eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-05 16:00:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Allow restrict keys size in LuksOpen (thanks to Stefan Assmann)

Browse Source 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@86 36d66b0a-2a48-0410-832c-cd162a569da5
This commit is contained in:
Milan Broz
2009-08-17 11:04:36 +00:00
parent 02707608db
commit d980dbb300
4 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@@ -1,6 +1,7 @@
2009-08-17 Milan Broz <mbroz@redhat.com>
* Fix PBKDF2 speed calculation for large passhrases.
* Allow using passphrase provided in options struct for LuksOpen.
* Allow restrict keys size in LuksOpen.
2009-07-30 Milan Broz <mbroz@redhat.com>
* Fix errors when compiled with LUKS_DEBUG.

2
lib/setup.c
View File

@@ -560,7 +560,7 @@ start:
password = safe_alloc(passwordLen + 1);
strncpy(password, options->passphrase, passwordLen + 1);
tries = 0;
} else if(get_key(prompt, &password, &passwordLen, 0, options->key_file, options->passphrase_fd, options->timeout, options->flags))
} else if(get_key(prompt, &password, &passwordLen, options->key_size, options->key_file, options->passphrase_fd, options->timeout, options->flags))
tries--;
else
tries = 0;

4
man/cryptsetup.8
View File

@@ -110,7 +110,9 @@ If the key file is "-", stdin will be used. This is different from how cryptsetu
For LUKS operations that add key material, this options allows to you specify which key slot is selected for the new key. This option can be used for \fIluksFormat\fR and \fIluksAddKey\fR.
.TP
.B "\-\-key-size, \-s"
set key size in bits. Has to be a multiple of 8 bits. The key size is limited by the used cipher. See output of /proc/crypto for more information. Can be used for \fIcreate\fR or \fIluksFormat\fR, all other LUKS actions will ignore this flag, as the key-size is specified by the partition header. Default is 128 for \fIluksFormat\fR and 256 for \fIcreate\fR.
set key size in bits. Has to be a multiple of 8 bits. The key size is limited by the used cipher. See output of /proc/crypto for more information. Can be used for \fIcreate\fR or \fIluksFormat\fR, all other LUKS actions will use key-size specified by the LUKS header. Default is 128 for \fIluksFormat\fR and 256 for \fIcreate\fR.
For \fIluksOpen\fR this option specifies number of bits read from the key-file (default is exhaustive read from key-file).
.TP
.B "\-\-size, \-b"
force the size of the underlying device in sectors.

1
src/cryptsetup.c
View File

@@ -291,6 +291,7 @@ static int action_luksOpen(int arg)
.name = action_argv[1],
.device = action_argv[0],
.key_file = opt_key_file,
.key_size = opt_key_file ? (opt_key_size / 8) : 0, /* limit bytes read from keyfile */
.timeout = opt_timeout,
.tries = opt_tries,
.icb = &cmd_icb,