shimun/fido2luks
1
0
Fork 0
Code Issues Pull Requests 3 Releases Wiki Activity

libcryptsetup-rs patch

Browse Source
This commit is contained in:
shimun 2020-03-28 14:54:36 +01:00
parent c4f781e6e3
commit a394b7d1d1
Signed by: shimun
GPG Key ID: E81D8382DC2F971B
3 changed files with 36 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
Cargo.lock generated
View File

@ -219,7 +219,7 @@ dependencies = [
"ctap_hmac 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)", "ctap_hmac 0.2.1 (registry+https://github.com/rust-lang/crates.io-index)",
"failure 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)", "failure 0.1.7 (registry+https://github.com/rust-lang/crates.io-index)",
"hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)", "hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
"libcryptsetup-rs 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)", "libcryptsetup-rs 0.3.0 (git+https://github.com/shimunn/libcryptsetup-rs.git?branch=crypt_load_ptr_null)",
"ring 0.13.5 (registry+https://github.com/rust-lang/crates.io-index)", "ring 0.13.5 (registry+https://github.com/rust-lang/crates.io-index)",
"rpassword 4.0.5 (registry+https://github.com/rust-lang/crates.io-index)", "rpassword 4.0.5 (registry+https://github.com/rust-lang/crates.io-index)",
"structopt 0.3.12 (registry+https://github.com/rust-lang/crates.io-index)", "structopt 0.3.12 (registry+https://github.com/rust-lang/crates.io-index)",
@ -296,25 +296,27 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
[[package]] [[package]]
name = "libcryptsetup-rs" name = "libcryptsetup-rs"
version = "0.2.0" version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "git+https://github.com/shimunn/libcryptsetup-rs.git?branch=crypt_load_ptr_null#3f53978e5f66615fbb4f93508f3af09e7a84618b"
dependencies = [ dependencies = [
"either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)", "either 1.5.3 (registry+https://github.com/rust-lang/crates.io-index)",
"libc 0.2.68 (registry+https://github.com/rust-lang/crates.io-index)", "libc 0.2.68 (registry+https://github.com/rust-lang/crates.io-index)",
"libcryptsetup-rs-sys 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)", "libcryptsetup-rs-sys 0.1.2 (git+https://github.com/shimunn/libcryptsetup-rs.git?branch=crypt_load_ptr_null)",
"pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)", "pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)",
"semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)",
"serde_json 1.0.48 (registry+https://github.com/rust-lang/crates.io-index)", "serde_json 1.0.48 (registry+https://github.com/rust-lang/crates.io-index)",
"uuid 0.7.4 (registry+https://github.com/rust-lang/crates.io-index)", "uuid 0.7.4 (registry+https://github.com/rust-lang/crates.io-index)",
] ]
[[package]] [[package]]
name = "libcryptsetup-rs-sys" name = "libcryptsetup-rs-sys"
version = "0.1.1" version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "git+https://github.com/shimunn/libcryptsetup-rs.git?branch=crypt_load_ptr_null#3f53978e5f66615fbb4f93508f3af09e7a84618b"
dependencies = [ dependencies = [
"bindgen 0.53.2 (registry+https://github.com/rust-lang/crates.io-index)", "bindgen 0.53.2 (registry+https://github.com/rust-lang/crates.io-index)",
"cc 1.0.50 (registry+https://github.com/rust-lang/crates.io-index)", "cc 1.0.50 (registry+https://github.com/rust-lang/crates.io-index)",
"pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)", "pkg-config 0.3.17 (registry+https://github.com/rust-lang/crates.io-index)",
"semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)",
] ]
[[package]] [[package]]
@ -635,6 +637,19 @@ name = "ryu"
version = "1.0.3" version = "1.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
[[package]]
name = "semver"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
dependencies = [
"semver-parser 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
]
[[package]]
name = "semver-parser"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
[[package]] [[package]]
name = "serde" name = "serde"
version = "1.0.105" version = "1.0.105"
@ -871,8 +886,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
"checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" "checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
