diff --git a/lib/internal.h b/lib/internal.h index f1525f21..cadf5010 100644 --- a/lib/internal.h +++ b/lib/internal.h @@ -137,6 +137,8 @@ int PLAIN_activate(struct crypt_device *cd, uint64_t size, uint32_t flags); +void *crypt_get_hdr(struct crypt_device *cd, const char *type); + /** * Different methods used to erase sensitive data concerning * either encrypted payload area or master key inside keyslot @@ -152,8 +154,9 @@ typedef enum { int crypt_wipe(struct device *device, uint64_t offset, - uint64_t sectors, + uint64_t size, crypt_wipe_type type, - int flags); + int exclusive); + #endif /* INTERNAL_H */ diff --git a/lib/luks1/af.c b/lib/luks1/af.c index 813b7de9..1f4dd67e 100644 --- a/lib/luks1/af.c +++ b/lib/luks1/af.c @@ -99,7 +99,7 @@ static int diffuse(char *src, char *dst, size_t size, const char *hash_name) * must be supplied to AF_merge to recover information. */ -int AF_split(char *src, char *dst, size_t blocksize, +int AF_split(const char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash) { unsigned int i; @@ -125,7 +125,7 @@ out: return r; } -int AF_merge(char *src, char *dst, size_t blocksize, +int AF_merge(const char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash) { unsigned int i; diff --git a/lib/luks1/af.h b/lib/luks1/af.h index c755b990..d2a92fa7 100644 --- a/lib/luks1/af.h +++ b/lib/luks1/af.h @@ -37,8 +37,24 @@ * On error, both functions return -1, 0 otherwise. */ -int AF_split(char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash); -int AF_merge(char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash); +int AF_split(const char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash); +int AF_merge(const char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash); size_t AF_split_sectors(size_t blocksize, unsigned int blocknumbers); +int LUKS_encrypt_to_storage( + char *src, size_t srcLength, + const char *cipher, + const char *cipher_mode, + struct volume_key *vk, + unsigned int sector, + struct crypt_device *ctx); + +int LUKS_decrypt_from_storage( + char *dst, size_t dstLength, + const char *cipher, + const char *cipher_mode, + struct volume_key *vk, + unsigned int sector, + struct crypt_device *ctx); + #endif diff --git a/lib/luks1/luks.h b/lib/luks1/luks.h index 40ae2814..5d4b9dd0 100644 --- a/lib/luks1/luks.h +++ b/lib/luks1/luks.h @@ -173,22 +173,6 @@ int LUKS_keyslot_area(const struct luks_phdr *hdr, uint64_t *offset, uint64_t *length); -int LUKS_encrypt_to_storage( - char *src, size_t srcLength, - const char *cipher, - const char *cipher_mode, - struct volume_key *vk, - unsigned int sector, - struct crypt_device *ctx); - -int LUKS_decrypt_from_storage( - char *dst, size_t dstLength, - const char *cipher, - const char *cipher_mode, - struct volume_key *vk, - unsigned int sector, - struct crypt_device *ctx); - int LUKS1_activate(struct crypt_device *cd, const char *name, struct volume_key *vk, diff --git a/lib/utils_crypt.c b/lib/utils_crypt.c index 6950e970..687894e8 100644 --- a/lib/utils_crypt.c +++ b/lib/utils_crypt.c @@ -48,6 +48,9 @@ struct safe_allocation { int crypt_parse_name_and_mode(const char *s, char *cipher, int *key_nums, char *cipher_mode) { + if (!s || !cipher || !cipher_mode) + return -EINVAL; + if (sscanf(s, "%" MAX_CIPHER_LEN_STR "[^-]-%" MAX_CIPHER_LEN_STR "s", cipher, cipher_mode) == 2) { if (!strcmp(cipher_mode, "plain"))