truecrypt complain of wrong header backup size with tcplay created backup file

[mhogomchungu]

truecrypt seem to create a 128 kilobytes header back up file while tcplay creates a 512 byte header backup file.

when restoring a header from a tcplay created back up using truecrypt,truecrypt complains that the size of the header backup is wrong.

tested with truecrypt 7.1a on linux

[mhogomchungu]

Below volume properties maybe useful

[ink@mtz ~]$ zuluMount-cli -s -d /dev/sdc2
/dev/mapper/zuluCrypt-500-NAAN-sdc2-3459991661 is active and is in use.
 type:          tcrypt
 cipher:        aes-twofish-serpent-xts-plain64
 keysize:       1536 bits
 device:        /dev/sdc2
 loop:          Nil
 offset:        256 sectors / 128.0 KB
 mode:          read only
 active slots:  Nil
 file system:   vfat
 total space:   1.6 GB
 used space:    4.0 KB
 free space:    1.6 GB
 used%:         0.00%
 UUID:          "Nil"
 mount point1:  /run/media/private/ink/sdc2
 mount point2:  Nil
[ink@mtz ~]$ 

[bwalex]

Well, I have no interest in making the backup headers compatible with TrueCrypt, really. tcplay backs up what needs backing up. TrueCrypt seems to back up two full sectors instead.

[mhogomchungu]

It seems to also be possible to create backup header files using libtcplay that are incompatible with tcplay binary.I was doing this in zuluCrypt 4.6.8 because i just checked created header files against only zuluCrypt and things worked and i just assumed everything was fine.

I do not think its a good idea to have multiple incompatible header files out these and it just doesn't look good when things fail against the "reference implementation".

[bwalex]

well, I'd be interested in hearing more about the first one - where you say libtcplay can create a header that tcplay doesn't understand. I don't see how that's possible, but please do provide a testcase where that is the case.

Regarding compatibility with TrueCrypt - there is no way I'm changing the backup header format to something as braindead as what TrueCrypt does. If they do something stupid, that doesn't mean I have to do it - and I won't.

[bwalex]

Whenever you have a test case for the first case, please open a new issue to track it. I'm closing this one.

[mhogomchungu]

I looked at how i was using the API and i think i was using it wrong.When a header is modified to a backup file and the new password is not given,an empty one is set.I did not expect this to happen and i never tried tcplay with the header file using an empty password.

I always suspected i was doing something wrong somewhere and thats why i opened bug number 53 but closed it because i wasnt sure of what i was talking about.

When modifying a header,I do not think its wise to silently set new passphrase to an empty one when the users of the API omit setting it because it allows users to do what i was doing,creating header files with an empty passphrase without knowing it.