eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-12 11:20:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,340 Commits 16 Branches 78 Tags
c21c746eff1f01896a716ff92454864d67b26c5a
Commit Graph

183 Commits

Author SHA1 Message Date
Milan Broz
f049f719f8 Fix keyslot validation. 2018-04-24 10:51:47 +02:00
Ondrej Kozina
f6be62ac5f Add repair for known glitches in LUKS2 json. 2018-04-21 20:27:05 +02:00
Ondrej Kozina
a054206d25 Suppress useless slash escaping in json lib 2018-04-21 20:14:28 +02:00
Ondrej Kozina
6f83822b6e Validate all keyslot implementations after load and before write. 2018-04-21 19:42:55 +02:00
Ondrej Kozina
22f10dd8d2 Remove custom made 'contains' helper from keyslot validation. 2018-04-21 10:57:24 +02:00
Milan Broz
aa1551c6e8 Introduce CRYPT_SLOT_UNBOUND keyslot status for LUKS2. 
A keyslot not bound to any segment can store any key for any purpose.

To easily check slot status, new enum value is introduced.
This status is valid only for LUKS2, so the functions are backward compatible
with LUKS1.
 2018-04-19 22:28:13 +02:00
Ondrej Kozina
70077db07d Abort conversion when LUKS2 header contains tokens. 
Tokens may contain import 3rd party data. Prompt users
to remove such tokens explicitly.
 2018-04-15 13:08:44 +02:00
Ondrej Kozina
48bf08922c Make all LUKS2 key size helpers return negative value on error. 2018-04-15 13:03:51 +02:00
Ondrej Kozina
7bee66fe36 Add new luks2 keyslot validation condition. 2018-03-22 14:05:19 +01:00
Ondrej Kozina
bd370ab789 Fix bugs in crypt_persistent_flags_get. 
various bugfixes:
- erase flags variable if no flags are stored
- do not print false debug warning
- during activation do not overwrite activation flags
  with persistent flags
 2018-02-27 11:58:05 +01:00
Milan Broz
2b6808f165 Fix some anoying gcc buffer size warnings. 2018-02-14 18:23:25 +01:00
Milan Broz
1fe014dbae Update copyright year. 2018-01-20 17:55:21 +01:00
Milan Broz
1ca439f4e0 Fix some warnings found during static analysis. 2018-01-20 14:42:05 +01:00
Ondrej Kozina
08e7c143b3 Add internal code for LUKS2 keyslot params. 
This fixes crypt_keyslot_add_by_key where we were unable to store
keyslot (unbound to segment) with different key_size.
The code used (new) volume key size implicitly which could be wrong
if new size was not compatible with cipher parameter for keyslot area.
 2018-01-19 13:48:09 +01:00
Ondrej Kozina
9504d866b6 Use default segment alias in LUKS2 activatation. 2018-01-18 14:05:33 +01:00
Ondrej Kozina
b31e029000 Validate LUKS2 header in crypt_set_uuid(). 2018-01-04 09:20:23 +01:00
Yuri Chornoivan
982da4d20c Fix minor typos 2018-01-04 09:13:58 +01:00
Ondrej Kozina
286c2960c8 silence signed/unsigned compiler warnings 
any array with item count close to INT32_MAX would
not fit LUKS2 header json area anyway
 2017-12-13 12:06:58 +01:00
Ondrej Kozina
a12e374a04 harden checks of json_object_array_length return values 
with json-c until 0.12.x json_object_array_length returned signed
integer. json-c 0.13.x and later changed return type to unsigned
size_t.

Consider return values less or equal to zero as empty array, otherwise
array is non-empty.
 2017-12-13 12:06:54 +01:00
Ondrej Kozina
92b41e4935 more return NULL instead of 0 cleanups 2017-12-01 13:17:32 +01:00
Ondrej Kozina
6edae6ddef return NULL instead of 0 2017-12-01 13:10:37 +01:00
Ondrej Kozina
3c839f44d8 luks2: fix off-by-one error in uint64 validation 2017-11-23 16:18:19 +01:00
Ondrej Kozina
304bdd7d0d luks2: add json_object_new_uint64 wrapper 
json doesn't support 64 bits integers. We workaround it by storing
large numbers as string and validate the value internally.
 2017-11-23 16:18:14 +01:00
Andrea Gelmini
a97de38b6b Fix typos. 2017-11-08 10:22:49 +01:00
Ondrej Kozina
1f01c76fa5 fix memory leak on failed luks2 activation 2017-11-03 17:30:14 +01:00
Ondrej Kozina
76947fa835 luks2: add offline reencrypt requriement 2017-10-28 22:29:28 +02:00
Milan Broz
f7dadfb646 Fix some benign compiler warnings. 2017-10-28 14:12:25 +02:00
Milan Broz
31779c0763 Fix memory leak in LUKS2 requirements handling for restore context. 2017-10-28 12:01:02 +02:00
Milan Broz
3ccbb8fe84 Fix some problems found by Coverity analysis. 2017-09-27 10:18:38 +02:00
Ondrej Kozina
b4782809d4 luks2: allow masking of requirements internaly 
before this patch any LUKS2 requirement defined in header
would stop a restricted operation from proceeding further.
This patch adds ability to mask requirements (internal only).
 2017-09-27 07:48:53 +02:00
Ondrej Kozina
b3feae5474 luks2: unify naming for requirements flags 2017-09-27 07:47:41 +02:00
Ondrej Kozina
c015aeca4e luks2: move pre-activation requirements check lower 2017-09-27 07:47:13 +02:00
Milan Broz
9f2727bb77 Add libLUKS2. 2017-09-24 19:50:12 +02:00