eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,643 Commits 14 Branches 78 Tags
main
Commit Graph

50 Commits

Author SHA1 Message Date
Milan Broz
b0d38f932f Add (ugly) wrorkaround for musl broken macro 
Nobody fixes this for years, there are multiple discussions.
Let's just ignore it.
 2025-08-01 16:48:08 +02:00
Milan Broz
3e114bcb1e Fix warning about NULL argument in setsockopt() 
This should fix a warning produced by scan-build-20

warning: The 4th argument to 'setsockopt' is NULL but should
not be NULL [unix.StdCLibraryFunctions]
 2025-03-24 13:46:59 +01:00
Milan Broz
ff81791308 Use #if for ENABLE_AF_ALG. 2025-01-27 11:05:08 +00:00
Milan Broz
8364178b38 Update copyright year. 2025-01-15 23:09:36 +01:00
Milan Broz
ce38d82025 Fix crypt_cipher_check_kernel to work with length-preserving modes too. 
The check is currently used only with AEAD, but whould work also
with common block ciphers and modes.
 2024-07-12 18:02:37 +00:00
Milan Broz
4708884d8c Allow "capi:" cipher format for benchmark command. 
Note, currently AEAD modes are not supported.
 2024-06-03 16:40:01 +00:00
Milan Broz
661f57def4 Use SPDX license identifiers. 
This patch switches code to SPDX one-line license identifiers according to
https://spdx.dev/learn/handling-license-info/
and replacing long license text headers.

I used C++ format on the first line in style
// SPDX-License-Identifier: <id>
except exported libcryptsetup.h, when only C comments are used.

The only additional changes are:
- switch backend utf8.c from LGPL2+ to LGPL2.1+ (as in systemd)
- add some additional formatting lines.
 2024-06-03 16:38:15 +00:00
Milan Broz
6859993ea7 Fix string.h, strings.h and stdio.h include in crypto backend. 
String.h and stdbool.h are already included in main backend header,
no need to include them again.

Stdio.h is missing for OpenSSL and NSS backed (for sprintf).

Strings.h is missing for cipher_generic, gcrypt and OpoenSSL (strcasecmp).

Fixes: #885
 2024-05-23 06:29:47 +00:00
Milan Broz
7b3a341809 Use crypt_backend_memcpy in crypt backend for sensitive data. 2024-05-03 11:52:09 +00:00
Milan Broz
bd0ef58b3a Update copyright notice to include 2024 year. 2024-01-23 16:10:44 +01:00
Milan Broz
c0dfd1178d Fix some coverity scan issues. 
The read in kernel crypto backend is part of user crypto API
encryption call, we have to trust it here.

JSON fix is just one place where return code was not checked
for this particular function.
 2023-11-28 18:52:25 +00:00
Milan Broz
f70bf71dff Fix unused parameter in crypto backend handlers. 2023-08-28 12:42:37 +02:00
Milan Broz
72f799b393 Update Copyright year. 2023-02-09 17:11:18 +01:00
Milan Broz
ab975bc1c4 Update copyright year. 
And unify format in several places.
 2022-01-29 10:43:02 +01:00
Milan Broz
4cdd826282 Check exit value for snprintf where it makes sense. 2021-05-18 22:07:47 +02:00
Milan Broz
4309294c2a Remove unnecessary goto from cipher kernel wrapper. 2021-02-17 10:03:18 +01:00
Milan Broz
d1d9dd8e20 Update Copyright year. 2021-01-25 22:00:25 +01:00
lixiaokeng
f5abfde1fa lib: fix potential segfault in _crypt_cipher_crypt 
The value of header may be NULL. Check it to avoid
segfault.

