From 2820626f5e66d8211627d448d236324ecaf58244 Mon Sep 17 00:00:00 2001 From: Ondrej Kozina Date: Fri, 6 May 2022 16:28:56 +0200 Subject: [PATCH] Move LUKS2_keyslot_reencrypt_allocate function. It does not fit internal LUKS2 keyslot API so there's no need to hook it in it. --- lib/luks2/luks2_internal.h | 6 ------ lib/luks2/luks2_keyslot.c | 32 -------------------------------- lib/luks2/luks2_keyslot_reenc.c | 29 ++++++++++++++++++++++++++++- 3 files changed, 28 insertions(+), 39 deletions(-) diff --git a/lib/luks2/luks2_internal.h b/lib/luks2/luks2_internal.h index f17b00ca..f2fba58f 100644 --- a/lib/luks2/luks2_internal.h +++ b/lib/luks2/luks2_internal.h @@ -160,12 +160,6 @@ struct reenc_protection { } p; }; -/* can not fit prototype alloc function */ -int reenc_keyslot_alloc(struct crypt_device *cd, - struct luks2_hdr *hdr, - int keyslot, - const struct crypt_params_reencrypt *params); - /** * LUKS2 digest handlers (EXPERIMENTAL) */ diff --git a/lib/luks2/luks2_keyslot.c b/lib/luks2/luks2_keyslot.c index 1a1e7c94..4d5abba3 100644 --- a/lib/luks2/luks2_keyslot.c +++ b/lib/luks2/luks2_keyslot.c @@ -605,38 +605,6 @@ int LUKS2_keyslot_open(struct crypt_device *cd, return r; } -int LUKS2_keyslot_reencrypt_allocate(struct crypt_device *cd, - struct luks2_hdr *hdr, - int keyslot, - const struct crypt_params_reencrypt *params) -{ - const keyslot_handler *h; - int r; - - if (keyslot == CRYPT_ANY_SLOT) - return -EINVAL; - - h = LUKS2_keyslot_handler_type("reencrypt"); - if (!h) - return -EINVAL; - - r = reenc_keyslot_alloc(cd, hdr, keyslot, params); - if (r < 0) - return r; - - r = LUKS2_keyslot_priority_set(cd, hdr, keyslot, CRYPT_SLOT_PRIORITY_IGNORE, 0); - if (r < 0) - return r; - - r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot)); - if (r) { - log_dbg(cd, "Keyslot validation failed."); - return r; - } - - return 0; -} - int LUKS2_keyslot_reencrypt_store(struct crypt_device *cd, struct luks2_hdr *hdr, int keyslot, diff --git a/lib/luks2/luks2_keyslot_reenc.c b/lib/luks2/luks2_keyslot_reenc.c index d189e02d..56944dea 100644 --- a/lib/luks2/luks2_keyslot_reenc.c +++ b/lib/luks2/luks2_keyslot_reenc.c @@ -31,7 +31,7 @@ static int reenc_keyslot_open(struct crypt_device *cd __attribute__((unused)), return -ENOENT; } -int reenc_keyslot_alloc(struct crypt_device *cd, +static int reenc_keyslot_alloc(struct crypt_device *cd, struct luks2_hdr *hdr, int keyslot, const struct crypt_params_reencrypt *params) @@ -310,6 +310,33 @@ static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_key return 0; } +int LUKS2_keyslot_reencrypt_allocate(struct crypt_device *cd, + struct luks2_hdr *hdr, + int keyslot, + const struct crypt_params_reencrypt *params) +{ + int r; + + if (keyslot == CRYPT_ANY_SLOT) + return -EINVAL; + + r = reenc_keyslot_alloc(cd, hdr, keyslot, params); + if (r < 0) + return r; + + r = LUKS2_keyslot_priority_set(cd, hdr, keyslot, CRYPT_SLOT_PRIORITY_IGNORE, 0); + if (r < 0) + return r; + + r = reenc_keyslot_validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot)); + if (r) { + log_dbg(cd, "Keyslot validation failed."); + return r; + } + + return 0; +} + const keyslot_handler reenc_keyslot = { .name = "reencrypt", .open = reenc_keyslot_open,