From: Milan Broz <gmazyland@gmail.com>
Date: Fri, 13 Aug 2010 15:03:07 +0000 (+0000)
Subject: Check if requested hash is supported before writing LUKS header.
X-Git-Tag: upstream/1.6~593
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=16ad14d2c6d39a7e1e93966bd9f650b0eb7d9719;p=platform%2Fupstream%2Fcryptsetup.git

Check if requested hash is supported before writing LUKS header.

git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@331 36d66b0a-2a48-0410-832c-cd162a569da5
---

diff --git a/ChangeLog b/ChangeLog
index de3b7d4..65732ec 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,7 @@
 	* Switch to 1MiB default alignment of data.
 	  For more info see https://bugzilla.redhat.com/show_bug.cgi?id=621684
 	* Do not query non-existent device twice (cryptsetup status /dev/nonexistent).
+	* Check if requested hash is supported before writing LUKS header.
 
 2010-07-28  Arno Wagner <arno@wagner.name>
 	* Add FAQ (Frequently Asked Questions) file to distribution.
diff --git a/luks/keymanage.c b/luks/keymanage.c
index efe05cd..1d1c21d 100644
--- a/luks/keymanage.c
+++ b/luks/keymanage.c
@@ -439,6 +439,11 @@ int LUKS_generate_phdr(struct luks_phdr *header,
 	if (alignPayload == 0)
 		alignPayload = DEFAULT_DISK_ALIGNMENT / SECTOR_SIZE;
 
+	if (PBKDF2_HMAC_ready(hashSpec) < 0) {
+		log_err(ctx, _("Requested LUKS hash %s is not supported.\n"), hashSpec);
+		return -EINVAL;
+	}
+
 	memset(header,0,sizeof(struct luks_phdr));
 
 	/* Set Magic */
diff --git a/man/cryptsetup.8 b/man/cryptsetup.8
index f7c5947..5505ad4 100644
--- a/man/cryptsetup.8
+++ b/man/cryptsetup.8
@@ -140,7 +140,8 @@ For \fIluksFormat\fR action specifies hash used in LUKS key setup scheme and vol
 
 \fBWARNING:\fR setting hash other than \fBsha1\fR causes LUKS device incompatible with older version of cryptsetup.
 
-The hash string is passed to libgcrypt, so all hashes accepted by gcrypt are supported.
+The hash string is passed to libgcrypt, so all hash algorithms are supported
+(for \fIluksFormat\fR algorithm must provide at least 20 byte long hash).
 Default is set during compilation, compatible values with old version of cryptsetup are
 \fB"ripemd160"\fR for \fIcreate\fR action and \fB"sha1"\fR for \fIluksFormat\fR.
 
diff --git a/tests/api-test.c b/tests/api-test.c
index 3108fe8..3063dce 100644
--- a/tests/api-test.c
+++ b/tests/api-test.c
@@ -761,6 +761,10 @@ static void NonFIPSAlg(void)
 	}
 	OK_(crypt_init(&cd, DEVICE_2));
 	OK_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params));
+
+	params.hash = "md5";
+	FAIL_(crypt_format(cd, CRYPT_LUKS1, cipher, cipher_mode, NULL, key, key_size, &params),
+	      "MD5 unsupported, too short");
 	crypt_free(cd);
 }