lib/luks2/luks2_keyslot.c

   1 /*
   2  * LUKS - Linux Unified Key Setup v2, keyslot handling
   3  *
   4  * Copyright (C) 2015-2021 Red Hat, Inc. All rights reserved.
   5  * Copyright (C) 2015-2021 Milan Broz
   6  *
   7  * This program is free software; you can redistribute it and/or
   8  * modify it under the terms of the GNU General Public License
   9  * as published by the Free Software Foundation; either version 2
  10  * of the License, or (at your option) any later version.
  11  *
  12  * This program is distributed in the hope that it will be useful,
  13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  * GNU General Public License for more details.
  16  *
  17  * You should have received a copy of the GNU General Public License
  18  * along with this program; if not, write to the Free Software
  19  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  20  */
  21
  22 #include "luks2_internal.h"
  23
  24 /* Internal implementations */
  25 extern const keyslot_handler luks2_keyslot;
  26 extern const keyslot_handler reenc_keyslot;
  27
  28 static const keyslot_handler *keyslot_handlers[LUKS2_KEYSLOTS_MAX] = {
  29         &luks2_keyslot,
  30 #if USE_LUKS2_REENCRYPTION
  31         &reenc_keyslot,
  32 #endif
  33         NULL
  34 };
  35
  36 static const keyslot_handler
  37 *LUKS2_keyslot_handler_type(struct crypt_device *cd, const char *type)
  38 {
  39         int i;
  40
  41         for (i = 0; i < LUKS2_KEYSLOTS_MAX && keyslot_handlers[i]; i++) {
  42                 if (!strcmp(keyslot_handlers[i]->name, type))
  43                         return keyslot_handlers[i];
  44         }
  45
  46         return NULL;
  47 }
  48
  49 static const keyslot_handler
  50 *LUKS2_keyslot_handler(struct crypt_device *cd, int keyslot)
  51 {
  52         struct luks2_hdr *hdr;
  53         json_object *jobj1, *jobj2;
  54
  55         if (keyslot < 0)
  56                 return NULL;
  57
  58         if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
  59                 return NULL;
  60
  61         if (!(jobj1 = LUKS2_get_keyslot_jobj(hdr, keyslot)))
  62                 return NULL;
  63
  64         if (!json_object_object_get_ex(jobj1, "type", &jobj2))
  65                 return NULL;
  66
  67         return LUKS2_keyslot_handler_type(cd, json_object_get_string(jobj2));
  68 }
  69
  70 int LUKS2_keyslot_find_empty(struct luks2_hdr *hdr)
  71 {
  72         int i;
  73
  74         for (i = 0; i < LUKS2_KEYSLOTS_MAX; i++)
  75                 if (!LUKS2_get_keyslot_jobj(hdr, i))
  76                         return i;
  77
  78         return -EINVAL;
  79 }
  80
  81 /* Check if a keyslot is assigned to specific segment */
  82 static int _keyslot_for_segment(struct luks2_hdr *hdr, int keyslot, int segment)
  83 {
  84         int keyslot_digest, count = 0;
  85         unsigned s;
  86
  87         keyslot_digest = LUKS2_digest_by_keyslot(hdr, keyslot);
  88         if (keyslot_digest < 0)
  89                 return keyslot_digest;
  90
  91         if (segment >= 0)
  92                 return keyslot_digest == LUKS2_digest_by_segment(hdr, segment);
  93
  94         for (s = 0; s < json_segments_count(LUKS2_get_segments_jobj(hdr)); s++) {
  95                 if (keyslot_digest == LUKS2_digest_by_segment(hdr, s))
  96                         count++;
  97         }
  98
  99         return count;
 100 }
 101
 102 static int _keyslot_for_digest(struct luks2_hdr *hdr, int keyslot, int digest)
 103 {
 104         int r = -EINVAL;
 105
 106         r = LUKS2_digest_by_keyslot(hdr, keyslot);
 107         if (r < 0)
 108                 return r;
 109         return r == digest ? 0 : -ENOENT;
 110 }
 111
 112 int LUKS2_keyslot_for_segment(struct luks2_hdr *hdr, int keyslot, int segment)
 113 {
 114         int r = -EINVAL;
 115
 116         /* no need to check anything */
 117         if (segment == CRYPT_ANY_SEGMENT)
 118                 return 0; /* ok */
 119         if (segment == CRYPT_DEFAULT_SEGMENT) {
 120                 segment = LUKS2_get_default_segment(hdr);
 121                 if (segment < 0)
 122                         return segment;
 123         }
 124
 125         r = _keyslot_for_segment(hdr, keyslot, segment);
 126         if (r < 0)
 127                 return r;
 128
 129         return r >= 1 ? 0 : -ENOENT;
 130 }
 131
 132 /* Number of keyslots assigned to a segment or all keyslots for CRYPT_ANY_SEGMENT */
 133 int LUKS2_keyslot_active_count(struct luks2_hdr *hdr, int segment)
