mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-18 14:20:09 +01:00
Replace OPT_MASTER_KEY_FILE_ID with OPT_VOLUME_KEY_FILE_ID.
This commit is contained in:
Milan Broz
@@ -458,7 +458,7 @@ static int action_open_bitlk(void)
|
||||
}
|
||||
set_activation_flags(&activate_flags);
|
||||
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
keysize = crypt_get_volume_key_size(cd);
|
||||
if (!keysize && !ARG_SET(OPT_KEY_SIZE_ID)) {
|
||||
log_err(_("Cannot determine volume key size for BITLK, please use --key-size option."));
|
||||
@@ -467,7 +467,7 @@ static int action_open_bitlk(void)
|
||||
} else if (!keysize)
|
||||
keysize = ARG_UINT32(OPT_KEY_SIZE_ID) / 8;
|
||||
|
||||
r = tools_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize);
|
||||
r = tools_read_vk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), &key, keysize);
|
||||
if (r < 0)
|
||||
goto out;
|
||||
r = crypt_activate_by_volume_key(cd, activated_name,
|
||||
@@ -558,7 +558,7 @@ static int action_tcryptDump(void)
|
||||
if (r < 0)
|
||||
goto out;
|
||||
|
||||
if (ARG_SET(OPT_DUMP_MASTER_KEY_ID))
|
||||
if (ARG_SET(OPT_DUMP_VOLUME_KEY_ID))
|
||||
r = tcryptDump_with_volume_key(cd);
|
||||
else
|
||||
r = crypt_dump(cd);
|
||||
@@ -602,8 +602,8 @@ static int bitlkDump_with_volume_key(struct crypt_device *cd)
|
||||
goto out;
|
||||
tools_keyslot_msg(r, UNLOCKED);
|
||||
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
r = tools_write_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), vk, vk_size);
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
r = tools_write_mk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), vk, vk_size);
|
||||
if (r < 0)
|
||||
goto out;
|
||||
}
|
||||
@@ -613,8 +613,8 @@ static int bitlkDump_with_volume_key(struct crypt_device *cd)
|
||||
log_std("Cipher mode: \t%s\n", crypt_get_cipher_mode(cd));
|
||||
log_std("UUID: \t%s\n", crypt_get_uuid(cd));
|
||||
log_std("MK bits: \t%d\n", (int)vk_size * 8);
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
log_std("Key stored to file %s.\n", ARG_STR(OPT_MASTER_KEY_FILE_ID));
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
log_std("Key stored to file %s.\n", ARG_STR(OPT_VOLUME_KEY_FILE_ID));
|
||||
goto out;
|
||||
}
|
||||
log_std("MK dump:\t");
|
||||
@@ -644,7 +644,7 @@ static int action_bitlkDump(void)
|
||||
if (r < 0)
|
||||
goto out;
|
||||
|
||||
if (ARG_SET(OPT_DUMP_MASTER_KEY_ID))
|
||||
if (ARG_SET(OPT_DUMP_VOLUME_KEY_ID))
|
||||
r = bitlkDump_with_volume_key(cd);
|
||||
else
|
||||
r = crypt_dump(cd);
|
||||
@@ -1370,8 +1370,8 @@ int luksFormat(struct crypt_device **r_cd, char **r_password, size_t *r_password
|
||||
if (r < 0)
|
||||
goto out;
|
||||
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
r = tools_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize);
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
r = tools_read_vk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), &key, keysize);
|
||||
if (r < 0)
|
||||
goto out;
|
||||
}
|
||||
@@ -1471,7 +1471,7 @@ static int action_open_luks(void)
|
||||
|
||||
set_activation_flags(&activate_flags);
|
||||
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
keysize = crypt_get_volume_key_size(cd);
|
||||
if (!keysize && !ARG_SET(OPT_KEY_SIZE_ID)) {
|
||||
log_err(_("Cannot determine volume key size for LUKS without keyslots, please use --key-size option."));
