From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <qlefebvre_pro@yahoo.com>
Received: from nm9-vm5.bullet.mail.ir2.yahoo.com
 (nm9-vm5.bullet.mail.ir2.yahoo.com [212.82.96.148])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (No client certificate requested)
 by mail.server123.net (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Sun, 23 Nov 2014 16:29:29 +0100 (CET)
Message-ID: <5471FD58.8000100@yahoo.com>
Date: Sun, 23 Nov 2014 16:29:28 +0100
From: Quentin Lefebvre <qlefebvre_pro@yahoo.com>
MIME-Version: 1.0
References: <546D0A9D.6080209@yahoo.com> <5471D6C7.7060405@yahoo.com>
 <5471DE14.50405@gmail.com> <5471E8D6.4020806@yahoo.com>
 <5471F5DA.6090208@gmail.com>
In-Reply-To: <5471F5DA.6090208@gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: quoted-printable
Subject: Re: [dm-crypt] Empty key files vs empty passwords in plain mode
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: Milan Broz <gmazyland@gmail.com>, dm-crypt@saout.de

Le 23/11/2014 15:57, Milan Broz a =E9crit :
> On 11/23/2014 03:01 PM, Quentin Lefebvre wrote:
> ...
>>> Well, logically it should be the same. But reading empty keyfile never =
worked AFAIK
>>
>> Right, and this is just because of a test that returns an error code in
>> case the key file is empty.
>>
>>> and IMHO the case that you encrypt device by empty keyfile by mistake
>>> is more common...
>>
>> I agree and I think there should be at least a warning.
>
> Maybe for luksFormat but not for plain case. Otherwise everyone with acce=
ss
> to logs or screen scroll up will see that password is empty.
>
> I have a generic rule that cryptsetup output (even debug log) must not
> contain usable information about your password or key.

OK, this makes sense.

>>> I am tempting to say it is a safety feature than bug :-)
>>>
>>> Anyway, please create issue on project page, https://code.google.com/p/=
cryptsetup/issues/list
>>> If you have a patch, attach it there as well.
>>
>> Sure, I'll do that. But which tool is preferred to write a patch for
>> cryptsetup?
>
> Whatever is applicable. The best is created with "git format-patch" way
> so I can simply apply it to git if it is correct.
>
> There is also repository mirror on github so pull request there will work=
 as well.
> (I will just not use github directly because it is not primary repo.)

Thanks for the advice.

At this point, I think I'll try to write a patch that accepts an empty=20
key file, except in the case where --force-password is set (actually I=20
didn't know this parameter).

Best,
Quentin