eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add generic crypt_generate_volume_key function.

Browse Source 
So that we can generate keys with different 'quality'
attribute at one place.
This commit is contained in:
Ondrej Kozina
2025-01-29 14:40:43 +01:00
parent 4f90213a5b
commit 1326dfbac1
3 changed files with 32 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/internal.h
View File

@@ -59,8 +59,15 @@ struct volume_key {
char key[];
};
typedef enum {
KEY_QUALITY_KEY = 0,
KEY_QUALITY_NORMAL,
KEY_QUALITY_EMPTY
} key_quality_info;
struct volume_key *crypt_alloc_volume_key(size_t keylength, const char *key);
struct volume_key *crypt_generate_volume_key(struct crypt_device *cd, size_t keylength);
struct volume_key *crypt_generate_volume_key(struct crypt_device *cd, size_t keylength,
key_quality_info quality);
void crypt_free_volume_key(struct volume_key *vk);
int crypt_volume_key_set_description(struct volume_key *key,
const char *key_description, key_type_t keyring_key_type);

8
lib/setup.c
View File

@@ -1796,7 +1796,7 @@ static int _crypt_format_luks1(struct crypt_device *cd,
cd->volume_key = crypt_alloc_volume_key(volume_key_size,
volume_key);
else
cd->volume_key = crypt_generate_volume_key(cd, volume_key_size);
cd->volume_key = crypt_generate_volume_key(cd, volume_key_size, KEY_QUALITY_KEY);
if (!cd->volume_key)
return -ENOMEM;
@@ -2075,7 +2075,7 @@ static int _crypt_format_luks2(struct crypt_device *cd,
cd->volume_key = crypt_alloc_volume_key(volume_key_size,
volume_key);
else
cd->volume_key = crypt_generate_volume_key(cd, volume_key_size);
cd->volume_key = crypt_generate_volume_key(cd, volume_key_size, KEY_QUALITY_KEY);
if (!cd->volume_key)
return -ENOMEM;
@@ -2439,7 +2439,7 @@ int crypt_format_luks2_opal(struct crypt_device *cd,
if (volume_keys)
cd->volume_key = crypt_alloc_volume_key(volume_keys_size, volume_keys);
else
cd->volume_key = crypt_generate_volume_key(cd, volume_keys_size);
cd->volume_key = crypt_generate_volume_key(cd, volume_keys_size, KEY_QUALITY_KEY);
if (!cd->volume_key) {
r = -ENOMEM;
@@ -7328,7 +7328,7 @@ int crypt_keyslot_add_by_keyslot_context(struct crypt_device *cd,
if (r == -ENOENT) {
if ((flags & CRYPT_VOLUME_KEY_NO_SEGMENT) && kc->type == CRYPT_KC_TYPE_KEY) {
if (!(vk = crypt_generate_volume_key(cd, kc->u.k.volume_key_size)))
if (!(vk = crypt_generate_volume_key(cd, kc->u.k.volume_key_size, KEY_QUALITY_KEY)))
return -ENOMEM;
r = 0;
} else if (cd->volume_key) {

25
lib/volumekey.c
View File

@@ -126,7 +126,8 @@ void crypt_free_volume_key(struct volume_key *vk)
}
}
struct volume_key *crypt_generate_volume_key(struct crypt_device *cd, size_t keylength)
struct volume_key *crypt_generate_volume_key(struct crypt_device *cd, size_t keylength,
key_quality_info quality)
{
int r;
struct volume_key *vk;
@@ -135,10 +136,24 @@ struct volume_key *crypt_generate_volume_key(struct crypt_device *cd, size_t key
if (!vk)
return NULL;
r = crypt_random_get(cd, vk->key, keylength, CRYPT_RND_KEY);
if(r < 0) {
crypt_free_volume_key(vk);
return NULL;
switch (quality) {
case KEY_QUALITY_KEY:
r = crypt_random_get(cd, vk->key, keylength, CRYPT_RND_KEY);
break;
case KEY_QUALITY_NORMAL:
r = crypt_random_get(cd, vk->key, keylength, CRYPT_RND_NORMAL);
break;
case KEY_QUALITY_EMPTY:
r = 0;
break;
default:
abort();
}
if (r) {
crypt_free_volume_key(vk);
vk = NULL;
}
return vk;
}