eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-15 04:40:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Version 2.7.0.

Browse Source
This commit is contained in:
Milan Broz
2024-01-23 20:16:52 +01:00
parent f11af15cd0
commit 4dde8f078f
8 changed files with 534 additions and 502 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
README.md
View File

@@ -39,21 +39,15 @@ Download
Release notes and tarballs are available at Release notes and tarballs are available at
[kernel.org](https://www.kernel.org/pub/linux/utils/cryptsetup/). [kernel.org](https://www.kernel.org/pub/linux/utils/cryptsetup/).
**The latest stable cryptsetup release candidate version is 2.7.0-rc1** **The latest stable cryptsetup release version is 2.7.0**
* [cryptsetup-2.7.0-rc1.tar.xz](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-2.7.0-rc1.tar.xz) * [cryptsetup-2.7.0.tar.xz](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-2.7.0.tar.xz)
* Signature [cryptsetup-2.7.0-rc1.tar.sign](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-2.7.0-rc1.tar.sign) * Signature [cryptsetup-2.7.0.tar.sign](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/cryptsetup-2.7.0.tar.sign)
_(You need to decompress file first to check signature.)_ _(You need to decompress file first to check signature.)_
* [Cryptsetup 2.7.0-rc1 Release Notes](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-rc1-ReleaseNotes). * [Cryptsetup 2.7.0 Release Notes](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.7/v2.7.0-ReleaseNotes).
**The latest stable cryptsetup release version is 2.6.1**
* [cryptsetup-2.6.1.tar.xz](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-2.6.1.tar.xz)
* Signature [cryptsetup-2.6.1.tar.sign](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-2.6.1.tar.sign)
_(You need to decompress file first to check signature.)_
* [Cryptsetup 2.6.1 Release Notes](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/v2.6.1-ReleaseNotes).
Previous versions Previous versions
* [Version 2.5.0](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.5/cryptsetup-2.5.0.tar.xz) - * [Version 2.6.1](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-2.6.1.tar.xz) -
[Signature](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.5/cryptsetup-2.5.0.tar.sign) - [Signature](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.6/cryptsetup-2.6.1.tar.sign) -
[Release Notes](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.5/v2.5.0-ReleaseNotes). [Release Notes](https://www.kernel.org/pub/linux/utils/cryptsetup/v2.5/v2.5.0-ReleaseNotes).
* [Version 1.7.5](https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-1.7.5.tar.xz) - * [Version 1.7.5](https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-1.7.5.tar.xz) -
[Signature](https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-1.7.5.tar.sign) - [Signature](https://www.kernel.org/pub/linux/utils/cryptsetup/v1.7/cryptsetup-1.7.5.tar.sign) -

2
configure.ac
View File

@@ -1,5 +1,5 @@
AC_PREREQ([2.67]) AC_PREREQ([2.67])
AC_INIT([cryptsetup],[2.7.0-rc1]) AC_INIT([cryptsetup],[2.7.0])
dnl library version from <major>.<minor>.<release>[-<suffix>] dnl library version from <major>.<minor>.<release>[-<suffix>]
LIBCRYPTSETUP_VERSION=$(echo $PACKAGE_VERSION | cut -f1 -d-) LIBCRYPTSETUP_VERSION=$(echo $PACKAGE_VERSION | cut -f1 -d-)

2
docs/Keyring.txt
View File

@@ -33,7 +33,7 @@ activation (or key verification alone).
The volume key(s) (provided the key type is 'user') linked in the user keyring The volume key(s) (provided the key type is 'user') linked in the user keyring
can be later used to activate the device via crypt_activate_by_keyslot_context() can be later used to activate the device via crypt_activate_by_keyslot_context()
with CRYPT_KC_TYPE_VK_KEYRING type keyslot context with CRYPT_KC_TYPE_VK_KEYRING type keyslot context
(aquired by crypt_keyslot_context_init_by_vk_in_keyring()). (acquired by crypt_keyslot_context_init_by_vk_in_keyring()).
Example of how to use volume key linked in custom user keyring from cryptsetup Example of how to use volume key linked in custom user keyring from cryptsetup
utility: utility:

