Commit ef4484ab authored by Milan Broz's avatar Milan Broz

Remove python bindings in favour of liblockdev.

parent 9e7f9f34
......@@ -25,8 +25,6 @@ tmpfilesd_DATA =
include man/Makemodule.am
include python/Makemodule.am
include scripts/Makemodule.am
if CRYPTO_INTERNAL_ARGON2
......@@ -40,7 +38,6 @@ include src/Makemodule.am
ACLOCAL_AMFLAGS = -I m4
DISTCHECK_CONFIGURE_FLAGS = \
--enable-python \
--with-tmpfilesdir=$$dc_install_base/usr/lib/tmpfiles.d \
--enable-internal-argon2 --enable-internal-sse-argon2
......
......@@ -546,35 +546,6 @@ AC_DEFUN([CS_ABSPATH], [
esac
])
dnl ==========================================================================
dnl Python bindings
AC_ARG_ENABLE([python],
AS_HELP_STRING([--enable-python], [enable Python bindings]))
AC_ARG_WITH([python_version],
AS_HELP_STRING([--with-python_version=VERSION], [required Python version [2.6]]),
[PYTHON_VERSION=$withval], [PYTHON_VERSION=2.6])
if test "x$enable_python" = "xyes"; then
AM_PATH_PYTHON([$PYTHON_VERSION])
AC_PATH_PROGS([PYTHON_CONFIG], [python${PYTHON_VERSION}-config python-config], [no])
if test "${PYTHON_CONFIG}" = "no"; then
AC_MSG_ERROR([cannot find python${PYTHON_VERSION}-config or python-config in PATH])
fi
AC_MSG_CHECKING(for python headers using $PYTHON_CONFIG --includes)
PYTHON_INCLUDES=$($PYTHON_CONFIG --includes)
AC_MSG_RESULT($PYTHON_INCLUDES)
AC_SUBST(PYTHON_INCLUDES)
AC_MSG_CHECKING(for python libraries using $PYTHON_CONFIG --libs)
PYTHON_LIBS=$($PYTHON_CONFIG --libs)
AC_MSG_RESULT($PYTHON_LIBS)
AC_SUBST(PYTHON_LIBS)
fi
AM_CONDITIONAL([PYTHON_CRYPTSETUP], [test "x$enable_python" = "xyes"])
dnl ==========================================================================
CS_STR_WITH([plain-hash], [password hashing function for plain mode], [ripemd160])
CS_STR_WITH([plain-cipher], [cipher for plain mode], [aes])
......
EXTRA_DIST += python/pycryptsetup-test.py
CLEANFILES += python/*.img
if PYTHON_CRYPTSETUP
TESTS += python/pycryptsetup-test.py
pyexec_LTLIBRARIES = pycryptsetup.la
pycryptsetup_la_SOURCES = python/pycryptsetup.c
pycryptsetup_la_CPPFLAGS = $(AM_CPPFLAGS) $(PYTHON_CPPFLAGS) $(PYTHON_INCLUDES) -fno-strict-aliasing
pycryptsetup_la_LDFLAGS = -avoid-version -module -shared -export-dynamic
pycryptsetup_la_LIBADD = libcryptsetup.la $(PYTHON_LIBS)
endif
#!/usr/bin/python
#
# Python bindings to libcryptsetup test
#
# Copyright (C) 2011-2018, Red Hat, Inc. All rights reserved.
#
# This file is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2.1 of the License, or (at your option) any later version.