"checksum lazycell 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b294d6fa9ee409a054354afc4352b0b9ef7ca222c69b8812cbea9e7d2bf3783f" "checksum lazycell 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "b294d6fa9ee409a054354afc4352b0b9ef7ca222c69b8812cbea9e7d2bf3783f"
"checksum libc 0.2.68 (registry+https://github.com/rust-lang/crates.io-index)" = "dea0c0405123bba743ee3f91f49b1c7cfb684eef0da0a50110f758ccf24cdff0" "checksum libc 0.2.68 (registry+https://github.com/rust-lang/crates.io-index)" = "dea0c0405123bba743ee3f91f49b1c7cfb684eef0da0a50110f758ccf24cdff0"
"checksum libcryptsetup-rs 0.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "c0177fd0ec022a5adb247e13e3238309913c28102a811227ad5de6a55697f152" "checksum libcryptsetup-rs 0.3.0 (git+https://github.com/shimunn/libcryptsetup-rs.git?branch=crypt_load_ptr_null)" = "<none>"
"checksum libcryptsetup-rs-sys 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "41ad97fd149ed999fd62201af107021dc3f0afb67610c3fb2a61f4033abd5542" "checksum libcryptsetup-rs-sys 0.1.2 (git+https://github.com/shimunn/libcryptsetup-rs.git?branch=crypt_load_ptr_null)" = "<none>"
"checksum libloading 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f2b111a074963af1d37a139918ac6d49ad1d0d5e47f72fd55388619691a7d753" "checksum libloading 0.5.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f2b111a074963af1d37a139918ac6d49ad1d0d5e47f72fd55388619691a7d753"
"checksum log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)" = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7" "checksum log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)" = "14b6052be84e6b71ab17edffc2eeabf5c2c3ae1fdb464aae35ac50c67a44e1f7"
"checksum memchr 2.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400" "checksum memchr 2.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "3728d817d99e5ac407411fa471ff9800a778d88a24685968b36824eaf4bee400"
@ -911,6 +926,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
"checksum rustc-hash 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" "checksum rustc-hash 1.1.0 (registry+https://github.com/rust-lang/crates.io-index)" = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2"
"checksum rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)" = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda" "checksum rustc-serialize 0.3.24 (registry+https://github.com/rust-lang/crates.io-index)" = "dcf128d1287d2ea9d80910b5f1120d0b8eede3fbf1abe91c40d39ea7d51e6fda"
"checksum ryu 1.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "535622e6be132bccd223f4bb2b8ac8d53cda3c7a6394944d3b2b33fb974f9d76" "checksum ryu 1.0.3 (registry+https://github.com/rust-lang/crates.io-index)" = "535622e6be132bccd223f4bb2b8ac8d53cda3c7a6394944d3b2b33fb974f9d76"
"checksum semver 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)" = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403"
"checksum semver-parser 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)" = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3"
"checksum serde 1.0.105 (registry+https://github.com/rust-lang/crates.io-index)" = "e707fbbf255b8fc8c3b99abb91e7257a622caeb20a9818cbadbeeede4e0932ff" "checksum serde 1.0.105 (registry+https://github.com/rust-lang/crates.io-index)" = "e707fbbf255b8fc8c3b99abb91e7257a622caeb20a9818cbadbeeede4e0932ff"
"checksum serde_json 1.0.48 (registry+https://github.com/rust-lang/crates.io-index)" = "9371ade75d4c2d6cb154141b9752cf3781ec9c05e0e5cf35060e1e70ee7b9c25" "checksum serde_json 1.0.48 (registry+https://github.com/rust-lang/crates.io-index)" = "9371ade75d4c2d6cb154141b9752cf3781ec9c05e0e5cf35060e1e70ee7b9c25"
"checksum shlex 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7fdf1b9db47230893d76faad238fd6097fd6d6a9245cd7a4d90dbd639536bbd2" "checksum shlex 0.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "7fdf1b9db47230893d76faad238fd6097fd6d6a9245cd7a4d90dbd639536bbd2"

2
Cargo.toml
View File

@ -22,7 +22,7 @@ ring = "0.13.5"
failure = "0.1.5" failure = "0.1.5"
rpassword = "4.0.1" rpassword = "4.0.1"
structopt = "0.3.2" structopt = "0.3.2"
libcryptsetup-rs = "0.2.0" libcryptsetup-rs = { git = "https://github.com/shimunn/libcryptsetup-rs.git", branch = "crypt_load_ptr_null" }
[profile.release] [profile.release]
lto = true lto = true