Signed-off-by: Lixiaokeng <lixiaokeng@huawei.com>
Signed-off-by: Linfeilong <linfeilong@huawei.com>
 2020-11-09 09:57:16 +08:00
Milan Broz
080566a1fd Update copyright year. 2020-01-03 13:04:55 +01:00
Milan Broz
565de3c536 Fix check for bitlk iv overflow in crypto backend. 2019-12-30 21:53:06 +01:00
Milan Broz
f0888c1fe0 Add AEAD define on older kernel headers. 2019-12-30 21:53:06 +01:00
Milan Broz
494d8ec04c Add kernel backend for Bitlk key decryption. 2019-12-30 21:53:06 +01:00
Milan Broz
fc37d81144 Move crypt_cipher to per-lib implementation. 
For now, it calls kernel fallback only.
 2019-03-01 21:14:13 +01:00
Milan Broz
a859455aad Move block ciphers backend wrappers to per-library files. 
For now it always fallbacks to kernel crypto API.
 2019-03-01 21:10:50 +01:00
Milan Broz
a6f5ce8c7b Update copyright year. 
And unify name copyright format.
 2019-01-25 09:45:57 +01:00
Milan Broz
c5b55049b9 Fix AEAD modes check with kernel and Nettle backend. 
These do not implement backend RNG yet, so use a fixed key for test.
 2019-01-07 20:05:55 +01:00
Milan Broz
9a2dbb26a5 Fix signed/unsigned comparison warning. 2018-11-25 15:11:44 +01:00
Milan Broz
2f6d0c006c Check for algorithms string lengths in crypt_cipher_check(). 
The kernel check will fail anyway if string is truncated, but this
make some compilers more happy.
 2018-11-25 10:55:28 +01:00
Milan Broz
b4dce61918 Try to check if AEAD cipher is available through kernel crypto API. 2018-11-22 16:02:33 +01:00
Rafael Fontenelle
f35ec9771e Fix typos 
A bunch of typos reported by codespell, most of them comments in the code
 2018-07-21 07:24:25 -03:00
Milan Broz
9a72ec366d Move generic ciper backend utilities to separate file. 
And add wrapped key check.
 2018-04-15 15:31:10 +02:00
Milan Broz
6d2979459e Key parameter is always const in cipher and storage backend. 2018-02-23 10:40:17 +01:00
Milan Broz
b4fc36ea62 Make all crypto backend destructors return void. 
Nothing in the code actually checks the return values anyway.
 2018-02-23 10:40:11 +01:00
Milan Broz
1fe014dbae Update copyright year. 2018-01-20 17:55:21 +01:00
Milan Broz
98368c4770 Update copyright years. 2017-03-12 13:17:15 +01:00
Milan Broz
9ce5dd1082 Fix cipher_null key setting in kernel crypto backend. 2016-01-03 11:03:47 +01:00
Milan Broz
93ed401b7c Set skcipher key before accept() call in kernel crypto backend. 
Also relax input errno checking to catch all errors.
 2016-01-02 20:02:28 +01:00
Milan Broz
f7b61b2617 Prevent compiler to optiize-out memset for on-stack variables. 
Also see
https://cryptocoding.net/index.php/Coding_rules#Prevent_compiler_interference_with_security-critical_operations

The used code is inspired by the code in Blake2 implementation.
 2015-01-11 20:26:45 +01:00
Milan Broz
e84b1ed7c0 Fix scan-build warning (null use). 
Probably false positive but defensive approach is better here.
 2014-08-10 16:06:21 +02:00
Milan Broz
54c7a2b0aa Fix signed/unsigned compiler warnings. 2014-06-29 11:55:11 +02:00
Milan Broz
d5a72cd65a Fix typo in kernel backend. 2014-06-26 15:38:51 +02:00
Milan Broz
1436f2a0a0 Add wrapper for cipher block size query. 
There is no better way for now without loading crypto modules.
 2014-06-01 20:56:17 +02:00
Milan Broz
9563aa33c8 Fix PBKDF2 for crypto backens which does not support long HMAC keys. 
(Or it rehases key in every iteration.)

- Kernel backens seems not to support >20480 HMAC key
- NSS is slow (without proper key reset)

Add some test vectors (commented out by default).
 2014-04-13 19:34:50 +02:00
Milan Broz
fe4175b551 Fix some extended compile warning. 2013-01-10 17:26:19 +01:00
Milan Broz
46de69d0e6 Add kernel userspace header detection. 
Add --disable-kernel_crypto to allow compilation with old kernel.
 2012-12-30 12:28:30 +01:00
Milan Broz
7eccb7ff50 Change License for sub-libraries from GPLv2 only to LGPLv2.1+ ("or any later") 
This includes crypto, loopaes, tcrypt handling code I have written myself
and verity code written originally by Mikulas Patocka and modified by me,
copyright by Red Hat.

Other part of library have to stay GPLv2+ only for now
(no agreement from all authors).
 2012-12-29 11:47:28 +01:00
Milan Broz
a4585423fd Remove some gcc extra warnings (signed/unsigned problems etc). 2012-12-02 23:13:59 +01:00
Milan Broz
eac953c6e4 Fix skcipher failure handling. 2012-11-30 13:37:14 +01:00
Milan Broz
d7fc953fa2 Handle kernel crypto api init failure better. 2012-11-29 18:01:02 +01:00
Milan Broz
7199662fbb Add kernel skcipher backend. 2012-11-19 21:21:40 +01:00