├── .codeql-config.yml ├── .github └── workflows │ ├── cibuild-setup-ubuntu.sh │ ├── cibuild.sh │ ├── cibuild.yml │ ├── codeql.yml │ └── coverity.yml ├── .gitignore ├── .gitlab-ci.yml ├── .gitlab ├── ci │ ├── alpinelinux.yml │ ├── annocheck.yml │ ├── build_srpm │ ├── centos.yml │ ├── cibuild-setup-ubuntu.sh │ ├── cifuzz.yml │ ├── clang-Wall │ ├── compilation-clang.gitlab-ci.yml │ ├── compilation-gcc.gitlab-ci.yml │ ├── compilation-spellcheck.yml │ ├── compilation-various-disables.yml │ ├── csmock.yml │ ├── debian-i686.yml │ ├── debian.yml │ ├── fedora-opal.yml │ ├── fedora.yml │ ├── gcc-Wall │ ├── gitlab-shared-docker.yml │ ├── rhel.yml │ ├── run_csmock │ ├── spellcheck │ └── ubuntu.yml └── issue_templates │ ├── Bug.md │ ├── Documentation.md │ └── Feature.md ├── AUTHORS ├── CONTRIBUTING.md ├── COPYING ├── FAQ.md ├── Makefile.am ├── README.licensing ├── README.md ├── SECURITY.md ├── autogen.sh ├── configure.ac ├── docs ├── ChangeLog.old ├── Keyring.txt ├── LUKS2-locking.txt ├── doxyfile ├── doxygen_index.h ├── examples │ ├── Makefile │ ├── crypt_log_usage.c │ └── crypt_luks_usage.c ├── licenses │ ├── COPYING.Apache-2.0 │ ├── COPYING.CC-BY-SA-4.0 │ ├── COPYING.GPL-2.0-or-later-WITH-cryptsetup-OpenSSL-exception │ └── COPYING.LGPL-2.1-or-later-WITH-cryptsetup-OpenSSL-exception ├── on-disk-format-luks2.pdf ├── on-disk-format.pdf ├── v1.0.7-ReleaseNotes ├── v1.1.0-ReleaseNotes ├── v1.1.1-ReleaseNotes ├── v1.1.2-ReleaseNotes ├── v1.1.3-ReleaseNotes ├── v1.2.0-ReleaseNotes ├── v1.3.0-ReleaseNotes ├── v1.3.1-ReleaseNotes ├── v1.4.0-ReleaseNotes ├── v1.4.1-ReleaseNotes ├── v1.4.2-ReleaseNotes ├── v1.4.3-ReleaseNotes ├── v1.5.0-ReleaseNotes ├── v1.5.1-ReleaseNotes ├── v1.6.0-ReleaseNotes ├── v1.6.1-ReleaseNotes ├── v1.6.2-ReleaseNotes ├── v1.6.3-ReleaseNotes ├── v1.6.4-ReleaseNotes ├── v1.6.5-ReleaseNotes ├── v1.6.6-ReleaseNotes ├── v1.6.7-ReleaseNotes ├── v1.6.8-ReleaseNotes ├── v1.7.0-ReleaseNotes ├── v1.7.1-ReleaseNotes ├── v1.7.2-ReleaseNotes ├── v1.7.3-ReleaseNotes ├── v1.7.4-ReleaseNotes ├── v1.7.5-ReleaseNotes ├── v2.0.0-ReleaseNotes ├── v2.0.1-ReleaseNotes ├── v2.0.2-ReleaseNotes ├── v2.0.3-ReleaseNotes ├── v2.0.4-ReleaseNotes ├── v2.0.5-ReleaseNotes ├── v2.0.6-ReleaseNotes ├── v2.1.0-ReleaseNotes ├── v2.2.0-ReleaseNotes ├── v2.2.1-ReleaseNotes ├── v2.2.2-ReleaseNotes ├── v2.3.0-ReleaseNotes ├── v2.3.1-ReleaseNotes ├── v2.3.2-ReleaseNotes ├── v2.3.3-ReleaseNotes ├── v2.3.4-ReleaseNotes ├── v2.3.5-ReleaseNotes ├── v2.3.6-ReleaseNotes ├── v2.4.0-ReleaseNotes ├── v2.4.1-ReleaseNotes ├── v2.4.2-ReleaseNotes ├── v2.4.3-ReleaseNotes ├── v2.5.0-ReleaseNotes ├── v2.6.0-ReleaseNotes ├── v2.6.1-ReleaseNotes ├── v2.7.0-ReleaseNotes ├── v2.7.1-ReleaseNotes ├── v2.7.2-ReleaseNotes ├── v2.7.3-ReleaseNotes ├── v2.7.4-ReleaseNotes └── v2.7.5-ReleaseNotes ├── lib ├── Makemodule.am ├── bitlk │ ├── bitlk.c │ └── bitlk.h ├── bitops.h ├── crypt_plain.c ├── crypto_backend │ ├── Makemodule.am │ ├── argon2 │ │ ├── LICENSE │ │ ├── Makemodule.am │ │ ├── README │ │ ├── argon2.c │ │ ├── argon2.h │ │ ├── blake2 │ │ │ ├── blake2-impl.h │ │ │ ├── blake2.h │ │ │ ├── blake2b.c │ │ │ ├── blamka-round-opt.h │ │ │ └── blamka-round-ref.h │ │ ├── core.c │ │ ├── core.h │ │ ├── encoding.c │ │ ├── encoding.h │ │ ├── meson.build │ │ ├── opt.c │ │ ├── ref.c │ │ ├── thread.c │ │ └── thread.h │ ├── argon2_generic.c │ ├── base64.c │ ├── cipher_check.c │ ├── cipher_generic.c │ ├── crc32.c │ ├── crypto_backend.h │ ├── crypto_backend_internal.h │ ├── crypto_cipher_kernel.c │ ├── crypto_gcrypt.c │ ├── crypto_kernel.c │ ├── crypto_mbedtls.c │ ├── crypto_nettle.c │ ├── crypto_nss.c │ ├── crypto_openssl.c │ ├── crypto_storage.c │ ├── memutils.c │ ├── meson.build │ ├── pbkdf2_generic.c │ ├── pbkdf_check.c │ └── utf8.c ├── fvault2 │ ├── fvault2.c │ └── fvault2.h ├── integrity │ ├── integrity.c │ └── integrity.h ├── internal.h ├── keyslot_context.c ├── keyslot_context.h ├── libcryptsetup.h ├── libcryptsetup.pc.in ├── libcryptsetup.sym ├── libcryptsetup_macros.h ├── libcryptsetup_symver.h ├── libdevmapper.c ├── loopaes │ ├── loopaes.c │ └── loopaes.h ├── luks1 │ ├── af.c │ ├── af.h │ ├── keyencryption.c │ ├── keymanage.c │ └── luks.h ├── luks2 │ ├── hw_opal │ │ ├── hw_opal.c │ │ └── hw_opal.h │ ├── luks2.h │ ├── luks2_digest.c │ ├── luks2_digest_pbkdf2.c │ ├── luks2_disk_metadata.c │ ├── luks2_internal.h │ ├── luks2_json_format.c │ ├── luks2_json_metadata.c │ ├── luks2_keyslot.c │ ├── luks2_keyslot_luks2.c │ ├── luks2_keyslot_reenc.c │ ├── luks2_luks1_convert.c │ ├── luks2_reencrypt.c │ ├── luks2_reencrypt_digest.c │ ├── luks2_segment.c │ ├── luks2_token.c │ └── luks2_token_keyring.c ├── meson.build ├── nls.h ├── random.c ├── setup.c ├── tcrypt │ ├── tcrypt.c │ └── tcrypt.h ├── utils.c ├── utils_benchmark.c ├── utils_blkid.c ├── utils_blkid.h ├── utils_crypt.c ├── utils_crypt.h ├── utils_device.c ├── utils_device_locking.c ├── utils_device_locking.h ├── utils_devpath.c ├── utils_dm.h ├── utils_io.c ├── utils_io.h ├── utils_keyring.c ├── utils_keyring.h ├── utils_loop.c ├── utils_loop.h ├── utils_pbkdf.c ├── utils_safe_memory.c ├── utils_storage_wrappers.c ├── utils_storage_wrappers.h ├── utils_wipe.c ├── verity │ ├── rs.h │ ├── rs_decode_char.c │ ├── rs_encode_char.c │ ├── verity.c │ ├── verity.h │ ├── verity_fec.c │ └── verity_hash.c └── volumekey.c ├── m4 └── ax_check_compile_flag.m4 ├── man ├── Makemodule.am ├── common_footer.adoc ├── common_options.adoc ├── cryptsetup-benchmark.8.adoc ├── cryptsetup-bitlkDump.8.adoc ├── cryptsetup-close.8.adoc ├── cryptsetup-config.8.adoc ├── cryptsetup-convert.8.adoc ├── cryptsetup-erase.8.adoc ├── cryptsetup-fvault2Dump.8.adoc ├── cryptsetup-isLuks.8.adoc ├── cryptsetup-luksAddKey.8.adoc ├── cryptsetup-luksChangeKey.8.adoc ├── cryptsetup-luksConvertKey.8.adoc ├── cryptsetup-luksDump.8.adoc ├── cryptsetup-luksFormat.8.adoc ├── cryptsetup-luksHeaderBackup.8.adoc ├── cryptsetup-luksHeaderRestore.8.adoc ├── cryptsetup-luksKillSlot.8.adoc ├── cryptsetup-luksRemoveKey.8.adoc ├── cryptsetup-luksResume.8.adoc ├── cryptsetup-luksSuspend.8.adoc ├── cryptsetup-luksUUID.8.adoc ├── cryptsetup-open.8.adoc ├── cryptsetup-reencrypt.8.adoc ├── cryptsetup-refresh.8.adoc ├── cryptsetup-repair.8.adoc ├── cryptsetup-resize.8.adoc ├── cryptsetup-ssh.8.adoc ├── cryptsetup-status.8.adoc ├── cryptsetup-tcryptDump.8.adoc ├── cryptsetup-token.8.adoc ├── cryptsetup.8.adoc ├── integritysetup.8.adoc ├── meson.build ├── meson_dist_convert.sh └── veritysetup.8.adoc ├── meson.build ├── meson_options.txt ├── misc ├── 11-dm-crypt.rules ├── dict_search │ ├── Makefile │ ├── README │ └── crypt_dict.c ├── fedora │ └── cryptsetup.spec ├── keyslot_checker │ ├── Makefile │ ├── README │ └── chk_luks_keyslots.c └── luks-header-from-active ├── po ├── LINGUAS ├── Makevars ├── POTFILES.in ├── cryptsetup.pot ├── cs.po ├── da.po ├── de.po ├── es.po ├── fi.po ├── fr.po ├── id.po ├── it.po ├── ja.po ├── ka.po ├── meson.build ├── nl.po ├── pl.po ├── pt_BR.po ├── ro.po ├── ru.po ├── sr.po ├── sv.po ├── uk.po ├── vi.po └── zh_CN.po ├── scripts ├── Makemodule.am ├── cryptsetup.conf.in └── meson.build ├── src ├── Makemodule.am ├── cryptsetup.c ├── cryptsetup.h ├── cryptsetup_arg_list.h ├── cryptsetup_args.h ├── integritysetup.c ├── integritysetup_arg_list.h ├── integritysetup_args.h ├── meson.build ├── utils_arg_macros.h ├── utils_arg_names.h ├── utils_args.c ├── utils_blockdev.c ├── utils_key_description.c ├── utils_keyslot_check.c ├── utils_luks.c ├── utils_luks.h ├── utils_password.c ├── utils_progress.c ├── utils_reencrypt.c ├── utils_reencrypt_luks1.c ├── utils_tools.c ├── veritysetup.c ├── veritysetup_arg_list.h └── veritysetup_args.h ├── tests ├── 00modules-test ├── LUKS-d238e48a-0ed3-4169-b841-f26b44693134.tar.xz ├── Makefile.am ├── Makefile.localtest ├── align-test ├── align-test2 ├── all-symbols-test.c ├── api-test-2.c ├── api-test.c ├── api_test.h ├── bitlk-compat-test ├── bitlk-images.tar.xz ├── blkid-luks2-pv.img.xz ├── blockwise-compat-test ├── compat-args-test ├── compat-test ├── compat-test-opal ├── compat-test2 ├── compatimage.img.xz ├── compatimage2.img.xz ├── compatv10image.img.xz ├── conversion_imgs.tar.xz ├── crypto-check.c ├── crypto-vectors.c ├── cryptsetup-valg-supps ├── device-test ├── differ.c ├── discards-test ├── evil_hdr-keyslot_overlap.xz ├── evil_hdr-luks_hdr_damage.xz ├── evil_hdr-payload_overwrite.xz ├── evil_hdr-small_luks_device.xz ├── evil_hdr-stripes_payload_dmg.xz ├── fake_systemd_tpm_path.c ├── fuzz │ ├── FuzzerInterface.h │ ├── LUKS2.proto │ ├── LUKS2_plain_JSON.proto │ ├── Makefile.am │ ├── README.md │ ├── crypt2_load_fuzz.cc │ ├── crypt2_load_fuzz.dict │ ├── crypt2_load_ondisk_fuzz.cc │ ├── crypt2_load_ondisk_fuzz.dict │ ├── crypt2_load_proto_fuzz.cc │ ├── crypt2_load_proto_plain_json_fuzz.cc │ ├── crypt2_load_proto_plain_json_fuzz.dict │ ├── json_proto_converter.cc │ ├── json_proto_converter.h │ ├── meson.build │ ├── oss-fuzz-build.sh │ ├── plain_json_proto_to_luks2.cc │ ├── plain_json_proto_to_luks2_converter.cc │ ├── plain_json_proto_to_luks2_converter.h │ ├── proto_to_luks2.cc │ ├── proto_to_luks2_converter.cc │ ├── proto_to_luks2_converter.h │ └── unpoison-mutated-buffers-from-libfuzzer.patch ├── fvault2-compat-test ├── fvault2-images.tar.xz ├── generate-symbols-list ├── generators │ ├── generate-luks2-area-in-json-hdr-space-json0.img.sh │ ├── generate-luks2-argon2-leftover-params.img.sh │ ├── generate-luks2-correct-full-json0.img.sh │ ├── generate-luks2-corrupted-hdr0-with-correct-chks.img.sh │ ├── generate-luks2-corrupted-hdr1-with-correct-chks.img.sh │ ├── generate-luks2-invalid-checksum-both-hdrs.img.sh │ ├── generate-luks2-invalid-checksum-hdr0.img.sh │ ├── generate-luks2-invalid-checksum-hdr1.img.sh │ ├── generate-luks2-invalid-json-size-c0.img.sh │ ├── generate-luks2-invalid-json-size-c1.img.sh │ ├── generate-luks2-invalid-json-size-c2.img.sh │ ├── generate-luks2-invalid-keyslots-size-c0.img.sh │ ├── generate-luks2-invalid-keyslots-size-c1.img.sh │ ├── generate-luks2-invalid-keyslots-size-c2.img.sh │ ├── generate-luks2-invalid-object-type-json0.img.sh │ ├── generate-luks2-invalid-opening-char-json0.img.sh │ ├── generate-luks2-invalid-tokens.img.sh │ ├── generate-luks2-invalid-top-objects.img.sh │ ├── generate-luks2-keyslot-invalid-af.img.sh │ ├── generate-luks2-keyslot-invalid-area-size.img.sh │ ├── generate-luks2-keyslot-invalid-area.img.sh │ ├── generate-luks2-keyslot-invalid-objects.img.sh │ ├── generate-luks2-keyslot-missing-digest.img.sh │ ├── generate-luks2-keyslot-too-many-digests.img.sh │ ├── generate-luks2-metadata-size-128k-secondary.img.sh │ ├── generate-luks2-metadata-size-128k.img.sh │ ├── generate-luks2-metadata-size-16k-secondary.img.sh │ ├── generate-luks2-metadata-size-1m-secondary.img.sh │ ├── generate-luks2-metadata-size-1m.img.sh │ ├── generate-luks2-metadata-size-256k-secondary.img.sh │ ├── generate-luks2-metadata-size-256k.img.sh │ ├── generate-luks2-metadata-size-2m-secondary.img.sh │ ├── generate-luks2-metadata-size-2m.img.sh │ ├── generate-luks2-metadata-size-32k-secondary.img.sh │ ├── generate-luks2-metadata-size-32k.img.sh │ ├── generate-luks2-metadata-size-4m-secondary.img.sh │ ├── generate-luks2-metadata-size-4m.img.sh │ ├── generate-luks2-metadata-size-512k-secondary.img.sh │ ├── generate-luks2-metadata-size-512k.img.sh │ ├── generate-luks2-metadata-size-64k-inv-area-c0.img.sh │ ├── generate-luks2-metadata-size-64k-inv-area-c1.img.sh │ ├── generate-luks2-metadata-size-64k-inv-keyslots-size-c0.img.sh │ ├── generate-luks2-metadata-size-64k-secondary.img.sh │ ├── generate-luks2-metadata-size-64k.img.sh │ ├── generate-luks2-metadata-size-invalid-secondary.img.sh │ ├── generate-luks2-metadata-size-invalid.img.sh │ ├── generate-luks2-missing-keyslot-referenced-in-digest.img.sh │ ├── generate-luks2-missing-keyslot-referenced-in-token.img.sh │ ├── generate-luks2-missing-segment-referenced-in-digest.img.sh │ ├── generate-luks2-missing-trailing-null-byte-json0.img.sh │ ├── generate-luks2-non-compact-json-4k-token-0.img.sh │ ├── generate-luks2-non-compact-json-token-0.img.sh │ ├── generate-luks2-non-null-byte-beyond-json0.img.sh │ ├── generate-luks2-non-null-bytes-beyond-json0.img.sh │ ├── generate-luks2-overlapping-areas-c0-json0.img.sh │ ├── generate-luks2-overlapping-areas-c1-json0.img.sh │ ├── generate-luks2-overlapping-areas-c2-json0.img.sh │ ├── generate-luks2-pbkdf2-leftover-params-0.img.sh │ ├── generate-luks2-pbkdf2-leftover-params-1.img.sh │ ├── generate-luks2-segment-crypt-empty-encryption.img.sh │ ├── generate-luks2-segment-crypt-missing-encryption.img.sh │ ├── generate-luks2-segment-crypt-missing-ivoffset.img.sh │ ├── generate-luks2-segment-crypt-missing-sectorsize.img.sh │ ├── generate-luks2-segment-crypt-wrong-encryption.img.sh │ ├── generate-luks2-segment-crypt-wrong-ivoffset.img.sh │ ├── generate-luks2-segment-crypt-wrong-sectorsize-0.img.sh │ ├── generate-luks2-segment-crypt-wrong-sectorsize-1.img.sh │ ├── generate-luks2-segment-crypt-wrong-sectorsize-2.img.sh │ ├── generate-luks2-segment-missing-offset.img.sh │ ├── generate-luks2-segment-missing-size.img.sh │ ├── generate-luks2-segment-missing-type.img.sh │ ├── generate-luks2-segment-two.img.sh │ ├── generate-luks2-segment-unknown-type.img.sh │ ├── generate-luks2-segment-wrong-backup-key-0.img.sh │ ├── generate-luks2-segment-wrong-backup-key-1.img.sh │ ├── generate-luks2-segment-wrong-flags-element.img.sh │ ├── generate-luks2-segment-wrong-flags.img.sh │ ├── generate-luks2-segment-wrong-offset.img.sh │ ├── generate-luks2-segment-wrong-size-0.img.sh │ ├── generate-luks2-segment-wrong-size-1.img.sh │ ├── generate-luks2-segment-wrong-size-2.img.sh │ ├── generate-luks2-segment-wrong-type.img.sh │ ├── generate-luks2-uint64-max-segment-size.img.sh │ ├── generate-luks2-uint64-overflow-segment-size.img.sh │ ├── generate-luks2-uint64-signed-segment-size.img.sh │ └── lib.sh ├── img_fs_ext4.img.xz ├── img_fs_vfat.img.xz ├── img_fs_xfs.img.xz ├── img_fs_xfs5.img.xz ├── integrity-compat-test ├── keyring-compat-test ├── keyring-test ├── keyring-trusted-test ├── loopaes-test ├── luks1-compat-test ├── luks1-images.tar.xz ├── luks2-integrity-test ├── luks2-reencryption-mangle-test ├── luks2-reencryption-test ├── luks2-validation-test ├── luks2_header_requirements.tar.xz ├── luks2_invalid_cipher.img.xz ├── luks2_keyslot_unassigned.img.xz ├── luks2_mda_images.tar.xz ├── luks2_valid_hdr.img.xz ├── meson.build ├── mode-test ├── password-hash-test ├── reencryption-compat-test ├── run-all-symbols ├── ssh-test-plugin ├── systemd-test-plugin ├── tcrypt-compat-test ├── tcrypt-images.tar.xz ├── test_utils.c ├── unit-utils-crypt.c ├── unit-utils-io.c ├── unit-wipe-test ├── unit-wipe.c ├── valg-api.sh ├── valg.sh ├── valid_header_file.xz ├── verity-compat-test └── xfs_512_block_size.img.xz └── tokens ├── Makemodule.am ├── libcryptsetup-token.sym ├── meson.build └── ssh ├── cryptsetup-ssh.c ├── libcryptsetup-token-ssh.c ├── meson.build ├── ssh-utils.c └── ssh-utils.h /.codeql-config.yml: -------------------------------------------------------------------------------- 1 | name: "Cryptsetup CodeQL config" 2 | 3 | query-filters: 4 | - exclude: 5 | id: cpp/fixme-comment 6 | - exclude: 7 | id: cpp/empty-block 8 | - exclude: 9 | id: cpp/poorly-documented-function 10 | - exclude: 11 | id: cpp/loop-variable-changed 12 | - exclude: 13 | id: cpp/empty-if 14 | - exclude: 15 | id: cpp/long-switch 16 | - exclude: 17 | id: cpp/complex-condition 18 | - exclude: 19 | id: cpp/commented-out-code 20 | 21 | # These produce many false positives 22 | - exclude: 23 | id: cpp/uninitialized-local 24 | - exclude: 25 | id: cpp/path-injection 26 | - exclude: 27 | id: cpp/missing-check-scanf 28 | 29 | # CodeQL should understand coverity [toctou] comments 30 | - exclude: 31 | id: cpp/toctou-race-condition 32 | -------------------------------------------------------------------------------- /.github/workflows/cibuild-setup-ubuntu.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -ex 4 | 5 | PACKAGES=( 6 | git make autoconf automake autopoint pkg-config libtool libtool-bin 7 | gettext libssl-dev libdevmapper-dev libpopt-dev uuid-dev libsepol-dev 8 | libjson-c-dev libssh-dev libblkid-dev tar libargon2-dev libpwquality-dev 9 | sharutils dmsetup jq xxd expect keyutils netcat-openbsd passwd openssh-client 10 | sshpass asciidoctor meson ninja-build 11 | ) 12 | 13 | COMPILER="${COMPILER:?}" 14 | COMPILER_VERSION="${COMPILER_VERSION:?}" 15 | RELEASE="$(lsb_release -cs)" 16 | 17 | bash -c "echo 'deb-src http://archive.ubuntu.com/ubuntu/ $RELEASE main restricted universe multiverse' >>/etc/apt/sources.list" 18 | 19 | # Latest gcc stack deb packages provided by 20 | # https://launchpad.net/~ubuntu-toolchain-r/+archive/ubuntu/test 21 | add-apt-repository -y ppa:ubuntu-toolchain-r/test 22 | PACKAGES+=(gcc-$COMPILER_VERSION) 23 | 24 | # scsi_debug, gost crypto 25 | PACKAGES+=(dkms linux-headers-$(uname -r) linux-modules-extra-$(uname -r) gost-crypto-dkms) 26 | 27 | apt-get -y update --fix-missing 28 | apt-get -y install "${PACKAGES[@]}" 29 | apt-get -y build-dep cryptsetup 30 | -------------------------------------------------------------------------------- /.github/workflows/cibuild.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | PHASES=(${@:-CONFIGURE MAKE CHECK}) 4 | COMPILER="${COMPILER:?}" 5 | COMPILER_VERSION="${COMPILER_VERSION}" 6 | CFLAGS=(-O1 -g) 7 | CXXFLAGS=(-O1 -g) 8 | 9 | CC="gcc${COMPILER_VERSION:+-$COMPILER_VERSION}" 10 | CXX="g++${COMPILER_VERSION:+-$COMPILER_VERSION}" 11 | 12 | set -ex 13 | 14 | for phase in "${PHASES[@]}"; do 15 | case $phase in 16 | CONFIGURE) 17 | opts=( 18 | --enable-libargon2 19 | ) 20 | 21 | sudo -E git clean -xdf 22 | 23 | ./autogen.sh 24 | CC="$CC" CXX="$CXX" CFLAGS="${CFLAGS[@]}" CXXFLAGS="${CXXFLAGS[@]}" ./configure "${opts[@]}" 25 | ;; 26 | MAKE) 27 | make -j 28 | make -j -C tests check-programs 29 | ;; 30 | CHECK) 31 | make check 32 | ;; 33 | 34 | *) 35 | echo >&2 "Unknown phase '$phase'" 36 | exit 1 37 | esac 38 | done 39 | -------------------------------------------------------------------------------- /.github/workflows/cibuild.yml: -------------------------------------------------------------------------------- 1 | name: Build test 2 | on: 3 | push: 4 | branches: 5 | - 'main' 6 | - 'wip-luks2' 7 | - 'v2.*.x' 8 | paths-ignore: 9 | - 'docs/**' 10 | 11 | jobs: 12 | build: 13 | runs-on: ubuntu-latest 14 | if: github.repository == 'mbroz/cryptsetup' 15 | strategy: 16 | fail-fast: false 17 | matrix: 18 | env: 19 | - { COMPILER: "gcc", COMPILER_VERSION: "14", RUN_SSH_PLUGIN_TEST: "1" } 20 | env: ${{ matrix.env }} 21 | steps: 22 | - name: Repository checkout 23 | uses: actions/checkout@v4 24 | - name: Ubuntu setup 25 | run: sudo -E .github/workflows/cibuild-setup-ubuntu.sh 26 | - name: Configure & Make 27 | run: .github/workflows/cibuild.sh CONFIGURE MAKE 28 | - name: Check 29 | run: sudo -E .github/workflows/cibuild.sh CHECK 30 | -------------------------------------------------------------------------------- /.github/workflows/codeql.yml: -------------------------------------------------------------------------------- 1 | name: "CodeQL" 2 | 3 | on: 4 | push: 5 | branches: 6 | - 'main' 7 | - 'wip-luks2' 8 | - 'v2.*.x' 9 | 10 | permissions: 11 | contents: read 12 | 13 | jobs: 14 | analyze: 15 | name: Analyze 16 | runs-on: ubuntu-latest 17 | if: github.repository == 'mbroz/cryptsetup' 18 | concurrency: 19 | group: ${{ github.workflow }}-${{ matrix.language }}-${{ github.ref }} 20 | cancel-in-progress: true 21 | permissions: 22 | actions: read 23 | security-events: write 24 | 25 | strategy: 26 | fail-fast: false 27 | matrix: 28 | language: [ 'cpp' ] 29 | 30 | steps: 31 | - name: Checkout repository 32 | uses: actions/checkout@v4 33 | 34 | - name: Initialize CodeQL 35 | uses: github/codeql-action/init@v3 36 | with: 37 | languages: ${{ matrix.language }} 38 | queries: +security-extended,security-and-quality 39 | config-file: .codeql-config.yml 40 | 41 | - name: Install dependencies 42 | run: | 43 | sudo -E .github/workflows/cibuild-setup-ubuntu.sh 44 | # Force autoconf for now, meson is broken in analysis step 45 | rm meson.build 46 | 47 | env: { COMPILER: "gcc", COMPILER_VERSION: "14", RUN_SSH_PLUGIN_TEST: "1" } 48 | 49 | - name: Autobuild 50 | uses: github/codeql-action/autobuild@v3 51 | 52 | - name: Perform CodeQL Analysis 53 | uses: github/codeql-action/analyze@v3 54 | -------------------------------------------------------------------------------- /.github/workflows/coverity.yml: -------------------------------------------------------------------------------- 1 | name: Coverity test 2 | on: 3 | push: 4 | branches: 5 | - 'coverity_scan' 6 | paths-ignore: 7 | - 'docs/**' 8 | 9 | jobs: 10 | latest: 11 | runs-on: ubuntu-latest 12 | if: github.repository == 'mbroz/cryptsetup' 13 | steps: 14 | - name: Repository checkout 15 | uses: actions/checkout@v4 16 | - name: Ubuntu setup 17 | run: sudo -E .github/workflows/cibuild-setup-ubuntu.sh 18 | env: 19 | COMPILER: "gcc" 20 | COMPILER_VERSION: "14" 21 | - name: Install Coverity 22 | run: | 23 | wget -q https://scan.coverity.com/download/cxx/linux64 --post-data "token=$TOKEN&project=mbroz/cryptsetup" -O cov-analysis-linux64.tar.gz 24 | mkdir cov-analysis-linux64 25 | tar xzf cov-analysis-linux64.tar.gz --strip 1 -C cov-analysis-linux64 26 | env: 27 | TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} 28 | - name: Run autoconf & configure 29 | run: | 30 | ./autogen.sh 31 | ./configure 32 | - name: Run cov-build 33 | run: | 34 | export PATH=`pwd`/cov-analysis-linux64/bin:$PATH 35 | cov-build --dir cov-int make 36 | - name: Submit to Coverity Scan 37 | run: | 38 | tar czvf cryptsetup.tgz cov-int 39 | curl \ 40 | --form project=mbroz/cryptsetup \ 41 | --form token=$TOKEN \ 42 | --form email=gmazyland@gmail.com \ 43 | --form file=@cryptsetup.tgz \ 44 | --form version=trunk \ 45 | --form description="`./cryptsetup --version`" \ 46 | https://scan.coverity.com/builds?project=mbroz/cryptsetup 47 | env: 48 | TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} 49 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | po/*gmo 2 | *~ 3 | Makefile 4 | Makefile.in 5 | Makefile.in.in 6 | *.lo 7 | *.la 8 | *.o 9 | *.so 10 | *.8 11 | **/*.dirstamp 12 | .deps/ 13 | .libs/ 14 | src/cryptsetup 15 | src/veritysetup 16 | ABOUT-NLS 17 | aclocal.m4 18 | autom4te.cache/ 19 | compile 20 | compile_commands.json 21 | config.guess 22 | config.h 23 | config.h.in 24 | config.log 25 | config.rpath 26 | config.status 27 | config.sub 28 | configure 29 | cryptsetup 30 | cryptsetup-reencrypt 31 | cryptsetup-ssh 32 | depcomp 33 | install-sh 34 | integritysetup 35 | lib/libcryptsetup.pc 36 | libtool 37 | ltmain.sh 38 | m4/ 39 | missing 40 | po/Makevars.template 41 | po/POTFILES 42 | po/Rules-quot 43 | po/*.header 44 | po/*.sed 45 | po/*.sin 46 | po/stamp-po 47 | scripts/cryptsetup.conf 48 | stamp-h1 49 | veritysetup 50 | tests/valglog.* 51 | */*.dirstamp 52 | *-debug-luks2-backup* 53 | tests/api-test 54 | tests/api-test-2 55 | tests/differ 56 | tests/luks1-images 57 | tests/tcrypt-images 58 | tests/unit-utils-io 59 | tests/vectors-test 60 | tests/test-symbols-list.h 61 | tests/all-symbols-test 62 | tests/fuzz/LUKS2.pb* 63 | -------------------------------------------------------------------------------- /.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | stages: 2 | - test 3 | - test-opal 4 | 5 | .fail_if_coredump_generated: 6 | after_script: 7 | - '[ "$(ls -A /var/coredumps)" ] && exit 1 || true' 8 | 9 | include: 10 | - local: .gitlab/ci/debian.yml 11 | - local: .gitlab/ci/fedora.yml 12 | - local: .gitlab/ci/fedora-opal.yml 13 | - local: .gitlab/ci/rhel.yml 14 | - local: .gitlab/ci/centos.yml 15 | # - local: .gitlab/ci/annocheck.yml 16 | - local: .gitlab/ci/csmock.yml 17 | - local: .gitlab/ci/gitlab-shared-docker.yml 18 | - local: .gitlab/ci/compilation-various-disables.yml 19 | - local: .gitlab/ci/compilation-gcc.gitlab-ci.yml 20 | - local: .gitlab/ci/compilation-clang.gitlab-ci.yml 21 | - local: .gitlab/ci/compilation-spellcheck.yml 22 | - local: .gitlab/ci/alpinelinux.yml 23 | - local: .gitlab/ci/debian-i686.yml 24 | - local: .gitlab/ci/cifuzz.yml 25 | - local: .gitlab/ci/ubuntu.yml 26 | -------------------------------------------------------------------------------- /.gitlab/ci/alpinelinux.yml: -------------------------------------------------------------------------------- 1 | .alpinelinux-dependencies: 2 | variables: 3 | DISTRO: cryptsetup-alpine-edge 4 | extends: 5 | - .fail_if_coredump_generated 6 | before_script: 7 | - > 8 | sudo apk add 9 | lvm2-dev openssl-dev popt-dev util-linux-dev json-c-dev 10 | argon2-dev device-mapper which sharutils gettext gettext-dev automake 11 | autoconf libtool build-base keyutils tar jq expect git asciidoctor 12 | - ./autogen.sh 13 | - ./configure --prefix=/usr --libdir=/lib --sbindir=/sbin --disable-static --enable-libargon2 --with-crypto_backend=openssl --disable-external-tokens --disable-ssh-token --enable-asciidoc 14 | 15 | test-main-commit-job-alpinelinux: 16 | extends: 17 | - .alpinelinux-dependencies 18 | tags: 19 | - libvirt 20 | - cryptsetup-alpine-edge 21 | stage: test 22 | interruptible: true 23 | variables: 24 | RUN_SSH_PLUGIN_TEST: "0" 25 | rules: 26 | - if: $RUN_SYSTEMD_PLUGIN_TEST != null 27 | when: never 28 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 29 | when: never 30 | - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ 31 | script: 32 | - make -j 33 | - make -j -C tests check-programs 34 | - sudo -E make check 35 | 36 | test-mergerq-job-alpinelinux: 37 | extends: 38 | - .alpinelinux-dependencies 39 | tags: 40 | - libvirt 41 | - cryptsetup-alpine-edge 42 | stage: test 43 | interruptible: true 44 | variables: 45 | RUN_SSH_PLUGIN_TEST: "0" 46 | rules: 47 | - if: $RUN_SYSTEMD_PLUGIN_TEST != null 48 | when: never 49 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 50 | when: never 51 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 52 | script: 53 | - make -j 54 | - make -j -C tests check-programs 55 | - sudo -E make check 56 | -------------------------------------------------------------------------------- /.gitlab/ci/annocheck.yml: -------------------------------------------------------------------------------- 1 | test-main-commit-job-annocheck: 2 | extends: 3 | - .fail_if_coredump_generated 4 | tags: 5 | - libvirt 6 | - cryptsetup-rhel-9 7 | stage: test 8 | interruptible: true 9 | allow_failure: true 10 | variables: 11 | DISTRO: cryptsetup-rhel-9 12 | RUN_SSH_PLUGIN_TEST: "1" 13 | rules: 14 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 15 | when: never 16 | - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ 17 | script: 18 | - sudo /opt/run-annocheck.sh 19 | -------------------------------------------------------------------------------- /.gitlab/ci/build_srpm: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | SAVED_PWD=$(pwd) 6 | GIT_DIR="$SAVED_PWD/upstream_git" 7 | SPEC="$GIT_DIR/misc/fedora/cryptsetup.spec" 8 | 9 | rm -fr $GIT_DIR 10 | 11 | git clone -q --depth 1 https://gitlab.com/cryptsetup/cryptsetup.git $GIT_DIR 12 | cd $GIT_DIR 13 | 14 | GIT_COMMIT=$(git rev-parse --short=8 HEAD) 15 | [ -z "$GIT_COMMIT" ] && exit 1 16 | 17 | sed -i "s/^AC_INIT.