From: David Härdeman Date: Tue, 25 Mar 2014 10:05:28 +0000 (+0100) Subject: Fix keysize handling in cryptsetup (bits vs. bytes) X-Git-Tag: v213~320 X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=6131a78b4d247618715e042e14ad682f678d3b32;hp=9fa1de965a0954dcb6d855ebe0513077515a0daa;ds=sidebyside Fix keysize handling in cryptsetup (bits vs. bytes) The command line key-size is in bits but the libcryptsetup API expects bytes. Note that the modulo 8 check is in the original cryptsetup binary as well, so it's no new limitation. (v2: changed the point at which the /= 8 is performed, rebased, removed tabs) --- diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index a647a94e6..812b32f6c 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -88,6 +88,13 @@ static int parse_one_option(const char *option) { return 0; } + if (arg_key_size % 8) { + log_error("size= not a multiple of 8, ignoring."); + return 0; + } + + arg_key_size /= 8; + } else if (startswith(option, "key-slot=")) { arg_type = CRYPT_LUKS1; @@ -414,7 +421,7 @@ static int attach_luks_or_plain(struct crypt_device *cd, /* for CRYPT_PLAIN limit reads * from keyfile to key length, and * ignore keyfile-size */ - arg_keyfile_size = arg_key_size / 8; + arg_keyfile_size = arg_key_size; /* In contrast to what the name * crypt_setup() might suggest this @@ -577,7 +584,7 @@ int main(int argc, char *argv[]) { else until = 0; - arg_key_size = (arg_key_size > 0 ? arg_key_size : 256); + arg_key_size = (arg_key_size > 0 ? arg_key_size : (256 / 8)); if (key_file) { struct stat st;