Skip to content

add algo-cipher field when unlocking luks2 volume


Output of currest upstream is below when the volume is "Wrongly" unlocked:

dmsetup table luks2
0 36864 crypt aes 0000000000000000000000000000000000000000000000000000000000000000 0 7:0 4096

[root@ink mtz]# /usr/local/sbin/cryptsetup status luks2
/dev/mapper/luks2 is active.
  type:    LUKS2
  cipher:  aes-cbc-plain
  keysize: 256 bits
  device:  /dev/loop0
  loop:    /home/mtz/luks2.img
  offset:  4096 sectors
  size:    36864 sectors
  mode:    read/write

Notice "dmsetup table" command does not show an entry for cipher in use and "cryptsetup status" reports wrong cipher.

This pull request corrects this and produces below output when the volume is "correctly" unlocked:

[root@ink mtz]# dmsetup table luks2
0 36864 crypt aes-xts-plain64 0000000000000000000000000000000000000000000000000000000000000000 0 7:0 4096
[root@ink mtz]# /usr/local/sbin/cryptsetup status luks2
/dev/mapper/luks2 is active.
  type:    LUKS2
  cipher:  aes-xts-plain64
  keysize: 256 bits
  device:  /dev/loop0
  loop:    /home/mtz/luks2.img
  offset:  4096 sectors
  size:    36864 sectors
  mode:    read/write
[root@ink mtz]#

luksDump for the luks2 volume unlocked above is below:

[root@ink mtz]#
[root@ink mtz]# /usr/local/sbin/cryptsetup luksDump luks2.img
LUKS header information
Version:        2
Epoch:          4
Metadata area:  15872 bytes
UUID:           e43c817c-057a-45f2-bec4-adcac33373c8
Label:          (no label)
Subsystem:      (no subsystem)
Data segments:
  0: crypt
        offset: 2097152 [bytes]
        length: (whole device)
        cipher: aes-xts-plain64
        block:  512 [bytes]

Keyslots:
  0: luks2 (active)
        Key:        256 bits
        Priority:   normal
        Cipher:     aes-xts-plain64
        PBKDF:      argon2
        Hash:       sha256
        Stripes:    4000
        Iterations: 602
        Memory:  1024
        Threads: 4
        Salt:       83 2a 97 e8 dc f6 4c 95 aa bd fc e1 63 73 c5 56
                    42 10 ba e1 0d 0b 4e 53 89 24 d3 ab 97 12 61 8a
        Area:       0
                Offset: 32768 [bytes]
                Length:  131072 [bytes]
        Digest ID:  0
  1: luks2 (active)
        Key:        256 bits
        Priority:   normal
        Cipher:     aes-xts-plain64
        PBKDF:      argon2
        Hash:       sha256
        Stripes:    4000
        Iterations: 602
        Memory:  1024
        Threads: 4
        Salt:       25 16 bd 09 f1 b3 3e 40 fc 96 40 ca 47 68 6a 76
                    0b 86 35 19 c2 e1 5f e6 d9 ca 0d be ef 70 89 57
        Area:       1
                Offset: 163840 [bytes]
                Length:  131072 [bytes]
        Digest ID:  0
  2: luks2 (inactive)
        Key:        256 bits
        Priority:   normal
        Cipher:     aes-xts-plain64
        PBKDF:      argon2
        Hash:       sha256
        Stripes:    4000
        Area:       2
                Offset: 294912 [bytes]
                Length:  131072 [bytes]
        Digest ID:  0
  3: luks2 (inactive)
        Key:        256 bits
        Priority:   normal
        Cipher:     aes-xts-plain64
        PBKDF:      argon2
        Hash:       sha256
        Stripes:    4000
        Area:       3
                Offset: 425984 [bytes]
                Length:  131072 [bytes]
        Digest ID:  0
  4: luks2 (inactive)
        Key:        256 bits
        Priority:   normal
        Cipher:     aes-xts-plain64
        PBKDF:      argon2
        Hash:       sha256
        Stripes:    4000
        Area:       4
                Offset: 557056 [bytes]
                Length:  131072 [bytes]
        Digest ID:  0
  5: luks2 (inactive)
        Key:        256 bits
        Priority:   normal
        Cipher:     aes-xts-plain64
        PBKDF:      argon2
        Hash:       sha256
        Stripes:    4000
        Area:       5
                Offset: 688128 [bytes]
                Length:  131072 [bytes]
        Digest ID:  0
  6: luks2 (inactive)
        Key:        256 bits
        Priority:   normal
        Cipher:     aes-xts-plain64
        PBKDF:      argon2
        Hash:       sha256
        Stripes:    4000
        Area:       6
                Offset: 819200 [bytes]
                Length:  131072 [bytes]
        Digest ID:  0
  7: luks2 (inactive)
        Key:        256 bits
        Priority:   normal
        Cipher:     aes-xts-plain64
        PBKDF:      argon2
        Hash:       sha256
        Stripes:    4000
        Area:       7
                Offset: 950272 [bytes]
                Length:  131072 [bytes]
        Digest ID:  0
Digests:
  0: luks1
        Hash:       sha256
        Iterations: 1000
        Salt:       67 ad e9 0d e1 a6 a4 93 3d 5c f1 c8 1d a7 de 7d
                    db 18 ef 6e e3 0f 4a 77 bf 00 bc 7f 75 dd 28 9e
        Digest:     c8 b8 f6 d3 1a ae ad bd a5 0f f2 26 0f bc b8 c4

Merge request reports