CS_STR_WITH([luks1-cipher], [cipher for LUKS1], [aes])
CS_STR_WITH([luks1-mode], [cipher mode for LUKS1], [cbc-essiv:sha256])
CS_NUM_WITH([luks1-keybits],[key length in bits for LUKS1], [256])
+CS_NUM_WITH([luks1-iter-time],[PBKDF2 iteration time for LUKS1 (in ms)], [1000])
CS_STR_WITH([loopaes-cipher], [cipher for loop-AES mode], [aes])
CS_NUM_WITH([loopaes-keybits],[key length in bits for loop-AES mode], [256])
static uint64_t opt_skip = 0;
static int opt_skip_valid = 0;
static int opt_readonly = 0;
-static int opt_iteration_time = 1000;
+static int opt_iteration_time = DEFAULT_LUKS1_ITER_TIME;
static int opt_version_mode = 0;
static int opt_timeout = 0;
static int opt_tries = 3;
"<key file> optional key file for the new key for luksAddKey action\n"),
crypt_get_dir());
- log_std(_("\nDefault compiled-in keyfile parameters:\n"
+ log_std(_("\nDefault compiled-in key and passphrase parameters:\n"
"\tMaximum keyfile size: %dkB, "
- "Maximum interactive passphrase length %d (characters)\n"),
- DEFAULT_KEYFILE_SIZE_MAXKB, DEFAULT_PASSPHRASE_SIZE_MAX);
+ "Maximum interactive passphrase length %d (characters)\n"
+ "Default PBKDF2 iteration time for LUKS: %d (ms)\n"),
+ DEFAULT_KEYFILE_SIZE_MAXKB, DEFAULT_PASSPHRASE_SIZE_MAX,
+ DEFAULT_LUKS1_ITER_TIME);
log_std(_("\nDefault compiled-in device cipher parameters:\n"
"\tloop-AES: %s, Key %d bits\n"