 134 {
 135         int num = 0;
 136         json_object *jobj_keyslots;
 137
 138         json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots);
 139
 140         json_object_object_foreach(jobj_keyslots, slot, val) {
 141                 UNUSED(val);
 142                 if (!LUKS2_keyslot_for_segment(hdr, atoi(slot), segment))
 143                         num++;
 144         }
 145
 146         return num;
 147 }
 148
 149 int LUKS2_keyslot_cipher_incompatible(struct crypt_device *cd, const char *cipher_spec)
 150 {
 151         char cipher[MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN];
 152
 153         if (!cipher_spec || crypt_is_cipher_null(cipher_spec))
 154                 return 1;
 155
 156         if (crypt_parse_name_and_mode(cipher_spec, cipher, NULL, cipher_mode) < 0)
 157                 return 1;
 158
 159         /* Keyslot is already authenticated; we cannot use integrity tags here */
 160         if (crypt_get_integrity_tag_size(cd))
 161                 return 1;
 162
 163         /* Wrapped key schemes cannot be used for keyslot encryption */
 164         if (crypt_cipher_wrapped_key(cipher, cipher_mode))
 165                 return 1;
 166
 167         /* Check if crypto backend can use the cipher */
 168         if (crypt_cipher_ivsize(cipher, cipher_mode) < 0)
 169                 return 1;
 170
 171         return 0;
 172 }
 173
 174 int LUKS2_keyslot_params_default(struct crypt_device *cd, struct luks2_hdr *hdr,
 175                                  struct luks2_keyslot_params *params)
 176 {
 177         const struct crypt_pbkdf_type *pbkdf = crypt_get_pbkdf_type(cd);
 178         const char *cipher_spec;
 179         size_t key_size;
 180         int r;
 181
 182         if (!hdr || !pbkdf || !params)
 183                 return -EINVAL;
 184
 185         /*
 186          * set keyslot area encryption parameters
 187          */
 188         params->area_type = LUKS2_KEYSLOT_AREA_RAW;
 189         cipher_spec = crypt_keyslot_get_encryption(cd, CRYPT_ANY_SLOT, &key_size);
 190         if (!cipher_spec || !key_size)
 191                 return -EINVAL;
 192
 193         params->area.raw.key_size = key_size;
 194         r = snprintf(params->area.raw.encryption, sizeof(params->area.raw.encryption), "%s", cipher_spec);
 195         if (r < 0 || (size_t)r >= sizeof(params->area.raw.encryption))
 196                 return -EINVAL;
 197
 198         /*
 199          * set keyslot AF parameters
 200          */
 201         params->af_type = LUKS2_KEYSLOT_AF_LUKS1;
 202         /* currently we use hash for AF from pbkdf settings */
 203         r = snprintf(params->af.luks1.hash, sizeof(params->af.luks1.hash), "%s", pbkdf->hash ?: DEFAULT_LUKS1_HASH);
 204         if (r < 0 || (size_t)r >= sizeof(params->af.luks1.hash))
 205                 return -EINVAL;
 206         params->af.luks1.stripes = 4000;
 207
 208         return 0;
 209 }
 210
 211 int LUKS2_keyslot_pbkdf(struct luks2_hdr *hdr, int keyslot, struct crypt_pbkdf_type *pbkdf)
 212 {
 213         json_object *jobj_keyslot, *jobj_kdf, *jobj;
 214
 215         if (!hdr || !pbkdf)
 216                 return -EINVAL;
 217
 218         if (LUKS2_keyslot_info(hdr, keyslot) == CRYPT_SLOT_INVALID)
 219                 return -EINVAL;
 220
 221         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 222         if (!jobj_keyslot)
 223                 return -ENOENT;
 224
 225         if (!json_object_object_get_ex(jobj_keyslot, "kdf", &jobj_kdf))
 226                 return -EINVAL;
 227
 228         if (!json_object_object_get_ex(jobj_kdf, "type", &jobj))
 229                 return -EINVAL;
 230
 231         memset(pbkdf, 0, sizeof(*pbkdf));
 232
 233         pbkdf->type = json_object_get_string(jobj);
 234         if (json_object_object_get_ex(jobj_kdf, "hash", &jobj))
 235                 pbkdf->hash = json_object_get_string(jobj);
 236         if (json_object_object_get_ex(jobj_kdf, "iterations", &jobj))
 237                 pbkdf->iterations = json_object_get_int(jobj);
 238         if (json_object_object_get_ex(jobj_kdf, "time", &jobj))
 239                 pbkdf->iterations = json_object_get_int(jobj);
 240         if (json_object_object_get_ex(jobj_kdf, "memory", &jobj))
 241                 pbkdf->max_memory_kb = json_object_get_int(jobj);
 242         if (json_object_object_get_ex(jobj_kdf, "cpus", &jobj))
 243                 pbkdf->parallel_threads = json_object_get_int(jobj);
