lib/luks2/luks2_keyslot.c

   1 /*
   2  * LUKS - Linux Unified Key Setup v2, keyslot handling
   3  *
   4  * Copyright (C) 2015-2023 Red Hat, Inc. All rights reserved.
   5  * Copyright (C) 2015-2023 Milan Broz
   6  *
   7  * This program is free software; you can redistribute it and/or
   8  * modify it under the terms of the GNU General Public License
   9  * as published by the Free Software Foundation; either version 2
  10  * of the License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License
  18  * along with this program; if not, write to the Free Software
  19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  20  */
  21
  22 #include "luks2_internal.h"
  23
  24 /* Internal implementations */
  25 extern const keyslot_handler luks2_keyslot;
  26 extern const keyslot_handler reenc_keyslot;
  27
  28 static const keyslot_handler *keyslot_handlers[LUKS2_KEYSLOTS_MAX] = {
  29         &luks2_keyslot,
  30 #if USE_LUKS2_REENCRYPTION
  31         &reenc_keyslot,
  32 #endif
  33         NULL
  34 };
  35
  36 static const keyslot_handler
  37 *LUKS2_keyslot_handler_type(const char *type)
  38 {
  39         int i;
  40
  41         for (i = 0; i < LUKS2_KEYSLOTS_MAX && keyslot_handlers[i]; i++) {
  42                 if (!strcmp(keyslot_handlers[i]->name, type))
  43                         return keyslot_handlers[i];
  44         }
  45
  46         return NULL;
  47 }
  48
  49 static const keyslot_handler
  50 *LUKS2_keyslot_handler(struct crypt_device *cd, int keyslot)
  51 {
  52         struct luks2_hdr *hdr;
  53         json_object *jobj1, *jobj2;
  54
  55         if (keyslot < 0)
  56                 return NULL;
  57
  58         if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
  59                 return NULL;
  60
  61         if (!(jobj1 = LUKS2_get_keyslot_jobj(hdr, keyslot)))
  62                 return NULL;
  63
  64         if (!json_object_object_get_ex(jobj1, "type", &jobj2))
  65                 return NULL;
  66
  67         return LUKS2_keyslot_handler_type(json_object_get_string(jobj2));
  68 }
  69
  70 int LUKS2_keyslot_find_empty(struct crypt_device *cd, struct luks2_hdr *hdr, size_t keylength)
  71 {
  72         int i;
  73
  74         for (i = 0; i < LUKS2_KEYSLOTS_MAX; i++)
  75                 if (!LUKS2_get_keyslot_jobj(hdr, i))
  76                         break;
  77
  78         if (i == LUKS2_KEYSLOTS_MAX)
  79                 return -EINVAL;
  80
  81         /* Check also there is a space for the key in keyslots area */
  82         if (keylength && LUKS2_find_area_gap(cd, hdr, keylength, NULL, NULL) < 0)
  83                 return -ENOSPC;
  84
  85         return i;
  86 }
  87
  88 /* Check if a keyslot is assigned to specific segment */
  89 static int _keyslot_for_segment(struct luks2_hdr *hdr, int keyslot, int segment)
  90 {
  91         int keyslot_digest, count = 0;
  92         unsigned s;
  93
  94         keyslot_digest = LUKS2_digest_by_keyslot(hdr, keyslot);
  95         if (keyslot_digest < 0)
  96                 return keyslot_digest;
  97
  98         if (segment >= 0)
  99                 return keyslot_digest == LUKS2_digest_by_segment(hdr, segment);
 100
 101         for (s = 0; s < json_segments_count(LUKS2_get_segments_jobj(hdr)); s++) {
 102                 if (keyslot_digest == LUKS2_digest_by_segment(hdr, s))
 103                         count++;
 104         }
 105
 106         return count;
 107 }
 108
 109 static int _keyslot_for_digest(struct luks2_hdr *hdr, int keyslot, int digest)
 110 {
 111         int r = -EINVAL;
 112
 113         r = LUKS2_digest_by_keyslot(hdr, keyslot);
 114         if (r < 0)
 115                 return r;
 116         return r == digest ? 0 : -ENOENT;
 117 }
 118
 119 int LUKS2_keyslot_for_segment(struct luks2_hdr *hdr, int keyslot, int segment)
 120 {
 121         int r = -EINVAL;
 122
 123         /* no need to check anything */
 124         if (segment == CRYPT_ANY_SEGMENT)
 125                 return 0; /* ok */
 126         if (segment == CRYPT_DEFAULT_SEGMENT) {
 127                 segment = LUKS2_get_default_segment(hdr);
 128                 if (segment < 0)
 129                         return segment;
 130         }
 131
 132         r = _keyslot_for_segment(hdr, keyslot, segment);
 133         if (r < 0)
 134                 return r;
 135
 136         return r >= 1 ? 0 : -ENOENT;
 137 }
 138
 139 /* Number of keyslots assigned to a segment or all keyslots for CRYPT_ANY_SEGMENT */
 140 int LUKS2_keyslot_active_count(struct luks2_hdr *hdr, int segment)
 141 {
 142         int num = 0;
 143         json_object *jobj_keyslots;