|
||||
@@ -1480,7 +1480,7 @@ static int action_open_luks(void)
|
||||
} else if (!keysize)
|
||||
keysize = ARG_UINT32(OPT_KEY_SIZE_ID) / 8;
|
||||
|
||||
r = tools_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize);
|
||||
r = tools_read_vk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), &key, keysize);
|
||||
if (r < 0)
|
||||
goto out;
|
||||
r = crypt_activate_by_volume_key(cd, activated_name,
|
||||
@@ -1719,8 +1719,8 @@ static int luksAddUnboundKey(void)
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
r = tools_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize);
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
r = tools_read_vk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), &key, keysize);
|
||||
if (r < 0)
|
||||
goto out;
|
||||
|
||||
@@ -1784,7 +1784,7 @@ static int action_luksAddKey(void)
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
if (!keysize && !ARG_SET(OPT_KEY_SIZE_ID)) {
|
||||
log_err(_("Cannot determine volume key size for LUKS without keyslots, please use --key-size option."));
|
||||
r = -EINVAL;
|
||||
@@ -1792,7 +1792,7 @@ static int action_luksAddKey(void)
|
||||
} else if (!keysize)
|
||||
keysize = ARG_UINT32(OPT_KEY_SIZE_ID) / 8;
|
||||
|
||||
r = tools_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, keysize);
|
||||
r = tools_read_vk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), &key, keysize);
|
||||
if (r < 0)
|
||||
goto out;
|
||||
|
||||
@@ -2051,8 +2051,8 @@ static int luksDump_with_volume_key(struct crypt_device *cd)
|
||||
goto out;
|
||||
tools_keyslot_msg(r, UNLOCKED);
|
||||
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
r = tools_write_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), vk, vk_size);
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
r = tools_write_mk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), vk, vk_size);
|
||||
if (r < 0)
|
||||
goto out;
|
||||
}
|
||||
@@ -2063,8 +2063,8 @@ static int luksDump_with_volume_key(struct crypt_device *cd)
|
||||
log_std("Payload offset:\t%d\n", (int)crypt_get_data_offset(cd));
|
||||
log_std("UUID: \t%s\n", crypt_get_uuid(cd));
|
||||
log_std("MK bits: \t%d\n", (int)vk_size * 8);
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
log_std("Key stored to file %s.\n", ARG_STR(OPT_MASTER_KEY_FILE_ID));
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
log_std("Key stored to file %s.\n", ARG_STR(OPT_VOLUME_KEY_FILE_ID));
|
||||
goto out;
|
||||
}
|
||||
log_std("MK dump:\t");
|
||||
@@ -2123,8 +2123,8 @@ static int luksDump_with_unbound_key(struct crypt_device *cd)
|
||||
goto out;
|
||||
tools_keyslot_msg(r, UNLOCKED);
|
||||
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
r = tools_write_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), uk, uk_size);
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
r = tools_write_mk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), uk, uk_size);
|
||||
if (r < 0)
|
||||
goto out;
|
||||
}
|
||||
@@ -2133,8 +2133,8 @@ static int luksDump_with_unbound_key(struct crypt_device *cd)
|
||||
log_std("UUID: \t%s\n", crypt_get_uuid(cd));
|
||||
log_std("Keyslot: \t%d\n", ARG_INT32(OPT_KEY_SLOT_ID));
|
||||
log_std("Key bits:\t%d\n", (int)uk_size * 8);
|
||||
if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
log_std("Key stored to file %s.\n", ARG_STR(OPT_MASTER_KEY_FILE_ID));
|
||||
