eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 19:00:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reenc keyslot must have key_size == 1.

Browse Source
This commit is contained in:
Milan Broz
2022-01-02 16:57:31 +01:00
parent 3d269a5ae3
commit 4af4a4a631
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lib/luks2/luks2_keyslot_reenc.c
View File

@@ -230,7 +230,7 @@ static int reenc_keyslot_dump(struct crypt_device *cd, int keyslot)
static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_keyslot) static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_keyslot)
{ {
json_object *jobj_mode, *jobj_area, *jobj_type, *jobj_shift_size, *jobj_hash, *jobj_sector_size, *jobj_direction; json_object *jobj_mode, *jobj_area, *jobj_type, *jobj_shift_size, *jobj_hash, *jobj_sector_size, *jobj_direction, *jobj_key_size;
const char *mode, *type, *direction; const char *mode, *type, *direction;
uint32_t sector_size; uint32_t sector_size;
uint64_t shift_size; uint64_t shift_size;
@@ -250,12 +250,18 @@ static int reenc_keyslot_validate(struct crypt_device *cd, json_object *jobj_key
!json_object_object_get_ex(jobj_area, "type", &jobj_type)) !json_object_object_get_ex(jobj_area, "type", &jobj_type))
return -EINVAL; return -EINVAL;
jobj_key_size = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "key_size", json_type_int);
jobj_mode = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "mode", json_type_string); jobj_mode = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "mode", json_type_string);
jobj_direction = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "direction", json_type_string); jobj_direction = json_contains(cd, jobj_keyslot, "", "reencrypt keyslot", "direction", json_type_string);
if (!jobj_mode || !jobj_direction) if (!jobj_mode || !jobj_direction || !jobj_key_size)
return -EINVAL; return -EINVAL;
if (!validate_json_uint32(jobj_key_size) || crypt_jobj_get_uint32(jobj_key_size) != 1) {
log_dbg(cd, "Illegal reencrypt key size.");
return -EINVAL;
}
mode = json_object_get_string(jobj_mode); mode = json_object_get_string(jobj_mode);
type = json_object_get_string(jobj_type); type = json_object_get_string(jobj_type);
direction = json_object_get_string(jobj_direction); direction = json_object_get_string(jobj_direction);