X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=lib%2Flibcryptsetup.h;h=ff3144acb17fe88f608946370485e81dc55979a2;hb=c040b4821dc850e1da892dd8b1612033041cf215;hp=04c53fb5445898742f1c4aadda4fb3d4ae1547b4;hpb=bd494d23c5516f5b60ca031862373634d0aba64e;p=platform%2Fupstream%2Fcryptsetup.git

diff --git a/lib/libcryptsetup.h b/lib/libcryptsetup.h
index 04c53fb..ff3144a 100644
--- a/lib/libcryptsetup.h
+++ b/lib/libcryptsetup.h
@@ -4,10 +4,12 @@
  * Copyright (C) 2004, Christophe Saout <christophe@saout.de>
  * Copyright (C) 2004-2007, Clemens Fruhwirth <clemens@endorphin.org>
  * Copyright (C) 2009-2012, Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2009-2012, Milan Broz
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License
- * version 2 as published by the Free Software Foundation.
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
  *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -395,6 +397,8 @@ struct crypt_params_verity {
 #define CRYPT_TCRYPT_HIDDEN_HEADER   (1 << 1)
 /** Try to load backup header */
 #define CRYPT_TCRYPT_BACKUP_HEADER   (1 << 2)
+/** Device contains encrypted system (with boot loader) */
+#define CRYPT_TCRYPT_SYSTEM_HEADER   (1 << 3)
 
 struct crypt_params_tcrypt {
 	const char *passphrase;    /**< passphrase to unlock header (input only) */
@@ -599,6 +603,33 @@ int crypt_keyslot_add_by_passphrase(struct crypt_device *cd,
 	size_t new_passphrase_size);
 
 /**
+ * Change defined key slot using provided passphrase
+ *
+ * @pre @e cd contains initialized and formatted LUKS device context
+ *
+ * @param cd crypt device handle
+ * @param keyslot_old old keyslot or @e CRYPT_ANY_SLOT
+ * @param keyslot_new new keyslot (can be the same as old)
+ * @param passphrase passphrase used to unlock volume key, @e NULL for query
+ * @param passphrase_size size of passphrase (binary data)
+ * @param new_passphrase passphrase for new keyslot, @e NULL for query
+ * @param new_passphrase_size size of @e new_passphrase (binary data)
+ *
+ * @return allocated key slot number or negative errno otherwise.
+ *
+ * @note This function is just internal implementation of luksChange
+ * command to avoid reading of volume key outside libcryptsetup boundary
+ * in FIPS mode.
+ */
+int crypt_keyslot_change_by_passphrase(struct crypt_device *cd,
+	int keyslot_old,
+	int keyslot_new,
+	const char *passphrase,
+	size_t passphrase_size,
+	const char *new_passphrase,
+	size_t new_passphrase_size);
+
+/**
 * Add key slot using provided key file path
  *
  * @pre @e cd contains initialized and formatted LUKS device context