 144
 145         json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots);
 146
 147         json_object_object_foreach(jobj_keyslots, slot, val) {
 148                 UNUSED(val);
 149                 if (!LUKS2_keyslot_for_segment(hdr, atoi(slot), segment))
 150                         num++;
 151         }
 152
 153         return num;
 154 }
 155
 156 int LUKS2_keyslot_cipher_incompatible(struct crypt_device *cd, const char *cipher_spec)
 157 {
 158         char cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
 159
 160         if (!cipher_spec || crypt_is_cipher_null(cipher_spec))
 161                 return 1;
 162
 163         if (crypt_parse_name_and_mode(cipher_spec, cipher, NULL, cipher_mode) < 0)
 164                 return 1;
 165
 166         /* Keyslot is already authenticated; we cannot use integrity tags here */
 167         if (crypt_get_integrity_tag_size(cd))
 168                 return 1;
 169
 170         /* Wrapped key schemes cannot be used for keyslot encryption */
 171         if (crypt_cipher_wrapped_key(cipher, cipher_mode))
 172                 return 1;
 173
 174         /* Check if crypto backend can use the cipher */
 175         if (crypt_cipher_ivsize(cipher, cipher_mode) < 0)
 176                 return 1;
 177
 178         return 0;
 179 }
 180
 181 int LUKS2_keyslot_params_default(struct crypt_device *cd, struct luks2_hdr *hdr,
 182                                  struct luks2_keyslot_params *params)
 183 {
 184         const struct crypt_pbkdf_type *pbkdf = crypt_get_pbkdf_type(cd);
 185         const char *cipher_spec;
 186         size_t key_size;
 187         int r;
 188
 189         if (!hdr || !pbkdf || !params)
 190                 return -EINVAL;
 191
 192         /*
 193          * set keyslot area encryption parameters
 194          */
 195         params->area_type = LUKS2_KEYSLOT_AREA_RAW;
 196         cipher_spec = crypt_keyslot_get_encryption(cd, CRYPT_ANY_SLOT, &key_size);
 197         if (!cipher_spec || !key_size)
 198                 return -EINVAL;
 199
 200         params->area.raw.key_size = key_size;
 201         r = snprintf(params->area.raw.encryption, sizeof(params->area.raw.encryption), "%s", cipher_spec);
 202         if (r < 0 || (size_t)r >= sizeof(params->area.raw.encryption))
 203                 return -EINVAL;
 204
 205         /*
 206          * set keyslot AF parameters
 207          */
 208         params->af_type = LUKS2_KEYSLOT_AF_LUKS1;
 209         /* currently we use hash for AF from pbkdf settings */
 210         r = snprintf(params->af.luks1.hash, sizeof(params->af.luks1.hash), "%s", pbkdf->hash ?: DEFAULT_LUKS1_HASH);
 211         if (r < 0 || (size_t)r >= sizeof(params->af.luks1.hash))
 212                 return -EINVAL;
 213         params->af.luks1.stripes = 4000;
 214
 215         return 0;
 216 }
 217
 218 int LUKS2_keyslot_pbkdf(struct luks2_hdr *hdr, int keyslot, struct crypt_pbkdf_type *pbkdf)
 219 {
 220         json_object *jobj_keyslot, *jobj_kdf, *jobj;
 221
 222         if (!hdr || !pbkdf)
 223                 return -EINVAL;
 224
 225         if (LUKS2_keyslot_info(hdr, keyslot) == CRYPT_SLOT_INVALID)
 226                 return -EINVAL;
 227
 228         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 229         if (!jobj_keyslot)
 230                 return -ENOENT;
 231
 232         if (!json_object_object_get_ex(jobj_keyslot, "kdf", &jobj_kdf))
 233                 return -EINVAL;
 234
 235         if (!json_object_object_get_ex(jobj_kdf, "type", &jobj))
 236                 return -EINVAL;
 237
 238         memset(pbkdf, 0, sizeof(*pbkdf));
 239
 240         pbkdf->type = json_object_get_string(jobj);
 241         if (json_object_object_get_ex(jobj_kdf, "hash", &jobj))
 242                 pbkdf->hash = json_object_get_string(jobj);
 243         if (json_object_object_get_ex(jobj_kdf, "iterations", &jobj))
 244                 pbkdf->iterations = json_object_get_int(jobj);
 245         if (json_object_object_get_ex(jobj_kdf, "time", &jobj))
 246                 pbkdf->iterations = json_object_get_int(jobj);
 247         if (json_object_object_get_ex(jobj_kdf, "memory", &jobj))
 248                 pbkdf->max_memory_kb = json_object_get_int(jobj);
 249         if (json_object_object_get_ex(jobj_kdf, "cpus", &jobj))
 250                 pbkdf->parallel_threads = json_object_get_int(jobj);
 251
 252         return 0;
 253 }
 254
 255 static int LUKS2_keyslot_unbound(struct luks2_hdr *hdr, int keyslot)
 256 {
 257         json_object *jobj_digest, *jobj_segments;
 258         int digest = LUKS2_digest_by_keyslot(hdr, keyslot);
 259
 260         if (digest < 0)
 261                 return 0;
 262
 263         if (!(jobj_digest = LUKS2_get_digest_jobj(hdr, digest)))
 264                 return 0;
 265
 266         json_object_object_get_ex(jobj_digest, "segments", &jobj_segments);
 267         if (!jobj_segments || !json_object_is_type(jobj_segments, json_type_array) ||
 268             json_object_array_length(jobj_segments) == 0)
 269                 return 1;
 270
 271         return 0;
 272 }
 273
 274 crypt_keyslot_info LUKS2_keyslot_info(struct luks2_hdr *hdr, int keyslot)
 275 {
 276         if(keyslot >= LUKS2_KEYSLOTS_MAX || keyslot < 0)
 277                 return CRYPT_SLOT_INVALID;
 278
 279         if (!LUKS2_get_keyslot_jobj(hdr, keyslot))
 280                 return CRYPT_SLOT_INACTIVE;
 281
 282         if (LUKS2_digest_by_keyslot(hdr, keyslot) < 0 ||
 283             LUKS2_keyslot_unbound(hdr, keyslot))
 284                 return CRYPT_SLOT_UNBOUND;
 285
 286         if (LUKS2_keyslot_active_count(hdr, CRYPT_DEFAULT_SEGMENT) == 1 &&
 287             !LUKS2_keyslot_for_segment(hdr, keyslot, CRYPT_DEFAULT_SEGMENT))
 288                 return CRYPT_SLOT_ACTIVE_LAST;
 289
 290         return CRYPT_SLOT_ACTIVE;
 291 }
 292
 293 int LUKS2_keyslot_jobj_area(json_object *jobj_keyslot, uint64_t *offset, uint64_t *length)
 294 {
 295         json_object *jobj_area, *jobj;
 296
 297         if (!json_object_object_get_ex(jobj_keyslot, "area", &jobj_area))
 298                 return -EINVAL;
 299
 300         if (!json_object_object_get_ex(jobj_area, "offset", &jobj))
 301                 return -EINVAL;
 302         *offset = crypt_jobj_get_uint64(jobj);
 303
 304         if (!json_object_object_get_ex(jobj_area, "size", &jobj))
 305                 return -EINVAL;
 306         *length = crypt_jobj_get_uint64(jobj);
 307
 308         return 0;
 309 }
 310
 311 int LUKS2_keyslot_area(struct luks2_hdr *hdr,
 312         int keyslot,
 313         uint64_t *offset,
 314         uint64_t *length)
 315 {
 316         json_object *jobj_keyslot;
 317
 318         if (LUKS2_keyslot_info(hdr, keyslot) == CRYPT_SLOT_INVALID)
 319                 return -EINVAL;
 320
 321         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 322         if (!jobj_keyslot)
 323                 return -ENOENT;
 324
 325         return LUKS2_keyslot_jobj_area(jobj_keyslot, offset, length);
 326 }
 327
 328 static int _open_and_verify(struct crypt_device *cd,
 329         struct luks2_hdr *hdr,
 330         const keyslot_handler *h,
 331         int keyslot,
 332         const char *password,
 333         size_t password_len,
 334         struct volume_key **vk)
 335 {
 336         int r, key_size = LUKS2_get_keyslot_stored_key_size(hdr, keyslot);
 337
 338         if (key_size < 0)
 339                 return -EINVAL;
 340
 341         *vk = crypt_alloc_volume_key(key_size, NULL);
 342         if (!*vk)
 343                 return -ENOMEM;
 344
 345         r = h->open(cd, keyslot, password, password_len, (*vk)->key, (*vk)->keylength);
 346         if (r < 0)
 347                 log_dbg(cd, "Keyslot %d (%s) open failed with %d.", keyslot, h->name, r);
 348         else
 349                 r = LUKS2_digest_verify(cd, hdr, *vk, keyslot);
 350
 351         if (r < 0) {
 352                 crypt_free_volume_key(*vk);
 353                 *vk = NULL;
 354         }
 355
 356         crypt_volume_key_set_id(*vk, r);
 357
 358         return r < 0 ? r : keyslot;
 359 }
 360
 361 static int LUKS2_open_and_verify_by_digest(struct crypt_device *cd,
 362         struct luks2_hdr *hdr,
 363         int keyslot,
 364         int digest,
 365         const char *password,
 366         size_t password_len,
 367         struct volume_key **vk)
 368 {
 369         const keyslot_handler *h;
 370         int r;
 371
 372         if (!(h = LUKS2_keyslot_handler(cd, keyslot)))
 373                 return -ENOENT;
 374
 375         r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot));
 376         if (r) {
 377                 log_dbg(cd, "Keyslot %d validation failed.", keyslot);
 378                 return r;
 379         }
 380
 381         r = _keyslot_for_digest(hdr, keyslot, digest);
 382         if (r) {
 383                 if (r == -ENOENT)
 384                         log_dbg(cd, "Keyslot %d unusable for digest %d.", keyslot, digest);
 385                 return r;
 386         }
 387
 388         return _open_and_verify(cd, hdr, h, keyslot, password, password_len, vk);
 389 }
 390
 391 static int LUKS2_open_and_verify(struct crypt_device *cd,
