eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-14 04:10:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow to use backup header for tcrypt format.

Browse Source 
TrueCrypt/VeraCrypt supports backup header, it seems to have
the same format as normal header.

Let's use --header option here, it can be used to unlock data partition
with header backup (open and dump commands).

Fixes: #587.
This commit is contained in:
Milan Broz
2020-09-19 21:23:33 +02:00
parent 9abe126016
commit 418d068470
3 changed files with 7 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
lib/setup.c
View File

@@ -657,7 +657,7 @@ int crypt_set_data_device(struct crypt_device *cd, const char *device)
log_dbg(cd, "Setting ciphertext data device to %s.", device ?: "(none)"); log_dbg(cd, "Setting ciphertext data device to %s.", device ?: "(none)");
if (!isLUKS1(cd->type) && !isLUKS2(cd->type) && !isVERITY(cd->type) && if (!isLUKS1(cd->type) && !isLUKS2(cd->type) && !isVERITY(cd->type) &&
!isINTEGRITY(cd->type)) { !isINTEGRITY(cd->type) && !isTCRYPT(cd->type)) {
log_err(cd, _("This operation is not supported for this device type.")); log_err(cd, _("This operation is not supported for this device type."));
return -EINVAL; return -EINVAL;
} }
@@ -845,11 +845,6 @@ static int _crypt_load_tcrypt(struct crypt_device *cd, struct crypt_params_tcryp
if (!params) if (!params)
return -EINVAL; return -EINVAL;
if (cd->metadata_device) {
log_err(cd, _("Detached metadata device is not supported for this crypt type."));
return -EINVAL;
}
r = init_crypto(cd); r = init_crypto(cd);
if (r < 0) if (r < 0)
return r; return r;

3
man/cryptsetup.8
View File

@@ -717,7 +717,8 @@ a mapping <name>.
\fB<options>\fR can be [\-\-key\-file, \-\-tcrypt\-hidden, \fB<options>\fR can be [\-\-key\-file, \-\-tcrypt\-hidden,
\-\-tcrypt\-system, \-\-tcrypt\-backup, \-\-readonly, \-\-test\-passphrase, \-\-tcrypt\-system, \-\-tcrypt\-backup, \-\-readonly, \-\-test\-passphrase,
\-\-allow-discards, \-\-veracrypt, \-\-veracrypt\-pim, \-\-veracrypt\-query\-pim]. \-\-allow-discards, \-\-veracrypt, \-\-veracrypt\-pim, \-\-veracrypt\-query\-pim,
\-\-header].
The keyfile parameter allows a combination of file content with the The keyfile parameter allows a combination of file content with the
passphrase and can be repeated. Note that using keyfiles is compatible passphrase and can be repeated. Note that using keyfiles is compatible

7
src/cryptsetup.c
View File

@@ -544,7 +544,8 @@ static int action_open_tcrypt(void)
activated_name = opt_test_passphrase ? NULL : action_argv[1]; activated_name = opt_test_passphrase ? NULL : action_argv[1];
if ((r = crypt_init(&cd, action_argv[0]))) r = crypt_init_data_device(&cd, opt_header_device ?: action_argv[0], action_argv[0]);
if (r < 0)
goto out; goto out;
r = tcrypt_load(cd, &params); r = tcrypt_load(cd, &params);
@@ -657,8 +658,8 @@ static int action_tcryptDump(void)
.veracrypt_pim = (opt_veracrypt_pim > 0) ? opt_veracrypt_pim : 0, .veracrypt_pim = (opt_veracrypt_pim > 0) ? opt_veracrypt_pim : 0,
}; };
int r; int r;
r = crypt_init_data_device(&cd, opt_header_device ?: action_argv[0], action_argv[0]);
if ((r = crypt_init(&cd, action_argv[0]))) if (r < 0)
goto out; goto out;
r = tcrypt_load(cd, &params); r = tcrypt_load(cd, &params);