eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-16 21:29:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
960 Commits 13 Branches 79 Tags
4f89028c6760b69b5f94aaa44523b0913b586ae6
Commit Graph

144 Commits

Author SHA1 Message Date
Ondrej Kozina
4f89028c67 modify FIPS checks 
- we need a way to notify an user about running misconfigured system which
will turn to be unusable in real FIPS mode. For more details look at:
http://bugzilla.redhat.com/show_bug.cgi?id=1009707#c25

- also fixes invisble verbose log about running in FIPS mode due to its misplacement
 2014-06-22 17:24:10 +02:00
Milan Broz
91c739958c Allow ECB mode in cryptsetup benchmark. 2014-06-17 23:09:13 +02:00
Milan Broz
0614ab6b07 Allow simple status of crypt device without providing metadata header. 
If device is activated, we can provide some information from
active kernel parameters instead of header.
 2014-06-14 17:42:57 +02:00
Milan Broz
49e55c0f42 Fix keyfile offset parameter for loopaes. 
Fixes Issue#216.
 2014-06-14 14:35:27 +02:00
Cristian Rodríguez
a809224ec7 Fix all format string issues found by the attribute format patch 2014-04-12 08:52:20 +02:00
Milan Broz
2e97d8f8e8 Prepare version 1.6.4. 2014-02-27 14:36:13 +01:00
Milan Broz
2ad69eba90 Verify new passphrase by default in luksChangeKey and luksAddKey. 2014-02-27 13:26:05 +01:00
Milan Broz
cf534f3759 Implement erase command. 2014-02-05 17:17:12 +01:00
Milan Broz
7f93a49cc3 Support --tries option even for TCRYPT devices in cryptsetup. 2014-01-12 11:37:21 +01:00
Milan Broz
bec86e3d5a Support discard option even for TCRYPT devices. 2014-01-11 22:13:37 +01:00
Milan Broz
f3e398afc5 Rewrite cipher benchmark loop. 
Using getrusage seems toi give not adequate precision,
so use clock_gettime and try to scale buffer size a bit
on high performance systems.

If it still fail, return ERANGE error instead calculating
completely unreliable numbers.

Should fix Issue#186.
 2013-12-01 10:55:35 +01:00
Ondrej Kozina
a21c0503f8 make FIPS checks compliant with new guidance 
(gmazyland: Simplified this NIST nonsense, should be still exactly
equivalent to former patch)
 2013-11-10 18:10:39 +01:00
Milan Broz
da93a3320b Add commandline option --tcrypt-backup to access TCRYPT backup header. 2013-10-29 20:35:07 +01:00
Milan Broz
d67548adfe Fails if more device arguments are present for isLuks. 
Fixes
http://code.google.com/p/cryptsetup/issues/detail?id=165
 2013-07-27 12:43:48 +02:00
Milan Broz
6127b6959f Update copyright year on changed files. 2013-03-24 09:05:33 +01:00
Milan Broz
fd5b88449a Make passphrase prompts more consistent. 
Also see http://code.google.com/p/cryptsetup/issues/detail?id=145
 2013-02-11 14:53:49 +01:00
Milan Broz
fe4175b551 Fix some extended compile warning. 2013-01-10 17:26:19 +01:00
Milan Broz
e689eb4a0a Fix benchmark alignment (wider columns). 2013-01-02 21:53:49 +01:00
Milan Broz
46de69d0e6 Add kernel userspace header detection. 
Add --disable-kernel_crypto to allow compilation with old kernel.
 2012-12-30 12:28:30 +01:00
Milan Broz
0946c704bf Fix status of device if path argument is used. Fix double path prefix for non-existent device path. 2012-12-30 11:48:30 +01:00
Milan Broz
29f21208a0 Change License from GPLv2 only to GPLv2+ ("or any later"). 
Agreed by all copyright authors.
 2012-12-29 11:33:54 +01:00
Milan Broz
3b4424226f Fix non-translated messages. 2012-12-29 11:11:23 +01:00
Milan Broz
e4c4049741 Add basic support for system TCRYPT device. 
Rename option hidden to tcrypt-hidden.
 2012-12-22 22:34:09 +01:00
Milan Broz
e030e3bd15 Add optional libpwquality support for new LUKS passwords. 
If password is entered through terminal (no keyfile specified)
and cryptsetup is compiled with --enable-pwquality, default
system pwquality settings are used to check password quality.
 2012-12-19 17:25:11 +01:00
Milan Broz
c950cf265f Prepare cryptsetup functions for pwquality check. 2012-12-19 15:27:29 +01:00
Milan Broz
32c578729c Handle signals in tool context. 2012-12-11 19:01:46 +01:00
Milan Broz
80d21c039e Fix some problems found by Coverity scan. 2012-12-10 17:28:52 +01:00
Milan Broz
05af3a3383 Move change key into library (add crypt_keyslot_change_by_passphrase). 
This change is useful mainly in FIPS mode, where we cannot
extract volume key directly from libcryptsetup.
 2012-12-07 15:33:47 +01:00
Milan Broz
bd494d23c5 Add PBKDF2 benchmark. 2012-12-05 20:35:42 +01:00
Milan Broz
ef21960600 Document new basic commands open/close (and old syntax aliases). 2012-12-03 13:23:14 +01:00
Milan Broz
a4585423fd Remove some gcc extra warnings (signed/unsigned problems etc). 2012-12-02 23:13:59 +01:00
Milan Broz
4d9c7d39f4 Add master key dump option for tcryptDump. 2012-12-02 20:27:45 +01:00
Milan Broz
6a532cb1b5 cryptsetup: remove useless arg for action functions. 2012-12-02 20:11:10 +01:00
Milan Broz
d93e4212cd Add new commands open/close and make aliases. 
open aliases : create, plainOpen,  luksOpen,  loopaesOpen,  tcryptOpen
close aliases: remove, plainClose, luksClose, loopaesClose, tcryptClose
 2012-12-02 20:03:05 +01:00
Milan Broz
0461d9e822 Better tcrypt test options. 2012-11-30 15:03:01 +01:00
Milan Broz
4f7262aa96 And fix previous comment once more... :) 2012-11-30 13:52:03 +01:00
Milan Broz
eac953c6e4 Fix skcipher failure handling. 2012-11-30 13:37:14 +01:00
Milan Broz
d7fc953fa2 Handle kernel crypto api init failure better. 2012-11-29 18:01:02 +01:00
Milan Broz
c81260b3c3 TCRYPT: add dump command 2012-11-23 17:10:57 +01:00
Daniel Kahn Gillmor
c26bb0f38a make default LUKS PBKDF2 iteration time configurable 2012-11-20 21:23:05 +01:00
Milan Broz
911ffe81f0 TCRYPT: implement (most of) legacy modes support. 2012-11-19 21:25:57 +01:00
Milan Broz
ecf993834c TCRYPT: support keyfiles 2012-11-19 21:25:26 +01:00
Milan Broz
3cbb43a73a Add basic TCRYPT library. 2012-11-19 21:24:59 +01:00
Milan Broz
db97d3d8c8 Add simple cipher benchmarking. 2012-11-19 21:22:43 +01:00
Milan Broz
89e09afdf6 Fix some problems found by Coverity static analysis. 2012-09-19 13:58:00 +02:00
Milan Broz
1d5788f779 Set context for DM log for all DM backend entries. 
Try to handle error if run as non-root user better.
 2012-08-14 19:17:13 +02:00
Milan Broz
ff9db165eb Use common utils_tools.c for all tools. 
Unify tool environment and deduplicate code.
 2012-08-13 18:31:26 +02:00
Petr Písař
9b455125e9 Pass help text to popt already translated 
popt does not process the text registered by poptSetOtherOptionHelp()
through gettext on its own. Application must do it.
 2012-06-26 21:26:04 +02:00
Milan Broz
527c0fe4f9 Rename without_activation to test_passphrase. 2012-06-19 17:37:31 +02:00
Milan Broz
42abcc0fac Remove some redundant brackets. 2012-06-19 15:49:56 +02:00