cryptenroll: move load_volume_key_keyfile() to cryptenroll-password.c

Conceptually a keyfile and a password are pretty much the same thing,
hence put them in the same file.

diff --git a/src/cryptenroll/cryptenroll-password.c b/src/cryptenroll/cryptenroll-password.c
index 0d3da9f2e7435d29508e5590f03251798a234612..f58321063a6a2259a257c712a98cb5496b7b71d8 100644 (file)
--- a/src/cryptenroll/cryptenroll-password.c
+++ b/src/cryptenroll/cryptenroll-password.c
@@ -7,12 +7,51 @@
 #include "env-util.h"
 #include "errno-util.h"
 #include "escape.h"
+#include "fileio.h"
 #include "iovec-util.h"
 #include "log.h"
 #include "password-quality-util.h"
 #include "string-util.h"
 #include "strv.h"
 
+int load_volume_key_keyfile(
+                const EnrollContext *c,
+                struct crypt_device *cd,
+                struct iovec *ret_vk) {
+
+        _cleanup_(erase_and_freep) char *password = NULL;
+        size_t password_len;
+        int r;
+
+        assert_se(c);
+        assert_se(cd);
+        assert_se(ret_vk);
+
+        r = read_full_file_full(
+                        AT_FDCWD,
+                        c->unlock_keyfile,
+                        UINT64_MAX,
+                        SIZE_MAX,
+                        READ_FULL_FILE_SECURE|READ_FULL_FILE_WARN_WORLD_READABLE|READ_FULL_FILE_CONNECT_SOCKET,
+                        NULL,
+                        &password,
+                        &password_len);
+        if (r < 0)
+                return log_error_errno(r, "Reading keyfile %s failed: %m", c->unlock_keyfile);
+
+        r = sym_crypt_volume_key_get(
+                        cd,
+                        CRYPT_ANY_SLOT,
+                        ret_vk->iov_base,
+                        &ret_vk->iov_len,
+                        password,
+                        password_len);
+        if (r < 0)
+                return log_error_errno(r, "Unlocking via keyfile failed: %m");
+
+        return r;
+}
+
 int load_volume_key_password(
                 const EnrollContext *c,
                 struct crypt_device *cd,

diff --git a/src/cryptenroll/cryptenroll-password.h b/src/cryptenroll/cryptenroll-password.h
index 897a8a27910f21483269ea3dba70a391e79de184..35ae1760a8ecd3a8e017ce1342341396d3dfc2fa 100644 (file)
--- a/src/cryptenroll/cryptenroll-password.h
+++ b/src/cryptenroll/cryptenroll-password.h
@@ -4,5 +4,7 @@
 #include "cryptenroll.h"
 #include "shared-forward.h"
 
+int load_volume_key_keyfile(const EnrollContext *c, struct crypt_device *cd, struct iovec *ret_vk);
+
 int load_volume_key_password(const EnrollContext *c, struct crypt_device *cd, struct iovec *ret_vk);
 int enroll_password(const EnrollContext *c, struct crypt_device *cd, const struct iovec *volume_key);

diff --git a/src/cryptenroll/cryptenroll.c b/src/cryptenroll/cryptenroll.c
index cf67973fbf4c97c6ca9611574b163f10b69d9f2a..ce21f450ba9e9c052709164585a06bab5fe7e4ec 100644 (file)
--- a/src/cryptenroll/cryptenroll.c
+++ b/src/cryptenroll/cryptenroll.c
@@ -20,7 +20,6 @@
 #include "cryptenroll-wipe.h"
 #include "cryptsetup-util.h"
 #include "extract-word.h"
-#include "fileio.h"
 #include "format-table.h"
 #include "libfido2-util.h"
 #include "log.h"
@@ -688,44 +687,6 @@ static int check_for_homed(struct crypt_device *cd) {
         return 0;
 }
 
-static int load_volume_key_keyfile(
-                const EnrollContext *c,
-                struct crypt_device *cd,
-                struct iovec *ret_vk) {
-
-        _cleanup_(erase_and_freep) char *password = NULL;
-        size_t password_len;
-        int r;
-
-        assert_se(c);
-        assert_se(cd);
-        assert_se(ret_vk);
-
-        r = read_full_file_full(
-                        AT_FDCWD,
-                        c->unlock_keyfile,
-                        UINT64_MAX,
-                        SIZE_MAX,
-                        READ_FULL_FILE_SECURE|READ_FULL_FILE_WARN_WORLD_READABLE|READ_FULL_FILE_CONNECT_SOCKET,
-                        NULL,
-                        &password,
-                        &password_len);
-        if (r < 0)
-                return log_error_errno(r, "Reading keyfile %s failed: %m", c->unlock_keyfile);
-
-        r = sym_crypt_volume_key_get(
-                        cd,
-                        CRYPT_ANY_SLOT,
-                        ret_vk->iov_base,
-                        &ret_vk->iov_len,
-                        password,
-                        password_len);
-        if (r < 0)
-                return log_error_errno(r, "Unlocking via keyfile failed: %m");
-
-        return r;
-}
-
 int prepare_luks(
                 const EnrollContext *c,
                 struct crypt_device **ret_cd,