46
docs/doxyfile
View File

@@ -1,4 +1,4 @@
# Doxyfile 1.9.1 # Doxyfile 1.9.8
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# Project related configuration options # Project related configuration options
@@ -10,9 +10,9 @@ PROJECT_BRIEF = "Public cryptsetup API"
PROJECT_LOGO = PROJECT_LOGO =
OUTPUT_DIRECTORY = doxygen_api_docs OUTPUT_DIRECTORY = doxygen_api_docs
CREATE_SUBDIRS = NO CREATE_SUBDIRS = NO
CREATE_SUBDIRS_LEVEL = 8
ALLOW_UNICODE_NAMES = NO ALLOW_UNICODE_NAMES = NO
OUTPUT_LANGUAGE = English OUTPUT_LANGUAGE = English
OUTPUT_TEXT_DIRECTION = None
BRIEF_MEMBER_DESC = YES BRIEF_MEMBER_DESC = YES
REPEAT_BRIEF = YES REPEAT_BRIEF = YES
ABBREVIATE_BRIEF = ABBREVIATE_BRIEF =
@@ -39,6 +39,7 @@ OPTIMIZE_OUTPUT_SLICE = NO
EXTENSION_MAPPING = EXTENSION_MAPPING =
MARKDOWN_SUPPORT = YES MARKDOWN_SUPPORT = YES
TOC_INCLUDE_HEADINGS = 5 TOC_INCLUDE_HEADINGS = 5
MARKDOWN_ID_STYLE = DOXYGEN
AUTOLINK_SUPPORT = YES AUTOLINK_SUPPORT = YES
BUILTIN_STL_SUPPORT = NO BUILTIN_STL_SUPPORT = NO
CPP_CLI_SUPPORT = NO CPP_CLI_SUPPORT = NO
@@ -52,6 +53,7 @@ INLINE_SIMPLE_STRUCTS = NO
TYPEDEF_HIDES_STRUCT = YES TYPEDEF_HIDES_STRUCT = YES
LOOKUP_CACHE_SIZE = 0 LOOKUP_CACHE_SIZE = 0
NUM_PROC_THREADS = 1 NUM_PROC_THREADS = 1
TIMESTAMP = NO
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# Build related configuration options # Build related configuration options
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
@@ -72,6 +74,7 @@ INTERNAL_DOCS = NO
CASE_SENSE_NAMES = YES CASE_SENSE_NAMES = YES
HIDE_SCOPE_NAMES = NO HIDE_SCOPE_NAMES = NO
HIDE_COMPOUND_REFERENCE= NO HIDE_COMPOUND_REFERENCE= NO
SHOW_HEADERFILE = YES
SHOW_INCLUDE_FILES = YES SHOW_INCLUDE_FILES = YES
SHOW_GROUPED_MEMB_INC = NO SHOW_GROUPED_MEMB_INC = NO
FORCE_LOCAL_INCLUDES = NO FORCE_LOCAL_INCLUDES = NO
@@ -101,9 +104,12 @@ QUIET = NO
WARNINGS = YES WARNINGS = YES
WARN_IF_UNDOCUMENTED = YES WARN_IF_UNDOCUMENTED = YES
WARN_IF_DOC_ERROR = YES WARN_IF_DOC_ERROR = YES
WARN_IF_INCOMPLETE_DOC = YES
WARN_NO_PARAMDOC = NO WARN_NO_PARAMDOC = NO
WARN_IF_UNDOC_ENUM_VAL = NO
WARN_AS_ERROR = NO WARN_AS_ERROR = NO
WARN_FORMAT = "$file:$line: $text" WARN_FORMAT = "$file:$line: $text"
WARN_LINE_FORMAT = "at line $line of file $file"
WARN_LOGFILE = WARN_LOGFILE =
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# Configuration options related to the input files # Configuration options related to the input files
@@ -111,6 +117,7 @@ WARN_LOGFILE =
INPUT = doxygen_index.h \ INPUT = doxygen_index.h \
../lib/libcryptsetup.h ../lib/libcryptsetup.h
INPUT_ENCODING = UTF-8 INPUT_ENCODING = UTF-8
INPUT_FILE_ENCODING =
FILE_PATTERNS = FILE_PATTERNS =
RECURSIVE = NO RECURSIVE = NO
EXCLUDE = EXCLUDE =
@@ -126,6 +133,7 @@ FILTER_PATTERNS =
FILTER_SOURCE_FILES = NO FILTER_SOURCE_FILES = NO
FILTER_SOURCE_PATTERNS = FILTER_SOURCE_PATTERNS =
USE_MDFILE_AS_MAINPAGE = USE_MDFILE_AS_MAINPAGE =
FORTRAN_COMMENT_AFTER = 72
