[dm-crypt] SHAx and LUKS/cryptsetup

Milan Broz gmazyland at gmail.com
Sun Mar 9 20:53:02 CET 2014


On 9.3.2014 19:32, Heinz Diehl wrote:
> On 09.03.2014, Milan Broz wrote:
>
>> If you are using kernel backend (not gcrypt one)
>
> I do :-)
>
>> sha1 is used as test that interface works.
>
> Ok, all good! So this is it. Thanks a lot!

Just to clarity it little bit:

Kernel userspace crypto API was (and still is)
quite undocumented, and testing SHA1 (which is mandatory
for LUKS backend support) was the simplest way how
to verify kernel backend works reliably.
(In some kernel versions it was impossible to check if just algorithm
is missing or the whole kernel socket interface is not available.)

It actually does not compute any sha1 hash, it just tries
to initialize it.

BTW I found some problems with kernel backend so use with care.

One problem is e.g. backend cannot use longer
key for HMAC than 20480 bytes (at least on my 32bit VM),
which can cause problems for larger keyfiles in PBKDF2.

I have workaround for this but will need some time to finish
it (I do not want to touch internal PBKDF2 without adding test
vectors and other tests.)

Milan


More information about the dm-crypt mailing list