Commit abe10085 authored by Milan Broz's avatar Milan Broz

Be more paranoid and wipe even intermediate AF keys.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@455 36d66b0a-2a48-0410-832c-cd162a569da5
parent 9d799327
......@@ -523,7 +523,7 @@ int LUKS_set_key(const char *device, unsigned int keyIndex,
struct crypt_device *ctx)
{
char derivedKey[hdr->keyBytes];
char *AfKey;
char *AfKey = NULL;
unsigned int AFEKSize;
uint64_t PBKDF2_temp;
int r;
......@@ -559,7 +559,8 @@ int LUKS_set_key(const char *device, unsigned int keyIndex,
r = crypt_random_get(ctx, hdr->keyblock[keyIndex].passwordSalt,
LUKS_SALTSIZE, CRYPT_RND_NORMAL);
if(r < 0) return r;
if (r < 0)
return r;
// assert((vk->keylength % TWOFISH_BLOCKSIZE) == 0); FIXME
......@@ -567,19 +568,24 @@ int LUKS_set_key(const char *device, unsigned int keyIndex,
hdr->keyblock[keyIndex].passwordSalt,LUKS_SALTSIZE,
hdr->keyblock[keyIndex].passwordIterations,
derivedKey, hdr->keyBytes);
if(r < 0) return r;
if (r < 0)
goto out;
/*
* AF splitting, the masterkey stored in vk->key is splitted to AfMK
*/
AFEKSize = hdr->keyblock[keyIndex].stripes*vk->keylength;
AfKey = (char *)malloc(AFEKSize);
if(AfKey == NULL) return -ENOMEM;
AfKey = crypt_safe_alloc(AFEKSize);
if (!AfKey) {
r = -ENOMEM;
goto out;
}
log_dbg("Using hash %s for AF in key slot %d, %d stripes",
hdr->hashSpec, keyIndex, hdr->keyblock[keyIndex].stripes);
r = AF_split(vk->key,AfKey,vk->keylength,hdr->keyblock[keyIndex].stripes,hdr->hashSpec);
if(r < 0) goto out;
if (r < 0)
goto out;
log_dbg("Updating key slot %d [0x%04x] area on device %s.", keyIndex,
hdr->keyblock[keyIndex].keyMaterialOffset << 9, device);
......@@ -592,7 +598,7 @@ int LUKS_set_key(const char *device, unsigned int keyIndex,
device,
hdr->keyblock[keyIndex].keyMaterialOffset,
ctx);
if(r < 0) {
if (r < 0) {
if(!get_error())
log_err(ctx, _("Failed to write to key storage.\n"));
goto out;
......@@ -600,14 +606,17 @@ int LUKS_set_key(const char *device, unsigned int keyIndex,
/* Mark the key as active in phdr */
r = LUKS_keyslot_set(hdr, (int)keyIndex, 1);
if(r < 0) goto out;
if (r < 0)
goto out;
r = LUKS_write_phdr(device, hdr, ctx);
if(r < 0) goto out;
if (r < 0)
goto out;
r = 0;
out:
free(AfKey);
crypt_safe_free(AfKey);
memset(derivedKey, 0, sizeof(derivedKey));
return r;
}
......@@ -653,14 +662,16 @@ static int LUKS_open_key(const char *device,
// assert((vk->keylength % TWOFISH_BLOCKSIZE) == 0); FIXME
AFEKSize = hdr->keyblock[keyIndex].stripes*vk->keylength;
AfKey = (char *)malloc(AFEKSize);
if(AfKey == NULL) return -ENOMEM;
AfKey = crypt_safe_alloc(AFEKSize);
if (!AfKey)
return -ENOMEM;
r = PBKDF2_HMAC(hdr->hashSpec, password,passwordLen,
hdr->keyblock[keyIndex].passwordSalt,LUKS_SALTSIZE,
hdr->keyblock[keyIndex].passwordIterations,
derivedKey, hdr->keyBytes);
if(r < 0) goto out;
if (r < 0)
goto out;
log_dbg("Reading key slot %d area.", keyIndex);
r = LUKS_decrypt_from_storage(AfKey,
......@@ -671,19 +682,21 @@ static int LUKS_open_key(const char *device,
device,
hdr->keyblock[keyIndex].keyMaterialOffset,
ctx);
if(r < 0) {
if (r < 0) {
log_err(ctx, _("Failed to read from key storage.\n"));
goto out;
}
r = AF_merge(AfKey,vk->key,vk->keylength,hdr->keyblock[keyIndex].stripes,hdr->hashSpec);
if(r < 0) goto out;
if (r < 0)
goto out;
r = LUKS_verify_volume_key(hdr, vk);
if (!r)
log_verbose(ctx, _("Key slot %d unlocked.\n"), keyIndex);
out:
free(AfKey);
crypt_safe_free(AfKey);
memset(derivedKey, 0, sizeof(derivedKey));
return r;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment