eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-19 23:00:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,267 Commits 13 Branches 81 Tags
a1111c7aa0ff267427bba440cc38bbf765d4cb1c
Commit Graph

2267 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ondrej Kozina
1bf5ff3e6e Open files in read-write mode for posix_fallocate. 
Unfortunately there exists some weird NFS variations requiring read
permissions for fallocate.
 2018-07-07 10:25:01 +02:00
Milan Broz
cd2a1a169f Skip test if scsi_debug is not available. 2018-07-07 10:24:35 +02:00
joerichey@google.com
59b5f360af Make all header files self-suffienct 
Almost all the headers in cryptsetup are self-suffienct (in that they
compile on their own). By including <stddef.h>, <stdint.h>, or
<sys/types.h>, all headers will now compile on their own.

This is useful for importing cryptsetup into Bazel/Blaze.
 2018-07-07 10:23:39 +02:00
joerichey@google.com
e8b6890318 Don't implicitly discard const 
As poptGetOptArg() returns "const char *", assigning it to a
"const char *" varible triggers a warning on Clang:
"incompatible-pointer-types-discards-qualifiers".
 2018-07-07 10:22:57 +02:00
Ondrej Kozina
d7b9ed05f0 Add scsi_debug_teardown loop in blockwise tests. 
scsi_debug module sometimes fails to remove due to
open references from udev scans.
 2018-06-20 16:58:25 +02:00
Ondrej Kozina
dc852a100f Fix write_blockwise on short files. 
see unit test write_blockwise(length=2097153, bsize=4096), on x86
with original test file size=2097152.

The test is trying to write_blockwise 1 more byte than actual file
size.
 2018-06-20 16:58:19 +02:00
Ondrej Kozina
838d51d296 Fix write_lseek_blockwise for in the middle of sector case. 
See unit test write_lseek_blockwise(bsize=512, offset=1, length=1).

The test tries to modify single byte at offset 1 of device with
bsize=512.
 2018-06-20 16:58:01 +02:00
Ondrej Kozina
e2845bc032 Zero length lseek blockwise i/o should return zero. 
Note that both functions perform seek operations aligned to sector
boundary if possible before returning.

Unaligned input offset gets aligned on first preceding sector
boundary.
 2018-06-20 16:57:54 +02:00
Ondrej Kozina
8c021fd784 Extend blockwise unit tests on files. 2018-06-20 16:57:46 +02:00
Ondrej Kozina
406ec14585 Add unit tests for low level io helpers. 2018-06-20 16:57:40 +02:00
Ondrej Kozina
c27b42e425 Make low level io functions internal library. 
it's prerequisite for later unit tests
 2018-06-20 16:57:33 +02:00
joerichey@google.com
2d94d7ab0c Fix declaration of logger() 
This change makes the declaration of logger() match its definition,
it also avoids the use of the "class" C++ keyword. This is useful for
importing cryptsetup into Bazel/Blaze.
 2018-06-19 08:27:46 +02:00
Milan Broz
5fcf430c81 Fix crypto backend for LibreSSL >= 2.7.0. 
There are now OpenSSL 1.1.x API functions, no need for compatibility wrapper.

Fixes #393.
 2018-06-17 16:45:09 +02:00
Milan Broz
cea4b3e363 Fix #389 Base64 typo. 2018-06-07 08:37:23 +02:00
Milan Broz
e00d8fb544 Add basic tests for new AEAD modes. 2018-05-21 15:52:31 +02:00
Milan Broz
e654fabe04 Add some new AEAD modes and allow SHA1 for integrity check. 
NOTE: all this code will be switched to generic checks, this list
is just a temporary hack.
 2018-05-21 15:29:49 +02:00
Milan Broz
18592a08be Update readme.md. 2018-05-03 22:45:48 +02:00
Milan Broz
1763260578 Update po files. v2.0.3 2018-05-03 21:30:29 +02:00
Milan Broz
955f10e621 Add 2.0.3 release notes. 2018-05-03 21:29:39 +02:00
Ondrej Kozina
2565fedeb7 Add test for stand-alone --keep-key parameter. 
The --keep-key should work when no other parameters are requested.
It was meant to be "apply defaults on original header".
 2018-05-03 20:23:41 +02:00
Ondrej Kozina
6b8e553ecc Remove subcondition for reencryption --keep-key parameter. 
If removed subcondition was true --keep-key parameter (alone)
would fail the command. But it is valid to request reencryption
of LUKS header and applying defaults to pbkdf parameters.
 2018-05-03 20:23:38 +02:00
Ondrej Kozina
14f81cb275 Fix few typos in cryptsetup-reencrypt man page. 2018-05-03 14:41:18 +02:00
Milan Broz
ddb844226d Run PBKDF2 benchmark always. 
The PBKDF2 benchmark heavily depends on exported volume key length,
so we either have to remeber benchmarked length or just run test always.