 244
 245         return 0;
 246 }
 247
 248 static int LUKS2_keyslot_unbound(struct luks2_hdr *hdr, int keyslot)
 249 {
 250         json_object *jobj_digest, *jobj_segments;
 251         int digest = LUKS2_digest_by_keyslot(hdr, keyslot);
 252
 253         if (digest < 0)
 254                 return 0;
 255
 256         if (!(jobj_digest = LUKS2_get_digest_jobj(hdr, digest)))
 257                 return 0;
 258
 259         json_object_object_get_ex(jobj_digest, "segments", &jobj_segments);
 260         if (!jobj_segments || !json_object_is_type(jobj_segments, json_type_array) ||
 261             json_object_array_length(jobj_segments) == 0)
 262                 return 1;
 263
 264         return 0;
 265 }
 266
 267 crypt_keyslot_info LUKS2_keyslot_info(struct luks2_hdr *hdr, int keyslot)
 268 {
 269         if(keyslot >= LUKS2_KEYSLOTS_MAX || keyslot < 0)
 270                 return CRYPT_SLOT_INVALID;
 271
 272         if (!LUKS2_get_keyslot_jobj(hdr, keyslot))
 273                 return CRYPT_SLOT_INACTIVE;
 274
 275         if (LUKS2_digest_by_keyslot(hdr, keyslot) < 0 ||
 276             LUKS2_keyslot_unbound(hdr, keyslot))
 277                 return CRYPT_SLOT_UNBOUND;
 278
 279         if (LUKS2_keyslot_active_count(hdr, CRYPT_DEFAULT_SEGMENT) == 1 &&
 280             !LUKS2_keyslot_for_segment(hdr, keyslot, CRYPT_DEFAULT_SEGMENT))
 281                 return CRYPT_SLOT_ACTIVE_LAST;
 282
 283         return CRYPT_SLOT_ACTIVE;
 284 }
 285
 286 int LUKS2_keyslot_jobj_area(json_object *jobj_keyslot, uint64_t *offset, uint64_t *length)
 287 {
 288         json_object *jobj_area, *jobj;
 289
 290         if (!json_object_object_get_ex(jobj_keyslot, "area", &jobj_area))
 291                 return -EINVAL;
 292
 293         if (!json_object_object_get_ex(jobj_area, "offset", &jobj))
 294                 return -EINVAL;
 295         *offset = crypt_jobj_get_uint64(jobj);
 296
 297         if (!json_object_object_get_ex(jobj_area, "size", &jobj))
 298                 return -EINVAL;
 299         *length = crypt_jobj_get_uint64(jobj);
 300
 301         return 0;
 302 }
 303
 304 int LUKS2_keyslot_area(struct luks2_hdr *hdr,
 305         int keyslot,
 306         uint64_t *offset,
 307         uint64_t *length)
 308 {
 309         json_object *jobj_keyslot;
 310
 311         if (LUKS2_keyslot_info(hdr, keyslot) == CRYPT_SLOT_INVALID)
 312                 return -EINVAL;
 313
 314         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 315         if (!jobj_keyslot)
 316                 return -ENOENT;
 317
 318         return LUKS2_keyslot_jobj_area(jobj_keyslot, offset, length);
 319 }
 320
 321 static int _open_and_verify(struct crypt_device *cd,
 322         struct luks2_hdr *hdr,
 323         const keyslot_handler *h,
 324         int keyslot,
 325         const char *password,
 326         size_t password_len,
 327         struct volume_key **vk)
 328 {
 329         int r, key_size = LUKS2_get_keyslot_stored_key_size(hdr, keyslot);
 330
 331         if (key_size < 0)
 332                 return -EINVAL;
 333
 334         *vk = crypt_alloc_volume_key(key_size, NULL);
 335         if (!*vk)
 336                 return -ENOMEM;
 337
 338         r = h->open(cd, keyslot, password, password_len, (*vk)->key, (*vk)->keylength);
 339         if (r < 0)
 340                 log_dbg(cd, "Keyslot %d (%s) open failed with %d.", keyslot, h->name, r);
 341         else
 342                 r = LUKS2_digest_verify(cd, hdr, *vk, keyslot);
 343
 344         if (r < 0) {
 345                 crypt_free_volume_key(*vk);
 346                 *vk = NULL;
 347         }
 348
 349         crypt_volume_key_set_id(*vk, r);
 350
 351         return r < 0 ? r : keyslot;
 352 }
 353
 354 static int LUKS2_open_and_verify_by_digest(struct crypt_device *cd,
 355         struct luks2_hdr *hdr,
 356         int keyslot,
 357         int digest,
 358         const char *password,
 359         size_t password_len,
 360         struct volume_key **vk)
 361 {
 362         const keyslot_handler *h;
 363         int r;
 364
 365         if (!(h = LUKS2_keyslot_handler(cd, keyslot)))
 366                 return -ENOENT;
 367
 368         r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot));
 369         if (r) {
 370                 log_dbg(cd, "Keyslot %d validation failed.", keyslot);
 371                 return r;
 372         }
 373
 374         r = _keyslot_for_digest(hdr, keyslot, digest);
 375         if (r) {
