aboutsummaryrefslogtreecommitdiff
path: root/crypto/block-luks.c
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2016-05-20 17:43:44 +0100
committerDaniel P. Berrange <berrange@redhat.com>2016-07-04 10:46:59 +0100
commit8b7cdba386d55ecee2caa26973c1d6c31822e801 (patch)
treeefac27c8a317697f3310a402e14fd5a40fd9490d /crypto/block-luks.c
parent96b39d8327883094f52b0a3d3f25dba83d6d1d63 (diff)
crypto: fix handling of iv generator hash defaults
When opening an existing LUKS volume, if the iv generator is essiv, then the iv hash algorithm is mandatory to provide. We must report an error if it is omitted in the cipher mode spec, not silently default to hash 0 (md5). If the iv generator is not essiv, then we explicitly ignore any iv hash algorithm, rather than report an error, for compatibility with dm-crypt. When creating a new LUKS volume, if the iv generator is essiv and no iv hsah algorithm is provided, we should default to using the sha256 hash. Reported-by: Paolo Bonzini <pbonzini@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Diffstat (limited to 'crypto/block-luks.c')
-rw-r--r--crypto/block-luks.c21
1 files changed, 21 insertions, 0 deletions
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 63649f1091..fcf3b040e4 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -776,6 +776,11 @@ qcrypto_block_luks_open(QCryptoBlock *block,
}
if (ivalg == QCRYPTO_IVGEN_ALG_ESSIV) {
+ if (!ivhash_name) {
+ ret = -EINVAL;
+ error_setg(errp, "Missing IV generator hash specification");
+ goto fail;
+ }
ivcipheralg = qcrypto_block_luks_essiv_cipher(cipheralg,
ivhash,
&local_err);
@@ -785,6 +790,13 @@ qcrypto_block_luks_open(QCryptoBlock *block,
goto fail;
}
} else {
+ /* Note we parsed the ivhash_name earlier in the cipher_mode
+ * spec string even with plain/plain64 ivgens, but we
+ * will ignore it, since it is irrelevant for these ivgens.
+ * This is for compat with dm-crypt which will silently
+ * ignore hash names with these ivgens rather than report
+ * an error about the invalid usage
+ */
ivcipheralg = cipheralg;
}
@@ -904,6 +916,15 @@ qcrypto_block_luks_create(QCryptoBlock *block,
if (!luks_opts.has_hash_alg) {
luks_opts.hash_alg = QCRYPTO_HASH_ALG_SHA256;
}
+ if (luks_opts.ivgen_alg == QCRYPTO_IVGEN_ALG_ESSIV) {
+ if (!luks_opts.has_ivgen_hash_alg) {
+ luks_opts.ivgen_hash_alg = QCRYPTO_HASH_ALG_SHA256;
+ luks_opts.has_ivgen_hash_alg = true;
+ }
+ }
+ /* Note we're allowing ivgen_hash_alg to be set even for
+ * non-essiv iv generators that don't need a hash. It will
+ * be silently ignored, for compatibility with dm-crypt */
if (!options->u.luks.key_secret) {
error_setg(errp, "Parameter 'key-secret' is required for cipher");