if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
log_std("Key stored to file %s.\n", ARG_STR(OPT_VOLUME_KEY_FILE_ID));
|
||||
goto out;
|
||||
}
|
||||
log_std("Unbound Key:\t");
|
||||
@@ -2165,7 +2165,7 @@ static int action_luksDump(void)
|
||||
goto out;
|
||||
}
|
||||
|
||||
if (ARG_SET(OPT_DUMP_MASTER_KEY_ID))
|
||||
if (ARG_SET(OPT_DUMP_VOLUME_KEY_ID))
|
||||
r = luksDump_with_volume_key(cd);
|
||||
else if (ARG_SET(OPT_UNBOUND_ID))
|
||||
r = luksDump_with_unbound_key(cd);
|
||||
|
||||
@@ -104,7 +104,7 @@ struct tools_progress_params {
|
||||
int tools_progress(uint64_t size, uint64_t offset, void *usrptr);
|
||||
const char *tools_get_device_name(const char *device, char **r_backing_file);
|
||||
|
||||
int tools_read_mk(const char *file, char **key, int keysize);
|
||||
int tools_read_vk(const char *file, char **key, int keysize);
|
||||
int tools_write_mk(const char *file, const char *key, int keysize);
|
||||
|
||||
int tools_read_json_file(const char *file, char **json, size_t *json_size, bool batch_mode);
|
||||
|
||||
@@ -53,7 +53,7 @@ ARG(OPT_DISABLE_VERACRYPT, '\0', POPT_ARG_NONE, N_("Do not scan for VeraCrypt co
|
||||
|
||||
ARG(OPT_DUMP_JSON, '\0', POPT_ARG_NONE, N_("Dump info in JSON format (LUKS2 only)"), NULL, CRYPT_ARG_BOOL, {}, {})
|
||||
|
||||
ARG(OPT_DUMP_MASTER_KEY, '\0', POPT_ARG_NONE, N_("Dump volume (master) key instead of keyslots info"), NULL, CRYPT_ARG_BOOL, {}, {})
|
||||
ARG(OPT_DUMP_VOLUME_KEY, '\0', POPT_ARG_NONE, N_("Dump volume (master) key instead of keyslots info"), NULL, CRYPT_ARG_BOOL, {}, {})
|
||||
|
||||
ARG(OPT_ENCRYPT, '\0', POPT_ARG_NONE, N_("Encrypt LUKS2 device (in-place encryption)."), NULL, CRYPT_ARG_BOOL, {}, {})
|
||||
|
||||
@@ -107,7 +107,7 @@ ARG(OPT_LUKS2_KEYSLOTS_SIZE, '\0', POPT_ARG_STRING, N_("LUKS2 header keyslots ar
|
||||
|
||||
ARG(OPT_LUKS2_METADATA_SIZE, '\0', POPT_ARG_STRING, N_("LUKS2 header metadata area size"), N_("bytes"), CRYPT_ARG_UINT64, {}, OPT_LUKS2_METADATA_SIZE_ACTIONS)
|
||||
|
||||
ARG(OPT_MASTER_KEY_FILE, '\0', POPT_ARG_STRING, N_("Read the volume (master) key from file."), NULL, CRYPT_ARG_STRING, {}, {})
|
||||
ARG(OPT_VOLUME_KEY_FILE, '\0', POPT_ARG_STRING, N_("Read the volume (master) key from file."), NULL, CRYPT_ARG_STRING, {}, {})
|
||||
|
||||
ARG(OPT_NEW_KEYFILE_OFFSET , '\0', POPT_ARG_STRING, N_("Number of bytes to skip in newly added keyfile"), N_("bytes"), CRYPT_ARG_UINT64, {}, {})
|
||||
|
||||
|
||||
@@ -43,14 +43,14 @@ static int _read_keys(char **integrity_key, struct crypt_params_integrity *param
|
||||
int r;
|
||||
|
||||
if (integrity_key && ARG_SET(OPT_INTEGRITY_KEY_FILE_ID)) {
|
||||
r = tools_read_mk(ARG_STR(OPT_INTEGRITY_KEY_FILE_ID), &int_key, ARG_UINT32(OPT_INTEGRITY_KEY_SIZE_ID));
|
||||
r = tools_read_vk(ARG_STR(OPT_INTEGRITY_KEY_FILE_ID), &int_key, ARG_UINT32(OPT_INTEGRITY_KEY_SIZE_ID));
|
||||
if (r < 0)
|
||||
return r;
|
||||
params->integrity_key_size = ARG_UINT32(OPT_INTEGRITY_KEY_SIZE_ID);
|
||||
}
|
||||
|
||||
if (ARG_SET(OPT_JOURNAL_INTEGRITY_KEY_FILE_ID)) {
|
||||
r = tools_read_mk(ARG_STR(OPT_JOURNAL_INTEGRITY_KEY_FILE_ID), &journal_integrity_key, ARG_UINT32(OPT_JOURNAL_INTEGRITY_KEY_SIZE_ID));
|
||||
r = tools_read_vk(ARG_STR(OPT_JOURNAL_INTEGRITY_KEY_FILE_ID), &journal_integrity_key, ARG_UINT32(OPT_JOURNAL_INTEGRITY_KEY_SIZE_ID));
|
||||
if (r < 0) {
|
||||
crypt_safe_free(int_key);
|
||||