*/AC_INIT([cryptsetup],[$GIT_COMMIT])/" $GIT_DIR/configure.ac 18 | sed -i "s/^Version:.*/Version: $GIT_COMMIT/" $SPEC 19 | sed -i "s/%{version_no_tilde}/$GIT_COMMIT/" $SPEC 20 | sed -i "2i %global source_date_epoch_from_changelog 0" $SPEC 21 | sed -i "3i %define _unpackaged_files_terminate_build 0" $SPEC 22 | 23 | ./autogen.sh 24 | ./configure 25 | make -j dist 26 | 27 | rpmbuild --define "_sourcedir $GIT_DIR" --define "_srcrpmdir $SAVED_PWD" -bs $SPEC 28 | 29 | cd $SAVED_PWD 30 | rm -fr $GIT_DIR 31 | 32 | exit 0 33 | -------------------------------------------------------------------------------- /.gitlab/ci/cifuzz.yml: -------------------------------------------------------------------------------- 1 | cifuzz: 2 | variables: 3 | OSS_FUZZ_PROJECT_NAME: cryptsetup 4 | CFL_PLATFORM: gitlab 5 | CIFUZZ_DEBUG: "True" 6 | FUZZ_SECONDS: 300 # 5 minutes per fuzzer 7 | ARCHITECTURE: "x86_64" 8 | DRY_RUN: "False" 9 | LOW_DISK_SPACE: "True" 10 | BAD_BUILD_CHECK: "True" 11 | LANGUAGE: "c" 12 | DOCKER_HOST: "tcp://docker:2375" 13 | DOCKER_IN_DOCKER: "true" 14 | DOCKER_DRIVER: overlay2 15 | DOCKER_TLS_CERTDIR: "" 16 | image: 17 | name: gcr.io/oss-fuzz-base/cifuzz-base 18 | entrypoint: [""] 19 | services: 20 | - docker:dind 21 | 22 | stage: test 23 | parallel: 24 | matrix: 25 | - SANITIZER: [address, undefined, memory] 26 | rules: 27 | # Default code change. 28 | # - if: $CI_PIPELINE_SOURCE == "merge_request_event" 29 | # variables: 30 | # MODE: "code-change" 31 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 32 | when: never 33 | - if: $BUILD_AND_RUN_FUZZERS != null 34 | before_script: 35 | # Get gitlab's container id. 36 | - export CFL_CONTAINER_ID=`cut -c9- < /proc/1/cpuset` 37 | script: 38 | # Will build and run the fuzzers. 39 | # We use a hack to override CI_JOB_ID, because otherwise a bad path is used 40 | # in GitLab CI environment 41 | - CI_JOB_ID="$CI_PROJECT_NAMESPACE/$CI_PROJECT_TITLE" python3 "/opt/oss-fuzz/infra/cifuzz/cifuzz_combined_entrypoint.py" 42 | artifacts: 43 | # Upload artifacts when a crash makes the job fail. 44 | when: always 45 | paths: 46 | - artifacts/ 47 | -------------------------------------------------------------------------------- /.gitlab/ci/clang-Wall: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # clang -Wall plus other important warnings not included in -Wall 3 | 4 | for arg in "$@" 5 | do 6 | case $arg in 7 | -O*) Wuninitialized=-Wuninitialized;; # only makes sense with `-O' 8 | esac 9 | done 10 | 11 | CLANG="clang${COMPILER_VERSION:+-$COMPILER_VERSION}" 12 | 13 | #PEDANTIC="-std=gnu99" 14 | #PEDANTIC="-pedantic -std=gnu99" 15 | #PEDANTIC="-pedantic -std=gnu99 -Wno-variadic-macros" 16 | #CONVERSION="-Wconversion" 17 | 18 | EXTRA="\ 19 | -Wextra \ 20 | -Wsign-compare \ 21 | -Wcast-align 22 | -Werror-implicit-function-declaration \ 23 | -Wpointer-arith \ 24 | -Wwrite-strings \ 25 | -Wswitch \ 26 | -Wmissing-format-attribute \ 27 | -Winit-self \ 28 | -Wold-style-definition \ 29 | -Wno-missing-field-initializers \ 30 | -Wunused-parameter \ 31 | -Wno-long-long" 32 | 33 | exec $CLANG $PEDANTIC $CONVERSION \ 34 | -Wall $Wuninitialized \ 35 | -Wno-switch \ 36 | -Wdisabled-optimization \ 37 | -Wwrite-strings \ 38 | -Wpointer-arith \ 39 | -Wbad-function-cast \ 40 | -Wmissing-prototypes \ 41 | -Wmissing-declarations \ 42 | -Wstrict-prototypes \ 43 | -Wnested-externs \ 44 | -Wcomment \ 45 | -Winline \ 46 | -Wcast-qual \ 47 | -Wredundant-decls $EXTRA \ 48 | "$@" 49 | -------------------------------------------------------------------------------- /.gitlab/ci/compilation-gcc.gitlab-ci.yml: -------------------------------------------------------------------------------- 1 | test-gcc-compilation: 2 | extends: 3 | - .gitlab-shared-gcc 4 | script: 5 | - export CFLAGS="-Wall -Werror" 6 | - ./autogen.sh 7 | - ./configure 8 | - make -j 9 | - make -j check-programs 10 | 11 | test-gcc-Wall-script: 12 | extends: 13 | - .gitlab-shared-gcc 14 | script: 15 | - export CFLAGS="-g -O0" 16 | - export CC="$CI_PROJECT_DIR/.gitlab/ci/gcc-Wall" 17 | - ./autogen.sh 18 | - ./configure 19 | - make -j CFLAGS="-g -O0 -Werror" 20 | - make -j CFLAGS="-g -O0 -Werror" check-programs 21 | 22 | test-gcc-fanalyzer: 23 | extends: 24 | - .gitlab-shared-gcc 25 | script: 26 | - ./autogen.sh 27 | - ./configure CFLAGS="-Wall -Werror -g -O0 -fanalyzer -fdiagnostics-path-format=separate-events" --host=x86_64 28 | - make -j 29 | - make -j check-programs 30 | 31 | test-gcc-fanalyzer-backends: 32 | extends: 33 | - .gitlab-shared-gcc 34 | parallel: 35 | matrix: 36 | - BACKENDS: [ 37 | "openssl", 38 | "gcrypt", 39 | "nss", 40 | "kernel", 41 | "nettle", 42 | "mbedtls" 43 | ] 44 | rules: 45 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 46 | when: never 47 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ 48 | changes: 49 | - lib/crypto_backend/* 50 | script: 51 | - DEBIAN_FRONTEND=noninteractive apt-get -yq install libgcrypt20-dev libnss3-dev nettle-dev libmbedtls-dev 52 | - ./autogen.sh 53 | - echo "Configuring with crypto backend $BACKENDS" 54 | - ./configure CFLAGS="-Wall -Werror -g -O0 -fanalyzer -fdiagnostics-path-format=separate-events" --host=x86_64 --with-crypto_backend=$BACKENDS 55 | - make -j 56 | - make -j check-programs 57 | - ./tests/vectors-test 58 | -------------------------------------------------------------------------------- /.gitlab/ci/compilation-spellcheck.yml: -------------------------------------------------------------------------------- 1 | test-run-spellcheck: 2 | image: ubuntu:noble 3 | tags: 4 | - gitlab-org-docker 5 | stage: test 6 | interruptible: true 7 | rules: 8 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 9 | when: never 10 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ 11 | artifacts: 12 | name: "spellcheck-$CI_COMMIT_REF_NAME" 13 | paths: 14 | - _spellcheck 15 | before_script: 16 | - apt-get -y update --fix-missing 17 | - apt-get -y install git lintian codespell 18 | script: 19 | - echo "Running spellcheck" 20 | - .gitlab/ci/spellcheck 21 | -------------------------------------------------------------------------------- /.gitlab/ci/compilation-various-disables.yml: -------------------------------------------------------------------------------- 1 | test-gcc-disable-compiles: 2 | extends: 3 | - .gitlab-shared-gcc 4 | parallel: 5 | matrix: 6 | - DISABLE_FLAGS: [ 7 | "keyring", 8 | "external-tokens ssh-token", 9 | "luks2-reencryption", 10 | "cryptsetup veritysetup integritysetup", 11 | "kernel_crypto", 12 | "udev", 13 | "internal-argon2", 14 | "blkid", 15 | "hw-opal" 16 | ] 17 | artifacts: 18 | name: "meson-build-logs-$CI_COMMIT_REF_NAME" 19 | paths: 20 | - meson_builddir/meson-logs 21 | script: 22 | - DEBIAN_FRONTEND=noninteractive apt-get -yq install meson ninja-build 23 | - export CFLAGS="-Wall -Werror" 24 | - ./autogen.sh 25 | - echo "Configuring with --disable-$DISABLE_FLAGS" 26 | - ./configure $(for i in $DISABLE_FLAGS; do echo "--disable-$i"; done) 27 | - make -j 28 | - make -j check-programs 29 | - git checkout -f && git clean -xdf 30 | - meson -v 31 | - echo "Configuring with -D$DISABLE_FLAGS=false" 32 | - meson setup meson_builddir $(for i in $DISABLE_FLAGS; do [ "$i" == "internal-argon2" ] && echo "-Dargon-implementation=internal" || echo "-D$i=false"; done) 33 | - ninja -C meson_builddir 34 | -------------------------------------------------------------------------------- /.gitlab/ci/csmock.yml: -------------------------------------------------------------------------------- 1 | .dnf-csmock: 2 | variables: 3 | DISTRO: cryptsetup-fedora-rawhide 4 | DISK_SIZE: 20 5 | extends: 6 | - .fail_if_coredump_generated 7 | before_script: 8 | - > 9 | sudo dnf -y -q install 10 | autoconf automake device-mapper-devel gcc gettext-devel json-c-devel 11 | libblkid-devel libpwquality-devel libselinux-devel 12 | libssh-devel libtool libuuid-devel make popt-devel 13 | libsepol-devel.x86_64 pkgconfig tar uuid-devel git 14 | openssl-devel asciidoctor meson ninja-build 15 | rpm-build csmock 16 | 17 | test-commit-job-csmock: 18 | extends: 19 | - .dnf-csmock 20 | tags: 21 | - libvirt 22 | - cryptsetup-fedora-rawhide 23 | stage: test 24 | interruptible: true 25 | allow_failure: true 26 | rules: 27 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 28 | when: never 29 | - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ || $CI_PIPELINE_SOURCE == "merge_request_event" 30 | script: 31 | - .gitlab/ci/build_srpm 32 | - .gitlab/ci/run_csmock 33 | artifacts: 34 | when: always 35 | paths: 36 | - cryptsetup-csmock-results.tar.xz 37 | -------------------------------------------------------------------------------- /.gitlab/ci/debian-i686.yml: -------------------------------------------------------------------------------- 1 | test-mergerq-job-debian-i686: 2 | extends: 3 | - .debian-prep 4 | tags: 5 | - libvirt 6 | - cryptsetup-debian-12i686 7 | stage: test 8 | interruptible: true 9 | variables: 10 | DISTRO: cryptsetup-debian-12i686 11 | RUN_SSH_PLUGIN_TEST: "1" 12 | rules: 13 | - if: $RUN_SYSTEMD_PLUGIN_TEST != null 14 | when: never 15 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 16 | when: never 17 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" 18 | script: 19 | - make -j 20 | - make -j -C tests check-programs 21 | - sudo -E make check 22 | 23 | test-main-commit-job-debian-i686: 24 | extends: 25 | - .debian-prep 26 | tags: 27 | - libvirt 28 | - cryptsetup-debian-12i686 29 | stage: test 30 | interruptible: true 31 | variables: 32 | DISTRO: cryptsetup-debian-12i686 33 | RUN_SSH_PLUGIN_TEST: "1" 34 | rules: 35 | - if: $RUN_SYSTEMD_PLUGIN_TEST != null 36 | when: never 37 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 38 | when: never 39 | - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ 40 | script: 41 | - make -j 42 | - make -j -C tests check-programs 43 | - sudo -E make check 44 | -------------------------------------------------------------------------------- /.gitlab/ci/gcc-Wall: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # gcc -Wall plus other important warnings not included in -Wall 3 | 4 | for arg in "$@" 5 | do 6 | case $arg in 7 | -O*) Wuninitialized=-Wuninitialized;; # only makes sense with `-O' 8 | esac 9 | done 10 | 11 | GCC="gcc${COMPILER_VERSION:+-$COMPILER_VERSION}" 12 | 13 | #PEDANTIC="-std=gnu99" 14 | #PEDANTIC="-pedantic -std=gnu99" 15 | #PEDANTIC="-pedantic -std=gnu99 -Wno-variadic-macros" 16 | #CONVERSION="-Wconversion" 17 | # -Wpacked \ 18 | 19 | # This does more than expected for gcc (mixed code with declarations) 20 | # -Wdeclaration-after-statement \ 21 | 22 | EXTRA="-Wextra \ 23 | -Wsign-compare \ 24 | -Werror-implicit-function-declaration \ 25 | -Wpointer-arith \ 26 | -Wwrite-strings \ 27 | -Wswitch \ 28 | -Wmissing-format-attribute \ 29 | -Wstrict-aliasing=3 \ 30 | -Winit-self \ 31 | -Wunsafe-loop-optimizations \ 32 | -Wold-style-definition \ 33 | -Wno-missing-field-initializers \ 34 | -Wunused-parameter \ 35 | -Wno-long-long \ 36 | -Wmaybe-uninitialized \ 37 | -Wvla \ 38 | -Wformat-overflow \ 39 | -Wformat-truncation" 40 | 41 | exec $GCC $PEDANTIC $CONVERSION \ 42 | -Wall $Wuninitialized \ 43 | -Wno-switch \ 44 | -Wdisabled-optimization \ 45 | -Wwrite-strings \ 46 | -Wpointer-arith \ 47 | -Wbad-function-cast \ 48 | -Wmissing-prototypes \ 49 | -Wmissing-declarations \ 50 | -Wstrict-prototypes \ 51 | -Wnested-externs \ 52 | -Wcomment \ 53 | -Winline \ 54 | -Wcast-align=strict \ 55 | -Wcast-qual \ 56 | -Wredundant-decls $EXTRA \ 57 | "$@" 58 | -------------------------------------------------------------------------------- /.gitlab/ci/gitlab-shared-docker.yml: -------------------------------------------------------------------------------- 1 | .gitlab-shared-docker: 2 | image: ubuntu:noble 3 | tags: 4 | - gitlab-org-docker 5 | stage: test 6 | interruptible: true 7 | rules: 8 | - if: $CI_PROJECT_PATH != "cryptsetup/cryptsetup" 9 | when: never 10 | - if: $CI_PIPELINE_SOURCE == "merge_request_event" || $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH || $CI_COMMIT_BRANCH =~ /v2\..\.x$/ 11 | before_script: 12 | - .gitlab/ci/cibuild-setup-ubuntu.sh 13 | - export CC="${COMPILER}${COMPILER_VERSION:+-$COMPILER_VERSION}" 14 | - export CXX="${COMPILER}++${COMPILER_VERSION:+-$COMPILER_VERSION}" 15 | 16 | .gitlab-shared-gcc: 17 | extends: 18 | - .gitlab-shared-docker 19 | variables: 20 | COMPILER: "gcc" 21 | COMPILER_VERSION: "14" 22 | CC: "gcc-14" 23 | RUN_SSH_PLUGIN_TEST: "1" 24 | 25 | .gitlab-shared-clang: 26 | extends: 27 | - .gitlab-shared-docker 28 | variables: 29 | COMPILER: "clang" 30 | COMPILER_VERSION: "19" 31 | CC: "clang-19" 32 | RUN_SSH_PLUGIN_TEST: "1" 33 | -------------------------------------------------------------------------------- /.gitlab/ci/run_csmock: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | CSMOCK="sudo /usr/bin/csmock" 4 | CSMOCK_TOOLS="gcc,clang,cppcheck,shellcheck" 5 | CSMOCK_TXZ="cryptsetup-csmock-results.tar.xz" 6 | CSMOCK_ERR="cryptsetup-csmock-results/scan-results.err" 7 | 8 | $CSMOCK cryptsetup-*.src.rpm \ 9 | --keep-going --force \ 10 | --cswrap-timeout 300 \ 11 | --skip-patches \ 12 | --tools $CSMOCK_TOOLS \ 13 | --output $CSMOCK_TXZ \ 14 | --gcc-analyze \ 15 | --cppcheck-add-flag=--check-level=exhaustive \ 16 | || { echo "csmock command failed"; exit 2; } 17 | 18 | tar xJf $CSMOCK_TXZ $CSMOCK_ERR --strip-components 1 \ 19 | && test -s $CSMOCK_ERR \ 20 | && { echo "csmock discovered important errors"; echo 3; } 21 | 22 | exit 0 23 | -------------------------------------------------------------------------------- /.gitlab/ci/spellcheck: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | DIR="_spellcheck" 5 | 6 | [ ! -d $DIR ] && mkdir $DIR 7 | 8 | echo "[SPELLINTIAN]" 9 | git ls-tree -rz --name-only HEAD | grep -Evz -e '\.(pdf|xz)$' -e ^po/ | \ 10 | xargs -r0 spellintian | \ 11 | grep -v "(duplicate word)" | \ 12 | grep -v "docs/" | tee $DIR/spell1.txt 13 | 14 | echo "[CODESPELL]" 15 | git ls-tree -rz --name-only HEAD | grep -Evz -e '\.(pdf|xz)$' -e ^po/ | \ 16 | xargs -r0 codespell | \ 17 | grep -v "EXPCT" | \ 18 | grep -v "params, prams" | \ 19 | grep -v "pad, padded" | \ 20 | grep -v "CIPHER, CHIP" | \ 21 | grep -v "gost" | \ 22 | grep -v "userA" | \ 23 | grep -v "re-use" | \ 24 | grep -v "fo ==" | \ 25 | grep -v "docs/" | tee $DIR/spell2.txt 26 | 27 | 28 | [ -s $DIR/spell1.txt ] && exit 1 29 | [ -s $DIR/spell2.txt ] && exit 2 30 | 31 | exit 0 32 | -------------------------------------------------------------------------------- /.gitlab/issue_templates/Bug.md: -------------------------------------------------------------------------------- 1 | ### Issue description 2 | 3 | 4 | ### Steps for reproducing the issue 5 | 6 | 7 | ### Additional info 8 | 9 | 10 | ### Debug log 11 | 12 | 13 | 14 | ``` 15 | Output with --debug option: 16 | 17 | ``` 18 | 19 | -------------------------------------------------------------------------------- /.gitlab/issue_templates/Documentation.md: -------------------------------------------------------------------------------- 1 | ### Documentation issue 2 | 3 | 4 | ### Additional info 5 | 6 | -------------------------------------------------------------------------------- /.gitlab/issue_templates/Feature.md: -------------------------------------------------------------------------------- 1 | ### New feature description 2 | 3 | 4 | ### Additional info 5 | 6 | -------------------------------------------------------------------------------- /AUTHORS: -------------------------------------------------------------------------------- 1 | Jana Saout 2 | Clemens Fruhwirth 3 | Milan Broz 4 | Ondrej Kozina 5 | -------------------------------------------------------------------------------- /README.licensing: -------------------------------------------------------------------------------- 1 | The cryptsetup project does not use the same license for all of the code and documentation. 2 | 3 | There is code and documentation under: 4 | 5 | * GPL-2.0-or-later - GNU General Public License version 2, or any later version 6 | 7 | * LGPL-2.1-or-later WITH cryptsetup-OpenSSL-exception 8 | * LGPL-2.1-or-later - GNU Lesser General Public License 2.1 or any later version, 9 | (with cryptsetup-OpenSSL-exception where applicable) 10 | 11 | * Apache-2.0 - Apache License 2.0 12 | 13 | * CC-BY-SA-4.0 - Creative Commons Attribution Share Alike 4.0 International 14 | 15 | * Public Domain 16 | 17 | Please, check the source code for more details. 18 | 19 | The ./COPYING file (GPL-2.0-or-later) is the default license for code without 20 | an explicitly defined license. 21 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Reporting a Security Bug in cryptsetup project 2 | 3 | If you think you have discovered a security issue, please report it through 4 | the project issue tracker [New issue](https://gitlab.com/cryptsetup/cryptsetup/issues) 5 | as a confidential issue (select confidential checkbox). 6 | 7 | An alternative is to send PGP encrypted mail to the cryptsetup maintainer. 8 | Current maintainer is [Milan Broz](mailto:gmazyland@gmail.com), use PGP key 9 | with fingerprint 2A29 1824 3FDE 4664 8D06 86F9 D9B0 577B D93E 98FC. 10 | 11 | -------------------------------------------------------------------------------- /docs/examples/Makefile: -------------------------------------------------------------------------------- 1 | TARGETS=crypt_log_usage crypt_luks_usage 2 | CFLAGS=-O0 -g -Wall -D_GNU_SOURCE 3 | LDLIBS=-lcryptsetup 4 | CC=gcc 5 | 6 | all: $(TARGETS) 7 | 8 | crypt_log_usage: crypt_log_usage.o 9 | $(CC) -o $@ $^ $(LDLIBS) 10 | 11 | crypt_luks_usage: crypt_luks_usage.o 12 | $(CC) -o $@ $^ $(LDLIBS) 13 | 14 | clean: 15 | rm -f *.o *~ core $(TARGETS) 16 | 17 | .PHONY: clean 18 | -------------------------------------------------------------------------------- /docs/on-disk-format-luks2.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/docs/on-disk-format-luks2.pdf -------------------------------------------------------------------------------- /docs/on-disk-format.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/docs/on-disk-format.pdf -------------------------------------------------------------------------------- /docs/v1.1.2-ReleaseNotes: -------------------------------------------------------------------------------- 1 | == Cryptsetup 1.1.2 Release Notes == 2 | 3 | This release fixes a regression (introduced in 1.1.1 version) in handling 4 | key files containing new line characters (affects only files read from 5 | standard input). 6 | 7 | Cryptsetup can accept passphrase on stdin (standard input). 8 | 9 | Handling of new line (\n) character is defined by input specification: 10 | 11 | * if keyfile is specified as "-" (using --key-file=- of by "-" positional argument 12 | in luksFormat and luksAddKey, like cat file | cryptsetup --key-file=- ), 13 | input is processed as normal binary file and no new line is interpreted. 14 | 15 | * if there is no key file specification (with default input from stdin pipe 16 | like echo passphrase | cryptsetup ) input is processed as input from terminal, 17 | reading will stop after new line is detected. 18 | 19 | Moreover, luksFormat now understands --key-file (in addition to positional key 20 | file argument). 21 | 22 | N.B. Using of standard input and pipes for passphrases should be avoided if possible, 23 | cryptsetup have no control of used pipe buffers between commands in scripts and cannot 24 | guarantee that all passphrase/key-file buffers are properly wiped after use. 25 | 26 | === changes since version 1.1.1 === 27 | 28 | * Fix luksFormat/luksOpen reading passphrase from stdin and "-" keyfile. 29 | * Support --key-file/-d option for luksFormat. 30 | * Fix description of --key-file and add --verbose and --debug options to man page. 31 | * Add verbose log level and move unlocking message there. 32 | * Remove device even if underlying device disappeared (remove, luksClose). 33 | * Fix (deprecated) reload device command to accept new device argument. 34 | -------------------------------------------------------------------------------- /docs/v1.1.3-ReleaseNotes: -------------------------------------------------------------------------------- 1 | == Cryptsetup 1.1.3 Release Notes == 2 | 3 | === changes since version 1.1.2 === 4 | 5 | * Fix device alignment ioctl calls parameters. 6 | (Device alignment code was not working properly on some architectures like ppc64.) 7 | 8 | * Fix activate_by_* API calls to handle NULL device name as documented. 9 | (To enable check of passphrase/keyfile using libcryptsetup without activating the device.) 10 | 11 | * Fix udev support for old libdevmapper with not compatible definition. 12 | 13 | * Added Polish translation file. 14 | -------------------------------------------------------------------------------- /docs/v1.3.1-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.3.1 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.3.0 5 | 6 | * Fix keyfile=- processing in create command (regression in 1.3.0). 7 | 8 | * Simplify device path status check (use /sys and do not scan /dev). 9 | 10 | * Do not ignore device size argument for create command (regression in 1.2.0). 11 | 12 | * Fix error paths in blockwise code and lseek_write call. 13 | 14 | * Add optional Nettle crypto backend support. 15 | -------------------------------------------------------------------------------- /docs/v1.4.1-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.4.1 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.4.0 5 | 6 | * Merge experimental Python cryptsetup (pycryptsetup) binding. 7 | 8 | This option is disabled by default, you can enable build of Python binding 9 | with --enable--python configure switch. 10 | 11 | Note that binding currently covers only partial libcryptsetup functions, 12 | mainly LUKS device handling needed for Anaconda installer. 13 | Until now provided separately as python-cryptsetup. 14 | Thanks to Martin Sivak for the code. 15 | 16 | See python subdirectory for more info. 17 | 18 | Python binding code is experimental for now, no stable API guarantee. 19 | 20 | * Fix crypt_get_volume_key_size() for plain device. 21 | (cryptsetup status reported zero key size for plain crypt devices). 22 | 23 | * Fix typo in set_iteration_time API call (old name remains for compatibility reasons). 24 | 25 | * Fix FSF address in license and add LGPL license text. 26 | -------------------------------------------------------------------------------- /docs/v1.4.2-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.4.2 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.4.1 5 | 6 | * Add --keyfile-offset and --new-keyfile-offset parameters to API and CLI. 7 | These options can be used to skip start of keyfile or device used as keyfile. 8 | 9 | * Add repair command and crypt_repair() for known LUKS metadata problems repair. 10 | 11 | Some well-known LUKS metadata corruptions are easy to repair, this 12 | command should provide a way to fix these problems. 13 | 14 | Always create binary backup of header device before running repair, 15 | (only 4kB - visible header) for example by using dd: 16 | dd if=/dev/ of=repair_bck.img bs=1k count=4 17 | 18 | Then you can try to run repair: 19 | cryptsetup repair 20 | 21 | Note, not all problems are possible to repair and if keyslot or some header 22 | parameters are overwritten, device is lost permanently. 23 | 24 | * Fix header check to support old (cryptsetup 1.0.0) header alignment. 25 | (Regression in 1.4.0) 26 | 27 | * Allow one to specify --align-payload only for luksFormat. 28 | 29 | * Add --master-key-file option to luksOpen (open using volume key). 30 | 31 | * Support UUID= format for device specification. 32 | You can open device by UUID (only shortcut to /dev/disk/by-uuid/ symlinks). 33 | 34 | * Support password verification with quiet flag if possible. (1.2.0) 35 | Password verification can be still possible if input is terminal. 36 | 37 | * Fix retry if entered passphrases (with verify option) do not match. 38 | (It should retry if requested, not fail.) 39 | 40 | * Fix use of empty keyfile. 41 | 42 | * Fix error message for luksClose and detached LUKS header. 43 | 44 | * Allow --header for status command to get full info with detached header. 45 | -------------------------------------------------------------------------------- /docs/v1.5.1-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.5.1 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.5.0 5 | 6 | * The libcryptsetup library now tries to initialize device-mapper backend and 7 | loop devices only if they are really needed (lazy initializations). 8 | This allows some operations to be run by a non-root user. 9 | 10 | (Unfortunately LUKS header keyslot operations still require temporary dm-crypt 11 | device and device-mapper subsystem is available only to superuser.) 