[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index
|
From: |
Daniel Kiper |
|
Subject: |
Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index in user messages. |
|
Date: |
Wed, 2 Dec 2020 18:23:08 +0100 |
|
User-agent: |
NeoMutt/20170113 (1.7.2) |
On Fri, Nov 27, 2020 at 03:03:34AM -0600, Glenn Washburn wrote:
> Use the slot key name in the json array rather than the 0 based index in the
> json array for keyslots, segments, and digests. This is less confusing for
> the end user. For example, say you have a LUKS2 device with a key in slot 1
> and slot 4. When using the password for slot 4 to unlock the device, the
> messages using the index of the keyslot will mention keyslot 1 (its a
> zero-based index). Furthermore, with this change the keyslot number will
> align with the number used to reference the keyslot when using the
> --key-slot argument to cryptsetup. Error messages now distinguish between
> indexes and slot keys. The former include the string "index" in the error
> string, and the later are surrounded in quotes.
This should be split into two separate patches. One should add "index"
to the messages another should add quotes. Well, I am not convinced
that quotes are good differentiators... I would drop them or rephrase
messages to really differentiate indexes and slot keys.
> Signed-off-by: Glenn Washburn <development@efficientek.com>
> ---
> grub-core/disk/luks2.c | 24 ++++++++++++------------
> 1 file changed, 12 insertions(+), 12 deletions(-)
>
> diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
> index ab2c31dcd..c390ea3e6 100644
> --- a/grub-core/disk/luks2.c
> +++ b/grub-core/disk/luks2.c
> @@ -269,7 +269,7 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k,
> grub_luks2_digest_t *d, grub_luks2_s
> grub_json_getuint64 (&k->slot_key, &keyslot, NULL) ||
> grub_json_getchild (&keyslot, &keyslot, 0) ||
> luks2_parse_keyslot (k, &keyslot))
> - return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse keyslot
> %"PRIuGRUB_SIZE, keyslot_idx);
> + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse keyslot index
> %"PRIuGRUB_SIZE, keyslot_idx);
>
> /* Get digest that matches the keyslot. */
> if (grub_json_getvalue (&digests, root, "digests") ||
> @@ -281,13 +281,13 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k,
> grub_luks2_digest_t *d, grub_luks2_s
> grub_json_getuint64 (&d->slot_key, &digest, NULL) ||
> grub_json_getchild (&digest, &digest, 0) ||
> luks2_parse_digest (d, &digest))
> - return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse digest
> %"PRIuGRUB_SIZE, i);
> + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse digest index
> %"PRIuGRUB_SIZE, i);
>
> if ((d->keyslots & (1 << k->slot_key)))
> break;
> }
> if (i == size)
> - return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for keyslot
> %"PRIuGRUB_SIZE, keyslot_idx);
> + return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No digest for keyslot
> \"%"PRIuGRUB_UINT64_T"\"", k->slot_key);
>
> /* Get segment that matches the digest. */
> if (grub_json_getvalue (&segments, root, "segments") ||
> @@ -299,13 +299,13 @@ luks2_get_keyslot (grub_luks2_keyslot_t *k,
> grub_luks2_digest_t *d, grub_luks2_s
> grub_json_getuint64 (&s->slot_key, &segment, NULL) ||
> grub_json_getchild (&segment, &segment, 0) ||
> luks2_parse_segment (s, &segment))
> - return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse segment
> %"PRIuGRUB_SIZE, i);
> + return grub_error (GRUB_ERR_BAD_ARGUMENT, "Could not parse segment
> index %"PRIuGRUB_SIZE, i);
>
> if ((d->segments & (1 << s->slot_key)))
> break;
> }
> if (i == size)
> - return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for digest
> %"PRIuGRUB_SIZE);
> + return grub_error (GRUB_ERR_FILE_NOT_FOUND, "No segment for digest
> \"%"PRIuGRUB_UINT64_T"\"", d->slot_key);
>
> return GRUB_ERR_NONE;
> }
> @@ -601,11 +601,11 @@ luks2_recover_key (grub_disk_t source,
>
> if (keyslot.priority == 0)
> {
> - grub_dprintf ("luks2", "Ignoring keyslot %"PRIuGRUB_SIZE" due to
> priority\n", i);
> + grub_dprintf ("luks2", "Ignoring keyslot %"PRIuGRUB_UINT64_T" due to
> priority\n", keyslot.slot_key);
Quotes are missing?
> continue;
> }
>
> - grub_dprintf ("luks2", "Trying keyslot %"PRIuGRUB_SIZE"\n", i);
> + grub_dprintf ("luks2", "Trying keyslot %"PRIuGRUB_UINT64_T"\n",
> keyslot.slot_key);
Ditto...
> /* Set up disk according to keyslot's segment. */
> crypt->offset_sectors = grub_divmod64 (segment.offset,
> segment.sector_size, NULL);
> @@ -620,16 +620,16 @@ luks2_recover_key (grub_disk_t source,
> (const grub_uint8_t *) passphrase, grub_strlen
> (passphrase));
> if (ret)
> {
> - grub_dprintf ("luks2", "Decryption with keyslot %"PRIuGRUB_SIZE"
> failed: %s\n",
> - i, grub_errmsg);
> + grub_dprintf ("luks2", "Decryption with keyslot %"PRIuGRUB_UINT64_T"
> failed: %s\n",
Ditto and below...
> + keyslot.slot_key, grub_errmsg);
> continue;
> }
>
> ret = luks2_verify_key (&digest, candidate_key, keyslot.key_size);
> if (ret)
> {
> - grub_dprintf ("luks2", "Could not open keyslot %"PRIuGRUB_SIZE":
> %s\n",
> - i, grub_errmsg);
> + grub_dprintf ("luks2", "Could not open keyslot %"PRIuGRUB_UINT64_T":
> %s\n",
> + keyslot.slot_key, grub_errmsg);
> continue;
> }
>
> @@ -637,7 +637,7 @@ luks2_recover_key (grub_disk_t source,
> * TRANSLATORS: It's a cryptographic key slot: one element of an array
> * where each element is either empty or holds a key.
> */
> - grub_printf_ (N_("Slot %"PRIuGRUB_SIZE" opened\n"), i);
> + grub_printf_ (N_("Slot %"PRIuGRUB_UINT64_T" opened\n"),
> keyslot.slot_key);
Daniel
- Re: [PATCH v6 02/12] luks2: Use more intuitive slot key instead of index in user messages.,
Daniel Kiper <=