From fb8aa6d03b4a92930722bc8a47b2f051aaca9d14 Mon Sep 17 00:00:00 2001
From: Ondrej Kozina <okozina@redhat.com>
Date: Thu, 18 Feb 2021 11:08:32 +0100
Subject: [PATCH] Fix default xts mode key size in reencryption.

Reencryption did not take into account adjusted xts
key size configuration option. This patch fix the
issue by using same logic as in luksFormat with xts
mode selected for data encryption.
---
 src/cryptsetup.c              | 31 ++++++++++++++++++-------------
 tests/luks2-reencryption-test |  6 +++++-
 2 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index 9366f806..a003b11d 100644
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -1242,6 +1242,21 @@ static int strcmp_or_null(const char *str, const char *expected)
 	return !str ? 0 : strcmp(str, expected);
 }
 
+static int get_adjusted_key_size(const char *cipher_mode, uint32_t default_size_bits, int integrity_keysize)
+{
+	uint32_t keysize_bits = opt_key_size;
+
+#ifdef ENABLE_LUKS_ADJUST_XTS_KEYSIZE
+	if (!opt_key_size && !strncmp(cipher_mode, "xts-", 4)) {
+		if (default_size_bits == 128)
+			keysize_bits = 256;
+		else if (default_size_bits == 256)
+			keysize_bits = 512;
+	}
+#endif
+	return (keysize_bits ?: default_size_bits) / 8 + integrity_keysize;
+}
+
 static int _luksFormat(struct crypt_device **r_cd, char **r_password, size_t *r_passwordLen)
 {
 	int r = -EINVAL, keysize, integrity_keysize = 0, fd, created = 0;
@@ -1374,15 +1389,7 @@ static int _luksFormat(struct crypt_device **r_cd, char **r_password, size_t *r_
 			goto out;
 	}
 
-#ifdef ENABLE_LUKS_ADJUST_XTS_KEYSIZE
-	if (!opt_key_size && !strncmp(cipher_mode, "xts-", 4)) {
-		if (DEFAULT_LUKS1_KEYBITS == 128)
-			opt_key_size = 256;
-		else if (DEFAULT_LUKS1_KEYBITS == 256)
-			opt_key_size = 512;
-	}
-#endif
-	keysize = (opt_key_size ?: DEFAULT_LUKS1_KEYBITS) / 8 + integrity_keysize;
+	keysize = get_adjusted_key_size(cipher_mode, DEFAULT_LUKS1_KEYBITS, integrity_keysize);
 
 	if (opt_random)
 		crypt_set_rng_type(cd, CRYPT_RNG_RANDOM);
@@ -3215,10 +3222,8 @@ static int action_reencrypt_luks2(struct crypt_device *cd)
 	if (r)
 		return r;
 
-	if (opt_key_size)
-		key_size = opt_key_size / 8;
-	else if (opt_cipher)
-		key_size = DEFAULT_LUKS1_KEYBITS / 8;
+	if (opt_key_size || opt_cipher)
+		key_size = get_adjusted_key_size(mode, DEFAULT_LUKS1_KEYBITS, 0);
 	else
 		key_size = crypt_get_volume_key_size(cd);
 
diff --git a/tests/luks2-reencryption-test b/tests/luks2-reencryption-test
index 93bddde7..56813b3c 100755
--- a/tests/luks2-reencryption-test
+++ b/tests/luks2-reencryption-test
@@ -654,7 +654,7 @@ function reencrypt_online_fixed_size() {
 }
 
 function setup_luks2_env() {
-	echo $PWD1 | $CRYPTSETUP luksFormat --type luks2 $FAST_PBKDF_ARGON $DEV || fail
+	echo $PWD1 | $CRYPTSETUP luksFormat --type luks2 -c aes-xts-plain64 $FAST_PBKDF_ARGON $DEV || fail
 	echo $PWD1 | $CRYPTSETUP open $DEV $DEV_NAME || fail
 	HAVE_KEYRING=$($CRYPTSETUP status $DEV_NAME | grep "key location: keyring")
 	if [ -n "$HAVE_KEYRING" ]; then
@@ -662,6 +662,8 @@ function setup_luks2_env() {
 	else
 		HAVE_KEYRING=0
 	fi
+	DEF_XTS_KEY=$($CRYPTSETUP status $DEV_NAME | grep "keysize:" | sed 's/\(  keysize: \)\([0-9]\+\)\(.*\)/\2/')
+	[ -n "$DEF_XTS_KEY" ] || fail "Failed to parse xts mode key size."
 	$CRYPTSETUP close $DEV_NAME || fail
 }
 
@@ -736,6 +738,8 @@ check_hash $PWD1 $HASH1
 echo $PWD1 | $CRYPTSETUP reencrypt $DEV -q -c aes-xts-plain64 --init-only $FAST_PBKDF_ARGON || fail
 echo $PWD1 | $CRYPTSETUP open $DEV $DEV_NAME || fail
 echo $PWD1 | $CRYPTSETUP reencrypt --active-name /dev/mapper/$DEV_NAME --resilience none -q || fail
+XTS_KEY=$($CRYPTSETUP status $DEV_NAME | grep "keysize:" | sed 's/\(  keysize: \)\([0-9]\+\)\(.*\)/\2/')
+[ "$XTS_KEY" -eq "$DEF_XTS_KEY" ] || fail "xts mode has wrong key size after reencryption ($XTS_KEY != expected $DEF_XTS_KEY)"
 echo $PWD1 | $CRYPTSETUP close $DEV_NAME || fail
 echo -n "[OK][4096 sector]"
 prepare sector_size=4096 dev_size_mb=32