12 | 13 | Also clear error messages are provided if running as non-root user and 14 | operation requires privileged user. 15 | 16 | * Veritysetup can be now used by a normal user for creating hash image to file 17 | and also it can create hash image if doesn't exist. 18 | (Previously it required pre-allocated space.) 19 | 20 | * Added crypt_keyslot_area() API call which allows external tools 21 | to get exact keyslot offsets and analyse content. 22 | 23 | An example of a tool that searches the keyslot area of a LUKS container 24 | for positions where entropy is low and hence there is a high probability 25 | of damage is in misc/kesylot_checker. 26 | (Thanks to Arno Wagner for the code.) 27 | 28 | * Optimized seek to keyfile-offset if key offset is large. 29 | 30 | * Fixed luksHeaderBackup for very old v1.0 unaligned LUKS headers. 31 | 32 | * Various fixes for problems found by a several static analysis tools. 33 | -------------------------------------------------------------------------------- /docs/v1.6.1-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.6.1 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.6.0 5 | 6 | * Fix loop-AES keyfile parsing. 7 | Loop-AES keyfile should be text keyfile, reject keyfiles which 8 | are not properly terminated. 9 | 10 | * Fix passphrase pool overflow for too long TCRYPT passphrase. 11 | (Maximal TCRYPT passphrase length is 64 characters.) 12 | 13 | * Return EPERM (translated to exit code 2) for too long TCRYPT passphrase. 14 | 15 | * Fix deactivation of device when failed underlying node disappeared. 16 | 17 | * Fix API deactivate call for TCRYPT format and NULL context parameter. 18 | 19 | * Improve keyslot checker example documentation. 20 | 21 | * Report error message if deactivation fails and device is still busy. 22 | 23 | * Make passphrase prompts more consistent (and remove "LUKS" form prompt). 24 | 25 | * Fix some missing headers (compilation failed with alternative libc). 26 | 27 | * Remove not functional API UUID support for plain & loopaes devices. 28 | (not persistent activation UUID). 29 | 30 | * Properly cleanup devices on interrupt in api-test. 31 | 32 | * Support all tests run if kernel is in FIPS mode. 33 | -------------------------------------------------------------------------------- /docs/v1.6.2-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.6.2 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.6.1 5 | 6 | * Print error and fail if more device arguments are present for isLuks command. 7 | 8 | * Fix cipher specification string parsing (found by gcc -fsanitize=address option). 9 | 10 | * Try to map TCRYPT system encryption through partition 11 | (allows one to activate mapping when other partition on the same device is mounted). 12 | 13 | * Print a warning if system encryption is used and device is a partition. 14 | (TCRYPT system encryption uses whole device argument.) 15 | 16 | * Disallow explicit small payload offset for LUKS detached header. 17 | LUKS detached header only allows data payload 0 (whole data device is used) 18 | or explicit offset larger than header + keyslots size. 19 | 20 | * Fix boundary condition for verity device that caused failure for certain device sizes. 21 | 22 | * Various fixes to documentation, including update FAQ, default modes 23 | and TCRYPT description. 24 | 25 | * Workaround for some recent changes in automake (serial-tests). 26 | -------------------------------------------------------------------------------- /docs/v1.6.6-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.6.6 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.6.5 5 | 6 | * LUKS: Fix keyslot device access for devices which 7 | do not support direct IO operations. (Regression in 1.6.5.) 8 | 9 | * LUKS: Fallback to old temporary keyslot device mapping method 10 | if hash (for ESSIV) is not supported by userspace crypto 11 | library. (Regression in 1.6.5.) 12 | 13 | * Properly activate device with discard (TRIM for SSDs) 14 | if requested even if dm_crypt module is not yet loaded. 15 | Only if discard is not supported by the old kernel then 16 | the discard option is ignored. 17 | 18 | * Fix some static analysis build warnings (scan-build). 19 | 20 | * Report crypto lib version only once (and always add kernel 21 | version) in debug output. 22 | 23 | Cryptsetup API NOTE: 24 | The direct terminal handling for passphrase entry will be removed from 25 | libcryptsetup in next major version (application should handle it itself). 26 | 27 | It means that you have to always either provide password in buffer or set 28 | your own password callback function through crypt_set_password_callback(). 29 | See API documentation (or libcryptsetup.h) for more info. 30 | -------------------------------------------------------------------------------- /docs/v1.7.1-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.7.1 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.7.0 5 | 6 | * Code now uses kernel crypto API backend according to new 7 | changes introduced in mainline kernel 8 | 9 | While mainline kernel should contain backward compatible 10 | changes, some stable series kernels do not contain fully 11 | backported compatibility patches. 12 | Without these patches most of cryptsetup operations 13 | (like unlocking device) fail. 14 | 15 | This change in cryptsetup ensures that all operations using 16 | kernel crypto API works even on these kernels. 17 | 18 | * The cryptsetup-reencrypt utility now properly detects removal 19 | of underlying link to block device and does not remove 20 | ongoing re-encryption log. 21 | This allows proper recovery (resume) of reencrypt operation later. 22 | 23 | NOTE: Never use /dev/disk/by-uuid/ path for reencryption utility, 24 | this link disappears once the device metadata is temporarily 25 | removed from device. 26 | 27 | * Cryptsetup now allows special "-" (standard input) keyfile handling 28 | even for TCRYPT (TrueCrypt and VeraCrypt compatible) devices. 29 | 30 | * Cryptsetup now fails if there are more keyfiles specified 31 | for non-TCRYPT device. 32 | 33 | * The luksKillSlot command now does not suppress provided password 34 | in batch mode (if password is wrong slot is not destroyed). 35 | Note that not providing password in batch mode means that keyslot 36 | is destroyed unconditionally. 37 | -------------------------------------------------------------------------------- /docs/v1.7.2-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.7.2 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.7.1 5 | 6 | * Update LUKS documentation format. 7 | Clarify fixed sector size and keyslots alignment. 8 | 9 | * Support activation options for error handling modes in Linux kernel 10 | dm-verity module: 11 | 12 | --ignore-corruption - dm-verity just logs detected corruption 13 | 14 | --restart-on-corruption - dm-verity restarts the kernel if corruption is detected 15 | 16 | If the options above are not specified, default behavior for dm-verity remains. 17 | Default is that I/O operation fails with I/O error if corrupted block is detected. 18 | 19 | --ignore-zero-blocks - Instructs dm-verity to not verify blocks that are expected 20 | to contain zeroes and always return zeroes directly instead. 21 | 22 | NOTE that these options could have security or functional impacts, 23 | do not use them without assessing the risks! 24 | 25 | * Fix help text for cipher benchmark specification (mention --cipher option). 26 | 27 | * Fix off-by-one error in maximum keyfile size. 28 | Allow keyfiles up to compiled-in default and not that value minus one. 29 | 30 | * Support resume of interrupted decryption in cryptsetup-reencrypt utility. 31 | To resume decryption, LUKS device UUID (--uuid option) option must be used. 32 | 33 | * Do not use direct-io for LUKS header with unaligned keyslots. 34 | Such headers were used only by the first cryptsetup-luks-1.0.0 release (2005). 35 | 36 | * Fix device block size detection to properly work on particular file-based 37 | containers over underlying devices with 4k sectors. 38 | -------------------------------------------------------------------------------- /docs/v1.7.3-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.7.3 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.7.2 5 | 6 | * Fix device access to hash offsets located beyond the 2GB device boundary in veritysetup. 7 | 8 | * Set configured (compile-time) default iteration time for devices created directly through 9 | libcryptsetup (default was hardcoded 1 second, the configured value applied only 10 | for cryptsetup application). 11 | 12 | * Fix PBKDF2 benchmark to not double iteration count for specific corner case. 13 | If the measurement function returns exactly 500 ms, the iteration calculation loop 14 | doubled iteration count but instead of repeating measurement it used this value directly. 15 | 16 | * OpenSSL backend: fix memory leak if hash context was repeatedly reused. 17 | 18 | * OpenSSL backend: add support for OpenSSL 1.1.0. 19 | 20 | * Fix several minor spelling errors. 21 | -------------------------------------------------------------------------------- /docs/v1.7.4-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.7.4 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.7.3 5 | 6 | * Allow one to specify LUKS1 hash algorithm in Python luksFormat wrapper. 7 | 8 | * Use LUKS1 compiled-in defaults also in Python wrapper. 9 | 10 | * OpenSSL backend: Fix OpenSSL 1.1.0 support without backward compatible API. 11 | 12 | * OpenSSL backend: Fix LibreSSL compatibility. 13 | 14 | * Check for data device and hash device area overlap in veritysetup. 15 | 16 | * Fix a possible race while allocating a free loop device. 17 | 18 | * Fix possible file descriptor leaks if libcryptsetup is run from a forked process. 19 | 20 | * Fix missing same_cpu_crypt flag in status command. 21 | 22 | * Various updates to FAQ and man pages. 23 | -------------------------------------------------------------------------------- /docs/v1.7.5-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 1.7.5 Release Notes 2 | ============================== 3 | 4 | Changes since version 1.7.4 5 | 6 | * Fixes to luksFormat to properly support recent kernel running in FIPS mode. 7 | 8 | Cryptsetup must never use a weak key even if it is just used for testing 9 | of algorithm availability. In FIPS mode, weak keys are always rejected. 10 | 11 | A weak key is for example detected if the XTS encryption mode use 12 | the same key for the tweak and the encryption part. 13 | 14 | * Fixes accesses to unaligned hidden legacy TrueCrypt header. 15 | 16 | On a native 4k-sector device the old hidden TrueCrypt header is not 17 | aligned with the hw sector size (this problem was fixed in later TrueCrypt 18 | on-disk format versions). 19 | 20 | Cryptsetup now properly aligns the read so it does not fail. 21 | 22 | * Fixes to optional dracut ramdisk scripts for offline re-encryption on initial boot. 23 | -------------------------------------------------------------------------------- /docs/v2.2.1-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 2.2.1 Release Notes 2 | ============================== 3 | Stable bug-fix release. 4 | 5 | This version contains a fix for a possible data corruption bug 6 | on 32-bit platforms. 7 | All users of cryptsetup 2.1 and 2.2 should upgrade to this version. 8 | 9 | Changes since version 2.2.0 10 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 11 | 12 | * Fix possible data length and IV offset overflow on 32bit architectures. 13 | Other 64-bit architectures are not affected. 14 | 15 | The flawed helper function prototypes (introduced in version 2.1.0) used 16 | size_t type, that is 32-bit integer on 32-bit systems. 17 | This patch fixes the problem to properly use 64-bit types. 18 | 19 | If the offset parameter addresses devices larger than 2TB, the value 20 | overflows and stores incorrect information in the metadata. 21 | For example, integrity device is smaller than expected size if used 22 | over large disk on 32-bit architecture. 23 | 24 | This issue is not present with the standard LUKS1/LUKS2 devices without 25 | integrity extensions. 26 | 27 | * Fix a regression in TrueCrypt/VeraCrypt system partition activation. 28 | 29 | * Reinstate missing backing file hint for loop device. 30 | 31 | If the encrypted device is backed by a file (loopback), cryptsetup now 32 | shows the path to the backing file in passphrase query (as in 1.x version). 33 | 34 | * LUKS2 reencryption block size is now aligned to reported optimal IO size. 35 | This change eliminates possible non-aligned device warnings in kernel log 36 | during reencryption. 37 | -------------------------------------------------------------------------------- /docs/v2.3.2-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 2.3.2 Release Notes 2 | ============================== 3 | Stable bug-fix release. 4 | 5 | All users of cryptsetup 2.x should upgrade to this version. 6 | 7 | Changes since version 2.3.1 8 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 9 | 10 | * Support compilation with json-c library version 0.14. 11 | 12 | * Update FAQ document for some LUKS2 specific information. 13 | 14 | * Add option to dump content of LUKS2 unbound keyslot: 15 | cryptsetup luksDump --unbound -S 16 | or optionally with --master-key-file option. 17 | 18 | The slot number --key-slot (-S) option is mandatory here. 19 | 20 | An unbound keyslot store a key is that is not assigned to data 21 | area on disk (LUKS2 allows one to store arbitrary keys). 22 | 23 | * Rephrase some error messages and remove redundant end-of-lines. 24 | 25 | * Add support for discards (TRIM) for standalone dm-integrity devices. 26 | Linux kernel 5.7 adds support for optional discard/TRIM operation 27 | over dm-integrity devices. 28 | 29 | It is now supported through --allow-discards integritysetup option. 30 | Note you need to add this flag in all activation calls. 31 | 32 | Note that this option cannot be used for LUKS2 authenticated encryption 33 | (that uses dm-integrity for storing additional per-sector metadata). 34 | 35 | * Fix cryptsetup-reencrypt to work on devices that do not allow 36 | direct-io device access. 37 | 38 | * Fix a crash in the BitLocker-compatible code error path. 39 | 40 | * Fix Veracrypt compatible support for longer (>64 bytes) passphrases. 41 | It allows some older images to be correctly opened again. 42 | The issue was introduced in version 2.3.1. 43 | -------------------------------------------------------------------------------- /docs/v2.3.3-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 2.3.3 Release Notes 2 | ============================== 3 | Stable bug-fix release. 4 | 5 | All users of cryptsetup 2.x should upgrade to this version. 6 | 7 | Changes since version 2.3.2 8 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 9 | 10 | * Fix BitLocker compatible device access that uses native 4kB sectors. 11 | 12 | Devices formatted with storage that natively support 4096-bytes 13 | sectors can also use this sector size for encryption units. 14 | 15 | * Support large IV count (--iv-large-sectors) cryptsetup option 16 | for plain device mapping. 17 | 18 | The large IV count is supported in dm-crypt together with larger 19 | sector encryption. It counts the Initialization Vector (IV) in 20 | a larger sector size instead of 512-bytes sectors. 21 | 22 | This option does not have any performance or security impact, 23 | but it can be used for accessing incompatible existing disk images 24 | from other systems. 25 | 26 | Only open action with plain device type and sector size > 512 bytes 27 | are supported. 28 | 29 | * Fix a memory leak in BitLocker compatible handling. 30 | 31 | * Allow EBOIV (Initialization Vector algorithm) use. 32 | 33 | The EBOIV initialization vector is intended to be used internally 34 | with BitLocker devices (for CBC mode). It can now be used also 35 | outside of the BitLocker compatible code. 36 | 37 | * Require both keyslot cipher and key size options. 38 | 39 | If these LUKS2 keyslot parameters were not specified together, 40 | cryptsetup silently failed. 41 | 42 | * Update to man pages and FAQ. 43 | -------------------------------------------------------------------------------- /docs/v2.4.2-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 2.4.2 Release Notes 2 | ============================== 3 | Stable bug-fix release. 4 | 5 | All users of cryptsetup 2.4.1 should upgrade to this version. 6 | 7 | Changes since version 2.4.1 8 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 9 | 10 | * Fix possible large memory allocation if LUKS2 header size is invalid. 11 | LUKS2 code read the full header to buffer to verify the checksum. 12 | The maximal supported header size now limits the memory allocation. 13 | 14 | * Fix memory corruption in debug message printing LUKS2 checksum. 15 | 16 | * veritysetup: remove link to the UUID library for the static build. 17 | 18 | * Remove link to pwquality library for integritysetup and veritysetup. 19 | These tools do not read passphrases. 20 | 21 | * OpenSSL3 backend: avoid remaining deprecated calls in API. 22 | Crypto backend no longer use API deprecated in OpenSSL 3.0 23 | 24 | 25 | * Check if kernel device-mapper create device failed in an early phase. 26 | This happens when a concurrent creation of device-mapper devices 27 | meets in the very early state. 28 | 29 | * Do not set compiler optimization flag for Argon2 KDF if the memory 30 | wipe is implemented in libc. 31 | 32 | * Do not attempt to unload LUKS2 tokens if external tokens are disabled. 33 | This allows building a static binary with --disable-external-tokens. 34 | 35 | * LUKS convert: also check sysfs for device activity. 36 | If udev symlink is missing, code fallbacks to sysfs scan to prevent 37 | data corruption for the active device. 38 | -------------------------------------------------------------------------------- /docs/v2.7.1-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 2.7.1 Release Notes 2 | ============================== 3 | Stable bug-fix release with minor extensions. 4 | 5 | All users of cryptsetup 2.7.0 should upgrade to this version. 6 | 7 | Changes since version 2.7.0 8 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 9 | 10 | * Fix interrupted LUKS1 decryption resume. 11 | With the replacement of the cryptsetup-reencrypt tool by the cryptsetup 12 | reencrypt command, resuming the interrupted LUKS1 decryption operation 13 | could fail. LUKS2 was not affected. 14 | 15 | * Allow --link-vk-to-keyring with --test-passphrase option. 16 | This option allows uploading the volume key in a user-specified kernel 17 | keyring without activating the device. 18 | 19 | * Fix crash when --active-name was used in decryption initialization. 20 | 21 | * Updates and changes to man pages, including indentation, sorting options 22 | alphabetically, fixing mistakes in crypt_set_keyring_to_link, and fixing 23 | some typos. 24 | 25 | * Fix compilation with libargon2 when --disable-internal-argon2 was used. 26 | 27 | * Do not require installed argon2.h header and never compile internal 28 | libargon2 code if the crypto library directly supports Argon2. 29 | 30 | * Fixes to regression tests to support older Linux distributions. 31 | -------------------------------------------------------------------------------- /docs/v2.7.2-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 2.7.2 Release Notes 2 | ============================== 3 | Stable bug-fix release. 4 | 5 | All users of cryptsetup 2.7 should upgrade to this version. 6 | 7 | Changes since version 2.7.1 8 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 9 | * Fix activation of OPAL-only encrypted LUKS device with tokens. 10 | The issue was caused by an invalid volume key check (assert) 11 | that is impossible without software encryption. 12 | 13 | * Fix formatting of OPAL devices with 4096-byte sector size. 14 | 15 | * Fix incorrect OPAL locking range alignment calculation if used 16 | over an unaligned device partition. 17 | 18 | * Add --hw-opal-factory-reset option description to the manual page. 19 | 20 | * Do not check the passphrase quality for OPAL Admin PIN, 21 | as this passphrase already exists. 22 | 23 | * Update license for FAQ document to CC BY-SA 4.0. 24 | 25 | NOTE: Please note that with OPAL-only (--hw-opal-only) encryption, 26 | the configured OPAL administrator PIN (passphrase) allows unlocking 27 | all configured locking ranges without LUKS keyslot decryption 28 | (without knowledge of LUKS passphrase). 29 | Because of many observed problems with compatibility, cryptsetup 30 | currently DOES NOT use OPAL single-user mode, which would allow such 31 | decoupling of OPAL admin PIN access. 32 | -------------------------------------------------------------------------------- /docs/v2.7.5-ReleaseNotes: -------------------------------------------------------------------------------- 1 | Cryptsetup 2.7.5 Release Notes 2 | ============================== 3 | Stable bug-fix release. 4 | 5 | All users of cryptsetup 2.7 must upgrade to this version. 6 | 7 | Changes since version 2.7.4 8 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 9 | * Fix possible online reencryption data corruption (only in 2.7.x). 10 | 11 | In some situations (initializing a suspended device-mapper device), 12 | cryptsetup disabled direct-io device access. This caused unsafe 13 | online reencryption operations that could lead to data corruption. 14 | The code now adds strict checks (and aborts the operation) and 15 | changes direct-io detection code to prevent data corruption. 16 | 17 | * Fix a clang compilation error in SSH token plugin. 18 | 19 | As clang linker treats missing symbols as errors, the linker phase 20 | for the SSH token failed as the optional cryptsetup_token_buffer_free 21 | was not defined. 22 | 23 | * Fix crypto backend initialization in crypt_format_luks2_opal API call. 24 | -------------------------------------------------------------------------------- /lib/crypto_backend/Makemodule.am: -------------------------------------------------------------------------------- 1 | noinst_LTLIBRARIES += libcrypto_backend.la 2 | 3 | libcrypto_backend_la_CFLAGS = $(AM_CFLAGS) @CRYPTO_CFLAGS@ 4 | 5 | libcrypto_backend_la_SOURCES = \ 6 | lib/crypto_backend/crypto_backend.h \ 7 | lib/crypto_backend/crypto_backend_internal.h \ 8 | lib/crypto_backend/crypto_cipher_kernel.c \ 9 | lib/crypto_backend/crypto_storage.c \ 10 | lib/crypto_backend/pbkdf_check.c \ 11 | lib/crypto_backend/crc32.c \ 12 | lib/crypto_backend/base64.c \ 13 | lib/crypto_backend/utf8.c \ 14 | lib/crypto_backend/argon2_generic.c \ 15 | lib/crypto_backend/cipher_generic.c \ 16 | lib/crypto_backend/cipher_check.c \ 17 | lib/crypto_backend/memutils.c 18 | 19 | if CRYPTO_BACKEND_GCRYPT 20 | libcrypto_backend_la_SOURCES += lib/crypto_backend/crypto_gcrypt.c 21 | endif 22 | if CRYPTO_BACKEND_OPENSSL 23 | libcrypto_backend_la_SOURCES += lib/crypto_backend/crypto_openssl.c 24 | endif 25 | if CRYPTO_BACKEND_NSS 26 | libcrypto_backend_la_SOURCES += lib/crypto_backend/crypto_nss.c 27 | endif 28 | if CRYPTO_BACKEND_KERNEL 29 | libcrypto_backend_la_SOURCES += lib/crypto_backend/crypto_kernel.c 30 | endif 31 | if CRYPTO_BACKEND_NETTLE 32 | libcrypto_backend_la_SOURCES += lib/crypto_backend/crypto_nettle.c 33 | endif 34 | if CRYPTO_BACKEND_MBEDTLS 35 | libcrypto_backend_la_SOURCES += lib/crypto_backend/crypto_mbedtls.c 36 | endif 37 | 38 | if CRYPTO_INTERNAL_PBKDF2 39 | libcrypto_backend_la_SOURCES += lib/crypto_backend/pbkdf2_generic.c 40 | endif 41 | 42 | if CRYPTO_INTERNAL_ARGON2 43 | libcrypto_backend_la_DEPENDENCIES = libargon2.la 44 | libcrypto_backend_la_LIBADD = libargon2.la 45 | endif 46 | -------------------------------------------------------------------------------- /lib/crypto_backend/argon2/Makemodule.am: -------------------------------------------------------------------------------- 1 | noinst_LTLIBRARIES += libargon2.la 2 | 3 | libargon2_la_CFLAGS = $(AM_CFLAGS) -std=c89 -pthread -O3 4 | libargon2_la_CPPFLAGS = $(AM_CPPFLAGS) \ 5 | -I lib/crypto_backend/argon2 \ 6 | -I lib/crypto_backend/argon2/blake2 7 | 8 | libargon2_la_SOURCES = \ 9 | lib/crypto_backend/argon2/blake2/blake2b.c \ 10 | lib/crypto_backend/argon2/blake2/blake2.h \ 11 | lib/crypto_backend/argon2/blake2/blake2-impl.h \ 12 | lib/crypto_backend/argon2/argon2.c \ 13 | lib/crypto_backend/argon2/argon2.h \ 14 | lib/crypto_backend/argon2/core.c \ 15 | lib/crypto_backend/argon2/core.h \ 16 | lib/crypto_backend/argon2/encoding.c \ 17 | lib/crypto_backend/argon2/encoding.h \ 18 | lib/crypto_backend/argon2/thread.c \ 19 | lib/crypto_backend/argon2/thread.h 20 | 21 | if CRYPTO_INTERNAL_SSE_ARGON2 22 | libargon2_la_SOURCES += lib/crypto_backend/argon2/blake2/blamka-round-opt.h \ 23 | lib/crypto_backend/argon2/opt.c 24 | else 25 | libargon2_la_SOURCES += lib/crypto_backend/argon2/blake2/blamka-round-ref.h \ 26 | lib/crypto_backend/argon2/ref.c 27 | endif 28 | 29 | EXTRA_DIST += lib/crypto_backend/argon2/LICENSE 30 | EXTRA_DIST += lib/crypto_backend/argon2/README 31 | -------------------------------------------------------------------------------- /lib/crypto_backend/argon2/README: -------------------------------------------------------------------------------- 1 | This is bundled Argon2 algorithm library, copied from 2 | https://github.com/P-H-C/phc-winner-argon2 3 | 4 | For more info see Password Hashing Competition site: 5 | https://password-hashing.net/ 6 | -------------------------------------------------------------------------------- /lib/crypto_backend/argon2/meson.build: -------------------------------------------------------------------------------- 1 | libargon2_sources = files( 2 | 'blake2/blake2b.c', 3 | 'argon2.c', 4 | 'core.c', 5 | 'encoding.c', 6 | 'thread.c', 7 | ) 8 | 9 | if use_internal_sse_argon2 10 | libargon2_sources += files( 11 | 'opt.c', 12 | ) 13 | else 14 | libargon2_sources += files( 15 | 'ref.c', 16 | ) 17 | endif 18 | 19 | libargon2 = static_library('argon2', 20 | libargon2_sources, 21 | override_options : ['c_std=c89', 'optimization=3'], 22 | build_by_default : false, 23 | include_directories: include_directories( 24 | 'blake2', 25 | ), 26 | dependencies : [ 27 | threads, 28 | ]) 29 | -------------------------------------------------------------------------------- /lib/crypto_backend/argon2/thread.c: -------------------------------------------------------------------------------- 1 | /* 2 | * Argon2 reference source code package - reference C implementations 3 | * 4 | * Copyright 2015 5 | * Daniel Dinu, Dmitry Khovratovich, Jean-Philippe Aumasson, and Samuel Neves 6 | * 7 | * You may use this work under the terms of a Creative Commons CC0 1.0 8 | * License/Waiver or the Apache Public License 2.0, at your option. The terms of 9 | * these licenses can be found at: 10 | * 11 | * - CC0 1.0 Universal : https://creativecommons.org/publicdomain/zero/1.0 12 | * - Apache 2.0 : https://www.apache.org/licenses/LICENSE-2.0 13 | * 14 | * You should have received a copy of both of these licenses along with this 15 | * software. If not, they may be obtained at the above URLs. 16 | */ 17 | 18 | #if !defined(ARGON2_NO_THREADS) 19 | 20 | #include "thread.h" 21 | #if defined(_WIN32) 22 | #include 23 | #endif 24 | 25 | int argon2_thread_create(argon2_thread_handle_t *handle, 26 | argon2_thread_func_t func, void *args) { 27 | if (NULL == handle || func == NULL) { 28 | return -1; 29 | } 30 | #if defined(_WIN32) 31 | *handle = _beginthreadex(NULL, 0, func, args, 0, NULL); 32 | return *handle != 0 ? 0 : -1; 33 | #else 34 | return pthread_create(handle, NULL, func, args); 35 | #endif 36 | } 37 | 38 | int argon2_thread_join(argon2_thread_handle_t handle) { 39 | #if defined(_WIN32) 40 | if (WaitForSingleObject((HANDLE)handle, INFINITE) == WAIT_OBJECT_0) { 41 | return CloseHandle((HANDLE)handle) != 0 ? 0 : -1; 42 | } 43 | return -1; 44 | #else 45 | return pthread_join(handle, NULL); 46 | #endif 47 | } 48 | 49 | #endif /* ARGON2_NO_THREADS */ 50 | -------------------------------------------------------------------------------- /lib/crypto_backend/memutils.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: LGPL-2.1-or-later 2 | /* 3 | * Safe memory utilities 4 | * 5 | * Copyright (C) 2024-2025 Milan Broz 6 | */ 7 | 8 | #include "crypto_backend_internal.h" 9 | 10 | #define ATTR_NOINLINE __attribute__ ((noinline)) 11 | #define ATTR_ZERO_REGS 12 | #if defined __has_attribute 13 | # if __has_attribute (zero_call_used_regs) 14 | # undef ATTR_ZERO_REGS 15 | # define ATTR_ZERO_REGS __attribute__ ((zero_call_used_regs("used"))) 16 | # endif 17 | #endif 18 | 19 | /* Workaround for https://github.com/google/sanitizers/issues/1507 */ 20 | #if defined __has_feature 21 | # if __has_feature (memory_sanitizer) 22 | # undef HAVE_EXPLICIT_BZERO 23 | # endif 24 | #endif 25 | 26 | /* Memzero helper (memset on stack can be optimized out) */ 27 | ATTR_NOINLINE ATTR_ZERO_REGS 28 | void crypt_backend_memzero(void *s, size_t n) 29 | { 30 | #if HAVE_EXPLICIT_BZERO 31 | explicit_bzero(s, n); 32 | #else 33 | volatile uint8_t *p = (volatile uint8_t *)s; 34 | while(n--) *p++ = 0; 35 | #endif 36 | } 37 | 38 | /* Memcpy helper to avoid spilling sensitive data through additional registers */ 39 | ATTR_NOINLINE ATTR_ZERO_REGS 40 | void *crypt_backend_memcpy(void *dst, const void *src, size_t n) 41 | { 42 | volatile uint8_t *d = (volatile uint8_t *)dst; 43 | const volatile uint8_t *s = (const volatile uint8_t *)src; 44 | 45 | while(n--) *d++ = *s++; 46 | 47 | return dst; 48 | } 49 | 50 | /* Internal implementation for constant time memory comparison */ 51 | ATTR_NOINLINE ATTR_ZERO_REGS 52 | int crypt_internal_memeq(const void *m1, const void *m2, size_t n) 53 | { 54 | const unsigned char *_m1 = (const unsigned char *) m1; 55 | const unsigned char *_m2 = (const unsigned char *) m2; 56 | unsigned char result = 0; 57 | size_t i; 58 | 59 | for (i = 0; i < n; i++) 60 | result |= _m1[i] ^ _m2[i]; 61 | 62 | return result; 63 | } 64 | -------------------------------------------------------------------------------- /lib/crypto_backend/meson.build: -------------------------------------------------------------------------------- 1 | if use_internal_argon2 2 | subdir('argon2') 3 | endif 4 | 5 | libcrypto_backend_dependencies = [ 6 | crypto_backend_library, 7 | clock_gettime, 8 | ] 9 | libcrypto_backend_link_with = [] 10 | 11 | libcrypto_backend_sources = files( 12 | 'argon2_generic.c', 13 | 'base64.c', 14 | 'memutils.c', 15 | 'cipher_check.c', 16 | 'cipher_generic.c', 17 | 'crc32.c', 18 | 'crypto_cipher_kernel.c', 19 | 'crypto_storage.c', 20 | 'pbkdf_check.c', 21 | 'utf8.c', 22 | ) 23 | 24 | crypto_backend = get_option('crypto-backend') 25 | libcrypto_backend_sources += files('crypto_@0@.c'.format(crypto_backend)) 26 | 27 | if use_internal_pbkdf2 28 | libcrypto_backend_sources += files('pbkdf2_generic.c') 29 | endif 30 | 31 | if use_internal_argon2 and get_option('argon-implementation') == 'internal' 32 | libcrypto_backend_link_with += libargon2 33 | elif get_option('argon-implementation') == 'libargon2' 34 | libcrypto_backend_dependencies += libargon2_external 35 | endif 36 | 37 | libcrypto_backend = static_library('crypto_backend', 38 | libcrypto_backend_sources, 39 | include_directories: includes_lib, 40 | dependencies: libcrypto_backend_dependencies, 41 | link_with: libcrypto_backend_link_with) 42 | -------------------------------------------------------------------------------- /lib/fvault2/fvault2.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: LGPL-2.1-or-later 2 | /* 3 | * FVAULT2 (FileVault2-compatible) volume handling 4 | * 5 | * Copyright (C) 2021-2022 Pavel Tobias 6 | */ 7 | 8 | #ifndef _CRYPTSETUP_FVAULT2_H 9 | #define _CRYPTSETUP_FVAULT2_H 10 | 11 | #include 12 | #include 13 | 14 | #define FVAULT2_WRAPPED_KEY_SIZE 24 15 | #define FVAULT2_PBKDF2_SALT_SIZE 16 16 | #define FVAULT2_UUID_LEN 37 17 | 18 | struct crypt_device; 19 | struct volume_key; 20 | 21 | struct fvault2_params { 22 | const char *cipher; 23 | const char *cipher_mode; 24 | uint16_t key_size; 25 | uint32_t pbkdf2_iters; 26 | char pbkdf2_salt[FVAULT2_PBKDF2_SALT_SIZE]; 27 | char wrapped_kek[FVAULT2_WRAPPED_KEY_SIZE]; 28 | char wrapped_vk[FVAULT2_WRAPPED_KEY_SIZE]; 29 | char family_uuid[FVAULT2_UUID_LEN]; 30 | char ph_vol_uuid[FVAULT2_UUID_LEN]; 31 | uint64_t log_vol_off; 32 | uint64_t log_vol_size; 33 | }; 34 | 35 | int FVAULT2_read_metadata( 36 | struct crypt_device *cd, 37 | struct fvault2_params *params); 38 | 39 | int FVAULT2_get_volume_key( 40 | struct crypt_device *cd, 41 | const char *passphrase, 42 | size_t passphrase_len, 43 | const struct fvault2_params *params, 44 | struct volume_key **r_vol_key); 45 | 46 | int FVAULT2_dump( 47 | struct crypt_device *cd, 48 | struct device *device, 49 | const struct fvault2_params *params); 50 | 51 | int FVAULT2_activate_by_volume_key( 52 | struct crypt_device *cd, 53 | const char *name, 54 | struct volume_key *vk, 55 | const struct fvault2_params *params, 56 | uint32_t flags); 57 | 58 | size_t FVAULT2_volume_key_size(void); 59 | 60 | #endif 61 | -------------------------------------------------------------------------------- /lib/libcryptsetup.pc.in: -------------------------------------------------------------------------------- 1 | prefix=@prefix@ 2 | exec_prefix=@exec_prefix@ 3 | libdir=@libdir@ 4 | includedir=@includedir@ 5 | 6 | Name: cryptsetup 7 | Description: cryptsetup library 8 | Version: @LIBCRYPTSETUP_VERSION@ 9 | Cflags: -I${includedir} 10 | Libs: -L${libdir} -lcryptsetup 11 | Requires.private: @PKGMODULES@ 12 | -------------------------------------------------------------------------------- /lib/loopaes/loopaes.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: LGPL-2.1-or-later 2 | /* 3 | * loop-AES compatible volume handling 4 | * 5 | * Copyright (C) 2011-2025 Red Hat, Inc. All rights reserved. 6 | * Copyright (C) 2011-2025 Milan Broz 7 | */ 8 | 9 | #ifndef _LOOPAES_H 10 | #define _LOOPAES_H 11 | 12 | #include 13 | #include 14 | 15 | struct crypt_device; 16 | struct volume_key; 17 | 18 | #define LOOPAES_KEYS_MAX 65 19 | 20 | int LOOPAES_parse_keyfile(struct crypt_device *cd, 21 | struct volume_key **vk, 22 | const char *hash, 23 | unsigned int *keys_count, 24 | char *buffer, 25 | size_t buffer_len); 26 | 27 | int LOOPAES_activate(struct crypt_device *cd, 28 | const char *name, 29 | const char *base_cipher, 30 | unsigned int keys_count, 31 | struct volume_key *vk, 32 | uint32_t flags); 33 | #endif 34 | -------------------------------------------------------------------------------- /lib/luks1/af.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * AFsplitter - Anti forensic information splitter 4 | * 5 | * Copyright (C) 2004 Clemens Fruhwirth 6 | * Copyright (C) 2009-2025 Red Hat, Inc. All rights reserved. 7 | */ 8 | 9 | #ifndef INCLUDED_CRYPTSETUP_LUKS_AF_H 10 | #define INCLUDED_CRYPTSETUP_LUKS_AF_H 11 | 12 | #include 13 | 14 | struct crypt_device; 15 | struct volume_key; 16 | 17 | /* 18 | * AF_split operates on src and produces information split data in 19 | * dst. src is assumed to be of the length blocksize. The data stripe 20 | * dst points to must be capable of storing blocksize*blocknumbers. 21 | * blocknumbers is the data multiplication factor. 22 | * 23 | * AF_merge does just the opposite: reproduces the information stored in 24 | * src of the length blocksize*blocknumbers into dst of the length 25 | * blocksize. 26 | * 27 | * On error, both functions return -1, 0 otherwise. 28 | */ 29 | 30 | int AF_split(struct crypt_device *ctx, const char *src, char *dst, 31 | size_t blocksize, unsigned int blocknumbers, const char *hash); 32 | int AF_merge(const char *src, char *dst, size_t blocksize, 33 | unsigned int blocknumbers, const char *hash); 34 | size_t AF_split_sectors(size_t blocksize, unsigned int blocknumbers); 35 | 36 | int LUKS_encrypt_to_storage( 37 | char *src, size_t srcLength, 38 | const char *cipher, 39 | const char *cipher_mode, 40 | struct volume_key *vk, 41 | unsigned int sector, 42 | struct crypt_device *ctx); 43 | 44 | int LUKS_decrypt_from_storage( 45 | char *dst, size_t dstLength, 46 | const char *cipher, 47 | const char *cipher_mode, 48 | struct volume_key *vk, 49 | unsigned int sector, 50 | struct crypt_device *ctx); 51 | 52 | #endif 53 | -------------------------------------------------------------------------------- /lib/nls.h: -------------------------------------------------------------------------------- 1 | #ifndef CRYPTSETUP_NLS_H 2 | #define CRYPTSETUP_NLS_H 3 | 4 | #ifndef LOCALEDIR 5 | #define LOCALEDIR "/usr/share/locale" 6 | #endif 7 | 8 | #if HAVE_LOCALE_H 9 | # include 10 | #else 11 | # undef setlocale 12 | # define setlocale(Category, Locale) /* empty */ 13 | #endif 14 | 15 | #if ENABLE_NLS 16 | # include 17 | # define _(Text) gettext (Text) 18 | # ifdef gettext_noop 19 | # define N_(String) gettext_noop (String) 20 | # else 21 | # define N_(String) (String) 22 | # endif 23 | #else 24 | # undef bindtextdomain 25 | # define bindtextdomain(Domain, Directory) /* empty */ 26 | # undef textdomain 27 | # define textdomain(Domain) /* empty */ 28 | # define _(Text) (Text) 29 | # define N_(Text) (Text) 30 | # define ngettext(Singular, Plural, Count) \ 31 | ( (Count) == 1 ? (Singular) : (Plural) ) 32 | #endif 33 | 34 | #endif /* CRYPTSETUP_NLS_H */ 35 | -------------------------------------------------------------------------------- /lib/utils_blkid.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * blkid probe utilities 4 | * 5 | * Copyright (C) 2018-2025 Red Hat, Inc. All rights reserved. 6 | */ 7 | 8 | #ifndef _UTILS_BLKID_H 9 | #define _UTILS_BLKID_H 10 | 11 | #include 12 | 13 | struct blkid_handle; 14 | 15 | typedef enum { PRB_OK = 0, PRB_EMPTY, PRB_AMBIGUOUS, PRB_FAIL } blk_probe_status; 16 | 17 | int blk_init_by_path(struct blkid_handle **h, const char *path); 18 | 19 | void blk_free(struct blkid_handle *h); 20 | 21 | /* 22 | * WARNING: This will reset file description offset as if 23 | * lseek(devfd, 0, SEEK_SET) was called! 24 | */ 25 | int blk_init_by_fd(struct blkid_handle **h, int fd); 26 | 27 | void blk_set_chains_for_wipes(struct blkid_handle *h); 28 | 29 | void blk_set_chains_for_full_print(struct blkid_handle *h); 30 | 31 | void blk_set_chains_for_superblocks(struct blkid_handle *h); 32 | 33 | void blk_set_chains_for_fast_detection(struct blkid_handle *h); 34 | 35 | int blk_superblocks_filter_luks(struct blkid_handle *h); 36 | int blk_superblocks_only_luks(struct blkid_handle *h); 37 | 38 | blk_probe_status blk_safeprobe(struct blkid_handle *h); 39 | 40 | blk_probe_status blk_probe(struct blkid_handle *h); 41 | 42 | int blk_is_partition(struct blkid_handle *h); 43 | 44 | int blk_is_superblock(struct blkid_handle *h); 45 | 46 | const char *blk_get_partition_type(struct blkid_handle *h); 47 | 48 | const char *blk_get_superblock_type(struct blkid_handle *h); 49 | 50 | int blk_do_wipe(struct blkid_handle *h); 51 | 52 | int blk_supported(void); 53 | 54 | unsigned blk_get_block_size(struct blkid_handle *h); 55 | 56 | #endif 57 | -------------------------------------------------------------------------------- /lib/utils_crypt.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * utils_crypt - cipher utilities for cryptsetup 4 | * 5 | * Copyright (C) 2004-2007 Clemens Fruhwirth 6 | * Copyright (C) 2009-2025 Red Hat, Inc. All rights reserved. 7 | * Copyright (C) 2009-2025 Milan Broz 8 | */ 9 | 10 | #ifndef _UTILS_CRYPT_H 11 | #define _UTILS_CRYPT_H 12 | 13 | #include 14 | 15 | struct crypt_device; 16 | 17 | #define MAX_CIPHER_LEN 32 18 | #define MAX_CIPHER_LEN_STR "31" 19 | #define MAX_KEYFILES 32 20 | #define MAX_KEYRING_LINKS 2 21 | #define MAX_VK_IN_KEYRING 2 22 | #define MAX_CAPI_ONE_LEN 2 * MAX_CIPHER_LEN 23 | #define MAX_CAPI_ONE_LEN_STR "63" /* for sscanf length + '\0' */ 24 | #define MAX_CAPI_LEN 144 /* should be enough to fit whole capi string */ 25 | #define MAX_INTEGRITY_LEN 64 26 | 27 | int crypt_parse_name_and_mode(const char *s, char *cipher, 28 | int *key_nums, char *cipher_mode); 29 | int crypt_parse_hash_integrity_mode(const char *s, char *integrity); 30 | int crypt_parse_integrity_mode(const char *s, char *integrity, 31 | int *integrity_key_size, int required_key_size); 32 | int crypt_parse_pbkdf(const char *s, const char **pbkdf); 33 | 34 | ssize_t crypt_hex_to_bytes(const char *hex, char **result, int safe_alloc); 35 | char *crypt_bytes_to_hex(size_t size, const char *bytes); 36 | void crypt_log_hex(struct crypt_device *cd, 37 | const char *bytes, size_t size, 38 | const char *sep, int numwrap, const char *wrapsep); 39 | 40 | bool crypt_is_cipher_null(const char *cipher_spec); 41 | 42 | int crypt_capi_to_cipher(char **org_c, char **org_i, const char *c_dm, const char *i_dm); 43 | 44 | #endif /* _UTILS_CRYPT_H */ 45 | -------------------------------------------------------------------------------- /lib/utils_device_locking.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * Metadata on-disk locking for processes serialization 4 | * 5 | * Copyright (C) 2016-2025 Red Hat, Inc. All rights reserved. 6 | * Copyright (C) 2016-2025 Ondrej Kozina 7 | */ 8 | 9 | #ifndef _CRYPTSETUP_UTILS_LOCKING_H 10 | #define _CRYPTSETUP_UTILS_LOCKING_H 11 | 12 | #include 13 | 14 | struct crypt_device; 15 | struct crypt_lock_handle; 16 | struct device; 17 | 18 | int device_locked_readonly(struct crypt_lock_handle *h); 19 | int device_locked(struct crypt_lock_handle *h); 20 | 21 | int device_read_lock_internal(struct crypt_device *cd, struct device *device); 22 | int device_write_lock_internal(struct crypt_device *cd, struct device *device); 23 | void device_unlock_internal(struct crypt_device *cd, struct device *device); 24 | 25 | int device_locked_verify(struct crypt_device *cd, int fd, struct crypt_lock_handle *h); 26 | 27 | int crypt_write_lock(struct crypt_device *cd, const char *name, bool blocking, struct crypt_lock_handle **lock); 28 | void crypt_unlock_internal(struct crypt_device *cd, struct crypt_lock_handle *h); 29 | 30 | 31 | /* Used only in device internal allocation */ 32 | void device_set_lock_handle(struct device *device, struct crypt_lock_handle *h); 33 | struct crypt_lock_handle *device_get_lock_handle(struct device *device); 34 | 35 | #endif 36 | -------------------------------------------------------------------------------- /lib/utils_io.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * utils - miscellaneous I/O utilities for cryptsetup 4 | * 5 | * Copyright (C) 2004 Jana Saout 6 | * Copyright (C) 2004-2007 Clemens Fruhwirth 7 | * Copyright (C) 2009-2025 Red Hat, Inc. All rights reserved. 8 | * Copyright (C) 2009-2025 Milan Broz 9 | */ 10 | 11 | #ifndef _CRYPTSETUP_UTILS_IO_H 12 | #define _CRYPTSETUP_UTILS_IO_H 13 | 14 | #include 15 | #include 16 | 17 | ssize_t read_buffer(int fd, void *buf, size_t length); 18 | ssize_t read_buffer_intr(int fd, void *buf, size_t length, volatile int *quit); 19 | ssize_t write_buffer(int fd, const void *buf, size_t length); 20 | ssize_t write_buffer_intr(int fd, const void *buf, size_t length, volatile int *quit); 21 | ssize_t write_blockwise(int fd, size_t bsize, size_t alignment, 22 | void *orig_buf, size_t length); 23 | ssize_t read_blockwise(int fd, size_t bsize, size_t alignment, 24 | void *orig_buf, size_t length); 25 | ssize_t write_lseek_blockwise(int fd, size_t bsize, size_t alignment, 26 | void *buf, size_t length, off_t offset); 27 | ssize_t read_lseek_blockwise(int fd, size_t bsize, size_t alignment, 28 | void *buf, size_t length, off_t offset); 29 | 30 | #endif 31 | -------------------------------------------------------------------------------- /lib/utils_keyring.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * kernel keyring syscall wrappers 4 | * 5 | * Copyright (C) 2016-2025 Red Hat, Inc. All rights reserved. 6 | * Copyright (C) 2016-2025 Ondrej Kozina 7 | */ 8 | 9 | #ifndef _UTILS_KEYRING 10 | #define _UTILS_KEYRING 11 | 12 | #include 13 | #include 14 | 15 | #ifndef HAVE_KEY_SERIAL_T 16 | #define HAVE_KEY_SERIAL_T 17 | typedef int32_t key_serial_t; 18 | #endif 19 | 20 | typedef enum { LOGON_KEY = 0, USER_KEY, BIG_KEY, TRUSTED_KEY, ENCRYPTED_KEY, INVALID_KEY } key_type_t; 21 | 22 | const char *key_type_name(key_type_t ktype); 23 | key_type_t key_type_by_name(const char *name); 24 | key_type_t keyring_type_and_name(const char *key_name, const char **name); 25 | key_serial_t keyring_find_key_id_by_name(const char *key_name); 26 | key_serial_t keyring_find_keyring_id_by_name(const char *keyring_name); 27 | 28 | int keyring_check(void); 29 | 30 | key_serial_t keyring_request_key_id(key_type_t key_type, 31 | const char *key_description); 32 | 33 | int keyring_read_keysize(key_serial_t kid, 34 | size_t *r_key_size); 35 | 36 | int keyring_read_key(key_serial_t kid, 37 | char **key, 38 | size_t *key_size); 39 | 40 | key_serial_t keyring_add_key_in_thread_keyring( 41 | key_type_t ktype, 42 | const char *key_desc, 43 | const void *key, 44 | size_t key_size); 45 | 46 | key_serial_t keyring_add_key_to_keyring(key_type_t ktype, const char *key_desc, const void *key, 47 | size_t key_size, key_serial_t keyring_to_link); 48 | int keyring_unlink_key_from_keyring(key_serial_t kid, key_serial_t keyring_id); 49 | int keyring_unlink_key_from_thread_keyring(key_serial_t kid); 50 | 51 | #endif 52 | -------------------------------------------------------------------------------- /lib/utils_loop.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * loopback block device utilities 4 | * 5 | * Copyright (C) 2009-2025 Red Hat, Inc. All rights reserved. 6 | * Copyright (C) 2009-2025 Milan Broz 7 | */ 8 | 9 | #ifndef _UTILS_LOOP_H 10 | #define _UTILS_LOOP_H 11 | 12 | /* loopback device helpers */ 13 | 14 | char *crypt_loop_backing_file(const char *loop); 15 | int crypt_loop_device(const char *loop); 16 | int crypt_loop_attach(char **loop, const char *file, int offset, 17 | int autoclear, int *readonly, size_t blocksize); 18 | int crypt_loop_detach(const char *loop); 19 | int crypt_loop_resize(const char *loop); 20 | 21 | #endif /* _UTILS_LOOP_H */ 22 | -------------------------------------------------------------------------------- /lib/verity/rs.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: LGPL-2.1-or-later 2 | /* 3 | * Reed-Solomon codecs, based on libfec 4 | * 5 | * Copyright (C) 2004 Phil Karn, KA9Q 6 | * libcryptsetup modifications 7 | * Copyright (C) 2017-2025 Red Hat, Inc. All rights reserved. 8 | */ 9 | 10 | #ifndef _LIBFEC_RS_H 11 | #define _LIBFEC_RS_H 12 | 13 | /* Special reserved value encoding zero in index form. */ 14 | #define A0 (rs->nn) 15 | 16 | #define RS_MIN(a, b) ((a) < (b) ? (a) : (b)) 17 | 18 | typedef unsigned char data_t; 19 | 20 | /* Reed-Solomon codec control block */ 21 | struct rs { 22 | int mm; /* Bits per symbol */ 23 | int nn; /* Symbols per block (= (1<= rs->nn) { 37 | x -= rs->nn; 38 | x = (x >> rs->mm) + (x & rs->nn); 39 | } 40 | return x; 41 | } 42 | 43 | struct rs *init_rs_char(int symsize, int gfpoly, int fcr, int prim, int nroots, int pad); 44 | void free_rs_char(struct rs *rs); 45 | 46 | /* General purpose RS codec, 8-bit symbols */ 47 | void encode_rs_char(struct rs *rs, data_t *data, data_t *parity); 48 | int decode_rs_char(struct rs *rs, data_t *data); 49 | 50 | #endif 51 | -------------------------------------------------------------------------------- /man/common_footer.adoc: -------------------------------------------------------------------------------- 1 | 2 | == REPORTING BUGS 3 | 4 | Report bugs at mailto:cryptsetup@lists.linux.dev[*cryptsetup mailing list*] 5 | or in https://gitlab.com/cryptsetup/cryptsetup/-/issues/new[*Issues project section*]. 6 | 7 | Please attach output of the failed command with --debug option added. 8 | 9 | == SEE ALSO 10 | 11 | https://gitlab.com/cryptsetup/cryptsetup/wikis/FrequentlyAskedQuestions[*Cryptsetup FAQ*] 12 | 13 | *cryptsetup*(8), *integritysetup*(8) and *veritysetup*(8) 14 | 15 | == CRYPTSETUP 16 | 17 | Part of https://gitlab.com/cryptsetup/cryptsetup/[*cryptsetup project*]. 18 | -------------------------------------------------------------------------------- /man/cryptsetup-benchmark.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-benchmark(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_BENCHMARK: 8 | 9 | == Name 10 | 11 | cryptsetup-benchmark - benchmarks ciphers and KDF 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _benchmark_ []* 16 | 17 | == DESCRIPTION 18 | 19 | Benchmarks ciphers and KDF (key derivation function). Without 20 | parameters, it tries to measure few common configurations. 21 | 22 | To benchmark other ciphers or modes, you need to specify *--cipher* and 23 | *--key-size* options. 24 | 25 | To benchmark PBKDF you need to specify *--pbkdf* or *--hash* with optional 26 | cost parameters *--iter-time*, *--pbkdf-memory* or *--pbkdf-parallel*. 27 | 28 | *NOTE:* This benchmark uses memory only and is only informative. You 29 | cannot directly predict real storage encryption speed from it. 30 | 31 | For testing block ciphers, this benchmark requires kernel userspace 32 | crypto API to be available (introduced in Linux kernel 2.6.38). If you 33 | are configuring kernel yourself, enable "User-space interface for 34 | symmetric key cipher algorithms" in "Cryptographic API" section 35 | (CRYPTO_USER_API_SKCIPHER .config option). 36 | 37 | ** can be [--cipher, --key-size, --hash, --pbkdf, --iter-time, 38 | --pbkdf-memory, --pbkdf-parallel]. 39 | 40 | include::man/common_options.adoc[] 41 | include::man/common_footer.adoc[] 42 | -------------------------------------------------------------------------------- /man/cryptsetup-bitlkDump.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-bitlkDump(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_BITLKDUMP: 8 | 9 | == Name 10 | 11 | cryptsetup-bitlkDump - dump the header information of a BITLK (BitLocker compatible) device 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _bitlkDump_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Dump the header information of a BITLK (BitLocker compatible) device. 20 | 21 | If the --dump-volume-key option is used, the BITLK device volume key 22 | is dumped instead of header information. You have to provide password 23 | or keyfile to dump volume key. 24 | 25 | Beware that the volume key can be used to decrypt the data stored in 26 | the container without a passphrase. 27 | This means that if the volume key is compromised, the whole device has 28 | to be erased to prevent further access. Use this option carefully. 29 | 30 | ** can be [--dump-volume-key, --volume-key-file, --key-file, 31 | --keyfile-offset, --keyfile-size, --timeout]. 32 | 33 | include::man/common_options.adoc[] 34 | include::man/common_footer.adoc[] 35 | -------------------------------------------------------------------------------- /man/cryptsetup-close.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-close(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_CLOSE: 8 | 9 | == Name 10 | 11 | cryptsetup-close - removes the existing mapping (and the associated key) 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _close_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Removes the existing mapping and wipes the key from kernel 20 | memory. 21 | 22 | For backward compatibility, there are *close* command aliases: *remove*, 23 | *plainClose*, *luksClose*, *loopaesClose*, *tcryptClose*, *bitlkClose* 24 | (all behave exactly the same, device type is determined automatically 25 | from the active device). 26 | 27 | ** can be [--deferred, --cancel-deferred, --header, --disable-locks]. 28 | 29 | include::man/common_options.adoc[] 30 | include::man/common_footer.adoc[] 31 | -------------------------------------------------------------------------------- /man/cryptsetup-config.