[dm-crypt] cryptsetup 1.6.0 crash when attempting to open truecrypt volume if the key is large enough

Milan Broz gmazyland at gmail.com
Fri Feb 15 10:01:05 CET 2013


On 02/14/2013 06:06 PM, .. ink .. wrote:
> 
> which version? I tried it on some latest GUI and it did not allow me
> 
> 
> i have truecrypt version 7.0a
> 
> I created a 70 byte file,copied the characters and paste them in the
> truecrypt GUI volume when i created the volume and the volume was
> created successfully.

I think the GUI widget trimmed so you in fact entered just first 64
bytes. Check with "display password" option...
And try commandline, at least I get
Error: Password is longer than 64 characters.

I really do not like encryption systems which quietly trims anything
pretending longer password is correct. This is recipe for disaster.

I changed return code for TCRYPT oversized passphrase to -EPERM
(So it is handled like "bad passphrase", just early, this is way
I prefer.)

Thanks,
Milan


More information about the dm-crypt mailing list