eessppeelllloo/cryptsetup
1
0
Fork 0
mirror of https://gitlab.com/cryptsetup/cryptsetup.git synced 2025-12-16 13:20:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,544 Commits 13 Branches 79 Tags
d4b43d857857e710dfcff92ba1e61d3b888d2c05
Commit Graph

12 Commits

Author SHA1 Message Date
Milan Broz
1fe014dbae Update copyright year. 2018-01-20 17:55:21 +01:00
Milan Broz
aeea93fa95 Properly fail in luksFormat if cipher format is missing required IV. 
For now, crypto API quietly used cipher witout IV if a cipher
algorithm wihtou IV specificaton was used (e.g. aes-xts).

This caused fail later during activation.

This patch allows only two specific backed use without specified IV
(ECB mode and NULL cipher).

Also check cipher string early during parsing of CLI options.
 2018-01-18 21:20:25 +01:00
Milan Broz
f66dedc759 Add plain64be IV to storage backend. 2017-09-11 12:33:10 +02:00
Milan Broz
98368c4770 Update copyright years. 2017-03-12 13:17:15 +01:00
Milan Broz
d7d76e72f7 Update URLs (->gitlab.com). 
The code.google is going to be abandoned.
Thank you you for all the fish.
 2015-03-19 11:23:16 +01:00
Milan Broz
979aec773e Fix activation using (UNSECURE) ECB mode. 
Apparently there are some people using ECB.

This mode by design do not use any IV, unfortunately
kernel dmcrypt allows to specify them (but userspace crypto api don't).

Let support activation as it was in previous version.

Should fix issue#238.
 2015-01-15 13:21:42 +01:00
Milan Broz
f7b61b2617 Prevent compiler to optiize-out memset for on-stack variables. 
Also see
https://cryptocoding.net/index.php/Coding_rules#Prevent_compiler_interference_with_security-critical_operations

The used code is inspired by the code in Blake2 implementation.
 2015-01-11 20:26:45 +01:00
Milan Broz
dc8c47d936 Fallback to old temporary device mapping method if hash is not supported. 2014-07-12 20:30:24 +02:00
Milan Broz
54c7a2b0aa Fix signed/unsigned compiler warnings. 2014-06-29 11:55:11 +02:00
Milan Broz
dfd46df8a5 Properly fail for unsupported IVs. 2014-06-29 10:38:50 +02:00
Milan Broz
4d30237f7a Handle error better in storage wrapper. 2014-06-01 22:02:32 +02:00
Milan Broz
a3c0f6784b Process LUKS keyslots in userspace through kernel crypto wrapper. 
This allow LUKS handling without requiring root privilege.

The dmcrypt device-mapper is used only for device activation now.
 2014-06-01 21:34:21 +02:00