diff --git a/ChangeLog b/ChangeLog index 55ba7024..2e176859 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,5 @@ 2011-04-22 Milan Broz - * Also support --skip option for loopaesOpen. + * Also support --skip and --hash option for loopaesOpen. * Fix return code when passphrase is read from pipe. * Document cryptsetup exit codes. diff --git a/lib/loopaes/loopaes.c b/lib/loopaes/loopaes.c index 36d8164f..e9615b23 100644 --- a/lib/loopaes/loopaes.c +++ b/lib/loopaes/loopaes.c @@ -69,6 +69,7 @@ static int hash_key(const char *src, size_t src_len, static int hash_keys(struct crypt_device *cd, struct volume_key **vk, + const char *hash_override, const char **input_keys, unsigned int keys_count, unsigned int key_len_output) @@ -77,7 +78,7 @@ static int hash_keys(struct crypt_device *cd, char tweak, *key_ptr; int r, i, key_len_input; - hash_name = get_hash(key_len_output); + hash_name = hash_override ?: get_hash(key_len_output); tweak = get_tweak(keys_count); key_len_input = strlen(input_keys[0]); @@ -123,6 +124,7 @@ static int keyfile_is_gpg(char *buffer, size_t buffer_len) int LOOPAES_parse_keyfile(struct crypt_device *cd, struct volume_key **vk, + const char *hash, unsigned int *keys_count, char *buffer, size_t buffer_len) @@ -174,7 +176,7 @@ int LOOPAES_parse_keyfile(struct crypt_device *cd, } *keys_count = key_index; - return hash_keys(cd, vk, keys, key_index, crypt_get_volume_key_size(cd)); + return hash_keys(cd, vk, hash, keys, key_index, crypt_get_volume_key_size(cd)); } int LOOPAES_activate(struct crypt_device *cd, diff --git a/lib/loopaes/loopaes.h b/lib/loopaes/loopaes.h index 3e61c4c4..32ecdedc 100644 --- a/lib/loopaes/loopaes.h +++ b/lib/loopaes/loopaes.h @@ -8,6 +8,7 @@ int LOOPAES_parse_keyfile(struct crypt_device *cd, struct volume_key **vk, + const char *hash, unsigned int *keys_count, char *buffer, size_t buffer_len); diff --git a/lib/setup.c b/lib/setup.c index 33318dbe..f90dae1c 100644 --- a/lib/setup.c +++ b/lib/setup.c @@ -1528,6 +1528,11 @@ void crypt_free(struct crypt_device *cd) free(cd->plain_cipher_mode); free(cd->plain_uuid); + /* used in loop-AES device only */ + free((char*)cd->loopaes_hdr.hash); + free(cd->loopaes_cipher); + free(cd->loopaes_uuid); + free(cd); } } @@ -2027,7 +2032,7 @@ int crypt_activate_by_keyfile(struct crypt_device *cd, keyfile, keyfile_size); if (r < 0) goto out; - r = LOOPAES_parse_keyfile(cd, &vk, &key_count, + r = LOOPAES_parse_keyfile(cd, &vk, cd->loopaes_hdr.hash, &key_count, passphrase_read, passphrase_size_read); if (r < 0) goto out; diff --git a/man/cryptsetup.8 b/man/cryptsetup.8 index 01968494..3fd512ee 100644 --- a/man/cryptsetup.8 +++ b/man/cryptsetup.8 @@ -183,7 +183,11 @@ Use \fB\-\-skip\fR to specify IV offset. If original device used offset and not used it in IV sector calculations, you have to explicitly use \fB\-\-skip 0\fR in addition to offset parameter. -\fB\fR can be [\-\-key-file, \-\-key-size, \-\-offset, \-\-skip, \-\-readonly]. +Use \fB\-\-hash\fR to override hash function for password hashing +(otherwise it is detected according to key size). + +\fB\fR can be [\-\-key-file, \-\-key-size, \-\-offset, \-\-skip, +\-\-hash, \-\-readonly]. .PP \fIloopaesClose\fR .IP @@ -199,7 +203,7 @@ Print more verbose messages. Run in debug mode with full diagnostic logs. .TP .B "\-\-hash, \-h" -For \fIcreate\fR action specifies hash to use for password hashing. +For \fIcreate\fR and \fIloopaesOpen\fR action specifies hash to use for password hashing. For \fIluksFormat\fR action specifies hash used in LUKS key setup scheme and volume key digest. @@ -311,7 +315,7 @@ Using \-\-offset will shift the IV calculation by the same negative amount. Hence, if \-\-offset \fIn\fR, sector \fIn\fR will be the first sector on the mapping with IV \fI0\fR. Using \-\-skip would have resulted in sector \fIn\fR being the first sector also, but with IV \fIn\fR. -This option is only relevant for \fIcreate\fR action. +This option is only relevant for \fIcreate\fR and \fIloopaesOpen\fR action. .TP .B "\-\-readonly" set up a read-only mapping. diff --git a/src/cryptsetup.c b/src/cryptsetup.c index c1944739..b53d1e0c 100644 --- a/src/cryptsetup.c +++ b/src/cryptsetup.c @@ -289,7 +289,7 @@ static int action_loopaesOpen(int arg) { struct crypt_device *cd = NULL; struct crypt_params_loopaes params = { - .hash = opt_hash ?: NULL, // FIXME + .hash = opt_hash ?: NULL, .offset = opt_offset, .skip = opt_skip_valid ? opt_skip : opt_offset, };