From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <PoliceTerror@dyne.org>
Received: from tupac2.dyne.org (tupac2.dyne.org [178.62.188.7])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mail.server123.net (Postfix) with ESMTPS
 for <dm-crypt@saout.de>; Fri, 24 Jun 2016 11:56:15 +0200 (CEST)
References: <576C5689.4020200@dyne.org>
 <94146e8c-438a-85b5-0f29-ce02642af1ee@gmail.com>
From: Police Terror <PoliceTerror@dyne.org>
Message-ID: <576D03BB.9010301@dyne.org>
Date: Fri, 24 Jun 2016 09:56:11 +0000
MIME-Version: 1.0
In-Reply-To: <94146e8c-438a-85b5-0f29-ce02642af1ee@gmail.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [dm-crypt] cryptsetup with Python subprocess + pipes
List-Id: <dm-crypt.saout.de>
List-Unsubscribe: <http://www.saout.de/mailman/options/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=unsubscribe>
List-Archive: <http://www.saout.de/pipermail/dm-crypt/>
List-Post: <mailto:dm-crypt@saout.de>
List-Help: <mailto:dm-crypt-request@saout.de?subject=help>
List-Subscribe: <http://www.saout.de/mailman/listinfo/dm-crypt>,
 <mailto:dm-crypt-request@saout.de?subject=subscribe>
To: dm-crypt@saout.de

Ahhh yes! Thank you Diagon and Milan.
I've added now the -q switch.

I looked at the pycryptsetup but 2 things:

1. It's not Python 3
2. It's an extra dependency and not in the repos.

Milan Broz:
> On 06/23/2016 11:37 PM, Police Terror wrote:
>> Hello,
>>
>> I'm trying to make a plausible deniability encryption wrapper around
>> cryptsetup.
>>
>> Basically it uses a hash table to first lookup an offset (encrypted with
>> the password), then uses that offset to load a hidden volume within a
>> contiguous file (within which other volumes may or may not exist).
>>
>> The theory is solid, and everything is mostly working. The only problem
>> I'm having is doing the communication in Python:
>>
>>     # Format the volume
>>     pipe = subprocess.Popen(["cryptsetup", "luksFormat", loop_device],
>>                             stdout=subprocess.PIPE,
>>                             stdin=subprocess.PIPE)
>>     out = pipe.communicate(input=b"YES\n" + password)
>>     if pipe.returncode:
>>         error("Problem formatting volume.")
>>         return pipe.returncode
>>
>> For some reason, this does not give any output! But the volume gets
>> created, but I cannot decrypt it with the password.
> 
> Probably because if you use pipe, cryptsetup will switch to batch
> mode where there is no question and no output.
> 
> It is better to add batch mode (-q switch) explicitly and remove from
> "YES\n" from your script (otherwise it becomes password ;-).
> 
> There is also simple Python pycryptsetup wrapper (it doesn't cover all
> commands though).
> 
> Milan
> _______________________________________________
> dm-crypt mailing list
> dm-crypt@saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>