 376                 if (r == -ENOENT)
 377                         log_dbg(cd, "Keyslot %d unusable for digest %d.", keyslot, digest);
 378                 return r;
 379         }
 380
 381         return _open_and_verify(cd, hdr, h, keyslot, password, password_len, vk);
 382 }
 383
 384 static int LUKS2_open_and_verify(struct crypt_device *cd,
 385         struct luks2_hdr *hdr,
 386         int keyslot,
 387         int segment,
 388         const char *password,
 389         size_t password_len,
 390         struct volume_key **vk)
 391 {
 392         const keyslot_handler *h;
 393         int r;
 394
 395         if (!(h = LUKS2_keyslot_handler(cd, keyslot)))
 396                 return -ENOENT;
 397
 398         r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot));
 399         if (r) {
 400                 log_dbg(cd, "Keyslot %d validation failed.", keyslot);
 401                 return r;
 402         }
 403
 404         r = LUKS2_keyslot_for_segment(hdr, keyslot, segment);
 405         if (r) {
 406                 if (r == -ENOENT)
 407                         log_dbg(cd, "Keyslot %d unusable for segment %d.", keyslot, segment);
 408                 return r;
 409         }
 410
 411         return _open_and_verify(cd, hdr, h, keyslot, password, password_len, vk);
 412 }
 413
 414 static int LUKS2_keyslot_open_priority_digest(struct crypt_device *cd,
 415         struct luks2_hdr *hdr,
 416         crypt_keyslot_priority priority,
 417         const char *password,
 418         size_t password_len,
 419         int digest,
 420         struct volume_key **vk)
 421 {
 422         json_object *jobj_keyslots, *jobj;
 423         crypt_keyslot_priority slot_priority;
 424         int keyslot, r = -ENOENT;
 425
 426         json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots);
 427
 428         json_object_object_foreach(jobj_keyslots, slot, val) {
 429                 if (!json_object_object_get_ex(val, "priority", &jobj))
 430                         slot_priority = CRYPT_SLOT_PRIORITY_NORMAL;
 431                 else
 432                         slot_priority = json_object_get_int(jobj);
 433
 434                 keyslot = atoi(slot);
 435                 if (slot_priority != priority) {
 436                         log_dbg(cd, "Keyslot %d priority %d != %d (required), skipped.",
 437                                 keyslot, slot_priority, priority);
 438                         continue;
 439                 }
 440
 441                 r = LUKS2_open_and_verify_by_digest(cd, hdr, keyslot, digest, password, password_len, vk);
 442
 443                 /* Do not retry for errors that are no -EPERM or -ENOENT,
 444                    former meaning password wrong, latter key slot unusable for segment */
 445                 if ((r != -EPERM) && (r != -ENOENT))
 446                         break;
 447         }
 448
 449         return r;
 450 }
 451
 452 static int LUKS2_keyslot_open_priority(struct crypt_device *cd,
 453         struct luks2_hdr *hdr,
 454         crypt_keyslot_priority priority,
 455         const char *password,
 456         size_t password_len,
 457         int segment,
 458         struct volume_key **vk)
 459 {
 460         json_object *jobj_keyslots, *jobj;
 461         crypt_keyslot_priority slot_priority;
 462         int keyslot, r = -ENOENT;
 463
 464         json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots);
 465
 466         json_object_object_foreach(jobj_keyslots, slot, val) {
 467                 if (!json_object_object_get_ex(val, "priority", &jobj))
 468                         slot_priority = CRYPT_SLOT_PRIORITY_NORMAL;
 469                 else
 470                         slot_priority = json_object_get_int(jobj);
 471
 472                 keyslot = atoi(slot);
 473                 if (slot_priority != priority) {
 474                         log_dbg(cd, "Keyslot %d priority %d != %d (required), skipped.",
 475                                 keyslot, slot_priority, priority);
 476                         continue;
 477                 }
 478
 479                 r = LUKS2_open_and_verify(cd, hdr, keyslot, segment, password, password_len, vk);
 480
 481                 /* Do not retry for errors that are no -EPERM or -ENOENT,
 482                    former meaning password wrong, latter key slot unusable for segment */
 483                 if ((r != -EPERM) && (r != -ENOENT))
 484                         break;
 485         }
 486