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# Configuration options related to source browsing # Configuration options related to source browsing
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
@@ -158,15 +166,17 @@ HTML_FOOTER =
HTML_STYLESHEET = HTML_STYLESHEET =
HTML_EXTRA_STYLESHEET = HTML_EXTRA_STYLESHEET =
HTML_EXTRA_FILES = HTML_EXTRA_FILES =
HTML_COLORSTYLE = AUTO_LIGHT
HTML_COLORSTYLE_HUE = 220 HTML_COLORSTYLE_HUE = 220
HTML_COLORSTYLE_SAT = 100 HTML_COLORSTYLE_SAT = 100
HTML_COLORSTYLE_GAMMA = 80 HTML_COLORSTYLE_GAMMA = 80
HTML_TIMESTAMP = YES
HTML_DYNAMIC_MENUS = YES HTML_DYNAMIC_MENUS = YES
HTML_DYNAMIC_SECTIONS = NO HTML_DYNAMIC_SECTIONS = NO
HTML_CODE_FOLDING = YES
HTML_INDEX_NUM_ENTRIES = 100 HTML_INDEX_NUM_ENTRIES = 100
GENERATE_DOCSET = NO GENERATE_DOCSET = NO
DOCSET_FEEDNAME = "Doxygen generated docs" DOCSET_FEEDNAME = "Doxygen generated docs"
DOCSET_FEEDURL =
DOCSET_BUNDLE_ID = org.doxygen.Project DOCSET_BUNDLE_ID = org.doxygen.Project
DOCSET_PUBLISHER_ID = org.doxygen.Publisher DOCSET_PUBLISHER_ID = org.doxygen.Publisher
DOCSET_PUBLISHER_NAME = Publisher DOCSET_PUBLISHER_NAME = Publisher
@@ -177,6 +187,7 @@ GENERATE_CHI = NO
CHM_INDEX_ENCODING = CHM_INDEX_ENCODING =
BINARY_TOC = NO BINARY_TOC = NO
TOC_EXPAND = NO TOC_EXPAND = NO
SITEMAP_URL =
GENERATE_QHP = NO GENERATE_QHP = NO
QCH_FILE = QCH_FILE =
QHP_NAMESPACE = org.doxygen.Project QHP_NAMESPACE = org.doxygen.Project
@@ -189,14 +200,16 @@ GENERATE_ECLIPSEHELP = NO
ECLIPSE_DOC_ID = org.doxygen.Project ECLIPSE_DOC_ID = org.doxygen.Project
DISABLE_INDEX = NO DISABLE_INDEX = NO
GENERATE_TREEVIEW = NO GENERATE_TREEVIEW = NO
FULL_SIDEBAR = NO
ENUM_VALUES_PER_LINE = 4 ENUM_VALUES_PER_LINE = 4
TREEVIEW_WIDTH = 250 TREEVIEW_WIDTH = 250
EXT_LINKS_IN_WINDOW = NO EXT_LINKS_IN_WINDOW = NO
OBFUSCATE_EMAILS = YES
HTML_FORMULA_FORMAT = png HTML_FORMULA_FORMAT = png
FORMULA_FONTSIZE = 10 FORMULA_FONTSIZE = 10
FORMULA_TRANSPARENT = YES
FORMULA_MACROFILE = FORMULA_MACROFILE =
USE_MATHJAX = NO USE_MATHJAX = NO
MATHJAX_VERSION = MathJax_2
MATHJAX_FORMAT = HTML-CSS MATHJAX_FORMAT = HTML-CSS
MATHJAX_RELPATH = http://www.mathjax.org/mathjax MATHJAX_RELPATH = http://www.mathjax.org/mathjax
MATHJAX_EXTENSIONS = MATHJAX_EXTENSIONS =
@@ -227,9 +240,7 @@ PDF_HYPERLINKS = YES
USE_PDFLATEX = YES USE_PDFLATEX = YES
LATEX_BATCHMODE = NO LATEX_BATCHMODE = NO
LATEX_HIDE_INDICES = NO LATEX_HIDE_INDICES = NO
LATEX_SOURCE_CODE = NO
LATEX_BIB_STYLE = plain LATEX_BIB_STYLE = plain
LATEX_TIMESTAMP = NO
LATEX_EMOJI_DIRECTORY = LATEX_EMOJI_DIRECTORY =
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# Configuration options related to the RTF output # Configuration options related to the RTF output
@@ -240,7 +251,6 @@ COMPACT_RTF = NO
RTF_HYPERLINKS = NO RTF_HYPERLINKS = NO
RTF_STYLESHEET_FILE = RTF_STYLESHEET_FILE =
RTF_EXTENSIONS_FILE = RTF_EXTENSIONS_FILE =
RTF_SOURCE_CODE = NO
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# Configuration options related to the man page output # Configuration options related to the man page output
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
@@ -261,12 +271,17 @@ XML_NS_MEMB_FILE_SCOPE = NO
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
GENERATE_DOCBOOK = NO GENERATE_DOCBOOK = NO
DOCBOOK_OUTPUT = docbook DOCBOOK_OUTPUT = docbook
DOCBOOK_PROGRAMLISTING = NO
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# Configuration options for the AutoGen Definitions output # Configuration options for the AutoGen Definitions output
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
GENERATE_AUTOGEN_DEF = NO GENERATE_AUTOGEN_DEF = NO
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# Configuration options related to Sqlite3 output
#---------------------------------------------------------------------------
GENERATE_SQLITE3 = NO
SQLITE3_OUTPUT = sqlite3
SQLITE3_RECREATE_DB = YES
#---------------------------------------------------------------------------
# Configuration options related to the Perl module output # Configuration options related to the Perl module output
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
GENERATE_PERLMOD = NO GENERATE_PERLMOD = NO
@@ -294,15 +309,14 @@ ALLEXTERNALS = NO
EXTERNAL_GROUPS = YES EXTERNAL_GROUPS = YES
EXTERNAL_PAGES = YES EXTERNAL_PAGES = YES
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
# Configuration options related to the dot tool # Configuration options related to diagram generator tools
#--------------------------------------------------------------------------- #---------------------------------------------------------------------------
CLASS_DIAGRAMS = YES
DIA_PATH =
HIDE_UNDOC_RELATIONS = YES HIDE_UNDOC_RELATIONS = YES
HAVE_DOT = NO HAVE_DOT = NO
DOT_NUM_THREADS = 0 DOT_NUM_THREADS = 0
DOT_FONTNAME = Helvetica DOT_COMMON_ATTR = "fontname=Helvetica,fontsize=10"
DOT_FONTSIZE = 10 DOT_EDGE_ATTR = "labelfontname=Helvetica,labelfontsize=10"
DOT_NODE_ATTR = "shape=box,height=0.2,width=0.4"
DOT_FONTPATH = DOT_FONTPATH =
CLASS_GRAPH = YES CLASS_GRAPH = YES
COLLABORATION_GRAPH = YES COLLABORATION_GRAPH = YES
@@ -318,18 +332,20 @@ CALL_GRAPH = NO
CALLER_GRAPH = NO CALLER_GRAPH = NO
GRAPHICAL_HIERARCHY = YES GRAPHICAL_HIERARCHY = YES
DIRECTORY_GRAPH = YES DIRECTORY_GRAPH = YES
DIR_GRAPH_MAX_DEPTH = 1
DOT_IMAGE_FORMAT = png DOT_IMAGE_FORMAT = png
INTERACTIVE_SVG = NO INTERACTIVE_SVG = NO
DOT_PATH = DOT_PATH =
DOTFILE_DIRS = DOTFILE_DIRS =
MSCFILE_DIRS = DIA_PATH =
DIAFILE_DIRS = DIAFILE_DIRS =
PLANTUML_JAR_PATH = PLANTUML_JAR_PATH =
PLANTUML_CFG_FILE = PLANTUML_CFG_FILE =
PLANTUML_INCLUDE_PATH = PLANTUML_INCLUDE_PATH =
DOT_GRAPH_MAX_NODES = 50 DOT_GRAPH_MAX_NODES = 50
MAX_DOT_GRAPH_DEPTH = 0 MAX_DOT_GRAPH_DEPTH = 0
DOT_TRANSPARENT = NO
DOT_MULTI_TARGETS = NO DOT_MULTI_TARGETS = NO
GENERATE_LEGEND = YES GENERATE_LEGEND = YES
DOT_CLEANUP = YES DOT_CLEANUP = YES
MSCGEN_TOOL =
MSCFILE_DIRS =

