Volume Key manipulation

Functions
int	crypt_volume_key_get (struct crypt_device *cd, int keyslot, char *volume_key, size_t *volume_key_size, const char *passphrase, size_t passphrase_size)
int	crypt_volume_key_verify (struct crypt_device *cd, const char *volume_key, size_t volume_key_size)

Detailed Description

Function Documentation

crypt_volume_key_get()

int crypt_volume_key_get	(	struct crypt_device *	cd,
		int	keyslot,
		char *	volume_key,
		size_t *	volume_key_size,
		const char *	passphrase,
		size_t	passphrase_size
	)

Get volume key from crypt device.

Parameters

cd	crypt device handle
keyslot	use this keyslot or CRYPT_ANY_SLOT
volume_key	buffer for volume key
volume_key_size	on input, size of buffer volume_key, on output size of volume_key
passphrase	passphrase used to unlock volume key
passphrase_size	size of passphrase

Returns

unlocked key slot number or negative errno otherwise.

Note

For TCRYPT cipher chain is the volume key concatenated for all ciphers in chain.

For VERITY the volume key means root hash used for activation.

crypt_volume_key_verify()

int crypt_volume_key_verify	(	struct crypt_device *	cd,
		const char *	volume_key,
		size_t	volume_key_size
	)

Verify that provided volume key is valid for crypt device.

Parameters

cd	crypt device handle
volume_key	provided volume key
volume_key_size	size of volume_key

Returns

0 on success or negative errno value otherwise.