[systemd-devel] [PATCH 2/4] Fix keysize handling in cryptsetup (bits vs. bytes)

David Härdeman david at hardeman.nu
Mon Feb 3 15:57:36 PST 2014


The command line key-size is in bits but the libcryptsetup API expects bytes.
---
 src/cryptsetup/cryptsetup.c |    8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index 4a32856..c01ed01 100644
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -407,7 +407,7 @@ static int attach_luks_or_plain(struct crypt_device *cd,
                 /* for CRYPT_PLAIN limit reads
                  * from keyfile to key length, and
                  * ignore keyfile-size */
-                opt_keyfile_size = opt_key_size / 8;
+                opt_keyfile_size = opt_key_size;
 
                 /* In contrast to what the name
                  * crypt_setup() might suggest this
@@ -570,7 +570,11 @@ int main(int argc, char *argv[]) {
                 else
                         until = 0;
 
-                opt_key_size = (opt_key_size > 0 ? opt_key_size : 256);
+                if (opt_key_size % 8) {
+                        log_warning("Key size invalid (not a multiple of 8).");
+                        goto finish;
+                }
+                opt_key_size = (opt_key_size > 0 ? opt_key_size : 256) / 8;
 
                 if (key_file) {
                         struct stat st;



More information about the systemd-devel mailing list