From: John Lane <grub@jelmail.com>
To: grub-devel@gnu.org
Cc: John Lane <john@lane.uk.net>
Subject: [PATCH 5/5] Cryptomount support for hyphens in UUID
Date: Mon, 29 Jun 2015 15:31:00 +0100 [thread overview]
Message-ID: <1435588260-29456-6-git-send-email-grub@jelmail.com> (raw)
In-Reply-To: <1435588260-29456-1-git-send-email-grub@jelmail.com>
From: John Lane <john@lane.uk.net>
---
grub-core/disk/cryptodisk.c | 20 +++++++++++++++++---
grub-core/disk/luks.c | 26 ++++++++------------------
include/grub/cryptodisk.h | 2 ++
3 files changed, 27 insertions(+), 21 deletions(-)
diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
index cd5cfc9..d36d16b 100644
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -113,6 +113,20 @@ gf_mul_be (grub_uint8_t *o, const grub_uint8_t *a, const grub_uint8_t *b)
}
}
+int
+grub_cryptodisk_uuidcmp(char *uuid_a, char *uuid_b)
+{
+ while ((*uuid_a != '\0') && (*uuid_b != '\0'))
+ {
+ while (*uuid_a == '-') uuid_a++;
+ while (*uuid_b == '-') uuid_b++;
+ if (grub_toupper(*uuid_a) != grub_toupper(*uuid_b)) break;
+ uuid_a++;
+ uuid_b++;
+ }
+ return (*uuid_a == '\0') && (*uuid_b == '\0');
+}
+
static gcry_err_code_t
grub_crypto_pcbc_decrypt (grub_crypto_cipher_handle_t cipher,
void *out, void *in, grub_size_t size,
@@ -507,8 +521,8 @@ grub_cryptodisk_open (const char *name, grub_disk_t disk)
if (grub_memcmp (name, "cryptouuid/", sizeof ("cryptouuid/") - 1) == 0)
{
for (dev = cryptodisk_list; dev != NULL; dev = dev->next)
- if (grub_strcasecmp (name + sizeof ("cryptouuid/") - 1, dev->uuid) == 0)
- break;
+ if (grub_cryptodisk_uuidcmp(name + sizeof ("cryptouuid/") - 1, dev->uuid))
+ break;
}
else
{
@@ -739,7 +753,7 @@ grub_cryptodisk_get_by_uuid (const char *uuid)
{
grub_cryptodisk_t dev;
for (dev = cryptodisk_list; dev != NULL; dev = dev->next)
- if (grub_strcasecmp (dev->uuid, uuid) == 0)
+ if (grub_cryptodisk_uuidcmp(dev->uuid, uuid))
return dev;
return NULL;
}
diff --git a/grub-core/disk/luks.c b/grub-core/disk/luks.c
index 4ebe21b..80a7606 100644
--- a/grub-core/disk/luks.c
+++ b/grub-core/disk/luks.c
@@ -68,9 +68,7 @@ configure_ciphers (grub_disk_t disk, const char *check_uuid,
int check_boot, grub_file_t hdr)
{
grub_cryptodisk_t newdev;
- const char *iptr;
struct grub_luks_phdr header;
- char *optr;
char uuid[sizeof (header.uuid) + 1];
char ciphername[sizeof (header.cipherName) + 1];
char ciphermode[sizeof (header.cipherMode) + 1];
@@ -104,22 +102,6 @@ configure_ciphers (grub_disk_t disk, const char *check_uuid,
|| grub_be_to_cpu16 (header.version) != 1)
return NULL;
- optr = uuid;
- for (iptr = header.uuid; iptr < &header.uuid[ARRAY_SIZE (header.uuid)];
- iptr++)
- {
- if (*iptr != '-')
- *optr++ = *iptr;
- }
- *optr = 0;
-
- if (check_uuid && grub_strcasecmp (check_uuid, uuid) != 0)
- {
- grub_dprintf ("luks", "%s != %s\n", uuid, check_uuid);
- return NULL;
- }
-
-
/* Make sure that strings are null terminated. */
grub_memcpy (ciphername, header.cipherName, sizeof (header.cipherName));
ciphername[sizeof (header.cipherName)] = 0;
@@ -127,6 +109,14 @@ configure_ciphers (grub_disk_t disk, const char *check_uuid,
ciphermode[sizeof (header.cipherMode)] = 0;
grub_memcpy (hashspec, header.hashSpec, sizeof (header.hashSpec));
hashspec[sizeof (header.hashSpec)] = 0;
+ grub_memcpy (uuid, header.uuid, sizeof (header.uuid));
+ uuid[sizeof (header.uuid)] = 0;
+
+ if ( check_uuid && ! grub_cryptodisk_uuidcmp(check_uuid, uuid))
+ {
+ grub_dprintf ("luks", "%s != %s\n", uuid, check_uuid);
+ return NULL;
+ }
newdev = grub_cryptodisk_create (disk, uuid, ciphername, ciphermode, hashspec);
diff --git a/include/grub/cryptodisk.h b/include/grub/cryptodisk.h
index 4076412..a564f2c 100644
--- a/include/grub/cryptodisk.h
+++ b/include/grub/cryptodisk.h
@@ -167,4 +167,6 @@ grub_cryptodisk_t grub_cryptodisk_get_by_source_disk (grub_disk_t disk);
grub_cryptodisk_t grub_cryptodisk_create (grub_disk_t disk, char *uuid,
char *ciphername, char *ciphermode, char *digest);
+int
+grub_cryptodisk_uuidcmp(char *uuid_a, char *uuid_b);
#endif
--
2.1.2
next prev parent reply other threads:[~2015-06-29 14:31 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-29 14:30 Cryptomount enhancements - revised John Lane
2015-06-29 14:30 ` [PATCH 1/5] Cryptomount support LUKS detached header John Lane
2015-06-29 14:30 ` [PATCH 2/5] Cryptomount support key files John Lane
2015-06-29 14:30 ` [PATCH 3/5] cryptomount luks allow multiple passphrase attempts John Lane
2015-06-29 14:56 ` John Lane
2015-06-29 14:30 ` [PATCH 4/5] Cryptomount support plain dm-crypt John Lane
2016-02-12 15:19 ` Vladimir 'φ-coder/phcoder' Serbinenko
2015-06-29 14:31 ` John Lane [this message]
2015-06-29 14:52 ` [PATCH 5/5] Cryptomount support for hyphens in UUID John Lane
2015-07-29 3:08 ` Andrei Borzenkov
2015-07-29 6:51 ` John Lane
2015-07-29 16:51 ` Andrei Borzenkov
2015-07-29 18:53 ` John Lane
2015-07-28 18:51 ` Cryptomount enhancements - revised John Lane
2015-07-28 21:38 ` Vladimir 'phcoder' Serbinenko
2015-07-29 6:48 ` John Lane
2015-07-29 17:21 ` Andrei Borzenkov
2015-08-01 16:22 ` John Lane
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1435588260-29456-6-git-send-email-grub@jelmail.com \
--to=grub@jelmail.com \
--cc=grub-devel@gnu.org \
--cc=john@lane.uk.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).