2016-09-22 20:47:43 +02:00
|
|
|
/*
|
|
|
|
luksrku - Tool to remotely unlock LUKS disks using TLS.
|
2019-10-19 21:28:26 +02:00
|
|
|
Copyright (C) 2016-2019 Johannes Bauer
|
2016-09-22 20:47:43 +02:00
|
|
|
|
|
|
|
This file is part of luksrku.
|
|
|
|
|
|
|
|
luksrku is free software; you can redistribute it and/or modify
|
|
|
|
it under the terms of the GNU General Public License as published by
|
|
|
|
the Free Software Foundation; this program is ONLY licensed under
|
|
|
|
version 3 of the License, later versions are explicitly excluded.
|
|
|
|
|
|
|
|
luksrku is distributed in the hope that it will be useful,
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
GNU General Public License for more details.
|
|
|
|
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
|
|
along with luksrku; if not, write to the Free Software
|
|
|
|
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
|
|
|
|
Johannes Bauer <JohannesBauer@gmx.de>
|
|
|
|
*/
|
|
|
|
|
2019-10-19 21:28:26 +02:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <string.h>
|
2019-10-20 21:09:41 +02:00
|
|
|
#include <strings.h>
|
2016-09-22 20:40:58 +02:00
|
|
|
#include <stdbool.h>
|
2019-10-19 21:52:34 +02:00
|
|
|
#include <openssl/crypto.h>
|
2016-09-22 20:40:58 +02:00
|
|
|
|
2019-10-19 21:28:26 +02:00
|
|
|
#include "keydb.h"
|
|
|
|
#include "util.h"
|
2019-10-20 17:45:21 +02:00
|
|
|
#include "uuid.h"
|
2019-10-19 21:52:34 +02:00
|
|
|
#include "log.h"
|
2019-10-19 21:28:26 +02:00
|
|
|
|
2021-06-27 00:28:00 +02:00
|
|
|
static unsigned int keydb_getsize_v3_hostcount(unsigned int host_count) {
|
|
|
|
return sizeof(struct keydb_v3_t) + (host_count * sizeof(struct host_entry_v3_t));
|
|
|
|
}
|
|
|
|
|
|
|
|
static unsigned int keydb_getsize_v3(const struct keydb_v3_t *keydb) {
|
|
|
|
return keydb_getsize_v3_hostcount(keydb->host_count);
|
|
|
|
}
|
|
|
|
|
|
|
|
static unsigned int keydb_getsize_v2_hostcount(unsigned int host_count) {
|
|
|
|
return sizeof(struct keydb_v2_t) + (host_count * sizeof(struct host_entry_v2_t));
|
|
|
|
}
|
|
|
|
|
|
|
|
static unsigned int keydb_getsize_v2(const struct keydb_v2_t *keydb) {
|
|
|
|
return keydb_getsize_v2_hostcount(keydb->host_count);
|
|
|
|
}
|
|
|
|
|
2019-10-19 21:52:34 +02:00
|
|
|
static unsigned int keydb_getsize_hostcount(unsigned int host_count) {
|
2021-06-27 00:28:00 +02:00
|
|
|
return keydb_getsize_v3_hostcount(host_count);
|
2019-10-19 21:28:26 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
static unsigned int keydb_getsize(const keydb_t *keydb) {
|
2021-06-27 00:28:00 +02:00
|
|
|
return keydb_getsize_v3(keydb);
|
2019-10-19 21:52:34 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
keydb_t* keydb_new(void) {
|
|
|
|
keydb_t *keydb = calloc(sizeof(keydb_t), 1);
|
|
|
|
keydb->common.keydb_version = KEYDB_CURRENT_VERSION;
|
2019-10-19 21:28:26 +02:00
|
|
|
keydb->server_database = true;
|
2019-10-19 21:52:34 +02:00
|
|
|
return keydb;
|
2019-10-19 21:28:26 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
keydb_t* keydb_export_public(host_entry_t *host) {
|
|
|
|
keydb_t *public_db = keydb_new();
|
2019-10-21 22:47:58 +02:00
|
|
|
if (!public_db) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
public_db->server_database = false;
|
|
|
|
|
|
|
|
if (!keydb_add_host(&public_db, host->host_name)) {
|
|
|
|
keydb_free(public_db);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Copy over whole entry */
|
2021-06-26 23:27:57 +02:00
|
|
|
host_entry_t *public_host = &public_db->hosts[0];
|
2019-10-21 22:47:58 +02:00
|
|
|
*public_host = *host;
|
|
|
|
|
|
|
|
