Fix a bug in keyring keyslot context.

It always returned zero upon successful keyslot unlock instead expected unlocked keyslot id.
mbroz · Sep 12, 2024 · 41c72ea · 41c72ea
1 parent e48c74b
commit 41c72ea
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 3 deletions.
diff --git a/lib/keyslot_context.c b/lib/keyslot_context.c
@@ -354,7 +354,7 @@ static int get_luks2_key_by_keyring(struct crypt_device *cd,
 	if (r < 0)
 		kc->error = r;
 
-	return 0;
+	return r;
 }
 
 static int get_luks2_volume_key_by_keyring(struct crypt_device *cd,

diff --git a/tests/api-test-2.c b/tests/api-test-2.c
@@ -5161,7 +5161,7 @@ static void VolumeKeyGet(void)
 	struct crypt_params_luks2 params = {
 		.sector_size = 512
 	};
-	char key[256], key2[256];
+	char key[256], key2[256], key3[256];
 #ifdef KERNEL_KEYRING
 	key_serial_t kid;
 	const struct crypt_token_params_luks2_keyring tparams = {
@@ -5170,14 +5170,17 @@ static void VolumeKeyGet(void)
 #endif
 
 	const char *vk_hex =  "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a"
-			      "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1b";
+			      "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1b",
+		   *vk2_hex = "cb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a"
+			      "cb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1c";
 	size_t key_size = strlen(vk_hex) / 2;
 	const char *cipher = "aes";
 	const char *cipher_mode = "xts-plain64";
 	uint64_t r_payload_offset;
 	struct crypt_keyslot_context *um1, *um2;
 
 	crypt_decode_key(key, vk_hex, key_size);
+	crypt_decode_key(key3, vk2_hex, key_size);
 
 	OK_(prepare_keyfile(KEYFILE1, PASSPHRASE1, strlen(PASSPHRASE1)));
 
@@ -5233,6 +5236,11 @@ static void VolumeKeyGet(void)
 	EQ_(crypt_token_assign_keyslot(cd, 0, 1), 0);
 #endif
 	crypt_keyslot_context_free(um1);
+	OK_(crypt_keyslot_context_init_by_volume_key(cd, key3, key_size, &um1));
+	OK_(crypt_keyslot_context_init_by_passphrase(cd, PASSPHRASE1, strlen(PASSPHRASE1), &um2));
+	EQ_(crypt_keyslot_add_by_keyslot_context(cd, CRYPT_ANY_SLOT, um1, 4, um2, CRYPT_VOLUME_KEY_NO_SEGMENT), 4);
+	crypt_keyslot_context_free(um1);
+	crypt_keyslot_context_free(um2);
 	CRYPT_FREE(cd);
 
 	OK_(crypt_init(&cd, DMDIR H_DEVICE));
@@ -5268,6 +5276,20 @@ static void VolumeKeyGet(void)
 	EQ_(crypt_volume_key_get_by_keyslot_context(cd, CRYPT_ANY_SLOT, key2, &key_size, um1), 1);
 	OK_(memcmp(key, key2, key_size));
 	crypt_keyslot_context_free(um1);
+
+	// unbound keyslot by passphrase in keyring
+	OK_(crypt_keyslot_context_init_by_keyring(cd, KEY_DESC_TEST0, &um1));
+	memset(key2, 0, key_size);
+	EQ_(crypt_volume_key_get_by_keyslot_context(cd, 4, key2, &key_size, um1), 4);
+	OK_(memcmp(key3, key2, key_size));
+	crypt_keyslot_context_free(um1);
+
+	// by passphrase in keyring
+	OK_(crypt_keyslot_context_init_by_keyring(cd, KEY_DESC_TEST0, &um1));
+	memset(key2, 0, key_size);
+	EQ_(crypt_volume_key_get_by_keyslot_context(cd, CRYPT_ANY_SLOT, key2, &key_size, um1), 1);
+	OK_(memcmp(key, key2, key_size));
+	crypt_keyslot_context_free(um1);
 #endif
 	CRYPT_FREE(cd);