2 * LUKS - Linux Unified Key Setup
4 * Copyright (C) 2004-2006, Clemens Fruhwirth <clemens@endorphin.org>
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
20 #include <sys/types.h>
22 #include <netinet/in.h>
31 #include <uuid/uuid.h>
38 #define div_round_up(a,b) ({ \
39 typeof(a) __a = (a); \
40 typeof(b) __b = (b); \
41 (__a - 1) / __b + 1; \
44 static inline int round_up_modulo(int x, int m) {
45 return div_round_up(x, m) * m;
48 /* Get size of struct luks_phrd with all keyslots material space */
49 static uint64_t LUKS_device_sectors(size_t keyLen, unsigned int stripes)
51 uint64_t keyslot_sectors, sector;
54 keyslot_sectors = div_round_up(keyLen * stripes, SECTOR_SIZE);
55 sector = round_up_modulo(LUKS_PHDR_SIZE, LUKS_ALIGN_KEYSLOTS / SECTOR_SIZE);
57 for (i = 0; i < LUKS_NUMKEYS; i++) {
58 sector = round_up_modulo(sector, LUKS_ALIGN_KEYSLOTS / SECTOR_SIZE);
59 sector += keyslot_sectors;
65 static int LUKS_check_device_size(const char *device,
69 uint64_t dev_size, req_sectors;
71 req_sectors = LUKS_device_sectors(keyLength, LUKS_STRIPES);
72 if (min_sectors > req_sectors)
73 req_sectors = min_sectors;
75 if(device_size(device, &dev_size)) {
76 log_dbg("Cannot get device size for device %s.", device);
80 return (req_sectors > (dev_size >> SECTOR_SHIFT));
83 /* Check keyslot to prevent access outside of header and keyslot area */
84 static int LUKS_check_keyslot_size(const struct luks_phdr *phdr, unsigned int keyIndex)
86 uint32_t secs_per_stripes;
88 /* First sectors is the header itself */
89 if (phdr->keyblock[keyIndex].keyMaterialOffset * SECTOR_SIZE < LUKS_ALIGN_KEYSLOTS) {
90 log_dbg("Invalid offset %u in keyslot %u.",
91 phdr->keyblock[keyIndex].keyMaterialOffset, keyIndex);
95 /* Ignore following check for detached header where offset can be zero. */
96 if (phdr->payloadOffset == 0)
99 if (phdr->payloadOffset <= phdr->keyblock[keyIndex].keyMaterialOffset) {
100 log_dbg("Invalid offset %u in keyslot %u (beyond data area offset %u).",
101 phdr->keyblock[keyIndex].keyMaterialOffset, keyIndex,
102 phdr->payloadOffset);
106 secs_per_stripes = div_round_up(phdr->keyBytes * phdr->keyblock[keyIndex].stripes, SECTOR_SIZE);
108 if (phdr->payloadOffset < (phdr->keyblock[keyIndex].keyMaterialOffset + secs_per_stripes)) {
109 log_dbg("Invalid keyslot size %u (offset %u, stripes %u) in "
110 "keyslot %u (beyond data area offset %u).",
112 phdr->keyblock[keyIndex].keyMaterialOffset,
113 phdr->keyblock[keyIndex].stripes,
114 keyIndex, phdr->payloadOffset);
121 static const char *dbg_slot_state(crypt_keyslot_info ki)
124 case CRYPT_SLOT_INACTIVE:
126 case CRYPT_SLOT_ACTIVE:
128 case CRYPT_SLOT_ACTIVE_LAST:
129 return "ACTIVE_LAST";
130 case CRYPT_SLOT_INVALID:
137 const char *backup_file,
139 struct luks_phdr *hdr,
140 struct crypt_device *ctx)
142 int r = 0, devfd = -1;
147 if(stat(backup_file, &st) == 0) {
148 log_err(ctx, _("Requested file %s already exist.\n"), backup_file);
152 r = LUKS_read_phdr(device, hdr, 1, ctx);
156 buffer_size = hdr->payloadOffset << SECTOR_SHIFT;
157 buffer = crypt_safe_alloc(buffer_size);
158 if (!buffer || buffer_size < LUKS_ALIGN_KEYSLOTS) {
