Commit f45d4d07 authored by Milan Broz's avatar Milan Broz

Add crypt_keyslot_area() API call.

Useful if you want to analyze/wipe area of disk used for keyslot
from external tool.
parent 64558a57
2012-09-11 Milan Broz <gmazyland@gmail.com>
* Add crypt_keyslot_area() API call.
2012-08-27 Milan Broz <gmazyland@gmail.com>
* Optimize seek to keyfile-offset (Issue #135, thx to dreisner).
* Fix luksHeaderBackup for very old v1.0 unaligned LUKS headers.
......
......@@ -570,16 +570,6 @@ int crypt_keyslot_add_by_passphrase(struct crypt_device *cd,
const char *new_passphrase,
size_t new_passphrase_size);
/**
* Get number of keyslots supported for device type.
*
* @param type crypt device type
*
* @return slot count or negative errno otherwise if device
* doesn't not support keyslots.
*/
int crypt_keyslot_max(const char *type);
/**
* Add key slot using provided key file path
*
......@@ -972,6 +962,32 @@ typedef enum {
crypt_keyslot_info crypt_keyslot_status(struct crypt_device *cd, int keyslot);
/** @} */
/**
* Get number of keyslots supported for device type.
*
* @param type crypt device type
*
* @return slot count or negative errno otherwise if device
* doesn't not support keyslots.
*/
int crypt_keyslot_max(const char *type);
/**
* Get keyslot area pointers (relative to metadata device)
*
* @param cd crypt device handle
* @param keyslot keyslot number
* @param offset offset on metadata device (in bytes)
* @param length length of keyslot area (in bytes)
*
* @return @e 0 on success or negative errno value otherwise.
*
*/
int crypt_keyslot_area(struct crypt_device *cd,
int keyslot,
uint64_t *offset,
uint64_t *length);
/**
* Backup header and keyslots to file
*
......
......@@ -55,6 +55,7 @@ CRYPTSETUP_1.0 {
crypt_get_rng_type;
crypt_keyslot_max;
crypt_keyslot_area;
crypt_keyslot_status;
crypt_last_error;
crypt_get_error;
......
......@@ -53,6 +53,20 @@ static size_t LUKS_device_sectors(size_t keyLen)
return sector;
}
int LUKS_keyslot_area(struct luks_phdr *hdr,
int keyslot,
uint64_t *offset,
uint64_t *length)
{
if(keyslot >= LUKS_NUMKEYS || keyslot < 0)
return -EINVAL;
*offset = hdr->keyblock[keyslot].keyMaterialOffset * SECTOR_SIZE;
*length = AF_split_sectors(hdr->keyBytes, LUKS_STRIPES) * SECTOR_SIZE;
return 0;
}
static int LUKS_check_device_size(struct crypt_device *ctx, size_t keyLength)
{
struct device *device = crypt_metadata_device(ctx);
......
......@@ -168,6 +168,10 @@ crypt_keyslot_info LUKS_keyslot_info(struct luks_phdr *hdr, int keyslot);
int LUKS_keyslot_find_empty(struct luks_phdr *hdr);
int LUKS_keyslot_active_count(struct luks_phdr *hdr);
int LUKS_keyslot_set(struct luks_phdr *hdr, int keyslot, int enable);
int LUKS_keyslot_area(struct luks_phdr *hdr,
int keyslot,
uint64_t *offset,
uint64_t *length);
int LUKS_encrypt_to_storage(
char *src, size_t srcLength,
......
......@@ -2393,6 +2393,17 @@ int crypt_keyslot_max(const char *type)
return -EINVAL;
}
int crypt_keyslot_area(struct crypt_device *cd,
int keyslot,
uint64_t *offset,
uint64_t *length)
{
if (!isLUKS(cd->type))
return -EINVAL;
return LUKS_keyslot_area(&cd->hdr, keyslot, offset, length);
}
const char *crypt_get_type(struct crypt_device *cd)
{
return cd->type;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment