[dm-crypt] luksFormat library API doesnt seem to work with large keyfiles.

Milan Broz mbroz at redhat.com
Tue Jan 17 09:44:32 CET 2012

On 01/17/2012 09:05 AM, .. ink .. wrote:
> using cryptsetup 1.4.1
> test case below.

(please also read examples in docs/examples)

> key1 keyfile is a  text file with 64 characters in it.
> key.cr <http://key.cr> is a 4.3MB mp3 file.

>      status = crypt_keyslot_add_by_volume_key( cd,CRYPT_ANY_SLOT,NULL,32,c,strlen( c ) );

I guess strlen(c) is wrong, it will stop on the first zero (mp3 is binary data, not C string).

What about use st.st_size here?

About limits - there is default/compiled one but you can always override
it through API, exactly as you did above.

(Also see cryptsetup --help - "Default compiled-in keyfile parameters", you have
to override keyfile size using --keyfile-size option if it is over compiled-in limit
in CLI command.)


More information about the dm-crypt mailing list