eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-13 20:00:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Support aes-hctr2 mode.

Browse Source 
The HCTR2 encryption was added to Linux kernel for fscrypt,
but as it is length-preserving mode (with sector tweak) it
can be easily used for disk encryption too.

As it need larger IV of size 32 bytes, we need to add exception
for aes-hctr2[-plain64] to be accepted in cryptsetup commands.

Fixes: #883
This commit is contained in:
Milan Broz
2024-05-09 14:09:36 +02:00
parent 1a6a611dff
commit d590c74a0e
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/crypto_backend/cipher_generic.c
View File

@@ -62,6 +62,9 @@ int crypt_cipher_ivsize(const char *name, const char *mode)
if (!ca) if (!ca)
return -EINVAL; return -EINVAL;
if (mode && !strcasecmp(mode, "hctr2"))
return 32;
if (mode && !strcasecmp(mode, "ecb")) if (mode && !strcasecmp(mode, "ecb"))
return 0; return 0;

2
tests/mode-test
View File

@@ -208,6 +208,8 @@ done
dmcrypt xchacha12,aes-adiantum-plain64 dmcrypt xchacha12,aes-adiantum-plain64
dmcrypt xchacha20,aes-adiantum-plain64 dmcrypt xchacha20,aes-adiantum-plain64
dmcrypt aes-hctr2-plain64
echo -n "CAPI format:" echo -n "CAPI format:"
if dm_crypt_capi_support ; then if dm_crypt_capi_support ; then
echo $PASSWORD | $CRYPTSETUP create -h sha256 -c 'capi:xts(aes)-plain64' -s 256 "$DEV_NAME"_tstdev /dev/mapper/$DEV_NAME || fail echo $PASSWORD | $CRYPTSETUP create -h sha256 -c 'capi:xts(aes)-plain64' -s 256 "$DEV_NAME"_tstdev /dev/mapper/$DEV_NAME || fail