1. 18 Jan, 2018 9 commits
  2. 17 Jan, 2018 1 commit
    • Milan Broz's avatar
      Introduce new 64bit *keyfile_device_offset functions. · f34ce81f
      Milan Broz authored
      The keyfile interface was designed, well, for keyfiles.
      Unfortunately, a keyfile can be placed on a device and the size_t offset
      can overflow.
      We have to introduce new set of fucntions that allows 64bit offsets even on 32bit systems:
       - crypt_resume_by_keyfile_device_offset
       - crypt_keyslot_add_by_keyfile_device_offset
       - crypt_activate_by_keyfile_device_offset
       - crypt_keyfile_device_read
      The new functions have added _device_ in name.
      Old functions are just internall wrappers around these.
      Also cryptsetup --keyfile-offset and --new-keyfile-offset must now
      process 64bit offsets.
      For more info see issue 359.
  3. 15 Jan, 2018 2 commits
  4. 10 Jan, 2018 1 commit
  5. 05 Jan, 2018 1 commit
  6. 04 Jan, 2018 6 commits
  7. 18 Dec, 2017 1 commit
  8. 17 Dec, 2017 2 commits
  9. 13 Dec, 2017 2 commits
  10. 12 Dec, 2017 1 commit
  11. 10 Dec, 2017 4 commits
    • Milan Broz's avatar
      Update Readme.md. · 251eec84
      Milan Broz authored
    • Milan Broz's avatar
      Prepare version 2.0.0. · bca8a326
      Milan Broz authored
    • Ondrej Kozina's avatar
      Derive VK kernel key description from digest id · c7403246
      Ondrej Kozina authored
      Originally the key description for VK was derived
      from segment id. This could lead to ambiguity when
      keyslot key is verified and loaded in kernel keyring
      using activation functions with CRYPT_ACTIVATE_KEYRING_KEY
      flag raised.
    • Milan Broz's avatar
      Fix a rare fail in key-length regression test with PBKDF2. · f049afcb
      Milan Broz authored
      PBKDF2 has nasty behaviour that it generates the same output
      for passwords that has several trailing zero bytes.
      (IOW null trailing bytes causes collision.)
      Unfortunatelly our test plays with password length
      and expect wrong length must always fail.
      Sometimes the randomly generated key key contains
      the null byte in the "wrong" place and PBKDF2 causes test to fail.
      For now, fix it by using fixed keyfile without null bytes
      (similar to fixed passphrased we already have).
  12. 09 Dec, 2017 4 commits
  13. 07 Dec, 2017 6 commits