From: Markus Huehnerbein <silencer@gmx.ch>
To: Sebastian Siewior <linux-crypto@ml.breakpoint.cc>
Cc: linux-crypto@vger.kernel.org
Subject: Re: Problem using dm-crypt with geode LX800 AES-Engine
Date: Wed, 29 Aug 2007 22:29:10 +0200 [thread overview]
Message-ID: <46D5D716.4040903@gmx.ch> (raw)
In-Reply-To: <20070829162200.GE24782@Chamillionaire.breakpoint.cc>
Sebastian Siewior wrote:
> * Markus Huehnerbein | 2007-08-29 16:41:57 [+0200]:
>
>> Thanks a lot! I confirm that it works with "-s 128" and also if "-s" is
>> skipped! But if I try to use cryptsetup with ESSIV (cryptsetup -c
>> aes-cbc-essiv:sha256 -y -s 128 luksFormat /dev/hda2) I get the same
> what about sha128 instead?
>
>> error. If the "geode-aes" does not support essiv why is this task not
>> performed by another algorithm in the cryptoAPI?
> Actually it is. geode does not support keys != 128 bit. ESSIV uses as
> key the output of sha256 what is 256. Check dmesg please. If my theory
> is correct than you should see in dmesg or somewhere:
> "Failed to set key for ESSIV cipher"
> Is it?
Yes, again you're right, if I use a hash with 256 bit I get the
following syslog errors:
device-mapper: table: 254:1: crypt: Error initializing ESSIV hash
device-mapper: ioctl: error adding target to table
device-mapper: ioctl: device doesn't appear to be in the dev hash table.
Unfortunately there is no support for sha128 in the Kernel so I tried
md5 as md5 also generates a 128 bit value.
Preparing the Volume with:
cryptsetup -c aes-cbc-essiv:md5 -y -s 128 luksFormat /dev/hda2
works fine ("Command successful" and no errors in the syslog) but when I
try to open the device
cryptsetup luksOpen /dev/hda2 devdmcryptluks
I get "Command failed." after entering the (correct) password. I also
tried "luksOpen" with the same arguments as "luksFormat" but the same -
"Command failed." without any trace in the syslog...
>
>> Thanks,
>> Markus
>
> Sebastian
>
Thanks again,
Markus
next prev parent reply other threads:[~2007-08-29 20:29 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-08-29 13:50 Problem using dm-crypt with geode LX800 AES-Engine Markus Huehnerbein
2007-08-29 14:15 ` Sebastian Siewior
2007-08-29 14:41 ` Markus Huehnerbein
2007-08-29 16:22 ` Sebastian Siewior
2007-08-29 20:29 ` Markus Huehnerbein [this message]
2007-08-30 9:01 ` Sebastian Siewior
2007-08-30 18:25 ` Markus Huehnerbein
2007-08-31 1:28 ` Herbert Xu
2007-08-31 12:40 ` Markus Huehnerbein
2007-08-31 14:55 ` Herbert Xu
2007-08-31 17:20 ` Markus Huehnerbein
2007-08-31 18:14 ` Sebastian Siewior
2007-08-31 20:39 ` Sebastian Siewior
2007-08-29 23:55 ` Herbert Xu
2007-08-30 0:07 ` Jordan Crouse
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=46D5D716.4040903@gmx.ch \
--to=silencer@gmx.ch \
--cc=linux-crypto@ml.breakpoint.cc \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).