#
# This file is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this file; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
from __future__ import print_function
import sys
import os
sys.path.insert(0, ".libs")
import pycryptsetup
IMG = "test.img"
PASSWORD = "password"
PASSWORD2 = "password2"
DEVICE = "pycryptsetup_test_dev"
def log(level, txt):
if level == pycryptsetup.CRYPT_LOG_ERROR:
print(txt,end="")
return
def askyes(txt):
print("Question:", txt)
return 1
def print_status(c):
r = c.status()
print("status :",end="")
if r == pycryptsetup.CRYPT_ACTIVE:
print("ACTIVE")
elif r == pycryptsetup.CRYPT_INACTIVE:
print("INACTIVE")
else:
print("ERROR")
return
if os.geteuid() != 0:
print("WARNING: You must be root to run this test, test skipped.")
sys.exit(77)
os.system("dd if=/dev/zero of=" + IMG + " bs=1M count=32 >/dev/null 2>&1")
c = pycryptsetup.CryptSetup(
device = IMG,
name = DEVICE,
yesDialog = askyes,
logFunc = log)
#c.debugLevel(pycryptsetup.CRYPT_DEBUG_ALL);
c.debugLevel(pycryptsetup.CRYPT_DEBUG_NONE);
c.iterationTime(1)
r = c.isLuks()
print("isLuks :", r)
c.askyes(message = "Is there anybody out there?")
c.log(priority = pycryptsetup.CRYPT_LOG_ERROR, message = "Nobody there...\n")
c.luksFormat(cipher = "aes", cipherMode= "xts-plain64", keysize = 512, hashMode = "sha256")
print("isLuks :", c.isLuks())
print("luksUUID:", c.luksUUID())
print("addKeyVK:", c.addKeyByVolumeKey(newPassphrase = PASSWORD, slot = 2))
print("addKeyP :", c.addKeyByPassphrase(passphrase = PASSWORD,
newPassphrase = PASSWORD2, slot = 3))
print("removeP :", c.removePassphrase(passphrase = PASSWORD2))
print("addKeyP :", c.addKeyByPassphrase(PASSWORD, PASSWORD2))
# original api required wrong passphrase parameter here
# print "killSlot:", c.killSlot(passphrase = "xxx", slot = 0)
print("killSlot:", c.killSlot(slot = 0))
print("activate:", c.activate(name = DEVICE, passphrase = PASSWORD))
print("suspend :", c.suspend())
# os.system("dmsetup info -c " + DEVICE)
print("resume :", c.resume(passphrase = PASSWORD))
print_status(c)
info = c.info()
print("cipher :", info["cipher"])
print("cmode :", info["cipher_mode"])
print("keysize :", info["keysize"])
print("dir :", info["dir"])
print("device :", info["device"])
print("offset :", info["offset"])
print("name :", info["name"])
print("uuid :", info["uuid"])
# os.system("cryptsetup luksDump " + info["device"])
print("deact. :", c.deactivate())
del c
c = pycryptsetup.CryptSetup(
device = IMG,
name = DEVICE,
yesDialog = askyes,
logFunc = log)
print("activate:", c.activate(name = DEVICE, passphrase = PASSWORD))
c2 = pycryptsetup.CryptSetup(
name = DEVICE,
yesDialog = askyes,
logFunc = log)
info = c2.info()
print("cipher :", info["cipher"])
print("cmode :", info["cipher_mode"])
print("keysize :", info["keysize"])
print("deact. :", c.deactivate())
r = c2.deactivate()
print("deact. :", r)
del c
del c2
os.remove(IMG)
/*
* Python bindings to libcryptsetup
*
* Copyright (C) 2009-2018, Red Hat, Inc. All rights reserved.
