[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Option "validate passphrase" for command cryptsetup



	Hello,
	for information, I wrote a small C program to check if the given
passphrase is correct, without doing anything on the disk. The command
is used this way:

	$ cryptsetup_check_passphrase /dev/sda1
	Enter passphrase for /dev/sda1: <MY_SECRET_PASSPHRASE>
	Valid key (slot 0)
	$

	If you think it can benefit cryptsetup, I offer to write the necessary
patch to include it to cryptsetup (as a "luksValidateKey" LUKS action).


# why do I need such a command ?

	We are a group of hacktivists who offer some online services (such as
email addresses). Our disks are encrypted using LUKS. As we are six
members operating the server, and we reboot it only a few times a year,
it may happen that some of us only use the passphrase once in two years,
which is prone to forgetting. So we want a way to, once in a while (at
our monthly meetings), check that we still know our passphrase, without
risking to do something on the disk (creating, removing partition,
deleting passphrases, etc.).

# Security risks

	Isn't this function a wonderful tool to try brute force attacks ? I do
not think so. Attacker needs to be root to run it, at which point (s)he
can already do a lot of harmful things. Moreover, once (s)he is root,
attacker might as well compile the program I just wrote to try this
brute force attack. To sum up: Yes, it can be used to brute force the
partition, but nothing more that what was possible to do without this tool.

	Regards,
	Louis

PS : Not to overload this list with many files, I only give
you here the C code. If you want the makefile and configure.ac, just ask.


#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <libcryptsetup.h>

void usage() {
  printf("cryptsetup_check_passphrase LUKSDEVICE\n");
}

int check_passphrase(const char* device_name) {
  int keyslot;
  int error;
  int status;
  struct crypt_device *cd = NULL;

  if ((error = crypt_init(&cd, device_name))) {
    printf("Could not open device \"%s\": %s\n", device_name,
strerror(-error));
    return 1;
  }
  if ((error = crypt_load(cd, NULL, NULL))) {
    printf("Could not load device \"%s\": %s\n", device_name,
strerror(-error));
    return 1;
  }

  keyslot = crypt_activate_by_passphrase(cd, NULL, CRYPT_ANY_SLOT, NULL,
0, 0);
  if (keyslot >= 0) {
    printf("Valid key (slot %u)\n", keyslot);
    status = 0;
  } else {
    printf("No matching key found: %s\n", strerror(-keyslot));
    status = 1;
  }
  crypt_free(cd);
  return status;
}

int main( int argc, const char* argv[] ) {
  int status;

  /* Parsing arguments */
  if (argc != 2) {
    usage();
    return 1;
  }

  /* Check */
  status = check_passphrase(argv[1]);

  return status;
}
_______________________________________________
dm-crypt mailing list
dm-crypt@xxxxxxxx
http://www.saout.de/mailman/listinfo/dm-crypt


[DM Devel]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Packaging]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

Add to Google Powered by Linux