Re: [dm-crypt] detached LUKS header size

[Milan Broz <gmazyland@gmail.com>]

Hi,

On 25/11/2019 05:34, Fourhundred Thecat wrote:
> On 23/11/2019 09.48, Milan Broz wrote:
>>
>> AF is mandatory and must be there, but you can allocate only absolute
>> minimum
>> for the LUKS2 whole header (for example only area for 1 keyslot), if you
>> do not need other features.
> 
> Hi Milan,
> 
> if I decide to use luks1 format for my detached header, what size do I
> need to allocate for the header file ?

For LUKS1 you cannot modify header size, there is always 8 keyslots pre-allocated
and its size depends on stored key size (usually 128/256/512 bits).

Then there is alignment, so the real data offset is aligned by default to
the 1MB boundary.

With this padding, header size is for 128bit key 2MB, for 256/512 key 4MB.

(See table 5.2. in LUKS2 standard describing conversion from LUKS1
here https://gitlab.com/cryptsetup/LUKS2-docs/blob/master/luks2_doc_wip.pdf )

> 
>  From the FAQ on gitlab, it would seem luks1 needs 2MB header file
> (Payload offset * 512), but when I use the "luksHeaderBackup" command on
> an existing standard luks1 partition:
> 
>   cryptsetup luksHeaderBackup /dev/sde1 --header-backup-file sde1.header
> 
> it actually creates a file of size 1,052,672 bytes

So your header contains keyslots for 256bit keys.

The luksBackup should store the header without alignment, so it is the exact
used size (in this case 2056 512-byte sectors).

> Is this the complete luks header ?

Yes, it is full header without padding (for 256bit keys only!).

> If I want to minimize the size of LUKS header, without changing any
> default settings, can I use a  1,052,672 bytes file for my luks1 header?

Yes. For reference: for 128bit it is 528384 bytes, for 256bit 1052672 bytes,
for 512bit (2x256bits in XTS mode) it is 2068480 bytes.

Milan