From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gmazyland@gmail.com>
Received: from mail-wr1-x436.google.com (mail-wr1-x436.google.com
 [IPv6:2a00:1450:4864:20::436])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by mail.server123.net (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Mon, 25 Nov 2019 14:55:14 +0100 (CET)
Received: by mail-wr1-x436.google.com with SMTP id z3so18137572wru.3
 for <dm-crypt@saout.de>; Mon, 25 Nov 2019 05:55:13 -0800 (PST)
References: <62fc7ef6-e289-b268-17d5-6ac1df2f3904@gmx.ch>
 <c59b2199-e41d-3621-78fb-ae1552dbe607@gmail.com>
 <39693781-1472-1aeb-5005-5141c02c6746@gmx.ch>
From: Milan Broz <gmazyland@gmail.com>
Message-ID: <4c3b11fc-783c-e58f-681d-7acee12376d7@gmail.com>
Date: Mon, 25 Nov 2019 14:55:11 +0100
MIME-Version: 1.0
In-Reply-To: <39693781-1472-1aeb-5005-5141c02c6746@gmx.ch>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] detached LUKS header size
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <https://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <https://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <https://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: Fourhundred Thecat <400thecat@gmx.ch>, dm-crypt@saout.de

Hi,

On 25/11/2019 05:34, Fourhundred Thecat wrote:
> On 23/11/2019 09.48, Milan Broz wrote:
>>
>> AF is mandatory and must be there, but you can allocate only absolute
>> minimum
>> for the LUKS2 whole header (for example only area for 1 keyslot), if you
>> do not need other features.
> 
> Hi Milan,
> 
> if I decide to use luks1 format for my detached header, what size do I
> need to allocate for the header file ?

For LUKS1 you cannot modify header size, there is always 8 keyslots pre-allocated
and its size depends on stored key size (usually 128/256/512 bits).

Then there is alignment, so the real data offset is aligned by default to
the 1MB boundary.

With this padding, header size is for 128bit key 2MB, for 256/512 key 4MB.

(See table 5.2. in LUKS2 standard describing conversion from LUKS1
here https://gitlab.com/cryptsetup/LUKS2-docs/blob/master/luks2_doc_wip.pdf )

> 
>  From the FAQ on gitlab, it would seem luks1 needs 2MB header file
> (Payload offset * 512), but when I use the "luksHeaderBackup" command on
> an existing standard luks1 partition:
> 
>   cryptsetup luksHeaderBackup /dev/sde1 --header-backup-file sde1.header
> 
> it actually creates a file of size 1,052,672 bytes

So your header contains keyslots for 256bit keys.

The luksBackup should store the header without alignment, so it is the exact
used size (in this case 2056 512-byte sectors).

> Is this the complete luks header ?

Yes, it is full header without padding (for 256bit keys only!).

> If I want to minimize the size of LUKS header, without changing any
> default settings, can I use a  1,052,672 bytes file for my luks1 header?

Yes. For reference: for 128bit it is 528384 bytes, for 256bit 1052672 bytes,
for 512bit (2x256bits in XTS mode) it is 2068480 bytes.

Milan