 392         struct luks2_hdr *hdr,
 393         int keyslot,
 394         int segment,
 395         const char *password,
 396         size_t password_len,
 397         struct volume_key **vk)
 398 {
 399         const keyslot_handler *h;
 400         int r;
 401
 402         if (!(h = LUKS2_keyslot_handler(cd, keyslot)))
 403                 return -ENOENT;
 404
 405         r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot));
 406         if (r) {
 407                 log_dbg(cd, "Keyslot %d validation failed.", keyslot);
 408                 return r;
 409         }
 410
 411         r = LUKS2_keyslot_for_segment(hdr, keyslot, segment);
 412         if (r) {
 413                 if (r == -ENOENT)
 414                         log_dbg(cd, "Keyslot %d unusable for segment %d.", keyslot, segment);
 415                 return r;
 416         }
 417
 418         return _open_and_verify(cd, hdr, h, keyslot, password, password_len, vk);
 419 }
 420
 421 static int LUKS2_keyslot_open_priority_digest(struct crypt_device *cd,
 422         struct luks2_hdr *hdr,
 423         crypt_keyslot_priority priority,
 424         const char *password,
 425         size_t password_len,
 426         int digest,
 427         struct volume_key **vk)
 428 {
 429         json_object *jobj_keyslots, *jobj;
 430         crypt_keyslot_priority slot_priority;
 431         int keyslot, r = -ENOENT;
 432
 433         json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots);
 434
 435         json_object_object_foreach(jobj_keyslots, slot, val) {
 436                 if (!json_object_object_get_ex(val, "priority", &jobj))
 437                         slot_priority = CRYPT_SLOT_PRIORITY_NORMAL;
 438                 else
 439                         slot_priority = json_object_get_int(jobj);
 440
 441                 keyslot = atoi(slot);
 442                 if (slot_priority != priority) {
 443                         log_dbg(cd, "Keyslot %d priority %d != %d (required), skipped.",
 444                                 keyslot, slot_priority, priority);
 445                         continue;
 446                 }
 447
 448                 r = LUKS2_open_and_verify_by_digest(cd, hdr, keyslot, digest, password, password_len, vk);
 449
 450                 /* Do not retry for errors that are no -EPERM or -ENOENT,
 451                    former meaning password wrong, latter key slot unusable for segment */
 452                 if ((r != -EPERM) && (r != -ENOENT))
 453                         break;
 454         }
 455
 456         return r;
 457 }
 458
 459 static int LUKS2_keyslot_open_priority(struct crypt_device *cd,
 460         struct luks2_hdr *hdr,
 461         crypt_keyslot_priority priority,
 462         const char *password,
 463         size_t password_len,
 464         int segment,
 465         struct volume_key **vk)
 466 {
 467         json_object *jobj_keyslots, *jobj;
 468         crypt_keyslot_priority slot_priority;
 469         int keyslot, r = -ENOENT;
 470
 471         json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots);
 472
 473         json_object_object_foreach(jobj_keyslots, slot, val) {
 474                 if (!json_object_object_get_ex(val, "priority", &jobj))
 475                         slot_priority = CRYPT_SLOT_PRIORITY_NORMAL;
 476                 else
 477                         slot_priority = json_object_get_int(jobj);
 478
 479                 keyslot = atoi(slot);
 480                 if (slot_priority != priority) {
 481                         log_dbg(cd, "Keyslot %d priority %d != %d (required), skipped.",
 482                                 keyslot, slot_priority, priority);
 483                         continue;
 484                 }
 485
 486                 r = LUKS2_open_and_verify(cd, hdr, keyslot, segment, password, password_len, vk);
 487
 488                 /* Do not retry for errors that are no -EPERM or -ENOENT,
 489                    former meaning password wrong, latter key slot unusable for segment */
 490                 if ((r != -EPERM) && (r != -ENOENT))
 491                         break;
 492         }
 493
 494         return r;
 495 }
 496
 497 static int LUKS2_keyslot_open_by_digest(struct crypt_device *cd,
 498         struct luks2_hdr *hdr,
 499         int keyslot,
 500         int digest,
 501         const char *password,
 502         size_t password_len,
 503         struct volume_key **vk)
 504 {
 505         int r_prio, r = -EINVAL;
 506
 507         if (digest < 0)
 508                 return r;
 509
 510         if (keyslot == CRYPT_ANY_SLOT) {
