+static int create_new_header(struct reenc_ctx *rc, const char *cipher,
+ const char *cipher_mode, const char *uuid,
+ int key_size, struct crypt_params_luks1 *params)
+{
+ struct crypt_device *cd_new = NULL;
+ int i, r;
+
+ if ((r = crypt_init(&cd_new, rc->header_file_new)))
+ goto out;
+
+ if (opt_random)
+ crypt_set_rng_type(cd_new, CRYPT_RNG_RANDOM);
+ else if (opt_urandom)
+ crypt_set_rng_type(cd_new, CRYPT_RNG_URANDOM);
+
+ if (opt_iteration_time)
+ crypt_set_iteration_time(cd_new, opt_iteration_time);
+
+ if ((r = crypt_format(cd_new, CRYPT_LUKS1, cipher, cipher_mode,
+ uuid, NULL, key_size, params)))
+ goto out;
+ log_verbose(_("New LUKS header for device %s created.\n"), rc->device);
+
+ for (i = 0; i < MAX_SLOT; i++) {
+ if (!rc->p[i].password)
+ continue;
+ if ((r = crypt_keyslot_add_by_volume_key(cd_new, i,
+ NULL, 0, rc->p[i].password, rc->p[i].passwordLen)) < 0)
+ goto out;
+ log_verbose(_("Activated keyslot %i.\n"), r);
+ r = 0;
+ }
+out:
+ crypt_free(cd_new);
+ return r;
+}
+