crypt_wipe_device was called incorrectly on metadata device even
though integrity header is always on data device from cryptsetup
pov. During LUKS2 crypt_format with detached header scenario we
would wiped first 8 sectors of metadata device instead of data
device.
When LUKS2 crypt_format() is called with detached header and custom data
alignment is requested, keyslots area is miscalculated. This mistake
is correctly detected by LUKS2 validation code but it's feature
regression with regard to LUKSv1 format.
Also rename all 'length' variable to 'size' since json
field is named size.
Make segment validation two step process. First
validate general segment object is valid and later
validate specific segment type has all necessary fields.
Without this patch older libraries won't be able to print out
(luksDump) basic information about devices created with newer
libraries.
If any segment has missing 'offset' field keyslots validation
routine could trigger segfault due to misuse of function that
expects valid 'segments' object.
Fix it by reordering validation routines.
Move all messages to cryptsetup tools and print these
verbose messages:
- Key slot X unlocked.
- Key slot X created.
- Key slot X removed.
and
- Token X created.
- Token X removed.
Also print error, if unknown token is tried to be removed.
This patch has no functional impact. It only renames misleading
parameter 'keyfile_size_max' to 'key_size' because that's
how it's actually interpreted since beginning. Also updated
API documentation accordingly.
Also moves FIXME comment lower to LUKS2 code with note that currently it's
safe to do crypt_repair on LUKS2 format without paying attention to LUKS2
requirements.
auto-recovery triggers any time when only single correct LUKS2
header instance was found. That may be dangerous.
We should suppress auto-recovery in case blkid decided the
device is no longer LUKS device. For example if secondary (intact)
LUKS2 header was left behind and blkid declares the device is LVM2
member.
Moreover if at least one header instance is corrupted and blkid
declares device non-empty and non-LUKS in the same time, header load
operation will be aborted with error.
We call crypt_random_init in init_crypto, but never call
crypt_random_exit. This change just copies what the crypt_backend
functions do, and calls crypt_random_exit in the descructor.
The code scan for the second header only if primary is corrrupted.
Let's set the possible offsets more clear.
This patch also removes 8kB header offset (that was not supported anyway).
Note: it is always better to use external libargon2 library.
Unfortunately, until Argon2 is in generic crypto libraries,
we must sometimes use bundled version just for bureaucratic reasons.
Let's include optimized variant of reference implementation as well.
Note, this code will not add any SSE compiler switches.
If --enable-internal-sse-argon2 option is used, it checks if current
compilation flags support simple SSE progam and if so, it use
the optimized variant.
(Not tested for AVX optimizations; it expects that SSE is enabled as well.)
Almost all the headers in cryptsetup are self-suffienct (in that they
compile on their own). By including <stddef.h>, <stdint.h>, or
<sys/types.h>, all headers will now compile on their own.
This is useful for importing cryptsetup into Bazel/Blaze.
see unit test write_blockwise(length=2097153, bsize=4096), on x86
with original test file size=2097152.
The test is trying to write_blockwise 1 more byte than actual file
size.
Note that both functions perform seek operations aligned to sector
boundary if possible before returning.
Unaligned input offset gets aligned on first preceding sector
boundary.
This change makes the declaration of logger() match its definition,
it also avoids the use of the "class" C++ keyword. This is useful for
importing cryptsetup into Bazel/Blaze.
The PBKDF2 benchmark heavily depends on exported volume key length,
so we either have to remeber benchmarked length or just run test always.
For other KDFs the dependence on generated key length is negligible,
so we can cache benchmark.
