X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=lib%2Fluks1%2Fluks.h;h=d54276efde6aec1e2e9ed24a404eb5cf2baed7a9;hb=322b430a2589cdc7985e98a14ec12322b91c9d5e;hp=d188438596ba73c32fd2c3e32eeb4795de2e492f;hpb=014206399ae0a6bd4499595c2f6527dc30d3cae5;p=platform%2Fupstream%2Fcryptsetup.git diff --git a/lib/luks1/luks.h b/lib/luks1/luks.h index d188438..d54276e 100644 --- a/lib/luks1/luks.h +++ b/lib/luks1/luks.h @@ -1,3 +1,24 @@ +/* + * LUKS - Linux Unified Key Setup + * + * Copyright (C) 2004-2006 Clemens Fruhwirth + * Copyright (C) 2009-2020 Red Hat, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + */ + #ifndef INCLUDED_CRYPTSETUP_LUKS_LUKS_H #define INCLUDED_CRYPTSETUP_LUKS_LUKS_H @@ -19,6 +40,9 @@ #define LUKS_MKD_ITERATIONS_MIN 1000 #define LUKS_SLOT_ITERATIONS_MIN 1000 +// Iteration time for digest in ms +#define LUKS_MKD_ITERATIONS_MS 125 + #define LUKS_KEY_DISABLED_OLD 0 #define LUKS_KEY_ENABLED_OLD 0xCAFE @@ -31,18 +55,20 @@ #define LUKS_MAGIC {'L','U','K','S', 0xba, 0xbe}; #define LUKS_MAGIC_L 6 -#define LUKS_PHDR_SIZE (sizeof(struct luks_phdr)/SECTOR_SIZE+1) - /* Actually we need only 37, but we don't want struct autoaligning to kick in */ #define UUID_STRING_L 40 /* Offset to keyslot area [in bytes] */ #define LUKS_ALIGN_KEYSLOTS 4096 +/* Maximal LUKS header size, for wipe [in bytes] */ +#define LUKS_MAX_KEYSLOT_SIZE 0x1000000 /* 16 MB, up to 32768 bits key */ + /* Any integer values are stored in network byte order on disk and must be converted */ struct volume_key; +struct device_backend; struct luks_phdr { char magic[LUKS_MAGIC_L]; @@ -76,69 +102,61 @@ struct luks_phdr { int LUKS_verify_volume_key(const struct luks_phdr *hdr, const struct volume_key *vk); -int LUKS_generate_phdr( - struct luks_phdr *header, +int LUKS_check_cipher(struct crypt_device *ctx, + size_t keylength, + const char *cipher, + const char *cipher_mode); + +int LUKS_generate_phdr(struct luks_phdr *header, const struct volume_key *vk, const char *cipherName, const char *cipherMode, const char *hashSpec, const char *uuid, - unsigned int stripes, - unsigned int alignPayload, - unsigned int alignOffset, - uint32_t iteration_time_ms, - uint64_t *PBKDF2_per_sec, + uint64_t data_offset, + uint64_t align_offset, + uint64_t required_alignment, struct crypt_device *ctx); int LUKS_read_phdr( - const char *device, struct luks_phdr *hdr, int require_luks_device, + int repair, struct crypt_device *ctx); int LUKS_read_phdr_backup( const char *backup_file, - const char *device, struct luks_phdr *hdr, int require_luks_device, struct crypt_device *ctx); int LUKS_hdr_uuid_set( - const char *device, struct luks_phdr *hdr, const char *uuid, struct crypt_device *ctx); int LUKS_hdr_backup( const char *backup_file, - const char *device, - struct luks_phdr *hdr, struct crypt_device *ctx); int LUKS_hdr_restore( const char *backup_file, - const char *device, struct luks_phdr *hdr, struct crypt_device *ctx); int LUKS_write_phdr( - const char *device, struct luks_phdr *hdr, struct crypt_device *ctx); int LUKS_set_key( - const char *device, unsigned int keyIndex, const char *password, size_t passwordLen, struct luks_phdr *hdr, struct volume_key *vk, - uint32_t iteration_time_ms, - uint64_t *PBKDF2_per_sec, struct crypt_device *ctx); int LUKS_open_key_with_hdr( - const char *device, int keyIndex, const char *password, size_t passwordLen, @@ -147,30 +165,30 @@ int LUKS_open_key_with_hdr( struct crypt_device *ctx); int LUKS_del_key( - const char *device, unsigned int keyIndex, struct luks_phdr *hdr, struct crypt_device *ctx); +int LUKS_wipe_header_areas(struct luks_phdr *hdr, + struct crypt_device *ctx); + crypt_keyslot_info LUKS_keyslot_info(struct luks_phdr *hdr, int keyslot); int LUKS_keyslot_find_empty(struct luks_phdr *hdr); int LUKS_keyslot_active_count(struct luks_phdr *hdr); -int LUKS_keyslot_set(struct luks_phdr *hdr, int keyslot, int enable); - -int LUKS_encrypt_to_storage( - char *src, size_t srcLength, - struct luks_phdr *hdr, - char *key, size_t keyLength, - const char *device, - unsigned int sector, - struct crypt_device *ctx); - -int LUKS_decrypt_from_storage( - char *dst, size_t dstLength, - struct luks_phdr *hdr, - char *key, size_t keyLength, - const char *device, - unsigned int sector, - struct crypt_device *ctx); +int LUKS_keyslot_set(struct luks_phdr *hdr, int keyslot, int enable, + struct crypt_device *ctx); +int LUKS_keyslot_area(const struct luks_phdr *hdr, + int keyslot, + uint64_t *offset, + uint64_t *length); +size_t LUKS_device_sectors(const struct luks_phdr *hdr); +size_t LUKS_keyslots_offset(const struct luks_phdr *hdr); +int LUKS_keyslot_pbkdf(struct luks_phdr *hdr, int keyslot, + struct crypt_pbkdf_type *pbkdf); + +int LUKS1_activate(struct crypt_device *cd, + const char *name, + struct volume_key *vk, + uint32_t flags); #endif