diff --git a/ChangeLog b/ChangeLog index 8765cdbd..f80214a5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,6 @@ +2012-09-11 Milan Broz + * Add crypt_keyslot_area() API call. + 2012-08-27 Milan Broz * Optimize seek to keyfile-offset (Issue #135, thx to dreisner). * Fix luksHeaderBackup for very old v1.0 unaligned LUKS headers. diff --git a/lib/libcryptsetup.h b/lib/libcryptsetup.h index 7d956a8b..a25e08c7 100644 --- a/lib/libcryptsetup.h +++ b/lib/libcryptsetup.h @@ -570,16 +570,6 @@ int crypt_keyslot_add_by_passphrase(struct crypt_device *cd, const char *new_passphrase, size_t new_passphrase_size); -/** - * Get number of keyslots supported for device type. - * - * @param type crypt device type - * - * @return slot count or negative errno otherwise if device - * doesn't not support keyslots. - */ -int crypt_keyslot_max(const char *type); - /** * Add key slot using provided key file path * @@ -972,6 +962,32 @@ typedef enum { crypt_keyslot_info crypt_keyslot_status(struct crypt_device *cd, int keyslot); /** @} */ +/** + * Get number of keyslots supported for device type. + * + * @param type crypt device type + * + * @return slot count or negative errno otherwise if device + * doesn't not support keyslots. + */ +int crypt_keyslot_max(const char *type); + +/** + * Get keyslot area pointers (relative to metadata device) + * + * @param cd crypt device handle + * @param keyslot keyslot number + * @param offset offset on metadata device (in bytes) + * @param length length of keyslot area (in bytes) + * + * @return @e 0 on success or negative errno value otherwise. + * + */ +int crypt_keyslot_area(struct crypt_device *cd, + int keyslot, + uint64_t *offset, + uint64_t *length); + /** * Backup header and keyslots to file * diff --git a/lib/libcryptsetup.sym b/lib/libcryptsetup.sym index 4f054f21..ec9cec04 100644 --- a/lib/libcryptsetup.sym +++ b/lib/libcryptsetup.sym @@ -55,6 +55,7 @@ CRYPTSETUP_1.0 { crypt_get_rng_type; crypt_keyslot_max; + crypt_keyslot_area; crypt_keyslot_status; crypt_last_error; crypt_get_error; diff --git a/lib/luks1/keymanage.c b/lib/luks1/keymanage.c index 75a49811..0fcdd985 100644 --- a/lib/luks1/keymanage.c +++ b/lib/luks1/keymanage.c @@ -53,6 +53,20 @@ static size_t LUKS_device_sectors(size_t keyLen) return sector; } +int LUKS_keyslot_area(struct luks_phdr *hdr, + int keyslot, + uint64_t *offset, + uint64_t *length) +{ + if(keyslot >= LUKS_NUMKEYS || keyslot < 0) + return -EINVAL; + + *offset = hdr->keyblock[keyslot].keyMaterialOffset * SECTOR_SIZE; + *length = AF_split_sectors(hdr->keyBytes, LUKS_STRIPES) * SECTOR_SIZE; + + return 0; +} + static int LUKS_check_device_size(struct crypt_device *ctx, size_t keyLength) { struct device *device = crypt_metadata_device(ctx); diff --git a/lib/luks1/luks.h b/lib/luks1/luks.h index 14484b1f..8491032e 100644 --- a/lib/luks1/luks.h +++ b/lib/luks1/luks.h @@ -168,6 +168,10 @@ crypt_keyslot_info LUKS_keyslot_info(struct luks_phdr *hdr, int keyslot); int LUKS_keyslot_find_empty(struct luks_phdr *hdr); int LUKS_keyslot_active_count(struct luks_phdr *hdr); int LUKS_keyslot_set(struct luks_phdr *hdr, int keyslot, int enable); +int LUKS_keyslot_area(struct luks_phdr *hdr, + int keyslot, + uint64_t *offset, + uint64_t *length); int LUKS_encrypt_to_storage( char *src, size_t srcLength, diff --git a/lib/setup.c b/lib/setup.c index cfec0cfe..d0b25acd 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -2393,6 +2393,17 @@ int crypt_keyslot_max(const char *type) return -EINVAL; } +int crypt_keyslot_area(struct crypt_device *cd, + int keyslot, + uint64_t *offset, + uint64_t *length) +{ + if (!isLUKS(cd->type)) + return -EINVAL; + + return LUKS_keyslot_area(&cd->hdr, keyslot, offset, length); +} + const char *crypt_get_type(struct crypt_device *cd) { return cd->type;