Add endpoint for adding encryption password

src/api/encryption_keys_post.c

+/**
+ * Callback function to add a luks encryption password.
+ * @param[in]   request   incoming HTTP request
+ * @param[out]  response  HTTP response to the request
+ * @param[in]   user_data extra data to pass between main thread and callbacks
+ * @return                internal status code
+ */
+int callback_encryption_keys_post(const struct _u_request * request,
+    struct _u_response * response, void * user_data)
+{
+    int r;
+
+    // Read in json request body.
+    json_t * json_input = ulfius_get_json_body_request(request, NULL);
+
+    // Read (current) password from request.
+    const char * password;
+    password = json_string_value(json_object_get(json_input, "password"));
+    if (password == NULL)
+    {
+        return send_simple_response(response, 400, "error", "missing password");
+    }
+
+    // Read new password from request.
+    const char * new_password;
+    new_password = json_string_value(json_object_get(json_input,
+        "new-password"));
+    if (new_password == NULL)
+    {
+        return send_simple_response(response, 400, "error",
+            "missing new password");
+    }
+
+    // Initialise encrypted container.
+    struct crypt_device * cd = NULL;
+    r = container_initialise(&cd, DATA_PARTITION_DEVICE, true);
+    if (r < 0)
+    {
+        crypt_free(cd);
+    }
+    if (r != 0)
+    {
+        printf("container_initialise failed with status %d\n", r);
+        return send_simple_response(response, 500, "error",
+            "initialising encrypted container failed");
+    }
+
+    // Add encryption password.
+    r = crypt_keyslot_add_by_passphrase(cd, CRYPT_ANY_SLOT,
+        password, strlen(password), new_password, strlen(new_password));
+  
+    if (r == -1)
+    {
+        // Experience learns that -1 is returned when the password is wrong.
+        return send_simple_response(response, 403, "error",
+           "incorrect password");
+    }
+  
+    if (r < 0)
+    {
+        // Something else went wrong.
+        printf("crypt_keyslot_add_by_passphrase failed with status %d\n", r);
+        return send_simple_response(response, 500, "error",
+            "error changing password");
+    }
+  
+    // If we reach this point, apparently everything went well.
+    return send_simple_response(response, 200, "status", "ok");
+}

src/api/encryption_keys_put.c

@@ -75,7 +75,7 @@ int callback_encryption_keys_put(const struct _u_request * request,
     if (r < 0)
     {
         // Something else went wrong.
-        printf("crypt_keyslot_add_by_passphrase failed with status %d\n", r);
+        printf("crypt_keyslot_change_by_passphrase failed with status %d\n", r);
         return send_simple_response(response, 500, "error",
             "error changing password");
     }

src/cryptops-api.c

@@ -11,6 +11,7 @@
 #include <api/encryption_remove_post.c>
 #include <api/encryption_unlock_post.c>
 #include <api/encryption_keys_get.c>
+#include <api/encryption_keys_post.c>
 #include <api/encryption_keys_put.c>
 #include <api/ssh_keys_get.c>
 #include <api/ssh_keys_put.c>
@@ -58,6 +59,9 @@ int main(int argc, char ** argv)
     ulfius_add_endpoint_by_val(&instance, "GET" , PREFIX,
         "/encryption/keys",
         0, &callback_encryption_keys_get, NULL);
+    ulfius_add_endpoint_by_val(&instance, "POST" , PREFIX,
+        "/encryption/keys",
+        0, &callback_encryption_keys_post, NULL);
     ulfius_add_endpoint_by_val(&instance, "PUT" , PREFIX,
         "/encryption/keys/:slot",
         0, &callback_encryption_keys_put, NULL);