 511                 r_prio = LUKS2_keyslot_open_priority_digest(cd, hdr, CRYPT_SLOT_PRIORITY_PREFER,
 512                         password, password_len, digest, vk);
 513                 if (r_prio >= 0)
 514                         r = r_prio;
 515                 else if (r_prio != -EPERM && r_prio != -ENOENT)
 516                         r = r_prio;
 517                 else
 518                         r = LUKS2_keyslot_open_priority_digest(cd, hdr, CRYPT_SLOT_PRIORITY_NORMAL,
 519                                 password, password_len, digest, vk);
 520                 /* Prefer password wrong to no entry from priority slot */
 521                 if (r_prio == -EPERM && r == -ENOENT)
 522                         r = r_prio;
 523         } else
 524                 r = LUKS2_open_and_verify_by_digest(cd, hdr, keyslot, digest, password, password_len, vk);
 525
 526         return r;
 527 }
 528
 529 int LUKS2_keyslot_open_all_segments(struct crypt_device *cd,
 530         int keyslot_old,
 531         int keyslot_new,
 532         const char *password,
 533         size_t password_len,
 534         struct volume_key **vks)
 535 {
 536         struct volume_key *vk = NULL;
 537         int digest_old, digest_new, r = -EINVAL;
 538         struct luks2_hdr *hdr = crypt_get_hdr(cd, CRYPT_LUKS2);
 539
 540         digest_old = LUKS2_reencrypt_digest_old(hdr);
 541         if (digest_old >= 0) {
 542                 log_dbg(cd, "Trying to unlock volume key (digest: %d) using keyslot %d.", digest_old, keyslot_old);
 543                 r = LUKS2_keyslot_open_by_digest(cd, hdr, keyslot_old, digest_old, password, password_len, &vk);
 544                 if (r < 0)
 545                         goto out;
 546                 crypt_volume_key_add_next(vks, vk);
 547         }
 548
 549         digest_new = LUKS2_reencrypt_digest_new(hdr);
 550         if (digest_new >= 0 && digest_old != digest_new) {
 551                 log_dbg(cd, "Trying to unlock volume key (digest: %d) using keyslot %d.", digest_new, keyslot_new);
 552                 r = LUKS2_keyslot_open_by_digest(cd, hdr, keyslot_new, digest_new, password, password_len, &vk);
 553                 if (r < 0)
 554                         goto out;
 555                 crypt_volume_key_add_next(vks, vk);
 556         }
 557 out:
 558         if (r < 0) {
 559                 crypt_free_volume_key(*vks);
 560                 *vks = NULL;
 561
 562                 if (r == -ENOMEM)
 563                         log_err(cd, _("Not enough available memory to open a keyslot."));
 564                 else if (r != -EPERM && r != -ENOENT)
 565                         log_err(cd, _("Keyslot open failed."));
 566         }
 567         return r;
 568 }
 569
 570 int LUKS2_keyslot_open(struct crypt_device *cd,
 571         int keyslot,
 572         int segment,
 573         const char *password,
 574         size_t password_len,
 575         struct volume_key **vk)
 576 {
 577         struct luks2_hdr *hdr;
 578         int r_prio, r = -EINVAL;
 579
 580         hdr = crypt_get_hdr(cd, CRYPT_LUKS2);
 581
 582         if (keyslot == CRYPT_ANY_SLOT) {
 583                 r_prio = LUKS2_keyslot_open_priority(cd, hdr, CRYPT_SLOT_PRIORITY_PREFER,
 584                         password, password_len, segment, vk);
 585                 if (r_prio >= 0)
 586                         r = r_prio;
 587                 else if (r_prio != -EPERM && r_prio != -ENOENT)
 588                         r = r_prio;
 589                 else
 590                         r = LUKS2_keyslot_open_priority(cd, hdr, CRYPT_SLOT_PRIORITY_NORMAL,
 591                                 password, password_len, segment, vk);
 592                 /* Prefer password wrong to no entry from priority slot */
 593                 if (r_prio == -EPERM && r == -ENOENT)
 594                         r = r_prio;
 595         } else
 596                 r = LUKS2_open_and_verify(cd, hdr, keyslot, segment, password, password_len, vk);
 597
 598         if (r < 0) {
 599                 if (r == -ENOMEM)
 600                         log_err(cd, _("Not enough available memory to open a keyslot."));
 601                 else if (r != -EPERM && r != -ENOENT)
 602                         log_err(cd, _("Keyslot open failed."));
 603         }
 604
 605         return r;
 606 }
 607
 608 int LUKS2_keyslot_reencrypt_store(struct crypt_device *cd,
 609         struct luks2_hdr *hdr,
 610         int keyslot,
 611         const void *buffer,
 612         size_t buffer_length)
 613 {
 614         const keyslot_handler *h;
 615         int r;
 616
 617         if (!(h = LUKS2_keyslot_handler(cd, keyslot)) || strcmp(h->name, "reencrypt"))
 618                 return -EINVAL;
 619
 620         r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot));
 621         if (r) {
 622                 log_dbg(cd, "Keyslot validation failed.");
 623                 return r;
 624         }
 625
 626         return h->store(cd, keyslot, NULL, 0,
 627                         buffer, buffer_length);
 628 }
 629
 630 int LUKS2_keyslot_store(struct crypt_device *cd,
 631         struct luks2_hdr *hdr,
 632         int keyslot,
 633         const char *password,
 634         size_t password_len,
 635         const struct volume_key *vk,
 636         const struct luks2_keyslot_params *params)
 637 {
 638         const keyslot_handler *h;
 639         int r;
 640
 641         if (keyslot == CRYPT_ANY_SLOT)
 642                 return -EINVAL;
 643
 644         if (!LUKS2_get_keyslot_jobj(hdr, keyslot)) {
 645                 /* Try to allocate default and empty keyslot type */
 646                 h = LUKS2_keyslot_handler_type("luks2");
 647                 if (!h)
 648                         return -EINVAL;
 649
 650                 r = h->alloc(cd, keyslot, vk->keylength, params);
 651                 if (r)
 652                         return r;
 653         } else {
 654                 if (!(h = LUKS2_keyslot_handler(cd, keyslot)))
 655                         return -EINVAL;
 656
 657                 r = h->update(cd, keyslot, params);
 658                 if (r) {
 659                         log_dbg(cd, "Failed to update keyslot %d json.", keyslot);
 660                         return r;
 661                 }
 662         }
 663
 664         r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot));
 665         if (r) {
 666                 log_dbg(cd, "Keyslot validation failed.");
 667                 return r;
 668         }
 669
 670         if (LUKS2_hdr_validate(cd, hdr->jobj, hdr->hdr_size - LUKS2_HDR_BIN_LEN))
 671                 return -EINVAL;
 672
 673         return h->store(cd, keyslot, password, password_len,
 674                         vk->key, vk->keylength);
 675 }
 676
 677 int LUKS2_keyslot_wipe(struct crypt_device *cd,
 678         struct luks2_hdr *hdr,
 679         int keyslot,
 680         int wipe_area_only)
 681 {
 682         struct device *device = crypt_metadata_device(cd);
 683         uint64_t area_offset, area_length;
 684         int r;
 685         json_object *jobj_keyslot, *jobj_keyslots;
 686         const keyslot_handler *h;
 687
 688         h = LUKS2_keyslot_handler(cd, keyslot);
 689
 690         if (!json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots))
 691                 return -EINVAL;
 692
 693         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 694         if (!jobj_keyslot)
 695                 return -ENOENT;
 696
 697         if (wipe_area_only)
 698                 log_dbg(cd, "Wiping keyslot %d area only.", keyslot);
 699
 700         r = LUKS2_device_write_lock(cd, hdr, device);
 701         if (r)
 702                 return r;
 703
 704         /* secure deletion of possible key material in keyslot area */
 705         r = crypt_keyslot_area(cd, keyslot, &area_offset, &area_length);
 706         if (r && r != -ENOENT)
 707                 goto out;
 708
 709         if (!r) {
 710                 r = crypt_wipe_device(cd, device, CRYPT_WIPE_SPECIAL, area_offset,
 711                               area_length, area_length, NULL, NULL);
 712                 if (r) {
 713                         if (r == -EACCES) {
 714                                 log_err(cd, _("Cannot write to device %s, permission denied."),
 715                                         device_path(device));
 716                                 r = -EINVAL;
 717                         } else
 718                                 log_err(cd, _("Cannot wipe device %s."), device_path(device));
 719                         goto out;
 720                 }
 721         }
 722
 723         if (wipe_area_only)
 724                 goto out;
 725
 726         /* Slot specific wipe */
 727         if (h) {
 728                 r = h->wipe(cd, keyslot);
 729                 if (r < 0)
 730                         goto out;
 731         } else
 732                 log_dbg(cd, "Wiping keyslot %d without specific-slot handler loaded.", keyslot);
 733
 734         json_object_object_del_by_uint(jobj_keyslots, keyslot);
 735
 736         r = LUKS2_hdr_write(cd, hdr);
 737 out:
 738         device_write_unlock(cd, crypt_metadata_device(cd));
 739         return r;
 740 }
 741
