File: keyslot_context.h

package info (click to toggle)
cryptsetup 2%3A2.8.1-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 20,248 kB
  • sloc: ansic: 65,604; sh: 17,628; cpp: 994; xml: 920; makefile: 495; perl: 486
file content (180 lines) | stat: -rw-r--r-- 4,642 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
 
// SPDX-License-Identifier: GPL-2.0-or-later
/*
 * LUKS - Linux Unified Key Setup, keyslot unlock helpers
 *
 * Copyright (C) 2022-2025 Red Hat, Inc. All rights reserved.
 * Copyright (C) 2022-2025 Ondrej Kozina
 */

#ifndef KEYSLOT_CONTEXT_H
#define KEYSLOT_CONTEXT_H

#include <stdbool.h>
#include <stdint.h>

#include "internal.h"

struct bitlk_metadata;
struct fvault2_params;

typedef int (*keyslot_context_get_key) (
	struct crypt_device *cd,
	struct crypt_keyslot_context *kc,
	int keyslot,
	int segment,
	struct volume_key **r_vk);

typedef int (*keyslot_context_get_volume_key) (
	struct crypt_device *cd,
	struct crypt_keyslot_context *kc,
	int keyslot,
	struct volume_key **r_vk);

typedef int (*keyslot_context_get_generic_volume_key) (
	struct crypt_device *cd,
	struct crypt_keyslot_context *kc,
	struct volume_key **r_vk);

typedef int (*keyslot_context_get_bitlk_volume_key) (
	struct crypt_device *cd,
	struct crypt_keyslot_context *kc,
	const struct bitlk_metadata *params,
	struct volume_key **r_vk);

typedef int (*keyslot_context_get_fvault2_volume_key) (
	struct crypt_device *cd,
	struct crypt_keyslot_context *kc,
	const struct fvault2_params *params,
	struct volume_key **r_vk);


typedef int (*keyslot_context_get_generic_signed_key) (
	struct crypt_device *cd,
	struct crypt_keyslot_context *kc,
	struct volume_key **r_vk,
	struct volume_key **r_signature);

typedef int (*keyslot_context_get_passphrase) (
	struct crypt_device *cd,
	struct crypt_keyslot_context *kc,
	const char **r_passphrase,
	size_t *r_passphrase_size);

typedef void (*keyslot_context_free) (
	struct crypt_keyslot_context *kc);

typedef int (*keyslot_context_get_key_size) (
	struct crypt_device *cd,
	struct crypt_keyslot_context *kc,
	size_t *r_key_size);

#define KC_VERSION_BASIC          UINT8_C(1)
#define KC_VERSION_SELF_CONTAINED UINT8_C(2)

/* crypt_keyslot_context */
struct crypt_keyslot_context {
	int type;

	/* versions:
	 * v1: All passed pointers (e.g.: type, passphrase, keyfile,...) must
	 *     be valid after ctx initialization.
	 * v2: Fully self-contained
	 */
	uint8_t version;

	union {
	struct {
		const char *passphrase;
		size_t passphrase_size;
	} p;
	struct {
		const char *keyfile;
		char *i_keyfile;
		uint64_t keyfile_offset;
		size_t keyfile_size;
	} kf;
	struct {
		int id;
		const char *type;
		char *i_type;
		const char *pin;
		char *i_pin;
		size_t pin_size;
		void *usrptr;
	} t;
	struct {
		const char *volume_key;
		size_t volume_key_size;
		struct volume_key *i_vk;
	} k;
	struct {
		const char *volume_key;
		size_t volume_key_size;
		struct volume_key *i_vk;
		const char *signature;
		size_t signature_size;
		struct volume_key *i_vk_sig;
	} ks;
	struct {
		const char *key_description;
		char *i_key_description;
	} kr;
	struct {
		const char *key_description;
		char *i_key_description;
		size_t i_key_size;
	} vk_kr;
	} u;

	int error;

	char *i_passphrase;
	size_t i_passphrase_size;

	keyslot_context_get_key			get_luks2_key;
	keyslot_context_get_volume_key		get_luks1_volume_key;
	keyslot_context_get_volume_key		get_luks2_volume_key;
	keyslot_context_get_generic_volume_key	get_plain_volume_key;
	keyslot_context_get_bitlk_volume_key	get_bitlk_volume_key;
	keyslot_context_get_fvault2_volume_key	get_fvault2_volume_key;
	keyslot_context_get_generic_signed_key	get_verity_volume_key;
	keyslot_context_get_generic_volume_key	get_integrity_volume_key;
	keyslot_context_get_passphrase		get_passphrase;
	keyslot_context_get_key_size		get_key_size;
	keyslot_context_free			context_free;
};

void crypt_keyslot_context_destroy_internal(struct crypt_keyslot_context *method);

void crypt_keyslot_context_init_by_key_internal(struct crypt_keyslot_context *kc,
	const char *volume_key,
	size_t volume_key_size);

void crypt_keyslot_context_init_by_signed_key_internal(struct crypt_keyslot_context *kc,
	const char *volume_key,
	size_t volume_key_size,
	const char *signature,
	size_t signature_size);

void crypt_keyslot_context_init_by_passphrase_internal(struct crypt_keyslot_context *kc,
	const char *passphrase,
	size_t passphrase_size);

void crypt_keyslot_context_init_by_keyfile_internal(struct crypt_keyslot_context *kc,
	const char *keyfile,
	size_t keyfile_size,
	uint64_t keyfile_offset);

void crypt_keyslot_context_init_by_token_internal(struct crypt_keyslot_context *kc,
	int token,
	const char *type,
	const char *pin,
	size_t pin_size,
	void *usrptr);

void crypt_keyslot_context_init_by_keyring_internal(struct crypt_keyslot_context *kc,
	const char *key_description);

const char *keyslot_context_type_string(const struct crypt_keyslot_context *kc);

#endif /* KEYSLOT_CONTEXT_H */