"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "lib/bitlk/bitlk.c" between
cryptsetup-2.4.2.tar.xz and cryptsetup-2.4.3.tar.xz

About: cryptsetup is a utility used to conveniently setup disk encryption based on the dm-crypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format.

bitlk.c  (cryptsetup-2.4.2.tar.xz):bitlk.c  (cryptsetup-2.4.3.tar.xz)
skipping to change at line 872 skipping to change at line 872
parts[j] = cpu_to_le16(part_num / 11); parts[j] = cpu_to_le16(part_num / 11);
} }
*rc_key = crypt_alloc_volume_key(16, (const char*) parts); *rc_key = crypt_alloc_volume_key(16, (const char*) parts);
if (*rc_key == NULL) if (*rc_key == NULL)
return -ENOMEM; return -ENOMEM;
return 0; return 0;
} }
static int parse_external_key_entry(struct crypt_device *cd, const char *data, i static int parse_external_key_entry(struct crypt_device *cd,
nt start, int end, struct volume_key **vk) const char *data,
int start,
int end,
struct volume_key **vk,
const struct bitlk_metadata *params)
{ {
uint16_t key_entry_size = 0; uint16_t key_entry_size = 0;
uint16_t key_entry_type = 0; uint16_t key_entry_type = 0;
uint16_t key_entry_value = 0; uint16_t key_entry_value = 0;
size_t key_size = 0; size_t key_size = 0;
const char *key = NULL; const char *key = NULL;
struct bitlk_guid guid;
char guid_buf[UUID_STR_LEN] = {0};
while (end - start > 2) { while (end - start > 2) {
/* size of this entry */ /* size of this entry */
memcpy(&key_entry_size, data + start, sizeof(key_entry_size)); memcpy(&key_entry_size, data + start, sizeof(key_entry_size));
key_entry_size = le16_to_cpu(key_entry_size); key_entry_size = le16_to_cpu(key_entry_size);
if (key_entry_size == 0) if (key_entry_size == 0)
break; break;
/* type and value of this entry */ /* type and value of this entry */
memcpy(&key_entry_type, data + start + sizeof(key_entry_size), si zeof(key_entry_type)); memcpy(&key_entry_type, data + start + sizeof(key_entry_size), si zeof(key_entry_type));
memcpy(&key_entry_value, memcpy(&key_entry_value,
data + start + sizeof(key_entry_size) + sizeof(key_entry_t ype), data + start + sizeof(key_entry_size) + sizeof(key_entry_t ype),
sizeof(key_entry_value)); sizeof(key_entry_value));
key_entry_type = le16_to_cpu(key_entry_type); key_entry_type = le16_to_cpu(key_entry_type);
key_entry_value = le16_to_cpu(key_entry_value); key_entry_value = le16_to_cpu(key_entry_value);
/* only properties should be in this entry */ if (key_entry_type != BITLK_ENTRY_TYPE_PROPERTY && key_entry_type
if (key_entry_type != BITLK_ENTRY_TYPE_PROPERTY) { != BITLK_ENTRY_TYPE_VOLUME_GUID) {
log_err(cd, _("Unexpected metadata entry type '%u' found when parsing external key."), key_entry_type); log_err(cd, _("Unexpected metadata entry type '%u' found when parsing external key."), key_entry_type);
return -EINVAL; return -EINVAL;
} }
if (key_entry_value == BITLK_ENTRY_VALUE_KEY) { if (key_entry_value == BITLK_ENTRY_VALUE_KEY) {
key_size = key_entry_size - (BITLK_ENTRY_HEADER_LEN + 4); key_size = key_entry_size - (BITLK_ENTRY_HEADER_LEN + 4);
key = (const char *) data + start + BITLK_ENTRY_HEADER_LE N + 4; key = (const char *) data + start + BITLK_ENTRY_HEADER_LE N + 4;
*vk = crypt_alloc_volume_key(key_size, key); *vk = crypt_alloc_volume_key(key_size, key);
if (*vk == NULL) if (*vk == NULL)
return -ENOMEM; return -ENOMEM;
return 0; return 0;
/* optional "ExternalKey" string, we can safely ignore it */ /* optional "ExternalKey" string, we can safely ignore it */
} else if (key_entry_value == BITLK_ENTRY_VALUE_STRING) } else if (key_entry_value == BITLK_ENTRY_VALUE_STRING)
; ;
else { /* GUID of the BitLocker device we are trying to open with this k
ey */
else if (key_entry_value == BITLK_ENTRY_VALUE_GUID) {
memcpy(&guid, data + start + BITLK_ENTRY_HEADER_LEN, size
of(struct bitlk_guid));
guid_to_string(&guid, guid_buf);
if (strcmp(guid_buf, params->guid) != 0) {
log_err(cd, _("BEK file GUID '%s' does not match
GUID of the volume."), guid_buf);
return -EINVAL;
}
} else {
log_err(cd, _("Unexpected metadata entry value '%u' found when parsing external key."), key_entry_value); log_err(cd, _("Unexpected metadata entry value '%u' found when parsing external key."), key_entry_value);
return -EINVAL; return -EINVAL;
} }
start += key_entry_size; start += key_entry_size;
} }
/* if we got here we failed to parse the metadata */ /* if we got here we failed to parse the metadata */
return -EINVAL; return -EINVAL;
} }