163 log_dbg("Storing backup of header (%u bytes) and keyslot area (%u bytes).",
164 sizeof(*hdr), buffer_size - LUKS_ALIGN_KEYSLOTS);
166 devfd = open(device, O_RDONLY | O_DIRECT | O_SYNC);
168 log_err(ctx, _("Device %s is not a valid LUKS device.\n"), device);
173 if(read_blockwise(devfd, buffer, buffer_size) < buffer_size) {
179 /* Wipe unused area, so backup cannot contain old signatures */
180 memset(buffer + sizeof(*hdr), 0, LUKS_ALIGN_KEYSLOTS - sizeof(*hdr));
182 devfd = creat(backup_file, S_IRUSR);
187 if(write(devfd, buffer, buffer_size) < buffer_size) {
188 log_err(ctx, _("Cannot write header backup file %s.\n"), backup_file);
198 crypt_safe_free(buffer);
202 int LUKS_hdr_restore(
203 const char *backup_file,
205 struct luks_phdr *hdr,
206 struct crypt_device *ctx)
208 int r = 0, devfd = -1, diff_uuid = 0;
210 char *buffer = NULL, msg[200];
212 struct luks_phdr hdr_file;
214 if(stat(backup_file, &st) < 0) {
215 log_err(ctx, _("Backup file %s doesn't exist.\n"), backup_file);
219 r = LUKS_read_phdr_backup(backup_file, device, &hdr_file, 0, ctx);
220 buffer_size = hdr_file.payloadOffset << SECTOR_SHIFT;
222 if (r || buffer_size < LUKS_ALIGN_KEYSLOTS) {
223 log_err(ctx, _("Backup file doesn't contain valid LUKS header.\n"));
228 buffer = crypt_safe_alloc(buffer_size);
234 devfd = open(backup_file, O_RDONLY);
236 log_err(ctx, _("Cannot open header backup file %s.\n"), backup_file);
241 if(read(devfd, buffer, buffer_size) < buffer_size) {
242 log_err(ctx, _("Cannot read header backup file %s.\n"), backup_file);
248 r = LUKS_read_phdr(device, hdr, 0, ctx);
250 log_dbg("Device %s already contains LUKS header, checking UUID and offset.", device);
251 if(hdr->payloadOffset != hdr_file.payloadOffset ||
252 hdr->keyBytes != hdr_file.keyBytes) {
253 log_err(ctx, _("Data offset or key size differs on device and backup, restore failed.\n"));
257 if (memcmp(hdr->uuid, hdr_file.uuid, UUID_STRING_L))
261 if (snprintf(msg, sizeof(msg), _("Device %s %s%s"), device,
262 r ? _("does not contain LUKS header. Replacing header can destroy data on that device.") :
263 _("already contains LUKS header. Replacing header will destroy existing keyslots."),
264 diff_uuid ? _("\nWARNING: real device header has different UUID than backup!") : "") < 0) {
269 if (!crypt_confirm(ctx, msg)) {
274 log_dbg("Storing backup of header (%u bytes) and keyslot area (%u bytes) to device %s.",
275 sizeof(*hdr), buffer_size - LUKS_ALIGN_KEYSLOTS, device);
277 devfd = open(device, O_WRONLY | O_DIRECT | O_SYNC);
279 log_err(ctx, _("Cannot open device %s.\n"), device);
284 if(write_blockwise(devfd, buffer, buffer_size) < buffer_size) {
290 /* Be sure to reload new data */
291 r = LUKS_read_phdr(device, hdr, 1, ctx);
295 crypt_safe_free(buffer);
299 static int _check_and_convert_hdr(const char *device,
300 struct luks_phdr *hdr,
301 int require_luks_device,
302 struct crypt_device *ctx)
306 char luksMagic[] = LUKS_MAGIC;
308 if(memcmp(hdr->magic, luksMagic, LUKS_MAGIC_L)) { /* Check magic */
309 log_dbg("LUKS header not detected.");
310 if (require_luks_device)
311 log_err(ctx, _("Device %s is not a valid LUKS device.\n"), device);