37
docs/v2.7.0-rc1-ReleaseNotes → docs/v2.7.0-ReleaseNotes
View File

@@ -1,20 +1,6 @@
Cryptsetup 2.7.0-rc1 Release Notes Cryptsetup 2.7.0 Release Notes
================================== ==============================
Stable release candidate with new features and bug fixes. Stable release with new features and bug fixes.
Changes since version 2.7.0-rc0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* Used Argon2 PBKDF implementation is now reported in debug mode
in the cryptographic backend version. For native support in
OpenSSL 3.2 or libgcrypt 1.11, "argon2" is displayed.
If libargon2 is used, "cryptsetup libargon2" (for embedded
library) or "external libargon2" is displayed.
* Fix wiping of OPAL key in the kernel on luksSuspend.
* Use metadata lock for OPAL disk manipulation to avoid unexpected
states if two processes manipulate the device.
Changes since version 2.6.1 Changes since version 2.6.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -68,7 +54,7 @@ Changes since version 2.6.1
Compatibility notes: Compatibility notes:
- Linux kernel SED interface does NOT work through USB external - Linux kernel SED interface does NOT work through USB external
adapters due to the mising compatibility layer in Linux USB storage adapters due to the missing compatibility layer in Linux USB storage
drivers (even if USB hardware itself can support OPAL commands). drivers (even if USB hardware itself can support OPAL commands).
- other TCG security subsystems like Ruby or Pyrite are not - other TCG security subsystems like Ruby or Pyrite are not
supported. Note that many drives support only Pyrite subsystem that supported. Note that many drives support only Pyrite subsystem that
@@ -214,7 +200,7 @@ Changes since version 2.6.1
<keyring_description>::<key_description>. <keyring_description>::<key_description>.
The <keyring_description> contains the existing kernel keyring The <keyring_description> contains the existing kernel keyring
description (numeric id or keyctl format). The <keyring_description> description (numeric id or keyctl format). The <keyring_description>
may be optionaly prefixed with "%:" or "%keyring:". The string "::" is may be optionally prefixed with "%:" or "%keyring:". The string "::" is
a delimiter that separates keyring and key descriptions. a delimiter that separates keyring and key descriptions.
The <key_description> has the same syntax as used in the The <key_description> has the same syntax as used in the
--volume-key-keyring option. --volume-key-keyring option.
@@ -273,9 +259,7 @@ Changes since version 2.6.1
option is specified. option is specified.
* Properly report if the dm-verity device cannot be activated due to * Properly report if the dm-verity device cannot be activated due to
the inability to verify the signed root hash. the inability to verify the signed root hash (ENOKEY).
If the kernel returns ENOKEY, it is properly propagated.
* Fix to check passphrase for selected keyslot only when adding * Fix to check passphrase for selected keyslot only when adding
new keyslot. new keyslot.
@@ -385,6 +369,12 @@ Changes since version 2.6.1
Argon2 has been available since version 1.10, but we need version 1.11, Argon2 has been available since version 1.10, but we need version 1.11,
which will allow empty passwords. which will allow empty passwords.
* Used Argon2 PBKDF implementation is now reported in debug mode
in the cryptographic backend version. For native support in
OpenSSL 3.2 or libgcrypt 1.11, "argon2" is displayed.
If libargon2 is used, "cryptsetup libargon2" (for embedded
library) or "external libargon2" is displayed.
* Link only libcrypto from OpenSSL. * Link only libcrypto from OpenSSL.
This reduces dependencies as other OpenSSL libraries are not needed. This reduces dependencies as other OpenSSL libraries are not needed.
@@ -413,6 +403,9 @@ Changes since version 2.6.1
and possibly corrupt data if the user also tries to modify the and possibly corrupt data if the user also tries to modify the
underlying device. underlying device.
* Update keyring and locking documentation and LUKS2 specification
for OPAL2 support.
Libcryptsetup API extensions Libcryptsetup API extensions
~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The libcryptsetup API is backward compatible for all existing symbols. The libcryptsetup API is backward compatible for all existing symbols.

