eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-12 03:10:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,888 Commits 16 Branches 78 Tags
21e259d1a471fda52afdba6e1dbe112cdb3c2bd3
Commit Graph

23 Commits

Author SHA1 Message Date
Milan Broz
5be31bbce6 More warnings fixes. 2018-09-27 20:54:06 +02:00
Milan Broz
a6e3a31690 Workaround for some gcc8 warnings. 
Some new string length checks are too clever now...
 2018-09-27 13:25:52 +02:00
Milan Broz
69a844c654 Remove O_SYNC from device open and use fsync(). 
This speed up wipe operation considerably.
 2018-08-09 12:01:20 +02:00
Milan Broz
b00a87d8fa Remove trailing EOL for verbose and error messages. 2018-04-26 10:38:17 +02:00
Milan Broz
e58883c183 Hide return code check fot fallocate (that can silenty fail in this context). 2018-04-26 09:55:31 +02:00
Milan Broz
487965dc8a Fix LUKS convert on trimmed headers in file. 
If last write in move area failed, the keyslot is in fact destroyed.

We need to at least ensure that the whole area is there
(so write fails only for hard errors).
 2018-04-24 16:36:17 +02:00
Ondrej Kozina
6f6e1efbc8 Abort conversion when wrapped key cipher is used. 2018-04-15 15:40:48 +02:00
Ondrej Kozina
70077db07d Abort conversion when LUKS2 header contains tokens. 
Tokens may contain import 3rd party data. Prompt users
to remove such tokens explicitly.
 2018-04-15 13:08:44 +02:00
Ondrej Kozina
eed682c529 Add fixme in luks2->luks1 convert code. 2018-04-15 13:05:22 +02:00
Ondrej Kozina
255c8e8ff4 Avoid pbkdf benchmark on LUKS2 header down conversion. 
Also clarify use of placeholder keyslots in down conversion.
 2018-04-12 15:49:35 +02:00
Milan Broz
23b01621ff Print better debug message for open with write mode. 2018-04-10 15:33:30 +02:00
Milan Broz
f21ebaf839 Check LUKS2 conversion for luksmeta header. 
We will reject upconversion if there is a luksmeta magic signature.
 2018-04-10 14:54:35 +02:00
Milan Broz
f6f00b98a7 Always convert the whole last keyslot (including alignment). 2018-04-10 14:53:33 +02:00
Milan Broz
180d96234e Fix another compiler warnings with extra flags. 2018-01-20 21:17:10 +01:00
Milan Broz
1fe014dbae Update copyright year. 2018-01-20 17:55:21 +01:00
Ondrej Kozina
08e7c143b3 Add internal code for LUKS2 keyslot params. 
This fixes crypt_keyslot_add_by_key where we were unable to store
keyslot (unbound to segment) with different key_size.
The code used (new) volume key size implicitly which could be wrong
if new size was not compatible with cipher parameter for keyslot area.
 2018-01-19 13:48:09 +01:00
Milan Broz
f6e613a76f Revert cipher requirement in parse cipher. 
There is several specification that violate this (chacha20 etc).
Just use the old way...
 2018-01-18 22:42:34 +01:00
Milan Broz
aeea93fa95 Properly fail in luksFormat if cipher format is missing required IV. 
For now, crypto API quietly used cipher witout IV if a cipher
algorithm wihtou IV specificaton was used (e.g. aes-xts).

This caused fail later during activation.

This patch allows only two specific backed use without specified IV
(ECB mode and NULL cipher).

Also check cipher string early during parsing of CLI options.
 2018-01-18 21:20:25 +01:00
Yuri Chornoivan
982da4d20c Fix minor typos 2018-01-04 09:13:58 +01:00
Ondrej Kozina
304bdd7d0d luks2: add json_object_new_uint64 wrapper 
json doesn't support 64 bits integers. We workaround it by storing
large numbers as string and validate the value internally.
 2017-11-23 16:18:14 +01:00
Milan Broz
948006561a Yet another fix for header strings. 2017-09-27 10:54:03 +02:00
Milan Broz
3ccbb8fe84 Fix some problems found by Coverity analysis. 2017-09-27 10:18:38 +02:00
Milan Broz
9f2727bb77 Add libLUKS2. 2017-09-24 19:50:12 +02:00