From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SsSbzLqob6qj for ; Wed, 15 Aug 2012 00:50:22 +0200 (CEST) Received: from v4.tansi.org (ns.km33513-03.keymachine.de [87.118.94.3]) by mail.saout.de (Postfix) with ESMTP for ; Wed, 15 Aug 2012 00:50:22 +0200 (CEST) Received: from gatewagner.dyndns.org (84-72-142-78.dclient.hispeed.ch [84.72.142.78]) by v4.tansi.org (Postfix) with ESMTPA id 009702065C1 for ; Wed, 15 Aug 2012 00:50:21 +0200 (CEST) Date: Wed, 15 Aug 2012 00:50:21 +0200 From: Arno Wagner Message-ID: <20120814225021.GA18290@tansi.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Subject: Re: [dm-crypt] Secret data from stdin List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On Tue, Aug 14, 2012 at 05:19:43PM -0500, Kent Yoder wrote: > Hi, > > I recently came across some code that did this: > > cat binary_secret | cryptsetup luksFormat /dev/loop0 > > This appears to work (no message printed, exit status 0). > > What might not be obvious is that if binary_secret contains a '\n' > character, input gets truncated at this point. This is documented in the man-page of the current release under "NOTES ON PASSPHRASE PROCESSING FOR LUKS". > This is different > than > > cat binary_secret | cryptsetup luksFormat --key-file=- /dev/loop0 > > which will read all of binary_secret, regardless of whether there's > a \n in it or not. Indeed. Documented under the entry for "--key-file" in the current release man-page. > This difference seems subtle and could lead to truncation of the > secret. I agree. I tried to make very sure it is clear what is done on my man-page revision. > This should probably be clearer in the man page at a > minimum (see patch), but I think a warning is appropriate too. > Secret processing that stops at \n isn't appropriate for binary > data. And that is the thing here. A passphrase is _not_ binary data! Doing "cat binary_secret | cryptsetup luksFormat /dev/loop0" is inherently wrong. What you need to do is "cat file_with_passphrase_that_could_also_be_entered_interactively | cryptsetup luksFormat /dev/loop0" As to your patch, I am unable to match your patch to the current version of the man-page. Did you do a "git pull" before? May also be a problem on my side, please verify: > md5sum cryptsetup.8 4fd70bbd1018f95818902144499c2234 cryptsetup.8 Arno > Thanks, > Kent > > -- > IBM LTC Security > > > diff --git a/man/cryptsetup.8 b/man/cryptsetup.8 > index b9298a5..f8d7abb 100644 > --- a/man/cryptsetup.8 > +++ b/man/cryptsetup.8 > @@ -476,7 +476,8 @@ will quit with an error. > > If \-\-key-file=- is used for reading the key from stdin, no > trailing newline is stripped from the input. Without that option, > -cryptsetup strips trailing newlines from stdin input. > +cryptsetup stops reading from stdin when it encounters a newline, > +even if found in your binary key data! > .SH NOTES ON PASSWORD PROCESSING FOR LUKS > LUKS uses PBKDF2 to protect against dictionary attacks (see RFC 2898). > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt > -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell