eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 19:00:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Support keyfile offset and keyfile size option even for plain volumes.

Browse Source 
For historic reasons, in the plain mode the hashing is not used
if keyfile is used (with exception of --key-file=-).

Print warning if the parameters are ignored.

For other cases, uses keyfile offset, keyfile size and hash
as psecified on commandline.

Partially fixes issue#243
This commit is contained in:
Milan Broz
2015-02-04 15:37:41 +01:00
parent 6d51e8ab69
commit 31a4d552a2
4 changed files with 62 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/utils_device.c
View File

@@ -46,6 +46,9 @@ static int device_ready(const char *device)
int devfd, r = 0; int devfd, r = 0;
struct stat st; struct stat st;
//FIXME: check if device allows to use O_DIRECT
// not only on open but also on read (with offset 0)
log_dbg("Trying to open and read device %s.", device); log_dbg("Trying to open and read device %s.", device);
devfd = open(device, O_RDONLY); devfd = open(device, O_RDONLY);
if (devfd < 0) { if (devfd < 0) {

12
man/cryptsetup.8
View File

@@ -882,7 +882,7 @@ of the used cipher, or the size specified with \-s.
\fBFrom stdin\fR: Reading will continue until a newline (or until \fBFrom stdin\fR: Reading will continue until a newline (or until
the maximum input size is reached), with the trailing newline the maximum input size is reached), with the trailing newline
stripped. The maximum input size is defined by the same stripped. The maximum input size is defined by the same
compiled-in default as for the maximum key file size and can compiled-in default as for the maximum key file size and can
be overwritten using \-\-keyfile-size option. be overwritten using \-\-keyfile-size option.
The data read will be hashed with the default hash The data read will be hashed with the default hash
@@ -904,8 +904,16 @@ less than the key size.
\fBFrom a key file\fR: It will be truncated to the \fBFrom a key file\fR: It will be truncated to the
key size of the used cipher or the size given by \-s key size of the used cipher or the size given by \-s
and directly used as binary key. and directly used as binary key.
if the key file is shorter than the key, cryptsetup
\fBWARNING\fR: The \-\-hash argument is being ignored.
The \-\-hash option is usable only for stdin input in plain mode.
If the key file is shorter than the key, cryptsetup
will quit with an error. will quit with an error.
The maximum input size is defined by the same
compiled-in default as for the maximum key file size and can
be overwritten using \-\-keyfile-size option.
.SH NOTES ON PASSPHRASE PROCESSING FOR LUKS .SH NOTES ON PASSPHRASE PROCESSING FOR LUKS
LUKS uses PBKDF2 to protect against dictionary attacks LUKS uses PBKDF2 to protect against dictionary attacks

42
src/cryptsetup.c
View File

@@ -106,19 +106,9 @@ static int action_open_plain(void)
size_t passwordLen; size_t passwordLen;
size_t key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8; size_t key_size = (opt_key_size ?: DEFAULT_PLAIN_KEYBITS) / 8;
uint32_t activate_flags = 0; uint32_t activate_flags = 0;
int keyfile_limited = 0;
int r; int r;
if (params.hash && !strcmp(params.hash, "plain"))
params.hash = NULL;
/* FIXME: temporary hack */
if (opt_key_file && strcmp(opt_key_file, "-"))
params.hash = NULL;
if ((opt_keyfile_offset || opt_keyfile_size) && opt_key_file)
log_std(_("Ignoring keyfile offset and size options, keyfile read "
"size is always the same as encryption key size.\n"));
r = crypt_parse_name_and_mode(opt_cipher ?: DEFAULT_CIPHER(PLAIN), r = crypt_parse_name_and_mode(opt_cipher ?: DEFAULT_CIPHER(PLAIN),
cipher, NULL, cipher_mode); cipher, NULL, cipher_mode);
if (r < 0) { if (r < 0) {
@@ -126,6 +116,24 @@ static int action_open_plain(void)
goto out; goto out;
} }
if (opt_key_file && strcmp(opt_key_file, "-") != 0)
keyfile_limited = 1;
/* FIXME: temporary hack, no hashing for keyfiles in plain mode */
if (opt_key_file && keyfile_limited) {
params.hash = NULL;
if (!opt_batch_mode && opt_hash)
log_std(_("WARNING: The --hash parameter is being ignored "
"in plain mode with keyfile specified.\n"));
}
if (params.hash && !strcmp(params.hash, "plain"))
params.hash = NULL;
if (!opt_batch_mode && !params.hash && opt_key_file && keyfile_limited && opt_keyfile_size)
log_std(_("WARNING: The --keyfile-size option is being ignored, "
"the read size is the same as the encryption key size.\n"));
if ((r = crypt_init(&cd, action_argv[0]))) if ((r = crypt_init(&cd, action_argv[0])))
goto out; goto out;
@@ -150,13 +158,17 @@ static int action_open_plain(void)
if (opt_allow_discards) if (opt_allow_discards)
activate_flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS; activate_flags |= CRYPT_ACTIVATE_ALLOW_DISCARDS;
if (opt_key_file) if (opt_key_file) {
/* With hashing, read the whole keyfile */ /* If no hash, key is read directly, read size is always key_size
* (possible opt_keyfile_size is ignored.
* If hash is specified, opt_keyfile_size is applied.
* The opt_keyfile_offset is applied always.
*/
r = crypt_activate_by_keyfile_offset(cd, action_argv[1], r = crypt_activate_by_keyfile_offset(cd, action_argv[1],
CRYPT_ANY_SLOT, opt_key_file, CRYPT_ANY_SLOT, opt_key_file,
params.hash ? 0 : key_size, 0, params.hash ? opt_keyfile_size : key_size, opt_keyfile_offset,
activate_flags); activate_flags);
else { } else {
r = tools_get_key(_("Enter passphrase: "), r = tools_get_key(_("Enter passphrase: "),
&password, &passwordLen, &password, &passwordLen,
opt_keyfile_offset, opt_keyfile_size, opt_keyfile_offset, opt_keyfile_size,