2
meson.build
View File

@@ -2,7 +2,7 @@ project('cryptsetup',
'c', 'c',
default_options: [ 'prefix=/usr' ], default_options: [ 'prefix=/usr' ],
meson_version: '>=0.64', meson_version: '>=0.64',
version: '2.7.0-rc1') version: '2.7.0')
libcryptsetup_version = '12.10.0' libcryptsetup_version = '12.10.0'

922
po/cryptsetup.pot
View File

File diff suppressed because it is too large Load Diff

7
tests/luks2-reencryption-test
View File

@@ -36,6 +36,7 @@ KEY_NAME1="luks2-reencryption-test1"
KEY_NAME2="luks2-reencryption-test2" KEY_NAME2="luks2-reencryption-test2"
KEY_SPEC1="${KEYRING}::%${KEY_TYPE}:${KEY_NAME1}" KEY_SPEC1="${KEYRING}::%${KEY_TYPE}:${KEY_NAME1}"
KEY_SPEC2="${KEYRING}::%${KEY_TYPE}:${KEY_NAME2}" KEY_SPEC2="${KEYRING}::%${KEY_TYPE}:${KEY_NAME2}"
HAVE_KEYRING=0
FIPS_MODE=$(cat /proc/sys/crypto/fips_enabled 2>/dev/null) FIPS_MODE=$(cat /proc/sys/crypto/fips_enabled 2>/dev/null)
@@ -855,12 +856,10 @@ function prepare_vk_keyring()
function setup_luks2_env() { function setup_luks2_env() {
echo $PWD1 | $CRYPTSETUP luksFormat --type luks2 -c aes-xts-plain64 $FAST_PBKDF_ARGON $DEV || fail echo $PWD1 | $CRYPTSETUP luksFormat --type luks2 -c aes-xts-plain64 $FAST_PBKDF_ARGON $DEV || fail
echo $PWD1 | $CRYPTSETUP open $DEV $DEV_NAME || fail echo $PWD1 | $CRYPTSETUP open $DEV $DEV_NAME || fail
HAVE_KEYRING=$($CRYPTSETUP status $DEV_NAME | grep "key location: keyring") local check_keyring=$($CRYPTSETUP status $DEV_NAME | grep "key location: keyring")
if [ -n "$HAVE_KEYRING" ]; then if [ -n "$check_keyring" ]; then
HAVE_KEYRING=1 HAVE_KEYRING=1
prepare_vk_keyring prepare_vk_keyring
else
HAVE_KEYRING=0
fi fi
DEF_XTS_KEY=$($CRYPTSETUP status $DEV_NAME | grep "keysize:" | sed 's/\( keysize: \)\([0-9]\+\)\(.*\)/\2/') DEF_XTS_KEY=$($CRYPTSETUP status $DEV_NAME | grep "keysize:" | sed 's/\( keysize: \)\([0-9]\+\)\(.*\)/\2/')
[ -n "$DEF_XTS_KEY" ] || fail "Failed to parse xts mode key size." [ -n "$DEF_XTS_KEY" ] || fail "Failed to parse xts mode key size."