For other KDFs the dependence on generated key length is negligible,
so we can cache benchmark.
 2018-05-03 13:01:54 +02:00
Milan Broz
f87ee5112a Fix check for AEAD cipher. 
The crypt_get_integrity() can be not yet set, check for key size
explicitly (otherwise we reject composed ciphers in keyslot check too early.)
 2018-05-03 13:00:40 +02:00
Milan Broz
2a1a773777 Fixes and workarounds for some Coverity scan reports. 2018-04-30 12:26:12 +02:00
Milan Broz
7fede3ee45 Update po files. 
(Version 2.0.3.1 is just resping of translation strings with
trimmed EOL characters.)
 2018-04-30 08:03:40 +02:00
Ondrej Kozina
abcd3511bf Fix memory leak in luksKillSlot action. 2018-04-26 16:39:39 +02:00
Milan Broz
a387557970 Introduce crypt_keyslot_get_key_size() 
This function allows to get key size even for unboud keyslots.
 2018-04-26 14:24:10 +02:00
Milan Broz
daba04d54b Update po files. 2018-04-26 11:50:42 +02:00
Milan Broz
b00a87d8fa Remove trailing EOL for verbose and error messages. 2018-04-26 10:38:17 +02:00
Milan Broz
aee55b0595 Use fixed buffer in log function. 
And unify EOL for error and verbose messages.
 2018-04-26 10:00:31 +02:00
Milan Broz
e58883c183 Hide return code check fot fallocate (that can silenty fail in this context). 2018-04-26 09:55:31 +02:00
Milan Broz
321e840c1c Fix some signed/unsigned warnings. 2018-04-25 14:59:36 +02:00
Milan Broz
19ac1dd393 Fix Veracrypt PIM iteration calculation for system volumes 
According to
https://www.veracrypt.fr/en/Personal%20Iterations%20Multiplier%20%28PIM%29.html

The PBKDF2-SHA512 and PBKDF2-Whirlpool KDF for system volumes uses the same
formula as normal encryption.

Thanks Bernhard Kirchen for original patch.
 2018-04-25 14:01:36 +02:00
Ondrej Kozina
13796ee4c7 Add --with-default-luks-format configure time option. 
Add option to override default LUKS format version (currently LUKS1).
 2018-04-25 12:19:45 +02:00
Milan Broz
10bb78458d Move EOL in tool verbose and error messages to log wrapper. 2018-04-25 10:43:02 +02:00
Milan Broz
6997506bb9 Fix error messages and include benchmark string for translators. 2018-04-25 09:35:11 +02:00
Milan Broz
480c7178a8 Do not use trailing period in options help texts. 2018-04-25 08:41:59 +02:00
Milan Broz
0279d8f466 Update po files. 2018-04-25 08:32:40 +02:00
Milan Broz
1a6183d0c4 Fix non-translated string with default integrity algorithm macro. 
Fixes #377.
 2018-04-25 08:29:34 +02:00
Milan Broz
487acbb573 Merge branch 'veracrypt-kdf-preference' into 'master' 
adjust KDF preference to VeraCrypt order

See merge request cryptsetup/cryptsetup!39
 2018-04-24 21:08:28 +00:00
Milan Broz
f97eba6539 Merge branch 'tcryptDump-pim-support' into 'master' 
tcryptDump: fix support for --veracrypt-pim

See merge request cryptsetup/cryptsetup!37
 2018-04-24 21:02:19 +00:00
Milan Broz
cac84abdd9 Merge branch 'urlencode-veracrypt-docs-link' into 'master' 
urlencode brackets in URL to VeraCrypt PIM docs

See merge request cryptsetup/cryptsetup!36
 2018-04-24 21:00:10 +00:00
Bernhard Kirchen
ef045f9f65 adjust KDF preference to VeraCrypt order 
RIPEMD160 is not even allowed any more as an option when creating an
encrypted file container using VeraCrypt. when encryption the system
partition/drive, it is below SHA256 in the list of options.

the order is like that since VeraCrypt version 1.0f (2014-12-30,
see https://www.veracrypt.fr/en/Release%20Notes.html).
 2018-04-24 22:22:55 +02:00
Bernhard Kirchen
6002099288 tcryptDump: fix support for --veracrypt-pim 
the user provided PIM value was not forwarded to the respective
implementation dumping the VeraCrypt header information.

extends the tcrypt-compat-test such that tcryptDump is performed
on VeraCrypt containers as well.
 2018-04-24 22:20:06 +02:00
Bernhard Kirchen
181f621a90 urlencode brackets in URL to VeraCrypt PIM docs 2018-04-24 21:54:26 +02:00
Milan Broz
5a71c6f2eb Set devel version. 2018-04-24 20:22:00 +02:00
Milan Broz
487965dc8a Fix LUKS convert on trimmed headers in file. 
If last write in move area failed, the keyslot is in fact destroyed.

We need to at least ensure that the whole area is there
(so write fails only for hard errors).
 2018-04-24 16:36:17 +02:00
Milan Broz
874c573bd4 Do not allow used block size larger than page size. 
Some filesystems (NFS) returns bogus blocksize (1MB).
Page-size io should always work and avoids increasing IO beyond aligned LUKS header.
 2018-04-24 16:36:11 +02:00
Milan Broz
f63e1cfbfc Rename contains() to json_contains(). 2018-04-24 11:04:53 +02:00