[dm-crypt] Secret data from stdin

Kent Yoder shpedoikal at gmail.com
Wed Aug 15 17:12:27 CEST 2012


Hi Arno,

>>
>> This appears to work (no message printed, exit status 0).
>>
>> What might not be obvious is that if binary_secret contains a '\n'
>> character, input gets truncated at this point.
>
> This is documented in the man-page of the current release under
> "NOTES ON PASSPHRASE PROCESSING FOR LUKS".

  You were right - I was looking at an old git version. The new
version is clearer IMO.

>> This should probably be clearer in the man page at a
>> minimum (see patch), but I think a warning is appropriate too.
>> Secret processing that stops at \n isn't appropriate for binary
>> data.
>
> And that is the thing here. A passphrase is _not_ binary data!
> Doing
>
>    "cat binary_secret | cryptsetup luksFormat /dev/loop0"
>
> is inherently wrong. What you need to do is
>
>   "cat file_with_passphrase_that_could_also_be_entered_interactively
>   | cryptsetup luksFormat /dev/loop0"

  I agree - just seeing a script that did the first one made me wonder
if it even worked.

> As to your patch, I am unable to match your patch to the
> current version of the man-page. Did you do a "git pull"
> before? May also be a problem on my side, please verify:
>
>> md5sum cryptsetup.8
> 4fd70bbd1018f95818902144499c2234  cryptsetup.8

  Yep, I am out of date here.  What do you think about a code change
that woudl print a big fat warning if non-ascii bytes are detected on
stdin?  Not changing the behavior (we don't want to break people who
might be already doing this), but just a warning.

Kent

> Arno
>
>
>
>
>
>> Thanks,
>> Kent
>>
>> --
>> IBM LTC Security
>>
>>
>> diff --git a/man/cryptsetup.8 b/man/cryptsetup.8
>> index b9298a5..f8d7abb 100644
>> --- a/man/cryptsetup.8
>> +++ b/man/cryptsetup.8
>> @@ -476,7 +476,8 @@ will quit with an error.
>>
>>  If \-\-key-file=- is used for reading the key from stdin, no
>>  trailing newline is stripped from the input. Without that option,
>> -cryptsetup strips trailing newlines from stdin input.
>> +cryptsetup stops reading from stdin when it encounters a newline,
>> +even if found in your binary key data!
>>  .SH NOTES ON PASSWORD PROCESSING FOR LUKS
>>  LUKS uses PBKDF2 to protect against dictionary attacks (see RFC 2898).
>> _______________________________________________
>> dm-crypt mailing list
>> dm-crypt at saout.de
>> http://www.saout.de/mailman/listinfo/dm-crypt
>>
>
> --
> Arno Wagner,    Dr. sc. techn., Dipl. Inform.,   Email: arno at wagner.name
> GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
> ----
> One of the painful things about our time is that those who feel certainty
> are stupid, and those with any imagination and understanding are filled
> with doubt and indecision. -- Bertrand Russell
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt



-- 
IBM LTC Security


More information about the dm-crypt mailing list