3 fn check_for_key(key_name: &std::ffi::CStr) -> anyhow::Result<bool> {
4 use crate::keyutils::{self, keyctl_search};
5 let key_name = key_name.to_bytes_with_nul().as_ptr() as *const _;
6 let key_type = c_str!("logon");
9 unsafe { keyctl_search(keyutils::KEY_SPEC_USER_KEYRING, key_type, key_name, 0) };
11 info!("Key has became avaiable");
13 } else if errno::errno().0 != libc::ENOKEY {
14 Err(crate::ErrnoError(errno::errno()).into())
20 fn wait_for_key(uuid: &uuid::Uuid) -> anyhow::Result<()> {
21 let key_name = std::ffi::CString::new(format!("bcachefs:{}", uuid)).unwrap();
23 if check_for_key(&key_name)? {
27 std::thread::sleep(std::time::Duration::from_secs(1));
31 const BCH_KEY_MAGIC: &str = "bch**key";
32 use crate::filesystem::FileSystem;
33 fn ask_for_key(fs: &FileSystem) -> anyhow::Result<()> {
34 use crate::bcachefs::{self, bch2_chacha_encrypt_key, bch_encrypted_key, bch_key};
36 use byteorder::{LittleEndian, ReadBytesExt};
37 use std::os::raw::c_char;
39 let key_name = std::ffi::CString::new(format!("bcachefs:{}", fs.uuid())).unwrap();
40 if check_for_key(&key_name)? {
44 let bch_key_magic = BCH_KEY_MAGIC.as_bytes().read_u64::<LittleEndian>().unwrap();
45 let crypt = fs.sb().sb().crypt().unwrap();
46 let pass = rpassword::read_password_from_tty(Some("Enter passphrase: "))?;
47 let pass = std::ffi::CString::new(pass.trim_end())?; // bind to keep the CString alive
48 let mut output: bch_key = unsafe {
49 bcachefs::derive_passphrase(
50 crypt as *const _ as *mut _,
51 pass.as_c_str().to_bytes_with_nul().as_ptr() as *const _,
55 let mut key = crypt.key().clone();
57 bch2_chacha_encrypt_key(
58 &mut output as *mut _,
60 &mut key as *mut _ as *mut _,
61 std::mem::size_of::<bch_encrypted_key>() as u64,
65 Err(anyhow!("chache decryption failure"))
66 } else if key.magic != bch_key_magic {
67 Err(anyhow!("failed to verify the password"))
69 let key_type = c_str!("logon");
71 crate::keyutils::add_key(
73 key_name.as_c_str().to_bytes_with_nul() as *const _
75 &output as *const _ as *const _,
76 std::mem::size_of::<bch_key>() as u64,
77 crate::keyutils::KEY_SPEC_USER_KEYRING,
81 Err(anyhow!("failed to add key to keyring: {}", errno::errno()))
88 pub(crate) fn prepare_key(fs: &FileSystem, password: crate::KeyLocation) -> anyhow::Result<()> {
89 use crate::KeyLocation::*;
92 Fail => Err(anyhow!("no key available")),
93 Wait => Ok(wait_for_key(fs.uuid())?),
94 Ask => ask_for_key(fs),