Refactor LUKS decryption.

src/utils_reencrypt.c

@@ -439,6 +439,9 @@ static int decrypt_luks2_init(struct crypt_device *cd, const char *data_device)
 		.max_hotzone_size = ARG_UINT64(OPT_HOTZONE_SIZE_ID) / SECTOR_SIZE,
 	};
 
+	if (!luks2_reencrypt_eligible(cd))
+		return -EINVAL;
+
 	if (!crypt_get_metadata_device_name(cd) || crypt_header_is_detached(cd) <= 0 ||
 	    crypt_get_data_offset(cd) > 0) {
 		log_err(_("LUKS2 decryption is supported with detached header device only (with data offset set to 0)."));
@@ -886,57 +889,6 @@ static int reencrypt_luks2_resume(struct crypt_device *cd)
 	return r;
 }
 
-static int decrypt_luks2(struct crypt_device *cd, int action_argc, const char **action_argv)
-{
-	int r = -EINVAL;
-	char *backing_file = NULL;
-	struct tools_progress_params prog_parms = {
-		.frequency = ARG_UINT32(OPT_PROGRESS_FREQUENCY_ID),
-		.batch_mode = ARG_SET(OPT_BATCH_MODE_ID),
-		.json_output = ARG_SET(OPT_PROGRESS_JSON_ID),
-		.interrupt_message = _("\nReencryption interrupted."),
-		.device = tools_get_device_name(crypt_get_device_name(cd), &backing_file)
-	};
-
-	if (!ARG_SET(OPT_HEADER_ID)) {
-		log_err(_("LUKS2 decryption requires option --header."));
-		goto out;
-	}
-
-	r = luks2_reencrypt_in_progress(cd);
-	if (r < 0) /* error */
-		goto out;
-
-	if (r > 0) { /* in progress */
-		if (ARG_SET(OPT_INIT_ONLY_ID)) {
-			log_err(_("LUKS2 reencryption already initialized. Aborting operation."));
-			r = -EINVAL;
-			goto out;
-		}
-		r = reencrypt_luks2_load(cd, action_argv[0]);
-	} else {
-		if (ARG_SET(OPT_RESUME_ONLY_ID)) {
-			log_err(_("Device reencryption not in progress."));
-			r = -EINVAL;
-			goto out;
-		}
-
-		if (!luks2_reencrypt_eligible(cd))
-			return -EINVAL;
-
-		r = decrypt_luks2_init(cd, action_argv[0]);
-	}
-
-	if (r >= 0 && !ARG_SET(OPT_INIT_ONLY_ID)) {
-		set_int_handler(0);
-		r = crypt_reencrypt_run(cd, tools_progress, &prog_parms);
-	}
-
-out:
-	free(backing_file);
-	return r;
-}
-
 static int reencrypt_luks2(struct crypt_device *cd, int action_argc, const char **action_argv)
 {
 	int r;
@@ -1042,29 +994,29 @@ static int _encrypt(struct crypt_device *cd, const char *type, enum device_statu
 	return r;
 }
 
-static int _decrypt(int action_argc, const char **action_argv)
+static int _decrypt(struct crypt_device *cd, enum device_status_info dev_st, const char *data_device)
 {
-	enum device_status_info dev_st;
 	int r;
-	struct crypt_device *cd = NULL;
-	const char *type = luksType(device_type);
 
-	if (ARG_SET(OPT_ACTIVE_NAME_ID))
+	if (dev_st == DEVICE_LUKS1 || dev_st == DEVICE_LUKS1_UNUSABLE)
-		dev_st = load_luks2_by_name(&cd, ARG_STR(OPT_ACTIVE_NAME_ID), ARG_STR(OPT_HEADER_ID));
+		return reencrypt_luks1(data_device);
-	else
-		dev_st = load_luks(&cd, ARG_STR(OPT_HEADER_ID), action_argv[0]);
 
-	if (dev_st <= DEVICE_LUKS2_REENCRYPT && !isLUKS1(type))
+	if (dev_st == DEVICE_LUKS2_REENCRYPT) {
-		r = decrypt_luks2(cd, action_argc, action_argv);
+		if ((r = reencrypt_luks2_load(cd, data_device)) < 0)
-	else if ((dev_st == DEVICE_LUKS1 || dev_st == DEVICE_LUKS1_UNUSABLE) &&
+			return r;
-		 !isLUKS2(type)) {
+	} else if (dev_st == DEVICE_LUKS2) {
-		crypt_free(cd);
+		if (!ARG_SET(OPT_HEADER_ID)) {
-		return reencrypt_luks1(action_argv[0]);
+			log_err(_("LUKS2 decryption requires --header option ."));
+			return -EINVAL;
+		}
+
+		r = decrypt_luks2_init(cd, data_device);
+		if (r < 0|| ARG_SET(OPT_INIT_ONLY_ID))
+			return r;
 	} else
-		r = -EINVAL;
+		return -EINVAL;
 
-	crypt_free(cd);
+	return reencrypt_luks2_resume(cd);
-	return r;
 }
 
 static int _reencrypt(int action_argc, const char **action_argv)
@@ -1152,7 +1104,7 @@ int reencrypt(int action_argc, const char **action_argv)
 	if (ARG_SET(OPT_ENCRYPT_ID))
 		r = _encrypt(cd, type, dev_st, action_argc, action_argv);
 	else if (ARG_SET(OPT_DECRYPT_ID))
-		r = _decrypt(action_argc, action_argv);
+		r = _decrypt(cd, dev_st, action_argv[0]);
 	else
 		r = _reencrypt(action_argc, action_argv);
 out: