[dm-crypt] How can I write a passphrase hash to key file for plain dm-crypt ?

[dm-crypt] How can I write a passphrase hash to key file for plain dm-crypt ?

[John Lane]

I'm trying to use plain dm-crypt. I have an example like this

    $ cryptsetup open /dev/sda mydisk --type plain --hash sha512

that works fine. I enter 'password' as the pass phrase when requested.

I want to create an equivalent key-file so that I can do

    $ cryptsetup open /dev/sda mydisk --type plain --key-file mykey

I couldn't find a cryptsetup command do to this, so I tried these:

    $ openssl dgst -sha512 -binary <<< 'password' > mykey
also
    $ sha512sum <<< 'my_passphrase' | head -c 128 > mykey

without success.

As I understand it, the key file contains a binary key that is used
as-is, so I would have thought the first try above would have worked. I
even used xxd to check that mykey contained the hash in binary data.

How can I make a key-file that is equivalent to a keyed-in passphrase?

Thanks in advance.

Re: [dm-crypt] How can I write a passphrase hash to key file for plain dm-crypt ?

[Arno Wagner]

Hi John,

the cryptsetup man-page has additional information about the 
different ways a passphrase can be passed to it and what the
conventions are in section "NOTES ON PASSPHRASE PROCESSING 
FOR PLAIN MODE". That should get you started. 

If you want to generate a key that is the same as generated
by a specific passphrase, the easiest way is probably to 
map the container with the passphrase and then extract the 
key from dm-crypt. I am not sure this works, but if it does,
FAQ Item 6.10 has the information. dm-crypt just gets a 
cipher and a key and does not know whether that key is a
LUKS master key or a plain key. 

Your example may fail because of differences in padding,
for example. Also note that 

  sha512sum <<< 'my_passphrase' | head -c 128 > mykey

produces an ASCII representation of the hash truncated to
128 characters, while you probably want a binary representation
that is 128 bit long. 

Arno


On Fri, Nov 07, 2014 at 17:34:39 CET, John Lane wrote:
> I'm trying to use plain dm-crypt. I have an example like this
> 
>     $ cryptsetup open /dev/sda mydisk --type plain --hash sha512
> 
> that works fine. I enter 'password' as the pass phrase when requested.
> 
> I want to create an equivalent key-file so that I can do
> 
>     $ cryptsetup open /dev/sda mydisk --type plain --key-file mykey
> 
> I couldn't find a cryptsetup command do to this, so I tried these:
> 
>     $ openssl dgst -sha512 -binary <<< 'password' > mykey
> also
>     $ sha512sum <<< 'my_passphrase' | head -c 128 > mykey
> 
> without success.
> 
> As I understand it, the key file contains a binary key that is used
> as-is, so I would have thought the first try above would have worked. I
> even used xxd to check that mykey contained the hash in binary data.
> 
> How can I make a key-file that is equivalent to a keyed-in passphrase?
> 
> Thanks in advance.
> 
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier

Re: [dm-crypt] How can I write a passphrase hash to key file for plain dm-crypt ?

[John Lane]

Thanks Arno, your pointer helped me resolve my problem, which was due to
a newline being appended by '<<<'.

I successfully created a key file with

   $ echo -n 'password' | openssl dgst -sha512 -binary > keyfile

What really helped was your suggestion to view the key from dm-crypt,
which I did like this

   $ dmsetup table --target crypt --showkey /dev/mapper/mydisk

That showed me what the SHA1 was and, once I knew that, I could compare
what I was generating with it and quickly realised the difference was
probably a terminating end-of-line character.

Many thanks to you.

John


On 07/11/14 18:56, Arno Wagner wrote:
> Hi John,
>
> the cryptsetup man-page has additional information about the 
> different ways a passphrase can be passed to it and what the
> conventions are in section "NOTES ON PASSPHRASE PROCESSING 
> FOR PLAIN MODE". That should get you started. 
I had read that, specifically the part "From a Key File" which is why I
believed I needed a binary key.
>
> If you want to generate a key that is the same as generated
> by a specific passphrase, the easiest way is probably to 
> map the container with the passphrase and then extract the 
> key from dm-crypt. I am not sure this works, but if it does,
> FAQ Item 6.10 has the information. dm-crypt just gets a 
> cipher and a key and does not know whether that key is a
> LUKS master key or a plain key. 
>
> Your example may fail because of differences in padding,
> for example. Also note that 
>
>   sha512sum <<< 'my_passphrase' | head -c 128 > mykey
>
> produces an ASCII representation of the hash truncated to
> 128 characters, while you probably want a binary representation
> that is 128 bit long. 
Yes, I was aware of that but just tried it in case I was wrong about it
being a binary key. My other attempt (the openssl one) produces a binary
key but didn't work for me. I now know that was due to the here-string
<<< appending a newline.
>
> Arno
>
>
> On Fri, Nov 07, 2014 at 17:34:39 CET, John Lane wrote:
>> I'm trying to use plain dm-crypt. I have an example like this
>>
>>     $ cryptsetup open /dev/sda mydisk --type plain --hash sha512
>>
>> that works fine. I enter 'password' as the pass phrase when requested.
>>
>> I want to create an equivalent key-file so that I can do
>>
>>     $ cryptsetup open /dev/sda mydisk --type plain --key-file mykey
>>
>> I couldn't find a cryptsetup command do to this, so I tried these:
>>
>>     $ openssl dgst -sha512 -binary <<< 'password' > mykey
>> also
>>     $ sha512sum <<< 'my_passphrase' | head -c 128 > mykey
>>
>> without success.
>>
>> As I understand it, the key file contains a binary key that is used
>> as-is, so I would have thought the first try above would have worked. I
>> even used xxd to check that mykey contained the hash in binary data.
>>
>> How can I make a key-file that is equivalent to a keyed-in passphrase?
>>
>> Thanks in advance.
>>
>> _______________________________________________
>> dm-crypt mailing list
>> dm-crypt@saout.de
>> http://www.saout.de/mailman/listinfo/dm-crypt

Re: [dm-crypt] How can I write a passphrase hash to key file for plain dm-crypt ?

[Arno Wagner]

You are welcome.

Arno

On Fri, Nov 07, 2014 at 21:47:23 CET, John Lane wrote:
> Thanks Arno, your pointer helped me resolve my problem, which was due to
> a newline being appended by '<<<'.
> 
> I successfully created a key file with
> 
>    $ echo -n 'password' | openssl dgst -sha512 -binary > keyfile
> 
> What really helped was your suggestion to view the key from dm-crypt,
> which I did like this
> 
>    $ dmsetup table --target crypt --showkey /dev/mapper/mydisk
> 
> That showed me what the SHA1 was and, once I knew that, I could compare
> what I was generating with it and quickly realised the difference was
> probably a terminating end-of-line character.
> 
> Many thanks to you.
> 
> John
> 
> 
> On 07/11/14 18:56, Arno Wagner wrote:
> > Hi John,
> >
> > the cryptsetup man-page has additional information about the 
> > different ways a passphrase can be passed to it and what the
> > conventions are in section "NOTES ON PASSPHRASE PROCESSING 
> > FOR PLAIN MODE". That should get you started. 
> I had read that, specifically the part "From a Key File" which is why I
> believed I needed a binary key.
> >
> > If you want to generate a key that is the same as generated
> > by a specific passphrase, the easiest way is probably to 
> > map the container with the passphrase and then extract the 
> > key from dm-crypt. I am not sure this works, but if it does,
> > FAQ Item 6.10 has the information. dm-crypt just gets a 
> > cipher and a key and does not know whether that key is a
> > LUKS master key or a plain key. 
> >
> > Your example may fail because of differences in padding,
> > for example. Also note that 
> >
> >   sha512sum <<< 'my_passphrase' | head -c 128 > mykey
> >
> > produces an ASCII representation of the hash truncated to
> > 128 characters, while you probably want a binary representation
> > that is 128 bit long. 
> Yes, I was aware of that but just tried it in case I was wrong about it
> being a binary key. My other attempt (the openssl one) produces a binary
> key but didn't work for me. I now know that was due to the here-string
> <<< appending a newline.
> >
> > Arno
> >
> >
> > On Fri, Nov 07, 2014 at 17:34:39 CET, John Lane wrote:
> >> I'm trying to use plain dm-crypt. I have an example like this
> >>
> >>     $ cryptsetup open /dev/sda mydisk --type plain --hash sha512
> >>
> >> that works fine. I enter 'password' as the pass phrase when requested.
> >>
> >> I want to create an equivalent key-file so that I can do
> >>
> >>     $ cryptsetup open /dev/sda mydisk --type plain --key-file mykey
> >>
> >> I couldn't find a cryptsetup command do to this, so I tried these:
> >>
> >>     $ openssl dgst -sha512 -binary <<< 'password' > mykey
> >> also
> >>     $ sha512sum <<< 'my_passphrase' | head -c 128 > mykey
> >>
> >> without success.
> >>
> >> As I understand it, the key file contains a binary key that is used
> >> as-is, so I would have thought the first try above would have worked. I
> >> even used xxd to check that mykey contained the hash in binary data.
> >>
> >> How can I make a key-file that is equivalent to a keyed-in passphrase?
> >>
> >> Thanks in advance.
> >>
> >> _______________________________________________
> >> dm-crypt mailing list
> >> dm-crypt@saout.de
> >> http://www.saout.de/mailman/listinfo/dm-crypt
> 
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt

-- 
Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno@wagner.name
GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D 9718
----
A good decision is based on knowledge and not on numbers. -- Plato

If it's in the news, don't worry about it.  The very definition of 
"news" is "something that hardly ever happens." -- Bruce Schneier