eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-12 11:20:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,341 Commits 16 Branches 78 Tags
a1a7d41e7a86436c5cf0910f432234449cccb4e4
Commit Graph

236 Commits

Author SHA1 Message Date
Milan Broz
49937ac591 Detect # of keys from cipher string. 
Fix status output string.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@417 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-01-25 18:48:48 +00:00
Milan Broz
66bea4b3be Add dm flags for query for features. 
Move adjust device helper to utils.
Fix locking memory message.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@416 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-01-25 18:48:41 +00:00
Milan Broz
af87ffbd37 Add context to crypto backend init (so it can print errors to callback). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@415 36d66b0a-2a48-0410-832c-cd162a569da5
 2011-01-16 10:40:57 +00:00
Milan Broz
d04d9f336a Switch to new crypto backend interface. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@408 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-12-31 14:33:43 +00:00
Milan Broz
38c694a143 Fix crypt_activate_by_keyfile() to work with PLAIN devices. 
(allows systemd swap with /dev/urandom activation)

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@385 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-11-25 14:56:46 +00:00
Milan Broz
a70b27762d Fix some warnings if compiled with clang. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@371 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-11-15 16:19:19 +00:00
Milan Broz
312d8eca73 * Allow to activate by internally cached volume key 
(format/activate without keyslots active - used for temporary devices).
* Initialize volume key from active device in crypt_init_by_name()

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@365 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-11-14 17:22:04 +00:00
Milan Broz
f90edb6133 Simplify return codes from get key functions. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@363 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-11-13 16:41:29 +00:00
Milan Broz
6258753b1a * Fix password callback call. 
* Fix default plain password entry from terminal in activate_by_passphrase.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@362 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-11-13 16:41:20 +00:00
Milan Broz
b7caa72acd * Disallow mapping of device which is already in use (mapped or mounted). 
* Disallow luksFormat on device in use.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@361 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-11-05 17:53:33 +00:00
Milan Broz
c9881f8c33 * Add crypt_get_type(), crypt_resize(), crypt_keyslot_max() 
and crypt_get_active_device() to API.
* Rewrite all implementations in cryptsetup to new API.
* Fix luksRemoveKey to behave as documented (do not ask
for remaining keyslot passphrase).
* Add more regression tests for commands.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@360 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-11-05 11:27:47 +00:00
Milan Broz
a38cb2375f * Add crypt_set_uuid() to API. 
* Allow UUID setting in luksFormat and luksUUID (--uuid parameter).

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@355 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-29 13:54:14 +00:00
Milan Broz
dfe77be748 * Implement --use-random and --use-urandom for luksFormat to allow setting of RNG for volume key generator. 
* Add crypt_set_rng_type() and crypt_get_rng_type() to API.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@354 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-27 15:35:23 +00:00
Milan Broz
3ae161df5d Move get_key to common code, simplify verify flags. 
(This code need rewrite anyway).

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@352 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 22:08:02 +00:00
Milan Broz
3a5a1ea0e7 Move safe alloc routines into common lib file. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@351 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 22:07:43 +00:00
Milan Broz
bb8e085378 Add utils_crypt file and test for supported modes presentation. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@348 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 14:34:47 +00:00
Milan Broz
3b50005d2f Simplify crypto backend init. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@347 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 14:34:35 +00:00
Milan Broz
ef10cd09ec Generalise volume key struct. 
Do not generate unused volume key in PLAIN mode.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@346 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-26 14:34:17 +00:00
Milan Broz
9679fb7f25 Add crypt_get_device_name() to API (get underlying device name). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@342 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-10-18 14:47:06 +00:00
Milan Broz
b117dcc209 Do not query non-existent device twice: 
# cryptsetup status /dev/nonexistent
  Device /dev/nonexistent not found
  Device /dev/nonexistent not found

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@330 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-08-13 14:05:34 +00:00
Milan Broz
ef44e6e3d3 Use default data alignment to 1MiB. 
If there is topology info, use default if topology is multiple of default,
otherwise use topology values.

