[dm-crypt] Using dmsetup directly instead of cryptsetup

All of lore.kernel.org
 help / color / mirror / Atom feed

* [dm-crypt] Using dmsetup directly instead of cryptsetup
@ 2011-05-21 18:40 dhvvcb
  2011-05-21 19:33 ` Milan Broz
  0 siblings, 1 reply; 2+ messages in thread
From: dhvvcb @ 2011-05-21 18:40 UTC (permalink / raw)
  To: dm-crypt

Usually I run command

cryptsetup -d /path/to/key -c aes-cbc-essiv:sha256 -s 256 create
hdd2 /dev/sdc

and /dev/mapper/hdd2 is created.

I tried to follow the example given on home page
http://www.saout.de/misc/dm-crypt/

echo 0 <sector count> crypt <sector format> <key> <IV offset> <real
device> <sector offset> | dmsetup create name

where <key> is a hexadecimal representation of the binary key. As a
result, /dev/mapper/name should be created.

To create /dev/mapper/hdd2 corresponding to /dev/sdc I run the commands:

echo 0 $(blockdev --getsz /dev/sdc) crypt aes-cbc-essiv:sha256
"$(cat /path/to/key.hex)" 0 /dev/sdc 0 | dmsetup create hdd2

Here '/path/to/key.hex' is the hexadecimal representation of binary
'/path/to/key'. I converted 'key' to 'key.hex' with the help of hexdump.
Size of 'key.hex' file (65B) is twice as large as binary 'key' (32B)
because each binary symbol is determined by two hexadecimal numbers.

However this /dev/mapper/hdd2 can not be mounted. While /dev/mapper/hdd2
created with cryptsetup is mounted. So straightforward dmsetup usage and
cryptsetup create different /dev/mapper/hdd2, though key is the same.

The question is how to use dmsetup straightforward so as it would give
the same encrypted device as cryptsetup does.

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: [dm-crypt] Using dmsetup directly instead of cryptsetup
  2011-05-21 18:40 [dm-crypt] Using dmsetup directly instead of cryptsetup dhvvcb
@ 2011-05-21 19:33 ` Milan Broz
  0 siblings, 0 replies; 2+ messages in thread
From: Milan Broz @ 2011-05-21 19:33 UTC (permalink / raw)
  To: dhvvcb; +Cc: dm-crypt

On 05/21/2011 08:40 PM, dhvvcb@lavabit.com wrote:
> Usually I run command
> 
> cryptsetup -d /path/to/key -c aes-cbc-essiv:sha256 -s 256 create
> hdd2 /dev/sdc
> 
> and /dev/mapper/hdd2 is created.
> 
> I tried to follow the example given on home page
> http://www.saout.de/misc/dm-crypt/

That page is pretty obsolete today, http://code.google.com/p/cryptsetup/
is home page now.

Why do you want to use dmsetup?

Anyway,

cryptsetup -d /key -c aes-cbc-essiv:sha256 -s 256 create x /dev/sdb

is equivalent to

echo 0 $(blockdev --getsz /dev/sdb) crypt aes-cbc-essiv:sha256 $(xxd -p -c 32 </key) 0 /dev/sdb 0 | dmsetup create x

(xxd is helper program in vim package)

I guess the hex representation is just wrong in your case,
hexdump produces different order of bytes.

Use cryptsetup a check with "dmsetup table --showkeys".

Milan

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2011-05-21 19:33 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-05-21 18:40 [dm-crypt] Using dmsetup directly instead of cryptsetup dhvvcb
2011-05-21 19:33 ` Milan Broz

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.