* Written by Martin Sivak
*
* This file is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this file; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
#include <Python.h>
#include <structmember.h>
#include <errno.h>
#include "libcryptsetup.h"
/* Python API use char* where const char* should be used... */
#define CONST_CAST(x) (x)(uintptr_t)
#if PY_MAJOR_VERSION < 3
#define MOD_ERROR_VAL
#define MOD_SUCCESS_VAL(val)
#define MOD_INIT(name) void init##name(void)
#define MOD_DEF(ob, name, doc, methods) \
ob = Py_InitModule3(name, methods, doc);
#else
#define PyInt_AsLong PyLong_AsLong
#define PyInt_Check PyLong_Check
#define MOD_ERROR_VAL NULL
#define MOD_SUCCESS_VAL(val) val
#define MOD_INIT(name) PyMODINIT_FUNC PyInit_##name(void)
#define MOD_DEF(ob, name, doc, methods) \
static struct PyModuleDef moduledef = { \
PyModuleDef_HEAD_INIT, name, doc, -1, methods, }; \
ob = PyModule_Create(&moduledef);
#endif
MOD_INIT(pycryptsetup);
typedef struct {
PyObject_HEAD
/* Type-specific fields go here. */
struct crypt_device *device;
char *activated_as;
/* Callbacks */
PyObject *yesDialogCB;
PyObject *cmdLineLogCB;
} CryptSetupObject;
static int yesDialog(const char *msg, void *this)
{
CryptSetupObject *self = this;
PyObject *result, *arglist;
int r;
if (self->yesDialogCB){
arglist = Py_BuildValue("(s)", msg);
if (!arglist)
return -ENOMEM;
result = PyEval_CallObject(self->yesDialogCB, arglist);
Py_DECREF(arglist);
if (!result)
return -EINVAL;
if (!PyArg_Parse(result, "i", &r))
r = -EINVAL;
Py_DECREF(result);
return r;
}
return 1;
}
static void cmdLineLog(int cls, const char *msg, void *this)
{
CryptSetupObject *self = this;
PyObject *result, *arglist;
if(self->cmdLineLogCB) {
arglist = Py_BuildValue("(is)", cls, msg);
if(!arglist)
return;
result = PyEval_CallObject(self->cmdLineLogCB, arglist);
Py_DECREF(arglist);
Py_XDECREF(result);
}
}
static void CryptSetup_dealloc(CryptSetupObject* self)
{
/* free the callbacks */
Py_XDECREF(self->yesDialogCB);
Py_XDECREF(self->cmdLineLogCB);
free(self->activated_as);
crypt_free(self->device);
/* free self */
Py_TYPE(self)->tp_free((PyObject*)self);
}
static PyObject *CryptSetup_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
{
CryptSetupObject *self = (CryptSetupObject *)type->tp_alloc(type, 0);
if (self) {
self->yesDialogCB = NULL;
self->cmdLineLogCB = NULL;
self->activated_as = NULL;
}
return (PyObject *)self;
}
static PyObject *PyObjectResult(int is)
{
PyObject *result = Py_BuildValue("i", is);
if (!result)
PyErr_SetString(PyExc_RuntimeError, "Error during constructing values for return value");
return result;
}
static char
CryptSetup_HELP[] =
"CryptSetup object\n\n\
constructor takes one to four arguments:\n\
__init__(device, name, yesDialog, logFunc)\n\n\
yesDialog - python function with func(text) signature, \n\
which asks the user question text and returns 1\n\
of the answer was positive or 0 if not\n\
logFunc - python function with func(level, text) signature to log stuff somewhere";
static int CryptSetup_init(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
static const char *kwlist[] = {"device", "name", "yesDialog", "logFunc", NULL};
PyObject *yesDialogCB = NULL,
*cmdLineLogCB = NULL,
*tmp = NULL;
char *device = NULL, *deviceName = NULL;
int r;
if (!PyArg_ParseTupleAndKeywords(args, kwds, "|zzOO", CONST_CAST(char**)kwlist, &device, &deviceName,
&yesDialogCB, &cmdLineLogCB))
return -1;
if (device) {
if (crypt_init(&(self->device), device)) {
PyErr_SetString(PyExc_IOError, "Device cannot be opened");
