Bug 697815

Summary: cryptsetup luksDelKey doesn't wipe salt and iteration count for removed slot
Product: Red Hat Enterprise Linux 5 Reporter: Milan Broz <mbroz>
Component: cryptsetup-luksAssignee: Milan Broz <mbroz>
Status: CLOSED ERRATA QA Contact: Release Test Team <release-test-team>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 5.7CC: agk, atodorov, mbroz, prajnoha, prockai, pvrabec, zkabelac
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: cryptsetup-luks-1.0.3-8.el5 Doc Type: Bug Fix
Doc Text:
When removing a key from the key slot by running the "cryptsetup luksDelKey" command, only the key slot itself was cleared but the salt and iteration count remained in the key slot header. All additional information is now cleared as well.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2011-07-21 07:04:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Milan Broz 2011-04-19 11:14:23 UTC 
Description of problem:

After luksDelKey the keyslot must be unusable - it is because key slot area is wiped.

But for the security correctness it should also clear additional information in header (salt and iteration count) the same as newer cryptsetup.
(Moreover it allows to use upstream tests subset for QA.)

Version-Release number of selected component (if applicable):
cryptsetup-luks-1.0.3-7.el5

Fix is trivial.
Comment 4 Milan Broz 2011-04-19 15:10:55 UTC 
Fixed in cryptsetup-luks-1.0.3-8.el5.
Comment 6 Alexander Todorov 2011-05-10 09:57:42 UTC 
I run the test suite from comment #2 against cryptsetup-luks-1.0.3-8.el5 and CASE [8] passed:

# make
gcc -O0 -g -Wall   -c -o differ.o differ.c
gcc -o differ differ.o 
./compat-test
CASE: [1] open - compat image - acceptance check
key slot 0 unlocked.
Command successful.
CASE: [2] open - compat image - denial check
CASE: [3] format
Command successful.
CASE: [4] format using hash sha512
Command successful.
CASE: [5] open
key slot 0 unlocked.
Command successful.
CASE: [6] add key
key slot 0 unlocked.
Command successful.
key slot 1 unlocked.
Command successful.
CASE: [7] unsuccessful delete
CASE: [8] successful delete
Command successful.
key slot 0 unlocked.
Command successful.
CASE: [9] add key test for key files
key slot 0 unlocked.
Command successful.
key slot 1 unlocked.
Command successful.
CASE: [10] delete key test with key1 as remaining key
Command successful.
key slot 1 unlocked.
Command successful.
CASE: [11] delete last key
Command successful.
Command successful.
CASE: [12] parameter variation test
Command successful.
key slot 0 unlocked.
Command successful.
CASE: [13] open/close - stacked devices
Command successful.
key slot 0 unlocked.
Command successful.
Command successful.
key slot 0 unlocked.
Command successful.
CASE: [14] Keyslots
Command successful.
key slot 0 unlocked.
Command successful.
key slot 0 unlocked.
Command successful.
key slot 2 unlocked.
Command successful.
CASE: [15] RemoveKey passphrase and keyfile
Command successful.
CASE: [16] create & status & resize
CASE: [17] remove disappeared device
Command successful.
key slot 0 unlocked.
Command successful.
./mode-test
aes                      PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-plain                PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-ecb                  PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
twofish-ecb              PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
serpent-ecb              PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-cbc-null             [n/a]
aes-cbc-benbi            PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-cbc-plain            PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-cbc-plain64          PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-cbc-essiv:sha256     PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-lrw-null             [n/a]
aes-lrw-benbi            [n/a]
aes-lrw-plain            [n/a]
aes-lrw-plain64          [n/a]
aes-lrw-essiv:sha256     [n/a]
aes-xts-null             [n/a]
aes-xts-benbi            PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-xts-plain            PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-xts-plain64          PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
aes-xts-essiv:sha256     PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
twofish-cbc-null         [n/a]
twofish-cbc-benbi        PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
twofish-cbc-plain        PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
twofish-cbc-plain64      PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
twofish-cbc-essiv:sha256 PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
twofish-lrw-null         [n/a]
twofish-lrw-benbi        [n/a]
twofish-lrw-plain        [n/a]
twofish-lrw-plain64      [n/a]
twofish-lrw-essiv:sha256 [n/a]
twofish-xts-null         [n/a]
twofish-xts-benbi        PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
twofish-xts-plain        PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
twofish-xts-plain64      PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
twofish-xts-essiv:sha256 PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
serpent-cbc-null         [n/a]
serpent-cbc-benbi        PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
serpent-cbc-plain        PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
serpent-cbc-plain64      PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
serpent-cbc-essiv:sha256 PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
serpent-lrw-null         [n/a]
serpent-lrw-benbi        [n/a]
serpent-lrw-plain        [n/a]
serpent-lrw-plain64      [n/a]
serpent-lrw-essiv:sha256 [n/a]
serpent-xts-null         [n/a]
serpent-xts-benbi        PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
serpent-xts-plain        PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
serpent-xts-plain64      PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
serpent-xts-essiv:sha256 PLAIN:[table OK][status OK] LUKS:[table OK][status OK] CHECKSUM:[OK]
./password-hash-test
HASH: ripemd160 KSIZE: 0 / pwd [OK]
HASH: ripemd160 KSIZE: 256 / pwd [OK]
HASH: ripemd160 KSIZE: 128 / pwd [OK]
HASH: sha1 KSIZE: 256 / pwd [OK]
HASH: sha1 KSIZE: 128 / pwd [OK]
HASH: sha256 KSIZE: 256 / pwd [OK]
HASH: sha256 KSIZE: 128 / pwd [OK]
HASH: ripemd160 KSIZE: 256 / file [OK]
HASH: sha256 KSIZE: 256 / file [OK]
HASH: ripemd160 KSIZE: 256 / file [OK]
HASH: sha256 KSIZE: 256 / file [OK]
HASH: sha256 KSIZE: 128 / file [OK]
HASH: sha256 KSIZE: 512 / file [OK]

# echo $?
0
Comment 7 Eliska Slobodova 2011-07-07 16:08:03 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
When removing a key from the key slot by running the "cryptsetup luksDelKey" command, only the key slot itself was cleared but the salt and iteration count remained in the key slot header. All additional information is now cleared as well.
Comment 8 errata-xmlrpc 2011-07-21 07:04:29 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0987.html