source-git / cryptsetup

Clone
Source Code
GIT

Blame src/utils_luks2.c

c8 c8s master
  1.   c8s
  2.   src
  3.   utils_luks2.c
Blob History Raw
Packit 94f725 
/*
Packit 94f725 
 * Helper utilities for LUKS2 features
Packit 94f725 
 *
Packit 94f725 
 * Copyright (C) 2018-2020 Red Hat, Inc. All rights reserved.
Packit 94f725 
 * Copyright (C) 2018-2020 Milan Broz
Packit 94f725 
 * Copyright (C) 2018-2020 Ondrej Kozina
Packit 94f725 
 *
Packit 94f725 
 * This program is free software; you can redistribute it and/or
Packit 94f725 
 * modify it under the terms of the GNU General Public License
Packit 94f725 
 * as published by the Free Software Foundation; either version 2
Packit 94f725 
 * of the License, or (at your option) any later version.
Packit 94f725 
 *
Packit 94f725 
 * This program is distributed in the hope that it will be useful,
Packit 94f725 
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
Packit 94f725 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
Packit 94f725 
 * GNU General Public License for more details.
Packit 94f725 
 *
Packit 94f725 
 * You should have received a copy of the GNU General Public License
Packit 94f725 
 * along with this program; if not, write to the Free Software
Packit 94f725 
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Packit 94f725 
 */
Packit 94f725
Packit 94f725 
#include "cryptsetup.h"
Packit 94f725
Packit 94f725 
/*
Packit 94f725 
 * FIXME: 4MiBs is max LUKS2 mda length (including binary header).
Packit 94f725 
 * In future, read max allowed JSON size from config section.
Packit 94f725 
 */
Packit 94f725 
#define LUKS2_MAX_MDA_SIZE 0x400000
Packit 94f725 
int tools_read_json_file(struct crypt_device *cd, const char *file, char **json, size_t *json_size)
Packit 94f725 
{
Packit 94f725 
	ssize_t ret;
Packit 94f725 
	int fd, block, r;
Packit 94f725 
	void *buf = NULL;
Packit 94f725
Packit 94f725 
	block = tools_signals_blocked();
Packit 94f725 
	if (block)
Packit 94f725 
		set_int_block(0);
Packit 94f725
Packit 94f725 
	if (tools_is_stdin(file)) {
Packit 94f725 
		fd = STDIN_FILENO;
Packit 94f725 
		log_dbg("STDIN descriptor JSON read requested.");
Packit 94f725 
	} else {
Packit 94f725 
		log_dbg("File descriptor JSON read requested.");
Packit 94f725 
		fd = open(file, O_RDONLY);
Packit 94f725 
		if (fd < 0) {
Packit 94f725 
			log_err(_("Failed to open file %s in read-only mode."), file);
Packit 94f725 
			r = -EINVAL;
Packit 94f725 
			goto out;
Packit 94f725 
		}
Packit 94f725 
	}
Packit 94f725
Packit 94f725 
	buf = malloc(LUKS2_MAX_MDA_SIZE);
Packit 94f725 
	if (!buf) {
Packit 94f725 
		r = -ENOMEM;
Packit 94f725 
		goto out;
Packit 94f725 
	}
Packit 94f725
Packit 94f725 
	if (isatty(fd) && !opt_batch_mode)
Packit 94f725 
		log_std(_("Provide valid LUKS2 token JSON:\n"));
Packit 94f725
Packit 94f725 
	/* we expect JSON (string) */
Packit 94f725 
	r = 0;
Packit 94f725 
	ret = read_buffer_intr(fd, buf, LUKS2_MAX_MDA_SIZE - 1, &quit);
Packit 94f725 
	if (ret < 0) {
Packit 94f725 
		r = -EIO;
Packit 94f725 
		log_err(_("Failed to read JSON file."));
Packit 94f725 
		goto out;
Packit 94f725 
	}
Packit 94f725 
	check_signal(&r);
Packit 94f725 
	if (r) {
Packit 94f725 
		log_err(_("\nRead interrupted."));
Packit 94f725 
		goto out;
Packit 94f725 
	}
Packit 94f725
Packit 94f725 
	*json_size = (size_t)ret;
Packit 94f725 
	*json = buf;
Packit 94f725 
	*(*json + ret) = '\0';
Packit 94f725 
out:
Packit 94f725 
	if (block && !quit)
Packit 94f725 
		set_int_block(1);
Packit 94f725 
	if (fd >= 0 && fd != STDIN_FILENO)
Packit 94f725 
		close(fd);
Packit 94f725 
	if (r && buf) {
Packit 94f725 
		memset(buf, 0, LUKS2_MAX_MDA_SIZE);
Packit 94f725 
		free(buf);
Packit 94f725 
	}
Packit 94f725 
	return r;
Packit 94f725 
}
Packit 94f725
Packit 94f725 
int tools_write_json_file(struct crypt_device *cd, const char *file, const char *json)
Packit 94f725 
{
Packit 94f725 
	int block, fd, r;
Packit 94f725 
	size_t json_len;
Packit 94f725 
	ssize_t ret;
Packit 94f725
Packit 94f725 
	if (!json || !(json_len = strlen(json)) || json_len >= LUKS2_MAX_MDA_SIZE)
Packit 94f725 
		return -EINVAL;
Packit 94f725
Packit 94f725 
	block = tools_signals_blocked();
Packit 94f725 
	if (block)
Packit 94f725 
		set_int_block(0);
Packit 94f725
Packit 94f725 
	if (tools_is_stdin(file)) {
Packit 94f725 
		fd = STDOUT_FILENO;
Packit 94f725 
		log_dbg("STDOUT descriptor JSON write requested.");
Packit 94f725 
	} else {
Packit 94f725 
		log_dbg("File descriptor JSON write requested.");
Packit 94f725 
		fd = open(file, O_CREAT | O_WRONLY, S_IRUSR | S_IWUSR);
Packit 94f725 
	}
Packit 94f725
Packit 94f725 
	if (fd < 0) {
Packit 94f725 
		log_err(_("Failed to open file %s in write mode."), file ?: "");
Packit 94f725 
		r = -EINVAL;
Packit 94f725 
		goto out;
Packit 94f725 
	}
Packit 94f725
Packit 94f725 
	r = 0;
Packit 94f725 
	ret = write_buffer_intr(fd, json, json_len, &quit);
Packit 94f725 
	check_signal(&r);
Packit 94f725 
	if (r) {
Packit 94f725 
		log_err(_("\nWrite interrupted."));
Packit 94f725 
		goto out;
Packit 94f725 
	}
Packit 94f725 
	if (ret < 0 || (size_t)ret != json_len) {
Packit 94f725 
		log_err(_("Failed to write JSON file."));
Packit 94f725 
		r = -EIO;
Packit 94f725 
		goto out;
Packit 94f725 
	}
Packit 94f725
Packit 94f725 
	if (isatty(fd))
Packit 94f725 
		(void) write_buffer_intr(fd, "\n", 1, &quit);
Packit 94f725 
out:
Packit 94f725 
	if (block && !quit)
Packit 94f725 
		set_int_block(1);
Packit 94f725 
	if (fd >=0 && fd != STDOUT_FILENO)
Packit 94f725 
		close(fd);
Packit 94f725 
	return r;
Packit 94f725 
}

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation