eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-16 05:10:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Prefer default cipher when reencrypting cipher_null device.

Browse Source 
By default when reencrypting LUKS2 device we regenerate only
the volume key. But if the device was 'encrypted' by cipher_null
this change did not make sense. The key was always empty.

Change the behaviour so that unless user specifies --cipher
parameter on command line, we change data encryption cipher
to default when old segment cipher was cipher_null.
This commit is contained in:
Ondrej Kozina
2021-02-16 17:08:53 +01:00
parent bec7394722
commit 4862c38ca9
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/cryptsetup.c
View File

@@ -3177,6 +3177,11 @@ static int action_reencrypt_luks2(struct crypt_device *cd)
_set_reencryption_flags(&params.flags);
if (!ARG_SET(OPT_CIPHER_ID) && crypt_is_cipher_null(crypt_get_cipher(cd))) {
log_std(_("Switching data encryption cipher to %s.\n"), DEFAULT_CIPHER(LUKS1));
ARG_SET_STR(OPT_CIPHER_ID, strdup(DEFAULT_CIPHER(LUKS1)));
}
if (!ARG_SET(OPT_CIPHER_ID)) {
strncpy(cipher, crypt_get_cipher(cd), MAX_CIPHER_LEN - 1);
strncpy(mode, crypt_get_cipher_mode(cd), MAX_CIPHER_LEN - 1);