Commit c2a33b48 authored by Milan Broz's avatar Milan Broz

Allow empty cipher (cipher_null).

parent 490c17b3
2012-05-09 Milan Broz <gmazyland@gmail.com> 2012-05-09 Milan Broz <gmazyland@gmail.com>
* Fix keyslot removal (wipe keyslot) for device with 4k hw block (1.4.0). * Fix keyslot removal (wipe keyslot) for device with 4k hw block (1.4.0).
* Allow empty cipher (cipher_null) for testing.
2012-05-02 Milan Broz <gmazyland@gmail.com> 2012-05-02 Milan Broz <gmazyland@gmail.com>
* Fix loop mapping on readonly file. * Fix loop mapping on readonly file.
......
...@@ -243,7 +243,7 @@ static void hex_key(char *hexkey, size_t key_size, const char *key) ...@@ -243,7 +243,7 @@ static void hex_key(char *hexkey, size_t key_size, const char *key)
static char *get_params(struct crypt_dm_active_device *dmd) static char *get_params(struct crypt_dm_active_device *dmd)
{ {
int r, max_size; int r, max_size, null_cipher = 0;
char *params, *hexkey; char *params, *hexkey;
const char *features = ""; const char *features = "";
...@@ -255,11 +255,17 @@ static char *get_params(struct crypt_dm_active_device *dmd) ...@@ -255,11 +255,17 @@ static char *get_params(struct crypt_dm_active_device *dmd)
log_dbg("Discard/TRIM is not supported by the kernel."); log_dbg("Discard/TRIM is not supported by the kernel.");
} }
hexkey = crypt_safe_alloc(dmd->vk->keylength * 2 + 1); if (!strncmp(dmd->cipher, "cipher_null-", 12))
null_cipher = 1;
hexkey = crypt_safe_alloc(null_cipher ? 2 : (dmd->vk->keylength * 2 + 1));
if (!hexkey) if (!hexkey)
return NULL; return NULL;
hex_key(hexkey, dmd->vk->keylength, dmd->vk->key); if (null_cipher)
strncpy(hexkey, "-", 2);
else
hex_key(hexkey, dmd->vk->keylength, dmd->vk->key);
max_size = strlen(hexkey) + strlen(dmd->cipher) + max_size = strlen(hexkey) + strlen(dmd->cipher) +
strlen(dmd->device) + strlen(features) + 64; strlen(dmd->device) + strlen(features) + 64;
......
...@@ -58,6 +58,15 @@ int crypt_parse_name_and_mode(const char *s, char *cipher, int *key_nums, ...@@ -58,6 +58,15 @@ int crypt_parse_name_and_mode(const char *s, char *cipher, int *key_nums,
return 0; return 0;
} }
/* Short version for "empty" cipher */
if (!strcmp(s, "null")) {
strncpy(cipher, "cipher_null", MAX_CIPHER_LEN);
strncpy(cipher_mode, "ecb-null", 9);
if (key_nums)
*key_nums = 0;
return 0;
}
if (sscanf(s, "%" MAX_CIPHER_LEN_STR "[^-]", cipher) == 1) { if (sscanf(s, "%" MAX_CIPHER_LEN_STR "[^-]", cipher) == 1) {
strncpy(cipher_mode, "cbc-plain", 10); strncpy(cipher_mode, "cbc-plain", 10);
if (key_nums) if (key_nums)
......
...@@ -60,7 +60,7 @@ dmcrypt_check() # device outstring ...@@ -60,7 +60,7 @@ dmcrypt_check() # device outstring
fail fail
fi fi
X=$($CRYPTSETUP status $1 | grep cipher | sed s/\.\*cipher:\\s*//) X=$($CRYPTSETUP status $1 | grep cipher: | sed s/\.\*cipher:\\s*//)
if [ $X = $2 ] ; then if [ $X = $2 ] ; then
echo -n "[status OK]" echo -n "[status OK]"
else else
...@@ -133,6 +133,11 @@ add_device ...@@ -133,6 +133,11 @@ add_device
dmcrypt aes aes-cbc-plain dmcrypt aes aes-cbc-plain
dmcrypt aes-plain aes-cbc-plain dmcrypt aes-plain aes-cbc-plain
# empty cipher
dmcrypt null cipher_null-ecb-null
dmcrypt cipher_null cipher_null-cbc-plain
dmcrypt cipher_null-ecb-null
# codebook doesn't support IV at all # codebook doesn't support IV at all
for cipher in $CIPHERS ; do for cipher in $CIPHERS ; do
dmcrypt "$cipher-ecb" dmcrypt "$cipher-ecb"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment