Cryptoloop AES multi key setup
Hello list! Under SuSE Linux 9.2 Pro, I've encrypted several partitions using crytoloop / aes-128. Now, I updated my system to SuSE 9.3. The update process went fine, but now I'm unable to mount the AES Multi Key (V2=64 keys / V3=65 keys) encrypted partitions. AES Single Key Encryption still works flawlessly. I've done some testing and found out, that SuSE 9.3 seems to be unable to use AES multi key setups at all. I've tested this on 2 different computers. To reproduce, try the following steps: # Check kernel version linux:/crypto # uname -a Linux linux 2.6.11.4-21.7-default #1 Thu Jun 2 14:23:14 UTC 2005 i686 athlon i386 GNU/Linux # Create test image linux:/crypto # dd if=/dev/urandom of=test.img bs=1k count=1k 1024+0 records in 1024+0 records out 1048576 bytes (1.0 MB) copied, 0.397559 seconds, 2.6 MB/s # Create test key V1 (1 key) linux:/crypto # head -c3000 /dev/urandom |uuencode -m - | head -n66 | tail -n1 > testkey1 linux:/crypto # wc testkey1 1 1 61 testkey1 # Create test key V2 (64 keys) linux:/crypto # head -c3000 /dev/urandom |uuencode -m - | head -n66 | tail -n64 > testkey64 linux:/crypto # wc testkey64 64 64 3904 testkey64 # Create test key V3 (65 keys) linux:/crypto # head -c3000 /dev/urandom |uuencode -m - | head -n66 | tail -n65 > testkey65 linux:/crypto # wc testkey65 65 65 3965 testkey65 # Load modules linux:/crypto # modprobe cryptoloop linux:/crypto # modprobe aes # Check crypto capabilities linux:/crypto # cat /proc/crypto [...] name : aes module : aes_i586 type : cipher blocksize : 16 min keysize : 16 max keysize : 32 # Try single key setup (WORKS) linux:/crypto # losetup -e aes-128 -p0 /dev/loop0 test.img < testkey1 linux:/crypto # losetup -d /dev/loop0 # Try multi key setup V2 (DOES NOT WORK) linux:/crypto # losetup -e aes-128 -p0 /dev/loop0 test.img < testkey64 ioctl: LOOP_MULTI_KEY_SETUP: Invalid argument # Try multi key setup V3 (DOES NOT WORK) linux:/crypto # losetup -e aes-128 -p0 /dev/loop0 test.img < testkey65 ioctl: LOOP_MULTI_KEY_SETUP_V3: Invalid argument Any ideas? Thanks in advance Christian Erpelding
participants (1)
-
Christian Erpelding