eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-16 05:10:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

bitlk: Add support for activating BITLK devices using volume key

Browse Source 
Both with "crypt_activate_by_volume_key" and using cli with
--master-key option.
This commit is contained in:
Vojtech Trefny
2020-11-10 16:04:05 +01:00
committed by Milan Broz
parent 406d2d8b0a
commit 652081426b
4 changed files with 135 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
src/cryptsetup.c
View File

@@ -482,8 +482,9 @@ static int action_open_bitlk(void)
struct crypt_device *cd = NULL;
const char *activated_name;
uint32_t activate_flags = 0;
int r, tries;
int r, tries, keysize;
char *password = NULL;
char *key = NULL;
size_t passwordLen;
activated_name = ARG_SET(OPT_TEST_PASSPHRASE_ID) ? NULL : action_argv[1];
@@ -498,23 +499,40 @@ static int action_open_bitlk(void)
}
_set_activation_flags(&activate_flags);
tries = (tools_is_stdin(ARG_STR(OPT_KEY_FILE_ID)) && isatty(STDIN_FILENO)) ? ARG_UINT32(OPT_TRIES_ID) : 1;
do {
r = tools_get_key(NULL, &password, &passwordLen,
ARG_UINT64(OPT_KEYFILE_OFFSET_ID), ARG_UINT32(OPT_KEYFILE_SIZE_ID), ARG_STR(OPT_KEY_FILE_ID),
ARG_UINT32(OPT_TIMEOUT_ID), _verify_passphrase(0), 0, cd);
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
keysize = crypt_get_volume_key_size(cd);
if (!keysize && !ARG_SET(OPT_KEY_SIZE_ID)) {
log_err(_("Cannot determine volume key size for BITLK, please use --key-size option."));
r = -EINVAL;
goto out;
} else if (!keysize)
keysize = ARG_UINT32(OPT_KEY_SIZE_ID) / 8;
r = crypt_cli_read_mk(cd, ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize);
if (r < 0)
goto out;
r = crypt_activate_by_volume_key(cd, activated_name,
key, keysize, activate_flags);
} else {
tries = (tools_is_stdin(ARG_STR(OPT_KEY_FILE_ID)) && isatty(STDIN_FILENO)) ? ARG_UINT32(OPT_TRIES_ID) : 1;
do {
r = tools_get_key(NULL, &password, &passwordLen,
ARG_UINT64(OPT_KEYFILE_OFFSET_ID), ARG_UINT32(OPT_KEYFILE_SIZE_ID), ARG_STR(OPT_KEY_FILE_ID),
ARG_UINT32(OPT_TIMEOUT_ID), _verify_passphrase(0), 0, cd);
if (r < 0)
goto out;
r = crypt_activate_by_passphrase(cd, activated_name, CRYPT_ANY_SLOT,
password, passwordLen, activate_flags);
tools_passphrase_msg(r);
check_signal(&r);
crypt_safe_free(password);
password = NULL;
} while ((r == -EPERM || r == -ERANGE) && (--tries > 0));
r = crypt_activate_by_passphrase(cd, activated_name, CRYPT_ANY_SLOT,
password, passwordLen, activate_flags);
tools_passphrase_msg(r);
check_signal(&r);
crypt_safe_free(password);
password = NULL;
} while ((r == -EPERM || r == -ERANGE) && (--tries > 0));
}
out:
crypt_safe_free(password);
crypt_safe_free(key);
crypt_free(cd);
return r;
}