From patchwork Fri Feb 15 00:36:01 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sam Mendoza-Jonas X-Patchwork-Id: 1042543 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 440vTl5NbCz9s7T for ; Fri, 15 Feb 2019 11:36:59 +1100 (AEDT) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=mendozajonas.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=mendozajonas.com header.i=@mendozajonas.com header.b="f5H30pG6"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="3Q3SbZ1m"; dkim-atps=neutral Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 440vTl40myzDqXJ for ; Fri, 15 Feb 2019 11:36:59 +1100 (AEDT) X-Original-To: petitboot@lists.ozlabs.org Delivered-To: petitboot@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=mendozajonas.com (client-ip=66.111.4.26; helo=out2-smtp.messagingengine.com; envelope-from=sam@mendozajonas.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=mendozajonas.com Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=mendozajonas.com header.i=@mendozajonas.com header.b="f5H30pG6"; dkim=pass (2048-bit key; unprotected) header.d=messagingengine.com header.i=@messagingengine.com header.b="3Q3SbZ1m"; dkim-atps=neutral Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 440vTB4CnczDqVf for ; Fri, 15 Feb 2019 11:36:30 +1100 (AEDT) Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 5D66822738; Thu, 14 Feb 2019 19:36:28 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute2.internal (MEProxy); Thu, 14 Feb 2019 19:36:28 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= mendozajonas.com; h=from:to:cc:subject:date:message-id :in-reply-to:references:mime-version:content-transfer-encoding; s=fm2; bh=nxP1+KuheNKny5kVglADQTBN0qU4MeTDTjZ0aoQDYw8=; b=f5H30 pG6e+IJL8YM6KmeJjcV18kZI0YXejhXcOUl04guU39vscscbJaMz9NgL1OHZB8jr 05KS6r/2nqYNezv9uBr0ulP3LtE8HD3RI2US2ga8E+DWifEsxMNfKvY3A1FPCkc4 IowPHOrHQSaQTaq5N5IND7xRsUUroX49hyxMjMA/43sxVG6MKFIxPrccXHzdJIfo xNEhS/MlIq5htZxHEVs4XTuCoaDAzCtp/WIfykM9vGqWtYBT44FgELVgxzytoelM fv6C7pIlyrZBSpc5EswixK8BgT5SXv1gTGAspCxHfAUxi2dwK3WbDEVTVO4EJRw/ X2sPV1uv1rLmeXkfw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=nxP1+KuheNKny5kVglADQTBN0qU4MeTDTjZ0aoQDYw8=; b=3Q3SbZ1m CL9SdK754RMz3+u6d/JForzqWYamQOe25KX1YjIs0wuNKd2n2k3gHe8x/Wz7zv5i c7mOzJFYrlQsmtByb16/Pvv52clS9t9bxglSJc/fPM2jJ+NE1VfQGdB1H0QjB2th LFCBjFJMXgUum5oQwQys6tLJfcDsY7dGl9TrYOhYarIn39sKNwXyKyEyeOu4D2dH VYpQKg4j78YNB+OiNhBj7ce5EI/pndFheQsKIfPJAkK0XF/yxuVQREXAKbLcKcs6 EGzGqTOte0vheVDnMnoSsNzrlYzvJynwx1llLQ5Db0WgAtrC6+d/04fg14+A6zsG /q/EoHKOHx8Hkw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledruddtiedgvdduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfquhhtnecuuegrihhlohhuthemucef tddtnecunecujfgurhephffvufffkffojghfggfgsedtkeertdertddtnecuhfhrohhmpe furghmuhgvlhcuofgvnhguohiirgdqlfhonhgrshcuoehsrghmsehmvghnughoiigrjhho nhgrshdrtghomheqnecukfhppeduvddvrdelledrkedvrddutdenucfrrghrrghmpehmrg hilhhfrhhomhepshgrmhesmhgvnhguohiirghjohhnrghsrdgtohhmnecuvehluhhsthgv rhfuihiivgeptd X-ME-Proxy: Received: from v4.ozlabs.ibm.com (unknown [122.99.82.10]) by mail.messagingengine.com (Postfix) with ESMTPA id DD6FCE4046; Thu, 14 Feb 2019 19:36:26 -0500 (EST) From: Samuel Mendoza-Jonas To: petitboot@lists.ozlabs.org Subject: [PATCH 3/5] lib: Add AUTH_MSG_DECRYPT Date: Fri, 15 Feb 2019 11:36:01 +1100 Message-Id: <20190215003603.16285-4-sam@mendozajonas.