eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-14 04:10:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Prefer default cipher when reencrypting cipher_null device.

Browse Source 
By default when reencrypting LUKS2 device we regenerate only
the volume key. But if the device was 'encrypted' by cipher_null
this change did not make sense. The key was always empty.

Change the behaviour so that unless user specifies --cipher
parameter on command line, we change data encryption cipher
to default when old segment cipher was cipher_null.
This commit is contained in:
Ondrej Kozina
2021-02-16 17:08:53 +01:00
committed by Milan Broz
parent 44a9e7aa62
commit f25a1c92ec
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/cryptsetup.c
View File

@@ -3194,6 +3194,11 @@ static int action_reencrypt_luks2(struct crypt_device *cd)
_set_reencryption_flags(&params.flags);
if (!opt_cipher && crypt_is_cipher_null(crypt_get_cipher(cd))) {
opt_cipher = strdup(DEFAULT_CIPHER(LUKS1));
log_std(_("Switching data encryption cipher to %s.\n"), opt_cipher);
}
if (!opt_cipher) {
strncpy(cipher, crypt_get_cipher(cd), MAX_CIPHER_LEN - 1);
strncpy(mode, crypt_get_cipher_mode(cd), MAX_CIPHER_LEN - 1);