Commit 0f6b2cfd authored by Ondrej Kozina's avatar Ondrej Kozina Committed by Milan Broz

Wipe all device signatures in luksFormat action.

parent 30d109c0
......@@ -921,7 +921,7 @@ static int action_luksFormat(void)
const char *header_device, *type;
char *msg = NULL, *key = NULL, *password = NULL;
char cipher [MAX_CIPHER_LEN], cipher_mode[MAX_CIPHER_LEN], integrity[MAX_CIPHER_LEN];
size_t passwordLen;
size_t passwordLen, signatures;
struct crypt_device *cd = NULL;
struct crypt_params_luks1 params1 = {
.hash = opt_hash ?: DEFAULT_LUKS1_HASH,
......@@ -980,15 +980,19 @@ static int action_luksFormat(void)
header_device = opt_header_device ?: action_argv[0];
/* Print all present signatures in read-only mode */
r = tools_detect_signatures(header_device, 0, &signatures);
if (r < 0)
return r;
r = asprintf(&msg, _("This will overwrite data on %s irrevocably."), header_device);
if (r == -1) {
r = -ENOMEM;
goto out;
}
if (r == -1)
return -ENOMEM;
r = yesDialog(msg, _("Operation aborted.\n")) ? 0 : -EINVAL;
free(msg);
if (r < 0)
goto out;
return r;
r = crypt_parse_name_and_mode(opt_cipher ?: DEFAULT_CIPHER(LUKS1),
cipher, NULL, cipher_mode);
......@@ -1014,7 +1018,7 @@ static int action_luksFormat(void)
if ((r = crypt_init(&cd, header_device))) {
if (opt_header_device)
log_err(_("Cannot use %s as on-disk header."), header_device);
goto out;
return r;
}
keysize = (opt_key_size ?: DEFAULT_LUKS1_KEYBITS) / 8 + integrity_keysize;
......@@ -1042,6 +1046,10 @@ static int action_luksFormat(void)
goto out;
}
/* Signature candidates found */
if (signatures && ((r = tools_wipe_all_signatures(header_device)) < 0))
goto out;
r = crypt_format(cd, type, cipher, cipher_mode,
opt_uuid, key, keysize, params);
check_signal(&r);
......@@ -1051,7 +1059,7 @@ static int action_luksFormat(void)
r = crypt_keyslot_add_by_volume_key(cd, opt_key_slot,
key, keysize,
password, passwordLen);
if (r < 0)
if (r < 0) /* FIXME: call wipe signatures again */
goto out;
if (opt_integrity && !opt_integrity_no_wipe)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment