On Wed, Aug 14, 2019 at 11:22:09PM +0300, Maxim Levitsky wrote: > With upcoming key management, the header will > need to be stored after the image is created. > > Extracting load header isn't strictly needed, but > do this anyway for the symmetry. > > Also I extracted a function that does basic sanity > checks on the just read header, and a function > which parses all the crypto format to make the > code a bit more readable, plus now the code > doesn't destruct the in-header cipher-mode string, > so that the header now can be stored many times, > which is needed for the key management. > > Also this allows to contain the endianess conversions > in these functions alone > > The header is no longer endian swapped in place, > to prevent (mostly theoretical races I think) > races where someone could see the header in the > process of beeing byteswapped. > > Signed-off-by: Maxim Levitsky <mlevi...@redhat.com> > --- > crypto/block-luks.c | 756 ++++++++++++++++++++++++++------------------ > 1 file changed, 440 insertions(+), 316 deletions(-)
> if (!(flags & QCRYPTO_BLOCK_OPEN_NO_IO)) { > /* Try to find which key slot our password is valid for > * and unlock the master key from that slot. > */ > - > masterkey = g_new0(uint8_t, masterkeylen(luks)); > > if (qcrypto_block_luks_find_key(block, > @@ -845,12 +1132,10 @@ qcrypto_block_luks_open(QCryptoBlock *block, > } > > block->sector_size = QCRYPTO_BLOCK_LUKS_SECTOR_SIZE; > - block->payload_offset = luks->header.payload_offset * > - block->sector_size; > + block->payload_offset = luks->header.payload_offset * block->sector_size; > > g_free(masterkey); > g_free(password); > - > return 0; Smoe unrelated whitespace changes here. > + /* populate the slot 0 with the password encrypted master key*/ > + /* This will also store the header */ > + if (qcrypto_block_luks_store_key(block, > + 0, > + password, > + masterkey, > + luks_opts.iter_time, > + writefunc, > + opaque, > + errp)) { > goto error; > - } > + } Indent is off by 1 Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|