diff --git a/lib/luks2/luks2.h b/lib/luks2/luks2.h index 533da1a7..8aea8899 100644 --- a/lib/luks2/luks2.h +++ b/lib/luks2/luks2.h @@ -278,6 +278,8 @@ int json_segments_count(json_object *jobj_segments); json_object *json_segments_get_segment_by_flag(json_object *jobj_segments, const char *flag); void json_segment_remove_flag(json_object *jobj_segment, const char *flag); uint64_t json_segments_get_minimal_offset(json_object *jobj_segments, unsigned blockwise); +json_object *json_segment_create_linear(uint64_t offset, const uint64_t *length); +json_object *json_segment_create_crypt(uint64_t offset, uint64_t iv_offset, const uint64_t *length, const char *cipher, uint32_t sector_size); /* * Generic LUKS2 digest diff --git a/lib/luks2/luks2_json_format.c b/lib/luks2/luks2_json_format.c index 991c7378..f9104c32 100644 --- a/lib/luks2/luks2_json_format.c +++ b/lib/luks2/luks2_json_format.c @@ -225,25 +225,15 @@ int LUKS2_generate_hdr( json_object_object_add(hdr->jobj, "config", jobj_config); digest = LUKS2_digest_create(cd, "pbkdf2", hdr, vk); - if (digest < 0) { - json_object_put(hdr->jobj); - hdr->jobj = NULL; - return -EINVAL; - } + if (digest < 0) + goto err; - if (LUKS2_digest_segment_assign(cd, hdr, CRYPT_DEFAULT_SEGMENT, digest, 1, 0) < 0) { - json_object_put(hdr->jobj); - hdr->jobj = NULL; - return -EINVAL; - } + if (LUKS2_digest_segment_assign(cd, hdr, CRYPT_DEFAULT_SEGMENT, digest, 1, 0) < 0) + goto err; - jobj_segment = json_object_new_object(); - json_object_object_add(jobj_segment, "type", json_object_new_string("crypt")); - json_object_object_add(jobj_segment, "offset", json_object_new_uint64(data_offset)); - json_object_object_add(jobj_segment, "iv_tweak", json_object_new_string("0")); - json_object_object_add(jobj_segment, "size", json_object_new_string("dynamic")); - json_object_object_add(jobj_segment, "encryption", json_object_new_string(cipher)); - json_object_object_add(jobj_segment, "sector_size", json_object_new_int(sector_size)); + jobj_segment = json_segment_create_crypt(data_offset, 0, NULL, cipher, sector_size); + if (!jobj_segment) + goto err; if (integrity) { jobj_integrity = json_object_new_object(); @@ -260,6 +250,10 @@ int LUKS2_generate_hdr( JSON_DBG(cd, hdr->jobj, "Header JSON:"); return 0; +err: + json_object_put(hdr->jobj); + hdr->jobj = NULL; + return -EINVAL; } int LUKS2_wipe_header_areas(struct crypt_device *cd, diff --git a/lib/luks2/luks2_segment.c b/lib/luks2/luks2_segment.c index 250d3de3..02dcfe15 100644 --- a/lib/luks2/luks2_segment.c +++ b/lib/luks2/luks2_segment.c @@ -204,3 +204,36 @@ void json_segment_remove_flag(json_object *jobj_segment, const char *flag) } else json_object_object_add(jobj_segment, "flags", jobj_flags_new); } + +static json_object *_segment_create_generic(const char *type, uint64_t offset, const uint64_t *length) +{ + json_object *jobj = json_object_new_object(); + if (!jobj) + return NULL; + + json_object_object_add(jobj, "type", json_object_new_string(type)); + json_object_object_add(jobj, "offset", json_object_new_uint64(offset)); + json_object_object_add(jobj, "size", length ? json_object_new_uint64(*length) : json_object_new_string("dynamic")); + + return jobj; +} + +json_object *json_segment_create_linear(uint64_t offset, const uint64_t *length) +{ + return _segment_create_generic("linear", offset, length); +} + +json_object *json_segment_create_crypt(uint64_t offset, + uint64_t iv_offset, const uint64_t *length, + const char *cipher, uint32_t sector_size) +{ + json_object *jobj = _segment_create_generic("crypt", offset, length); + if (!jobj) + return NULL; + + json_object_object_add(jobj, "iv_tweak", json_object_new_uint64(iv_offset)); + json_object_object_add(jobj, "encryption", json_object_new_string(cipher)); + json_object_object_add(jobj, "sector_size", json_object_new_int(sector_size)); + + return jobj; +}