313 } else if((hdr->version = ntohs(hdr->version)) != 1) { /* Convert every uint16/32_t item from network byte order */
314 log_err(ctx, _("Unsupported LUKS version %d.\n"), hdr->version);
316 } else if (PBKDF2_HMAC_ready(hdr->hashSpec) < 0) {
317 log_err(ctx, _("Requested LUKS hash %s is not supported.\n"), hdr->hashSpec);
320 hdr->payloadOffset = ntohl(hdr->payloadOffset);
321 hdr->keyBytes = ntohl(hdr->keyBytes);
322 hdr->mkDigestIterations = ntohl(hdr->mkDigestIterations);
324 for(i = 0; i < LUKS_NUMKEYS; ++i) {
325 hdr->keyblock[i].active = ntohl(hdr->keyblock[i].active);
326 hdr->keyblock[i].passwordIterations = ntohl(hdr->keyblock[i].passwordIterations);
327 hdr->keyblock[i].keyMaterialOffset = ntohl(hdr->keyblock[i].keyMaterialOffset);
328 hdr->keyblock[i].stripes = ntohl(hdr->keyblock[i].stripes);
329 if (LUKS_check_keyslot_size(hdr, i)) {
330 log_err(ctx, _("LUKS keyslot %u is invalid.\n"), i);
331 // FIXME: allow header recovery
336 /* Avoid unterminated strings */
337 hdr->cipherName[LUKS_CIPHERNAME_L - 1] = '\0';
338 hdr->cipherMode[LUKS_CIPHERMODE_L - 1] = '\0';
339 hdr->uuid[UUID_STRING_L - 1] = '\0';
345 static void _to_lower(char *str, unsigned max_len)
347 for(; *str && max_len; str++, max_len--)
349 *str = tolower(*str);
352 static void LUKS_fix_header_compatible(struct luks_phdr *header)
354 /* Old cryptsetup expects "sha1", gcrypt allows case insensistive names,
355 * so always convert hash to lower case in header */
356 _to_lower(header->hashSpec, LUKS_HASHSPEC_L);
359 int LUKS_read_phdr_backup(const char *backup_file,
361 struct luks_phdr *hdr,
362 int require_luks_device,
363 struct crypt_device *ctx)
365 ssize_t hdr_size = sizeof(struct luks_phdr);
366 int devfd = 0, r = 0;
368 log_dbg("Reading LUKS header of size %d from backup file %s",
369 (int)hdr_size, backup_file);
371 devfd = open(backup_file, O_RDONLY);
373 log_err(ctx, _("Cannot open file %s.\n"), device);
377 if (read(devfd, hdr, hdr_size) < hdr_size)
380 LUKS_fix_header_compatible(hdr);
381 r = _check_and_convert_hdr(backup_file, hdr, require_luks_device, ctx);
388 int LUKS_read_phdr(const char *device,
389 struct luks_phdr *hdr,
390 int require_luks_device,
391 struct crypt_device *ctx)
393 ssize_t hdr_size = sizeof(struct luks_phdr);
394 int devfd = 0, r = 0;
396 log_dbg("Reading LUKS header of size %d from device %s",
399 devfd = open(device,O_RDONLY | O_DIRECT | O_SYNC);
401 log_err(ctx, _("Cannot open device %s.\n"), device);
405 if (read_blockwise(devfd, hdr, hdr_size) < hdr_size)
408 r = _check_and_convert_hdr(device, hdr, require_luks_device, ctx);
414 int LUKS_write_phdr(const char *device,
415 struct luks_phdr *hdr,
416 struct crypt_device *ctx)
418 ssize_t hdr_size = sizeof(struct luks_phdr);
421 struct luks_phdr convHdr;
424 log_dbg("Updating LUKS header of size %d on device %s",
425 sizeof(struct luks_phdr), device);
427 if (LUKS_check_device_size(device, hdr->payloadOffset, hdr->keyBytes)) {
428 log_err(ctx, _("Device %s is too small.\n"), device);
432 devfd = open(device,O_RDWR | O_DIRECT | O_SYNC);
434 log_err(ctx, _("Cannot open device %s.\n"), device);
438 memcpy(&convHdr, hdr, hdr_size);
