eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-08 09:20:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,427 Commits 14 Branches 78 Tags
494d8ec04ce11854bd4048ad6aaa09470da6fe29
Commit Graph

134 Commits

Author SHA1 Message Date
Milan Broz
494d8ec04c Add kernel backend for Bitlk key decryption. 2019-12-30 21:53:06 +01:00
Milan Broz
51edfb4ec9 Bitlk: add gcrypt key backend. 2019-12-30 21:53:06 +01:00
Milan Broz
79019b1ced Bitlk: Move crypt key handling to crypto backend. 2019-12-30 21:53:06 +01:00
Yuri Chornoivan
f26a9abddb Fix minor typos 2019-09-02 09:20:47 +00:00
Milan Broz
4d6269a42d Fix some gcc warnings on 32bit systems. 2019-08-30 09:41:04 +02:00
Milan Broz
23bada3c5a Fix several issues found by Coverity scan. 2019-04-10 12:30:09 +02:00
Milan Broz
238b18b8ac Upstream fixes to bundled Argon2 code. 
Wait for already running threads if a thread creation failed.
Use explicit_bzero() on recent glibc versions.
(Without fixed logic, we have already macro definition through automake.)

Fixes #444.
 2019-03-13 08:26:40 +01:00
Ondrej Kozina
f9fa4cc099 Add kernel only detection in crypt storage API. 2019-03-05 17:07:57 +01:00
Ondrej Kozina
a0540cafb3 alter crypt_storage interface 
rename sector_start -> iv_start (it's now a iv shift for subsequent
en/decrypt operations)

rename count -> length. We accept length in bytes now and perform sanity
checks at the crypt_storage_init and crypt_storage_decrypt (or encrypt)
respectively.

rename sector -> offset. It's in bytes as well. Sanity checks inside
crypt_storage functions.
 2019-03-05 17:07:45 +01:00
Milan Broz
1192fd27c6 Add query for cipher implementation is used through kernel API. 2019-03-01 21:43:10 +01:00
Milan Broz
cd1cb40033 Use crypto library for ciphers if algorithms are available. 2019-03-01 21:34:22 +01:00
Milan Broz
14e085f70e Move cipher performance check to crypto backend. 2019-03-01 21:16:05 +01:00
Milan Broz
fc37d81144 Move crypt_cipher to per-lib implementation. 
For now, it calls kernel fallback only.
 2019-03-01 21:14:13 +01:00
Milan Broz
a859455aad Move block ciphers backend wrappers to per-library files. 
For now it always fallbacks to kernel crypto API.
 2019-03-01 21:10:50 +01:00
Milan Broz
93d596ace2 Introduce internal backend header. 
And remove commented-out test vectors (moved to tests).
 2019-03-01 20:39:33 +01:00
Milan Broz
91b74b6896 Fix some compiler warnings. 2019-02-07 17:14:47 +01:00
Milan Broz
a68f3939cf Use min memory limit from PBKDF struct in Argon benchmark. 2019-01-31 10:53:51 +01:00
Milan Broz
a6f5ce8c7b Update copyright year. 
And unify name copyright format.
 2019-01-25 09:45:57 +01:00
Milan Broz
fbfd0c7353 Update Nettle crypto backend. 
WARNING: this is just experimental backend, use only for testing.
 2019-01-16 21:13:00 +01:00
Milan Broz
ee8970c11e Fix strncpy gcc warning. 2019-01-15 15:34:00 +01:00
Milan Broz
9607b322d2 Add missing struct to Nettle backend. 2019-01-15 15:00:36 +01:00
Milan Broz
304c4e3d3b Add more common hash algorithms to kernel crypto backend. 
Fixes #430.
 2019-01-07 20:07:18 +01:00
Milan Broz
c5b55049b9 Fix AEAD modes check with kernel and Nettle backend. 
These do not implement backend RNG yet, so use a fixed key for test.
 2019-01-07 20:05:55 +01:00
Milan Broz
4e1c62d7f1 Ignore false positive Coverity warning for string length. 2018-12-04 12:57:08 +01:00
Milan Broz
9a2dbb26a5 Fix signed/unsigned comparison warning. 2018-11-25 15:11:44 +01:00
Milan Broz
2f6d0c006c Check for algorithms string lengths in crypt_cipher_check(). 
The kernel check will fail anyway if string is truncated, but this
make some compilers more happy.
 2018-11-25 10:55:28 +01:00
Milan Broz
1167e6b86f Add support for Adiantum cipher mode. 2018-11-23 21:03:02 +01:00
Milan Broz
b4dce61918 Try to check if AEAD cipher is available through kernel crypto API. 2018-11-22 16:02:33 +01:00
Milan Broz
2300c692b8 Check hash value in pbkdf setting early. 2018-11-22 15:51:10 +01:00
Milan Broz
9df042c0b8 Use explicit_bzero if available. 2018-10-04 15:21:01 +02:00
Rafael Fontenelle
f35ec9771e Fix typos 
A bunch of typos reported by codespell, most of them comments in the code
 2018-07-21 07:24:25 -03:00
Ondrej Kozina
b2a1728201 Fix bundled argon2 distcheck errors. 2018-07-18 11:57:43 +02:00
Milan Broz
d3460b6cf5 Fix internal bundled Argon2 build. 2018-07-07 11:06:54 +02:00
Milan Broz
ba384d15d2 Add optimized Argon2 SSE code. 
Note: it is always better to use external libargon2 library.

