From f2a5d4c92a0a48e522992fff041fc29372055299 Mon Sep 17 00:00:00 2001 From: John Baublitz Date: Wed, 22 Jan 2025 10:58:23 -0500 Subject: [PATCH] Add decryption support in V2 crypt handle --- src/engine/strat_engine/crypt/handle/v2.rs | 38 ++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/src/engine/strat_engine/crypt/handle/v2.rs b/src/engine/strat_engine/crypt/handle/v2.rs index ba2b26d625..31f5583828 100644 --- a/src/engine/strat_engine/crypt/handle/v2.rs +++ b/src/engine/strat_engine/crypt/handle/v2.rs @@ -844,6 +844,44 @@ impl CryptHandle { ) } + /// Encrypt an unencrypted pool. + #[allow(dead_code)] + pub fn decrypt(self, pool_uuid: PoolUuid, luks2_path: &Path) -> StratisResult<()> { + let activation_name = format_crypt_backstore_name(&pool_uuid); + let mut device = acquire_crypt_device(luks2_path)?; + let (keyslot, key) = get_passphrase(&mut device, self.encryption_info())? + .either(|(keyslot, _, key)| (keyslot, key), |tup| tup); + device.reencrypt_handle().reencrypt_init_by_passphrase( + Some(&activation_name.to_string()), + key.as_ref(), + Some(keyslot), + None, + None, + CryptParamsReencrypt { + mode: CryptReencryptModeInfo::Decrypt, + direction: CryptReencryptDirectionInfo::Forward, + resilience: "checksum".to_string(), + hash: "sha256".to_string(), + data_shift: 0, + max_hotzone_size: 0, + device_size: 0, + luks2: CryptParamsLuks2 { + data_alignment: 0, + data_device: None, + integrity: None, + integrity_params: None, + pbkdf: None, + label: None, + sector_size: 0, + subsystem: None, + }, + flags: CryptReencrypt::empty(), + }, + )?; + device.reencrypt_handle().reencrypt2::<()>(None, None)?; + Ok(()) + } + /// Deactivate the device referenced by the current device handle. #[cfg(test)] pub fn deactivate(&self) -> StratisResult<()> {