Commit 1a90e355 authored by Arie Peterson's avatar Arie Peterson 🐚
Browse files

Do not remove only active encryption key

When deleting an encryption key, check if there is at least one other
active keyslot, and do not delete if there isn't.
parent 19d3fdb8
/**
* Check if the given keyslot is the only active one.
* @param[in] cd crypto context
* @param[in] keyslot index of encryption key
* @param[out] only_active function result: whether the given keyslot is
the only active one
* @return error string to return to client; or null
when the function was successful.
*/
char * keyslot_only_active(struct crypt_device * cd, const int keyslot,
bool * only_active)
{
int i;
int keyslot_max = crypt_keyslot_max(CRYPT_LUKS1);
if (keyslot_max < 0)
{
return "crypt_keyslot_max failed";
}
// Go through all keyslots.
for (i = 0; i < keyslot_max; i++)
{
// If it's not the given one, check if it's active.
if (i != keyslot && crypt_keyslot_status(cd, i) != CRYPT_SLOT_INACTIVE)
{
*only_active = false;
return NULL;
}
}
// None of the other keyslots is active.
*only_active = true;
return NULL;
}
/**
* Callback function to delete a luks encryption password.
* The keyslot to delete is read from the request URI;
* no request body is necessary.
* @param[in] request incoming HTTP request
* @param[out] response HTTP response to the request
* @param[in] user_data extra data to pass between main thread and callbacks
......@@ -40,6 +77,20 @@ int callback_encryption_keys_delete(const struct _u_request * request,
"initialising encrypted container failed");
}
// Check if this is the only active keyslot.
bool only_active = true;
char * error = keyslot_only_active(cd, keyslot, &only_active);
if (error != NULL)
{
return send_simple_response(response, 500, "error", error);
}
if (only_active)
{
// The keyslot we're asked to delete is the only active one; deny this.
return send_simple_response(response, 500, "error",
"not deleting only active keyslot");
}
// Delete encryption password.
r = crypt_keyslot_destroy(cd, keyslot);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment