therealromster / cryptsetup

Automatically exported from code.google.com/p/cryptsetup
GNU General Public License v2.0
0 stars 0 forks source link

cryptsetup-1.6.5 can no longer open LUKS partition with cipher: twofish-xts-essiv:wp256 #222

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
1. cryptsetup --type luks -d /root/crypt/key open /dev/sdb7 foo

What is the expected output?

Nothing, it should quietly do its job ;)

What do you see instead?

Failed to setup dm-crypt key mapping for device /dev/sdb7.
Check that kernel supports twofish-xts-essiv:wp256 cipher (check syslog for 
more info).
NOTE: syslog contains no output related to this

What version of the product are you using? On what operating system?
cryptsetup-1.6.5 on Gentoo/Linux, using the gcrypt backend (libgcrypt-1.6.1)

Please provide any additional information below.

After downgrading to 1.6.4 the same command worked again (no other changes to 
the system)

Poking around in the sources it seems that the hash wp256 is not recognized, 
since crypt_hash_size return 0 for it

Original issue reported on code.google.com by andy.kit...@gmail.com on 12 Jul 2014 at 5:26

GoogleCodeExporter commented 9 years ago
Yes, this is a mistake. It was intended to work that if the new way of of 
processing of LUKS header in userspace fails, it fallbacks to old temporary 
dmcrypt device.

(And it fails because wp256 is not available in gcrypt, kernel hash names are 
different.)

Fixed the fallback in this commit
https://code.google.com/p/cryptsetup/source/detail?r=dc8c47d936992c5db5753cbee28
e839d42dd7fca

(But will use some better way in future...)

But anyway, using ESSIV with XTS is not not needed (but it should work).

Thanks for reporting this bug!

Original comment by gmazyl...@gmail.com on 12 Jul 2014 at 7:25