3 # all in 512 bytes blocks (including binary hdr (4KiB))
4 LUKS2_HDR_SIZE=32 # 16 KiB
5 LUKS2_HDR_SIZE_32K=64 # 32 KiB
6 LUKS2_HDR_SIZE_64K=128 # 64 KiB
7 LUKS2_HDR_SIZE_128K=256 # 128 KiB
8 LUKS2_HDR_SIZE_256K=512 # 256 KiB
9 LUKS2_HDR_SIZE_512K=1024 # 512 KiB
10 LUKS2_HDR_SIZE_1M=2048 # 1 MiB
11 LUKS2_HDR_SIZE_2M=4096 # 2 MiB
12 LUKS2_HDR_SIZE_4M=8192 # 4 MiB
14 LUKS2_BIN_HDR_SIZE=8 # 4 KiB
15 LUKS2_JSON_SIZE=$((LUKS2_HDR_SIZE-LUKS2_BIN_HDR_SIZE))
17 LUKS2_BIN_HDR_CHKS_OFFSET=0x1C0
18 LUKS2_BIN_HDR_CHKS_LENGTH=64
20 [ -z "$srcdir" ] && srcdir="."
23 # to be set by individual generator
28 printf "$1"'%.0s' $(eval "echo {1.."$(($2))"}");
34 [[ $x = $1 ]] && echo -1 || echo ${#x}
37 function test_img_name()
39 local str=$(basename $1)
45 # read primary bin hdr
47 function read_luks2_bin_hdr0()
49 _dd if=$1 of=$2 bs=512 count=$LUKS2_BIN_HDR_SIZE
52 # read primary json area
53 # 1:from 2:to 3:[json only size (defaults to 12KiB)]
54 function read_luks2_json0()
56 local _js=${4:-$LUKS2_JSON_SIZE}
57 local _js=$((_js*512/4096))
58 _dd if=$1 of=$2 bs=4096 skip=1 count=$_js
61 # read secondary bin hdr
62 # 1:from 2:to 3:[metadata size (defaults to 16KiB)]
63 function read_luks2_bin_hdr1()
65 _dd if=$1 of=$2 skip=${3:-$LUKS2_HDR_SIZE} bs=512 count=$LUKS2_BIN_HDR_SIZE
68 # read secondary json area
69 # 1:from 2:to 3:[json only size (defaults to 12KiB)]
70 function read_luks2_json1()
72 local _js=${3:-$LUKS2_JSON_SIZE}
73 _dd if=$1 of=$2 bs=512 skip=$((2*LUKS2_BIN_HDR_SIZE+_js)) count=$_js
76 # read primary metadata area (bin + json)
77 # 1:from 2:to 3:[metadata size (defaults to 16KiB)]
78 function read_luks2_hdr_area0()
80 local _as=${3:-$LUKS2_HDR_SIZE}
81 local _as=$((_as*512))
82 _dd if=$1 of=$2 bs=$_as count=1
85 # read secondary metadata area (bin + json)
86 # 1:from 2:to 3:[metadata size (defaults to 16KiB)]
87 function read_luks2_hdr_area1()
89 local _as=${3:-$LUKS2_HDR_SIZE}
90 local _as=$((_as*512))
91 _dd if=$1 of=$2 bs=$_as skip=1 count=1
94 # write secondary bin hdr
95 # 1:from 2:to 3:[metadata size (defaults to 16KiB)]
96 function write_luks2_bin_hdr1()
98 _dd if=$1 of=$2 bs=512 seek=${3:-$LUKS2_HDR_SIZE} count=$LUKS2_BIN_HDR_SIZE conv=notrunc
101 # write primary metadata area (bin + json)
102 # 1:from 2:to 3:[metadata size (defaults to 16KiB)]
103 function write_luks2_hdr0()
105 local _as=${3:-$LUKS2_HDR_SIZE}
106 local _as=$((_as*512))
107 _dd if=$1 of=$2 bs=$_as count=1 conv=notrunc
110 # write secondary metadata area (bin + json)
111 # 1:from 2:to 3:[metadata size (defaults to 16KiB)]
112 function write_luks2_hdr1()
114 local _as=${3:-$LUKS2_HDR_SIZE}
115 local _as=$((_as*512))
116 _dd if=$1 of=$2 bs=$_as seek=1 count=1 conv=notrunc
119 # write json (includes padding)
120 # 1:json_string 2:to 3:[json size (defaults to 12KiB)]
121 function write_luks2_json()
123 local _js=${3:-$LUKS2_JSON_SIZE}
126 truncate -s $((_js*512)) $2
129 function kill_bin_hdr()
131 printf "VACUUM" | _dd of=$1 bs=1 conv=notrunc
134 function erase_checksum()
136 _dd if=/dev/zero of=$1 bs=1 seek=$(printf %d $LUKS2_BIN_HDR_CHKS_OFFSET) count=$LUKS2_BIN_HDR_CHKS_LENGTH conv=notrunc
