[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 1/2] luks2: Improve error reporting when decrypting/verifying key
|
From: |
Patrick Steinhardt |
|
Subject: |
[PATCH 1/2] luks2: Improve error reporting when decrypting/verifying key |
|
Date: |
Tue, 7 Apr 2020 18:02:23 +0200 |
While we already set up error messages in both `luks2_verify_key()` and
`luks2_decrypt_key()`, we do not ever print them. This makes it really
hard to discover why a given key actually failed to decrypt a disk.
Improve this by including the error message in the user-visible output.
---
grub-core/disk/luks2.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/grub-core/disk/luks2.c b/grub-core/disk/luks2.c
index 65c4f0aac..58ac7bae1 100644
--- a/grub-core/disk/luks2.c
+++ b/grub-core/disk/luks2.c
@@ -487,7 +487,7 @@ luks2_decrypt_key (grub_uint8_t *out_key,
ret = grub_disk_read (disk, 0, k->area.offset, k->area.size, split_key);
if (ret)
{
- grub_dprintf ("luks2", "Read error: %s\n", grub_errmsg);
+ grub_error (GRUB_ERR_IO, "luks2", "Read error: %s\n", grub_errmsg);
goto err;
}
@@ -610,14 +610,16 @@ luks2_recover_key (grub_disk_t disk,
(const grub_uint8_t *) passphrase, grub_strlen
(passphrase));
if (ret)
{
- grub_dprintf ("luks2", "Decryption with keyslot %"PRIuGRUB_SIZE"
failed\n", i);
+ grub_dprintf ("luks2", "Decryption with keyslot %"PRIuGRUB_SIZE"
failed: %s\n",
+ i, grub_errmsg);
continue;
}
ret = luks2_verify_key (&digest, candidate_key, keyslot.key_size);
if (ret)
{
- grub_dprintf ("luks2", "Could not open keyslot %"PRIuGRUB_SIZE"\n",
i);
+ grub_dprintf ("luks2", "Could not open keyslot %"PRIuGRUB_SIZE":
%s\n",
+ i, grub_errmsg);
continue;
}
--
2.26.0
signature.asc
Description: PGP signature
- [PATCH 0/2] LUKS2 cleanups, Patrick Steinhardt, 2020/04/07
- [PATCH 1/2] luks2: Improve error reporting when decrypting/verifying key,
Patrick Steinhardt <=
[PATCH 2/2] json: Update jsmn library to get rid of casts, Patrick Steinhardt, 2020/04/07