It can be used to override system library where
libcryptsetup looks for external token handlers (plugins).
The parameter is required to be absolute path and it is set
per process context.
Fixes: #846.
The AC_C_CONST test program fails to compile under latest clang with
-Wall -Werror, which results in erroneously defining "const" keyword to
an empty string. The AC_C_CONST is considered obsolate.
An unknown -Dinternal-argon2=false flag was used, new meson version
fails when it gets unknown flag. Use the correct
-Dargon-implementation=internal flag instead.
Unfortunately there is currently no way how
to make difference between device lacking SED OPAL support
state and kernel missing SED OPAL support via disabled interface
via configure option.
The aim of the test is verify compatibility with
SW only LUKS2 devices for basic operations like
activation, deactivation, suspend, resume and
token based activation.
The crypt2_load_fuzz fuzzer needs to calculate LUKS2 header checksum
to speed up fuzzing. Currently we incorrectly touch const data input.
This patch
- calculates only primary LUKS2 header checksum (ignores secondary header)
- uses temporary struct for modified data
- keps fuzzer going even with original data if checksum calc fails.
Hopefully solves unknown write issue in fuzzer (not real utils) on oss-fuzz.
The crypto backend crypt_hash ans crypt_hmac structs usually
contain only pointers to internal crypto lib structures, no need
to wipe them explicitly as there are no sensitive data.
It is a crypto lib responsibility to remove sensitive data
in destructor.
Only nettle backend directly contains hash context, keep it there.
This should also fix mysterious crashes in fuzzer with misaligned memset.
In FIPS mode, if test passphrase is shorter
than 8 bytes, keyslot passphrase check routine
returns different error code (-EINVAL) than
expected (-EPERM).
Also by using --test-passphrase option this patch allows
cryptsetup to check if specific token (--token-id) is
able to unlock specific keyslot (--key-slot/-S).
It uses recently added crypt_activate_by_keyslot_context
API.
Fixes: #784.
Let's not make up synthetic errors if the kernel returns a useful error
to us, that tells us about key validity.
Specifically, if we try to activate a dm-verity device with a signed
root hash, it's import to know when we couldn't activate it due to the
signing key missing in the kernel keyring. The kernel reports a nice
error code in that case (ENOKEY), let's make sure this is propagated
back to clients.
To be on the safe side, this allowlists only the three key management
related error codes ENOKEY, EKEYREVOKED, EKEYEXPIRED and returns ENOKEY
for all of them. The kernel's DM stack traditionally wasn't very good
with returning useful error codes, hence the conservative approach.
This patch is not sufficient to fix this properly. There's a patch
needed to fix errno propagation also in libdevmapper:
https://gitlab.com/lvmteam/lvm2/-/merge_requests/3
With both patches applied we get correct error code reporting.
Fixes: #841
When adding new keyslot we check if provided existing
passphrase is correct first.
Since user may now select specific existing keyslot
(to extract volume key) it's no use to check any
matching keyslot. Test passphrase only for user
specified keyslot.
