eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-06 00:10:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow to enter empty password through stdin pipe.

Browse Source 
Also always use empty passsword when using null cipher in tests.
This commit is contained in:
Milan Broz
2015-07-02 08:16:06 +02:00
parent a57f1b1b64
commit 0dc245401f
3 changed files with 15 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/utils_crypt.c
View File

@@ -334,7 +334,7 @@ int crypt_get_key(const char *prompt,
struct crypt_device *cd) struct crypt_device *cd)
{ {
int fd, regular_file, read_stdin, char_read, unlimited_read = 0; int fd, regular_file, read_stdin, char_read, unlimited_read = 0;
int r = -EINVAL; int r = -EINVAL, newline;
char *pass = NULL; char *pass = NULL;
size_t buflen, i, file_read_size; size_t buflen, i, file_read_size;
struct stat st; struct stat st;
@@ -408,7 +408,7 @@ int crypt_get_key(const char *prompt,
goto out_err; goto out_err;
} }
for(i = 0; i < keyfile_size_max; i++) { for(i = 0, newline = 0; i < keyfile_size_max; i++) {
if(i == buflen) { if(i == buflen) {
buflen += 4096; buflen += 4096;
pass = crypt_safe_realloc(pass, buflen); pass = crypt_safe_realloc(pass, buflen);
@@ -426,12 +426,17 @@ int crypt_get_key(const char *prompt,
} }
/* Stop on newline only if not requested read from keyfile */ /* Stop on newline only if not requested read from keyfile */
if(char_read == 0 || (!key_file && pass[i] == '\n')) if (char_read == 0)
break; break;
if (!key_file && pass[i] == '\n') {
newline = 1;
pass[i] = '\0';
break;
}
} }
/* Fail if piped input dies reading nothing */ /* Fail if piped input dies reading nothing */
if(!i && !regular_file) { if(!i && !regular_file && !newline) {
log_dbg("Nothing read on input."); log_dbg("Nothing read on input.");
r = -EPIPE; r = -EPIPE;
goto out_err; goto out_err;

6
tests/align-test
View File

@@ -87,10 +87,10 @@ format_null()
{ {
if [ $3 -eq 0 ] ; then if [ $3 -eq 0 ] ; then
echo -n "Formatting using topology info ($1 bits key) [slot 0" echo -n "Formatting using topology info ($1 bits key) [slot 0"
echo $PWD1 | $CRYPTSETUP luksFormat $DEV -q -i1 -c null -s $1 echo | $CRYPTSETUP luksFormat $DEV -q -i1 -c null -s $1
else else
echo -n "Formatting using forced sector alignment $3 ($1 bits key) [slot 0" echo -n "Formatting using forced sector alignment $3 ($1 bits key) [slot 0"
echo $PWD1 | $CRYPTSETUP luksFormat $DEV -q -i1 -c null -s $1 --align-payload=$3 echo | $CRYPTSETUP luksFormat $DEV -q -i1 -c null -s $1 --align-payload=$3
fi fi
POFF=$(get_offsets "Payload offset") POFF=$(get_offsets "Payload offset")
@@ -98,7 +98,7 @@ format_null()
[ $POFF != $2 ] && fail "Expected data offset differs: expected $2 != detected $POFF" [ $POFF != $2 ] && fail "Expected data offset differs: expected $2 != detected $POFF"
if [ -n "$4" ] ; then if [ -n "$4" ] ; then
for j in 1 2 3 4 5 6 7 ; do for j in 1 2 3 4 5 6 7 ; do
echo -e "$PWD1\n$PWD2$j" | $CRYPTSETUP luksAddKey $DEV -q -i1 --key-slot $j -c null $PARAMS echo -e "\n" | $CRYPTSETUP luksAddKey $DEV -q -i1 --key-slot $j -c null $PARAMS
echo -n $j echo -n $j
[ $? -ne 0 ] && fail [ $? -ne 0 ] && fail
done done

3
tests/mode-test
View File

@@ -6,6 +6,7 @@ CRYPTSETUP=../src/cryptsetup
DEV_NAME=dmc_test DEV_NAME=dmc_test
HEADER_IMG=mode-test.img HEADER_IMG=mode-test.img
PASSWORD=3xrododenron PASSWORD=3xrododenron
PASSWORD1=$PASSWORD
# cipher-chainmode-ivopts:ivmode # cipher-chainmode-ivopts:ivmode
CIPHERS="aes twofish serpent" CIPHERS="aes twofish serpent"
@@ -134,10 +135,12 @@ dmcrypt aes aes-cbc-plain
dmcrypt aes-plain aes-cbc-plain dmcrypt aes-plain aes-cbc-plain
# empty cipher # empty cipher
PASSWORD=""
dmcrypt null cipher_null-ecb dmcrypt null cipher_null-ecb
dmcrypt cipher_null cipher_null-cbc-plain dmcrypt cipher_null cipher_null-cbc-plain
dmcrypt cipher_null-ecb dmcrypt cipher_null-ecb
PASSWORD=$PASSWORD1
# codebook doesn't support IV at all # codebook doesn't support IV at all
for cipher in $CIPHERS ; do for cipher in $CIPHERS ; do
dmcrypt "$cipher-ecb" dmcrypt "$cipher-ecb"