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-config(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_CONFIG: 8 | 9 | == Name 10 | 11 | cryptsetup-config - set permanent configuration options (store to LUKS header) 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _config_ * 16 | 17 | == DESCRIPTION 18 | 19 | Set permanent configuration options (store to LUKS header). The _config_ 20 | command is supported only for LUKS2. 21 | 22 | The permanent options can be _--priority_ to set priority (normal, 23 | prefer, ignore) for keyslot (specified by _--key-slot_) or _--label_ and 24 | _--subsystem_. 25 | 26 | ** can be [--priority, --label, --subsystem, --key-slot, 27 | --header, --disable-locks]. 28 | 29 | include::man/common_options.adoc[] 30 | include::man/common_footer.adoc[] 31 | -------------------------------------------------------------------------------- /man/cryptsetup-convert.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-convert(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_CONVERT: 8 | 9 | == Name 10 | 11 | cryptsetup-convert - converts the device between LUKS1 and LUKS2 format 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _convert_ --type [] * 16 | 17 | == DESCRIPTION 18 | 19 | Converts the device between LUKS1 and LUKS2 format (if possible). The 20 | conversion will not be performed if there is an additional LUKS2 feature 21 | or LUKS1 has unsupported header size. 22 | 23 | For conversion from LUKS2 to LUKS1, all active keyslots must use the PBKDF2 24 | key-derivation function. The PBKDF2 and anti-forensic filter (AF) hash must 25 | be the same as the hash used in the digest. 26 | All keyslot numbers must be lower than 8 (LUKS1 maximum slot number). 27 | There must be at least one active keyslot and no unbound or reencryption keyslots. 28 | 29 | Conversion (both directions) must be performed on inactive device. There 30 | must not be active dm-crypt mapping established for LUKS header 31 | requested for conversion. 32 | 33 | The *--type* option is mandatory with the following accepted values: _luks1_ or 34 | _luks2_. 35 | 36 | *WARNING:* The _convert_ action can destroy the LUKS header in the case 37 | of a crash during conversion or if a media error occurs. Always create a 38 | header backup before performing this operation! 39 | 40 | ** can be [--header, --type, --disable-locks]. 41 | 42 | include::man/common_options.adoc[] 43 | include::man/common_footer.adoc[] 44 | -------------------------------------------------------------------------------- /man/cryptsetup-erase.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-erase(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_ERASE: 8 | 9 | == Name 10 | 11 | cryptsetup-erase, cryptsetup-luksErase - erase all keyslots 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _erase_ [] * + 16 | *cryptsetup _luksErase_ [] * 17 | 18 | == DESCRIPTION 19 | 20 | Erase all keyslots and make the LUKS container permanently inaccessible. 21 | Unless the device is configured with HW OPAL support you do not need to 22 | provide any password for this operation. 23 | 24 | *WARNING:* This operation is irreversible. 25 | 26 | *WARNING:* with *--hw-opal-factory-reset* ALL data is lost on the device, 27 | regardless of the partition it is ran on, if any, and regardless of any LUKS2 28 | header backup, and does not require a valid LUKS2 header to be present on the 29 | device to run. 30 | 31 | ** can be [--header, --disable-locks, --hw-opal-factory-reset, --key-file]. 32 | 33 | include::man/common_options.adoc[] 34 | include::man/common_footer.adoc[] 35 | -------------------------------------------------------------------------------- /man/cryptsetup-fvault2Dump.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-fvault2Dump(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_BITLKDUMP: 8 | 9 | == Name 10 | 11 | cryptsetup-fvault2Dump - dump the header information of a FVAULT2 (FileVault2 compatible) device 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _fvault2Dump_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Dump the header information of a FVAULT2 (FileVault2 compatible) device. 20 | 21 | If the --dump-volume-key option is used, the FVAULT2 device volume key 22 | is dumped instead of header information. You have to provide password 23 | or keyfile to dump volume key. 24 | 25 | Beware that the volume key can be used to decrypt the data stored in 26 | the container without a passphrase. 27 | This means that if the volume key is compromised, the whole device has 28 | to be erased to prevent further access. Use this option carefully. 29 | 30 | ** can be [--dump-volume-key, --volume-key-file, --key-file, 31 | --keyfile-offset, --keyfile-size, --timeout]. 32 | 33 | include::man/common_options.adoc[] 34 | include::man/common_footer.adoc[] 35 | -------------------------------------------------------------------------------- /man/cryptsetup-isLuks.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-isLuks(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_ISLUKS: 8 | 9 | == Name 10 | 11 | cryptsetup-isLuks - check if a device is a LUKS device 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _isLuks_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Returns true, if is a LUKS device, false otherwise. 20 | 21 | Use option -v to get human-readable feedback. 22 | 'Command successful.' means the device is a LUKS device. 23 | 24 | By specifying --type you may query for specific LUKS version. 25 | 26 | ** can be [--header, --type, --disable-locks]. 27 | 28 | include::man/common_options.adoc[] 29 | include::man/common_footer.adoc[] 30 | -------------------------------------------------------------------------------- /man/cryptsetup-luksConvertKey.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-luksConvertKey(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_LUKSCONVERTKEY: 8 | 9 | == Name 10 | 11 | cryptsetup-luksConvertKey - converts an existing LUKS2 keyslot to new PBKDF parameters 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _luksConvertKey_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Converts an existing LUKS2 keyslot to new PBKDF parameters. The 20 | passphrase for keyslot to be converted must be supplied interactively or 21 | via --key-file. If no --pbkdf parameters are specified LUKS2 default 22 | PBKDF values will apply. 23 | 24 | If a keyslot is specified (via --key-slot), the passphrase for that 25 | keyslot must be given. If no keyslot is specified and there is still a 26 | free keyslot, then the new parameters will be put into a free keyslot 27 | before the keyslot containing the old parameters is purged. If there is 28 | no free keyslot, then the keyslot with the old parameters is overwritten 29 | directly. 30 | 31 | *WARNING:* If a keyslot is overwritten, a media failure during this 32 | operation can cause the overwrite to fail after the old parameters have 33 | been wiped and make the LUKS container inaccessible. 34 | 35 | ** can be [--key-file, --keyfile-offset, --keyfile-size, 36 | --key-slot, --hash, --header, --disable-locks, --iter-time, --pbkdf, 37 | --pbkdf-force-iterations, --pbkdf-memory, --pbkdf-parallel, 38 | --keyslot-cipher, --keyslot-key-size, --timeout, --verify-passphrase]. 39 | 40 | include::man/common_options.adoc[] 41 | include::man/common_footer.adoc[] 42 | -------------------------------------------------------------------------------- /man/cryptsetup-luksHeaderBackup.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-luksHeaderBackup(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_LUKSHEADERBACKUP: 8 | 9 | == Name 10 | 11 | cryptsetup-luksHeaderBackup - store a binary backup of the LUKS header and keyslot area 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _luksHeaderBackup_ --header-backup-file [] * 16 | 17 | == DESCRIPTION 18 | 19 | Stores a binary backup of the LUKS header and keyslot area. + 20 | *NOTE:* Using '-' as filename writes the header backup to a file named 21 | '-'. 22 | 23 | ** can be [--header, --header-backup-file, --disable-locks]. 24 | 25 | *WARNING:* This backup file and a passphrase valid at the time of backup 26 | allows decryption of the LUKS data area, even if the passphrase was 27 | later changed or removed from the LUKS device. Also note that with a 28 | header backup you lose the ability to securely wipe the LUKS device by 29 | just overwriting the header and key-slots. You either need to securely 30 | erase all header backups in addition or overwrite the encrypted data 31 | area as well. The second option is less secure, as some sectors can 32 | survive, e.g., due to defect management. 33 | 34 | include::man/common_options.adoc[] 35 | include::man/common_footer.adoc[] 36 | -------------------------------------------------------------------------------- /man/cryptsetup-luksHeaderRestore.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-luksHeaderRestore(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_LUKSHEADERRESTORE: 8 | 9 | == Name 10 | 11 | cryptsetup-luksHeaderRestore - restore a binary backup of the LUKS header and keyslot area 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _luksHeaderRestore_ --header-backup-file [] * 16 | 17 | == DESCRIPTION 18 | 19 | Restores a binary backup of the LUKS header and keyslot area from the 20 | specified file. + 21 | *NOTE:* Using '-' as filename reads the header backup from a file named '-'. 22 | 23 | ** can be [--header, --header-backup-file, --disable-locks]. 24 | 25 | *WARNING:* Header and keyslots will be replaced, only the passphrases 26 | from the backup will work afterward. 27 | 28 | This command requires that the volume key size and data offset of the 29 | LUKS header already on the device and of the header backup match. 30 | Alternatively, if there is no LUKS header on the device, the backup will 31 | also be written to it. 32 | 33 | include::man/common_options.adoc[] 34 | include::man/common_footer.adoc[] 35 | -------------------------------------------------------------------------------- /man/cryptsetup-luksKillSlot.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-luksKillSlot(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_LUKSKILLSLOT: 8 | 9 | == Name 10 | 11 | cryptsetup-luksKillSlot - wipe a key-slot from the LUKS device 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _luksKillSlot_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Wipe the key-slot number from the LUKS device. Except running 20 | in batch-mode (-q) a remaining passphrase must be supplied, either 21 | interactively or via --key-file. This command can remove the last 22 | remaining key-slot, but requires an interactive confirmation when doing 23 | so. Removing the last passphrase makes a LUKS container permanently 24 | inaccessible. 25 | 26 | ** can be [--key-file, --keyfile-offset, --keyfile-size, 27 | --header, --disable-locks, --type, --verify-passphrase, --timeout]. 28 | 29 | *WARNING:* If you read the passphrase from stdin (without further 30 | argument or with '-' as an argument to --key-file), batch-mode (-q) will 31 | be implicitly switched on and no warning will be given when you remove 32 | the last remaining passphrase from a LUKS container. Removing the last 33 | passphrase makes the LUKS container permanently inaccessible. 34 | 35 | *NOTE:* If there is no passphrase provided (on stdin or through 36 | --key-file argument) and batch-mode (-q) is active, the key-slot is 37 | removed without any other warning. 38 | 39 | include::man/common_options.adoc[] 40 | include::man/common_footer.adoc[] 41 | -------------------------------------------------------------------------------- /man/cryptsetup-luksRemoveKey.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-luksRemoveKey(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_LUKSREMOVEKEY: 8 | 9 | == Name 10 | 11 | cryptsetup-luksRemoveKey - remove the supplied passphrase from the LUKS device 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _luksRemoveKey_ [] []* 16 | 17 | == DESCRIPTION 18 | 19 | Removes the supplied passphrase from the LUKS device. The passphrase to 20 | be removed can be specified interactively, as the positional argument or 21 | via --key-file. 22 | 23 | ** can be [--key-file, --keyfile-offset, --keyfile-size, 24 | --header, --disable-locks, --type, --timeout, --verify-passphrase]. 25 | 26 | *WARNING:* If you read the passphrase from stdin (without further 27 | argument or with '-' as an argument to --key-file), batch-mode (-q) will 28 | be implicitly switched on and no warning will be given when you remove 29 | the last remaining passphrase from a LUKS container. Removing the last 30 | passphrase makes the LUKS container permanently inaccessible. 31 | 32 | include::man/common_options.adoc[] 33 | include::man/common_footer.adoc[] 34 | -------------------------------------------------------------------------------- /man/cryptsetup-luksResume.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-luksResume(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_LUKSRESUME: 8 | 9 | == Name 10 | 11 | cryptsetup-luksResume - resume a suspended device and reinstate the key 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _luksResume_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Resumes a suspended device and reinstates the encryption key. Prompts 20 | interactively for a passphrase if no token is usable (LUKS2 only) or 21 | --key-file is not given. 22 | 23 | ** can be [--key-file, --keyfile-size, --keyfile-offset, 24 | --key-slot, --header, --disable-keyring, --disable-locks, --token-id, 25 | --token-only, --token-type, --disable-external-tokens, --type, --tries, 26 | --timeout, --verify-passphrase, --volume-key-keyring, --link-vk-to-keyring, 27 | --external-tokens-path]. 28 | 29 | include::man/common_options.adoc[] 30 | include::man/common_footer.adoc[] 31 | -------------------------------------------------------------------------------- /man/cryptsetup-luksSuspend.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-luksSuspend(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_LUKSSUSPEND: 8 | 9 | == Name 10 | 11 | cryptsetup-luksSuspend - suspends an active device and wipes the key 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _luksSuspend_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Suspends an active device (all IO operations will block and accesses to 20 | the device will wait indefinitely) and wipes the encryption key from 21 | kernel memory. Needs kernel 2.6.19 or later. 22 | 23 | While the _luksSuspend_ operation wipes encryption keys from memory, 24 | it does not remove possible plaintext data in various caches or in-kernel 25 | metadata for mounted filesystems. 26 | 27 | After this operation, you have to use _luksResume_ to reinstate the 28 | encryption key and unblock the device or _close_ to remove the mapped 29 | device. 30 | 31 | ** can be [--header, --disable-locks]. 32 | 33 | *WARNING:* Never suspend the device on which the cryptsetup binary 34 | resides. 35 | 36 | include::man/common_options.adoc[] 37 | include::man/common_footer.adoc[] 38 | -------------------------------------------------------------------------------- /man/cryptsetup-luksUUID.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-luksUUID(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_LUKSUUID: 8 | 9 | == Name 10 | 11 | cryptsetup-luksUUID - print or set the UUID of a LUKS device 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _luksUUID_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Print the UUID of a LUKS device. + 20 | Set new UUID if _--uuid_ option is specified. 21 | 22 | ** can be [--header, --uuid, --type, --disable-locks]. 23 | 24 | include::man/common_options.adoc[] 25 | include::man/common_footer.adoc[] 26 | -------------------------------------------------------------------------------- /man/cryptsetup-resize.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-resize(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_RESIZE: 8 | 9 | == Name 10 | 11 | cryptsetup-resize - resize an active mapping 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _resize_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Resizes an active mapping . 20 | 21 | If --size (in 512-bytes sectors) or --device-size are not specified, the 22 | size is computed from the underlying device. For LUKS it is the size of 23 | the underlying device without the area reserved for LUKS header (see 24 | data payload offset in *luksDump* command). For plain crypt device, the 25 | whole device size is used. 26 | 27 | Note that this does not change the raw device geometry, it just changes 28 | how many sectors of the raw device are represented in the mapped device. 29 | 30 | If cryptsetup detected volume key for active device loaded in kernel 31 | keyring service, resize action would first try to retrieve the key using 32 | a token. Only if it failed, it'd ask for a passphrase to unlock a 33 | keyslot (LUKS) or to derive a volume key again (plain mode). The kernel 34 | keyring is used by default for LUKS2 devices. 35 | 36 | ** can be [--size, --device-size, --token-id, --token-only, 37 | --token-type, --key-slot, --key-file, --keyfile-size, --keyfile-offset, 38 | --timeout, --disable-external-tokens, --disable-locks, --disable-keyring, 39 | --volume-key-keyring, --verify-passphrase, --timeout, --external-tokens-path]. 40 | 41 | include::man/common_options.adoc[] 42 | include::man/common_footer.adoc[] 43 | -------------------------------------------------------------------------------- /man/cryptsetup-status.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-status(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_STATUS: 8 | 9 | == Name 10 | 11 | cryptsetup-status - report the status for a mapping 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _status_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Reports the status for the mapping . 20 | 21 | ** can be [--header, --disable-locks]. 22 | 23 | include::man/common_options.adoc[] 24 | include::man/common_footer.adoc[] 25 | -------------------------------------------------------------------------------- /man/cryptsetup-tcryptDump.8.adoc: -------------------------------------------------------------------------------- 1 | = cryptsetup-tcryptDump(8) 2 | :doctype: manpage 3 | :manmanual: Maintenance Commands 4 | :mansource: cryptsetup {release-version} 5 | :man-linkstyle: pass:[blue R < >] 6 | :COMMON_OPTIONS: 7 | :ACTION_TCRYPTDUMP: 8 | 9 | == Name 10 | 11 | cryptsetup-tcryptDump - dump the header information of a TCRYPT (TrueCrypt or VeraCrypt compatible) device 12 | 13 | == SYNOPSIS 14 | 15 | *cryptsetup _tcryptDump_ [] * 16 | 17 | == DESCRIPTION 18 | 19 | Dump the header information of a TCRYPT (TrueCrypt or VeraCrypt compatible) device. 20 | 21 | If the --dump-volume-key option is used, the TCRYPT device volume key is 22 | dumped instead of TCRYPT header info. Beware that the volume key (or 23 | concatenated volume keys if cipher chain is used) can be used to decrypt 24 | the data stored in the TCRYPT container without a passphrase. This means 25 | that if the volume key is compromised, the whole device has to be erased 26 | to prevent further access. Use this option carefully. 27 | 28 | ** can be [--dump-volume-key, --key-file, --tcrypt-hidden, 29 | --tcrypt-system, --tcrypt-backup, --veracrypt (ignored), --disable-veracrypt, 30 | --veracrypt-pim, --veracrypt-query-pim, --cipher, --hash, --header, 31 | --verify-passphrase, --timeout]. 32 | 33 | The keyfile parameter allows a combination of file content with the 34 | passphrase and can be repeated. 35 | 36 | include::man/common_options.adoc[] 37 | include::man/common_footer.adoc[] 38 | -------------------------------------------------------------------------------- /man/meson_dist_convert.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # generates manpages from AsciiDoc files when building dist tarball 4 | # run asciidoctor in parallel on `nproc` cores 5 | 6 | set -e 7 | 8 | [ -z "$MESON_DIST_ROOT" ] && echo "This script is meant to be run only from meson while generating dist tarball." && exit 1 9 | 10 | if [ $# -lt 3 ]; then 11 | echo "Usage: $0 " 12 | exit 1 13 | fi 14 | 15 | ASCIIDOCTOR="$1" 16 | RELEASE_VERSION="$2" 17 | shift 2 18 | 19 | cd $MESON_DIST_ROOT/man 20 | i=1 21 | N=$(nproc) 22 | for adocfile in "$@" 23 | do 24 | $ASCIIDOCTOR -b manpage --failure-level ERROR -a release-version=$RELEASE_VERSION --base-dir=$MESON_DIST_ROOT $adocfile & 25 | if [ $(( $i % $N )) -eq 0 ]; then wait; fi 26 | i=$((i+1)) 27 | done 28 | -------------------------------------------------------------------------------- /misc/11-dm-crypt.rules: -------------------------------------------------------------------------------- 1 | # Old udev rules historically used in device-mapper. 2 | # No need to install these until you have some weird configuration. 3 | # (Code internally set the same flags.) 4 | 5 | ACTION!="add|change", GOTO="crypt_end" 6 | ENV{DM_UDEV_RULES_VSN}!="?*", GOTO="crypt_end" 7 | 8 | ENV{DM_UUID}=="CRYPT-TEMP-?*", GOTO="crypt_disable" 9 | ENV{DM_UUID}!="?*", ENV{DM_NAME}=="temporary-cryptsetup-?*", GOTO="crypt_disable" 10 | GOTO="crypt_end" 11 | 12 | LABEL="crypt_disable" 13 | ENV{DM_UDEV_DISABLE_SUBSYSTEM_RULES_FLAG}="1" 14 | ENV{DM_UDEV_DISABLE_DISK_RULES_FLAG}="1" 15 | ENV{DM_UDEV_DISABLE_OTHER_RULES_FLAG}="1" 16 | 17 | LABEL="crypt_end" 18 | -------------------------------------------------------------------------------- /misc/dict_search/Makefile: -------------------------------------------------------------------------------- 1 | TARGET=crypt_dict 2 | CFLAGS=-O2 -g -Wall -D_GNU_SOURCE 3 | LDLIBS=-lcryptsetup 4 | CC=gcc 5 | 6 | SOURCES=$(wildcard *.c) 7 | OBJECTS=$(SOURCES:.c=.o) 8 | 9 | all: $(TARGET) 10 | 11 | $(TARGET): $(OBJECTS) 12 | $(CC) -o $@ $^ $(LDLIBS) 13 | 14 | clean: 15 | rm -f *.o *~ core $(TARGET) 16 | 17 | .PHONY: clean 18 | -------------------------------------------------------------------------------- /misc/dict_search/README: -------------------------------------------------------------------------------- 1 | Simple example how to use libcryptsetup 2 | for password search. 3 | 4 | Run: crypt_dict luks|tcrypt [cpus] 5 | 6 | luks|tcrypt specified device type (LUKS or TrueCrypt) 7 | 8 | is LUKS or TrueCrypt device or image 9 | 10 | is list of passphrases to try 11 | (note trailing EOL is stripped) 12 | 13 | cpus - number of processes to start in parallel 14 | 15 | Format of dictionary file is simple one password per line, 16 | if first char on line is # it is skipped as comment. 17 | 18 | For LUKS, you have it run as root (device-mapper cannot 19 | create dmcrypt devices as nrmal user. Code need 20 | to map keyslots as temporary dmcrypt device.) 21 | 22 | For TrueCrypt devices root privilege is not required. 23 | -------------------------------------------------------------------------------- /misc/keyslot_checker/Makefile: -------------------------------------------------------------------------------- 1 | TARGETS=chk_luks_keyslots 2 | CFLAGS=-O0 -g -Wall -D_GNU_SOURCE 3 | LDLIBS=-lcryptsetup -lm 4 | CC=gcc 5 | 6 | all: $(TARGETS) 7 | 8 | chk_luks_keyslots: chk_luks_keyslots.o 9 | $(CC) -o $@ $^ $(LDLIBS) 10 | 11 | clean: 12 | rm -f *.o *~ core $(TARGETS) 13 | 14 | .PHONY: clean 15 | -------------------------------------------------------------------------------- /po/LINGUAS: -------------------------------------------------------------------------------- 1 | cs 2 | da 3 | de 4 | es 5 | fi 6 | fr 7 | id 8 | it 9 | ja 10 | ka 11 | nl 12 | pl 13 | pt_BR 14 | ro 15 | ru 16 | sr 17 | sv 18 | uk 19 | vi 20 | zh_CN 21 | -------------------------------------------------------------------------------- /po/POTFILES.in: -------------------------------------------------------------------------------- 1 | lib/libdevmapper.c 2 | lib/random.c 3 | lib/setup.c 4 | lib/utils.c 5 | lib/volumekey.c 6 | lib/crypt_plain.c 7 | lib/utils_crypt.c 8 | lib/utils_loop.c 9 | lib/utils_device.c 10 | lib/utils_devpath.c 11 | lib/utils_pbkdf.c 12 | lib/utils_benchmark.c 13 | lib/utils_device_locking.c 14 | lib/utils_wipe.c 15 | lib/utils_keyring.c 16 | lib/utils_blkid.c 17 | lib/utils_io.c 18 | lib/utils_storage_wrappers.c 19 | lib/luks1/af.c 20 | lib/luks1/keyencryption.c 21 | lib/luks1/keymanage.c 22 | lib/loopaes/loopaes.c 23 | lib/tcrypt/tcrypt.c 24 | lib/bitlk/bitlk.c 25 | lib/fvault2/fvault2.c 26 | lib/verity/verity.c 27 | lib/verity/verity_hash.c 28 | lib/verity/verity_fec.c 29 | lib/integrity/integrity.c 30 | lib/luks2/luks2_digest.c 31 | lib/luks2/luks2_digest_pbkdf2.c 32 | lib/luks2/luks2_disk_metadata.c 33 | lib/luks2/luks2_json_format.c 34 | lib/luks2/luks2_json_metadata.c 35 | lib/luks2/luks2_keyslot.c 36 | lib/luks2/luks2_keyslot_luks2.c 37 | lib/luks2/luks2_keyslot_reenc.c 38 | lib/luks2/luks2_luks1_convert.c 39 | lib/luks2/luks2_reencrypt.c 40 | lib/luks2/luks2_reencrypt_digest.c 41 | lib/luks2/luks2_segment.c 42 | lib/luks2/luks2_token.c 43 | lib/luks2/luks2_token_keyring.c 44 | lib/luks2/hw_opal/hw_opal.c 45 | src/cryptsetup.c 46 | src/veritysetup.c 47 | src/integritysetup.c 48 | src/utils_tools.c 49 | src/utils_progress.c 50 | src/utils_password.c 51 | src/utils_luks.c 52 | src/utils_reencrypt.c 53 | src/utils_reencrypt_luks1.c 54 | src/utils_blockdev.c 55 | src/utils_args.c 56 | src/utils_key_description.c 57 | src/utils_keyslot_check.c 58 | tokens/ssh/cryptsetup-ssh.c 59 | tokens/ssh/ssh-utils.c 60 | -------------------------------------------------------------------------------- /po/meson.build: -------------------------------------------------------------------------------- 1 | if get_option('nls') 2 | i18n = import('i18n') 3 | i18n.gettext(meson.project_name(), 4 | preset: 'glib', 5 | data_dirs: '.', 6 | install: true) 7 | endif 8 | -------------------------------------------------------------------------------- /scripts/Makemodule.am: -------------------------------------------------------------------------------- 1 | DISTCLEAN_TARGETS += scripts/cryptsetup.conf 2 | 3 | if CRYPTSETUP_TMPFILE 4 | tmpfilesd_DATA += scripts/cryptsetup.conf 5 | endif 6 | -------------------------------------------------------------------------------- /scripts/cryptsetup.conf.in: -------------------------------------------------------------------------------- 1 | d @DEFAULT_LUKS2_LOCK_PATH@ @DEFAULT_LUKS2_LOCK_DIR_PERMS@ root root - 2 | -------------------------------------------------------------------------------- /scripts/meson.build: -------------------------------------------------------------------------------- 1 | if tmpfilesdir != '' 2 | cryptsetup_conf = configure_file( 3 | input: 'cryptsetup.conf.in', 4 | output: 'cryptsetup.conf', 5 | configuration: conf, 6 | install_dir: tmpfilesdir) 7 | endif 8 | -------------------------------------------------------------------------------- /src/integritysetup_args.