[pkg-cryptsetup-devel] Bug#518266: cryptsetup: determining available hashes/ciphers/keysize
Sebastian Andrzej Siewior
sebastian at breakpoint.cc
Sun Jun 14 16:52:19 UTC 2009
* Matt Taggart | 2009-03-04 20:00:56 [-0800]:
>The cryptsetup(8) man page mentions the default hash, cipher, and keysize
>values for different cases, but I am looking for a way to determine what
>values are available. Looking at the source it seems to determine this from
>/proc/crypto (so I guess depends on what kernel modules are loaded?).
To some degree yes. If you don't use any crypto support then usually no
modules are loaded and /proc/crypto is emtpy. Once you start lets say
luksFormat with aes-xts as the algorithm, both (aes & xts) are loaded by
the kernel (if available of course).
>Could cryptsetup have an option to print available options? Maybe if you
>invoked a flag with "list" like
>
> cryptsetup --cipher list
>
>it could list available options?
This could be possible but would require to probe all variants / load
all modules.
>Also I think only certain combinations are supported, it would be nice if
>somehow it could list those too.
There are almost no exceptions I thing however some are not clever like
aes-ecb :)
I thing the best way to go is to make a static list (part of the docs).
>Matt Taggart
Sebastian
More information about the pkg-cryptsetup-devel
mailing list