Unfortunately, until Argon2 is in generic crypto libraries,
we must sometimes use bundled version just for bureaucratic reasons.

Let's include optimized variant of reference implementation as well.

Note, this code will not add any SSE compiler switches.

If --enable-internal-sse-argon2 option is used, it checks if current
compilation flags support simple SSE progam and if so, it use
the optimized variant.
(Not tested for AVX optimizations; it expects that SSE is enabled as well.)
 2018-07-07 10:36:49 +02:00
Milan Broz
2f38ade0e0 Update Argon2 header to match upstream. 2018-07-07 10:35:23 +02:00
Milan Broz
5fcf430c81 Fix crypto backend for LibreSSL >= 2.7.0. 
There are now OpenSSL 1.1.x API functions, no need for compatibility wrapper.

Fixes #393.
 2018-06-17 16:45:09 +02:00
Milan Broz
9a72ec366d Move generic ciper backend utilities to separate file. 
And add wrapped key check.
 2018-04-15 15:31:10 +02:00
Milan Broz
6d2979459e Key parameter is always const in cipher and storage backend. 2018-02-23 10:40:17 +01:00
Milan Broz
dee38e9c0b Rename buffer to key in hmac_init in crypto backend. 
It is key and naming was confusing.
 2018-02-23 10:40:14 +01:00
Milan Broz
b4fc36ea62 Make all crypto backend destructors return void. 
Nothing in the code actually checks the return values anyway.
 2018-02-23 10:40:11 +01:00
Milan Broz
16dc58312c Move PBKDF limits to crypto backend (to one place). 2018-02-08 15:34:45 +01:00
Milan Broz
180d96234e Fix another compiler warnings with extra flags. 2018-01-20 21:17:10 +01:00
Milan Broz
1fe014dbae Update copyright year. 2018-01-20 17:55:21 +01:00
Milan Broz
aeea93fa95 Properly fail in luksFormat if cipher format is missing required IV. 
For now, crypto API quietly used cipher witout IV if a cipher
algorithm wihtou IV specificaton was used (e.g. aes-xts).

This caused fail later during activation.

This patch allows only two specific backed use without specified IV
(ECB mode and NULL cipher).

Also check cipher string early during parsing of CLI options.
 2018-01-18 21:20:25 +01:00
Milan Broz
7ba4ca1854 Add bundled lib README to package. 2017-12-07 12:15:55 +01:00
Milan Broz
f507d16baa Update bundled Argon2 source. 2017-11-14 12:07:53 +01:00
Andrea Gelmini
a97de38b6b Fix typos. 2017-11-08 10:22:49 +01:00
Milan Broz
86ef5475b9 Enable OpenSSL backend in FIPS mode. 
Note that this is just for testing, primary FIPS backend is gcrypt.
 2017-10-14 21:37:10 +02:00
Milan Broz
d77bbe93c1 Use non-recursive automake. 
This change also causes that now binaries and libraries are placed in
build root directory.

Now we can use subdir-objects for automake.
 2017-10-12 11:48:17 +02:00
Milan Broz
8dc35a7906 Enable to use system libargon2. 
Rename --disable-argon2 to --disable-internal-argon2 option
and add --enable-libargon2 flag to allow system libarhgon2.
 2017-10-04 15:24:26 +02:00