From a9d9a2ad4466432323226f482d4e1d53844c12a3 Mon Sep 17 00:00:00 2001
From: Milan Broz <gmazyland@gmail.com>
Date: Mon, 18 Jun 2012 17:09:48 +0200
Subject: [PATCH 1/1] Fix hex_to_bytes and add it to common utils.

---
 lib/libdevmapper.c | 47 +++++++++++++++++------------------------------
 lib/utils_crypt.c  | 26 ++++++++++++++++++++++++++
 lib/utils_crypt.h  |  2 ++
 po/POTFILES.in     |  1 +
 src/Makefile.am    |  1 +
 src/cryptsetup.h   |  2 ++
 src/veritysetup.c  | 35 +++++------------------------------
 tests/Makefile.am  |  7 +++++--
 8 files changed, 59 insertions(+), 62 deletions(-)

diff --git a/lib/libdevmapper.c b/lib/libdevmapper.c
index 149d297..7eaac7d 100644
--- a/lib/libdevmapper.c
+++ b/lib/libdevmapper.c
@@ -256,21 +256,6 @@ static void hex_key(char *hexkey, size_t key_size, const char *key)
 		sprintf(&hexkey[i * 2], "%02x", (unsigned char)key[i]);
 }
 
-static size_t hex_to_bytes(const char *hex, char *result)
-{
-	char buf[3] = "xx\0", *endp;
-	size_t i, len;
-
-	len = strlen(hex) / 2;
-	for (i = 0; i < len; i++) {
-		memcpy(buf, &hex[i * 2], 2);
-		result[i] = strtoul(buf, &endp, 16);
-		if (endp != &buf[2])
-			return -EINVAL;
-	}
-	return i;
-}
-
 /* http://code.google.com/p/cryptsetup/wiki/DMCrypt */
 static char *get_dm_crypt_params(struct crypt_dm_active_device *dmd)
 {
@@ -820,7 +805,7 @@ static int _dm_query_verity(uint32_t get_flags,
 	struct crypt_params_verity *vp = NULL;
 	uint32_t val32;
 	uint64_t val64;
-	size_t len;
+	ssize_t len;
 	char *str, *str2;
 
 	if (get_flags & DM_ACTIVE_VERITY_PARAMS)
@@ -895,28 +880,30 @@ static int _dm_query_verity(uint32_t get_flags,
 	str = strsep(&params, " ");
 	if (!params)
 		return -EINVAL;
-	len = strlen(str) / 2;
+	len = crypt_hex_to_bytes(str, &str2, 0);
+	if (len < 0)
+		return len;
 	dmd->u.verity.root_hash_size = len;
-	if (get_flags & DM_ACTIVE_VERITY_ROOT_HASH) {
-		if (!(str2 = malloc(len)))
-			return -ENOMEM;
-		if (hex_to_bytes(str, str2) != len)
-			return -EINVAL;
+	if (get_flags & DM_ACTIVE_VERITY_ROOT_HASH)
 		dmd->u.verity.root_hash = str2;
-	}
+	else
+		free(str2);
 
 	/* salt */
 	str = strsep(&params, " ");
 	if (params)
 		return -EINVAL;
 	if (vp) {
-		len = strlen(str) / 2;
-		vp->salt_size = len;
-		if (!(str2 = malloc(len)))
-			return -ENOMEM;
-		if (hex_to_bytes(str, str2) != len)
-			return -EINVAL;
-		vp->salt = str2;
+		if (!strcmp(str, "-")) {
+			vp->salt_size = 0;
+			vp->salt = NULL;
+		} else {
+			len = crypt_hex_to_bytes(str, &str2, 0);
+			if (len < 0)
+				return len;
+			vp->salt_size = len;
+			vp->salt = str2;
+		}
 	}
 
 	return 0;
diff --git a/lib/utils_crypt.c b/lib/utils_crypt.c
index 1fe9555..dd7496a 100644
--- a/lib/utils_crypt.c
+++ b/lib/utils_crypt.c
@@ -397,3 +397,29 @@ out_err:
 		crypt_safe_free(pass);
 	return r;
 }
+
+ssize_t crypt_hex_to_bytes(const char *hex, char **result, int safe_alloc)
+{
+	char buf[3] = "xx\0", *endp, *bytes;
+	size_t i, len;
+
+	len = strlen(hex);
+	if (len % 2)
+		return -EINVAL;
+	len /= 2;
+
+	bytes = safe_alloc ? crypt_safe_alloc(len) : malloc(len);
+	if (!bytes)
+		return -ENOMEM;
+
+	for (i = 0; i < len; i++) {
+		memcpy(buf, &hex[i * 2], 2);
+		bytes[i] = strtoul(buf, &endp, 16);
+		if (endp != &buf[2]) {
+			safe_alloc ? crypt_safe_free(bytes) : free(bytes);
+			return -EINVAL;
+		}
+	}
+	*result = bytes;
+	return i;
+}
diff --git a/lib/utils_crypt.h b/lib/utils_crypt.h
index 1b22b14..7c4cb1c 100644
--- a/lib/utils_crypt.h
+++ b/lib/utils_crypt.h
@@ -43,4 +43,6 @@ void *crypt_safe_alloc(size_t size);
 void crypt_safe_free(void *data);
 void *crypt_safe_realloc(void *data, size_t size);
 