See https://bugzilla.redhat.com/show_bug.cgi?id=621684 and issue 55.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@325 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-08-09 16:34:42 +00:00
Milan Broz
1e03a34ccb Fix activate_by_* API calls to handle NULL device name as documented. 
And add some tests for this.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@262 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-06-03 15:18:14 +00:00
Milan Broz
6ec29d935f Fix (deprecated) reload device command to accept new device argument. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@241 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-05-30 12:23:38 +00:00
Milan Broz
49463051bc Remove device even if underlying device disappeared. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@240 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-05-30 12:20:56 +00:00
Milan Broz
b4ebe0be18 Add verbose log level and move unlocking keyslot messages there. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@238 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-05-27 18:44:14 +00:00
Milan Broz
231ab0167b Fix luksFormat/luksOpen reading passphrase from stdin and "-" keyfile. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@237 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-05-27 18:44:00 +00:00
Milan Broz
e38a19f5e9 Fix isLuks to initialise crypto backend (blkid instead is suggested anyway). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@213 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-05-01 14:01:43 +00:00
Milan Broz
c10aff8a9d Fix luksOpen reading of passphrase on stdin (if "-" keyfile specified) (Issue 52) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@208 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-04-30 16:21:24 +00:00
Milan Broz
611278ca39 Allow no hash specification in plain device constructor (issue 63). 
Fix some warnings in apitest.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@207 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-04-30 14:05:25 +00:00
Milan Broz
1dcd5a3de5 Detect old dm-crypt module and disable LUKS suspend/resume. 
Fix apitest to work on older systems.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@205 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-04-30 12:03:41 +00:00
Milan Broz
d39b33a371 Avoid class C++ keyword in library header. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@197 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-04-12 11:53:47 +00:00
Milan Broz
743fbbc451 Support topology information for data alignment (LUKS). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@195 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-04-09 15:35:19 +00:00
Milan Broz
37708b7cad Properly initialise crypto backend in header backup/restore commands. (fixes issue #49) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@190 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-02-25 16:00:12 +00:00
Milan Broz
ba7e7f94bf Do not verify unlocking passphrase in luksAddKey command. (fixes issue #50) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@189 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-02-25 15:41:22 +00:00
Milan Broz
a97b56cc32 Properly initialise gcrypt in format call. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@171 36d66b0a-2a48-0410-832c-cd162a569da5
 2010-01-10 20:40:41 +00:00
Milan Broz
ad224b479a Change in iterations counts: 
* Fix key slot iteration count calculation (small -i value was the same as default).
  * The slot and key digest iteration minimun is now 1000.
  * The key digest iteration # is calculated from iteration time (approx 1/8 of that).

If something very strange happens, and the generated key is not completely random
(wrong RNG), attacker can skip the whole kesylot area processing and try to
brute force key according to limited set of keys.

The iteration time (default, inherited from slot iteration time, is cca 120ms)
can make this attack slower, if not impossible.

Note, that this is just theorethic problem, anyway it is better to be prepared
if possible:-)

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@159 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-12-30 19:02:44 +00:00
Milan Broz
1c58538b6d Fix typos (Thanks to Solveig). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@148 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-11-28 14:43:07 +00:00
Milan Broz
c3064c9442 Add temporary debug code to allow better debugging of races 
with various udev-event tools which wrongly scan and open
internal temporary cryptsetup devices.

If cryptsetup run in debug mode (--debug) and remove of device
fails, code scan /proc directory and tries to find process name
which locked that device.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@141 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-11-15 19:26:36 +00:00
Milan Broz
4a5bfd7509 Always print warning when device is not LUKS in crypt_load(). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@137 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-11-14 21:33:30 +00:00
Milan Broz
e698843420 Add CRYPT_ prefix to enum defined in libcryptsetup.h. 
(Avoid collision with other defines.)

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@136 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-11-14 21:33:16 +00:00
Milan Broz
70606301ef Fix uninteded change in keysize. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@135 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-10-23 16:24:50 +00:00
Milan Broz
873017d0fa Allow initialisation without specifying device. 
This is used e.g. when caller need only generate volume key in plain mode.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@134 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-10-23 10:43:11 +00:00
Milan Broz
6a14ba8eb5 Allow manipulate with device with only header on it (no data). 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@133 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-10-23 10:43:03 +00:00
Milan Broz
2bda053677 Rename internal locking helpers (avoids conflict when statically linking.) 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@132 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-10-23 10:42:56 +00:00
Milan Broz
3e037b7422 Move duplicated failed message to verbose level, add some debug messages, fix resize call. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@126 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-10-01 14:11:55 +00:00
Milan Broz
de95a38381 Move dm backend initialisation to library calls. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@125 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-10-01 10:14:32 +00:00
Milan Broz
8bec41ab34 Properly apply versioned symbols in library and fix problems uncovered 
by doing that:-)

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@124 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-09-30 15:07:41 +00:00
Milan Broz
e026f089be Add luksHeaderBackup and luksHeaderRestore commands and API cals. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@114 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-09-28 17:45:38 +00:00
Milan Broz
935e83ebfa Initialize crypto library before LUKS header load. 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@111 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-09-15 15:10:23 +00:00
Milan Broz
1cc33f943e patch 1.patch 
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@109 36d66b0a-2a48-0410-832c-cd162a569da5
 2009-09-10 12:41:18 +00:00