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * Command line arguments helpers 4 | * 5 | * Copyright (C) 2020-2025 Red Hat, Inc. All rights reserved. 6 | * Copyright (C) 2020-2025 Ondrej Kozina 7 | */ 8 | 9 | #ifndef INTEGRITYSETUP_ARGS_H 10 | #define INTEGRITYSETUP_ARGS_H 11 | 12 | #include "utils_arg_names.h" 13 | #include "utils_arg_macros.h" 14 | 15 | #define DUMP_ACTION "dump" 16 | #define FORMAT_ACTION "format" 17 | #define CLOSE_ACTION "close" 18 | #define OPEN_ACTION "open" 19 | #define RESIZE_ACTION "resize" 20 | #define STATUS_ACTION "status" 21 | 22 | #define OPT_ALLOW_DISCARDS_ACTIONS { OPEN_ACTION } 23 | #define OPT_DEFERRED_ACTIONS { CLOSE_ACTION } 24 | #define OPT_DEVICE_SIZE_ACTIONS { RESIZE_ACTION } 25 | #define OPT_DISABLE_BLKID_ACTIONS { FORMAT_ACTION } 26 | #define OPT_INTEGRITY_INLINE_ACTIONS { FORMAT_ACTION } 27 | #define OPT_INTEGRITY_RECALCULATE_ACTIONS { OPEN_ACTION } 28 | #define OPT_INTERLEAVE_SECTORS_ACTIONS { FORMAT_ACTION } 29 | #define OPT_JOURNAL_SIZE_ACTIONS { FORMAT_ACTION } 30 | #define OPT_NO_WIPE_ACTIONS { FORMAT_ACTION } 31 | #define OPT_PROGRESS_JSON_ACTIONS { FORMAT_ACTION, RESIZE_ACTION } 32 | #define OPT_SECTOR_SIZE_ACTIONS { FORMAT_ACTION } 33 | #define OPT_SIZE_ACTIONS { RESIZE_ACTION } 34 | #define OPT_TAG_SIZE_ACTIONS { FORMAT_ACTION } 35 | #define OPT_WIPE_ACTIONS { RESIZE_ACTION } 36 | 37 | enum { 38 | OPT_UNUSED_ID = 0, 39 | #define ARG(A, B, C, D, E, F, G, H) A ## _ID, 40 | #include "integritysetup_arg_list.h" 41 | #undef ARG 42 | }; 43 | 44 | static struct tools_arg tool_core_args[] = { { NULL, false, CRYPT_ARG_BOOL }, // UNUSED 45 | #define ARG(A, B, C, D, E, F, G, H) { A, false, F, G, H }, 46 | #include "integritysetup_arg_list.h" 47 | #undef ARG 48 | }; 49 | 50 | #endif 51 | -------------------------------------------------------------------------------- /src/veritysetup_args.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * Command line arguments helpers 4 | * 5 | * Copyright (C) 2020-2025 Red Hat, Inc. All rights reserved. 6 | * Copyright (C) 2020-2025 Ondrej Kozina 7 | */ 8 | 9 | #ifndef VERITYSETUP_ARGS_H 10 | #define VERITYSETUP_ARGS_H 11 | 12 | #include "utils_arg_names.h" 13 | #include "utils_arg_macros.h" 14 | 15 | #define CLOSE_ACTION "close" 16 | #define DUMP_ACTION "dump" 17 | #define FORMAT_ACTION "format" 18 | #define OPEN_ACTION "open" 19 | #define STATUS_ACTION "status" 20 | #define VERIFY_ACTION "verify" 21 | 22 | #define OPT_DEFERRED_ACTIONS { CLOSE_ACTION } 23 | #define OPT_IGNORE_CORRUPTION_ACTIONS { OPEN_ACTION } 24 | #define OPT_IGNORE_ZERO_BLOCKS_ACTIONS { OPEN_ACTION } 25 | #define OPT_PANIC_ON_CORRUPTION_ACTIONS { OPEN_ACTION } 26 | #define OPT_RESTART_ON_CORRUPTION_ACTIONS { OPEN_ACTION } 27 | #define OPT_ERROR_AS_CORRUPTION_ACTIONS { OPEN_ACTION } 28 | #define OPT_ROOT_HASH_FILE_ACTIONS { FORMAT_ACTION, OPEN_ACTION, VERIFY_ACTION } 29 | #define OPT_ROOT_HASH_SIGNATURE_ACTIONS { OPEN_ACTION } 30 | #define OPT_USE_TASKLETS_ACTIONS { OPEN_ACTION } 31 | #define OPT_SHARED_ACTIONS { OPEN_ACTION } 32 | 33 | enum { 34 | OPT_UNUSED_ID = 0, 35 | #define ARG(A, B, C, D, E, F, G, H) A ## _ID, 36 | #include "veritysetup_arg_list.h" 37 | #undef ARG 38 | }; 39 | 40 | static struct tools_arg tool_core_args[] = { { NULL, false, CRYPT_ARG_BOOL }, // UNUSED 41 | #define ARG(A, B, C, D, E, F, G, H) { A, false, F, G, H }, 42 | #include "veritysetup_arg_list.h" 43 | #undef ARG 44 | }; 45 | 46 | #endif 47 | -------------------------------------------------------------------------------- /tests/00modules-test: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | [ -z "$CRYPTSETUP_PATH" ] && CRYPTSETUP_PATH=".." 4 | 5 | pversion() { 6 | if [ ! -x $CRYPTSETUP_PATH/$1 ] ; then 7 | return 8 | fi 9 | 10 | echo -n "$CRYPTSETUP_PATH/" 11 | $CRYPTSETUP_PATH/$1 --version 12 | } 13 | 14 | echo "Cryptsetup test environment ($(date))" 15 | uname -a 16 | if [ "$(cat /proc/sys/crypto/fips_enabled 2>/dev/null)" = "1" ] ; then 17 | echo "Kernel running in FIPS mode." 18 | fi 19 | 20 | if [ -f /etc/os-release ] ; then 21 | source /etc/os-release 22 | echo "$PRETTY_NAME ($NAME) $VERSION" 23 | fi 24 | 25 | echo "Memory" 26 | free -m 27 | 28 | pversion cryptsetup 29 | pversion veritysetup 30 | pversion integritysetup 31 | 32 | [ -x $CRYPTSETUP_PATH/cryptsetup ] && { 33 | echo -e "Cryptsetup defaults:" 34 | $CRYPTSETUP_PATH/cryptsetup --help | sed -n '/optional key file for/,$p' | tail -n +3 35 | } 36 | 37 | if [ -b "$OPAL2_DEV" ]; then 38 | echo "OPAL test device:" 39 | lsblk "$OPAL2_DEV" -d -o NAME,TRAN,MODEL,REV,MIN-IO,PHY-SEC,LOG-SEC,DISC-ALN,DISC-GRAN,DISC-MAX,DISC-ZERO 2>/dev/null 40 | fi 41 | 42 | [ $(id -u) != 0 ] && exit 77 43 | 44 | modprobe dm-crypt >/dev/null 2>&1 45 | modprobe dm-verity >/dev/null 2>&1 46 | modprobe dm-integrity >/dev/null 2>&1 47 | modprobe dm-zero >/dev/null 2>&1 48 | 49 | dmsetup version 50 | 51 | echo "Device mapper targets:" 52 | dmsetup targets 53 | 54 | exit 0 55 | -------------------------------------------------------------------------------- /tests/LUKS-d238e48a-0ed3-4169-b841-f26b44693134.tar.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/LUKS-d238e48a-0ed3-4169-b841-f26b44693134.tar.xz -------------------------------------------------------------------------------- /tests/bitlk-images.tar.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/bitlk-images.tar.xz -------------------------------------------------------------------------------- /tests/blkid-luks2-pv.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/blkid-luks2-pv.img.xz -------------------------------------------------------------------------------- /tests/compatimage.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/compatimage.img.xz -------------------------------------------------------------------------------- /tests/compatimage2.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/compatimage2.img.xz -------------------------------------------------------------------------------- /tests/compatv10image.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/compatv10image.img.xz -------------------------------------------------------------------------------- /tests/conversion_imgs.tar.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/conversion_imgs.tar.xz -------------------------------------------------------------------------------- /tests/cryptsetup-valg-supps: -------------------------------------------------------------------------------- 1 | # Suppression file for valgrind 2 | 3 | # known problem in libgcrypt 4 | { 5 | leak_in_libgcrypt_00 6 | Memcheck:Leak 7 | fun:malloc 8 | obj:/lib64/libgcrypt.so* 9 | ... 10 | obj:/lib64/libgcrypt.so* 11 | fun:crypt_backend_init 12 | fun:init_crypto 13 | ... 14 | } 15 | -------------------------------------------------------------------------------- /tests/evil_hdr-keyslot_overlap.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/evil_hdr-keyslot_overlap.xz -------------------------------------------------------------------------------- /tests/evil_hdr-luks_hdr_damage.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/evil_hdr-luks_hdr_damage.xz -------------------------------------------------------------------------------- /tests/evil_hdr-payload_overwrite.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/evil_hdr-payload_overwrite.xz -------------------------------------------------------------------------------- /tests/evil_hdr-small_luks_device.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/evil_hdr-small_luks_device.xz -------------------------------------------------------------------------------- /tests/evil_hdr-stripes_payload_dmg.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/evil_hdr-stripes_payload_dmg.xz -------------------------------------------------------------------------------- /tests/fake_systemd_tpm_path.c: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | 3 | #include 4 | #include 5 | 6 | /* systemd tpm2-util.h */ 7 | int tpm2_find_device_auto(char **ret); 8 | 9 | extern int tpm2_find_device_auto(char **ret) 10 | { 11 | const char *path = getenv("TPM_PATH"); 12 | 13 | if (!path) 14 | *ret = NULL; 15 | else 16 | *ret = strdup(path); 17 | 18 | return 0; 19 | } 20 | -------------------------------------------------------------------------------- /tests/fuzz/crypt2_load_ondisk_fuzz.cc: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * cryptsetup LUKS1, FileVault, BitLocker fuzz target 4 | */ 5 | 6 | extern "C" { 7 | #define FILESIZE (16777216) 8 | #include "src/cryptsetup.h" 9 | #include 10 | #include "luks1/luks.h" 11 | #include "crypto_backend/crypto_backend.h" 12 | #include "FuzzerInterface.h" 13 | 14 | void empty_log(int level, const char *msg, void *usrptr) {} 15 | 16 | int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { 17 | int fd, r; 18 | struct crypt_device *cd = NULL; 19 | char name[] = "/tmp/test-script-fuzz.XXXXXX"; 20 | 21 | fd = mkostemp(name, O_RDWR | O_CREAT | O_EXCL | O_CLOEXEC); 22 | if (fd == -1) 23 | err(EXIT_FAILURE, "mkostemp() failed"); 24 | 25 | /* enlarge header */ 26 | if (ftruncate(fd, FILESIZE) == -1) 27 | goto out; 28 | 29 | if (write_buffer(fd, data, size) != (ssize_t) size) 30 | goto out; 31 | 32 | crypt_set_log_callback(NULL, empty_log, NULL); 33 | 34 | if (crypt_init(&cd, name) == 0) { 35 | r = crypt_load(cd, CRYPT_LUKS1, NULL); 36 | if (r == 0) 37 | goto out; 38 | 39 | r = crypt_load(cd, CRYPT_FVAULT2, NULL); 40 | if (r == 0) 41 | goto out; 42 | 43 | (void) crypt_load(cd, CRYPT_BITLK, NULL); 44 | } 45 | out: 46 | crypt_free(cd); 47 | close(fd); 48 | unlink(name); 49 | return 0; 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /tests/fuzz/crypt2_load_ondisk_fuzz.dict: -------------------------------------------------------------------------------- 1 | "aegis128-random" 2 | "aes-cbc:essiv:sha256" 3 | "aes-xts-plain64" 4 | "aes-lrv-plain64" 5 | "twofish-xts-plain64" 6 | "serpent-xts-plain64" 7 | "whirpool" 8 | "sha256" 9 | "sha1" 10 | -------------------------------------------------------------------------------- /tests/fuzz/crypt2_load_proto_fuzz.cc: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * cryptsetup LUKS2 custom mutator fuzz target 4 | * 5 | * Copyright (C) 2022-2025 Daniel Zatovic 6 | * Copyright (C) 2022-2025 Red Hat, Inc. All rights reserved. 7 | */ 8 | 9 | #include "LUKS2.pb.h" 10 | #include "proto_to_luks2_converter.h" 11 | #include "libfuzzer/libfuzzer_macro.h" 12 | #include "FuzzerInterface.h" 13 | 14 | extern "C" { 15 | #include 16 | #include 17 | #include 18 | #include 19 | } 20 | 21 | DEFINE_PROTO_FUZZER(const LUKS2_proto::LUKS2_both_headers &headers) { 22 | struct crypt_device *cd = NULL; 23 | char name[] = "/tmp/test-proto-fuzz.XXXXXX"; 24 | int fd = mkostemp(name, O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC); 25 | 26 | if (fd < 0) 27 | err(EXIT_FAILURE, "mkostemp() failed"); 28 | 29 | LUKS2_proto::LUKS2ProtoConverter converter; 30 | converter.convert(headers, fd); 31 | 32 | if (crypt_init(&cd, name) == 0) 33 | (void)crypt_load(cd, CRYPT_LUKS2, NULL); 34 | crypt_free(cd); 35 | 36 | close(fd); 37 | unlink(name); 38 | } 39 | -------------------------------------------------------------------------------- /tests/fuzz/crypt2_load_proto_plain_json_fuzz.cc: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * cryptsetup LUKS2 custom mutator fuzz target 4 | * 5 | * Copyright (C) 2022-2025 Daniel Zatovic 6 | * Copyright (C) 2022-2025 Red Hat, Inc. All rights reserved. 7 | */ 8 | 9 | #include "LUKS2_plain_JSON.pb.h" 10 | #include "plain_json_proto_to_luks2_converter.h" 11 | #include "libfuzzer/libfuzzer_macro.h" 12 | #include "FuzzerInterface.h" 13 | 14 | extern "C" { 15 | #include 16 | #include 17 | #include 18 | #include 19 | } 20 | 21 | DEFINE_PROTO_FUZZER(const json_proto::LUKS2_both_headers &headers) { 22 | struct crypt_device *cd = NULL; 23 | char name[] = "/tmp/test-proto-fuzz.XXXXXX"; 24 | int fd = mkostemp(name, O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC); 25 | 26 | if (fd < 0) 27 | err(EXIT_FAILURE, "mkostemp() failed"); 28 | 29 | json_proto::LUKS2ProtoConverter converter; 30 | converter.convert(headers, fd); 31 | 32 | if (crypt_init(&cd, name) == 0) 33 | (void)crypt_load(cd, CRYPT_LUKS2, NULL); 34 | crypt_free(cd); 35 | 36 | close(fd); 37 | unlink(name); 38 | } 39 | -------------------------------------------------------------------------------- /tests/fuzz/crypt2_load_proto_plain_json_fuzz.dict: -------------------------------------------------------------------------------- 1 | # LUKS2 keywords by Daniel Zatovic 2 | 3 | "1024" 4 | "2048" 5 | "4096" 6 | "512" 7 | "aegis128-random" 8 | "aes-cbc:essiv:sha256" 9 | "aes-xts-plain64" 10 | "af" 11 | "allow-discards" 12 | "area" 13 | "argon2i" 14 | "argon2id" 15 | "backup-final" 16 | "backup-moved-segment" 17 | "backup-previous" 18 | "checksum" 19 | "config" 20 | "cpus" 21 | "crypt" 22 | "datashift" 23 | "digest" 24 | "digests" 25 | "direction" 26 | "encryption" 27 | "flags" 28 | "hash" 29 | "in-reencryption" 30 | "integrity" 31 | "iterations" 32 | "iv_tweak" 33 | "journal" 34 | "journal_encryption" 35 | "journal_integrity" 36 | "json_size" 37 | "kdf" 38 | "key_description" 39 | "key_size" 40 | "keyslots" 41 | "keyslots_size" 42 | "linear" 43 | "luks2" 44 | "luks2-keyring" 45 | "LUKS\xBA\xBE" 46 | "memory" 47 | "mode" 48 | "no-journal" 49 | "none" 50 | "no-read-workqueue" 51 | "no-write-workqueue" 52 | "offline-reencrypt" 53 | "offset" 54 | "online-reencrypt-v2" 55 | "pbkdf2" 56 | "priority" 57 | "raw" 58 | "reencrypt" 59 | "requirements" 60 | "salt" 61 | "same-cpu-crypt" 62 | "sector_size" 63 | "segments" 64 | "serpent-xts-plain64" 65 | "shift_size" 66 | "size" 67 | "SKUL\xBA\xBE" 68 | "stripes" 69 | "submit-from-crypt-cpus" 70 | "time" 71 | "tokens" 72 | "twofish-xts-plain64" 73 | -------------------------------------------------------------------------------- /tests/fuzz/json_proto_converter.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: Apache-2.0 2 | // 3 | // Copyright 2020 Google Inc. 4 | // 5 | 6 | #ifndef JSON_PROTO_CONVERTER_H_ 7 | #define JSON_PROTO_CONVERTER_H_ 8 | 9 | #include 10 | #include 11 | 12 | #include "LUKS2_plain_JSON.pb.h" 13 | 14 | namespace json_proto { 15 | 16 | class JsonProtoConverter { 17 | public: 18 | std::string Convert(const json_proto::JsonObject&); 19 | std::string Convert(const json_proto::ArrayValue&); 20 | 21 | private: 22 | std::stringstream data_; 23 | 24 | void AppendArray(const json_proto::ArrayValue&); 25 | void AppendNumber(const json_proto::NumberValue&); 26 | void AppendObject(const json_proto::JsonObject&); 27 | void AppendValue(const json_proto::JsonValue&); 28 | }; 29 | 30 | } // namespace json_proto 31 | 32 | #endif // TESTING_LIBFUZZER_PROTO_JSON_PROTO_CONVERTER_H_ 33 | -------------------------------------------------------------------------------- /tests/fuzz/plain_json_proto_to_luks2.cc: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * cryptsetup LUKS2 protobuf to image converter 4 | * 5 | * Copyright (C) 2022-2025 Daniel Zatovic 6 | * Copyright (C) 2022-2025 Red Hat, Inc. All rights reserved. 7 | */ 8 | 9 | #include 10 | #include 11 | 12 | #include 13 | #include 14 | 15 | #include 16 | #include 17 | 18 | #include "plain_json_proto_to_luks2_converter.h" 19 | 20 | using namespace json_proto; 21 | 22 | int main(int argc, char *argv[]) { 23 | LUKS2_both_headers headers; 24 | LUKS2ProtoConverter converter; 25 | int fd; 26 | 27 | std::string out_img_name; 28 | 29 | if (argc != 2) { 30 | std::cerr << "Usage: " << argv[0] << " \n"; 31 | return EXIT_FAILURE; 32 | } 33 | 34 | fd = open(argv[1], O_RDONLY); 35 | if (fd < 0) { 36 | std::cerr << "Failed to open " << argv[1] << std::endl; 37 | return EXIT_FAILURE; 38 | } 39 | 40 | google::protobuf::io::FileInputStream fileInput(fd); 41 | 42 | if (!google::protobuf::TextFormat::Parse(&fileInput, &headers)) { 43 | std::cerr << "Failed to parse protobuf " << argv[1] << std::endl; 44 | close(fd); 45 | return EXIT_FAILURE; 46 | } 47 | close(fd); 48 | 49 | out_img_name = argv[1]; 50 | out_img_name += ".img"; 51 | 52 | fd = open(out_img_name.c_str(), O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC|O_TRUNC, 0644); 53 | if (fd < 0) { 54 | std::cerr << "Failed to open output file " << out_img_name << std::endl; 55 | return EXIT_FAILURE; 56 | } 57 | converter.set_write_headers_only(false); 58 | converter.convert(headers, fd); 59 | 60 | close(fd); 61 | return EXIT_SUCCESS; 62 | } 63 | -------------------------------------------------------------------------------- /tests/fuzz/plain_json_proto_to_luks2_converter.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * cryptsetup LUKS2 custom mutator fuzz target 4 | * 5 | * Copyright (C) 2022-2025 Daniel Zatovic 6 | * Copyright (C) 2022-2025 Red Hat, Inc. All rights reserved. 7 | */ 8 | 9 | #ifndef LUKS2_PROTO_CONVERTER_H_ 10 | #define LUKS2_PROTO_CONVERTER_H_ 11 | 12 | #include 13 | #include 14 | #include 15 | 16 | #include "LUKS2_plain_JSON.pb.h" 17 | extern "C" { 18 | #include "crypto_backend/crypto_backend.h" 19 | } 20 | 21 | namespace json_proto { 22 | 23 | class LUKS2ProtoConverter { 24 | public: 25 | ~LUKS2ProtoConverter(); 26 | void create_jobj(const LUKS2_both_headers &headers, uint64_t hdr_size); 27 | void convert(const LUKS2_both_headers &headers, int fd); 28 | void create_jobj(const LUKS2_both_headers &headers); 29 | void emit_luks2_binary_header(const LUKS2_header &header_proto, int fd, uint64_t offset, uint64_t seqid, const std::string &json_text); 30 | 31 | void set_write_headers_only(bool headers_only); 32 | 33 | const uint8_t *get_out_buffer(); 34 | size_t get_out_size(); 35 | 36 | static const uint64_t KEYSLOTS_SIZE = 3 * 1024 * 1024; 37 | static const uint64_t DATA_SIZE = 16 * 1024 * 1024; 38 | private: 39 | bool write_headers_only = false; 40 | struct crypt_hash *hd = NULL; 41 | }; 42 | 43 | } // namespace LUKS2_proto 44 | 45 | #endif // LUKS2_PROTO_CONVERTER_H_ 46 | -------------------------------------------------------------------------------- /tests/fuzz/proto_to_luks2.cc: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: GPL-2.0-or-later 2 | /* 3 | * cryptsetup LUKS2 protobuf to image converter 4 | * 5 | * Copyright (C) 2022-2025 Daniel Zatovic 6 | * Copyright (C) 2022-2025 Red Hat, Inc. All rights reserved. 7 | */ 8 | 9 | #include 10 | #include 11 | 12 | #include 13 | #include 14 | 15 | #include 16 | #include 17 | 18 | #include "proto_to_luks2_converter.h" 19 | 20 | using namespace LUKS2_proto; 21 | 22 | int main(int argc, char *argv[]) { 23 | LUKS2_both_headers headers; 24 | LUKS2ProtoConverter converter; 25 | int fd; 26 | 27 | std::string out_img_name; 28 | 29 | if (argc != 2) { 30 | std::cerr << "Usage: " << argv[0] << " \n"; 31 | return EXIT_FAILURE; 32 | } 33 | 34 | fd = open(argv[1], O_RDONLY); 35 | if (fd < 0) { 36 | std::cerr << "Failed to open " << argv[1] << std::endl; 37 | return EXIT_FAILURE; 38 | } 39 | 40 | google::protobuf::io::FileInputStream fileInput(fd); 41 | 42 | if (!google::protobuf::TextFormat::Parse(&fileInput, &headers)) { 43 | std::cerr << "Failed to parse protobuf " << argv[1] << std::endl; 44 | close(fd); 45 | return EXIT_FAILURE; 46 | } 47 | close(fd); 48 | 49 | out_img_name = argv[1]; 50 | out_img_name += ".img"; 51 | 52 | fd = open(out_img_name.c_str(), O_RDWR|O_CREAT|O_EXCL|O_CLOEXEC|O_TRUNC, 0644); 53 | if (fd < 0) { 54 | std::cerr << "Failed to open output file " << out_img_name << std::endl; 55 | return EXIT_FAILURE; 56 | } 57 | converter.set_write_headers_only(false); 58 | converter.convert(headers, fd); 59 | 60 | close(fd); 61 | return EXIT_SUCCESS; 62 | } 63 | -------------------------------------------------------------------------------- /tests/fuzz/unpoison-mutated-buffers-from-libfuzzer.patch: -------------------------------------------------------------------------------- 1 | diff --git a/src/libfuzzer/libfuzzer_mutator.cc b/src/libfuzzer/libfuzzer_mutator.cc 2 | index 34d144c..b671fd4 100644 3 | --- a/src/libfuzzer/libfuzzer_mutator.cc 4 | +++ b/src/libfuzzer/libfuzzer_mutator.cc 5 | @@ -14,6 +14,8 @@ 6 | 7 | #include "src/libfuzzer/libfuzzer_mutator.h" 8 | 9 | +#include 10 | + 11 | #include 12 | 13 | #include 14 | @@ -64,6 +66,7 @@ template 15 | T MutateValue(T v) { 16 | size_t size = 17 | LLVMFuzzerMutate(reinterpret_cast(&v), sizeof(v), sizeof(v)); 18 | + __msan_unpoison(reinterpret_cast(&v), size); 19 | memset(reinterpret_cast(&v) + size, 0, sizeof(v) - size); 20 | return v; 21 | } 22 | @@ -93,6 +96,7 @@ std::string Mutator::MutateString(const std::string& value, 23 | result.resize(std::max(1, new_size)); 24 | result.resize(LLVMFuzzerMutate(reinterpret_cast(&result[0]), 25 | value.size(), result.size())); 26 | + __msan_unpoison(reinterpret_cast(&result[0]), result.size()); 27 | return result; 28 | } 29 | 30 | -------------------------------------------------------------------------------- /tests/fvault2-images.tar.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/fvault2-images.tar.xz -------------------------------------------------------------------------------- /tests/generate-symbols-list: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | fail() 4 | { 5 | [ -n "$1" ] && echo "$1" 6 | exit 2 7 | } 8 | 9 | generate() { 10 | local ver= 11 | 12 | while IFS= read -r line; do 13 | local len=${#line} 14 | 15 | 16 | if [ "${line:0:11}" = "CRYPTSETUP_" ]; then 17 | local i=12 18 | while [ $i -lt $len ]; do 19 | if [ "${line:$i:1}" = "{" ]; then 20 | ver=${line:0:$i} 21 | break 22 | fi 23 | i=$((i+1)) 24 | done 25 | elif [ "${line:0:6}" = "crypt_" -a -n "$ver" ]; then 26 | printf 'CHECK_SYMBOL(%s, %s)\n' $line $ver 27 | fi 28 | done < <(tr -d '[:blank:];' < $1) 29 | } 30 | 31 | test $# -ge 1 || fail "usage: $0 " 32 | 33 | test -f $1 || fail "$1 is not a file." 34 | 35 | generate $1 36 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-area-in-json-hdr-space-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with one area accessing luks 9 | # header space 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | # make area 7 access the luks2 header space 20 | OFFS=$((2*LUKS2_HDR_SIZE*512-1)) 21 | LEN=1 22 | json_str=$(jq -c --arg off $OFFS --arg len $LEN \ 23 | '.keyslots."0".area.offset = $off | .keyslots."0".area.size = $len' $TMPDIR/json0) 24 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 25 | 26 | write_luks2_json "$json_str" $TMPDIR/json0 27 | 28 | lib_mangle_json_hdr0_kill_hdr1 29 | } 30 | 31 | check() 32 | { 33 | lib_hdr1_killed || exit 2 34 | 35 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 36 | jq -c --arg off $OFFS --arg len $LEN \ 37 | 'if (.keyslots."0".area.offset != $off) or (.keyslots."0".area.size != $len) 38 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 39 | } 40 | 41 | lib_prepare $@ 42 | generate 43 | check 44 | lib_cleanup 45 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-argon2-leftover-params.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with luks2 keyslot kdf object 9 | # having left over params. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | # add keyslot 1 to second digest 20 | obj_len=$(jq -c -M '.keyslots."1".kdf | length' $TMPDIR/json0) 21 | json_str=$(jq -r -c -M '.keyslots."1".kdf.type = "pbkdf2" | .keyslots."1".kdf.iterations = 1001 | .keyslots."1".kdf.hash = "sha256"' $TMPDIR/json0) 22 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 23 | 24 | write_luks2_json "$json_str" $TMPDIR/json0 25 | 26 | lib_mangle_json_hdr0_kill_hdr1 27 | } 28 | 29 | check() 30 | { 31 | lib_hdr1_killed || exit 2 32 | lib_hdr0_checksum || exit 2 33 | 34 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 35 | new_obj_len=$(jq -c -M '.keyslots."1".kdf | length' $TMPDIR/json_res0) 36 | test $((obj_len+2)) -eq $new_obj_len || exit 2 37 | } 38 | 39 | lib_prepare $@ 40 | generate 41 | check 42 | lib_cleanup 43 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-correct-full-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with correct json of maximal size in primary slot. 9 | # Secondary header is broken on purpose. 10 | # 11 | 12 | # $1 full target dir 13 | # $2 full source luks2 image 14 | 15 | PATTERN="\"config\":{" 16 | KEY="\"config_key\":\"" 17 | 18 | generate() 19 | { 20 | read -r json_str < $TMPDIR/json0 21 | json_len=${#json_str} 22 | pindex=$(strindex $json_str $PATTERN) 23 | test $pindex -gt 0 || exit 2 24 | 25 | offset=${#PATTERN} 26 | offset=$((offset+pindex)) 27 | key_len=${#KEY} 28 | remain=$((LUKS2_JSON_SIZE*512-json_len-key_len-2)) # -2: closing '"' and terminating '\0' 29 | if [ ${json_str:offset:1} = "}" ]; then 30 | format_str="%s%s%s" 31 | else 32 | format_str="%s%s,%s" 33 | remain=$((remain-1)) # also count with separating ',' 34 | fi 35 | test $remain -gt 0 || exit 2 36 | 37 | fill=$(repeat_str "X" $remain)"\"" 38 | 39 | printf $format_str $KEY $fill ${json_str:$offset} | _dd of=$TMPDIR/json0 bs=1 seek=$offset conv=notrunc 40 | 41 | lib_mangle_json_hdr0_kill_hdr1 42 | } 43 | 44 | check() 45 | { 46 | lib_hdr1_killed || exit 2 47 | lib_hdr0_checksum || exit 2 48 | 49 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 50 | #json_str_res0=$(< $TMPDIR/json_res0) 51 | read -r json_str_res0 < $TMPDIR/json_res0 52 | test ${#json_str_res0} -eq $((LUKS2_JSON_SIZE*512-1)) || exit 2 53 | } 54 | 55 | lib_prepare $@ 56 | generate 57 | check 58 | lib_cleanup 59 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-corrupted-hdr0-with-correct-chks.