summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDavid Härdeman <david@hardeman.nu>2014-03-25 11:05:28 +0100
committerLennart Poettering <lennart@poettering.net>2014-04-24 09:23:57 +0200
commit6131a78b4d247618715e042e14ad682f678d3b32 (patch)
treea7e6cfead6b7ad09ea5b35c70f218d8e95fb1aae /src
parent9fa1de965a0954dcb6d855ebe0513077515a0daa (diff)
Fix keysize handling in cryptsetup (bits vs. bytes)
The command line key-size is in bits but the libcryptsetup API expects bytes. Note that the modulo 8 check is in the original cryptsetup binary as well, so it's no new limitation. (v2: changed the point at which the /= 8 is performed, rebased, removed tabs)
Diffstat (limited to 'src')
-rw-r--r--src/cryptsetup/cryptsetup.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
index a647a94e6e..812b32f6ca 100644
--- a/src/cryptsetup/cryptsetup.c
+++ b/src/cryptsetup/cryptsetup.c
@@ -88,6 +88,13 @@ static int parse_one_option(const char *option) {
return 0;
}
+ if (arg_key_size % 8) {
+ log_error("size= not a multiple of 8, ignoring.");
+ return 0;
+ }
+
+ arg_key_size /= 8;
+
} else if (startswith(option, "key-slot=")) {
arg_type = CRYPT_LUKS1;
@@ -414,7 +421,7 @@ static int attach_luks_or_plain(struct crypt_device *cd,
/* for CRYPT_PLAIN limit reads
* from keyfile to key length, and
* ignore keyfile-size */
- arg_keyfile_size = arg_key_size / 8;
+ arg_keyfile_size = arg_key_size;
/* In contrast to what the name
* crypt_setup() might suggest this
@@ -577,7 +584,7 @@ int main(int argc, char *argv[]) {
else
until = 0;
- arg_key_size = (arg_key_size > 0 ? arg_key_size : 256);
+ arg_key_size = (arg_key_size > 0 ? arg_key_size : (256 / 8));
if (key_file) {
struct stat st;