439 memset(&convHdr._padding, 0, sizeof(convHdr._padding));
441 /* Convert every uint16/32_t item to network byte order */
442 convHdr.version = htons(hdr->version);
443 convHdr.payloadOffset = htonl(hdr->payloadOffset);
444 convHdr.keyBytes = htonl(hdr->keyBytes);
445 convHdr.mkDigestIterations = htonl(hdr->mkDigestIterations);
446 for(i = 0; i < LUKS_NUMKEYS; ++i) {
447 convHdr.keyblock[i].active = htonl(hdr->keyblock[i].active);
448 convHdr.keyblock[i].passwordIterations = htonl(hdr->keyblock[i].passwordIterations);
449 convHdr.keyblock[i].keyMaterialOffset = htonl(hdr->keyblock[i].keyMaterialOffset);
450 convHdr.keyblock[i].stripes = htonl(hdr->keyblock[i].stripes);
453 r = write_blockwise(devfd, &convHdr, hdr_size) < hdr_size ? -EIO : 0;
455 log_err(ctx, _("Error during update of LUKS header on device %s.\n"), device);
458 /* Re-read header from disk to be sure that in-memory and on-disk data are the same. */
460 r = LUKS_read_phdr(device, hdr, 1, ctx);
462 log_err(ctx, _("Error re-reading LUKS header after update on device %s.\n"), device);
468 static int LUKS_PBKDF2_performance_check(const char *hashSpec,
469 uint64_t *PBKDF2_per_sec,
470 struct crypt_device *ctx)
472 if (!*PBKDF2_per_sec) {
473 if (PBKDF2_performance_check(hashSpec, PBKDF2_per_sec) < 0) {
474 log_err(ctx, _("Not compatible PBKDF2 options (using hash algorithm %s).\n"), hashSpec);
477 log_dbg("PBKDF2: %" PRIu64 " iterations per second using hash %s.", *PBKDF2_per_sec, hashSpec);
483 int LUKS_generate_phdr(struct luks_phdr *header,
484 const struct volume_key *vk,
485 const char *cipherName, const char *cipherMode, const char *hashSpec,
486 const char *uuid, unsigned int stripes,
487 unsigned int alignPayload,
488 unsigned int alignOffset,
489 uint32_t iteration_time_ms,
490 uint64_t *PBKDF2_per_sec,
491 const char *metadata_device,
492 struct crypt_device *ctx)
495 unsigned int blocksPerStripeSet = div_round_up(vk->keylength*stripes,SECTOR_SIZE);
497 uuid_t partitionUuid;
499 char luksMagic[] = LUKS_MAGIC;
501 /* For separate metadata device allow zero alignment */
502 if (alignPayload == 0 && !metadata_device)
503 alignPayload = DEFAULT_DISK_ALIGNMENT / SECTOR_SIZE;
505 if (PBKDF2_HMAC_ready(hashSpec) < 0) {
506 log_err(ctx, _("Requested LUKS hash %s is not supported.\n"), hashSpec);
510 if (uuid && uuid_parse(uuid, partitionUuid) == -1) {
511 log_err(ctx, _("Wrong LUKS UUID format provided.\n"));
515 uuid_generate(partitionUuid);
517 memset(header,0,sizeof(struct luks_phdr));
520 memcpy(header->magic,luksMagic,LUKS_MAGIC_L);
522 strncpy(header->cipherName,cipherName,LUKS_CIPHERNAME_L);
523 strncpy(header->cipherMode,cipherMode,LUKS_CIPHERMODE_L);
524 strncpy(header->hashSpec,hashSpec,LUKS_HASHSPEC_L);
526 header->keyBytes=vk->keylength;
528 LUKS_fix_header_compatible(header);
530 log_dbg("Generating LUKS header version %d using hash %s, %s, %s, MK %d bytes",
531 header->version, header->hashSpec ,header->cipherName, header->cipherMode,
534 r = crypt_random_get(ctx, header->mkDigestSalt, LUKS_SALTSIZE, CRYPT_RND_NORMAL);
536 log_err(ctx, _("Cannot create LUKS header: reading random salt failed.\n"));
