|
Packit |
94f725 |
/*
|
|
Packit |
94f725 |
* Helper utilities for LUKS2 features
|
|
Packit |
94f725 |
*
|
|
Packit |
94f725 |
* Copyright (C) 2018-2020 Red Hat, Inc. All rights reserved.
|
|
Packit |
94f725 |
* Copyright (C) 2018-2020 Milan Broz
|
|
Packit |
94f725 |
* Copyright (C) 2018-2020 Ondrej Kozina
|
|
Packit |
94f725 |
*
|
|
Packit |
94f725 |
* This program is free software; you can redistribute it and/or
|
|
Packit |
94f725 |
* modify it under the terms of the GNU General Public License
|
|
Packit |
94f725 |
* as published by the Free Software Foundation; either version 2
|
|
Packit |
94f725 |
* of the License, or (at your option) any later version.
|
|
Packit |
94f725 |
*
|
|
Packit |
94f725 |
* This program is distributed in the hope that it will be useful,
|
|
Packit |
94f725 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
94f725 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
Packit |
94f725 |
* GNU General Public License for more details.
|
|
Packit |
94f725 |
*
|
|
Packit |
94f725 |
* You should have received a copy of the GNU General Public License
|
|
Packit |
94f725 |
* along with this program; if not, write to the Free Software
|
|
Packit |
94f725 |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
Packit |
94f725 |
*/
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
#include "cryptsetup.h"
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
/*
|
|
Packit |
94f725 |
* FIXME: 4MiBs is max LUKS2 mda length (including binary header).
|
|
Packit |
94f725 |
* In future, read max allowed JSON size from config section.
|
|
Packit |
94f725 |
*/
|
|
Packit |
94f725 |
#define LUKS2_MAX_MDA_SIZE 0x400000
|
|
Packit |
94f725 |
int tools_read_json_file(struct crypt_device *cd, const char *file, char **json, size_t *json_size)
|
|
Packit |
94f725 |
{
|
|
Packit |
94f725 |
ssize_t ret;
|
|
Packit |
94f725 |
int fd, block, r;
|
|
Packit |
94f725 |
void *buf = NULL;
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
block = tools_signals_blocked();
|
|
Packit |
94f725 |
if (block)
|
|
Packit |
94f725 |
set_int_block(0);
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
if (tools_is_stdin(file)) {
|
|
Packit |
94f725 |
fd = STDIN_FILENO;
|
|
Packit |
94f725 |
log_dbg("STDIN descriptor JSON read requested.");
|
|
Packit |
94f725 |
} else {
|
|
Packit |
94f725 |
log_dbg("File descriptor JSON read requested.");
|
|
Packit |
94f725 |
fd = open(file, O_RDONLY);
|
|
Packit |
94f725 |
if (fd < 0) {
|
|
Packit |
94f725 |
log_err(_("Failed to open file %s in read-only mode."), file);
|
|
Packit |
94f725 |
r = -EINVAL;
|
|
Packit |
94f725 |
goto out;
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
buf = malloc(LUKS2_MAX_MDA_SIZE);
|
|
Packit |
94f725 |
if (!buf) {
|
|
Packit |
94f725 |
r = -ENOMEM;
|
|
Packit |
94f725 |
goto out;
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
if (isatty(fd) && !opt_batch_mode)
|
|
Packit |
94f725 |
log_std(_("Provide valid LUKS2 token JSON:\n"));
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
/* we expect JSON (string) */
|
|
Packit |
94f725 |
r = 0;
|
|
Packit |
94f725 |
ret = read_buffer_intr(fd, buf, LUKS2_MAX_MDA_SIZE - 1, &quit);
|
|
Packit |
94f725 |
if (ret < 0) {
|
|
Packit |
94f725 |
r = -EIO;
|
|
Packit |
94f725 |
log_err(_("Failed to read JSON file."));
|
|
Packit |
94f725 |
goto out;
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
check_signal(&r);
|
|
Packit |
94f725 |
if (r) {
|
|
Packit |
94f725 |
log_err(_("\nRead interrupted."));
|
|
Packit |
94f725 |
goto out;
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
*json_size = (size_t)ret;
|
|
Packit |
94f725 |
*json = buf;
|
|
Packit |
94f725 |
*(*json + ret) = '\0';
|
|
Packit |
94f725 |
out:
|
|
Packit |
94f725 |
if (block && !quit)
|
|
Packit |
94f725 |
set_int_block(1);
|
|
Packit |
94f725 |
if (fd >= 0 && fd != STDIN_FILENO)
|
|
Packit |
94f725 |
close(fd);
|
|
Packit |
94f725 |
if (r && buf) {
|
|
Packit |
94f725 |
memset(buf, 0, LUKS2_MAX_MDA_SIZE);
|
|
Packit |
94f725 |
free(buf);
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
return r;
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
int tools_write_json_file(struct crypt_device *cd, const char *file, const char *json)
|
|
Packit |
94f725 |
{
|
|
Packit |
94f725 |
int block, fd, r;
|
|
Packit |
94f725 |
size_t json_len;
|
|
Packit |
94f725 |
ssize_t ret;
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
if (!json || !(json_len = strlen(json)) || json_len >= LUKS2_MAX_MDA_SIZE)
|
|
Packit |
94f725 |
return -EINVAL;
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
block = tools_signals_blocked();
|
|
Packit |
94f725 |
if (block)
|
|
Packit |
94f725 |
set_int_block(0);
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
if (tools_is_stdin(file)) {
|
|
Packit |
94f725 |
fd = STDOUT_FILENO;
|
|
Packit |
94f725 |
log_dbg("STDOUT descriptor JSON write requested.");
|
|
Packit |
94f725 |
} else {
|
|
Packit |
94f725 |
log_dbg("File descriptor JSON write requested.");
|
|
Packit |
94f725 |
fd = open(file, O_CREAT | O_WRONLY, S_IRUSR | S_IWUSR);
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
if (fd < 0) {
|
|
Packit |
94f725 |
log_err(_("Failed to open file %s in write mode."), file ?: "");
|
|
Packit |
94f725 |
r = -EINVAL;
|
|
Packit |
94f725 |
goto out;
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
r = 0;
|
|
Packit |
94f725 |
ret = write_buffer_intr(fd, json, json_len, &quit);
|
|
Packit |
94f725 |
check_signal(&r);
|
|
Packit |
94f725 |
if (r) {
|
|
Packit |
94f725 |
log_err(_("\nWrite interrupted."));
|
|
Packit |
94f725 |
goto out;
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
if (ret < 0 || (size_t)ret != json_len) {
|
|
Packit |
94f725 |
log_err(_("Failed to write JSON file."));
|
|
Packit |
94f725 |
r = -EIO;
|
|
Packit |
94f725 |
goto out;
|
|
Packit |
94f725 |
}
|
|
Packit |
94f725 |
|
|
Packit |
94f725 |
if (isatty(fd))
|
|
Packit |
94f725 |
(void) write_buffer_intr(fd, "\n", 1, &quit);
|
|
Packit |
94f725 |
out:
|
|
Packit |
94f725 |
if (block && !quit)
|
|
Packit |
94f725 |
set_int_block(1);
|
|
Packit |
94f725 |
if (fd >=0 && fd != STDOUT_FILENO)
|
|
Packit |
94f725 |
close(fd);
|
|
Packit |
94f725 |
return r;
|
|
Packit |
94f725 |
}
|