You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Again same as issue #26 luks2 dumps the output differently from luks1, this fails to parse the header offset. This makes dd fails as there is no count value argument
LUKS1
LUKS header information for /dev/vdg
Version: 1
Cipher name: aes
Cipher mode: xts-plain64
Hash spec: sha256
Payload offset: 4096
MK bits: 512
MK digest: fa 51 65 84 10 6b 1d 5b fe 1e 2d 52 58 48 a8 ef 4c 1a ae 33
MK salt: 92 4f c5 93 9e fe dc ea f9 82 c1 1e dc 5d 54 57
6d 0f 72 87 a2 9b cc f4 20 ec 89 5d 96 ee 61 88
MK iterations: 86231
UUID: 2c0a2db2-f14a-45e0-a0c2-1278581cecfd
Key Slot 0: ENABLED
Iterations: 1388842
Salt: 69 e2 69 b3 41 1d 12 14 e8 68 1c 5e 87 2f 6f 9d
ee 36 7f 32 9f e9 97 7d a4 3d fa 9a a4 aa a0 be
Key material offset: 8
AF stripes: 4000
Key Slot 1: DISABLED
Key Slot 2: DISABLED
Key Slot 3: DISABLED
Key Slot 4: DISABLED
Key Slot 5: DISABLED
Key Slot 6: DISABLED
Key Slot 7: DISABLED
LUKS2
LUKS header information
Version: 2
Epoch: 4
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes]
UUID: ada57cad-239d-43da-aee8-6d35c0c88c6c
Label: (no label)
Subsystem: (no subsystem)
Flags: (no flags)
Data segments:
0: crypt
offset: 16777216 [bytes]
length: (whole device)
cipher: aes-xts-plain64
sector: 512 [bytes]
Keyslots:
0: luks2
Key: 512 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
Destroy the header by overwriting it
$cmd = sprintf("dd if=/dev/urandom of=%s bs=512 count=%s",
escapeshellarg($sd->getDeviceFile()),
escapeshellarg($header_size));
$process = new Process($cmd);
$process->setRedirect2to1();
$process->execute($output, $exitStatus);
PBKDF: argon2i
Time cost: 4
Memory: 438162
Threads: 1
Salt: 39 9b 6c b4 b6 15 82 31 8a d5 50 db 3d ac aa 2e
79 bc 05 f9 12 e3 3d 54 c1 b7 01 98 ee 52 c1 c1
AF stripes: 4000
AF hash: sha256
Area offset:32768 [bytes]
Area length:258048 [bytes]
Digest ID: 0
1: luks2
Key: 512 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: argon2i
Time cost: 4
Memory: 392461
Threads: 1
Salt: 09 ee 5b 21 c3 d4 9b 64 cb 45 5a 1e f7 64 c9 96
b7 65 1d 20 41 e7 4e 41 49 e1 a3 d8 ef c6 a5 cf
AF stripes: 4000
AF hash: sha256
Area offset:290816 [bytes]
Area length:258048 [bytes]
Digest ID: 0
Tokens:
Digests:
0: pbkdf2
Hash: sha256
Iterations: 87849
Salt: 9f 75 b0 4d ad ce 7f 48 67 eb 63 7a e3 38 cc 65
a4 19 fd b0 78 0d 08 4d 0f ca 6c 10 c7 61 44 16
Digest: b4 43 2e 61 9b a5 02 90 9e a8 81 b0 6e 1b 87 01
05 56 ab 81 12 8a 66 6d cf 76 b0 0f 65 bb 19 d6
For now just depending on the luks version will set header to 4KB for v1, and 16MB for luks2
This should go on remove method of luks container instance, feels like duplicate code since version is already gathered at getData(),
@ryecoaaron is there a way of calling the getData() function inside remove() ?
Again same as issue #26 luks2 dumps the output differently from luks1, this fails to parse the header offset. This makes dd fails as there is no count value argument
LUKS1
LUKS2
For now just depending on the luks version will set header to 4KB for v1, and 16MB for luks2
This should go on remove method of luks container instance, feels like duplicate code since version is already gathered at getData(),
@ryecoaaron is there a way of calling the getData() function inside remove() ?
The text was updated successfully, but these errors were encountered: