1010//!
1111//! It requires to install dependency `libcryptsetup-dev` for ubuntu.
1212
13- use std:: {
14- fs:: { self , OpenOptions } ,
15- path:: Path ,
16- } ;
13+ use std:: path:: Path ;
1714
1815use anyhow:: { bail, Context } ;
1916use libcryptsetup_rs:: consts:: flags:: { CryptActivate , CryptDeactivate , CryptVolumeKey } ;
@@ -32,7 +29,6 @@ const LUKS2_VOLUME_KEY_SIZE_BIT_WITH_INTEGRITY: usize = 768;
3229const LUKS2_VOLUME_KEY_SIZE_BIT_WITHOUT_INTEGRITY : usize = 256 ;
3330
3431const SECTOR_SIZE : u32 = 4096 ;
35- const LUKS2_HEADER_MIN_SIZE_BYTES : u64 = 16 * 1024 * 1024 ;
3632
3733#[ derive( Default ) ]
3834pub struct Luks2Formatter {
@@ -51,7 +47,7 @@ impl Luks2Formatter {
5147 header_path : Option < & str > ,
5248 passphrase : Zeroizing < Vec < u8 > > ,
5349 ) -> anyhow:: Result < ( ) > {
54- let mut device = init_device ( device_path, header_path, true ) ?;
50+ let mut device = init_device ( device_path, header_path) ?;
5551 let mut volume_key_length = LUKS2_VOLUME_KEY_SIZE_BIT_WITHOUT_INTEGRITY / 8 ;
5652 let mut params = CryptParamsLuks2 {
5753 pbkdf : None ,
@@ -90,7 +86,7 @@ impl Luks2Formatter {
9086 name : & str ,
9187 passphrase : Zeroizing < Vec < u8 > > ,
9288 ) -> anyhow:: Result < ( ) > {
93- let mut device = init_device ( device_path, header_path, false ) ?;
89+ let mut device = init_device ( device_path, header_path) ?;
9490
9591 let mut params = CryptParamsLuks2 {
9692 pbkdf : None ,
@@ -137,15 +133,12 @@ impl Luks2Formatter {
137133fn init_device (
138134 device_path : & str ,
139135 header_path : Option < & str > ,
140- create_header : bool ,
141136) -> anyhow:: Result < libcryptsetup_rs:: CryptDevice > {
142137 let data_path = Path :: new ( device_path) ;
143138 let device_paths = match header_path {
144139 Some ( header_path) => {
145140 let header_path = Path :: new ( header_path) ;
146- if create_header {
147- ensure_header_file ( header_path) ?;
148- } else if !header_path. exists ( ) {
141+ if !header_path. exists ( ) {
149142 bail ! (
150143 "LUKS header file not found: {}" ,
151144 header_path. display( )
@@ -159,54 +152,28 @@ fn init_device(
159152 Ok ( CryptInit :: init_with_data_device ( device_paths) ?)
160153}
161154
162- fn ensure_header_file ( header_path : & Path ) -> anyhow:: Result < ( ) > {
163- if header_path. exists ( ) {
164- let size = fs:: metadata ( header_path)
165- . with_context ( || format ! ( "Failed to read header file {}" , header_path. display( ) ) ) ?
166- . len ( ) ;
167- if size < LUKS2_HEADER_MIN_SIZE_BYTES {
168- bail ! (
169- "LUKS header file too small: {} ({} bytes, need at least {} bytes)" ,
170- header_path. display( ) ,
171- size,
172- LUKS2_HEADER_MIN_SIZE_BYTES
173- ) ;
174- }
175- return Ok ( ( ) ) ;
176- }
177-
178- if let Some ( parent) = header_path. parent ( ) {
179- std:: fs:: create_dir_all ( parent)
180- . with_context ( || format ! ( "Failed to create header directory {}" , parent. display( ) ) ) ?;
181- }
182-
183- let file = OpenOptions :: new ( )
184- . create ( true )
185- . write ( true )
186- . open ( header_path)
187- . with_context ( || format ! ( "Failed to create header file {}" , header_path. display( ) ) ) ?;
188- file. set_len ( LUKS2_HEADER_MIN_SIZE_BYTES ) . with_context ( || {
189- format ! (
190- "Failed to size header file {} to {} bytes" ,
191- header_path. display( ) ,
192- LUKS2_HEADER_MIN_SIZE_BYTES
193- )
194- } ) ?;
195- Ok ( ( ) )
196- }
197-
198155#[ cfg( test) ]
199156mod tests {
200- use std:: io:: Write ;
157+ use std:: { fs :: OpenOptions , io:: Write , path :: Path } ;
201158
202159 use serial_test:: serial;
203160 use zeroize:: Zeroizing ;
204161
205162 use crate :: storage:: drivers:: luks2:: Luks2Formatter ;
206163
164+ const HEADER_SIZE_BYTES : u64 = 16 * 1024 * 1024 ;
207165 const TEST_PASSPHRASE : & [ u8 ] = b"test" ;
208166 const NAME : & str = "test" ;
209167
168+ fn create_header_file ( path : & Path ) {
169+ let file = OpenOptions :: new ( )
170+ . create ( true )
171+ . write ( true )
172+ . open ( path)
173+ . unwrap ( ) ;
174+ file. set_len ( HEADER_SIZE_BYTES ) . unwrap ( ) ;
175+ }
176+
210177 #[ test]
211178 #[ serial]
212179 fn encrypt_open_device_no_integrity ( ) {
@@ -261,6 +228,7 @@ mod tests {
261228 let mut bin_file = tempfile:: NamedTempFile :: new ( ) . unwrap ( ) ;
262229 let header_dir = tempfile:: tempdir ( ) . unwrap ( ) ;
263230 let header_path = header_dir. path ( ) . join ( "luks-header" ) ;
231+ create_header_file ( & header_path) ;
264232
265233 bin_file
266234 . as_file_mut ( )
@@ -288,6 +256,7 @@ mod tests {
288256 let mut bin_file = tempfile:: NamedTempFile :: new ( ) . unwrap ( ) ;
289257 let header_dir = tempfile:: tempdir ( ) . unwrap ( ) ;
290258 let header_path = header_dir. path ( ) . join ( "luks-header" ) ;
259+ create_header_file ( & header_path) ;
291260
292261 bin_file
293262 . as_file_mut ( )
@@ -315,7 +284,7 @@ mod tests {
315284 let mut bin_file = tempfile:: NamedTempFile :: new ( ) . unwrap ( ) ;
316285 let header_dir = tempfile:: tempdir ( ) . unwrap ( ) ;
317286 let header_path = header_dir. path ( ) . join ( "luks-header" ) ;
318- std :: fs :: write ( & header_path, b"" ) . unwrap ( ) ;
287+ create_header_file ( & header_path) ;
319288
320289 bin_file
321290 . as_file_mut ( )
@@ -337,6 +306,7 @@ mod tests {
337306 let mut bin_file = tempfile:: NamedTempFile :: new ( ) . unwrap ( ) ;
338307 let header_dir = tempfile:: tempdir ( ) . unwrap ( ) ;
339308 let header_path = header_dir. path ( ) . join ( "luks-header" ) ;
309+ create_header_file ( & header_path) ;
340310
341311 bin_file
342312 . as_file_mut ( )
0 commit comments