From 37708b7cade73513c6a02b14c2853f06a528b126 Mon Sep 17 00:00:00 2001 From: Milan Broz Date: Thu, 25 Feb 2010 16:00:12 +0000 Subject: [PATCH] Properly initialise crypto backend in header backup/restore commands. (fixes issue #49) git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@190 36d66b0a-2a48-0410-832c-cd162a569da5 --- ChangeLog | 1 + lib/gcrypt.c | 2 ++ lib/setup.c | 12 ++++++++++++ 3 files changed, 15 insertions(+) diff --git a/ChangeLog b/ChangeLog index ca96a3de..bb043275 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,6 @@ 2010-02-25 Milan Broz * Do not verify unlocking passphrase in luksAddKey command. + * Properly initialise crypto backend in header backup/restore commands. 2010-01-17 Milan Broz * If gcrypt compiled with capabilities, document workaround for cryptsetup (see lib/gcrypt.c). diff --git a/lib/gcrypt.c b/lib/gcrypt.c index 269dc523..cfbcdc7b 100644 --- a/lib/gcrypt.c +++ b/lib/gcrypt.c @@ -23,8 +23,10 @@ int init_crypto(void) * and it locks its memory space anyway. */ #if 0 + log_dbg("Initializing crypto backend (secure memory disabled)."); gcry_control (GCRYCTL_DISABLE_SECMEM); #else + log_dbg("Initializing crypto backend (using secure memory)."); gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); gcry_control (GCRYCTL_RESUME_SECMEM_WARN); diff --git a/lib/setup.c b/lib/setup.c index ea5359a7..6576032a 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -1213,6 +1213,12 @@ int crypt_header_backup(struct crypt_device *cd, if ((requested_type && !isLUKS(requested_type)) || !backup_file) return -EINVAL; + /* Some hash functions need initialized gcrypt library */ + if (init_crypto()) { + log_err(cd, _("Cannot initialize crypto backend.\n")); + return -ENOSYS; + } + log_dbg("Requested header backup of device %s (%s) to " "file %s.", cd->device, requested_type, backup_file); @@ -1226,6 +1232,12 @@ int crypt_header_restore(struct crypt_device *cd, if (requested_type && !isLUKS(requested_type)) return -EINVAL; + /* Some hash functions need initialized gcrypt library */ + if (init_crypto()) { + log_err(cd, _("Cannot initialize crypto backend.\n")); + return -ENOSYS; + } + log_dbg("Requested header restore to device %s (%s) from " "file %s.", cd->device, requested_type, backup_file);