eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-17 05:40:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Also support --hash option for loopaesOpen.

Browse Source 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@489 36d66b0a-2a48-0410-832c-cd162a569da5
This commit is contained in:
Milan Broz
2011-03-25 17:00:57 +00:00
parent 47c76c34fb
commit e95ed30c66
6 changed files with 20 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@@ -1,5 +1,5 @@
2011-04-22 Milan Broz <mbroz@redhat.com> 2011-04-22 Milan Broz <mbroz@redhat.com>
* Also support --skip option for loopaesOpen. * Also support --skip and --hash option for loopaesOpen.
* Fix return code when passphrase is read from pipe. * Fix return code when passphrase is read from pipe.
* Document cryptsetup exit codes. * Document cryptsetup exit codes.

6
lib/loopaes/loopaes.c
View File

@@ -69,6 +69,7 @@ static int hash_key(const char *src, size_t src_len,
static int hash_keys(struct crypt_device *cd, static int hash_keys(struct crypt_device *cd,
struct volume_key **vk, struct volume_key **vk,
const char *hash_override,
const char **input_keys, const char **input_keys,
unsigned int keys_count, unsigned int keys_count,
unsigned int key_len_output) unsigned int key_len_output)
@@ -77,7 +78,7 @@ static int hash_keys(struct crypt_device *cd,
char tweak, *key_ptr; char tweak, *key_ptr;
int r, i, key_len_input; int r, i, key_len_input;
hash_name = get_hash(key_len_output); hash_name = hash_override ?: get_hash(key_len_output);
tweak = get_tweak(keys_count); tweak = get_tweak(keys_count);
key_len_input = strlen(input_keys[0]); key_len_input = strlen(input_keys[0]);
@@ -123,6 +124,7 @@ static int keyfile_is_gpg(char *buffer, size_t buffer_len)
int LOOPAES_parse_keyfile(struct crypt_device *cd, int LOOPAES_parse_keyfile(struct crypt_device *cd,
struct volume_key **vk, struct volume_key **vk,
const char *hash,
unsigned int *keys_count, unsigned int *keys_count,
char *buffer, char *buffer,
size_t buffer_len) size_t buffer_len)
@@ -174,7 +176,7 @@ int LOOPAES_parse_keyfile(struct crypt_device *cd,
} }
*keys_count = key_index; *keys_count = key_index;
return hash_keys(cd, vk, keys, key_index, crypt_get_volume_key_size(cd)); return hash_keys(cd, vk, hash, keys, key_index, crypt_get_volume_key_size(cd));
} }
int LOOPAES_activate(struct crypt_device *cd, int LOOPAES_activate(struct crypt_device *cd,

1
lib/loopaes/loopaes.h
View File

@@ -8,6 +8,7 @@
int LOOPAES_parse_keyfile(struct crypt_device *cd, int LOOPAES_parse_keyfile(struct crypt_device *cd,
struct volume_key **vk, struct volume_key **vk,
const char *hash,
unsigned int *keys_count, unsigned int *keys_count,
char *buffer, char *buffer,
size_t buffer_len); size_t buffer_len);

7
lib/setup.c
View File

@@ -1528,6 +1528,11 @@ void crypt_free(struct crypt_device *cd)
free(cd->plain_cipher_mode); free(cd->plain_cipher_mode);
free(cd->plain_uuid); free(cd->plain_uuid);
/* used in loop-AES device only */
free((char*)cd->loopaes_hdr.hash);
free(cd->loopaes_cipher);
free(cd->loopaes_uuid);
free(cd); free(cd);
} }
} }
@@ -2027,7 +2032,7 @@ int crypt_activate_by_keyfile(struct crypt_device *cd,
keyfile, keyfile_size); keyfile, keyfile_size);
if (r < 0) if (r < 0)
goto out; goto out;
r = LOOPAES_parse_keyfile(cd, &vk, &key_count, r = LOOPAES_parse_keyfile(cd, &vk, cd->loopaes_hdr.hash, &key_count,
passphrase_read, passphrase_size_read); passphrase_read, passphrase_size_read);
if (r < 0) if (r < 0)
goto out; goto out;

10
man/cryptsetup.8
View File

@@ -183,7 +183,11 @@ Use \fB\-\-skip\fR to specify IV offset. If original device used offset
and not used it in IV sector calculations, you have to explicitly use and not used it in IV sector calculations, you have to explicitly use
\fB\-\-skip 0\fR in addition to offset parameter. \fB\-\-skip 0\fR in addition to offset parameter.
\fB<options>\fR can be [\-\-key-file, \-\-key-size, \-\-offset, \-\-skip, \-\-readonly]. Use \fB\-\-hash\fR to override hash function for password hashing
(otherwise it is detected according to key size).
\fB<options>\fR can be [\-\-key-file, \-\-key-size, \-\-offset, \-\-skip,
\-\-hash, \-\-readonly].
.PP .PP
\fIloopaesClose\fR <name> \fIloopaesClose\fR <name>
.IP .IP
@@ -199,7 +203,7 @@ Print more verbose messages.
Run in debug mode with full diagnostic logs. Run in debug mode with full diagnostic logs.
.TP .TP
.B "\-\-hash, \-h" .B "\-\-hash, \-h"
For \fIcreate\fR action specifies hash to use for password hashing. For \fIcreate\fR and \fIloopaesOpen\fR action specifies hash to use for password hashing.
For \fIluksFormat\fR action specifies hash used in LUKS key setup scheme For \fIluksFormat\fR action specifies hash used in LUKS key setup scheme
and volume key digest. and volume key digest.
@@ -311,7 +315,7 @@ Using \-\-offset will shift the IV calculation by the same negative amount.
Hence, if \-\-offset \fIn\fR, sector \fIn\fR will be the first sector Hence, if \-\-offset \fIn\fR, sector \fIn\fR will be the first sector
on the mapping with IV \fI0\fR. Using \-\-skip would have resulted in sector on the mapping with IV \fI0\fR. Using \-\-skip would have resulted in sector
\fIn\fR being the first sector also, but with IV \fIn\fR. \fIn\fR being the first sector also, but with IV \fIn\fR.
This option is only relevant for \fIcreate\fR action. This option is only relevant for \fIcreate\fR and \fIloopaesOpen\fR action.
.TP .TP
.B "\-\-readonly" .B "\-\-readonly"
set up a read-only mapping. set up a read-only mapping.

2
src/cryptsetup.c
View File

@@ -289,7 +289,7 @@ static int action_loopaesOpen(int arg)
{ {
struct crypt_device *cd = NULL; struct crypt_device *cd = NULL;
struct crypt_params_loopaes params = { struct crypt_params_loopaes params = {
.hash = opt_hash ?: NULL, // FIXME .hash = opt_hash ?: NULL,
.offset = opt_offset, .offset = opt_offset,
.skip = opt_skip_valid ? opt_skip : opt_offset, .skip = opt_skip_valid ? opt_skip : opt_offset,
}; };