Esempi in C++ (Cpp) per crypt_wipe_device

Linguaggio di programmazione: C++ (Cpp)

Metodo/funzione: crypt_wipe_device

Esempi su hotexamples.com: 2

crypt_wipe_device in C++ (Cpp): 2 esempi trovati. Questi sono i migliori esempi reali in C++ (Cpp) per crypt_wipe_device, estratti da progetti open source. Li puoi valutare, per aiutarci a migliorare la qualità dei nostri esempi.

Esempio n. 1

Mostra file

File: keymanage.c Progetto: mbroz/cryptsetup

int LUKS_wipe_header_areas(struct luks_phdr *hdr,
	struct crypt_device *ctx)
{
	int i, r;
	uint64_t offset, length;
	size_t wipe_block;

	/* Wipe complete header, keyslots and padding areas with zeroes. */
	offset = 0;
	length = (uint64_t)hdr->payloadOffset * SECTOR_SIZE;
	wipe_block = 1024 * 1024;

	/* On detached header or bogus header, wipe at least the first 4k */
	if (length == 0 || length > (LUKS_MAX_KEYSLOT_SIZE * LUKS_NUMKEYS)) {
		length = 4096;
		wipe_block = 4096;
	}

	log_dbg(ctx, "Wiping LUKS areas (0x%06" PRIx64 " - 0x%06" PRIx64") with zeroes.",
		offset, length + offset);

	r = crypt_wipe_device(ctx, crypt_metadata_device(ctx), CRYPT_WIPE_ZERO,
			      offset, length, wipe_block, NULL, NULL);
	if (r < 0)
		return r;

	/* Wipe keyslots areas */
	wipe_block = 1024 * 1024;
	for (i = 0; i < LUKS_NUMKEYS; i++) {
		r = LUKS_keyslot_area(hdr, i, &offset, &length);
		if (r < 0)
			return r;

		/* Ignore too big LUKS1 keyslots here */
		if (length > LUKS_MAX_KEYSLOT_SIZE ||
		    offset > (LUKS_MAX_KEYSLOT_SIZE - length))
			continue;

		if (length == 0 || offset < 4096)
			return -EINVAL;

		log_dbg(ctx, "Wiping keyslot %i area (0x%06" PRIx64 " - 0x%06" PRIx64") with random data.",
			i, offset, length + offset);

		r = crypt_wipe_device(ctx, crypt_metadata_device(ctx), CRYPT_WIPE_RANDOM,
				offset, length, wipe_block, NULL, NULL);
		if (r < 0)
			return r;
	}

	return r;
}

Esempio n. 2

Mostra file

File: keymanage.c Progetto: murali-marimekala/cryptsetup

int LUKS_del_key(unsigned int keyIndex,
		 struct luks_phdr *hdr,
		 struct crypt_device *ctx)
{
	struct device *device = crypt_metadata_device(ctx);
	unsigned int startOffset, endOffset;
	int r;

	r = LUKS_read_phdr(hdr, 1, 0, ctx);
	if (r)
		return r;

	r = LUKS_keyslot_set(hdr, keyIndex, 0);
	if (r) {
		log_err(ctx, _("Key slot %d is invalid, please select keyslot between 0 and %d."),
			keyIndex, LUKS_NUMKEYS - 1);
		return r;
	}

	/* secure deletion of key material */
	startOffset = hdr->keyblock[keyIndex].keyMaterialOffset;
	endOffset = startOffset + AF_split_sectors(hdr->keyBytes, hdr->keyblock[keyIndex].stripes);

	r = crypt_wipe_device(ctx, device, CRYPT_WIPE_SPECIAL, startOffset * SECTOR_SIZE,
			      (endOffset - startOffset) * SECTOR_SIZE,
			      (endOffset - startOffset) * SECTOR_SIZE, NULL, NULL);
	if (r) {
		if (r == -EACCES) {
			log_err(ctx, _("Cannot write to device %s, permission denied."),
				device_path(device));
			r = -EINVAL;
		} else
			log_err(ctx, _("Cannot wipe device %s."),
				device_path(device));
		return r;
	}

	/* Wipe keyslot info */
	memset(&hdr->keyblock[keyIndex].passwordSalt, 0, LUKS_SALTSIZE);
	hdr->keyblock[keyIndex].passwordIterations = 0;

	r = LUKS_write_phdr(hdr, ctx);

	return r;
}