 487         return r;
 488 }
 489
 490 static int LUKS2_keyslot_open_by_digest(struct crypt_device *cd,
 491         struct luks2_hdr *hdr,
 492         int keyslot,
 493         int digest,
 494         const char *password,
 495         size_t password_len,
 496         struct volume_key **vk)
 497 {
 498         int r_prio, r = -EINVAL;
 499
 500         if (digest < 0)
 501                 return r;
 502
 503         if (keyslot == CRYPT_ANY_SLOT) {
 504                 r_prio = LUKS2_keyslot_open_priority_digest(cd, hdr, CRYPT_SLOT_PRIORITY_PREFER,
 505                         password, password_len, digest, vk);
 506                 if (r_prio >= 0)
 507                         r = r_prio;
 508                 else if (r_prio != -EPERM && r_prio != -ENOENT)
 509                         r = r_prio;
 510                 else
 511                         r = LUKS2_keyslot_open_priority_digest(cd, hdr, CRYPT_SLOT_PRIORITY_NORMAL,
 512                                 password, password_len, digest, vk);
 513                 /* Prefer password wrong to no entry from priority slot */
 514                 if (r_prio == -EPERM && r == -ENOENT)
 515                         r = r_prio;
 516         } else
 517                 r = LUKS2_open_and_verify_by_digest(cd, hdr, keyslot, digest, password, password_len, vk);
 518
 519         return r;
 520 }
 521
 522 int LUKS2_keyslot_open_all_segments(struct crypt_device *cd,
 523         int keyslot_old,
 524         int keyslot_new,
 525         const char *password,
 526         size_t password_len,
 527         struct volume_key **vks)
 528 {
 529         struct volume_key *vk = NULL;
 530         int digest_old, digest_new, r = -EINVAL;
 531         struct luks2_hdr *hdr = crypt_get_hdr(cd, CRYPT_LUKS2);
 532
 533         digest_old = LUKS2_reencrypt_digest_old(hdr);
 534         if (digest_old >= 0) {
 535                 log_dbg(cd, "Trying to unlock volume key (digest: %d) using keyslot %d.", digest_old, keyslot_old);
 536                 r = LUKS2_keyslot_open_by_digest(cd, hdr, keyslot_old, digest_old, password, password_len, &vk);
 537                 if (r < 0)
 538                         goto out;
 539                 crypt_volume_key_add_next(vks, vk);
 540         }
 541
 542         digest_new = LUKS2_reencrypt_digest_new(hdr);
 543         if (digest_new >= 0 && digest_old != digest_new) {
 544                 log_dbg(cd, "Trying to unlock volume key (digest: %d) using keyslot %d.", digest_new, keyslot_new);
 545                 r = LUKS2_keyslot_open_by_digest(cd, hdr, keyslot_new, digest_new, password, password_len, &vk);
 546                 if (r < 0)
 547                         goto out;
 548                 crypt_volume_key_add_next(vks, vk);
 549         }
 550 out:
 551         if (r < 0) {
 552                 crypt_free_volume_key(*vks);
 553                 *vks = NULL;
 554
 555                 if (r == -ENOMEM)
 556                         log_err(cd, _("Not enough available memory to open a keyslot."));
 557                 else if (r != -EPERM)
 558                         log_err(cd, _("Keyslot open failed."));
 559         }
 560         return r;
 561 }
 562
 563 int LUKS2_keyslot_open(struct crypt_device *cd,
 564         int keyslot,
 565         int segment,
 566         const char *password,
 567         size_t password_len,
 568         struct volume_key **vk)
 569 {
 570         struct luks2_hdr *hdr;
 571         int r_prio, r = -EINVAL;
 572
 573         hdr = crypt_get_hdr(cd, CRYPT_LUKS2);
 574
 575         if (keyslot == CRYPT_ANY_SLOT) {
 576                 r_prio = LUKS2_keyslot_open_priority(cd, hdr, CRYPT_SLOT_PRIORITY_PREFER,
 577                         password, password_len, segment, vk);
 578                 if (r_prio >= 0)
 579                         r = r_prio;
 580                 else if (r_prio != -EPERM && r_prio != -ENOENT)
 581                         r = r_prio;
 582                 else
 583                         r = LUKS2_keyslot_open_priority(cd, hdr, CRYPT_SLOT_PRIORITY_NORMAL,
 584                                 password, password_len, segment, vk);
 585                 /* Prefer password wrong to no entry from priority slot */
 586                 if (r_prio == -EPERM && r == -ENOENT)
 587                         r = r_prio;
 588         } else
 589                 r = LUKS2_open_and_verify(cd, hdr, keyslot, segment, password, password_len, vk);
 590
 591         if (r < 0) {
 592                 if (r == -ENOMEM)