 742 int LUKS2_keyslot_dump(struct crypt_device *cd, int keyslot)
 743 {
 744         const keyslot_handler *h;
 745
 746         if (!(h = LUKS2_keyslot_handler(cd, keyslot)))
 747                 return -EINVAL;
 748
 749         return h->dump(cd, keyslot);
 750 }
 751
 752 crypt_keyslot_priority LUKS2_keyslot_priority_get(struct luks2_hdr *hdr, int keyslot)
 753 {
 754         json_object *jobj_keyslot, *jobj_priority;
 755
 756         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 757         if (!jobj_keyslot)
 758                 return CRYPT_SLOT_PRIORITY_INVALID;
 759
 760         if (!json_object_object_get_ex(jobj_keyslot, "priority", &jobj_priority))
 761                 return CRYPT_SLOT_PRIORITY_NORMAL;
 762
 763         return json_object_get_int(jobj_priority);
 764 }
 765
 766 int LUKS2_keyslot_priority_set(struct crypt_device *cd, struct luks2_hdr *hdr,
 767                                int keyslot, crypt_keyslot_priority priority, int commit)
 768 {
 769         json_object *jobj_keyslot;
 770
 771         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 772         if (!jobj_keyslot)
 773                 return -EINVAL;
 774
 775         if (priority == CRYPT_SLOT_PRIORITY_NORMAL)
 776                 json_object_object_del(jobj_keyslot, "priority");
 777         else
 778                 json_object_object_add(jobj_keyslot, "priority", json_object_new_int(priority));
 779
 780         return commit ? LUKS2_hdr_write(cd, hdr) : 0;
 781 }
 782
 783 int placeholder_keyslot_alloc(struct crypt_device *cd,
 784         int keyslot,
 785         uint64_t area_offset,
 786         uint64_t area_length)
 787 {
 788         struct luks2_hdr *hdr;
 789         json_object *jobj_keyslots, *jobj_keyslot, *jobj_area;
 790
 791         log_dbg(cd, "Allocating placeholder keyslot %d for LUKS1 down conversion.", keyslot);
 792
 793         if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
 794                 return -EINVAL;
 795
 796         if (keyslot < 0 || keyslot >= LUKS2_KEYSLOTS_MAX)
 797                 return -EINVAL;
 798
 799         if (LUKS2_get_keyslot_jobj(hdr, keyslot))
 800                 return -EINVAL;
 801
 802         if (!json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots))
 803                 return -EINVAL;
 804
 805         jobj_keyslot = json_object_new_object();
 806         json_object_object_add(jobj_keyslot, "type", json_object_new_string("placeholder"));
 807         /*
 808          * key_size = -1 makes placeholder keyslot impossible to pass validation.
 809          * It's a safeguard against accidentally storing temporary conversion
 810          * LUKS2 header.
 811          */
 812         json_object_object_add(jobj_keyslot, "key_size", json_object_new_int(-1));
 813
 814         /* Area object */
 815         jobj_area = json_object_new_object();
 816         json_object_object_add(jobj_area, "offset", crypt_jobj_new_uint64(area_offset));
 817         json_object_object_add(jobj_area, "size", crypt_jobj_new_uint64(area_length));
 818         json_object_object_add(jobj_keyslot, "area", jobj_area);
 819
 820         json_object_object_add_by_uint(jobj_keyslots, keyslot, jobj_keyslot);
 821
 822         return 0;
 823 }
 824
 825 static unsigned LUKS2_get_keyslot_digests_count(json_object *hdr_jobj, int keyslot)
 826 {
 827         char num[16];
 828         json_object *jobj_digests, *jobj_keyslots;
 829         unsigned count = 0;
 830
 831         if (!json_object_object_get_ex(hdr_jobj, "digests", &jobj_digests))
 832                 return 0;
 833
 834         if (snprintf(num, sizeof(num), "%u", keyslot) < 0)
 835                 return 0;
 836
 837         json_object_object_foreach(jobj_digests, key, val) {
 838                 UNUSED(key);
 839                 json_object_object_get_ex(val, "keyslots", &jobj_keyslots);
 840                 if (LUKS2_array_jobj(jobj_keyslots, num))
 841                         count++;
 842         }
 843
 844         return count;
 845 }
 846
 847 /* run only on header that passed basic format validation */
 848 int LUKS2_keyslots_validate(struct crypt_device *cd, json_object *hdr_jobj)
 849 {
 850         const keyslot_handler *h;
 851         int keyslot;
 852         json_object *jobj_keyslots, *jobj_type;
 853         uint32_t reqs, reencrypt_count = 0;
 854         struct luks2_hdr dummy = {
 855                 .jobj = hdr_jobj
 856         };
 857
 858         if (!json_object_object_get_ex(hdr_jobj, "keyslots", &jobj_keyslots))
 859                 return -EINVAL;
 860
 861         if (LUKS2_config_get_requirements(cd, &dummy, &reqs))
