eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix key-size descriptions

Browse Source 
For compatibility reasons, cryptsetup uses key size in BITS
while integritysetup in BYTES.

The help is confusing here, this patch fixes it.

Thanks Daniel Tang for notification.
This commit is contained in:
Milan Broz
2025-11-20 13:09:20 +01:00
parent 8a3e16fa25
commit 153aed3d16
3 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
man/common_options.adoc
View File

@@ -367,8 +367,9 @@ This option is available since the Linux kernel version 6.11.
endif::[]
ifdef::ACTION_LUKSFORMAT[]
*--integrity-key-size* _bytes_::
*--integrity-key-size* _bits_::
The size of the data integrity key.
The argument has to be a multiple of 8.
Configurable only for HMAC integrity.
The default integrity key size is set to the same as the hash output length.
endif::[]

6
src/integritysetup_arg_list.h
View File

@@ -38,7 +38,7 @@ ARG(OPT_INTEGRITY_INLINE, '\0', POPT_ARG_NONE, N_("Use inline integrity mode (HW
ARG(OPT_INTEGRITY_KEY_FILE, '\0', POPT_ARG_STRING, N_("Read the integrity key from a file"), NULL, CRYPT_ARG_STRING, {}, {})
ARG(OPT_INTEGRITY_KEY_SIZE, '\0', POPT_ARG_STRING, N_("The size of the data integrity key"), N_("BITS"), CRYPT_ARG_UINT32, {}, {})
ARG(OPT_INTEGRITY_KEY_SIZE, '\0', POPT_ARG_STRING, N_("The size of the data integrity key"), N_("bytes"), CRYPT_ARG_UINT32, {}, {})
ARG(OPT_INTEGRITY_LEGACY_PADDING, '\0', POPT_ARG_NONE, N_("Use inefficient legacy padding (old kernels)"), NULL, CRYPT_ARG_BOOL, {}, {})
@@ -60,7 +60,7 @@ ARG(OPT_JOURNAL_COMMIT_TIME, '\0', POPT_ARG_STRING, N_("Journal commit time"), N
ARG(OPT_JOURNAL_INTEGRITY, '\0', POPT_ARG_STRING, N_("Journal integrity algorithm"), NULL, CRYPT_ARG_STRING, {}, {})
ARG(OPT_JOURNAL_INTEGRITY_KEY_SIZE, '\0', POPT_ARG_STRING, N_("The size of the journal integrity key"), N_("BITS"), CRYPT_ARG_UINT32, {}, {})
ARG(OPT_JOURNAL_INTEGRITY_KEY_SIZE, '\0', POPT_ARG_STRING, N_("The size of the journal integrity key"), N_("bytes"), CRYPT_ARG_UINT32, {}, {})
ARG(OPT_JOURNAL_INTEGRITY_KEY_FILE, '\0', POPT_ARG_STRING, N_("Read the journal integrity key from a file"), NULL, CRYPT_ARG_STRING, {}, {})
@@ -68,7 +68,7 @@ ARG(OPT_JOURNAL_CRYPT, '\0', POPT_ARG_STRING, N_("Journal encryption algorithm")
ARG(OPT_JOURNAL_CRYPT_KEY_FILE, '\0', POPT_ARG_STRING, N_("Read the journal encryption key from a file"), NULL, CRYPT_ARG_STRING,{}, {})
ARG(OPT_JOURNAL_CRYPT_KEY_SIZE, '\0', POPT_ARG_STRING, N_("The size of the journal encryption key"), N_("BITS"), CRYPT_ARG_UINT32, {}, {})
ARG(OPT_JOURNAL_CRYPT_KEY_SIZE, '\0', POPT_ARG_STRING, N_("The size of the journal encryption key"), N_("bytes"), CRYPT_ARG_UINT32, {}, {})
ARG(OPT_JOURNAL_SIZE, 'j', POPT_ARG_STRING, N_("Journal size"), N_("bytes"), CRYPT_ARG_UINT64, {}, OPT_JOURNAL_SIZE_ACTIONS)

1
src/utils_reencrypt.c
View File

@@ -1914,6 +1914,7 @@ static int reencrypt_luks2_init(struct crypt_device *cd, const char *data_device
new_key_size = ARG_UINT32(OPT_NEW_KEY_SIZE_ID);
if (new_key_size || new_cipher)
/* This will convert new key size to bytes from bits */
new_key_size = get_adjusted_key_size(cipher, mode, new_key_size,
DEFAULT_LUKS1_KEYBITS, 0);
else