 593                         log_err(cd, _("Not enough available memory to open a keyslot."));
 594                 else if (r != -EPERM)
 595                         log_err(cd, _("Keyslot open failed."));
 596         }
 597
 598         return r;
 599 }
 600
 601 int LUKS2_keyslot_reencrypt_allocate(struct crypt_device *cd,
 602         struct luks2_hdr *hdr,
 603         int keyslot,
 604         const struct crypt_params_reencrypt *params)
 605 {
 606         const keyslot_handler *h;
 607         int r;
 608
 609         if (keyslot == CRYPT_ANY_SLOT)
 610                 return -EINVAL;
 611
 612         /* FIXME: find keyslot by type */
 613         h = LUKS2_keyslot_handler_type(cd, "reencrypt");
 614         if (!h)
 615                 return -EINVAL;
 616
 617         r = reenc_keyslot_alloc(cd, hdr, keyslot, params);
 618         if (r < 0)
 619                 return r;
 620
 621         r = LUKS2_keyslot_priority_set(cd, hdr, keyslot, CRYPT_SLOT_PRIORITY_IGNORE, 0);
 622         if (r < 0)
 623                 return r;
 624
 625         r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot));
 626         if (r) {
 627                 log_dbg(cd, "Keyslot validation failed.");
 628                 return r;
 629         }
 630
 631         return 0;
 632 }
 633
 634 int LUKS2_keyslot_reencrypt_store(struct crypt_device *cd,
 635         struct luks2_hdr *hdr,
 636         int keyslot,
 637         const void *buffer,
 638         size_t buffer_length)
 639 {
 640         const keyslot_handler *h;
 641         int r;
 642
 643         if (!(h = LUKS2_keyslot_handler(cd, keyslot)) || strcmp(h->name, "reencrypt"))
 644                 return -EINVAL;
 645
 646         r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot));
 647         if (r) {
 648                 log_dbg(cd, "Keyslot validation failed.");
 649                 return r;
 650         }
 651
 652         return h->store(cd, keyslot, NULL, 0,
 653                         buffer, buffer_length);
 654 }
 655
 656 int LUKS2_keyslot_store(struct crypt_device *cd,
 657         struct luks2_hdr *hdr,
 658         int keyslot,
 659         const char *password,
 660         size_t password_len,
 661         const struct volume_key *vk,
 662         const struct luks2_keyslot_params *params)
 663 {
 664         const keyslot_handler *h;
 665         int r;
 666
 667         if (keyslot == CRYPT_ANY_SLOT)
 668                 return -EINVAL;
 669
 670         if (!LUKS2_get_keyslot_jobj(hdr, keyslot)) {
 671                 /* Try to allocate default and empty keyslot type */
 672                 h = LUKS2_keyslot_handler_type(cd, "luks2");
 673                 if (!h)
 674                         return -EINVAL;
 675
 676                 r = h->alloc(cd, keyslot, vk->keylength, params);
 677                 if (r)
 678                         return r;
 679         } else {
 680                 if (!(h = LUKS2_keyslot_handler(cd, keyslot)))
 681                         return -EINVAL;
 682
 683                 r = h->update(cd, keyslot, params);
 684                 if (r) {
 685                         log_dbg(cd, "Failed to update keyslot %d json.", keyslot);
 686                         return r;
 687                 }
 688         }
 689
 690         r = h->validate(cd, LUKS2_get_keyslot_jobj(hdr, keyslot));
 691         if (r) {
 692                 log_dbg(cd, "Keyslot validation failed.");
 693                 return r;
 694         }
 695
 696         if (LUKS2_hdr_validate(cd, hdr->jobj, hdr->hdr_size - LUKS2_HDR_BIN_LEN))
 697                 return -EINVAL;
 698
 699         return h->store(cd, keyslot, password, password_len,
 700                         vk->key, vk->keylength);
 701 }
 702
 703 int LUKS2_keyslot_wipe(struct crypt_device *cd,
 704         struct luks2_hdr *hdr,
 705         int keyslot,
 706         int wipe_area_only)
 707 {
 708         struct device *device = crypt_metadata_device(cd);
 709         uint64_t area_offset, area_length;
 710         int r;
 711         json_object *jobj_keyslot, *jobj_keyslots;
 712         const keyslot_handler *h;
 713
 714         h = LUKS2_keyslot_handler(cd, keyslot);
 715
 716         if (!json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots))
 717                 return -EINVAL;
 718
 719         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 720         if (!jobj_keyslot)
 721                 return -ENOENT;
 722
 723         if (wipe_area_only)