 862                 return -EINVAL;
 863
 864         json_object_object_foreach(jobj_keyslots, slot, val) {
 865                 keyslot = atoi(slot);
 866                 json_object_object_get_ex(val, "type", &jobj_type);
 867                 h = LUKS2_keyslot_handler_type(json_object_get_string(jobj_type));
 868                 if (!h)
 869                         continue;
 870                 if (h->validate && h->validate(cd, val)) {
 871                         log_dbg(cd, "Keyslot type %s validation failed on keyslot %d.", h->name, keyslot);
 872                         return -EINVAL;
 873                 }
 874
 875                 if (!strcmp(h->name, "luks2") && LUKS2_get_keyslot_digests_count(hdr_jobj, keyslot) != 1) {
 876                         log_dbg(cd, "Keyslot %d is not assigned to exactly 1 digest.", keyslot);
 877                         return -EINVAL;
 878                 }
 879
 880                 if (!strcmp(h->name, "reencrypt"))
 881                         reencrypt_count++;
 882         }
 883
 884         if ((reqs & CRYPT_REQUIREMENT_ONLINE_REENCRYPT) && reencrypt_count == 0) {
 885                 log_dbg(cd, "Missing reencryption keyslot.");
 886                 return -EINVAL;
 887         }
 888
 889         if (reencrypt_count && !LUKS2_reencrypt_requirement_candidate(&dummy)) {
 890                 log_dbg(cd, "Missing reencryption requirement flag.");
 891                 return -EINVAL;
 892         }
 893
 894         if (reencrypt_count > 1) {
 895                 log_dbg(cd, "Too many reencryption keyslots.");
 896                 return -EINVAL;
 897         }
 898
 899         return 0;
 900 }
 901
 902 void LUKS2_keyslots_repair(struct crypt_device *cd, json_object *jobj_keyslots)
 903 {
 904         const keyslot_handler *h;
 905         json_object *jobj_type;
 906
 907         json_object_object_foreach(jobj_keyslots, slot, val) {
 908                 UNUSED(slot);
 909                 if (!json_object_is_type(val, json_type_object) ||
 910                     !json_object_object_get_ex(val, "type", &jobj_type) ||
 911                     !json_object_is_type(jobj_type, json_type_string))
 912                         continue;
 913
 914                 h = LUKS2_keyslot_handler_type(json_object_get_string(jobj_type));
 915                 if (h && h->repair)
 916                         h->repair(val);
 917         }
 918 }
 919
 920 /* assumes valid header */
 921 int LUKS2_find_keyslot(struct luks2_hdr *hdr, const char *type)
 922 {
 923         int i;
 924         json_object *jobj_keyslot, *jobj_type;
 925
 926         if (!type)
 927                 return -EINVAL;
 928
 929         for (i = 0; i < LUKS2_KEYSLOTS_MAX; i++) {
 930                 jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, i);
 931                 if (!jobj_keyslot)
 932                         continue;
 933
 934                 json_object_object_get_ex(jobj_keyslot, "type", &jobj_type);
 935                 if (!strcmp(json_object_get_string(jobj_type), type))
 936                         return i;
 937         }
 938
 939         return -ENOENT;
 940 }
 941
 942 /* assumes valid header, it does not move references in tokens/digests etc! */
 943 int LUKS2_keyslot_swap(struct crypt_device *cd, struct luks2_hdr *hdr,
 944         int keyslot, int keyslot2)
 945 {
 946         json_object *jobj_keyslots, *jobj_keyslot, *jobj_keyslot2;
 947         int r;
 948
 949         if (!json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots))
 950                 return -EINVAL;
 951
 952         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 953         if (!jobj_keyslot)
 954                 return -EINVAL;
 955
 956         jobj_keyslot2 = LUKS2_get_keyslot_jobj(hdr, keyslot2);
 957         if (!jobj_keyslot2)
 958                 return -EINVAL;
 959
 960         /* This transfer owner of object, no need for json_object_put */
 961         json_object_get(jobj_keyslot);
 962         json_object_get(jobj_keyslot2);
 963
 964         json_object_object_del_by_uint(jobj_keyslots, keyslot);
 965         r = json_object_object_add_by_uint(jobj_keyslots, keyslot, jobj_keyslot2);
 966         if (r < 0) {
 967                 log_dbg(cd, "Failed to swap keyslot %d.", keyslot);
 968                 return r;
 969         }
 970
 971         json_object_object_del_by_uint(jobj_keyslots, keyslot2);
 972         r = json_object_object_add_by_uint(jobj_keyslots, keyslot2, jobj_keyslot);
 973         if (r < 0)
 974                 log_dbg(cd, "Failed to swap keyslot2 %d.", keyslot2);
 975
 976         return r;
 977 }