return r;
|
||||
@@ -60,7 +60,7 @@ static int _read_keys(char **integrity_key, struct crypt_params_integrity *param
|
||||
}
|
||||
|
||||
if (ARG_SET(OPT_JOURNAL_CRYPT_KEY_FILE_ID)) {
|
||||
r = tools_read_mk(ARG_STR(OPT_JOURNAL_CRYPT_KEY_FILE_ID), &journal_crypt_key, ARG_UINT32(OPT_JOURNAL_CRYPT_KEY_SIZE_ID));
|
||||
r = tools_read_vk(ARG_STR(OPT_JOURNAL_CRYPT_KEY_FILE_ID), &journal_crypt_key, ARG_UINT32(OPT_JOURNAL_CRYPT_KEY_SIZE_ID));
|
||||
if (r < 0) {
|
||||
crypt_safe_free(int_key);
|
||||
crypt_safe_free(journal_integrity_key);
|
||||
|
||||
@@ -46,7 +46,7 @@
|
||||
#define OPT_DISABLE_LOCKS "disable-locks"
|
||||
#define OPT_DISABLE_VERACRYPT "disable-veracrypt"
|
||||
#define OPT_DUMP_JSON "dump-json-metadata"
|
||||
#define OPT_DUMP_MASTER_KEY "dump-master-key"
|
||||
#define OPT_DUMP_VOLUME_KEY "dump-master-key"
|
||||
#define OPT_ENCRYPT "encrypt"
|
||||
#define OPT_FEC_DEVICE "fec-device"
|
||||
#define OPT_FEC_OFFSET "fec-offset"
|
||||
@@ -102,7 +102,7 @@
|
||||
#define OPT_LABEL "label"
|
||||
#define OPT_LUKS2_KEYSLOTS_SIZE "luks2-keyslots-size"
|
||||
#define OPT_LUKS2_METADATA_SIZE "luks2-metadata-size"
|
||||
#define OPT_MASTER_KEY_FILE "master-key-file"
|
||||
#define OPT_VOLUME_KEY_FILE "master-key-file"
|
||||
#define OPT_NEW "new"
|
||||
#define OPT_NEW_KEYFILE_OFFSET "new-keyfile-offset"
|
||||
#define OPT_NEW_KEYFILE_SIZE "new-keyfile-size"
|
||||
|
||||
@@ -720,8 +720,8 @@ static int reencrypt_luks2_init(struct crypt_device *cd, const char *data_device
|
||||
/* volume key */
|
||||
vk_change = !ARG_SET(OPT_KEEP_KEY_ID);
|
||||
|
||||
if (vk_change && ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
r = tools_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &vk, key_size);
|
||||
if (vk_change && ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
r = tools_read_vk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), &vk, key_size);
|
||||
if (r < 0)
|
||||
goto out;
|
||||
|
||||
|
||||
@@ -531,9 +531,9 @@ static int backup_luks_headers(struct reenc_ctx *rc)
|
||||
}
|
||||
r = crypt_volume_key_get(cd, CRYPT_ANY_SLOT, key, &key_size,
|
||||
rc->p[rc->keyslot].password, rc->p[rc->keyslot].passwordLen);
|
||||
} else if (ARG_SET(OPT_MASTER_KEY_FILE_ID)) {
|
||||
} else if (ARG_SET(OPT_VOLUME_KEY_FILE_ID)) {
|
||||
log_dbg("Loading new key from file.");
|
||||
r = tools_read_mk(ARG_STR(OPT_MASTER_KEY_FILE_ID), &key, key_size);
|
||||
r = tools_read_vk(ARG_STR(OPT_VOLUME_KEY_FILE_ID), &key, key_size);
|
||||
}
|
||||
|
||||
if (r < 0)
|
||||
|
||||
@@ -377,7 +377,7 @@ int tools_is_stdin(const char *key_file)
|
||||
return strcmp(key_file, "-") ? 0 : 1;
|
||||
}
|
||||
|
||||
int tools_read_mk(const char *file, char **key, int keysize)
|
||||
int tools_read_vk(const char *file, char **key, int keysize)
|
||||
{
|
||||
int fd = -1, r = -EINVAL;
|
||||
|
||||
|
||||
@@ -246,7 +246,7 @@ static int _activate(const char *dm_device,
|
||||
goto out;
|
||||
}
|
||||
signature_size = st.st_size;
|
||||
r = tools_read_mk(ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID), &signature, signature_size);
|
||||
r = tools_read_vk(ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID), &signature, signature_size);
|
||||
if (r < 0) {
|
||||
log_err(_("Cannot read signature file %s."), ARG_STR(OPT_ROOT_HASH_SIGNATURE_ID));
|
||||
goto out;
|
||||
|
||||
Reference in New Issue
Block a user