1. 11 Oct, 2018 1 commit
  2. 25 Sep, 2018 1 commit
  3. 09 Aug, 2018 1 commit
  4. 21 Jul, 2018 1 commit
    • Rafael Fontenelle's avatar
      Fix typos · f35ec977
      Rafael Fontenelle authored
      A bunch of typos reported by codespell, most of them comments in the code
  5. 19 Jul, 2018 1 commit
    • Milan Broz's avatar
      Print verbose message about keyslot and token numbers. · eabd23f3
      Milan Broz authored
      Move all messages to cryptsetup tools and print these
      verbose messages:
        - Key slot X unlocked.
        - Key slot X created.
        - Key slot X removed.
        - Token X created.
        - Token X removed.
      Also print error, if unknown token is tried to be removed.
  6. 07 Jul, 2018 1 commit
    • joerichey@google.com's avatar
      Make all header files self-suffienct · 59b5f360
      joerichey@google.com authored
      Almost all the headers in cryptsetup are self-suffienct (in that they
      compile on their own). By including <stddef.h>, <stdint.h>, or
      <sys/types.h>, all headers will now compile on their own.
      This is useful for importing cryptsetup into Bazel/Blaze.
  7. 26 Apr, 2018 1 commit
  8. 06 Apr, 2018 1 commit
    • Milan Broz's avatar
      Check cipher before writing metadata (LUKS2). · 187170ec
      Milan Broz authored
      Some ciphers and key sizes created on-disk metadata that cannot be used.
      Use the same test for length-preserving cipher as LUKS1.
      Also check if key for integrity algorithm is not too small.
      Fixes #373.
  9. 25 Mar, 2018 1 commit
  10. 20 Jan, 2018 1 commit
  11. 19 Jan, 2018 1 commit
  12. 07 Dec, 2017 2 commits
  13. 06 Dec, 2017 1 commit
  14. 08 Nov, 2017 1 commit
  15. 12 Oct, 2017 1 commit
    • Milan Broz's avatar
      Use non-recursive automake. · d77bbe93
      Milan Broz authored
      This change also causes that now binaries and libraries are placed in
      build root directory.
      Now we can use subdir-objects for automake.
  16. 10 Oct, 2017 1 commit
  17. 24 Sep, 2017 2 commits
  18. 12 Aug, 2017 1 commit
    • Milan Broz's avatar
      Move PBKDF internal benchmark to one place. · 5fc79f56
      Milan Broz authored
      Also cache its value in active context, so we run benchmark
      only once.
      The patch also changes calculated value for LUKS1 key digest
      to 125 miliseconds (it means that for full 8 used slots
      the additional slow-down is circa 1 second).
      Note that there is no need to have too high iteration count
      for key digest; if it is too computationally expensive, attacker
      will better decrypt of one sector with candidate key anyway.
      (Check for a known signature.)
      The reason to have some delay for key digest check was
      to complicate brute-force search for volume key with LUKS header
      only (and if RNG used to generate volumekey was flawed
      allowing such a search i reasonable time).
  19. 10 Aug, 2017 1 commit
  20. 06 Aug, 2017 2 commits
    • Milan Broz's avatar
      Change PBKDF interface API. · 0abf57be
      Milan Broz authored
      Prepare API for PBKDF that can set three costs
        - time (similar to iterations in PBKDF2)
        - memory (required memory for memory-hard function)
        - threads (required number of threads/CPUs).
      This patch also removes wrongly designed API call
      crypt_benchmark_kdf and replaces it with the new call
      Two functions for PBKDF per context setting
      are introduced: crypt_set_pbkdf_type and crypt_get_pbkdf_type.
      The patch should be backward compatible when using
      crypt_set_iteration_time function (works only for PBKDF2).
      Signed-off-by: Milan Broz's avatarMilan Broz <gmazyland@gmail.com>
    • Milan Broz's avatar
      Add Argon2 bundled library to crypto backend. · 09d14a0b
      Milan Broz authored
      The Argon2i/id is a password hashing function that
      won Password Hashing Competiton.
      It will be (optionally) used in LUKS2 for passworrd-based
      key derivation.
      We have to bundle code for now (similar PBKDF2 years ago)
      because there is yet no usable implementation in common
      crypto libraries.
      (Once there is native implementation, cryptsetup
      will switch to the crypto library version.)
      For now, we use reference (not optimized but portable) implementation.
      This patch contains bundled Argon2 algorithm library copied from
      For more info see Password Hashing Competition site:
      and draft of RFC document
        https://datatracker.ietf.org/doc/draft-irtf-cfrg-argon2/Signed-off-by: Milan Broz's avatarMilan Broz <gmazyland@gmail.com>
  21. 29 Jun, 2017 1 commit
  22. 24 Jun, 2017 1 commit
  23. 23 Jun, 2017 1 commit
  24. 16 Jun, 2017 1 commit
  25. 15 Jun, 2017 1 commit
    • Ondrej Kozina's avatar
      luks1: harden checks for possibly corrupted headers · bef56af7
      Ondrej Kozina authored
      this patches improves two areas:
      1) it checks for keyslot areas overlaping each other
      2) it checks if all keyslot areas fit in header area of device
         (pre-data-offset area) or if it can fit file (detached header)
         it's being loaded from. Those new checks are based on real data
         found in header (offsets) rather than based on assumption calculated
         from key length
  26. 08 Jun, 2017 2 commits
  27. 07 Jun, 2017 1 commit
  28. 21 Apr, 2017 1 commit
  29. 14 Apr, 2017 1 commit
  30. 12 Mar, 2017 1 commit
  31. 08 Jun, 2016 1 commit
    • Ondrej Kozina's avatar
      code cleanup related to devfd checks · 16fab74a
      Ondrej Kozina authored
      alter all checks for devfd value after device_open to
      less than zero insted of equals to -1. device_open will
      return values different from -1 in case error happens.
      In LUKSv1 device_open should always return -1 in case of
      error but this check is safer.
      The rest is just formating improvement.
  32. 13 May, 2016 1 commit
    • Ondrej Kozina's avatar
      keymanage: eliminate double close() call · e1dca468
      Ondrej Kozina authored
      fix  double close() cases in LUKS_hdr_backup() and LUKS_hdr_restore()
      functions. It should be harmless unless libcryptsetup is used
      in multi-thread setup which is not supported anyway.
  33. 24 Apr, 2016 1 commit
    • Milan Broz's avatar
      Fix warnings reported by static analysis. · 683e4db4
      Milan Broz authored
      - ensure that strings are \0 terminated (most of this is already
      handled on higher level anyway)
      - fix resource leak in error path in tcrypt.c
      - fix time of check/time of use race in sysfs path processing
      - insruct Coverity scanner to ignore constant expression in random.c
      (it is intented to stop compile-time misconfiguration of RNG that would be fatal)
  34. 23 Mar, 2016 1 commit
  35. 01 Dec, 2015 2 commits