540 if ((r = LUKS_PBKDF2_performance_check(header->hashSpec, PBKDF2_per_sec, ctx)))
543 /* Compute master key digest */
544 iteration_time_ms /= 8;
545 header->mkDigestIterations = at_least((uint32_t)(*PBKDF2_per_sec/1024) * iteration_time_ms,
546 LUKS_MKD_ITERATIONS_MIN);
548 r = PBKDF2_HMAC(header->hashSpec,vk->key,vk->keylength,
549 header->mkDigestSalt,LUKS_SALTSIZE,
550 header->mkDigestIterations,
551 header->mkDigest,LUKS_DIGESTSIZE);
553 log_err(ctx, _("Cannot create LUKS header: header digest failed (using hash %s).\n"),
558 currentSector = round_up_modulo(LUKS_PHDR_SIZE, LUKS_ALIGN_KEYSLOTS / SECTOR_SIZE);
559 for(i = 0; i < LUKS_NUMKEYS; ++i) {
560 header->keyblock[i].active = LUKS_KEY_DISABLED;
561 header->keyblock[i].keyMaterialOffset = currentSector;
562 header->keyblock[i].stripes = stripes;
563 currentSector = round_up_modulo(currentSector + blocksPerStripeSet,
564 LUKS_ALIGN_KEYSLOTS / SECTOR_SIZE);
567 if (metadata_device) {
568 /* for separate metadata device use alignPayload directly */
569 header->payloadOffset = alignPayload;
571 /* alignOffset - offset from natural device alignment provided by topology info */
572 currentSector = round_up_modulo(currentSector, alignPayload);
573 header->payloadOffset = currentSector + alignOffset;
576 uuid_unparse(partitionUuid, header->uuid);
578 log_dbg("Data offset %d, UUID %s, digest iterations %" PRIu32,
579 header->payloadOffset, header->uuid, header->mkDigestIterations);
584 int LUKS_hdr_uuid_set(
586 struct luks_phdr *hdr,
588 struct crypt_device *ctx)
590 uuid_t partitionUuid;
592 if (uuid && uuid_parse(uuid, partitionUuid) == -1) {
593 log_err(ctx, _("Wrong LUKS UUID format provided.\n"));
597 uuid_generate(partitionUuid);
599 uuid_unparse(partitionUuid, hdr->uuid);
601 return LUKS_write_phdr(device, hdr, ctx);
604 int LUKS_set_key(const char *device, unsigned int keyIndex,
605 const char *password, size_t passwordLen,
606 struct luks_phdr *hdr, struct volume_key *vk,
607 uint32_t iteration_time_ms,
608 uint64_t *PBKDF2_per_sec,
609 struct crypt_device *ctx)
611 struct volume_key *derived_key;
613 unsigned int AFEKSize;
614 uint64_t PBKDF2_temp;
617 if(hdr->keyblock[keyIndex].active != LUKS_KEY_DISABLED) {
618 log_err(ctx, _("Key slot %d active, purge first.\n"), keyIndex);
622 if(hdr->keyblock[keyIndex].stripes < LUKS_STRIPES) {
623 log_err(ctx, _("Key slot %d material includes too few stripes. Header manipulation?\n"),
628 log_dbg("Calculating data for key slot %d", keyIndex);
630 if ((r = LUKS_PBKDF2_performance_check(hdr->hashSpec, PBKDF2_per_sec, ctx)))
634 * Avoid floating point operation
635 * Final iteration count is at least LUKS_SLOT_ITERATIONS_MIN
637 PBKDF2_temp = (*PBKDF2_per_sec / 2) * (uint64_t)iteration_time_ms;
639 if (PBKDF2_temp > UINT32_MAX)
640 PBKDF2_temp = UINT32_MAX;
641 hdr->keyblock[keyIndex].passwordIterations = at_least((uint32_t)PBKDF2_temp,
642 LUKS_SLOT_ITERATIONS_MIN);
644 log_dbg("Key slot %d use %d password iterations.", keyIndex, hdr->keyblock[keyIndex].passwordIterations);
646 derived_key = crypt_alloc_volume_key(hdr->keyBytes, NULL);
650 r = crypt_random_get(ctx, hdr->keyblock[keyIndex].passwordSalt,
