*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
- * version 2 as published by the Free Software Foundation.
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
static int opt_shared = 0;
static int opt_allow_discards = 0;
static int opt_test_passphrase = 0;
-static int opt_hidden = 0;
+static int opt_tcrypt_hidden = 0;
+static int opt_tcrypt_system = 0;
static const char **action_argv;
static int action_argc;
params.hash = NULL;
if ((opt_keyfile_offset || opt_keyfile_size) && opt_key_file)
- log_std(("Ignoring keyfile offset and size options, keyfile read "
+ log_std(_("Ignoring keyfile offset and size options, keyfile read "
"size is always the same as encryption key size.\n"));
r = crypt_parse_name_and_mode(opt_cipher ?: DEFAULT_CIPHER(PLAIN),
cipher, NULL, cipher_mode);
if (r < 0) {
- log_err("No known cipher specification pattern detected.\n");
+ log_err(_("No known cipher specification pattern detected.\n"));
goto out;
}
if (r < 0)
goto out;
- if (opt_hidden)
+ if (opt_tcrypt_hidden)
params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER;
+ if (opt_tcrypt_system)
+ params.flags |= CRYPT_TCRYPT_SYSTEM_HEADER;
+
r = crypt_load(cd, CRYPT_TCRYPT, ¶ms);
check_signal(&r);
if (r < 0)
if (activated_name)
r = crypt_activate_by_volume_key(cd, activated_name, NULL, 0, flags);
out:
+ if (r == -EPERM)
+ log_err(_("No device header detected with this passphrase.\n"));
crypt_free(cd);
crypt_safe_free(CONST_CAST(char*)params.passphrase);
return r;
if (r < 0)
goto out;
- if (opt_hidden)
+ if (opt_tcrypt_hidden)
params.flags |= CRYPT_TCRYPT_HIDDEN_HEADER;
+ if (opt_tcrypt_system)
+ params.flags |= CRYPT_TCRYPT_SYSTEM_HEADER;
+
r = crypt_load(cd, CRYPT_TCRYPT, ¶ms);
check_signal(&r);
if (r < 0)
else
r = crypt_dump(cd);
out:
+ if (r == -EPERM)
+ log_err(_("No device header detected with this passphrase.\n"));
crypt_free(cd);
crypt_safe_free(CONST_CAST(char*)params.passphrase);
return r;
crypt_status_info ci;
struct crypt_active_device cad;
struct crypt_device *cd = NULL;
- struct stat st;
char *backing_file;
const char *device;
int path = 0, r = 0;
/* perhaps a path, not a dm device name */
- if (strchr(action_argv[0], '/') && !stat(action_argv[0], &st))
+ if (strchr(action_argv[0], '/'))
path = 1;
ci = crypt_status(NULL, action_argv[0]);
char *c;
int i, r;
- log_std("# Tests are approximate using memory only (no storage IO).\n");
+ log_std(_("# Tests are approximate using memory only (no storage IO).\n"));
if (opt_hash) {
r = action_benchmark_kdf(opt_hash);
} else if (opt_cipher) {
key_size / 8, iv_size, buffer_size,
&enc_mbr, &dec_mbr);
if (!r) {
- log_std("# Algorithm | Key | Encryption | Decryption\n");
+ log_std(N_("# Algorithm | Key | Encryption | Decryption\n"));
log_std("%8s-%s %4db %5.1f MiB/s %5.1f MiB/s\n",
cipher, cipher_mode, key_size, enc_mbr, dec_mbr);
} else if (r == -ENOENT)
if (r == -ENOENT)
skipped++;
if (i == 0)
- log_std("# Algorithm | Key | Encryption | Decryption\n");
+ log_std(N_("# Algorithm | Key | Encryption | Decryption\n"));
snprintf(cipher, MAX_CIPHER_LEN, "%s-%s",
bciphers[i].cipher, bciphers[i].mode);
r = -ENOTSUP;
}
- if (r == -ENOTSUP)
- log_err( _("Required kernel crypto interface not available.\n"
- "Ensure you have algif_skcipher kernel module loaded.\n"));
+ if (r == -ENOTSUP) {
+ log_err(_("Required kernel crypto interface not available.\n"));
+#ifdef ENABLE_AF_ALG
+ log_err( _("Ensure you have algif_skcipher kernel module loaded.\n"));
+#endif
+ }
return r;
}
fd = open(file, O_RDONLY);
if (fd == -1) {
- log_err("Cannot read keyfile %s.\n", file);
+ log_err(_("Cannot read keyfile %s.\n"), file);
goto fail;
}
if ((read(fd, *key, keysize) != keysize)) {
- log_err("Cannot read %d bytes from keyfile %s.\n", keysize, file);
+ log_err(_("Cannot read %d bytes from keyfile %s.\n"), keysize, file);
close(fd);
goto fail;
}
r = crypt_load(cd, CRYPT_LUKS1, NULL);
crypt_set_log_callback(cd, tool_log, NULL);
if (r == 0) {
- log_verbose( _("No known problems detected for LUKS header.\n"));
+ log_verbose(_("No known problems detected for LUKS header.\n"));
goto out;
}
{ "allow-discards", '\0', POPT_ARG_NONE, &opt_allow_discards, 0, N_("Allow discards (aka TRIM) requests for device."), NULL },
{ "header", '\0', POPT_ARG_STRING, &opt_header_device, 0, N_("Device or file with separated LUKS header."), NULL },
{ "test-passphrase", '\0', POPT_ARG_NONE, &opt_test_passphrase, 0, N_("Do not activate device, just check passphrase."), NULL },
- { "hidden", '\0', POPT_ARG_NONE, &opt_hidden, 0, N_("Use hidden header (hidden TCRYPT device) ."), NULL },
+ { "tcrypt-hidden", '\0', POPT_ARG_NONE, &opt_tcrypt_hidden, 0, N_("Use hidden header (hidden TCRYPT device)."), NULL },
+ { "tcrypt-system", '\0', POPT_ARG_NONE, &opt_tcrypt_system, 0, N_("Device is system TCRYPT drive (with bootloader)."), NULL },
{ "type", 'M', POPT_ARG_STRING, &opt_type, 0, N_("Type of device metadata: luks, plain, loopaes, tcrypt."), NULL },
- { "force-password", '\0', POPT_ARG_NONE, &opt_force_password, 0, N_("Disable password quality check (if enabled)."), NULL },
+ { "force-password", '\0', POPT_ARG_NONE, &opt_force_password, 0, N_("Disable password quality check (if enabled)."), NULL },
POPT_TABLEEND
};
poptContext popt_context;
_("Option --offset is supported only for open of plain and loopaes devices.\n"),
poptGetInvocationName(popt_context));
- if (opt_hidden && strcmp(aname, "tcryptDump") &&
+ if ((opt_tcrypt_hidden || opt_tcrypt_system) && strcmp(aname, "tcryptDump") &&
(strcmp(aname, "open") || strcmp(opt_type, "tcrypt")))
usage(popt_context, EXIT_FAILURE,
- _("Option --hidden is supported only for TCRYPT device.\n"),
+ _("Option --tcrypt-hidden or --tcrypt-system is supported only for TCRYPT device.\n"),
poptGetInvocationName(popt_context));
if (opt_debug) {