/* But remove all LUKS passphrases of course, this is for the luksrku client */
|
|
|
|
for (unsigned int i = 0; i < host->volume_count; i++) {
|
2021-06-26 23:27:57 +02:00
|
|
|
volume_entry_t *volume = &public_host->volumes[i];
|
2019-10-23 15:56:06 +02:00
|
|
|
memset(volume->luks_passphrase_raw, 0, sizeof(volume->luks_passphrase_raw));
|
2019-10-21 22:47:58 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return public_db;
|
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
void keydb_free(keydb_t *keydb) {
|
2019-10-23 21:54:10 +02:00
|
|
|
if (keydb) {
|
|
|
|
OPENSSL_cleanse(keydb, keydb_getsize(keydb));
|
|
|
|
free(keydb);
|
|
|
|
}
|
2019-10-19 21:28:26 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
volume_entry_t* keydb_get_volume_by_name(host_entry_t *host, const char *devmapper_name) {
|
2019-10-21 21:30:29 +02:00
|
|
|
for (unsigned int i = 0; i < host->volume_count; i++) {
|
2021-06-26 23:27:57 +02:00
|
|
|
volume_entry_t *volume = &host->volumes[i];
|
2019-10-21 22:47:58 +02:00
|
|
|
if (!strncasecmp(volume->devmapper_name, devmapper_name, sizeof(volume->devmapper_name) - 1)) {
|
2019-10-25 17:46:21 +02:00
|
|
|
return volume;
|
2019-10-21 21:30:29 +02:00
|
|
|
}
|
|
|
|
}
|
2019-10-25 17:46:21 +02:00
|
|
|
return NULL;
|
2019-10-21 21:30:29 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
host_entry_t* keydb_get_host_by_name(keydb_t *keydb, const char *host_name) {
|
2019-10-21 21:30:29 +02:00
|
|
|
for (unsigned int i = 0; i < keydb->host_count; i++) {
|
2021-06-26 23:27:57 +02:00
|
|
|
host_entry_t *host = &keydb->hosts[i];
|
2019-10-21 22:47:58 +02:00
|
|
|
if (!strncasecmp(host->host_name, host_name, sizeof(host->host_name) - 1)) {
|
2019-10-25 17:46:21 +02:00
|
|
|
return host;
|
2019-10-21 21:30:29 +02:00
|
|
|
}
|
|
|
|
}
|
2019-10-25 17:46:21 +02:00
|
|
|
return NULL;
|
2019-10-21 21:30:29 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
const volume_entry_t* keydb_get_volume_by_uuid(const host_entry_t *host, const uint8_t uuid[static 16]) {
|
2019-10-25 11:08:20 +02:00
|
|
|
for (unsigned int i = 0; i < host->volume_count; i++) {
|
2021-06-26 23:27:57 +02:00
|
|
|
const volume_entry_t *volume = &host->volumes[i];
|
2019-10-25 11:08:20 +02:00
|
|
|
if (!memcmp(volume->volume_uuid, uuid, 16)) {
|
|
|
|
return volume;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
int keydb_get_host_index(const keydb_t *keydb, const host_entry_t *host) {
|
2019-10-25 17:46:21 +02:00
|
|
|
int index = host - keydb->hosts;
|
|
|
|
if (index < 0) {
|
2019-10-25 11:08:20 +02:00
|
|
|
return -1;
|
2019-10-25 17:46:21 +02:00
|
|
|
} else if ((unsigned int)index >= keydb ->host_count) {
|
2019-10-25 11:08:20 +02:00
|
|
|
return -1;
|
|
|
|
}
|
2019-10-25 17:46:21 +02:00
|
|
|
return index;
|
2019-10-25 11:08:20 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
int keydb_get_volume_index(const host_entry_t *host, const volume_entry_t *volume) {
|
2019-10-25 17:46:21 +02:00
|
|
|
int index = volume - host->volumes;
|
|
|
|
if (index < 0) {
|
|
|
|
return -1;
|
|
|
|
} else if ((unsigned int)index >= host->volume_count) {
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
return index;
|
2019-10-21 21:30:29 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
const host_entry_t* keydb_get_host_by_uuid(const keydb_t *keydb, const uint8_t uuid[static 16]) {
|
2019-10-23 15:28:38 +02:00
|
|
|
for (unsigned int i = 0; i < keydb->host_count; i++) {
|
2021-06-26 23:27:57 +02:00
|
|
|
const host_entry_t *host = &keydb->hosts[i];
|
2019-10-23 15:28:38 +02:00
|
|
|
if (!memcmp(host->host_uuid, uuid, 16)) {
|
|
|
|