651 LUKS_SALTSIZE, CRYPT_RND_NORMAL);
655 r = PBKDF2_HMAC(hdr->hashSpec, password,passwordLen,
656 hdr->keyblock[keyIndex].passwordSalt,LUKS_SALTSIZE,
657 hdr->keyblock[keyIndex].passwordIterations,
658 derived_key->key, hdr->keyBytes);
663 * AF splitting, the masterkey stored in vk->key is split to AfKey
665 assert(vk->keylength == hdr->keyBytes);
666 AFEKSize = hdr->keyblock[keyIndex].stripes*vk->keylength;
667 AfKey = crypt_safe_alloc(AFEKSize);
673 log_dbg("Using hash %s for AF in key slot %d, %d stripes",
674 hdr->hashSpec, keyIndex, hdr->keyblock[keyIndex].stripes);
675 r = AF_split(vk->key,AfKey,vk->keylength,hdr->keyblock[keyIndex].stripes,hdr->hashSpec);
679 log_dbg("Updating key slot %d [0x%04x] area on device %s.", keyIndex,
680 hdr->keyblock[keyIndex].keyMaterialOffset << 9, device);
681 /* Encryption via dm */
682 r = LUKS_encrypt_to_storage(AfKey,
687 hdr->keyblock[keyIndex].keyMaterialOffset,
690 log_err(ctx, _("Failed to write to key storage.\n"));
694 /* Mark the key as active in phdr */
695 r = LUKS_keyslot_set(hdr, (int)keyIndex, 1);
699 r = LUKS_write_phdr(device, hdr, ctx);
705 crypt_safe_free(AfKey);
706 crypt_free_volume_key(derived_key);
710 /* Check whether a volume key is invalid. */
711 int LUKS_verify_volume_key(const struct luks_phdr *hdr,
712 const struct volume_key *vk)
714 char checkHashBuf[LUKS_DIGESTSIZE];
716 if (PBKDF2_HMAC(hdr->hashSpec, vk->key, vk->keylength,
717 hdr->mkDigestSalt, LUKS_SALTSIZE,
718 hdr->mkDigestIterations, checkHashBuf,
719 LUKS_DIGESTSIZE) < 0)
722 if (memcmp(checkHashBuf, hdr->mkDigest, LUKS_DIGESTSIZE))
728 /* Try to open a particular key slot */
729 static int LUKS_open_key(const char *device,
730 unsigned int keyIndex,
731 const char *password,
733 struct luks_phdr *hdr,
734 struct volume_key *vk,
735 struct crypt_device *ctx)
737 crypt_keyslot_info ki = LUKS_keyslot_info(hdr, keyIndex);
738 struct volume_key *derived_key;
743 log_dbg("Trying to open key slot %d [%s].", keyIndex,
746 if (ki < CRYPT_SLOT_ACTIVE)
749 derived_key = crypt_alloc_volume_key(hdr->keyBytes, NULL);
753 assert(vk->keylength == hdr->keyBytes);
754 AFEKSize = hdr->keyblock[keyIndex].stripes*vk->keylength;
755 AfKey = crypt_safe_alloc(AFEKSize);
759 r = PBKDF2_HMAC(hdr->hashSpec, password,passwordLen,
760 hdr->keyblock[keyIndex].passwordSalt,LUKS_SALTSIZE,
761 hdr->keyblock[keyIndex].passwordIterations,
762 derived_key->key, hdr->keyBytes);
766 log_dbg("Reading key slot %d area.", keyIndex);
767 r = LUKS_decrypt_from_storage(AfKey,
772 hdr->keyblock[keyIndex].keyMaterialOffset,
775 log_err(ctx, _("Failed to read from key storage.\n"));
779 r = AF_merge(AfKey,vk->key,vk->keylength,hdr->keyblock[keyIndex].stripes,hdr->hashSpec);
783 r = LUKS_verify_volume_key(hdr, vk);
785 log_verbose(ctx, _("Key slot %d unlocked.\n"), keyIndex);
787 crypt_safe_free(AfKey);
788 crypt_free_volume_key(derived_key);
792 int LUKS_open_key_with_hdr(const char *device,
794 const char *password,
796 struct luks_phdr *hdr,
797 struct volume_key **vk,
798 struct crypt_device *ctx)
803 *vk = crypt_alloc_volume_key(hdr->keyBytes, NULL);
