From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gmazyland@gmail.com>
Received: from mail-wi0-x232.google.com (mail-wi0-x232.google.com
 [IPv6:2a00:1450:400c:c05::232])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (No client certificate requested)
 by mail.server123.net (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Sun, 23 Nov 2014 15:57:35 +0100 (CET)
Received: by mail-wi0-f178.google.com with SMTP id hi2so3424865wib.11
 for <dm-crypt@saout.de>; Sun, 23 Nov 2014 06:57:33 -0800 (PST)
Message-ID: <5471F5DA.6090208@gmail.com>
Date: Sun, 23 Nov 2014 15:57:30 +0100
From: Milan Broz <gmazyland@gmail.com>
MIME-Version: 1.0
References: <546D0A9D.6080209@yahoo.com> <5471D6C7.7060405@yahoo.com>
 <5471DE14.50405@gmail.com> <5471E8D6.4020806@yahoo.com>
In-Reply-To: <5471E8D6.4020806@yahoo.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] Empty key files vs empty passwords in plain mode
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: Quentin Lefebvre <qlefebvre_pro@yahoo.com>, dm-crypt@saout.de

On 11/23/2014 03:01 PM, Quentin Lefebvre wrote:
...
>> Well, logically it should be the same. But reading empty keyfile never worked AFAIK
> 
> Right, and this is just because of a test that returns an error code in 
> case the key file is empty.
> 
>> and IMHO the case that you encrypt device by empty keyfile by mistake
>> is more common...
> 
> I agree and I think there should be at least a warning.

Maybe for luksFormat but not for plain case. Otherwise everyone with access
to logs or screen scroll up will see that password is empty.

I have a generic rule that cryptsetup output (even debug log) must not
contain usable information about your password or key.

(The exception is messages produced by pwquality library but these
prevents creating new volume, it will never appear when opening
existing one.)

>> I am tempting to say it is a safety feature than bug :-)
>>
>> Anyway, please create issue on project page, https://code.google.com/p/cryptsetup/issues/list
>> If you have a patch, attach it there as well.
> 
> Sure, I'll do that. But which tool is preferred to write a patch for 
> cryptsetup?

Whatever is applicable. The best is created with "git format-patch" way
so I can simply apply it to git if it is correct.

There is also repository mirror on github so pull request there will work as well.
(I will just not use github directly because it is not primary repo.)

Milan