return host;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
bool keydb_add_host(keydb_t **keydb, const char *host_name) {
|
2019-10-21 22:47:58 +02:00
|
|
|
if (strlen(host_name) > MAX_HOST_NAME_LENGTH - 1) {
|
|
|
|
log_msg(LLVL_ERROR, "Host name \"%s\" exceeds maximum length of %d characters.", host_name, MAX_HOST_NAME_LENGTH - 1);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
keydb_t *old_keydb = *keydb;
|
2019-10-20 21:09:41 +02:00
|
|
|
if (keydb_get_host_by_name(old_keydb, host_name)) {
|
|
|
|
log_msg(LLVL_ERROR, "Host name \"%s\" already present in key database.", host_name);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
keydb_t *new_keydb = realloc(old_keydb, keydb_getsize_hostcount(old_keydb->host_count + 1));
|
2019-10-19 21:52:34 +02:00
|
|
|
if (!new_keydb) {
|
2019-10-20 17:45:21 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
*keydb = new_keydb;
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
host_entry_t *host = &new_keydb->hosts[new_keydb->host_count];
|
|
|
|
memset(host, 0, sizeof(host_entry_t));
|
2019-10-20 17:45:21 +02:00
|
|
|
if (!uuid_randomize(host->host_uuid)) {
|
|
|
|
/* We keep the reallocation but do not increase the host count */
|
|
|
|
return false;
|
|
|
|
}
|
2019-10-20 21:09:41 +02:00
|
|
|
strncpy(host->host_name, host_name, sizeof(host->host_name) - 1);
|
2019-10-21 21:30:29 +02:00
|
|
|
if (!keydb_rekey_host(host)) {
|
2019-10-20 17:45:21 +02:00
|
|
|
/* We keep the reallocation but do not increase the host count */
|
|
|
|
return false;
|
2019-10-19 21:52:34 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
new_keydb->host_count++;
|
2019-10-20 17:45:21 +02:00
|
|
|
return true;
|
2019-10-19 21:52:34 +02:00
|
|
|
}
|
2019-10-19 21:28:26 +02:00
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
bool keydb_del_host_by_name(keydb_t **keydb, const char *host_name) {
|
|
|
|
keydb_t *old_keydb = *keydb;
|
|
|
|
host_entry_t *host = keydb_get_host_by_name(old_keydb, host_name);
|
2019-10-25 17:46:21 +02:00
|
|
|
if (!host) {
|
2019-10-21 21:30:29 +02:00
|
|
|
log_msg(LLVL_ERROR, "No such host: \"%s\"", host_name);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2019-10-25 17:46:21 +02:00
|
|
|
int host_index = keydb_get_host_index(old_keydb, host);
|
|
|
|
if (host_index < 0) {
|
2021-06-26 22:48:33 +02:00
|
|
|
log_msg(LLVL_FATAL, "Fatal error determining host index for hostname \"%s\".", host_name);
|
2019-10-25 17:46:21 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2019-10-21 21:30:29 +02:00
|
|
|
/* We keep the memory for now and do not realloc */
|
2021-06-26 23:27:57 +02:00
|
|
|
array_remove(old_keydb->hosts, sizeof(host_entry_t), old_keydb->host_count, host_index);
|
2019-10-21 21:30:29 +02:00
|
|
|
old_keydb->host_count--;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
bool keydb_rekey_host(host_entry_t *host) {
|
2019-10-21 21:30:29 +02:00
|
|
|
return buffer_randomize(host->tls_psk, sizeof(host->tls_psk));
|
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
volume_entry_t* keydb_add_volume(host_entry_t *host, const char *devmapper_name, const uint8_t volume_uuid[static 16]) {
|
2019-10-21 22:47:58 +02:00
|
|
|
if (strlen(devmapper_name) > MAX_DEVMAPPER_NAME_LENGTH - 1) {
|
|
|
|
log_msg(LLVL_ERROR, "Device mapper name \"%s\" exceeds maximum length of %d characters.", devmapper_name, MAX_DEVMAPPER_NAME_LENGTH - 1);
|
2019-10-20 21:09:41 +02:00
|
|
|
return false;
|
|
|
|
}
|
2019-10-21 22:47:58 +02:00
|
|
|
|
|
|
|
if (host->volume_count >= MAX_VOLUMES_PER_HOST) {
|
|
|
|
log_msg(LLVL_ERROR, "Host \"%s\" already has maximum number of volumes (%d).", host->host_name, MAX_VOLUMES_PER_HOST);
