eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 10:50:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

* Remove old API code helper functions.

Browse Source 
Signed-off-by: Milan Broz <mbroz@redhat.com>

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@98 36d66b0a-2a48-0410-832c-cd162a569da5
This commit is contained in:
Milan Broz
2009-08-30 18:10:11 +00:00
parent 7bc5829c43
commit 3deabc8e56
2 changed files with 1 additions and 180 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -15,6 +15,7 @@
* Replace global options struct with separate parameters in helper functions.
* Add new libcryptsetup API (documented in libcryptsetup.h).
* Implement old API calls using new functions.
* Remove old API code helper functions.
2009-08-17 Milan Broz <mbroz@redhat.com>
* Fix PBKDF2 speed calculation for large passhrases.

180
lib/setup.c
View File

@@ -182,43 +182,6 @@ static int keyslot_verify_or_find_empty(struct crypt_device *cd, int *keyslot)
return 0;
}
static int keyslot_is_valid(struct crypt_device *cd, int keySlotIndex)
{
if(keySlotIndex >= LUKS_NUMKEYS || keySlotIndex < 0) {
log_err(cd, _("Key slot %d is invalid, please select between 0 and %d.\n"),
keySlotIndex, LUKS_NUMKEYS - 1);
return 0;
}
return 1;
}
/* Select free keyslot or verifies that the one specified is empty */
static int keyslot_from_option(struct crypt_device *cd, int keySlotOption, struct luks_phdr *hdr) {
if(keySlotOption >= 0) {
if(!keyslot_is_valid(cd, keySlotOption))
return -EINVAL;
else if(hdr->keyblock[keySlotOption].active != LUKS_KEY_DISABLED) {
log_err(cd, _("Key slot %d is full, please select another one.\n"),
keySlotOption);
return -EINVAL;
} else {
return keySlotOption;
}
} else {
int i;
/* Find empty key slot */
for(i=0; i<LUKS_NUMKEYS; i++) {
if(hdr->keyblock[i].active == LUKS_KEY_DISABLED) break;
}
if(i==LUKS_NUMKEYS) {
log_err(cd, _("All key slots full.\n"));
return -EINVAL;
}
return i;
}
}
static int verify_other_keyslot(struct crypt_device *cd,
const char *key_file,
unsigned int flags,
@@ -307,149 +270,6 @@ static int device_check_and_adjust(struct crypt_device *cd,
return 0;
}
static int create_device_helper_old(int reload, struct crypt_options *options)
{
struct crypt_device *cd = NULL;
char *key = NULL;
unsigned int keyLen;
char *processed_key = NULL;
int read_only;
int r;
r = dm_status_device(options->name);
if (reload) {
if (r < 0)
return r;
} else {
if (r >= 0) {
log_err(cd, _("Device %s already exists.\n"), options->name);
return -EEXIST;
}
if (r != -ENODEV)
return r;
}
if (options->key_size < 0 || options->key_size > 1024) {
log_err(cd, _("Invalid key size %d.\n"), options->key_size);
return -EINVAL;
}
read_only = (options->flags & CRYPT_FLAG_READONLY);
r = device_check_and_adjust(cd, options->device, &options->size, &options->offset, &read_only);
if (r)
return r;
get_key("Enter passphrase: ", &key, &keyLen, options->key_size,
options->key_file, options->timeout, options->flags, NULL);
if (!key) {
log_err(cd, "Key reading error");
return -ENOENT;
}
processed_key = process_key(cd, options->hash, options->key_file, options->key_size, key, keyLen);
safe_free(key);
if (!processed_key)
return -ENOENT;
r = dm_create_device(options->name, options->device, options->cipher,
NULL, options->size, options->skip, options->offset,
options->key_size, processed_key,
read_only, reload);
safe_free(processed_key);
return r;
}
static int luks_remove_helper_old(struct crypt_device *cd,
struct crypt_options *options, int supply_it)
{
struct luks_masterkey *mk;
struct luks_phdr hdr;
char *password=NULL;
unsigned int passwordLen;
const char *device = options->device;
int keyIndex;
int openedIndex;
int r, last_slot;
r = LUKS_read_phdr(options->device, &hdr, 1, cd);
if(r < 0)
return r;
if(supply_it) {
get_key("Enter LUKS passphrase to be deleted: ",&password,&passwordLen, 0, options->new_key_file,
options->timeout, options->flags, cd);
if(!password) {
r = -EINVAL; goto out;
}
keyIndex = LUKS_open_key_with_hdr(device, CRYPT_ANY_SLOT, password, passwordLen, &hdr, &mk, cd);
if(keyIndex < 0) {
log_err(cd, "No remaining key available with this passphrase.\n");
r = -EPERM; goto out;
} else
log_std(cd ,"key slot %d selected for deletion.\n", keyIndex);
safe_free(password);
password = NULL;
} else {
keyIndex = options->key_slot;
if (!keyslot_is_valid(cd, keyIndex)) {
r = -EINVAL; goto out;
}
}
if (LUKS_keyslot_info(&hdr, keyIndex) == SLOT_INACTIVE) {
log_err(cd, _("Key %d not active. Can't wipe.\n"), keyIndex);
r = -EINVAL;
goto out;
}
last_slot = (LUKS_keyslot_info(&hdr, keyIndex) == SLOT_ACTIVE_LAST);
if(last_slot && !(options->icb->yesDialog(_("This is the last keyslot. Device will become unusable after purging this key.")))) {
r = -EINVAL; goto out;
}
if(options->flags & CRYPT_FLAG_VERIFY_ON_DELKEY) {
options->flags &= ~CRYPT_FLAG_VERIFY_ON_DELKEY;
get_key("Enter any remaining LUKS passphrase: ",&password,&passwordLen, 0, options->key_file,
options->timeout, options->flags, cd);
if(!password) {
r = -EINVAL; goto out;
}
r = LUKS_read_phdr(device, &hdr, 1, cd);
if(r < 0) {
options->icb->log(CRYPT_LOG_ERROR,"Failed to access device.\n");
r = -EIO; goto out;
}
if(!last_slot)
hdr.keyblock[keyIndex].active = LUKS_KEY_DISABLED;
openedIndex = LUKS_open_key_with_hdr(device, CRYPT_ANY_SLOT, password, passwordLen, &hdr, &mk, cd);
/* Clean up */
if (openedIndex >= 0) {
LUKS_dealloc_masterkey(mk);
mk = NULL;
}
if(openedIndex < 0) {
log_err(cd, "No remaining key available with this passphrase.\n");
r = -EPERM; goto out;
} else
log_std(cd, "key slot %d verified.\n", openedIndex);
}
r = LUKS_del_key(device, keyIndex, cd);
if(r < 0) goto out;
r = 0;
out:
safe_free(password);
return r;
}
static int luks_remove_helper(struct crypt_device *cd,
int key_slot,
const char *other_key_file,