"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "lib/luks2/luks2_keyslot_reenc.c" between
cryptsetup-2.4.2.tar.xz and cryptsetup-2.4.3.tar.xz

About: cryptsetup is a utility used to conveniently setup disk encryption based on the dm-crypt kernel module. These include plain dm-crypt volumes, LUKS volumes, loop-AES and TrueCrypt compatible format.

luks2_keyslot_reenc.c  (cryptsetup-2.4.2.tar.xz):luks2_keyslot_reenc.c  (cryptsetup-2.4.3.tar.xz)
skipping to change at line 179 skipping to change at line 179
return r; return r;
} }
r = LUKS2_hdr_write(cd, hdr); r = LUKS2_hdr_write(cd, hdr);
device_write_unlock(cd, crypt_metadata_device(cd)); device_write_unlock(cd, crypt_metadata_device(cd));
return r < 0 ? r : keyslot; return r < 0 ? r : keyslot;
} }
static int reenc_keyslot_wipe(struct crypt_device *cd __attribute__((unused)), static int reenc_keyslot_wipe(struct crypt_device *cd,
int keyslot __attribute__((unused))) int keyslot)
{ {
struct luks2_hdr *hdr;
if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
return -EINVAL;
/* remove reencryption verification data */
LUKS2_digest_assign(cd, hdr, keyslot, CRYPT_ANY_DIGEST, 0, 0);
return 0; return 0;
} }
static int reenc_keyslot_dump(struct crypt_device *cd, int keyslot) static int reenc_keyslot_dump(struct crypt_device *cd, int keyslot)
{ {
json_object *jobj_keyslot, *jobj_area, *jobj_direction, *jobj_mode, *jobj _resilience, json_object *jobj_keyslot, *jobj_area, *jobj_direction, *jobj_mode, *jobj _resilience,
*jobj1; *jobj1;
jobj_keyslot = LUKS2_get_keyslot_jobj(crypt_get_hdr(cd, CRYPT_LUKS2), key slot); jobj_keyslot = LUKS2_get_keyslot_jobj(crypt_get_hdr(cd, CRYPT_LUKS2), key slot);
if (!jobj_keyslot) if (!jobj_keyslot)
skipping to change at line 225 skipping to change at line 233
log_std(cd, "\tArea offset:%" PRIu64 " [bytes]\n", crypt_jobj_get_uint64( jobj1)); log_std(cd, "\tArea offset:%" PRIu64 " [bytes]\n", crypt_jobj_get_uint64( jobj1));
json_object_object_get_ex(jobj_area, "size", &jobj1); json_object_object_get_ex(jobj_area, "size", &jobj1);
log_std(cd, "\tArea length:%" PRIu64 " [bytes]\n", crypt_jobj_get_uint64( jobj1)); log_std(cd, "\tArea length:%" PRIu64 " [bytes]\n", crypt_jobj_get_uint64( jobj1));
return 0; return 0;
} }
static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_key slot) static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_key slot)
{ {
json_object *jobj_mode, *jobj_area, *jobj_type, *jobj_shift_size, *jobj_h ash, *jobj_sector_size, *jobj_direction; json_object *jobj_mode, *jobj_area, *jobj_type, *jobj_shift_size, *jobj_h ash, *jobj_sector_size, *jobj_direction, *jobj_key_size;
const char *mode, *type, *direction; const char *mode, *type, *direction;
uint32_t sector_size; uint32_t sector_size;
uint64_t shift_size; uint64_t shift_size;
/* mode (string: encrypt,reencrypt,decrypt) /* mode (string: encrypt,reencrypt,decrypt)
* direction (string:) * direction (string:)
* area { * area {
* type: (string: datashift, journal, checksum, none) * type: (string: datashift, journal, checksum, none)
* hash: (string: checksum only) * hash: (string: checksum only)
* sector_size (uint32: checksum only) * sector_size (uint32: checksum only)
* shift_size (uint64: datashift only) * shift_size (uint64: datashift only)
* } * }
*/ */
/* area and area type are validated in general validation code */ /* area and area type are validated in general validation code */
if (!jobj_keyslot || !json_object_object_get_ex(jobj_keyslot, "area", &jo bj_area) || if (!jobj_keyslot || !json_object_object_get_ex(jobj_keyslot, "area", &jo bj_area) ||
!json_object_object_get_ex(jobj_area, "type", &jobj_type)) !json_object_object_get_ex(jobj_area, "type", &jobj_type))
return -EINVAL; return -EINVAL;
jobj_key_size = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "key_size", json_type_int);
jobj_mode = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "mod e", json_type_string); jobj_mode = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "mod e", json_type_string);
jobj_direction = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "direction", json_type_string); jobj_direction = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "direction", json_type_string);
if (!jobj_mode || !jobj_direction) if (!jobj_mode || !jobj_direction || !jobj_key_size)
return -EINVAL; return -EINVAL;
if (!validate_json_uint32(jobj_key_size) || crypt_jobj_get_uint32(jobj_ke
y_size) != 1) {
log_dbg(cd, "Illegal reencrypt key size.");
return -EINVAL;
}
mode = json_object_get_string(jobj_mode); mode = json_object_get_string(jobj_mode);
type = json_object_get_string(jobj_type); type = json_object_get_string(jobj_type);
direction = json_object_get_string(jobj_direction); direction = json_object_get_string(jobj_direction);
if (strcmp(mode, "reencrypt") && strcmp(mode, "encrypt") && if (strcmp(mode, "reencrypt") && strcmp(mode, "encrypt") &&
strcmp(mode, "decrypt")) { strcmp(mode, "decrypt")) {
log_dbg(cd, "Illegal reencrypt mode %s.", mode); log_dbg(cd, "Illegal reencrypt mode %s.", mode);
return -EINVAL; return -EINVAL;
} }
 End of changes. 6 change blocks. 
4 lines changed or deleted 19 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)