From 349c104792852c1dcf2b402e4a6a9702ac0c5a94 Mon Sep 17 00:00:00 2001
From: Arie Peterson <arie@greenhost.nl>
Date: Wed, 14 Jun 2017 15:33:01 +0200
Subject: [PATCH] Separate out crypt context initialisation

---
 cryptops-api.c | 65 ++++++++++++++++++++++++++++++++++----------------
 1 file changed, 44 insertions(+), 21 deletions(-)

diff --git a/cryptops-api.c b/cryptops-api.c
index ad46f98..e75be96 100644
--- a/cryptops-api.c
+++ b/cryptops-api.c
@@ -49,6 +49,11 @@ static int encryption_unlock
     const char *device_name,
     const char *password
 );
+static int container_initialise
+(
+    struct crypt_device **cd,
+    const char *path
+);
 
 int main(int argc, char **argv)
 {
@@ -287,29 +292,11 @@ static int encryption_unlock
 {
     // Let LUKS initialise the encrypted device.
     struct crypt_device *cd;
-    int r = crypt_init(&cd, path);
-    if (r < 0)
-    {
-        printf("crypt_init() failed for %s.\n", path);
-        printf("status: %d.\n", r);
-        return r;
-    }
-
-    // Load the LUKS header from the block device into the crypt device context.
-    r = crypt_load
-    (
-        cd,          /* crypt device context */
-        CRYPT_LUKS1, /* requested encryption type */
-        NULL         /* additional parameters (not used) */
-    );
-
+    int r = container_initialise(&cd, path);
     if (r < 0)
     {
-        printf
-        (
-            "crypt_load() failed on device %s.\n",
-            crypt_get_device_name(cd)
-        );
+        printf("crypt_load() failed on device %s.\n",
+            crypt_get_device_name(cd));
         crypt_free(cd);
         return r;
     }
@@ -339,3 +326,39 @@ static int encryption_unlock
     crypt_free(cd);
     return 0;
 }
+
+/**
+ * Use cryptsetup to initialise the luks container.
+ * It will not be opened (decrypted) yet, but it does check if the container
+ * seems usable.
+ */
+static int container_initialise
+(
+    struct crypt_device **cd, /* struct to store crypt device context */
+    const char *path          /* path to the encrypted container */
+)
+{
+    // Let LUKS initialise the encrypted device.
+    int r = crypt_init(cd, path);
+    if (r < 0)
+    {
+        printf("crypt_init() failed for %s.\n", path);
+        printf("status: %d.\n", r);
+        return r;
+    }
+
+    // Load the LUKS header from the block device into the crypt device context.
+    r = crypt_load
+    (
+        *cd,         /* crypt device context */
+        CRYPT_LUKS1, /* requested encryption type */
+        NULL         /* additional parameters (not used) */
+    );
+    if (r < 0)
+    {
+        printf("crypt_load() failed on device %s.\n",
+            crypt_get_device_name(*cd));
+    }
+
+    return r;
+}
-- 
GitLab