r = crypt_cipher_init(&cipher, "blowfish", "ecb",
&key[alg->key_offset], alg->key_size);
if (r < 0)
- goto out;
+ return r;
memcpy(iv, &key[alg->iv_offset], alg->iv_size);
for (i = 0; i < TCRYPT_HDR_LEN; i += bs) {
bs, NULL, 0);
blowfish_le(&buf[i]);
if (r < 0)
- goto out;
+ break;
for (j = 0; j < bs; j++)
buf[i + j] ^= iv[j];
memcpy(iv, iv_old, bs);
}
-out:
+
crypt_cipher_destroy(cipher);
return r;
}
continue;
r = decrypt_hdr_one(&tcrypt_cipher[i].cipher[j],
tcrypt_cipher[i].mode, key, &hdr2);
- if (r < 0) {
- log_dbg("Error %s.", tcrypt_cipher[i].cipher[j].name);
+ if (r < 0)
break;
- }
+ }
+
+ if (r < 0) {
+ log_dbg("TCRYPT: returned error %d, skipped.", r);
+ if (r == -ENOTSUP)
+ break;
+ r = -ENOENT;
+ continue;
}
if (!strncmp(hdr2.d.magic, TCRYPT_HDR_MAGIC, TCRYPT_HDR_MAGIC_LEN)) {
unsigned char pwd[TCRYPT_KEY_POOL_LEN] = {};
size_t passphrase_size;
char *key;
- int r = -EINVAL, i, legacy_modes;
+ int r = -EINVAL, i, legacy_modes, skipped = 0;
if (posix_memalign((void*)&key, crypt_getpagesize(), TCRYPT_HDR_KEY_LEN))
return -ENOMEM;
/* Decrypt header */
r = decrypt_hdr(cd, hdr, key, legacy_modes);
+ if (r == -ENOENT) {
+ skipped++;
+ continue;
+ }
if (r != -EPERM)
break;
}
+ if (skipped == i || r == -ENOTSUP)
+ log_err(cd, _("Required kernel crypto interface not available.\n"
+ "Ensure you have algif_skcipher kernel module loaded.\n"));
if (r < 0)
goto out;