eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-14 12:20:00 +01:00
Code Issues Packages Projects Releases Wiki Activity

Move cipher_dm2c to crypto utilities.

Browse Source 
(Gets renamed to crypt_capi_to_cipher)
This commit is contained in:
Ondrej Kozina
2022-10-11 10:50:17 +02:00
parent 3616da631f
commit 9a9ddc7d22
3 changed files with 85 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
lib/libdevmapper.c
View File

@@ -476,27 +476,22 @@ static size_t int_log10(uint64_t x)
return r; return r;
} }
#define CLEN 64 /* 2*MAX_CIPHER_LEN */
#define CLENS "63" /* for sscanf length + '\0' */
#define CAPIL 144 /* should be enough to fit whole capi string */
#define CAPIS "143" /* for sscanf of crypto API string + 16 + \0 */
static int cipher_dm2c(const char *org_c, const char *org_i, unsigned tag_size, static int cipher_dm2c(const char *org_c, const char *org_i, unsigned tag_size,
char *c_dm, int c_dm_size, char *c_dm, int c_dm_size,
char *i_dm, int i_dm_size) char *i_dm, int i_dm_size)
{ {
int c_size = 0, i_size = 0, i; int c_size = 0, i_size = 0, i;
char cipher[CLEN], mode[CLEN], iv[CLEN+1], tmp[CLEN]; char cipher[MAX_CAPI_ONE_LEN], mode[MAX_CAPI_ONE_LEN], iv[MAX_CAPI_ONE_LEN+1],
char capi[CAPIL]; tmp[MAX_CAPI_ONE_LEN], capi[MAX_CAPI_LEN];
if (!c_dm || !c_dm_size || !i_dm || !i_dm_size) if (!c_dm || !c_dm_size || !i_dm || !i_dm_size)
return -EINVAL; return -EINVAL;
i = sscanf(org_c, "%" CLENS "[^-]-%" CLENS "s", cipher, tmp); i = sscanf(org_c, "%" MAX_CAPI_ONE_LEN_STR "[^-]-%" MAX_CAPI_ONE_LEN_STR "s", cipher, tmp);
if (i != 2) if (i != 2)
return -EINVAL; return -EINVAL;
i = sscanf(tmp, "%" CLENS "[^-]-%" CLENS "s", mode, iv); i = sscanf(tmp, "%" MAX_CAPI_ONE_LEN_STR "[^-]-%" MAX_CAPI_ONE_LEN_STR "s", mode, iv);
if (i == 1) { if (i == 1) {
memset(iv, 0, sizeof(iv)); memset(iv, 0, sizeof(iv));
strncpy(iv, mode, sizeof(iv)-1); strncpy(iv, mode, sizeof(iv)-1);
@@ -543,75 +538,6 @@ static int cipher_dm2c(const char *org_c, const char *org_i, unsigned tag_size,
return 0; return 0;
} }
static int cipher_c2dm(char **org_c, char **org_i, const char *c_dm, const char *i_dm)
{
char cipher[CLEN], mode[CLEN], iv[CLEN], auth[CLEN];
char tmp[CAPIL], dmcrypt_tmp[CAPIL*2], capi[CAPIL+1];
size_t len;
int i;
if (!c_dm)
return -EINVAL;
/* legacy mode */
if (strncmp(c_dm, "capi:", 4)) {
if (!(*org_c = strdup(c_dm)))
return -ENOMEM;
*org_i = NULL;
return 0;
}
/* modes with capi: prefix */
i = sscanf(c_dm, "capi:%" CAPIS "[^-]-%" CLENS "s", tmp, iv);
if (i != 2)
return -EINVAL;
len = strlen(tmp);
if (len < 2)
return -EINVAL;
if (tmp[len-1] == ')')
tmp[len-1] = '\0';
if (sscanf(tmp, "rfc4309(%" CAPIS "s", capi) == 1) {
if (!(*org_i = strdup("aead")))
return -ENOMEM;
} else if (sscanf(tmp, "rfc7539(%" CAPIS "[^,],%" CLENS "s", capi, auth) == 2) {
if (!(*org_i = strdup(auth)))
return -ENOMEM;
} else if (sscanf(tmp, "authenc(%" CLENS "[^,],%" CAPIS "s", auth, capi) == 2) {
if (!(*org_i = strdup(auth)))
return -ENOMEM;
} else {
if (i_dm) {
if (!(*org_i = strdup(i_dm)))
return -ENOMEM;
} else
*org_i = NULL;
memset(capi, 0, sizeof(capi));
strncpy(capi, tmp, sizeof(capi)-1);
}
i = sscanf(capi, "%" CLENS "[^(](%" CLENS "[^)])", mode, cipher);
if (i == 2)
i = snprintf(dmcrypt_tmp, sizeof(dmcrypt_tmp), "%s-%s-%s", cipher, mode, iv);
else
i = snprintf(dmcrypt_tmp, sizeof(dmcrypt_tmp), "%s-%s", capi, iv);
if (i < 0 || (size_t)i >= sizeof(dmcrypt_tmp)) {
free(*org_i);
*org_i = NULL;
return -EINVAL;
}
if (!(*org_c = strdup(dmcrypt_tmp))) {
free(*org_i);
*org_i = NULL;
return -ENOMEM;
}
return 0;
}
static char *_uf(char *buf, size_t buf_size, const char *s, unsigned u) static char *_uf(char *buf, size_t buf_size, const char *s, unsigned u)
{ {
size_t r = snprintf(buf, buf_size, " %s:%u", s, u); size_t r = snprintf(buf, buf_size, " %s:%u", s, u);
@@ -2066,7 +1992,7 @@ static int _dm_target_query_crypt(struct crypt_device *cd, uint32_t get_flags,
/* cipher */ /* cipher */
if (get_flags & DM_ACTIVE_CRYPT_CIPHER) { if (get_flags & DM_ACTIVE_CRYPT_CIPHER) {
r = cipher_c2dm(CONST_CAST(char**)&cipher, r = crypt_capi_to_cipher(CONST_CAST(char**)&cipher,
CONST_CAST(char**)&integrity, CONST_CAST(char**)&integrity,
rcipher, rintegrity); rcipher, rintegrity);
if (r < 0) if (r < 0)

