Cryptsetup/libcryptsetup currently supports several cryptographic
library backends.
The fully supported are libgcrypt, OpenSSL and kernel crypto API.
FIPS mode extensions are maintained only for libgcrypt and OpenSSL.
(Nettle and NSS are usable only for some subset of algorithms and
cannot provide full backward compatibility.)
For years, OpenSSL provided better performance for PBKDF.
Since this commit, cryptsetup uses OpenSSL as the default backend.
You can always switch to other backend by using a configure switch,
for libgcrypt (compatibility for older distributions) use:
--with-crypto_backend=gcrypt
The gcrypt does not use standard pkgconfig detection and requires
specific macro (part of gcrypt development fileS) to be present
during autoconfigure.
With other crypto backend, like OpenSSL, this makes no sense,
so make this part of autoconfigure optional.
This patch makes available LUKS2 per-keyslot encryption settings to user.
In LUKS2, keyslot can use different encryption that data.
We can use new crypt_keyslot_get_encryption and crypt_keyslot_set_encryption
API calls to set/get this encryption.
For cryptsetup new --keyslot-cipher and --keyslot-key-size options are added.
The default keyslot encryption algorithm (if cannot be derived from data encryption)
is now available as configure options (default is aes-xts-plain64 with 512-bits key).
NOTE: default was increased from 256-bits.
Currently, AC_ARG_[ENABLE|WITH] are used in multiple different ways.
This change makes all their uses the same by following the style of
the GNU manual:
- AC_ARG_ENABLE(foo) should only define $enable_foo
- Use the 2 argument form with a --enable_foo flag
- Use the 4 argument form with a --disable_foo flag
- Format all uses the same way
- Always compare using: test "x$enable_foo" = "xyes"
This makes the easier to debug, more readable, and shorter.
This formatting fix also revealed a bug (fix submitted seperately).
--disable-dev-random now disables reading from /dev/random instead of
incorrectly enabling it. This was found by reviewing all of flags
in configure.ac.
Note: it is always better to use external libargon2 library.
Unfortunately, until Argon2 is in generic crypto libraries,
we must sometimes use bundled version just for bureaucratic reasons.
Let's include optimized variant of reference implementation as well.
Note, this code will not add any SSE compiler switches.
If --enable-internal-sse-argon2 option is used, it checks if current
compilation flags support simple SSE progam and if so, it use
the optimized variant.
(Not tested for AVX optimizations; it expects that SSE is enabled as well.)
In commits 9bcc97bc5e and
5536b3a58d new features were
added, which used bash-specific features in a POSIX sh script. This
caused configure to completely fail with syntax errors on systems where
/bin/sh was not symlinked to GNU bash.
`==` is a bash-specific alias for `=` and should never, ever, ever be
used since it offers no additional utility for bash but merely serves
to confuse people writing POSIX.
substring parameter expansion, e.g. `${with_tmpfilesdir:0:1}` is not
POSIX but can be trivially replaced by case wildcards.
The keyfile interface was designed, well, for keyfiles.
Unfortunately, a keyfile can be placed on a device and the size_t offset
can overflow.
We have to introduce new set of fucntions that allows 64bit offsets even on 32bit systems:
- crypt_resume_by_keyfile_device_offset
- crypt_keyslot_add_by_keyfile_device_offset
- crypt_activate_by_keyfile_device_offset
- crypt_keyfile_device_read
The new functions have added _device_ in name.
Old functions are just internall wrappers around these.
Also cryptsetup --keyfile-offset and --new-keyfile-offset must now
process 64bit offsets.
For more info see issue 359.
There are problems with sharing /run/lock with lockdev and also in early boot
we cannot create the whole subir chain.
It is safe to switch to separate locking dir.
This can be changed with --with-luks2-lock-path and --with-luks2-lock-dir-perms
configure switches.
See Issue#361 and issue#362.
add --with-tmpfilesdir configuration option. Use the option
either to override default systemd tmpfiles.d directory location
or to specify install location for systems without systemd.
crypt_deactivate_* fail earlier without noisy dm retries
when other device holders detected. The early detection
works if:
a) other device-mapper device has a hold reference on the
device
- or -
b) mounted fs is detected on the device
Any deactivation flag CRYPT_DEACTIVATE_FORCE or
CRYPT_DEACTIVATE_DEFERRED will disable this detection