 724                 log_dbg(cd, "Wiping keyslot %d area only.", keyslot);
 725
 726         r = LUKS2_device_write_lock(cd, hdr, device);
 727         if (r)
 728                 return r;
 729
 730         /* secure deletion of possible key material in keyslot area */
 731         r = crypt_keyslot_area(cd, keyslot, &area_offset, &area_length);
 732         if (r && r != -ENOENT)
 733                 goto out;
 734
 735         if (!r) {
 736                 r = crypt_wipe_device(cd, device, CRYPT_WIPE_SPECIAL, area_offset,
 737                               area_length, area_length, NULL, NULL);
 738                 if (r) {
 739                         if (r == -EACCES) {
 740                                 log_err(cd, _("Cannot write to device %s, permission denied."),
 741                                         device_path(device));
 742                                 r = -EINVAL;
 743                         } else
 744                                 log_err(cd, _("Cannot wipe device %s."), device_path(device));
 745                         goto out;
 746                 }
 747         }
 748
 749         if (wipe_area_only)
 750                 goto out;
 751
 752         /* Slot specific wipe */
 753         if (h) {
 754                 r = h->wipe(cd, keyslot);
 755                 if (r < 0)
 756                         goto out;
 757         } else
 758                 log_dbg(cd, "Wiping keyslot %d without specific-slot handler loaded.", keyslot);
 759
 760         json_object_object_del_by_uint(jobj_keyslots, keyslot);
 761
 762         r = LUKS2_hdr_write(cd, hdr);
 763 out:
 764         device_write_unlock(cd, crypt_metadata_device(cd));
 765         return r;
 766 }
 767
 768 int LUKS2_keyslot_dump(struct crypt_device *cd, int keyslot)
 769 {
 770         const keyslot_handler *h;
 771
 772         if (!(h = LUKS2_keyslot_handler(cd, keyslot)))
 773                 return -EINVAL;
 774
 775         return h->dump(cd, keyslot);
 776 }
 777
 778 crypt_keyslot_priority LUKS2_keyslot_priority_get(struct crypt_device *cd,
 779           struct luks2_hdr *hdr, int keyslot)
 780 {
 781         json_object *jobj_keyslot, *jobj_priority;
 782
 783         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 784         if (!jobj_keyslot)
 785                 return CRYPT_SLOT_PRIORITY_INVALID;
 786
 787         if (!json_object_object_get_ex(jobj_keyslot, "priority", &jobj_priority))
 788                 return CRYPT_SLOT_PRIORITY_NORMAL;
 789
 790         return json_object_get_int(jobj_priority);
 791 }
 792
 793 int LUKS2_keyslot_priority_set(struct crypt_device *cd, struct luks2_hdr *hdr,
 794                                int keyslot, crypt_keyslot_priority priority, int commit)
 795 {
 796         json_object *jobj_keyslot;
 797
 798         jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, keyslot);
 799         if (!jobj_keyslot)
 800                 return -EINVAL;
 801
 802         if (priority == CRYPT_SLOT_PRIORITY_NORMAL)
 803                 json_object_object_del(jobj_keyslot, "priority");
 804         else
 805                 json_object_object_add(jobj_keyslot, "priority", json_object_new_int(priority));
 806
 807         return commit ? LUKS2_hdr_write(cd, hdr) : 0;
 808 }
 809
 810 int placeholder_keyslot_alloc(struct crypt_device *cd,
 811         int keyslot,
 812         uint64_t area_offset,
 813         uint64_t area_length,
 814         size_t volume_key_len)
 815 {
 816         struct luks2_hdr *hdr;
 817         json_object *jobj_keyslots, *jobj_keyslot, *jobj_area;
 818
 819         log_dbg(cd, "Allocating placeholder keyslot %d for LUKS1 down conversion.", keyslot);
 820
 821         if (!(hdr = crypt_get_hdr(cd, CRYPT_LUKS2)))
 822                 return -EINVAL;
 823
 824         if (keyslot < 0 || keyslot >= LUKS2_KEYSLOTS_MAX)
 825                 return -EINVAL;
 826
 827         if (LUKS2_get_keyslot_jobj(hdr, keyslot))
 828                 return -EINVAL;
 829
 830         if (!json_object_object_get_ex(hdr->jobj, "keyslots", &jobj_keyslots))
 831                 return -EINVAL;
 832
 833         jobj_keyslot = json_object_new_object();
 834         json_object_object_add(jobj_keyslot, "type", json_object_new_string("placeholder"));
 835         /*
 836          * key_size = -1 makes placeholder keyslot impossible to pass validation.
 837          * It's a safeguard against accidentally storing temporary conversion
 838          * LUKS2 header.
