS2_get_keyslot_cipher(struct luks2_hdr *hdr, int keyslot, size_t *key_size);
int LUKS2_keyslot_find_empty(struct luks2_hdr *hdr); int LUKS2_keyslot_find_empty(struct crypt_device *cd, struct luks2_hdr *hdr, siz e_t keylength);
int LUKS2_keyslot_active_count(struct luks2_hdr *hdr, int segment); int LUKS2_keyslot_active_count(struct luks2_hdr *hdr, int segment);
int LUKS2_keyslot_for_segment(struct luks2_hdr *hdr, int keyslot, int segment);
int LUKS2_find_keyslot(struct luks2_hdr *hdr, const char *type);
crypt_keyslot_info LUKS2_keyslot_info(struct luks2_hdr *hdr, int keyslot); crypt_keyslot_info LUKS2_keyslot_info(struct luks2_hdr *hdr, int keyslot);
int LUKS2_keyslot_area(struct luks2_hdr *hdr, int LUKS2_keyslot_area(struct luks2_hdr *hdr,
int keyslot, int keyslot,
uint64_t *offset, uint64_t *offset,
uint64_t *length); uint64_t *length);
int LUKS2_keyslot_pbkdf(struct luks2_hdr *hdr, int keyslot, struct crypt_pbkdf_t ype *pbkdf); int LUKS2_keyslot_pbkdf(struct luks2_hdr *hdr, int keyslot, struct crypt_pbkdf_t ype *pbkdf);
int LUKS2_set_keyslots_size(struct crypt_device *cd,
struct luks2_hdr *hdr,
uint64_t data_offset);
/* /*
* Permanent activation flags stored in header * Permanent activation flags stored in header
*/ */
int LUKS2_config_get_flags(struct crypt_device *cd, struct luks2_hdr *hdr, uint3 2_t *flags); int LUKS2_config_get_flags(struct crypt_device *cd, struct luks2_hdr *hdr, uint3 2_t *flags);
int LUKS2_config_set_flags(struct crypt_device *cd, struct luks2_hdr *hdr, uint3 2_t flags); int LUKS2_config_set_flags(struct crypt_device *cd, struct luks2_hdr *hdr, uint3 2_t flags);
/* /*
* Requirements for device activation or header modification * Requirements for device activation or header modification
*/ */
skipping to change at line 581 skipping to change at line 413
int LUKS2_unmet_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uin t32_t reqs_mask, int quiet); int LUKS2_unmet_requirements(struct crypt_device *cd, struct luks2_hdr *hdr, uin t32_t reqs_mask, int quiet);
int LUKS2_key_description_by_segment(struct crypt_device *cd, int LUKS2_key_description_by_segment(struct crypt_device *cd,
struct luks2_hdr *hdr, struct volume_key *vk, int segment); struct luks2_hdr *hdr, struct volume_key *vk, int segment);
int LUKS2_volume_key_load_in_keyring_by_keyslot(struct crypt_device *cd, int LUKS2_volume_key_load_in_keyring_by_keyslot(struct crypt_device *cd,
struct luks2_hdr *hdr, struct volume_key *vk, int keyslot); struct luks2_hdr *hdr, struct volume_key *vk, int keyslot);
int LUKS2_volume_key_load_in_keyring_by_digest(struct crypt_device *cd, int LUKS2_volume_key_load_in_keyring_by_digest(struct crypt_device *cd,
struct luks2_hdr *hdr, struct volume_key *vk, int digest); struct luks2_hdr *hdr, struct volume_key *vk, int digest);
struct luks_phdr;
int LUKS2_luks1_to_luks2(struct crypt_device *cd, int LUKS2_luks1_to_luks2(struct crypt_device *cd,
struct luks_phdr *hdr1, struct luks_phdr *hdr1,
struct luks2_hdr *hdr2); struct luks2_hdr *hdr2);
int LUKS2_luks2_to_luks1(struct crypt_device *cd, int LUKS2_luks2_to_luks1(struct crypt_device *cd,
struct luks2_hdr *hdr2, struct luks2_hdr *hdr2,
struct luks_phdr *hdr1); struct luks_phdr *hdr1);
/* /*
* LUKS2 reencryption * LUKS2 reencryption
*/ */
int LUKS2_reencrypt_locked_recovery_by_passphrase(struct crypt_device *cd, int LUKS2_reencrypt_locked_recovery_by_passphrase(struct crypt_device *cd,
int keyslot_old, int keyslot_old,
int keyslot_new, int keyslot_new,
const char *passphrase, const char *passphrase,
size_t passphrase_size, size_t passphrase_size,
uint32_t flags, uint32_t flags,
struct volume_key **vks); struct volume_key **vks);
void LUKS2_reenc_context_free(struct crypt_device *cd, struct luks2_reenc_contex void LUKS2_reencrypt_free(struct crypt_device *cd,
t *rh); struct luks2_reencrypt *rh);
int LUKS2_assembly_multisegment_dmd(struct crypt_device *cd, crypt_reencrypt_info LUKS2_reencrypt_status(struct luks2_hdr *hdr);
struct luks2_hdr *hdr,
struct volume_key *vks,
json_object *jobj_segments,
struct crypt_dm_active_device *dmd);
crypt_reencrypt_info LUKS2_reencrypt_status(struct crypt_device *cd, crypt_reencrypt_info LUKS2_reencrypt_get_params(struct luks2_hdr *hdr,
struct crypt_params_reencrypt *params); struct crypt_params_reencrypt *params);
int crypt_reencrypt_lock(struct crypt_device *cd, struct crypt_lock_handle **ree int LUKS2_reencrypt_lock(struct crypt_device *cd,
ncrypt_lock); struct crypt_lock_handle **reencrypt_lock);
int crypt_reencrypt_lock_by_dm_uuid(struct crypt_device *cd, const char *dm_uuid
, struct crypt_lock_handle **reencrypt_lock);
void crypt_reencrypt_unlock(struct crypt_device *cd, struct crypt_lock_handle *r
eencrypt_lock);
int luks2_check_device_size(struct crypt_device *cd, struct luks2_hdr *hdr, uint int LUKS2_reencrypt_lock_by_dm_uuid(struct crypt_device *cd,
64_t check_size, uint64_t *dev_size, bool activation, bool dynamic); const char *dm_uuid,
struct crypt_lock_handle **reencrypt_lock);
void LUKS2_reencrypt_unlock(struct crypt_device *cd,
struct crypt_lock_handle *reencrypt_lock);
int LUKS2_reencrypt_check_device_size(struct crypt_device *cd,
struct luks2_hdr *hdr,
uint64_t check_size,
uint64_t *dev_size,
bool activation,
bool dynamic);
#endif #endif
 End of changes. 33 change blocks. 
219 lines changed or deleted 49 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)