Hide Forgot
If the user specifies --type=plain --hash=sha1:secure (or something similar, the colon is important) during open, cryptsetup will use an all-zero key because it truncates the key-derived hash to length 0. This is caused by code in crypt_plain_hash() which implements a ":NNN" specifier for reducing key strength: /* hash[:hash_length] */ if ((s = strchr(hash_name_buf, ':'))) { *s = '\0'; hash_size = atoi(++s); if (hash_size > key_size) { log_dbg("Hash length %zd > key length %zd", hash_size, key_size); return -EINVAL; } pad_size = key_size - hash_size; } else { hash_size = key_size; pad_size = 0; } … if (r == 0 && pad_size) memset(key + hash_size, 0, pad_size); This code should have more error checking.
The colon will always reduce key, it should be used only in situation when you are dealing with seriously broken cryptosystem (which set some parts of key to zero). But yes, error checking should be better here. I need to implement it even for --hash=plain (==no hash) because some implementation of cryptoloop/losetup wipes the last byte of key... (and cryptsetup should be able to replace such system). So this will be fixed upstream and RH should track the patch for RHEL as well, thanks.
Should be fixed upstream by this patch http://code.google.com/p/cryptsetup/source/detail?r=db561257084fd09f117d589fe9f42980a9ea3ad9# Thanks for reporting this problem!
This request was resolved in Red Hat Enterprise Linux 7.0. Contact your manager or support representative in case you have further questions about the request.