return -1;
}
/* Try to load header form device */
r = crypt_load(self->device, NULL, NULL);
if (r && r != -EINVAL) {
PyErr_SetString(PyExc_RuntimeError, "Cannot initialize device context");
return -1;
}
} else if (deviceName) {
if (crypt_init_by_name(&(self->device), deviceName)) {
PyErr_SetString(PyExc_IOError, "Device cannot be opened");
return -1;
}
/* Context is initialized automatically from active device */
} else {
PyErr_SetString(PyExc_RuntimeError, "Either device file or luks name has to be specified");
return -1;
}
if(deviceName)
self->activated_as = strdup(deviceName);
if (yesDialogCB) {
tmp = self->yesDialogCB;
Py_INCREF(yesDialogCB);
self->yesDialogCB = yesDialogCB;
Py_XDECREF(tmp);
crypt_set_confirm_callback(self->device, yesDialog, self);
}
if (cmdLineLogCB) {
tmp = self->cmdLineLogCB;
Py_INCREF(cmdLineLogCB);
self->cmdLineLogCB = cmdLineLogCB;
Py_XDECREF(tmp);
crypt_set_log_callback(self->device, cmdLineLog, self);
}
return 0;
}
static char
CryptSetup_activate_HELP[] =
"Activate LUKS device\n\n\
activate(name)";
static PyObject *CryptSetup_activate(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
static const char *kwlist[] = {"name", "passphrase", NULL};
char *name = NULL, *passphrase = NULL;
int is;
if (!PyArg_ParseTupleAndKeywords(args, kwds, "s|s", CONST_CAST(char**)kwlist, &name, &passphrase))
return NULL;
// FIXME: allow keyfile and \0 in passphrase
is = crypt_activate_by_passphrase(self->device, name, CRYPT_ANY_SLOT,
passphrase, passphrase ? strlen(passphrase) : 0, 0);
if (is >= 0) {
free(self->activated_as);
self->activated_as = strdup(name);
}
return PyObjectResult(is);
}
static char
CryptSetup_deactivate_HELP[] =
"Deactivate LUKS device\n\n\
deactivate()";
static PyObject *CryptSetup_deactivate(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
int is = crypt_deactivate(self->device, self->activated_as);
if (!is) {
free(self->activated_as);
self->activated_as = NULL;
}
return PyObjectResult(is);
}
static char
CryptSetup_askyes_HELP[] =
"Asks a question using the configured dialog CB\n\n\
int askyes(message)";
static PyObject *CryptSetup_askyes(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
static const char *kwlist[] = {"message", NULL};
PyObject *message = NULL, *result, *arglist;
if (!PyArg_ParseTupleAndKeywords(args, kwds, "O", CONST_CAST(char**)kwlist, &message))
return NULL;
Py_INCREF(message);
arglist = Py_BuildValue("(O)", message);
if (!arglist){
PyErr_SetString(PyExc_RuntimeError, "Error during constructing values for internal call");
return NULL;
}
result = PyEval_CallObject(self->yesDialogCB, arglist);
Py_DECREF(arglist);
Py_DECREF(message);
return result;
}
static char
CryptSetup_log_HELP[] =
"Logs a string using the configured log CB\n\n\
log(int level, message)";
static PyObject *CryptSetup_log(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
static const char *kwlist[] = {"priority", "message", NULL};
PyObject *message = NULL, *priority = NULL, *result, *arglist;
if (!PyArg_ParseTupleAndKeywords(args, kwds, "OO", CONST_CAST(char**)kwlist, &message, &priority))
return NULL;
Py_INCREF(message);
Py_INCREF(priority);
arglist = Py_BuildValue("(OO)", message, priority);
if (!arglist){
PyErr_SetString(PyExc_RuntimeError, "Error during constructing values for internal call");
return NULL;
}
result = PyEval_CallObject(self->cmdLineLogCB, arglist);
Py_DECREF(arglist);
Py_DECREF(priority);
Py_DECREF(message);
return result;
}
static char
CryptSetup_luksUUID_HELP[] =
