[pkg-cryptsetup-devel] Bug#934715: libcryptsetup12: crypt_keyslot_add_by_volume_key() fails on a LUKS2 header where all bound key slots were deleted

Guilhem Moulin guilhem at debian.org
Tue Aug 13 23:08:36 BST 2019 

Package: libcryptsetup12
Version: 2:2.1.0-7
Severity: important
Tags: upstream

(Cloning upstream issue #466 so we can track it for Buster, Bullseye and sid.)

Even when all (bound) key slots were removed from a LUKS header, the header is
still salvageable given a copy of the master key.

The crypt_keyslot_add_by_volume_key() API call works for LUKSv1 headers
without keyslot, but fails for LUKSv2:

    $ dd if=/dev/zero of=./disk.img bs=1M count=64
    $ cryptsetup luksFormat --pbkdf-force-iterations 1000 \
        --type luks1 -q ./disk.img <<<test
    $ ./test ./disk.img "test" "test2"
    $ cryptsetup luksOpen --test-passphrase --verbose ./disk.img <<<test2
    Key slot 0 unlocked.
    Command successful.

    $ cryptsetup luksFormat --pbkdf-force-iterations 4 --pbkdf-memory 32 \
        --type luks2 -q ./disk.img <<<test
    $ ./test ./disk.img "test" "test2"
    Failed to initialise default LUKS2 keyslot parameters.
    test: Error: crypt_keyslot_add_by_volume_key

As long as the volume key is known it's always possible to map the
device as a plain crypt target, however the risk of data loss is real
for applications like the above `test` that call crypt_volume_key_get(),
crypt_keyslot_destroy(), and crypt_keyslot_add_by_volume_key() in that
order, as they might leave the header in an unusable state (without
bound keyslots).  Hence the “Severity: important”.

(These applications should use crypt_keyslot_change_by_passphrase()
instead, though.)

-- 
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test.c
Type: text/x-csrc
Size: 937 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20190814/8d33d3ba/attachment.c>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20190814/8d33d3ba/attachment.sig>

More information about the pkg-cryptsetup-devel mailing list