72
lib/utils_crypt.c
View File

@@ -31,6 +31,8 @@
#include "libcryptsetup.h" #include "libcryptsetup.h"
#include "utils_crypt.h" #include "utils_crypt.h"
#define MAX_CAPI_LEN_STR "143" /* for sscanf of crypto API string + 16 + \0 */
int crypt_parse_name_and_mode(const char *s, char *cipher, int *key_nums, int crypt_parse_name_and_mode(const char *s, char *cipher, int *key_nums,
char *cipher_mode) char *cipher_mode)
{ {
@@ -266,3 +268,73 @@ bool crypt_is_cipher_null(const char *cipher_spec)
return false; return false;
return (strstr(cipher_spec, "cipher_null") || !strcmp(cipher_spec, "null")); return (strstr(cipher_spec, "cipher_null") || !strcmp(cipher_spec, "null"));
} }
int crypt_capi_to_cipher(char **org_c, char **org_i, const char *c_dm, const char *i_dm)
{
char cipher[MAX_CAPI_ONE_LEN], mode[MAX_CAPI_ONE_LEN], iv[MAX_CAPI_ONE_LEN],
auth[MAX_CAPI_ONE_LEN], tmp[MAX_CAPI_LEN], dmcrypt_tmp[MAX_CAPI_LEN*2],
capi[MAX_CAPI_LEN+1];
size_t len;
int i;
if (!c_dm)
return -EINVAL;
/* legacy mode */
if (strncmp(c_dm, "capi:", 4)) {
if (!(*org_c = strdup(c_dm)))
return -ENOMEM;
*org_i = NULL;
return 0;
}
/* modes with capi: prefix */
i = sscanf(c_dm, "capi:%" MAX_CAPI_LEN_STR "[^-]-%" MAX_CAPI_ONE_LEN_STR "s", tmp, iv);
if (i != 2)
return -EINVAL;
len = strlen(tmp);
if (len < 2)
return -EINVAL;
if (tmp[len-1] == ')')
tmp[len-1] = '\0';
if (sscanf(tmp, "rfc4309(%" MAX_CAPI_LEN_STR "s", capi) == 1) {
if (!(*org_i = strdup("aead")))
return -ENOMEM;
} else if (sscanf(tmp, "rfc7539(%" MAX_CAPI_LEN_STR "[^,],%" MAX_CAPI_ONE_LEN_STR "s", capi, auth) == 2) {
if (!(*org_i = strdup(auth)))
return -ENOMEM;
} else if (sscanf(tmp, "authenc(%" MAX_CAPI_ONE_LEN_STR "[^,],%" MAX_CAPI_LEN_STR "s", auth, capi) == 2) {
if (!(*org_i = strdup(auth)))
return -ENOMEM;
} else {
if (i_dm) {
if (!(*org_i = strdup(i_dm)))
return -ENOMEM;
} else
*org_i = NULL;
memset(capi, 0, sizeof(capi));
strncpy(capi, tmp, sizeof(capi)-1);
}
i = sscanf(capi, "%" MAX_CAPI_ONE_LEN_STR "[^(](%" MAX_CAPI_ONE_LEN_STR "[^)])", mode, cipher);
if (i == 2)
i = snprintf(dmcrypt_tmp, sizeof(dmcrypt_tmp), "%s-%s-%s", cipher, mode, iv);
else
i = snprintf(dmcrypt_tmp, sizeof(dmcrypt_tmp), "%s-%s", capi, iv);
if (i < 0 || (size_t)i >= sizeof(dmcrypt_tmp)) {
free(*org_i);
*org_i = NULL;
return -EINVAL;
}
if (!(*org_c = strdup(dmcrypt_tmp))) {
free(*org_i);
*org_i = NULL;
return -ENOMEM;
}
return 0;
}

11
lib/utils_crypt.h
View File

@@ -27,9 +27,12 @@
struct crypt_device; struct crypt_device;
#define MAX_CIPHER_LEN 32 #define MAX_CIPHER_LEN 32
#define MAX_CIPHER_LEN_STR "31" #define MAX_CIPHER_LEN_STR "31"
#define MAX_KEYFILES 32 #define MAX_KEYFILES 32
#define MAX_CAPI_ONE_LEN 2 * MAX_CIPHER_LEN
#define MAX_CAPI_ONE_LEN_STR "63" /* for sscanf length + '\0' */
#define MAX_CAPI_LEN 144 /* should be enough to fit whole capi string */
int crypt_parse_name_and_mode(const char *s, char *cipher, int crypt_parse_name_and_mode(const char *s, char *cipher,
int *key_nums, char *cipher_mode); int *key_nums, char *cipher_mode);
@@ -46,4 +49,6 @@ void crypt_log_hex(struct crypt_device *cd,
bool crypt_is_cipher_null(const char *cipher_spec); bool crypt_is_cipher_null(const char *cipher_spec);
int crypt_capi_to_cipher(char **org_c, char **org_i, const char *c_dm, const char *i_dm);
#endif /* _UTILS_CRYPT_H */ #endif /* _UTILS_CRYPT_H */