Remove unused code.

Due to complete shift to device activation via keyslot context, remove all remaining internal code activating device by passphrase or by token.
mbroz · Nov 8, 2024 · 3c5aa4e · 3c5aa4e
1 parent 5e95092
commit 3c5aa4e
Show file tree

Hide file tree

Showing 13 changed files with 164 additions and 807 deletions.
diff --git a/lib/bitlk/bitlk.c b/lib/bitlk/bitlk.c
@@ -1401,34 +1401,6 @@ static int _activate(struct crypt_device *cd,
 	return r;
 }
 
-int BITLK_activate_by_passphrase(struct crypt_device *cd,
-				 const char *name,
-				 const char *password,
-				 size_t passwordLen,
-				 const struct bitlk_metadata *params,
-				 uint32_t flags)
-{
-	int r = 0;
-	struct volume_key *open_fvek_key = NULL;
-
-	r = _activate_check(cd, params);
-	if (r)
-		return r;
-
-	r = BITLK_get_volume_key(cd, password, passwordLen, params, &open_fvek_key);
-	if (r < 0)
-		goto out;
-
-	/* Password verify only */
-	if (!name)
-		goto out;
-
-	r = _activate(cd, name, open_fvek_key, params, flags);
-out:
-	crypt_free_volume_key(open_fvek_key);
-	return r;
-}
-
 int BITLK_activate_by_volume_key(struct crypt_device *cd,
 				 const char *name,
 				 struct volume_key *vk,

diff --git a/lib/bitlk/bitlk.h b/lib/bitlk/bitlk.h
@@ -115,13 +115,6 @@ int BITLK_get_volume_key(struct crypt_device *cd,
 			 const struct bitlk_metadata *params,
 			 struct volume_key **open_fvek_key);
 
-int BITLK_activate_by_passphrase(struct crypt_device *cd,
-				 const char *name,
-				 const char *password,
-				 size_t passwordLen,
-				 const struct bitlk_metadata *params,
-				 uint32_t flags);
-
 int BITLK_activate_by_volume_key(struct crypt_device *cd,
 				 const char *name,
 				 struct volume_key *vk,

diff --git a/lib/fvault2/fvault2.c b/lib/fvault2/fvault2.c
@@ -997,28 +997,6 @@ int FVAULT2_dump(
 	return 0;
 }
 
-int FVAULT2_activate_by_passphrase(
-	struct crypt_device *cd,
-	const char *name,
-	const char *passphrase,
-	size_t passphrase_len,
-	const struct fvault2_params *params,
-	uint32_t flags)
-{
-	int r;
-	struct volume_key *vol_key = NULL;
-
-	r = FVAULT2_get_volume_key(cd, passphrase, passphrase_len, params, &vol_key);
-	if (r < 0)
-		return r;
-
-	if (name)
-	    r = _activate(cd, name, vol_key, params, flags);
-
-	crypt_free_volume_key(vol_key);
-	return r;
-}
-
 int FVAULT2_activate_by_volume_key(
 	struct crypt_device *cd,
 	const char *name,

diff --git a/lib/fvault2/fvault2.h b/lib/fvault2/fvault2.h
@@ -48,14 +48,6 @@ int FVAULT2_dump(
 	struct device *device,
 	const struct fvault2_params *params);
 
-int FVAULT2_activate_by_passphrase(
-	struct crypt_device *cd,
-	const char *name,
-	const char *passphrase,
-	size_t passphrase_len,
-	const struct fvault2_params *params,
-	uint32_t flags);
-
 int FVAULT2_activate_by_volume_key(
 	struct crypt_device *cd,
 	const char *name,

diff --git a/lib/keyslot_context.c b/lib/keyslot_context.c
@@ -8,6 +8,8 @@
 
 #include <errno.h>
 
+#include "bitlk/bitlk.h"
+#include "fvault2/fvault2.h"
 #include "luks1/luks.h"
 #include "luks2/luks2.h"
 #include "keyslot_context.h"
@@ -58,6 +60,44 @@ static int get_luks2_volume_key_by_passphrase(struct crypt_device *cd,
 	return get_luks2_key_by_passphrase(cd, kc, keyslot, CRYPT_DEFAULT_SEGMENT, r_vk);
 }
 
+static int get_bitlk_volume_key_by_passphrase(struct crypt_device *cd,
+	struct crypt_keyslot_context *kc,
+	const struct bitlk_metadata *params,
+	struct volume_key **r_vk)
+{
+	int r;
+
+	assert(cd);
+	assert(kc && kc->type == CRYPT_KC_TYPE_PASSPHRASE);
+	assert(params);
+	assert(r_vk);
+
+	r = BITLK_get_volume_key(cd, kc->u.p.passphrase, kc->u.p.passphrase_size, params, r_vk);
+	if (r < 0)
+		kc->error = r;
+
+	return r;
+}
+
+static int get_fvault2_volume_key_by_passphrase(struct crypt_device *cd,
+	struct crypt_keyslot_context *kc,
+	const struct fvault2_params *params,
+	struct volume_key **r_vk)
+{
+	int r;
+
+	assert(cd);
+	assert(kc && kc->type == CRYPT_KC_TYPE_PASSPHRASE);
+	assert(params);
+	assert(r_vk);
+
+	r = FVAULT2_get_volume_key(cd, kc->u.p.passphrase, kc->u.p.passphrase_size, params, r_vk);
+	if (r < 0)
+		kc->error = r;
+
+	return r;
+}
+
 static int get_passphrase_by_passphrase(struct crypt_device *cd,
 	struct crypt_keyslot_context *kc,
 	const char **r_passphrase,
@@ -160,6 +200,56 @@ static int get_luks1_volume_key_by_keyfile(struct crypt_device *cd,
 	return r;
 }
 