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190215003603.16285-1-sam@mendozajonas.com> References: <20190215003603.16285-1-sam@mendozajonas.com> MIME-Version: 1.0 X-BeenThere: petitboot@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Petitboot bootloader development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Samuel Mendoza-Jonas Errors-To: petitboot-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org Sender: "Petitboot" Extend the auth_message struct to support the AUTH_MSG_DECRYPT operation, allowing the existing authentications methods to be used for passing a disk password from the UI to pb-discover. In addition add DEVICE_TYPE_LUKS to identify encrypted disk devices. Signed-off-by: Samuel Mendoza-Jonas --- lib/pb-protocol/pb-protocol.c | 17 +++++++++++++++++ lib/pb-protocol/pb-protocol.h | 5 +++++ lib/types/types.c | 6 ++++++ lib/types/types.h | 1 + ui/test/discover-test.c | 2 ++ 5 files changed, 31 insertions(+) diff --git a/lib/pb-protocol/pb-protocol.c b/lib/pb-protocol/pb-protocol.c index b4138bbf..33bd4e6e 100644 --- a/lib/pb-protocol/pb-protocol.c +++ b/lib/pb-protocol/pb-protocol.c @@ -394,6 +394,10 @@ int pb_protocol_authenticate_len(struct auth_message *msg) /* enum + password + password */ return 4 + 4 + optional_strlen(msg->set_password.password) + 4 + optional_strlen(msg->set_password.new_password); + case AUTH_MSG_DECRYPT: + /* enum + password + device id */ + return 4 + 4 + optional_strlen(msg->decrypt_dev.password) + + 4 + optional_strlen(msg->decrypt_dev.device_id); default: pb_log("%s: invalid input\n", __func__); return 0; @@ -750,6 +754,12 @@ int pb_protocol_serialise_authenticate(struct auth_message *msg, pos += pb_protocol_serialise_string(pos, msg->set_password.new_password); break; + case AUTH_MSG_DECRYPT: + pos += pb_protocol_serialise_string(pos, + msg->decrypt_dev.password); + pos += pb_protocol_serialise_string(pos, + msg->decrypt_dev.device_id); + break; default: pb_log("%s: invalid msg\n", __func__); return -1; @@ -1439,6 +1449,13 @@ int pb_protocol_deserialise_authenticate(struct auth_message *msg, &msg->set_password.new_password)) return -1; break; + case AUTH_MSG_DECRYPT: + if (read_string(msg, &pos, &len, &msg->decrypt_dev.password)) + return -1; + if (read_string(msg, &pos, &len, + &msg->decrypt_dev.device_id)) + return -1; + break; default: pb_log("%s: unable to parse\n", __func__); return -1; diff --git a/lib/pb-protocol/pb-protocol.h b/lib/pb-protocol/pb-protocol.h index 1d6c0485..f4975bc8 100644 --- a/lib/pb-protocol/pb-protocol.h +++ b/lib/pb-protocol/pb-protocol.h @@ -40,6 +40,7 @@ enum auth_msg_type { AUTH_MSG_REQUEST, AUTH_MSG_RESPONSE, AUTH_MSG_SET, + AUTH_MSG_DECRYPT, }; struct auth_message { @@ -51,6 +52,10 @@ struct auth_message { char *password; char *new_password; } set_password; + struct { + char *password; + char *device_id; + } decrypt_dev; }; }; diff --git a/lib/types/types.c b/lib/types/types.c index d7f4ead7..f4510e10 100644 --- a/lib/types/types.c +++ b/lib/types/types.c @@ -35,6 +35,8 @@ const char *device_type_display_name(enum device_type type) return _("Network"); case DEVICE_TYPE_ANY: return _("Any"); + case DEVICE_TYPE_LUKS: + return _("Encrypted Device"); case DEVICE_TYPE_UNKNOWN: default: return _("Unknown"); @@ -54,6 +56,8 @@ const char *device_type_name(enum device_type type) return "network"; case DEVICE_TYPE_ANY: return "any"; + case DEVICE_TYPE_LUKS: + return "encrypted"; case DEVICE_TYPE_UNKNOWN: default: return "unknown"; @@ -72,6 +76,8 @@ enum device_type find_device_type(const char *str) return DEVICE_TYPE_NETWORK; if (!strncmp(str, "any", strlen("any"))) return DEVICE_TYPE_ANY; + if (!strncmp(str, "encrypted", strlen("encrypted"))) + return DEVICE_TYPE_LUKS; return DEVICE_TYPE_UNKNOWN; } diff --git a/lib/types/types.h b/lib/types/types.h index 9d83d87d..433a37b2 100644 --- a/lib/types/types.h +++ b/lib/types/types.h @@ -11,6 +11,7 @@ enum device_type { DEVICE_TYPE_USB, DEVICE_TYPE_OPTICAL, DEVICE_TYPE_ANY, + DEVICE_TYPE_LUKS, DEVICE_TYPE_UNKNOWN, }; diff --git a/ui/test/discover-test.c b/ui/test/discover-test.c index f3e7dd8c..6fb14dec 100644 --- a/ui/test/discover-test.c +++ b/ui/test/discover-test.c @@ -16,6 +16,8 @@ static const char *device_type_string(enum device_type type) return "optical"; case DEVICE_TYPE_ANY: return "any"; + case DEVICE_TYPE_LUKS: + return "encrypted"; case DEVICE_TYPE_UNKNOWN: return "unknown"; }