139 function read_sha256_checksum()
141 _dd if=$1 bs=1 skip=$(printf %d $LUKS2_BIN_HDR_CHKS_OFFSET) count=32 | xxd -c 32 -p
144 # 1 - string with checksum
145 function write_checksum()
147 test $# -eq 2 || return 1
148 test $((${#1}/2)) -le $LUKS2_BIN_HDR_CHKS_LENGTH || { echo "too long"; return 1; }
150 echo $1 | xxd -r -p | _dd of=$2 bs=1 seek=$(printf %d $LUKS2_BIN_HDR_CHKS_OFFSET) conv=notrunc
153 function calc_sha256_checksum_file()
155 sha256sum $1 | cut -d ' ' -f 1
158 function calc_sha256_checksum_stdin()
160 sha256sum - | cut -d ' ' -f 1
163 # merge bin hdr with json to form metadata area
164 # 1:bin_hdr 2:json 3:to 4:[json size (defaults to 12KiB)]
165 function merge_bin_hdr_with_json()
167 local _js=${4:-$LUKS2_JSON_SIZE}
168 local _js=$((_js*512/4096))
169 _dd if=$1 of=$3 bs=4096 count=1
170 _dd if=$2 of=$3 bs=4096 seek=1 count=$_js
178 function write_bin_hdr_size() {
179 printf '%016x' $2 | xxd -r -p -l 16 | _dd of=$1 bs=8 count=1 seek=1 conv=notrunc
182 function write_bin_hdr_offset() {
183 printf '%016x' $2 | xxd -r -p -l 16 | _dd of=$1 bs=8 count=1 seek=32 conv=notrunc
186 # generic header helpers
187 # $TMPDIR/json0 - JSON hdr1
188 # $TMPDIR/json1 - JSON hdr2
189 # $TMPDIR/hdr0 - bin hdr1
190 # $TMPDIR/hdr1 - bin hdr2
192 # 1:target_dir 2:source_image
193 function lib_prepare()
195 test $# -eq 2 || exit 1
197 TGT_IMG=$1/$(test_img_name $0)
205 test -d $TMPDIR || mkdir $TMPDIR
206 read_luks2_json0 $TGT_IMG $TMPDIR/json0
207 read_luks2_json1 $TGT_IMG $TMPDIR/json1
208 read_luks2_bin_hdr0 $TGT_IMG $TMPDIR/hdr0
209 read_luks2_bin_hdr1 $TGT_IMG $TMPDIR/hdr1
212 function lib_cleanup()
218 function lib_mangle_json_hdr0()
222 local kill_hdr=${3:-}
224 merge_bin_hdr_with_json $TMPDIR/hdr0 $TMPDIR/json0 $TMPDIR/area0 $jsn_sz
225 erase_checksum $TMPDIR/area0
226 CHKS0=$(calc_sha256_checksum_file $TMPDIR/area0)
227 write_checksum $CHKS0 $TMPDIR/area0
228 test -n "$kill_hdr" && kill_bin_hdr $TMPDIR/area0
229 write_luks2_hdr0 $TMPDIR/area0 $TGT_IMG $mda_sz
232 function lib_mangle_json_hdr1()
236 local kill_hdr=${3:-}
238 merge_bin_hdr_with_json $TMPDIR/hdr1 $TMPDIR/json1 $TMPDIR/area1 $jsn_sz
239 erase_checksum $TMPDIR/area1
240 CHKS1=$(calc_sha256_checksum_file $TMPDIR/area1)
241 write_checksum $CHKS1 $TMPDIR/area1
242 test -n "$kill_hdr" && kill_bin_hdr $TMPDIR/area1
243 write_luks2_hdr1 $TMPDIR/area1 $TGT_IMG $mda_sz
246 function lib_mangle_json_hdr0_kill_hdr1()
250 kill_bin_hdr $TMPDIR/hdr1
251 write_luks2_hdr1 $TMPDIR/hdr1 $TGT_IMG
254 function lib_hdr0_killed()
258 read_luks2_bin_hdr0 $TGT_IMG $TMPDIR/hdr_res0 $mda_sz
259 local str_res0=$(head -c 6 $TMPDIR/hdr_res0)
260 test "$str_res0" = "VACUUM"
263 function lib_hdr1_killed()
267 read_luks2_bin_hdr1 $TGT_IMG $TMPDIR/hdr_res1 $mda_sz
268 local str_res1=$(head -c 6 $TMPDIR/hdr_res1)
269 test "$str_res1" = "VACUUM"
272 function lib_hdr0_checksum()
274 local chks_res0=$(read_sha256_checksum $TGT_IMG)
275 test "$CHKS0" = "$chks_res0"
278 function lib_hdr1_checksum()
280 read_luks2_bin_hdr1 $TGT_IMG $TMPDIR/hdr_res1
281 local chks_res1=$(read_sha256_checksum $TMPDIR/hdr_res1)
282 test "$CHKS1" = "$chks_res1"