+static int get_bitlk_volume_key_by_keyfile(struct crypt_device *cd,
+	struct crypt_keyslot_context *kc,
+	const struct bitlk_metadata *params,
+	struct volume_key **r_vk)
+{
+	int r;
+	const char *passphrase;
+	size_t passphrase_size;
+
+	assert(cd);
+	assert(kc && kc->type == CRYPT_KC_TYPE_KEYFILE);
+	assert(params);
+	assert(r_vk);
+
+	r = get_passphrase_by_keyfile(cd, kc, &passphrase, &passphrase_size);
+	if (r < 0)
+		return r;
+
+	r = BITLK_get_volume_key(cd, passphrase, passphrase_size, params, r_vk);
+	if (r < 0)
+		kc->error = r;
+
+	return r;
+}
+
+static int get_fvault2_volume_key_by_keyfile(struct crypt_device *cd,
+	struct crypt_keyslot_context *kc,
+	const struct fvault2_params *params,
+	struct volume_key **r_vk)
+{
+	int r;
+	const char *passphrase;
+	size_t passphrase_size;
+
+	assert(cd);
+	assert(kc && kc->type == CRYPT_KC_TYPE_KEYFILE);
+	assert(params);
+	assert(r_vk);
+
+	r = get_passphrase_by_keyfile(cd, kc, &passphrase, &passphrase_size);
+	if (r < 0)
+		return r;
+
+	r = FVAULT2_get_volume_key(cd, passphrase, passphrase_size, params, r_vk);
+	if (r < 0)
+		kc->error = r;
+
+	return r;
+}
+
 static int get_key_by_key(struct crypt_device *cd __attribute__((unused)),
 	struct crypt_keyslot_context *kc,
 	int keyslot __attribute__((unused)),
@@ -198,6 +288,22 @@ static int get_generic_volume_key_by_key(struct crypt_device *cd,
 	return get_key_by_key(cd, kc, -2 /* unused */, -2 /* unused */, r_vk);
 }
 
+static int get_bitlk_volume_key_by_key(struct crypt_device *cd,
+	struct crypt_keyslot_context *kc,
+	const struct bitlk_metadata *params __attribute__((unused)),
+	struct volume_key **r_vk)
+{
+	return get_key_by_key(cd, kc, -2 /* unused */, -2 /* unused */, r_vk);
+}
+
+static int get_fvault2_volume_key_by_key(struct crypt_device *cd,
+	struct crypt_keyslot_context *kc,
+	const struct fvault2_params *params __attribute__((unused)),
+	struct volume_key **r_vk)
+{
+	return get_key_by_key(cd, kc, -2 /* unused */, -2 /* unused */, r_vk);
+}
+
 static int get_generic_signed_key_by_key(struct crypt_device *cd,
 	struct crypt_keyslot_context *kc,
 	struct volume_key **r_vk,
@@ -486,8 +592,8 @@ void crypt_keyslot_context_init_by_key_internal(struct crypt_keyslot_context *kc
 	kc->get_luks1_volume_key = get_volume_key_by_key;
 	kc->get_luks2_volume_key = get_volume_key_by_key;
 	kc->get_plain_volume_key = get_generic_volume_key_by_key;
-	kc->get_bitlk_volume_key = get_generic_volume_key_by_key;
-	kc->get_fvault2_volume_key = get_generic_volume_key_by_key;
+	kc->get_bitlk_volume_key = get_bitlk_volume_key_by_key;
+	kc->get_fvault2_volume_key = get_fvault2_volume_key_by_key;
 	kc->get_verity_volume_key = get_generic_signed_key_by_key;
 	kc->get_integrity_volume_key = get_generic_volume_key_by_key;
 	kc->context_free = key_context_free;
@@ -530,9 +636,12 @@ void crypt_keyslot_context_init_by_passphrase_internal(struct crypt_keyslot_cont
 	kc->type = CRYPT_KC_TYPE_PASSPHRASE;
 	kc->u.p.passphrase = passphrase;
 	kc->u.p.passphrase_size = passphrase_size;
+
 	kc->get_luks2_key = get_luks2_key_by_passphrase;
 	kc->get_luks1_volume_key = get_luks1_volume_key_by_passphrase;
 	kc->get_luks2_volume_key = get_luks2_volume_key_by_passphrase;
+	kc->get_bitlk_volume_key = get_bitlk_volume_key_by_passphrase;
+	kc->get_fvault2_volume_key = get_fvault2_volume_key_by_passphrase;
 	kc->get_passphrase = get_passphrase_by_passphrase;
 	crypt_keyslot_context_init_common(kc);
 }
@@ -559,6 +668,8 @@ void crypt_keyslot_context_init_by_keyfile_internal(struct crypt_keyslot_context
 	kc->get_luks2_key = get_luks2_key_by_keyfile;
 	kc->get_luks1_volume_key = get_luks1_volume_key_by_keyfile;
 	kc->get_luks2_volume_key = get_luks2_volume_key_by_keyfile;
+	kc->get_bitlk_volume_key = get_bitlk_volume_key_by_keyfile;
+	kc->get_fvault2_volume_key = get_fvault2_volume_key_by_keyfile;
 	kc->get_passphrase = get_passphrase_by_keyfile;
 	kc->context_free = keyfile_context_free;
 	crypt_keyslot_context_init_common(kc);
@@ -602,20 +713,6 @@ static void vk_in_keyring_context_free(struct crypt_keyslot_context *kc)
 	free(kc->u.vk_kr.i_key_description);
 }
 