"Get UUID of the LUKS device\n\n\
luksUUID()";
static PyObject *CryptSetup_luksUUID(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
PyObject *result;
result = Py_BuildValue("s", crypt_get_uuid(self->device));
if (!result)
PyErr_SetString(PyExc_RuntimeError, "Error during constructing values for return value");
return result;
}
static char
CryptSetup_isLuks_HELP[] =
"Is the device LUKS?\n\n\
isLuks()";
static PyObject *CryptSetup_isLuks(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
return PyObjectResult(crypt_load(self->device, CRYPT_LUKS1, NULL));
}
static char
CryptSetup_Info_HELP[] =
"Returns dictionary with info about opened device\nKeys:\n\
dir\n name\n uuid\n cipher\n cipher_mode\n keysize\n device\n\
offset\n size\n skip\n mode\n";
static PyObject *CryptSetup_Info(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
PyObject *result;
result = Py_BuildValue("{s:s,s:s,s:z,s:s,s:s,s:s,s:i,s:K}",
"dir", crypt_get_dir(),
"device", crypt_get_device_name(self->device),
"name", self->activated_as,
"uuid", crypt_get_uuid(self->device),
"cipher", crypt_get_cipher(self->device),
"cipher_mode", crypt_get_cipher_mode(self->device),
"keysize", crypt_get_volume_key_size(self->device) * 8,
//"size", co.size,
//"mode", (co.flags & CRYPT_FLAG_READONLY) ? "readonly" : "read/write",
"offset", crypt_get_data_offset(self->device)
);
if (!result)
PyErr_SetString(PyExc_RuntimeError, "Error during constructing values for return value");
return result;
}
static char
CryptSetup_luksFormat_HELP[] =
"Format device to enable LUKS\n\n\
luksFormat(cipher = 'aes', cipherMode = 'cbc-essiv:sha256', keysize = 256, hashMode = 'sha256')\n\n\
cipher - cipher specification, e.g. aes, serpent\n\
cipherMode - cipher mode specification, e.g. cbc-essiv:sha256, xts-plain64\n\
keysize - key size in bits\n\
hashMode - hash specification, e.g. sha256";
static PyObject *CryptSetup_luksFormat(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
static const char *kwlist[] = {"cipher", "cipherMode", "keysize", "hashMode", NULL};
char *cipher_mode = NULL, *cipher = NULL, *hashMode = NULL;
int keysize = DEFAULT_LUKS1_KEYBITS;
PyObject *keysize_object = NULL;
struct crypt_params_luks1 params = {};
if (!PyArg_ParseTupleAndKeywords(args, kwds, "|zzOz", CONST_CAST(char**)kwlist,
&cipher, &cipher_mode, &keysize_object,
&hashMode))
return NULL;
params.hash = hashMode;
if (!keysize_object || keysize_object == Py_None) {
/* use default value */
} else if (!PyInt_Check(keysize_object)) {
PyErr_SetString(PyExc_TypeError, "keysize must be an integer");
return NULL;
} else if (PyInt_AsLong(keysize_object) % 8) {
PyErr_SetString(PyExc_TypeError, "keysize must have integer value dividable by 8");
return NULL;
} else if (PyInt_AsLong(keysize_object) <= 0) {
PyErr_SetString(PyExc_TypeError, "keysize must be positive number bigger than 0");
return NULL;
} else
keysize = PyInt_AsLong(keysize_object);
return PyObjectResult(crypt_format(self->device, CRYPT_LUKS1,
cipher ?: DEFAULT_LUKS1_CIPHER,
cipher_mode ?: DEFAULT_LUKS1_MODE,
NULL, NULL, keysize / 8, &params));
}
static char
CryptSetup_addKeyByPassphrase_HELP[] =
"Initialize keyslot using passphrase\n\n\
addKeyByPassphrase(passphrase, newPassphrase, slot)\n\n\
passphrase - string or none to ask the user\n\
newPassphrase - passphrase to add\n\
slot - which slot to use (optional)";
static PyObject *CryptSetup_addKeyByPassphrase(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
static const char *kwlist[] = {"passphrase", "newPassphrase", "slot", NULL};