31
src/luks.rs
View File

@ -1,21 +1,11 @@
use crate::error::*; use crate::error::*;
use libcryptsetup_rs::{CryptActivateFlags, CryptDevice, CryptInit, EncryptionFormat, KeyslotInfo}; use libcryptsetup_rs::{CryptActivateFlags, CryptDevice, CryptInit, KeyslotInfo};
use std::path::Path; use std::path::Path;
fn load_device_handle<P: AsRef<Path>>(path: P) -> Fido2LuksResult<CryptDevice> { fn load_device_handle<P: AsRef<Path>>(path: P) -> Fido2LuksResult<CryptDevice> {
let mut device = CryptInit::init(path.as_ref())?; let mut device = CryptInit::init(path.as_ref())?;
//TODO: determine luks version some way other way than just trying Ok(device.context_handle().load::<()>(None, None).map(|_| device)?)
let mut load = |format| device.context_handle().load::<()>(format, None).map(|_| ());
vec![EncryptionFormat::Luks2, EncryptionFormat::Luks1]
.into_iter()
.fold(None, |res, format| match res {
Some(Ok(())) => res,
Some(e) => Some(e.or(load(format))),
None => Some(load(format)),
})
.unwrap()?;
Ok(device)
} }
pub fn open_container<P: AsRef<Path>>(path: P, name: &str, secret: &[u8]) -> Fido2LuksResult<()> { pub fn open_container<P: AsRef<Path>>(path: P, name: &str, secret: &[u8]) -> Fido2LuksResult<()> {
@ -34,32 +24,31 @@ pub fn add_key<P: AsRef<Path>>(
iteration_time: Option<u64>, iteration_time: Option<u64>,
) -> Fido2LuksResult<u32> { ) -> Fido2LuksResult<u32> {
let mut device = load_device_handle(path)?; let mut device = load_device_handle(path)?;
// Set iteration time not sure wether this applies to luks2 as well
if let Some(millis) = iteration_time { if let Some(millis) = iteration_time {
device.settings_handle().set_iteration_time(millis) device.settings_handle().set_iteration_time(millis)
} }
let slot = device let slot = device
.keyslot_handle(None) .keyslot_handle()
.add_by_passphrase(old_secret, secret)?; .add_by_passphrase(None,old_secret, secret)?;
Ok(slot) Ok(slot)
} }
pub fn remove_keyslots<P: AsRef<Path>>(path: P, exclude: &[u32]) -> Fido2LuksResult<u32> { pub fn remove_keyslots<P: AsRef<Path>>(path: P, exclude: &[u32]) -> Fido2LuksResult<u32> {
let mut device = load_device_handle(path)?; let mut device = load_device_handle(path)?;
let mut handle; let mut handle = device.keyslot_handle();
let mut destroyed = 0; let mut destroyed = 0;
//TODO: detect how many keyslots there are instead of trying within a given range //TODO: detect how many keyslots there are instead of trying within a given range
for slot in 0..1024 { for slot in 0..1024 {
handle = device.keyslot_handle(Some(slot));
match handle.status()? { match handle.status(slot)? {
KeyslotInfo::Inactive => continue, KeyslotInfo::Inactive => continue,
KeyslotInfo::Active if !exclude.contains(&slot) => { KeyslotInfo::Active if !exclude.contains(&slot) => {
handle.destroy()?; handle.destroy(slot)?;
destroyed += 1; destroyed += 1;
} }
_ => (), _ => (),
} }
match handle.status()? { match handle.status(slot)? {
KeyslotInfo::ActiveLast => break, KeyslotInfo::ActiveLast => break,
_ => (), _ => (),
} }
@ -79,6 +68,6 @@ pub fn replace_key<P: AsRef<Path>>(
device.settings_handle().set_iteration_time(millis) device.settings_handle().set_iteration_time(millis)
} }
Ok(device Ok(device
.keyslot_handle(None) .keyslot_handle()
.change_by_passphrase(None, None, old_secret, secret)? as u32) .change_by_passphrase(None, None, old_secret, secret)? as u32)
} }