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with malformed json but correct checksum in primary header 9 | # 10 | 11 | # $1 full target dir 12 | # $2 full source luks2 image 13 | 14 | generate() 15 | { 16 | read -r json_str < $TMPDIR/json0 17 | json_len=${#json_str} 18 | json_len=$((json_len-1)) # to replace json closing '}' 19 | json_new_str="${json_str:0:json_len},\"" 20 | 21 | while [ ${#json_new_str} -le $((LUKS2_JSON_SIZE*512)) ]; do 22 | json_new_str=$json_new_str"all_work_and_no_play_makes_Jack_a_dull_boy_" 23 | done 24 | 25 | printf "%s" $json_new_str | _dd of=$TMPDIR/json0 bs=512 count=$LUKS2_JSON_SIZE 26 | 27 | lib_mangle_json_hdr0 28 | } 29 | 30 | check() 31 | { 32 | lib_hdr0_checksum || exit 2 33 | 34 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 35 | read -r json_str_res0 < $TMPDIR/json_res0 36 | test ${#json_str_res0} -eq $((LUKS2_JSON_SIZE*512)) || exit 2 37 | } 38 | 39 | lib_prepare $@ 40 | generate 41 | check 42 | lib_cleanup 43 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-corrupted-hdr1-with-correct-chks.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with malformed json but correct checksum in secondary header 9 | # 10 | 11 | # $1 full target dir 12 | # $2 full source luks2 image 13 | 14 | generate() 15 | { 16 | read -r json_str < $TMPDIR/json1 17 | json_len=${#json_str} 18 | json_len=$((json_len-1)) # to replace json closing '}' 19 | json_new_str="${json_str:0:json_len},\"" 20 | 21 | while [ ${#json_new_str} -le $((LUKS2_JSON_SIZE*512)) ]; do 22 | json_new_str=$json_new_str"all_work_and_no_play_makes_Jack_a_dull_boy_" 23 | done 24 | 25 | printf "%s" $json_new_str | _dd of=$TMPDIR/json1 bs=512 count=$LUKS2_JSON_SIZE 26 | 27 | lib_mangle_json_hdr1 28 | } 29 | 30 | check() 31 | { 32 | lib_hdr1_checksum || exit 2 33 | 34 | read_luks2_json1 $TGT_IMG $TMPDIR/json_res1 35 | read -r json_str_res1 < $TMPDIR/json_res1 36 | test ${#json_str_res1} -eq $((LUKS2_JSON_SIZE*512)) || exit 2 37 | } 38 | 39 | lib_prepare $@ 40 | generate 41 | check 42 | lib_cleanup 43 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-checksum-both-hdrs.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with bad checksum in both binary headerer 9 | # 10 | 11 | # $1 full target dir 12 | # $2 full source luks2 image 13 | 14 | generate() 15 | { 16 | CHKS0=$(echo "Arbitrary chosen string: D'oh!" | calc_sha256_checksum_stdin) 17 | CHKS1=$(echo "D'oh!: arbitrary chosen string" | calc_sha256_checksum_stdin) 18 | write_checksum $CHKS0 $TGT_IMG 19 | write_checksum $CHKS1 $TMPDIR/hdr1 20 | write_luks2_bin_hdr1 $TMPDIR/hdr1 $TGT_IMG 21 | } 22 | 23 | check() 24 | { 25 | lib_hdr0_checksum || exit 2 26 | lib_hdr1_checksum || exit 2 27 | } 28 | 29 | lib_prepare $@ 30 | generate 31 | check 32 | lib_cleanup 33 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-checksum-hdr0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with bad checksum in primary binary header 9 | # 10 | 11 | # 1 full target dir 12 | # 2 full source luks2 image 13 | 14 | generate() 15 | { 16 | CHKS0=$(echo "Arbitrary chosen string: D'oh!" | calc_sha256_checksum_stdin) 17 | write_checksum $CHKS0 $TGT_IMG 18 | } 19 | 20 | check() 21 | { 22 | lib_hdr0_checksum || exit 2 23 | } 24 | 25 | lib_prepare $@ 26 | generate 27 | check 28 | lib_cleanup 29 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-checksum-hdr1.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with bad checksum in secondary binary header 9 | # 10 | 11 | # $1 full target dir 12 | # $2 full source luks2 image 13 | 14 | generate() 15 | { 16 | CHKS1=$(echo "Arbitrary chosen string: D'oh!" | calc_sha256_checksum_stdin) 17 | write_checksum $CHKS1 $TMPDIR/hdr1 18 | write_luks2_bin_hdr1 $TMPDIR/hdr1 $TGT_IMG 19 | } 20 | 21 | check() 22 | { 23 | lib_hdr1_checksum || exit 2 24 | } 25 | 26 | lib_prepare $@ 27 | generate 28 | check 29 | lib_cleanup 30 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-json-size-c0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with invalid json_size in config section 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | JS=$(((LUKS2_HDR_SIZE-LUKS2_BIN_HDR_SIZE)*512+4096)) 19 | json_str=$(jq -c --arg js $JS '.config.json_size = ($js | tostring)' $TMPDIR/json0) 20 | test -n "$json_str" || exit 2 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | write_luks2_json "$json_str" $TMPDIR/json0 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c --arg js $JS 'if .config.json_size != ($js | tostring ) 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-json-size-c1.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with invalid json_size in config section 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | JS=$(((LUKS2_HDR_SIZE-LUKS2_BIN_HDR_SIZE)*512-4096)) 19 | json_str=$(jq -c --arg js $JS '.config.json_size = ($js | tostring)' $TMPDIR/json0) 20 | test -n "$json_str" || exit 2 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | write_luks2_json "$json_str" $TMPDIR/json0 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c --arg js $JS 'if .config.json_size != ($js | tostring ) 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-json-size-c2.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with config json size mismatching 9 | # value in binary header 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | JS=$(((LUKS2_HDR_SIZE-LUKS2_BIN_HDR_SIZE)*512)) 20 | TEST_MDA_SIZE=$LUKS2_HDR_SIZE_32K 21 | TEST_MDA_SIZE_BYTES=$((TEST_MDA_SIZE*512)) 22 | TEST_JSN_SIZE=$((TEST_MDA_SIZE-LUKS2_BIN_HDR_SIZE)) 23 | 24 | json_str=$(jq -c '.' $TMPDIR/json0) 25 | 26 | write_luks2_json "$json_str" $TMPDIR/json0 $TEST_JSN_SIZE 27 | write_luks2_json "$json_str" $TMPDIR/json1 $TEST_JSN_SIZE 28 | 29 | write_bin_hdr_size $TMPDIR/hdr0 $TEST_MDA_SIZE_BYTES 30 | write_bin_hdr_size $TMPDIR/hdr1 $TEST_MDA_SIZE_BYTES 31 | write_bin_hdr_offset $TMPDIR/hdr1 $TEST_MDA_SIZE_BYTES 32 | 33 | lib_mangle_json_hdr0 $TEST_MDA_SIZE $TEST_JSN_SIZE 34 | lib_mangle_json_hdr1 $TEST_MDA_SIZE $TEST_JSN_SIZE 35 | } 36 | 37 | check() 38 | { 39 | read_luks2_bin_hdr0 $TGT_IMG $TMPDIR/hdr_res0 40 | local str_res1=$(head -c 4 $TMPDIR/hdr_res0) 41 | test "$str_res1" = "LUKS" || exit 2 42 | 43 | read_luks2_bin_hdr1 $TGT_IMG $TMPDIR/hdr_res1 $TEST_MDA_SIZE 44 | local str_res1=$(head -c 4 $TMPDIR/hdr_res1) 45 | test "$str_res1" = "SKUL" || exit 2 46 | 47 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 48 | jq -c --arg js $JS 'if .config.json_size != ( $js | tostring ) 49 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 50 | } 51 | 52 | lib_prepare $@ 53 | generate 54 | check 55 | lib_cleanup 56 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-keyslots-size-c0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with too large keyslots_size set in config section 9 | # (iow config.keyslots_size = data_offset - keyslots_offset + 512) 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | # make area 7 being included in area 6 20 | OFFS=$((2*LUKS2_HDR_SIZE*512)) 21 | json_str=$(jq -c --arg off $OFFS '.config.keyslots_size = (.segments."0".offset | tonumber - ($off | tonumber) + 4096 | tostring)' $TMPDIR/json0) 22 | test -n "$json_str" || exit 2 23 | # [.keyslots[].area.offset | tonumber] | max | tostring ---> max offset in keyslot areas 24 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 25 | 26 | write_luks2_json "$json_str" $TMPDIR/json0 27 | 28 | lib_mangle_json_hdr0_kill_hdr1 29 | } 30 | 31 | check() 32 | { 33 | lib_hdr1_killed || exit 2 34 | 35 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 36 | jq -c --arg off $OFFS 'if .config.keyslots_size != ( .segments."0".offset | tonumber - ($off | tonumber) + 4096 | tostring ) 37 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 38 | } 39 | 40 | lib_prepare $@ 41 | generate 42 | check 43 | lib_cleanup 44 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-keyslots-size-c1.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with unaligned keyslots_size config section 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | json_str=$(jq -c '.config.keyslots_size = (.config.keyslots_size | tonumber - 1 | tostring)' $TMPDIR/json0) 19 | test -n "$json_str" || exit 2 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if (.config.keyslots_size | tonumber % 4096) == 0 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-keyslots-size-c2.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with keyslots_size less than sum of all keyslots area 9 | # in json 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | json_str=$(jq '.config.keyslots_size = ([.keyslots[].area.size] | map(tonumber) | add - 4096 | tostring )' $TMPDIR/json0) 20 | test -n "$json_str" || exit 2 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | write_luks2_json "$json_str" $TMPDIR/json0 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c 'if .config.keyslots_size != ([.keyslots[].area.size ] | map(tonumber) | add - 4096 | tostring) 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-object-type-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with well-formed json format 9 | # where top level value is not of type object. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | read -r json_str < $TMPDIR/json0 20 | json_str="[$json_str]" # make top level value an array 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | printf "%s" "$json_str" | _dd of=$TMPDIR/json0 bs=1 conv=notrunc 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | lib_hdr0_checksum || exit 2 32 | 33 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 34 | read -r json_str_res0 < $TMPDIR/json_res0 35 | test "$json_str" = "$json_str_res0" || exit 2 36 | } 37 | 38 | lib_prepare $@ 39 | generate 40 | check 41 | lib_cleanup 42 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-opening-char-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with well-formed json prefixed 9 | # with useless whitespace. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | read -r json_str < $TMPDIR/json0 20 | json_str=" $json_str" # add useless opening whitespace 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | printf "%s" "$json_str" | _dd of=$TMPDIR/json0 bs=1 conv=notrunc 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | lib_hdr0_checksum || exit 2 32 | 33 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 34 | IFS= read -r json_str_res0 < $TMPDIR/json_res0 35 | test "$json_str" = "$json_str_res0" || exit 2 36 | } 37 | 38 | lib_prepare $@ 39 | generate 40 | check 41 | lib_cleanup 42 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-tokens.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with well-formed json format 9 | # where keyslot is not of type object. 10 | # 11 | 12 | # $1 full target dir 13 | # $2 full source luks2 image 14 | 15 | generate() 16 | { 17 | json_str=$(jq -c 'del(.tokens) | .tokens = 42' $TMPDIR/json0) 18 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 19 | 20 | write_luks2_json "$json_str" $TMPDIR/json0 21 | write_luks2_json "$json_str" $TMPDIR/json1 22 | 23 | lib_mangle_json_hdr0 24 | lib_mangle_json_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr0_checksum || exit 2 30 | lib_hdr1_checksum || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c 'if .tokens != 42 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-invalid-top-objects.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with well-formed json format 9 | # where multiple top objects are not of type object. 10 | # 11 | 12 | # $1 full target dir 13 | # $2 full source luks2 image 14 | 15 | generate() 16 | { 17 | json_str=$(jq -c 'del(.tokens) | .tokens = 42 | 18 | del(.digests) | .digests = 42 | 19 | del(.keyslots) | .keyslots = [] | 20 | del(.segments) | .segments = "hi"' $TMPDIR/json0) 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | write_luks2_json "$json_str" $TMPDIR/json0 24 | write_luks2_json "$json_str" $TMPDIR/json1 25 | 26 | lib_mangle_json_hdr0 27 | lib_mangle_json_hdr1 28 | } 29 | 30 | check() 31 | { 32 | lib_hdr0_checksum || exit 2 33 | lib_hdr1_checksum || exit 2 34 | 35 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 36 | jq -c 'if (.tokens != 42) or (.digests != 42) or (.keyslots != []) or (.segments != "hi") 37 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 38 | } 39 | 40 | lib_prepare $@ 41 | generate 42 | check 43 | lib_cleanup 44 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-keyslot-invalid-af.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with well-formed json format 9 | # where keyslot AF type is invalid. 10 | # 11 | 12 | # $1 full target dir 13 | # $2 full source luks2 image 14 | 15 | generate() 16 | { 17 | json_str=$(jq -c 'del(.keyslots."0".af.type) | .keyslots."0".af.type = 42' $TMPDIR/json0) 18 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 19 | 20 | write_luks2_json "$json_str" $TMPDIR/json0 21 | write_luks2_json "$json_str" $TMPDIR/json1 22 | 23 | lib_mangle_json_hdr0 24 | lib_mangle_json_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr0_checksum || exit 2 30 | lib_hdr1_checksum || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c 'if (.keyslots."0".af.type != 42) 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-keyslot-invalid-area-size.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with well-formed json format 9 | # where keyslot area object size is UINT64_MAX and will overflow with added length 10 | # 11 | 12 | # $1 full target dir 13 | # $2 full source luks2 image 14 | 15 | generate() 16 | { 17 | json_str=$(jq -c '.keyslots."0"."area".size = "18446744073709551615"' $TMPDIR/json0) 18 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 19 | 20 | write_luks2_json "$json_str" $TMPDIR/json0 21 | write_luks2_json "$json_str" $TMPDIR/json1 22 | 23 | lib_mangle_json_hdr0 24 | lib_mangle_json_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr0_checksum || exit 2 30 | lib_hdr1_checksum || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c 'if (.keyslots."0"."area".size != "18446744073709551615") 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-keyslot-invalid-area.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with well-formed json format 9 | # where keyslot area object is not of type object. 10 | # 11 | 12 | # $1 full target dir 13 | # $2 full source luks2 image 14 | 15 | generate() 16 | { 17 | json_str=$(jq -c 'del(.keyslots."0".area) | .keyslots."0".area = 42' $TMPDIR/json0) 18 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 19 | 20 | write_luks2_json "$json_str" $TMPDIR/json0 21 | write_luks2_json "$json_str" $TMPDIR/json1 22 | 23 | lib_mangle_json_hdr0 24 | lib_mangle_json_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr0_checksum || exit 2 30 | lib_hdr1_checksum || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c 'if (.keyslots."0".area != 42) 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-keyslot-invalid-objects.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate header with well-formed json format 9 | # where multiple keyslots objects are not of type object. 10 | # 11 | 12 | # $1 full target dir 13 | # $2 full source luks2 image 14 | 15 | generate() 16 | { 17 | json_str=$(jq -c 'del(.keyslots."0".kdf) | .keyslots."0".kdf = 42 | 18 | del(.keyslots."0".af) | .keyslots."0".af = 42' $TMPDIR/json0) 19 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 20 | 21 | write_luks2_json "$json_str" $TMPDIR/json0 22 | write_luks2_json "$json_str" $TMPDIR/json1 23 | 24 | lib_mangle_json_hdr0 25 | lib_mangle_json_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr0_checksum || exit 2 31 | lib_hdr1_checksum || exit 2 32 | 33 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 34 | jq -c 'if (.keyslots."0".kdf != 42) or (.keyslots."0".af != 42) 35 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 36 | } 37 | 38 | lib_prepare $@ 39 | generate 40 | check 41 | lib_cleanup 42 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-keyslot-missing-digest.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with luks2 keyslot not assigned 9 | # to any digest. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | read -r json_str_orig < $TMPDIR/json0 20 | arr_len=$(jq -c -M '.digests."0".keyslots | length' $TMPDIR/json0) 21 | # remove first element from digests."0".keyslots array 22 | json_str=$(jq -r -c -M 'del(.digests."0".keyslots[0])' $TMPDIR/json0) 23 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 24 | 25 | write_luks2_json "$json_str" $TMPDIR/json0 26 | 27 | lib_mangle_json_hdr0_kill_hdr1 28 | } 29 | 30 | check() 31 | { 32 | lib_hdr1_killed || exit 2 33 | lib_hdr0_checksum || exit 2 34 | 35 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 36 | new_arr_len=$(jq -c -M '.digests."0".keyslots | length' $TMPDIR/json_res0) 37 | test $((arr_len-1)) -eq $new_arr_len || exit 2 38 | } 39 | 40 | lib_prepare $@ 41 | generate 42 | check 43 | lib_cleanup 44 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-keyslot-too-many-digests.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with luks2 keyslot assigned 9 | # to more than 1 digest. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | # add keyslot 1 to second digest 20 | json_str=$(jq -r -c -M '.digests."1" = .digests."0" | .digests."1".keyslots = ["1"]' $TMPDIR/json0) 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | write_luks2_json "$json_str" $TMPDIR/json0 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | lib_hdr0_checksum || exit 2 32 | 33 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 34 | new_arr_len=$(jq -c -M '.digests."1".keyslots | length' $TMPDIR/json_res0) 35 | test 1 -eq $new_arr_len || exit 2 36 | } 37 | 38 | lib_prepare $@ 39 | generate 40 | check 41 | lib_cleanup 42 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-missing-keyslot-referenced-in-digest.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with missing keyslot object referenced 9 | # in digest object 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | read -r json_str_orig < $TMPDIR/json0 20 | arr_len=$(jq -c -M '.digests."0".keyslots | length' $TMPDIR/json0) 21 | # add missing keyslot reference in keyslots array of digest '0' 22 | json_str=$(jq -r -c -M 'def arr: ["digests", "0", "keyslots"]; 23 | def missks: getpath(["keyslots"]) | keys | max | tonumber + 1 | tostring; 24 | setpath(arr; getpath(arr) + [ missks ])' $TMPDIR/json0) 25 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 26 | 27 | write_luks2_json "$json_str" $TMPDIR/json0 28 | 29 | lib_mangle_json_hdr0_kill_hdr1 30 | } 31 | 32 | check() 33 | { 34 | lib_hdr1_killed || exit 2 35 | lib_hdr0_checksum || exit 2 36 | 37 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 38 | new_arr_len=$(jq -c -M '.digests."0".keyslots | length' $TMPDIR/json_res0) 39 | test $((arr_len+1)) -eq $new_arr_len || exit 2 40 | } 41 | 42 | lib_prepare $@ 43 | generate 44 | check 45 | lib_cleanup 46 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-missing-keyslot-referenced-in-token.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with missing keyslot object referenced 9 | # in token object 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | read -r json_str_orig < $TMPDIR/json0 20 | # add missing keyslot reference in keyslots array of token '0' 21 | json_str=$(jq -r -c -M 'def missks: getpath(["keyslots"]) | keys | max | tonumber + 1 | tostring; 22 | .tokens += {"0":{"type":"dummy","keyslots":[ "0", missks ]}}' $TMPDIR/json0) 23 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 24 | 25 | write_luks2_json "$json_str" $TMPDIR/json0 26 | 27 | lib_mangle_json_hdr0_kill_hdr1 28 | } 29 | 30 | check() 31 | { 32 | lib_hdr1_killed || exit 2 33 | lib_hdr0_checksum || exit 2 34 | 35 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 36 | new_arr_len=$(jq -c -M '.tokens."0".keyslots | length' $TMPDIR/json_res0) 37 | test $new_arr_len -eq 2 || exit 2 38 | } 39 | 40 | lib_prepare $@ 41 | generate 42 | check 43 | lib_cleanup 44 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-missing-segment-referenced-in-digest.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with missing segment object referenced 9 | # in digest object 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | read -r json_str_orig < $TMPDIR/json0 20 | arr_len=$(jq -c -M '.digests."0".segments | length' $TMPDIR/json0) 21 | # add missing keyslot reference in keyslots array of digest '0' 22 | json_str=$(jq -c 'def arr: ["digests", "0", "segments"]; 23 | def missseg: getpath(["segments"]) | keys | max | tonumber + 1 | tostring; 24 | setpath(arr; getpath(arr) + [ missseg ])' $TMPDIR/json0) 25 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 26 | 27 | write_luks2_json "$json_str" $TMPDIR/json0 28 | 29 | lib_mangle_json_hdr0_kill_hdr1 30 | } 31 | 32 | check() 33 | { 34 | lib_hdr1_killed || exit 2 35 | lib_hdr0_checksum || exit 2 36 | 37 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 38 | new_arr_len=$(jq -c -M '.digests."0".segments | length' $TMPDIR/json_res0) 39 | test $((arr_len+1)) -eq $new_arr_len || exit 2 40 | } 41 | 42 | lib_prepare $@ 43 | generate 44 | check 45 | lib_cleanup 46 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-missing-trailing-null-byte-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with well-formed json but missing 9 | # trailing null byte. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | PATTERN="\"config\":{" 18 | KEY="\"config_key\":\"" 19 | 20 | generate() 21 | { 22 | read -r json_str < $TMPDIR/json0 23 | json_len=${#json_str} 24 | pindex=$(strindex $json_str $PATTERN) 25 | test $pindex -gt 0 || exit 2 26 | 27 | offset=${#PATTERN} 28 | offset=$((offset+pindex)) 29 | key_len=${#KEY} 30 | remain=$((LUKS2_JSON_SIZE*512-key_len-json_len-1)) # -1: closing '"' 31 | if [ ${json_str:offset:1} = "}" ]; then 32 | format_str="%s%s%s" 33 | else 34 | format_str="%s%s,%s" 35 | remain=$((remain-1)) # also count with separating ',' 36 | fi 37 | test $remain -gt 0 || exit 2 38 | 39 | fill=$(repeat_str "X" $remain) 40 | fill=$(repeat_str "X" $remain)"\"" 41 | 42 | printf $format_str $KEY $fill ${json_str:$offset} | _dd of=$TMPDIR/json0 bs=1 seek=$offset conv=notrunc 43 | 44 | lib_mangle_json_hdr0_kill_hdr1 45 | } 46 | 47 | check() 48 | { 49 | lib_hdr1_killed || exit 2 50 | lib_hdr0_checksum || exit 2 51 | 52 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 53 | read -r json_str_res0 < $TMPDIR/json_res0 54 | test ${#json_str_res0} -eq $((LUKS2_JSON_SIZE*512)) || exit 2 55 | } 56 | 57 | lib_prepare $@ 58 | generate 59 | check 60 | lib_cleanup 61 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-non-compact-json-4k-token-0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate LUKS2 header with non compact (valid!) 9 | # json and additional token with id 0 with json 10 | # format aligned to 4K boundary. 11 | # 12 | # The image is tested for correct LUKS2 write optimization 13 | # where non compact json trailing bytes must not remain in LUKS2 json 14 | # area after write of shorter (e.g. compact) json. 15 | 16 | # $1 full target dir 17 | # $2 full source luks2 image 18 | 19 | generate() 20 | { 21 | # add empty token 22 | json_str=$(jq -c '.tokens."0" = {"type":"a", "keyslots":[]}' $TMPDIR/json0) 23 | json_len_orig=${#json_str} 24 | test $json_len_orig -lt $((LUKS2_JSON_SIZE*512)) || exit 2 25 | 26 | # align to 4k and full 4K of whitespace if already aligned 27 | json_fill_len=$((4096-(json_len_orig%4096))) 28 | fill=$(repeat_str " " $json_fill_len) 29 | json_str_new=$(echo -e $json_str | sed -e "s/\(\"type\":\)\(\"luks2\"\)/\1""$fill""\2/") 30 | json_len_new=${#json_str_new} 31 | 32 | test $((json_len_new%4096)) -eq 0 || exit 2 33 | test $json_len_new -lt $((LUKS2_JSON_SIZE*512)) || exit 2 34 | test $json_len_new -gt $json_len_orig || exit 2 35 | 36 | printf '%s' "$json_str_new" | _dd of=$TMPDIR/json0 bs=4K conv=notrunc 37 | printf '%s' "$json_str_new" | _dd of=$TMPDIR/json1 bs=4K conv=notrunc 38 | 39 | lib_mangle_json_hdr0 40 | lib_mangle_json_hdr1 41 | } 42 | 43 | check() 44 | { 45 | lib_hdr0_checksum || exit 2 46 | lib_hdr1_checksum || exit 2 47 | 48 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 49 | 50 | read -r json_str_res < $TMPDIR/json_res0 51 | test $((${#json_str_res}%4096)) -eq 0 || exit 2 52 | test ${#json_str_res} -gt $json_len_orig || exit 2 53 | } 54 | 55 | lib_prepare $@ 56 | generate 57 | check 58 | lib_cleanup 59 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-non-compact-json-token-0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate LUKS2 header with non compact (valid!) 9 | # json and additional token with id 0. 10 | # 11 | # The image is tested for correct LUKS2 write optimization 12 | # where non compact json trailing bytes must not remain in LUKS2 json 13 | # area after write of shorter (e.g. compact) json. 14 | 15 | # $1 full target dir 16 | # $2 full source luks2 image 17 | 18 | generate() 19 | { 20 | # add empty token 21 | json_str=$(jq -c '.tokens."0" = {"type":"a", "keyslots":[]}' $TMPDIR/json0) 22 | json_len_orig=${#json_str} 23 | test $json_len_orig -lt $((LUKS2_JSON_SIZE*512)) || exit 2 24 | 25 | json_str_new=$(echo -n $json_str | sed -e 's/\(\"type\":\)\(\"luks2\"\)/\1 \2/') 26 | json_len_new=${#json_str_new} 27 | 28 | test $json_len_new -lt $((LUKS2_JSON_SIZE*512)) || exit 2 29 | test $json_len_new -gt $json_len_orig || exit 2 30 | 31 | printf '%s' "$json_str_new" | _dd of=$TMPDIR/json0 bs=1 conv=notrunc 32 | printf '%s' "$json_str_new" | _dd of=$TMPDIR/json1 bs=1 conv=notrunc 33 | 34 | lib_mangle_json_hdr0 35 | lib_mangle_json_hdr1 36 | } 37 | 38 | check() 39 | { 40 | lib_hdr0_checksum || exit 2 41 | lib_hdr1_checksum || exit 2 42 | 43 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 44 | 45 | read -r json_str_res < $TMPDIR/json_res0 46 | test ${#json_str_res} -gt $json_len_orig || exit 2 47 | } 48 | 49 | lib_prepare $@ 50 | generate 51 | check 52 | lib_cleanup 53 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-non-null-byte-beyond-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with json area concluded with illegal 9 | # byte beyond terminating '}' character. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | read -r json_str < $TMPDIR/json0 20 | json_str="$json_str"X # add illegal 'X' beyond json format 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | printf '%s' $json_str | _dd of=$TMPDIR/json0 bs=1 conv=notrunc 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | lib_hdr0_checksum || exit 2 32 | 33 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 34 | read -r json_str_res0 < $TMPDIR/json_res0 35 | local len=${#json_str_res0} 36 | len=$((len-1)) 37 | test ${json_str_res0:len:1} = "X" || exit 2 38 | } 39 | 40 | lib_prepare $@ 41 | generate 42 | check 43 | lib_cleanup 44 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-non-null-bytes-beyond-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with json area containing illegal bytes 9 | # beyond well-formed json format. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | QUOTE="[Homer J. Simpson]: Keep looking shocked and move slowly towards the cake." 18 | SPACE=20 19 | 20 | generate() 21 | { 22 | read -r json_str < $TMPDIR/json0 23 | json_len_orig=${#json_str} 24 | json_len=$((json_len_orig+${#QUOTE}+SPACE)) 25 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 26 | 27 | printf '%s' "$QUOTE" | _dd of=$TMPDIR/json0 seek=$((json_len_orig+SPACE)) bs=1 conv=notrunc 28 | 29 | lib_mangle_json_hdr0_kill_hdr1 30 | } 31 | 32 | check() 33 | { 34 | lib_hdr1_killed || exit 2 35 | lib_hdr0_checksum || exit 2 36 | 37 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 38 | 39 | _dd if=$TMPDIR/json_res0 of=$TMPDIR/quote skip=$((json_len_orig+SPACE)) count=${#QUOTE} bs=1 40 | json_str_res0=$(head -c ${#QUOTE} $TMPDIR/quote) 41 | test "$json_str_res0" = "$QUOTE" || exit 2 42 | } 43 | 44 | lib_prepare $@ 45 | generate 46 | check 47 | lib_cleanup 48 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-overlapping-areas-c0-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with two exactly same areas in terms of 'offset' and 'length'. 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # copy area 6 offset and length into area 7 19 | json_str=$(jq -c '.keyslots."7".area.offset = .keyslots."6".area.offset | 20 | .keyslots."7".area.size = .keyslots."6".area.size' $TMPDIR/json0) 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | write_luks2_json "$json_str" $TMPDIR/json0 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c 'if (.keyslots."6".area.offset != .keyslots."7".area.offset) or (.keyslots."6".area.size != .keyslots."7".area.size) 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-overlapping-areas-c1-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with one area included within another one (in terms of 'offset' + 'length') 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # make area 7 being included in area 6 19 | json_str=$(jq -c '.keyslots."7".area.offset = (.keyslots."6".area.offset | tonumber + 1 | tostring ) | 20 | .keyslots."7".area.size = ( .keyslots."6".area.size | tonumber - 1 | tostring)' $TMPDIR/json0) 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | write_luks2_json "$json_str" $TMPDIR/json0 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c 'if (.keyslots."7".area.offset != (.keyslots."6".area.offset | tonumber + 1 | tostring)) or 34 | (.keyslots."7".area.size != (.keyslots."6".area.size | tonumber - 1 | tostring)) or 35 | (.keyslots."7".area.size | tonumber <= 0) 36 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 37 | } 38 | 39 | lib_prepare $@ 40 | generate 41 | check 42 | lib_cleanup 43 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-overlapping-areas-c2-json0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with one area slightly cross the boundary of another one 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # make area 7 being included in area 6 19 | json_str=$(jq -c '.keyslots."7".area.offset = ([ .keyslots."6".area.offset, .keyslots."6".area.size ] | map(tonumber) | add - 1 | tostring)' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .keyslots."7".area.offset != ([.keyslots."6".area.offset, .keyslots."6".area.size ] | map(tonumber) | add - 1 | tostring) 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-pbkdf2-leftover-params-0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with luks2 keyslot kdf object 9 | # having left over params. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | # add keyslot 1 to second digest 20 | obj_len=$(jq -c -M '.keyslots."2".kdf | length' $TMPDIR/json0) 21 | json_str=$(jq -r -c -M '.keyslots."2".kdf.type = "argon2i" | .keyslots."2".kdf.iterations = 1001 | .keyslots."2".kdf.hash = "sha256"' $TMPDIR/json0) 22 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 23 | 24 | write_luks2_json "$json_str" $TMPDIR/json0 25 | 26 | lib_mangle_json_hdr0_kill_hdr1 27 | } 28 | 29 | check() 30 | { 31 | lib_hdr1_killed || exit 2 32 | lib_hdr0_checksum || exit 2 33 | 34 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 35 | new_obj_len=$(jq -c -M '.keyslots."2".kdf | length' $TMPDIR/json_res0) 36 | test $((obj_len+2)) -eq $new_obj_len || exit 2 37 | } 38 | 39 | lib_prepare $@ 40 | generate 41 | check 42 | lib_cleanup 43 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-pbkdf2-leftover-params-1.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with luks2 keyslot kdf object 9 | # having left over params. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | # add keyslot 1 to second digest 20 | obj_len=$(jq -c -M '.keyslots."2".kdf | length' $TMPDIR/json0) 21 | json_str=$(jq -r -c -M '.keyslots."2".kdf.type = "argon2id" | .keyslots."2".kdf.iterations = 1001 | .keyslots."2".kdf.hash = "sha256"' $TMPDIR/json0) 22 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 23 | 24 | write_luks2_json "$json_str" $TMPDIR/json0 25 | 26 | lib_mangle_json_hdr0_kill_hdr1 27 | } 28 | 29 | check() 30 | { 31 | lib_hdr1_killed || exit 2 32 | lib_hdr0_checksum || exit 2 33 | 34 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 35 | new_obj_len=$(jq -c -M '.keyslots."2".kdf | length' $TMPDIR/json_res0) 36 | test $((obj_len+2)) -eq $new_obj_len || exit 2 37 | } 38 | 39 | lib_prepare $@ 40 | generate 41 | check 42 | lib_cleanup 43 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-crypt-empty-encryption.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment empty encryption field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".encryption = ""' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".encryption != "" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-crypt-missing-encryption.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment encryption field missing 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c 'del(.segments."0".encryption)' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".encryption 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-crypt-missing-ivoffset.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment iv_tweak field missing 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c 'del(.segments."0".iv_tweak)' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".iv_tweak 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-crypt-missing-sectorsize.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment sector_size field missing 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c 'del(.segments."0".sector_size)' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".sector_size 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-crypt-wrong-encryption.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment wrong encryption field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".encryption = {}' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".encryption | type != "object" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-crypt-wrong-ivoffset.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment iv_tweak field missing 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".iv_tweak = "dynamic"' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".iv_tweak != "dynamic" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-crypt-wrong-sectorsize-0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong segment sector_size field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".sector_size = 1023' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".sector_size != 1023 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-crypt-wrong-sectorsize-1.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong segment sector_size field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".sector_size = "4096"' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".sector_size != "4096" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-crypt-wrong-sectorsize-2.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong segment sector_size field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".sector_size = -1024' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".sector_size != -1024 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-missing-offset.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment offset field missing 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c 'del(.segments."0".offset)' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".offset 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-missing-size.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment size field missing 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c 'del(.segments."0".size)' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".size 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-missing-type.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment type field missing 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c 'del(.segments."0".type)' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".type 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-two.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with two segments 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".size = "512" | .segments."1" = {type:"some", offset: (.segments."0".offset | tonumber + 512 | tostring), size: "dynamic"}' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."1" | type != "object" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-unknown-type.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with generic (unknown) segment type. 9 | # It should pass the validation. 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | # remove mandatory encryption field 20 | json_str=$(jq -c '.segments."0" = {type:"some_type", offset: .segments."0".offset, size: .segments."0".size, a_field:0}' $TMPDIR/json0) 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | write_luks2_json "$json_str" $TMPDIR/json0 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c 'if .segments."0".type != "some_type" 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-wrong-backup-key-0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong backup segment id 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # create illegal backup segment key (used to be bug in 32bit implementations) 19 | json_str=$(jq -c '.segments[(.segments | length + 1 | tostring)] = { "type" : "linear", "offset" : "512", "size" : "512", "flags":["backup-x"]}' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments | length < 2 33 | then error("Unexpected segments count") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-wrong-backup-key-1.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong backup segment id 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # create illegal backup segment key (used to be bug in 32bit implementations) 19 | json_str=$(jq -c '(.segments."0".offset | tonumber) as $i | .segments[range(1;65) | tostring] = { "type" : "linear", "offset" : ($i + 512 | tostring), "size" : "512" } | .segments."268435472" = { "type":"linear","offset":"512","size":"512","flags":["backup-x"]}' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments | length < 64 33 | then error("Unexpected segments count") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-wrong-flags-element.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment flags containing invalid type 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".flags = [ "hello", 1 ]' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".flags != [ "hello", 1 ] 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-wrong-flags.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment flags field of invalid type 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".flags = "hello"' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".flags != "hello" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-wrong-offset.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong segment offset field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".offset = "-42"' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".offset != "-42" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-wrong-size-0.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong segment size field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".size = 4096' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".size != 4096 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-wrong-size-1.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong segment size field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".size = "automatic"' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".size != "automatic" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-wrong-size-2.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong segment size field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".size = "511"' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".size != "511" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-segment-wrong-type.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with wrong segment type field 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # remove mandatory encryption field 19 | json_str=$(jq -c '.segments."0".type = 42' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".type != 42 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-uint64-max-segment-size.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment size set to UINT64_MAX - 511 9 | # (512 sector aligned value) 10 | # 11 | # secondary header is corrupted on purpose as well 12 | # 13 | 14 | # $1 full target dir 15 | # $2 full source luks2 image 16 | 17 | generate() 18 | { 19 | # UINT64_MAX - 511 (so that it's sector aligned) 20 | json_str=$(jq -c '.segments."0".size = "18446744073709551104"' $TMPDIR/json0) 21 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 22 | 23 | write_luks2_json "$json_str" $TMPDIR/json0 24 | 25 | lib_mangle_json_hdr0_kill_hdr1 26 | } 27 | 28 | check() 29 | { 30 | lib_hdr1_killed || exit 2 31 | 32 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 33 | jq -c 'if .segments."0".size != "18446744073709551104" 34 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 35 | } 36 | 37 | lib_prepare $@ 38 | generate 39 | check 40 | lib_cleanup 41 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-uint64-overflow-segment-size.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment size set to UINT64_MAX + 1 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | json_str=$(jq -c '.segments."0".size = "18446744073709551616"' $TMPDIR/json0) 19 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 20 | 21 | write_luks2_json "$json_str" $TMPDIR/json0 22 | 23 | lib_mangle_json_hdr0_kill_hdr1 24 | } 25 | 26 | check() 27 | { 28 | lib_hdr1_killed || exit 2 29 | 30 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 31 | jq -c 'if .segments."0".size != "18446744073709551616" 32 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 33 | } 34 | 35 | lib_prepare $@ 36 | generate 37 | check 38 | lib_cleanup 39 | -------------------------------------------------------------------------------- /tests/generators/generate-luks2-uint64-signed-segment-size.img.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | . lib.sh 4 | 5 | # 6 | # *** Description *** 7 | # 8 | # generate primary header with segment size set to -512 9 | # 10 | # secondary header is corrupted on purpose as well 11 | # 12 | 13 | # $1 full target dir 14 | # $2 full source luks2 image 15 | 16 | generate() 17 | { 18 | # UINT64_MAX + 1 (it's 512 sector aligned) 19 | json_str=$(jq -c '.segments."0".size = "-512"' $TMPDIR/json0) 20 | test ${#json_str} -lt $((LUKS2_JSON_SIZE*512)) || exit 2 21 | 22 | write_luks2_json "$json_str" $TMPDIR/json0 23 | 24 | lib_mangle_json_hdr0_kill_hdr1 25 | } 26 | 27 | check() 28 | { 29 | lib_hdr1_killed || exit 2 30 | 31 | read_luks2_json0 $TGT_IMG $TMPDIR/json_res0 32 | jq -c 'if .segments."0".size != "-512" 33 | then error("Unexpected value in result json") else empty end' $TMPDIR/json_res0 || exit 5 34 | } 35 | 36 | lib_prepare $@ 37 | generate 38 | check 39 | lib_cleanup 40 | -------------------------------------------------------------------------------- /tests/img_fs_ext4.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/img_fs_ext4.img.xz -------------------------------------------------------------------------------- /tests/img_fs_vfat.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/img_fs_vfat.img.xz -------------------------------------------------------------------------------- /tests/img_fs_xfs.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/img_fs_xfs.img.xz -------------------------------------------------------------------------------- /tests/img_fs_xfs5.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/img_fs_xfs5.img.xz -------------------------------------------------------------------------------- /tests/luks1-images.tar.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/luks1-images.tar.xz -------------------------------------------------------------------------------- /tests/luks2_header_requirements.tar.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/luks2_header_requirements.tar.xz -------------------------------------------------------------------------------- /tests/luks2_invalid_cipher.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/luks2_invalid_cipher.img.xz -------------------------------------------------------------------------------- /tests/luks2_keyslot_unassigned.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/luks2_keyslot_unassigned.img.xz -------------------------------------------------------------------------------- /tests/luks2_mda_images.tar.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/luks2_mda_images.tar.xz -------------------------------------------------------------------------------- /tests/luks2_valid_hdr.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/luks2_valid_hdr.img.xz -------------------------------------------------------------------------------- /tests/run-all-symbols: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | [ -z "$LIBCRYPTSETUP_DIR" ] && LIBCRYPTSETUP_DIR=../.libs 4 | FILE=$LIBCRYPTSETUP_DIR/libcryptsetup.so 5 | 6 | fail() 7 | { 8 | [ -n "$1" ] && echo "$1" 9 | exit 2 10 | } 11 | 12 | skip() 13 | { 14 | [ -n "$1" ] && echo "$1" 15 | exit 77 16 | } 17 | 18 | test -d $LIBCRYPTSETUP_DIR || fail "Directory $LIBCRYPTSETUP_DIR is missing." 19 | test -f $FILE || skip "WARNING: Shared $FILE is missing, test skipped." 20 | 21 | ./all-symbols-test $FILE $@ 22 | -------------------------------------------------------------------------------- /tests/tcrypt-images.tar.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/tcrypt-images.tar.xz -------------------------------------------------------------------------------- /tests/valg-api.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | SUP="--suppressions=./cryptsetup-valg-supps" 3 | CHILD="--trace-children=no --child-silent-after-fork=yes" 4 | MALLOC="--malloc-fill=aa" 5 | FREE="--free-fill=21" 6 | STACK="--max-stackframe=300000" 7 | EXTRAS="--read-var-info=yes --show-reachable=yes" 8 | LOGFILE="--log-file=./valglog.$(date +%j:%H:%M:%S:%N)_${INFOSTRING}" 9 | LEAKCHECK="--leak-check=full --track-origins=yes" 10 | 11 | exec valgrind $SUP $GETSUP $CHILD $MALLOC $FREE $STACK $EXTRAS $LOGFILE $LEAKCHECK "$@" 12 | -------------------------------------------------------------------------------- /tests/valg.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | SUP="--suppressions=./cryptsetup-valg-supps" 3 | CHILD="--trace-children=yes --child-silent-after-fork=yes" 4 | MALLOC="--malloc-fill=aa" 5 | FREE="--free-fill=21" 6 | STACK="--max-stackframe=2000000" 7 | EXTRAS="--read-var-info=yes --show-reachable=yes" 8 | LOGFILE="--log-file=./valglog.$(date +%j:%H:%M:%S:%N)_${INFOSTRING}" 9 | LEAKCHECK="--leak-check=full --track-origins=yes" 10 | 11 | exec valgrind $SUP $GETSUP $CHILD $MALLOC $FREE $STACK $EXTRAS $LOGFILE $LEAKCHECK "$@" 12 | -------------------------------------------------------------------------------- /tests/valid_header_file.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/valid_header_file.xz -------------------------------------------------------------------------------- /tests/xfs_512_block_size.img.xz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mbroz/cryptsetup/f221de22b6998875fde91619ff527b9eb381b956/tests/xfs_512_block_size.img.xz -------------------------------------------------------------------------------- /tokens/Makemodule.am: -------------------------------------------------------------------------------- 1 | EXTRA_DIST += tokens/libcryptsetup-token.sym 2 | 3 | TOKENS_LDFLAGS = $(AM_LDFLAGS) -no-undefined -avoid-version \ 4 | -Wl,--version-script=$(top_srcdir)/tokens/libcryptsetup-token.sym 5 | 6 | tokendir = ${EXTERNAL_LUKS2_TOKENS_PATH} 7 | 8 | if SSHPLUGIN_TOKEN 9 | libcryptsetup_token_ssh_la_LDFLAGS = $(TOKENS_LDFLAGS) 10 | libcryptsetup_token_ssh_la_SOURCES = tokens/ssh/libcryptsetup-token-ssh.c \ 11 | tokens/ssh/ssh-utils.c \ 12 | tokens/ssh/ssh-utils.h 13 | libcryptsetup_token_ssh_la_LIBADD = libcryptsetup.la @LIBSSH_LIBS@ @JSON_C_LIBS@ 14 | token_LTLIBRARIES = libcryptsetup-token-ssh.la 15 | 16 | cryptsetup_ssh_SOURCES = tokens/ssh/cryptsetup-ssh.c \ 17 | tokens/ssh/ssh-utils.c \ 18 | tokens/ssh/ssh-utils.h \ 19 | src/utils_tools.c \ 20 | src/utils_password.c \ 21 | lib/utils_io.c \ 22 | lib/utils_loop.c 23 | cryptsetup_ssh_LDADD = -lm libcryptsetup.la @LIBSSH_LIBS@ @JSON_C_LIBS@ @POPT_LIBS@ \ 24 | @PWQUALITY_LIBS@ @PASSWDQC_LIBS@ @ARGP_LIBS@ 25 | 26 | cryptsetup_ssh_CFLAGS = $(AM_CFLAGS) 27 | 28 | sbin_PROGRAMS += cryptsetup-ssh 29 | endif 30 | -------------------------------------------------------------------------------- /tokens/libcryptsetup-token.sym: -------------------------------------------------------------------------------- 1 | CRYPTSETUP_TOKEN_1.0 { 2 | global: 3 | /* Mandatory functions */ 4 | cryptsetup_token_open; 5 | cryptsetup_token_version; 6 | 7 | /* Optional functions */ 8 | cryptsetup_token_open_pin; 9 | cryptsetup_token_buffer_free; 10 | cryptsetup_token_validate; 11 | cryptsetup_token_dump; 12 | local: *; 13 | }; 14 | -------------------------------------------------------------------------------- /tokens/meson.build: -------------------------------------------------------------------------------- 1 | libcryptsetup_token_sym_path = join_paths(meson.current_source_dir(), 'libcryptsetup-token.sym') 2 | 3 | token_link_args = [ 4 | '-Wl,--version-script=' + 5 | libcryptsetup_token_sym_path, 6 | ] 7 | 8 | subdir('ssh') 9 | -------------------------------------------------------------------------------- /tokens/ssh/meson.build: -------------------------------------------------------------------------------- 1 | tokens_ssh_build_dir = meson.current_build_dir() 2 | 3 | if get_option('ssh-token') 4 | if not enable_static 5 | libcryptsetup_token_ssh = shared_library( 6 | 'cryptsetup-token-ssh', 7 | [ 8 | 'libcryptsetup-token-ssh.c', 9 | 'ssh-utils.c', 10 | ], 11 | dependencies: [ 12 | jsonc, 13 | libssh, 14 | ], 15 | link_with: libcryptsetup, 16 | link_args: token_link_args, 17 | include_directories: includes_tools + ['..']) 18 | endif 19 | 20 | cryptsetup_ssh_files = files( 21 | 'cryptsetup-ssh.c', 22 | 'ssh-utils.c', 23 | ) 24 | cryptsetup_ssh_files += lib_ssh_token_files 25 | cryptsetup_ssh_files += src_ssh_token_files 26 | 27 | cryptsetup_ssh = executable('cryptsetup-ssh', 28 | cryptsetup_ssh_files, 29 | dependencies: [ 30 | argp, 31 | jsonc, 32 | libssh, 33 | passwdqc, 34 | popt, 35 | pwquality, 36 | ], 37 | link_with: libcryptsetup, 38 | include_directories: includes_tools + ['..']) 39 | endif 40 | -------------------------------------------------------------------------------- /tokens/ssh/ssh-utils.h: -------------------------------------------------------------------------------- 1 | // SPDX-License-Identifier: LGPL-2.1-or-later 2 | /* 3 | * ssh plugin utilities 4 | * 5 | * Copyright (C) 2016-2025 Milan Broz 6 | * Copyright (C) 2020-2025 Vojtech Trefny 7 | */ 8 | 9 | #ifndef SSH_UTILS_H 10 | #define SSH_UTILS_H 11 | 12 | #include 13 | #include 14 | #include 15 | 16 | int sshplugin_download_password(struct crypt_device *cd, ssh_session ssh, 17 | const char *path, char **password, size_t *password_len); 18 | ssh_session sshplugin_session_init(struct crypt_device *cd, const char *host, const char *user); 19 | int sshplugin_public_key_auth(struct crypt_device *cd, ssh_session ssh, const ssh_key pkey); 20 | 21 | #endif /* SSH_UTILS_H */ 22 | --------------------------------------------------------------------------------