char *passphrase = NULL, *newpassphrase = NULL;
size_t passphrase_len = 0, newpassphrase_len = 0;
int slot = CRYPT_ANY_SLOT;
if (!PyArg_ParseTupleAndKeywords(args, kwds, "ss|i", CONST_CAST(char**)kwlist, &passphrase, &newpassphrase, &slot))
return NULL;
if(passphrase)
passphrase_len = strlen(passphrase);
if(newpassphrase)
newpassphrase_len = strlen(newpassphrase);
return PyObjectResult(crypt_keyslot_add_by_passphrase(self->device, slot,
passphrase, passphrase_len,
newpassphrase, newpassphrase_len));
}
static char
CryptSetup_addKeyByVolumeKey_HELP[] =
"Initialize keyslot using cached volume key\n\n\
addKeyByVolumeKey(passphrase, newPassphrase, slot)\n\n\
newPassphrase - passphrase to add\n\
slot - which slot to use (optional)";
static PyObject *CryptSetup_addKeyByVolumeKey(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
static const char *kwlist[] = {"newPassphrase", "slot", NULL};
char *newpassphrase = NULL;
size_t newpassphrase_len = 0;
int slot = CRYPT_ANY_SLOT;
if (!PyArg_ParseTupleAndKeywords(args, kwds, "s|i", CONST_CAST(char**)kwlist, &newpassphrase, &slot))
return NULL;
if (newpassphrase)
newpassphrase_len = strlen(newpassphrase);
return PyObjectResult(crypt_keyslot_add_by_volume_key(self->device, slot,
NULL, 0, newpassphrase, newpassphrase_len));
}
static char
CryptSetup_removePassphrase_HELP[] =
"Destroy keyslot using passphrase\n\n\
removePassphrase(passphrase)\n\n\
passphrase - string or none to ask the user";
static PyObject *CryptSetup_removePassphrase(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
static const char *kwlist[] = {"passphrase", NULL};
char *passphrase = NULL;
size_t passphrase_len = 0;
int is;
if (!PyArg_ParseTupleAndKeywords(args, kwds, "s", CONST_CAST(char**)kwlist, &passphrase))
return NULL;
if (passphrase)
passphrase_len = strlen(passphrase);
is = crypt_activate_by_passphrase(self->device, NULL, CRYPT_ANY_SLOT,
passphrase, passphrase_len, 0);
if (is < 0)
return PyObjectResult(is);
return PyObjectResult(crypt_keyslot_destroy(self->device, is));
}
static char
CryptSetup_killSlot_HELP[] =
"Destroy keyslot\n\n\
killSlot(slot)\n\n\
slot - the slot to remove";
static PyObject *CryptSetup_killSlot(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
static const char *kwlist[] = {"slot", NULL};
int slot = CRYPT_ANY_SLOT;
if (!PyArg_ParseTupleAndKeywords(args, kwds, "i", CONST_CAST(char**)kwlist, &slot))
return NULL;
switch (crypt_keyslot_status(self->device, slot)) {
case CRYPT_SLOT_ACTIVE:
return PyObjectResult(crypt_keyslot_destroy(self->device, slot));
case CRYPT_SLOT_ACTIVE_LAST:
PyErr_SetString(PyExc_ValueError, "Last slot, removing it would render the device unusable");
break;
case CRYPT_SLOT_INACTIVE:
PyErr_SetString(PyExc_ValueError, "Inactive slot");
break;
case CRYPT_SLOT_INVALID:
PyErr_SetString(PyExc_ValueError, "Invalid slot");
break;
default:
break;
}
return NULL;
}
static char
CryptSetup_Status_HELP[] =
"Status of LUKS device\n\n\
luksStatus()";
static PyObject *CryptSetup_Status(CryptSetupObject* self, PyObject *args, PyObject *kwds)
{
if (!self->activated_as){
PyErr_SetString(PyExc_IOError, "Device has not been activated yet.");
return NULL;
}
return PyObjectResult(crypt_status(self->device, self->activated_as));
}
static char
CryptSetup_Resume_HELP[] =
"Resume LUKS device\n\n\
luksOpen(passphrase)\n\n\
passphrase - string or none to ask the user";
static PyObject *CryptSetup_Resume(CryptSetupObject* self, PyObject *args, PyObject *kwds)