File: crypt_plain.c

package info (click to toggle)
cryptsetup 2%3A2.8.1-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 20,248 kB
  • sloc: ansic: 65,604; sh: 17,628; cpp: 994; xml: 920; makefile: 495; perl: 486
file content (104 lines) | stat: -rw-r--r-- 2,395 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
 
// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * cryptsetup plain device helper functions
 *
 * Copyright (C) 2004 Jana Saout <jana@saout.de>
 * Copyright (C) 2010-2025 Red Hat, Inc. All rights reserved.
 * Copyright (C) 2010-2025 Milan Broz
 */

#include <string.h>
#include <stdio.h>
#include <errno.h>

#include "libcryptsetup.h"
#include "internal.h"

static int hash(const char *hash_name, size_t key_size, char *key,
		size_t passphrase_size, const char *passphrase)
{
	struct crypt_hash *md = NULL;
	size_t len;
	int round, i, r = 0;

	if (crypt_hash_init(&md, hash_name))
		return -ENOENT;

	len = crypt_hash_size(hash_name);

	for(round = 0; key_size && !r; round++) {
		/* hack from hashalot to avoid null bytes in key */
		for(i = 0; i < round; i++)
			if (crypt_hash_write(md, "A", 1))
				r = 1;

		if (crypt_hash_write(md, passphrase, passphrase_size))
			r = 1;

		if (len > key_size)
			len = key_size;

		if (crypt_hash_final(md, key, len))
			r = 1;

		key += len;
		key_size -= len;
	}

	crypt_hash_destroy(md);
	return r;
}

#define PLAIN_HASH_LEN_MAX 256

int crypt_plain_hash(struct crypt_device *cd,
		     const char *hash_name,
		     char *key, size_t key_size,
		     const char *passphrase, size_t passphrase_size)
{
	char hash_name_buf[PLAIN_HASH_LEN_MAX], *s;
	size_t hash_size, pad_size;
	int r;

	log_dbg(cd, "Plain: hashing passphrase using %s.", hash_name);

	if (strlen(hash_name) >= PLAIN_HASH_LEN_MAX)
		return -EINVAL;
	strncpy(hash_name_buf, hash_name, PLAIN_HASH_LEN_MAX);
	hash_name_buf[PLAIN_HASH_LEN_MAX - 1] = '\0';

	/* hash[:hash_length] */
	if ((s = strchr(hash_name_buf, ':'))) {
		*s = '\0';
		s++;
		if (!*s || sscanf(s, "%zd", &hash_size) != 1) {
			log_dbg(cd, "Hash length is not a number");
			return -EINVAL;
		}
		if (hash_size > key_size) {
			log_dbg(cd, "Hash length %zd > key length %zd",
				hash_size, key_size);
			return -EINVAL;
		}
		pad_size = key_size - hash_size;
	} else {
		hash_size = key_size;
		pad_size = 0;
	}

	/* No hash, copy passphrase directly */
	if (!strcmp(hash_name_buf, "plain")) {
		if (passphrase_size < hash_size) {
			log_dbg(cd, "Too short plain passphrase.");
			return -EINVAL;
		}
		crypt_safe_memcpy(key, passphrase, hash_size);
		r = 0;
	} else
		r = hash(hash_name_buf, hash_size, key, passphrase_size, passphrase);

	if (r == 0 && pad_size)
		memset(key + hash_size, 0, pad_size);

	return r;
}