[pkg-cryptsetup-devel] Bug#518266: cryptsetup: determining available hashes/ciphers/keysize

Sebastian Andrzej Siewior sebastian at breakpoint.cc
Sun Jun 14 16:52:19 UTC 2009


* Matt Taggart | 2009-03-04 20:00:56 [-0800]:

>The cryptsetup(8) man page mentions the default hash, cipher, and keysize 
>values for different cases, but I am looking for a way to determine what 
>values are available. Looking at the source it seems to determine this from 
>/proc/crypto (so I guess depends on what kernel modules are loaded?).
To some degree yes. If you don't use any crypto support then usually no
modules are loaded and /proc/crypto is emtpy. Once you start lets say
luksFormat with aes-xts as the algorithm, both (aes & xts) are loaded by
the kernel (if available of course).

>Could cryptsetup have an option to print available options? Maybe if you 
>invoked a flag with "list" like
>
>  cryptsetup --cipher list
>
>it could list available options?
This could be possible but would require to probe all variants / load
all modules.

>Also I think only certain combinations are supported, it would be nice if 
>somehow it could list those too.
There are almost no exceptions I thing however some are not clever like
aes-ecb :)
I thing the best way to go is to make a static list (part of the docs).

>Matt Taggart

Sebastian





More information about the pkg-cryptsetup-devel mailing list