+ssize_t crypt_hex_to_bytes(const char *hex, char **result, int safe_alloc);
+
 #endif /* _UTILS_CRYPT_H */
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 4de1075..16b7723 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -16,3 +16,4 @@ lib/verity/verity.c
 lib/verity/verity_hash.c
 src/cryptsetup.c
 src/veritysetup.c
+src/cryptsetup_reencrypt.c
diff --git a/src/Makefile.am b/src/Makefile.am
index a826446..60e740d 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -41,6 +41,7 @@ endif
 if VERITYSETUP
 
 veritysetup_SOURCES = \
+	$(top_builddir)/lib/utils_crypt.c	\
 	$(top_builddir)/lib/utils_loop.c	\
 	veritysetup.c				\
 	cryptsetup.h
diff --git a/src/cryptsetup.h b/src/cryptsetup.h
index 784c521..a966f81 100644
--- a/src/cryptsetup.h
+++ b/src/cryptsetup.h
@@ -31,6 +31,8 @@
 
 #include "libcryptsetup.h"
 
+#define CONST_CAST(x) (x)(uintptr_t)
+
 #define DEFAULT_CIPHER(type)	(DEFAULT_##type##_CIPHER "-" DEFAULT_##type##_MODE)
 
 #define log_dbg(x...) clogger(NULL, CRYPT_LOG_DEBUG, __FILE__, __LINE__, x)
diff --git a/src/veritysetup.c b/src/veritysetup.c
index 7de039b..04691ba 100644
--- a/src/veritysetup.c
+++ b/src/veritysetup.c
@@ -50,31 +50,6 @@ static int opt_version_mode = 0;
 static const char **action_argv;
 static int action_argc;
 
-static size_t hex_to_bytes(const char *hex, char **result)
-{
-	char buf[3] = "xx\0", *endp, *bytes;
-	size_t i, len;
-
-	len = strlen(hex);
-	if (len % 2)
-		return -EINVAL;
-	len /= 2;
-
-	if (!(bytes = malloc(len)))
-		return -ENOMEM;
-
-	for (i = 0; i < len; i++) {
-		memcpy(buf, &hex[i * 2], 2);
-		bytes[i] = strtoul(buf, &endp, 16);
-		if (endp != &buf[2]) {
-			free(bytes);
-			return -EINVAL;
-		}
-	}
-	*result = bytes;
-	return i;
-}
-
 __attribute__((format(printf, 5, 6)))
 static void clogger(struct crypt_device *cd, int level, const char *file,
 		   int line, const char *format, ...)
@@ -138,7 +113,7 @@ static int _prepare_format(struct crypt_params_verity *params,
 		params->salt_size = 0;
 		params->salt = NULL;
 	} else if (salt_string) {
-		len = hex_to_bytes(salt_string, &salt);
+		len = crypt_hex_to_bytes(salt_string, &salt, 0);
 		if (len < 0) {
 			log_err(_("Invalid salt string specified.\n"));
 			return -EINVAL;
@@ -182,7 +157,7 @@ static int action_format(int arg)
 		crypt_dump(cd);
 out:
 	crypt_free(cd);
-	free((char*)params.salt);
+	free(CONST_CAST(char*)params.salt);
 	return r;
 }
 
@@ -196,7 +171,7 @@ static int _activate(const char *dm_device,
 	struct crypt_params_verity params = {};
 	uint32_t activate_flags = CRYPT_ACTIVATE_READONLY;
 	char *root_hash_bytes = NULL;
-	size_t hash_size;
+	ssize_t hash_size;
 	int r;
 
 	if ((r = crypt_init(&cd, hash_device)))
@@ -219,7 +194,7 @@ static int _activate(const char *dm_device,
 		goto out;
 
 	hash_size = crypt_get_volume_key_size(cd);
-	if (hex_to_bytes(root_hash, &root_hash_bytes) != hash_size) {
+	if (crypt_hex_to_bytes(root_hash, &root_hash_bytes, 0) != hash_size) {
 		log_err(_("Invalid root hash string specified.\n"));
 		r = -EINVAL;
 		goto out;
@@ -231,7 +206,7 @@ static int _activate(const char *dm_device,
 out:
 	crypt_free(cd);
 	free(root_hash_bytes);
-	free((char*)params.salt);
+	free(CONST_CAST(char*)params.salt);
 	return r;
 }
 
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 0d7f191..a3479b3 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -1,5 +1,8 @@
-TESTS = api-test compat-test loopaes-test align-test discards-test mode-test password-hash-test \
-	verity-compat-test
+TESTS = api-test compat-test loopaes-test align-test discards-test mode-test password-hash-test
+
+if VERITYSETUP
+TESTS += verity-compat-test
+endif
 
 if REENCRYPT
 TESTS += reencryption-compat-test
-- 
2.7.4