|
|
|
|
return NULL;
|
|
|
|
}
|
2019-10-20 21:09:41 +02:00
|
|
|
if (keydb_get_volume_by_name(host, devmapper_name)) {
|
|
|
|
log_msg(LLVL_ERROR, "Volume name \"%s\" already present for host \"%s\" entry.", devmapper_name, host->host_name);
|
2019-10-21 22:47:58 +02:00
|
|
|
return NULL;
|
2019-10-20 21:09:41 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
volume_entry_t *volume = &host->volumes[host->volume_count];
|
2019-10-20 21:09:41 +02:00
|
|
|
memcpy(volume->volume_uuid, volume_uuid, 16);
|
|
|
|
strncpy(volume->devmapper_name, devmapper_name, sizeof(volume->devmapper_name) - 1);
|
2019-10-23 15:56:06 +02:00
|
|
|
if (!buffer_randomize(volume->luks_passphrase_raw, sizeof(volume->luks_passphrase_raw))) {
|
2021-06-26 22:48:33 +02:00
|
|
|
log_msg(LLVL_ERROR, "Failed to produce %ld bytes of entropy for LUKS passphrase.", sizeof(volume->luks_passphrase_raw));
|
2019-10-21 22:47:58 +02:00
|
|
|
return NULL;
|
2019-10-20 21:09:41 +02:00
|
|
|
}
|
|
|
|
host->volume_count++;
|
2019-10-21 22:47:58 +02:00
|
|
|
return volume;
|
2019-10-20 21:09:41 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
bool keydb_del_volume(host_entry_t *host, const char *devmapper_name) {
|
|
|
|
volume_entry_t *volume = keydb_get_volume_by_name(host, devmapper_name);
|
2019-10-25 17:46:21 +02:00
|
|
|
if (!volume) {
|
2019-10-21 21:30:29 +02:00
|
|
|
log_msg(LLVL_ERROR, "No such volume \"%s\" for host \"%s\".", devmapper_name, host->host_name);
|
|
|
|
return false;
|
2019-10-20 21:09:41 +02:00
|
|
|
}
|
2019-10-25 17:46:21 +02:00
|
|
|
int index = keydb_get_volume_index(host, volume);
|
|
|
|
if (index < 0) {
|
|
|
|
log_msg(LLVL_FATAL, "Fatal error determining volume index of \"%s\" for host \"%s\".", devmapper_name, host->host_name);
|
|
|
|
return false;
|
|
|
|
}
|
2021-06-26 23:27:57 +02:00
|
|
|
if (!array_remove(host->volumes, sizeof(volume_entry_t), host->volume_count, index)) {
|
2019-10-21 21:30:29 +02:00
|
|
|
log_msg(LLVL_ERROR, "Failed to remove \"%s\" of host \"%s\".", devmapper_name, host->host_name);
|
|
|
|
return false;
|
2019-10-20 21:09:41 +02:00
|
|
|
}
|
2019-10-21 21:30:29 +02:00
|
|
|
host->volume_count--;
|
|
|
|
return true;
|
2019-10-20 21:09:41 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
bool keydb_rekey_volume(volume_entry_t *volume) {
|
2019-10-23 15:56:06 +02:00
|
|
|
return buffer_randomize(volume->luks_passphrase_raw, sizeof(volume->luks_passphrase_raw));
|
2019-10-20 21:09:41 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
bool keydb_get_volume_luks_passphrase(const volume_entry_t *volume, char *dest, unsigned int dest_buffer_size) {
|
2019-10-23 15:56:06 +02:00
|
|
|
return ascii_encode(dest, dest_buffer_size, volume->luks_passphrase_raw, sizeof(volume->luks_passphrase_raw));
|
2019-10-20 21:09:41 +02:00
|
|
|
}
|
|
|
|
|
2021-06-26 23:27:57 +02:00
|
|
|
bool keydb_write(const keydb_t *keydb, const char *filename, const char *passphrase) {
|
2019-10-19 21:52:34 +02:00
|
|
|
enum kdf_t kdf;
|
|
|
|
if ((!passphrase) || (strlen(passphrase) == 0)) {
|
|
|
|
/* For empty password, we can also use garbage KDF */
|
|
|
|
kdf = KDF_PBKDF2_SHA256_1000;
|
|
|
|
} else {
|
2019-10-21 22:47:58 +02:00
|
|
|
kdf = ENCRYPTED_FILE_DEFAULT_KDF;
|
2019-10-19 21:52:34 +02:00
|
|
|
}
|
|
|
|
return write_encrypted_file(filename, keydb, keydb_getsize(keydb), passphrase, kdf);
|
2019-10-19 21:28:26 +02:00
|
|
|
}
|
|
|
|
|
2019-10-21 22:47:58 +02:00
|
|
|
static bool passphrase_callback(char *buffer, unsigned int bufsize) {
|
|
|
|
return query_passphrase("Database passphrase: ", buffer, bufsize);
