From 46dc5beee988763bff1fdbe8df628f80430d2a1a Mon Sep 17 00:00:00 2001
From: Milan Broz <gmazyland@gmail.com>
Date: Fri, 25 Jan 2019 13:39:08 +0100
Subject: [PATCH] Increase LUKS keysize if XTS mode is used (two internal
 keys).

---
 configure.ac     |  7 +++++++
 src/cryptsetup.c | 13 ++++++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/configure.ac b/configure.ac
index 28da2954..00037280 100644
--- a/configure.ac
+++ b/configure.ac
@@ -564,6 +564,13 @@ CS_STR_WITH([luks1-cipher], [cipher for LUKS1], [aes])
 CS_STR_WITH([luks1-mode],   [cipher mode for LUKS1], [xts-plain64])
 CS_NUM_WITH([luks1-keybits],[key length in bits for LUKS1], [256])
 
+AC_ARG_ENABLE([luks_adjust_xts_keysize], AS_HELP_STRING([--disable-luks-adjust-xts-keysize],
+	[XTS mode requires two keys, double default LUKS keysize if needed]),
+	[], [enable_luks_adjust_xts_keysize=yes])
+if test "x$enable_luks_adjust_xts_keysize" = "xyes"; then
+	AC_DEFINE(ENABLE_LUKS_ADJUST_XTS_KEYSIZE, 1, [XTS mode - double default LUKS keysize if needed])
+fi
+
 CS_STR_WITH([luks2-pbkdf],           [Default PBKDF algorithm (pbkdf2 or argon2i/argon2id) for LUKS2], [argon2i])
 CS_NUM_WITH([luks1-iter-time],       [PBKDF2 iteration time for LUKS1 (in ms)], [2000])
 CS_NUM_WITH([luks2-iter-time],       [Argon2 PBKDF iteration time for LUKS2 (in ms)], [2000])
diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index c0036997..15c60297 100644
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -1141,6 +1141,14 @@ static int action_luksFormat(void)
 			goto out;
 	}
 
+#ifdef ENABLE_LUKS_ADJUST_XTS_KEYSIZE
+	if (!opt_key_size && !strncmp(cipher_mode, "xts-", 4)) {
+		if (DEFAULT_LUKS1_KEYBITS == 128)
+			opt_key_size = 256;
+		else if (DEFAULT_LUKS1_KEYBITS == 256)
+			opt_key_size = 512;
+	}
+#endif
 	keysize = (opt_key_size ?: DEFAULT_LUKS1_KEYBITS) / 8 + integrity_keysize;
 
 	if (opt_random)
@@ -2432,11 +2440,14 @@ static void help(poptContext popt_context,
 		log_std(_("\nDefault compiled-in device cipher parameters:\n"
 			 "\tloop-AES: %s, Key %d bits\n"
 			 "\tplain: %s, Key: %d bits, Password hashing: %s\n"
-			 "\tLUKS1: %s, Key: %d bits, LUKS header hashing: %s, RNG: %s\n"),
+			 "\tLUKS: %s, Key: %d bits, LUKS header hashing: %s, RNG: %s\n"),
 			 DEFAULT_LOOPAES_CIPHER, DEFAULT_LOOPAES_KEYBITS,
 			 DEFAULT_CIPHER(PLAIN), DEFAULT_PLAIN_KEYBITS, DEFAULT_PLAIN_HASH,
 			 DEFAULT_CIPHER(LUKS1), DEFAULT_LUKS1_KEYBITS, DEFAULT_LUKS1_HASH,
 			 DEFAULT_RNG);
+#if defined(ENABLE_LUKS_ADJUST_XTS_KEYSIZE) && DEFAULT_LUKS1_KEYBITS != 512
+		log_std(_("\tLUKS: Default keysize with XTS mode (two internal keys) will be doubled.\n"));
+#endif
 		exit(EXIT_SUCCESS);
 	} else
 		usage(popt_context, EXIT_SUCCESS, NULL, NULL);