Re: [dm-crypt] Secret data from stdin

From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] Secret data from stdin
Date: Wed, 15 Aug 2012 00:50:21 +0200	[thread overview]
Message-ID: <20120814225021.GA18290@tansi.org> (raw)
In-Reply-To: <CAM0nabFuMnSaXV4-edT6G3-bm49x+GX3WBy5X9nZvtrBvbmbZQ@mail.gmail.com>

On Tue, Aug 14, 2012 at 05:19:43PM -0500, Kent Yoder wrote:
> Hi,
> 
> I recently came across some code that did this:
> 
>   cat binary_secret | cryptsetup luksFormat /dev/loop0
> 
> This appears to work (no message printed, exit status 0).
> 
> What might not be obvious is that if binary_secret contains a '\n'
> character, input gets truncated at this point. 

This is documented in the man-page of the current release under
"NOTES ON PASSPHRASE PROCESSING FOR LUKS".

> This is different
> than
> 
>   cat binary_secret | cryptsetup luksFormat --key-file=- /dev/loop0
> 
> which will read all of binary_secret, regardless of whether there's
> a \n in it or not.

Indeed. Documented under the entry for "--key-file" in the current
release man-page.

> This difference seems subtle and could lead to truncation of the
> secret.  

I agree. I tried to make very sure it is clear what is done 
on my man-page revision.

> This should probably be clearer in the man page at a
> minimum (see patch), but I think a warning is appropriate too.
> Secret processing that stops at \n isn't appropriate for binary
> data.

And that is the thing here. A passphrase is _not_ binary data!
Doing 

   "cat binary_secret | cryptsetup luksFormat /dev/loop0"

is inherently wrong. What you need to do is

  "cat file_with_passphrase_that_could_also_be_entered_interactively
  | cryptsetup luksFormat /dev/loop0"

As to your patch, I am unable to match your patch to the 
current version of the man-page. Did you do a "git pull" 
before? May also be a problem on my side, please verify:

> md5sum cryptsetup.8
4fd70bbd1018f95818902144499c2234  cryptsetup.8

Arno

> Thanks,
> Kent
> 
> --
> IBM LTC Security
> 
> 
> diff --git a/man/cryptsetup.8 b/man/cryptsetup.8
> index b9298a5..f8d7abb 100644
> --- a/man/cryptsetup.8
> +++ b/man/cryptsetup.8
> @@ -476,7 +476,8 @@ will quit with an error.
> 
>  If \-\-key-file=- is used for reading the key from stdin, no
>  trailing newline is stripped from the input. Without that option,
> -cryptsetup strips trailing newlines from stdin input.
> +cryptsetup stops reading from stdin when it encounters a newline,
> +even if found in your binary key data!
>  .SH NOTES ON PASSWORD PROCESSING FOR LUKS
>  LUKS uses PBKDF2 to protect against dictionary attacks (see RFC 2898).
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
> 

-- 
Arno Wagner,    Dr. sc. techn., Dipl. Inform.,   Email: arno@wagner.name 
GnuPG:  ID: 1E25338F  FP: 0C30 5782 9D93 F785 E79C  0296 797F 6B50 1E25 338F
----
One of the painful things about our time is that those who feel certainty 
are stupid, and those with any imagination and understanding are filled 
with doubt and indecision. -- Bertrand Russell 