-void crypt_keyslot_context_init_by_vk_in_keyring_internal(struct crypt_keyslot_context *kc,
-	const char *key_description)
-{
-	assert(kc);
-
-	kc->type = CRYPT_KC_TYPE_VK_KEYRING;
-	kc->u.vk_kr.key_description = key_description;
-
-	kc->get_luks2_key = get_key_by_vk_in_keyring;
-	kc->get_luks2_volume_key = get_volume_key_by_vk_in_keyring;
-	kc->context_free = vk_in_keyring_context_free;
-	crypt_keyslot_context_init_common(kc);
-}
-
 void crypt_keyslot_context_destroy_internal(struct crypt_keyslot_context *kc)
 {
 	if (!kc)
@@ -1033,7 +1130,13 @@ static int _crypt_keyslot_context_init_by_vk_in_keyring(const char *key_descript
 		key_description = i_key_description;
 	}
 
-	crypt_keyslot_context_init_by_vk_in_keyring_internal(tmp, key_description);
+	tmp->type = CRYPT_KC_TYPE_VK_KEYRING;
+	tmp->u.vk_kr.key_description = key_description;
+
+	tmp->get_luks2_key = get_key_by_vk_in_keyring;
+	tmp->get_luks2_volume_key = get_volume_key_by_vk_in_keyring;
+	tmp->context_free = vk_in_keyring_context_free;
+	crypt_keyslot_context_init_common(tmp);
 
 	if (self_contained) {
 		tmp->u.vk_kr.i_key_description = i_key_description;

diff --git a/lib/keyslot_context.h b/lib/keyslot_context.h
@@ -14,6 +14,9 @@
 
 #include "internal.h"
 
+struct bitlk_metadata;
+struct fvault2_params;
+
 typedef int (*keyslot_context_get_key) (
 	struct crypt_device *cd,
 	struct crypt_keyslot_context *kc,
@@ -32,6 +35,19 @@ typedef int (*keyslot_context_get_generic_volume_key) (
 	struct crypt_keyslot_context *kc,
 	struct volume_key **r_vk);
 
+typedef int (*keyslot_context_get_bitlk_volume_key) (
+	struct crypt_device *cd,
+	struct crypt_keyslot_context *kc,
+	const struct bitlk_metadata *params,
+	struct volume_key **r_vk);
+
+typedef int (*keyslot_context_get_fvault2_volume_key) (
+	struct crypt_device *cd,
+	struct crypt_keyslot_context *kc,
+	const struct fvault2_params *params,
+	struct volume_key **r_vk);
+
+
 typedef int (*keyslot_context_get_generic_signed_key) (
 	struct crypt_device *cd,
 	struct crypt_keyslot_context *kc,
@@ -113,8 +129,8 @@ struct crypt_keyslot_context {
 	keyslot_context_get_volume_key		get_luks1_volume_key;
 	keyslot_context_get_volume_key		get_luks2_volume_key;
 	keyslot_context_get_generic_volume_key	get_plain_volume_key;
-	keyslot_context_get_generic_volume_key	get_bitlk_volume_key;
-	keyslot_context_get_generic_volume_key	get_fvault2_volume_key;
+	keyslot_context_get_bitlk_volume_key	get_bitlk_volume_key;
+	keyslot_context_get_fvault2_volume_key	get_fvault2_volume_key;
 	keyslot_context_get_generic_signed_key	get_verity_volume_key;
 	keyslot_context_get_generic_volume_key	get_integrity_volume_key;
 	keyslot_context_get_passphrase		get_passphrase;
@@ -152,9 +168,6 @@ void crypt_keyslot_context_init_by_token_internal(struct crypt_keyslot_context *
 void crypt_keyslot_context_init_by_keyring_internal(struct crypt_keyslot_context *kc,
 	const char *key_description);
 
-void crypt_keyslot_context_init_by_vk_in_keyring_internal(struct crypt_keyslot_context *kc,
-	const char *key_description);
-
 const char *keyslot_context_type_string(const struct crypt_keyslot_context *kc);
 
 #endif /* KEYSLOT_CONTEXT_H */