/* check if given passphrase can be a startup key (has right format) and convert it */ /* check if given passphrase can be a startup key (has right format) and convert it */
static int get_startup_key(struct crypt_device *cd, static int get_startup_key(struct crypt_device *cd,
const char *password, const char *password,
size_t passwordLen, size_t passwordLen,
const struct bitlk_vmk *vmk, const struct bitlk_vmk *vmk,
struct volume_key **su_key) struct volume_key **su_key,
const struct bitlk_metadata *params)
{ {
struct bitlk_bek_header bek_header = {0}; struct bitlk_bek_header bek_header = {0};
char guid_buf[UUID_STR_LEN] = {0}; char guid_buf[UUID_STR_LEN] = {0};
uint16_t key_entry_size = 0; uint16_t key_entry_size = 0;
uint16_t key_entry_type = 0; uint16_t key_entry_type = 0;
uint16_t key_entry_value = 0; uint16_t key_entry_value = 0;
if (passwordLen < BITLK_BEK_FILE_HEADER_LEN) if (passwordLen < BITLK_BEK_FILE_HEADER_LEN)
return -EPERM; return -EPERM;
skipping to change at line 978 skipping to change at line 993
memcpy(&key_entry_type, password + BITLK_BEK_FILE_HEADER_LEN + sizeof(key _entry_size), sizeof(key_entry_type)); memcpy(&key_entry_type, password + BITLK_BEK_FILE_HEADER_LEN + sizeof(key _entry_size), sizeof(key_entry_type));
memcpy(&key_entry_value, memcpy(&key_entry_value,
password + BITLK_BEK_FILE_HEADER_LEN + sizeof(key_entry_size) + si zeof(key_entry_type), password + BITLK_BEK_FILE_HEADER_LEN + sizeof(key_entry_size) + si zeof(key_entry_type),
sizeof(key_entry_value)); sizeof(key_entry_value));
key_entry_type = le16_to_cpu(key_entry_type); key_entry_type = le16_to_cpu(key_entry_type);
key_entry_value = le16_to_cpu(key_entry_value); key_entry_value = le16_to_cpu(key_entry_value);
if (key_entry_type == BITLK_ENTRY_TYPE_STARTUP_KEY && key_entry_value == BITLK_ENTRY_VALUE_EXTERNAL_KEY) { if (key_entry_type == BITLK_ENTRY_TYPE_STARTUP_KEY && key_entry_value == BITLK_ENTRY_VALUE_EXTERNAL_KEY) {
return parse_external_key_entry(cd, password, return parse_external_key_entry(cd, password,
BITLK_BEK_FILE_HEADER_LEN + BITLK _ENTRY_HEADER_LEN + BITLK_STARTUP_KEY_HEADER_LEN, BITLK_BEK_FILE_HEADER_LEN + BITLK _ENTRY_HEADER_LEN + BITLK_STARTUP_KEY_HEADER_LEN,
passwordLen, su_key); passwordLen, su_key, params);
} else { } else {
log_err(cd, _("Unexpected metadata entry found when parsing start up key.")); log_err(cd, _("Unexpected metadata entry found when parsing start up key."));
log_dbg(cd, "Entry type: %u, entry value: %u", key_entry_type, ke y_entry_value); log_dbg(cd, "Entry type: %u, entry value: %u", key_entry_type, ke y_entry_value);
return -EINVAL; return -EINVAL;
} }
} }
static int bitlk_kdf(struct crypt_device *cd, static int bitlk_kdf(struct crypt_device *cd,
const char *password, const char *password,
size_t passwordLen, size_t passwordLen,
skipping to change at line 1144 skipping to change at line 1159
next_vmk = next_vmk->next; next_vmk = next_vmk->next;
continue; continue;
} }
log_dbg(cd, "Trying to use given password as a recovery k ey."); log_dbg(cd, "Trying to use given password as a recovery k ey.");
r = bitlk_kdf(cd, recovery_key->key, recovery_key->keylen gth, r = bitlk_kdf(cd, recovery_key->key, recovery_key->keylen gth,
true, next_vmk->salt, &vmk_dec_key); true, next_vmk->salt, &vmk_dec_key);
crypt_free_volume_key(recovery_key); crypt_free_volume_key(recovery_key);
if (r) if (r)
return r; return r;
} else if (next_vmk->protection == BITLK_PROTECTION_STARTUP_KEY) { } else if (next_vmk->protection == BITLK_PROTECTION_STARTUP_KEY) {
r = get_startup_key(cd, password, passwordLen, next_vmk, &vmk_dec_key); r = get_startup_key(cd, password, passwordLen, next_vmk, &vmk_dec_key, params);
if (r) { if (r) {
next_vmk = next_vmk->next; next_vmk = next_vmk->next;
continue; continue;
} }
log_dbg(cd, "Trying to use external key found in provided password."); log_dbg(cd, "Trying to use external key found in provided password.");
} else { } else {
/* only passphrase, recovery passphrase and startup key V MKs supported right now */ /* only passphrase, recovery passphrase and startup key V MKs supported right now */
log_dbg(cd, "Skipping %s", get_vmk_protection_string(next _vmk->protection)); log_dbg(cd, "Skipping %s", get_vmk_protection_string(next _vmk->protection));
next_vmk = next_vmk->next; next_vmk = next_vmk->next;
if (r == 0) if (r == 0)
 End of changes. 7 change blocks. 
8 lines changed or deleted 26 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)