|
|
|
|
}
|
|
|
|
|
2021-06-27 00:28:00 +02:00
|
|
|
static bool keydb_migrate_v2_to_v3(void **keydb_data, unsigned int *keydb_data_size) {
|
|
|
|
log_msg(LLVL_INFO, "Migrating keydb version 2 to version 3");
|
|
|
|
struct keydb_v2_t *old_db = *((struct keydb_v2_t **)keydb_data);
|
|
|
|
unsigned int new_db_size = keydb_getsize_v3_hostcount(old_db->host_count);
|
|
|
|
struct keydb_v3_t *new_db = calloc(1, new_db_size);
|
|
|
|
if (!new_db) {
|
|
|
|
log_msg(LLVL_ERROR, "keydb migration failed to allocate %d bytes of memory", new_db_size);
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
*new_db = (struct keydb_v3_t) {
|
|
|
|
.common.keydb_version = 3,
|
|
|
|
.server_database = old_db->server_database,
|
|
|
|
.host_count = old_db->host_count,
|
|
|
|
};
|
|
|
|
for (unsigned int i = 0; i < new_db->host_count; i++) {
|
|
|
|
memcpy(&new_db->hosts[i], &old_db->hosts[i], sizeof(old_db->hosts[i]) - sizeof(old_db->hosts[i].volumes));
|
|
|
|
for (unsigned int j = 0; j < new_db->hosts[i].volume_count; j++) {
|
|
|
|
memcpy(&new_db->hosts[i].volumes[j], &old_db->hosts[i].volumes[j], sizeof(old_db->hosts[i].volumes[j]));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
OPENSSL_cleanse(old_db, *keydb_data_size);
|
|
|
|
free(old_db);
|
|
|
|
|
|
|
|
*keydb_data = new_db;
|
|
|
|
*keydb_data_size = new_db_size;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
static keydb_t* keydb_migrate(void **keydb_data, unsigned int *keydb_data_size) {
|
|
|
|
struct keydb_common_header_t *header;
|
|
|
|
|
|
|
|
header = *((struct keydb_common_header_t**)keydb_data);
|
|
|
|
if (header->keydb_version == 2) {
|
|
|
|
if (*keydb_data_size != keydb_getsize_v2(*keydb_data)) {
|
|
|
|
log_msg(LLVL_ERROR, "keydb version 2 has wrong size (%u bytes, but expected %u bytes).", *keydb_data_size, keydb_getsize_v2(*keydb_data));
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
if (!keydb_migrate_v2_to_v3(keydb_data, keydb_data_size)) {
|
|
|
|
log_msg(LLVL_ERROR, "keydb version 2 to 3 migration failed.");
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
header = *((struct keydb_common_header_t**)keydb_data);
|
|
|
|
if (header->keydb_version == 3) {
|
|
|
|
if (*keydb_data_size != keydb_getsize_v3(*keydb_data)) {
|
|
|
|
log_msg(LLVL_ERROR, "keydb version 3 has wrong size (%u bytes, but expected %u bytes).", *keydb_data_size, keydb_getsize_v2(*keydb_data));
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
header = *((struct keydb_common_header_t**)keydb_data);
|
|
|
|
if (header->keydb_version != KEYDB_CURRENT_VERSION) {
|
|
|
|
log_msg(LLVL_ERROR, "keydb could be read, but is of version %u (we expected %u).", header->keydb_version, KEYDB_CURRENT_VERSION);
|
2019-10-19 21:52:34 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
2021-06-27 00:28:00 +02:00
|
|
|
return *((keydb_t**)keydb_data);
|
2019-10-19 21:52:34 +02:00
|
|
|
|
2021-06-27 00:28:00 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
keydb_t* keydb_read(const char *filename) {
|
|
|
|
struct decrypted_file_t decrypted_file = read_encrypted_file(filename, passphrase_callback);
|
|
|
|
if (!decrypted_file.success) {
|
2019-10-19 21:52:34 +02:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2021-06-27 00:28:00 +02:00
|
|
|
keydb_t *keydb = keydb_migrate(&decrypted_file.data, &decrypted_file.data_length);
|
|
|
|
if (!keydb) {
|
2019-10-19 21:52:34 +02:00
|
|
|
OPENSSL_cleanse(decrypted_file.data, decrypted_file.data_length);
|
|
|
|
free(decrypted_file.data);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
return keydb;
|
2019-10-19 21:28:26 +02:00
|
|
|
}
|