[dm-crypt] Secret data from stdin
shpedoikal at gmail.com
Wed Aug 15 17:12:27 CEST 2012
>> This appears to work (no message printed, exit status 0).
>> What might not be obvious is that if binary_secret contains a '\n'
>> character, input gets truncated at this point.
> This is documented in the man-page of the current release under
> "NOTES ON PASSPHRASE PROCESSING FOR LUKS".
You were right - I was looking at an old git version. The new
version is clearer IMO.
>> This should probably be clearer in the man page at a
>> minimum (see patch), but I think a warning is appropriate too.
>> Secret processing that stops at \n isn't appropriate for binary
> And that is the thing here. A passphrase is _not_ binary data!
> "cat binary_secret | cryptsetup luksFormat /dev/loop0"
> is inherently wrong. What you need to do is
> "cat file_with_passphrase_that_could_also_be_entered_interactively
> | cryptsetup luksFormat /dev/loop0"
I agree - just seeing a script that did the first one made me wonder
if it even worked.
> As to your patch, I am unable to match your patch to the
> current version of the man-page. Did you do a "git pull"
> before? May also be a problem on my side, please verify:
>> md5sum cryptsetup.8
> 4fd70bbd1018f95818902144499c2234 cryptsetup.8
Yep, I am out of date here. What do you think about a code change
that woudl print a big fat warning if non-ascii bytes are detected on
stdin? Not changing the behavior (we don't want to break people who
might be already doing this), but just a warning.
>> IBM LTC Security
>> diff --git a/man/cryptsetup.8 b/man/cryptsetup.8
>> index b9298a5..f8d7abb 100644
>> --- a/man/cryptsetup.8
>> +++ b/man/cryptsetup.8
>> @@ -476,7 +476,8 @@ will quit with an error.
>> If \-\-key-file=- is used for reading the key from stdin, no
>> trailing newline is stripped from the input. Without that option,
>> -cryptsetup strips trailing newlines from stdin input.
>> +cryptsetup stops reading from stdin when it encounters a newline,
>> +even if found in your binary key data!
>> .SH NOTES ON PASSWORD PROCESSING FOR LUKS
>> LUKS uses PBKDF2 to protect against dictionary attacks (see RFC 2898).
>> dm-crypt mailing list
>> dm-crypt at saout.de
> Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno at wagner.name
> GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F
> One of the painful things about our time is that those who feel certainty
> are stupid, and those with any imagination and understanding are filled
> with doubt and indecision. -- Bertrand Russell
> dm-crypt mailing list
> dm-crypt at saout.de
IBM LTC Security
More information about the dm-crypt