[systemd-devel] [PATCH 2/2] Fix keysize handling in cryptsetup (bits vs. bytes)
Lennart Poettering
lennart at poettering.net
Thu Apr 24 00:24:48 PDT 2014
On Tue, 25.03.14 11:05, David Härdeman (david at hardeman.nu) wrote:
> The command line key-size is in bits but the libcryptsetup API expects bytes.
>
> Note that the modulo 8 check is in the original cryptsetup binary as well, so
> it's no new limitation.
>
> (v2: changed the point at which the /= 8 is performed, rebased,
> removed tabs)
Applied both! Thanks!
> ---
> src/cryptsetup/cryptsetup.c | 11 +++++++++--
> 1 file changed, 9 insertions(+), 2 deletions(-)
>
> diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
> index a647a94..812b32f 100644
> --- a/src/cryptsetup/cryptsetup.c
> +++ b/src/cryptsetup/cryptsetup.c
> @@ -88,6 +88,13 @@ static int parse_one_option(const char *option) {
> return 0;
> }
>
> + if (arg_key_size % 8) {
> + log_error("size= not a multiple of 8, ignoring.");
> + return 0;
> + }
> +
> + arg_key_size /= 8;
> +
> } else if (startswith(option, "key-slot=")) {
>
> arg_type = CRYPT_LUKS1;
> @@ -414,7 +421,7 @@ static int attach_luks_or_plain(struct crypt_device *cd,
> /* for CRYPT_PLAIN limit reads
> * from keyfile to key length, and
> * ignore keyfile-size */
> - arg_keyfile_size = arg_key_size / 8;
> + arg_keyfile_size = arg_key_size;
>
> /* In contrast to what the name
> * crypt_setup() might suggest this
> @@ -577,7 +584,7 @@ int main(int argc, char *argv[]) {
> else
> until = 0;
>
> - arg_key_size = (arg_key_size > 0 ? arg_key_size : 256);
> + arg_key_size = (arg_key_size > 0 ? arg_key_size : (256 / 8));
>
> if (key_file) {
> struct stat st;
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list