Switch away from accessing volume key internals directly.

Switch current code to use following volume key helpers for accessing internal properties: crypt_volume_key_length(), crypt_volume_key_get_key(), crypt_volume_key_description() and crypt_volume_key_kernel_key_type() Remaining direct access to volume key internals will be dealt with in later commits since it requires some further changes.
2025-12-05 16:00:05 +01:00 · 2025-01-31 16:03:44 +01:00
parent fd9be9e777
commit 54d937dfc7
17 changed files with 165 additions and 124 deletions
--- a/lib/luks2/luks2_reencrypt_digest.c
+++ b/lib/luks2/luks2_reencrypt_digest.c
@@ -274,7 +274,7 @@ static int reencrypt_assembly_verification_data(struct crypt_device *cd,
 			log_dbg(cd, "Key (digest id %d) required but not unlocked.", digest_old);
 			return -EINVAL;
 		}
-		data_len += blob_serialize(vk_old->key, vk_old->keylength, NULL);
+		data_len += blob_serialize(crypt_volume_key_get_key(vk_old), crypt_volume_key_length(vk_old), NULL);
 	}

 	if (digest_new >= 0 && digest_old != digest_new) {
@@ -283,7 +283,7 @@ static int reencrypt_assembly_verification_data(struct crypt_device *cd,
 			log_dbg(cd, "Key (digest id %d) required but not unlocked.", digest_new);
 			return -EINVAL;
 		}
-		data_len += blob_serialize(vk_new->key, vk_new->keylength, NULL);
+		data_len += blob_serialize(crypt_volume_key_get_key(vk_new), crypt_volume_key_length(vk_new), NULL);
 	}

 	if (data_len == 2)
@@ -309,10 +309,12 @@ static int reencrypt_assembly_verification_data(struct crypt_device *cd,
 	*ptr++ = 0x30 + version;

 	if (vk_old)
-		ptr += blob_serialize(vk_old->key, vk_old->keylength, ptr);
+		ptr += blob_serialize(crypt_volume_key_get_key(vk_old),
+				      crypt_volume_key_length(vk_old), ptr);

 	if (vk_new)
-		ptr += blob_serialize(vk_new->key, vk_new->keylength, ptr);
+		ptr += blob_serialize(crypt_volume_key_get_key(vk_new),
+				      crypt_volume_key_length(vk_new), ptr);

 	if (!reenc_keyslot_serialize(hdr, ptr))
 		goto bad;