eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 19:00:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

support PIM parameter for VeraCrypt compatible devices

Browse Source 
This patch adds the --veracrypt-pim=INT and --veracrypt-query-pim command-
line parameters to support specification of or being queried for a custom
Personal Iteration Multiplier respectively. This affects the number of
iterations for key derivation from the entered password. The manpage is
also updated accordingly.

Fixes Issue #307.
This commit is contained in:
Daniel Reichelt
2017-02-06 22:45:02 +01:00
committed by Milan Broz
parent 36419b25aa
commit 9a798a766e
5 changed files with 85 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/tcrypt/tcrypt.c
View File

@@ -531,6 +531,14 @@ static int TCRYPT_init_hdr(struct crypt_device *cd,
continue;
if (!(params->flags & CRYPT_TCRYPT_VERA_MODES) && tcrypt_kdf[i].veracrypt)
continue;
if ((params->flags & CRYPT_TCRYPT_VERA_MODES) && params->veracrypt_pim) {
/* adjust iterations to given PIM cmdline parameter */
if (params->flags & CRYPT_TCRYPT_SYSTEM_HEADER)
tcrypt_kdf[i].iterations = params->veracrypt_pim * 2048;
else
tcrypt_kdf[i].iterations = 15000 + (params->veracrypt_pim * 1000);
}
/* Derive header key */
log_dbg("TCRYPT: trying KDF: %s-%s-%d.",
tcrypt_kdf[i].name, tcrypt_kdf[i].hash, tcrypt_kdf[i].iterations);