806 r = LUKS_open_key(device, keyIndex, password, passwordLen, hdr, *vk, ctx);
807 return (r < 0) ? r : keyIndex;
810 for(i = 0; i < LUKS_NUMKEYS; i++) {
811 r = LUKS_open_key(device, i, password, passwordLen, hdr, *vk, ctx);
815 /* Do not retry for errors that are no -EPERM or -ENOENT,
816 former meaning password wrong, latter key slot inactive */
817 if ((r != -EPERM) && (r != -ENOENT))
820 /* Warning, early returns above */
821 log_err(ctx, _("No key available with this passphrase.\n"));
825 int LUKS_del_key(const char *device,
826 unsigned int keyIndex,
827 struct luks_phdr *hdr,
828 struct crypt_device *ctx)
830 unsigned int startOffset, endOffset, stripesLen;
833 r = LUKS_read_phdr(device, hdr, 1, ctx);
837 r = LUKS_keyslot_set(hdr, keyIndex, 0);
839 log_err(ctx, _("Key slot %d is invalid, please select keyslot between 0 and %d.\n"),
840 keyIndex, LUKS_NUMKEYS - 1);
844 /* secure deletion of key material */
845 startOffset = hdr->keyblock[keyIndex].keyMaterialOffset;
846 stripesLen = hdr->keyBytes * hdr->keyblock[keyIndex].stripes;
847 endOffset = startOffset + div_round_up(stripesLen, SECTOR_SIZE);
849 r = crypt_wipe(device, startOffset * SECTOR_SIZE,
850 (endOffset - startOffset) * SECTOR_SIZE,
853 log_err(ctx, _("Cannot wipe device %s.\n"), device);
857 /* Wipe keyslot info */
858 memset(&hdr->keyblock[keyIndex].passwordSalt, 0, LUKS_SALTSIZE);
859 hdr->keyblock[keyIndex].passwordIterations = 0;
861 r = LUKS_write_phdr(device, hdr, ctx);
866 crypt_keyslot_info LUKS_keyslot_info(struct luks_phdr *hdr, int keyslot)
870 if(keyslot >= LUKS_NUMKEYS || keyslot < 0)
871 return CRYPT_SLOT_INVALID;
873 if (hdr->keyblock[keyslot].active == LUKS_KEY_DISABLED)
874 return CRYPT_SLOT_INACTIVE;
876 if (hdr->keyblock[keyslot].active != LUKS_KEY_ENABLED)
877 return CRYPT_SLOT_INVALID;
879 for(i = 0; i < LUKS_NUMKEYS; i++)
880 if(i != keyslot && hdr->keyblock[i].active == LUKS_KEY_ENABLED)
881 return CRYPT_SLOT_ACTIVE;
883 return CRYPT_SLOT_ACTIVE_LAST;
886 int LUKS_keyslot_find_empty(struct luks_phdr *hdr)
890 for (i = 0; i < LUKS_NUMKEYS; i++)
891 if(hdr->keyblock[i].active == LUKS_KEY_DISABLED)
894 if (i == LUKS_NUMKEYS)
900 int LUKS_keyslot_active_count(struct luks_phdr *hdr)
904 for (i = 0; i < LUKS_NUMKEYS; i++)
905 if(hdr->keyblock[i].active == LUKS_KEY_ENABLED)
911 int LUKS_keyslot_set(struct luks_phdr *hdr, int keyslot, int enable)
913 crypt_keyslot_info ki = LUKS_keyslot_info(hdr, keyslot);
915 if (ki == CRYPT_SLOT_INVALID)
918 hdr->keyblock[keyslot].active = enable ? LUKS_KEY_ENABLED : LUKS_KEY_DISABLED;
919 log_dbg("Key slot %d was %s in LUKS header.", keyslot, enable ? "enabled" : "disabled");
923 int LUKS1_activate(struct crypt_device *cd,
925 struct volume_key *vk,
929 char *dm_cipher = NULL;
930 struct crypt_dm_active_device dmd = {
931 .device = crypt_get_device_name(cd),
933 .uuid = crypt_get_uuid(cd),
935 .offset = crypt_get_data_offset(cd),
941 r = device_check_and_adjust(cd, dmd.device, DEV_EXCL,
942 &dmd.size, &dmd.offset, &flags);
946 r = asprintf(&dm_cipher, "%s-%s", crypt_get_cipher(cd), crypt_get_cipher_mode(cd));
950 dmd.cipher = dm_cipher;
951 r = dm_create_device(name, CRYPT_LUKS1, &dmd, 0);