eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-11 19:00:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add some new AEAD modes and allow SHA1 for integrity check.

Browse Source 
NOTE: all this code will be switched to generic checks, this list
is just a temporary hack.
This commit is contained in:
Milan Broz
2018-05-21 15:29:49 +02:00
parent 18592a08be
commit e654fabe04
2 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/integrity/integrity.c
View File

@@ -114,6 +114,8 @@ int INTEGRITY_key_size(struct crypt_device *cd, const char *integrity)
//FIXME: use crypto backend hash size
if (!strcmp(integrity, "aead"))
return 0;
else if (!strcmp(integrity, "hmac(sha1)"))
return 20;
else if (!strcmp(integrity, "hmac(sha256)"))
return 32;
else if (!strcmp(integrity, "hmac(sha512)"))
@@ -143,6 +145,8 @@ int INTEGRITY_tag_size(struct crypt_device *cd,
iv_tag_size = 8;
else if (!strcmp(cipher_mode, "ctr-random"))
iv_tag_size = 16;
else if (!strcmp(cipher, "aegis256") && !strcmp(cipher_mode, "random"))
iv_tag_size = 32;
else if (!strcmp(cipher_mode, "random"))
iv_tag_size = 16;
@@ -153,6 +157,8 @@ int INTEGRITY_tag_size(struct crypt_device *cd,
auth_tag_size = 16; //FIXME gcm- mode only
else if (!strcmp(integrity, "cmac(aes)"))
auth_tag_size = 16;
else if (!strcmp(integrity, "hmac(sha1)"))
auth_tag_size = 20;
else if (!strcmp(integrity, "hmac(sha256)"))
auth_tag_size = 32;
else if (!strcmp(integrity, "hmac(sha512)"))

3
lib/utils_crypt.c
View File

@@ -105,6 +105,9 @@ int crypt_parse_integrity_mode(const char *s, char *integrity,
!strcmp(s, "none")) {
strncpy(integrity, s, MAX_CIPHER_LEN);
ks = 0;
} else if (!strcmp(s, "hmac-sha1")) {
strncpy(integrity, "hmac(sha1)", MAX_CIPHER_LEN);
ks = 20;
} else if (!strcmp(s, "hmac-sha256")) {
strncpy(integrity, "hmac(sha256)", MAX_CIPHER_LEN);
ks = 32;