 839          */
 840         json_object_object_add(jobj_keyslot, "key_size", json_object_new_int(-1));
 841
 842         /* Area object */
 843         jobj_area = json_object_new_object();
 844         json_object_object_add(jobj_area, "offset", crypt_jobj_new_uint64(area_offset));
 845         json_object_object_add(jobj_area, "size", crypt_jobj_new_uint64(area_length));
 846         json_object_object_add(jobj_keyslot, "area", jobj_area);
 847
 848         json_object_object_add_by_uint(jobj_keyslots, keyslot, jobj_keyslot);
 849
 850         return 0;
 851 }
 852
 853 static unsigned LUKS2_get_keyslot_digests_count(json_object *hdr_jobj, int keyslot)
 854 {
 855         char num[16];
 856         json_object *jobj_digests, *jobj_keyslots;
 857         unsigned count = 0;
 858
 859         if (!json_object_object_get_ex(hdr_jobj, "digests", &jobj_digests))
 860                 return 0;
 861
 862         if (snprintf(num, sizeof(num), "%u", keyslot) < 0)
 863                 return 0;
 864
 865         json_object_object_foreach(jobj_digests, key, val) {
 866                 UNUSED(key);
 867                 json_object_object_get_ex(val, "keyslots", &jobj_keyslots);
 868                 if (LUKS2_array_jobj(jobj_keyslots, num))
 869                         count++;
 870         }
 871
 872         return count;
 873 }
 874
 875 /* run only on header that passed basic format validation */
 876 int LUKS2_keyslots_validate(struct crypt_device *cd, json_object *hdr_jobj)
 877 {
 878         const keyslot_handler *h;
 879         int keyslot;
 880         json_object *jobj_keyslots, *jobj_type;
 881         uint32_t reqs, reencrypt_count = 0;
 882         struct luks2_hdr dummy = {
 883                 .jobj = hdr_jobj
 884         };
 885
 886         if (!json_object_object_get_ex(hdr_jobj, "keyslots", &jobj_keyslots))
 887                 return -EINVAL;
 888
 889         if (LUKS2_config_get_requirements(cd, &dummy, &reqs))
 890                 return -EINVAL;
 891
 892         json_object_object_foreach(jobj_keyslots, slot, val) {
 893                 keyslot = atoi(slot);
 894                 json_object_object_get_ex(val, "type", &jobj_type);
 895                 h = LUKS2_keyslot_handler_type(cd, json_object_get_string(jobj_type));
 896                 if (!h)
 897                         continue;
 898                 if (h->validate && h->validate(cd, val)) {
 899                         log_dbg(cd, "Keyslot type %s validation failed on keyslot %d.", h->name, keyslot);
 900                         return -EINVAL;
 901                 }
 902
 903                 if (!strcmp(h->name, "luks2") && LUKS2_get_keyslot_digests_count(hdr_jobj, keyslot) != 1) {
 904                         log_dbg(cd, "Keyslot %d is not assigned to exactly 1 digest.", keyslot);
 905                         return -EINVAL;
 906                 }
 907
 908                 if (!strcmp(h->name, "reencrypt"))
 909                         reencrypt_count++;
 910         }
 911
 912         if ((reqs & CRYPT_REQUIREMENT_ONLINE_REENCRYPT) && reencrypt_count == 0) {
 913                 log_dbg(cd, "Missing reencryption keyslot.");
 914                 return -EINVAL;
 915         }
 916
 917         if (!(reqs & CRYPT_REQUIREMENT_ONLINE_REENCRYPT) && reencrypt_count) {
 918                 log_dbg(cd, "Missing reencryption requirement flag.");
 919                 return -EINVAL;
 920         }
 921
 922         if (reencrypt_count > 1) {
 923                 log_dbg(cd, "Too many reencryption keyslots.");
 924                 return -EINVAL;
 925         }
 926
 927         return 0;
 928 }
 929
 930 void LUKS2_keyslots_repair(struct crypt_device *cd, json_object *jobj_keyslots)
 931 {
 932         const keyslot_handler *h;
 933         json_object *jobj_type;
 934
 935         json_object_object_foreach(jobj_keyslots, slot, val) {
 936                 UNUSED(slot);
 937                 if (!json_object_is_type(val, json_type_object) ||
 938                     !json_object_object_get_ex(val, "type", &jobj_type) ||
 939                     !json_object_is_type(jobj_type, json_type_string))
 940                         continue;
 941
 942                 h = LUKS2_keyslot_handler_type(cd, json_object_get_string(jobj_type));
 943                 if (h && h->repair)
 944                         h->repair(cd, val);
 945         }
 946 }
 947
 948 /* assumes valid header */
 949 int LUKS2_find_keyslot(struct luks2_hdr *hdr, const char *type)
 950 {
 951         int i;
 952         json_object *jobj_keyslot, *jobj_type;
 953
 954         if (!type)
 955                 return -EINVAL;
 956
 957         for (i = 0; i < LUKS2_KEYSLOTS_MAX; i++) {
 958                 jobj_keyslot = LUKS2_get_keyslot_jobj(hdr, i);
 959                 if (!jobj_keyslot)
 960                         continue;
 961
 962                 json_object_object_get_ex(jobj_keyslot, "type", &jobj_type);
 963                 if (!strcmp(json_object_get_string(jobj_type), type))
 964                         return i;
 965         }
 966
 967         return -ENOENT;
 968 }