From 622943529ee87e3d24e2120785899e73b8bed5b4 Mon Sep 17 00:00:00 2001 From: Ondrej Kozina Date: Thu, 23 Aug 2018 16:38:34 +0200 Subject: [PATCH] Wipe LUKS header if luksFormat fails to add first keyslot. --- src/cryptsetup.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/cryptsetup.c b/src/cryptsetup.c index 386af508..52efd715 100644 --- a/src/cryptsetup.c +++ b/src/cryptsetup.c @@ -1066,8 +1066,10 @@ static int action_luksFormat(void) r = crypt_keyslot_add_by_volume_key(cd, opt_key_slot, key, keysize, password, passwordLen); - if (r < 0) /* FIXME: call wipe signatures again */ + if (r < 0) { + (void) tools_wipe_all_signatures(header_device); goto out; + } tools_keyslot_msg(r, CREATED); if (opt_integrity && !opt_integrity_no_wipe)