24
tests/password-hash-test
View File

@@ -26,13 +26,14 @@ function fail()
cleanup 2 cleanup 2
} }
crypt_key() # hash keysize pwd/file name outkey [limit] crypt_key() # hash keysize pwd/file name outkey [limit] [offset]
{ {
DEV2=$DEV_NAME"_x" DEV2=$DEV_NAME"_x"
LIMIT="" LIMIT=""
MODE=aes-cbc-essiv:sha256 MODE=aes-cbc-essiv:sha256
[ $2 -gt 256 ] && MODE=aes-xts-plain [ $2 -gt 256 ] && MODE=aes-xts-plain
[ -n "$6" ] && LIMIT="-l $6" [ -n "$6" ] && LIMIT="-l $6"
[ -n "$7" ] && LIMIT="$LIMIT --keyfile-offset $7"
echo -n "HASH: $1 KSIZE: $2 / $3" echo -n "HASH: $1 KSIZE: $2 / $3"
case "$3" in case "$3" in
@@ -52,8 +53,12 @@ crypt_key() # hash keysize pwd/file name outkey [limit]
cat $4 | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null cat $4 | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
ret=$? ret=$?
;; ;;
cat-)
cat $4 | $CRYPTSETUP create -c $MODE -h $1 -s $2 $LIMIT $DEV2 -d - /dev/mapper/$DEV_NAME 2>/dev/null
ret=$?
;;
file) file)
$CRYPTSETUP create -c $MODE -d $4 -h $1 -s $2 $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null $CRYPTSETUP create -q -c $MODE -d $4 -h $1 -s $2 $DEV2 /dev/mapper/$DEV_NAME 2>/dev/null
ret=$? ret=$?
;; ;;
failpwd) failpwd)
@@ -126,6 +131,7 @@ echo -n -e "0123456789abcdef\n\x01\x00\x03\xff\xff\r\xff\xff\n\r" \
"2352j3rkjhadcfasc823rqaw7e1 3dq sdq3d 2dkjqw3h2=====" >$KEY_FILE "2352j3rkjhadcfasc823rqaw7e1 3dq sdq3d 2dkjqw3h2=====" >$KEY_FILE
KEY_FILE_HEX="303132333435363738396162636465660a010003ffff0dffff0a0d20323335326a33726b6a686164636661736338323372716177376531203364712073647133" KEY_FILE_HEX="303132333435363738396162636465660a010003ffff0dffff0a0d20323335326a33726b6a686164636661736338323372716177376531203364712073647133"
# ignore hash if keyfile is specified
crypt_key ripemd160 256 file $KEY_FILE ${KEY_FILE_HEX:0:64} crypt_key ripemd160 256 file $KEY_FILE ${KEY_FILE_HEX:0:64}
crypt_key sha256 256 file $KEY_FILE ${KEY_FILE_HEX:0:64} crypt_key sha256 256 file $KEY_FILE ${KEY_FILE_HEX:0:64}
crypt_key sha256 128 file $KEY_FILE ${KEY_FILE_HEX:0:32} crypt_key sha256 128 file $KEY_FILE ${KEY_FILE_HEX:0:32}
@@ -134,8 +140,22 @@ crypt_key sha256 512 file $KEY_FILE $KEY_FILE_HEX
# stdin can be limited # stdin can be limited
crypt_key plain 128 cat /dev/zero 00000000000000000000000000000000 16 crypt_key plain 128 cat /dev/zero 00000000000000000000000000000000 16
crypt_key plain 128 cat /dev/zero 00000000000000000000000000000000 17 crypt_key plain 128 cat /dev/zero 00000000000000000000000000000000 17
# read key only up to \n
crypt_key plain 128 cat $KEY_FILE ${KEY_FILE_HEX:0:28}0000 14 crypt_key plain 128 cat $KEY_FILE ${KEY_FILE_HEX:0:28}0000 14
# read full key, ignore keyfile length
crypt_key plain 128 cat- $KEY_FILE ${KEY_FILE_HEX:0:32}
crypt_key plain 128 cat- $KEY_FILE ${KEY_FILE_HEX:0:32} 14
# but do not ignore hash if keysgfile is "-"
crypt_key sha256 128 cat- $KEY_FILE f3b827c8a6f159ad8c8ed5bd5ab3f8c5
crypt_key sha256 128 cat- $KEY_FILE f3b827c8a6f159ad8c8ed5bd5ab3f8c5 0
crypt_key sha256 128 cat- $KEY_FILE f3b827c8a6f159ad8c8ed5bd5ab3f8c5 80
crypt_key sha256 128 cat- $KEY_FILE a82c9227cc54c7475620ce85ba1fca1e 14
crypt_key sha256 128 cat- $KEY_FILE 7df3f4a41a33805596be85c781cac3b4 14 2
crypt_key sha256 128 cat- $KEY_FILE ebbe65a178e886ddbb778e0a5538db72 40 40
# limiting plain (no hash) # limiting plain (no hash)
crypt_key plain 256 pwd "xxxxxxxx" 7878787878787878000000000000000000000000000000000000000000000000 crypt_key plain 256 pwd "xxxxxxxx" 7878787878787878000000000000000000000000000000000000000000000000
crypt_key plain:2 256 pwd "xxxxxxxx" 7878000000000000000000000000000000000000000000000000000000000000 crypt_key plain:2 256 pwd "xxxxxxxx" 7878000000000000000000000000000000000000000000000000000000000000