commit 509a0baebf38b665b49eded630280e8e7594cf58 (HEAD, refs/heads/master) Author: Jérôme Vizcaino <jerome.vizcaino@gmail.com> Date: Tue May 12 16:38:23 2015 +0200 LUKS honors the given keyhash algorithm diff --git a/lib/crypto-base.sh b/lib/crypto-base.sh index dbe958a..e4316d3 100644 --- a/lib/crypto-base.sh +++ b/lib/crypto-base.sh @@ -210,8 +210,9 @@ setup_luks () { device=$2 cipher=$3 iv=$4 - size=$5 - pass=$6 + hash=$5 + size=$6 + pass=$7 [ -x /sbin/cryptsetup ] || return 1 @@ -219,7 +220,7 @@ setup_luks () { [ "${iv%xts-*}" = "${iv}" ] || size="$(($size * 2))" log-output -t partman-crypto \ - /sbin/cryptsetup -c $cipher-$iv -s $size luksFormat $device $pass + /sbin/cryptsetup -c $cipher-$iv -h $hash -s $size luksFormat $device $pass if [ $? -ne 0 ]; then log "luksFormat failed" return 2 @@ -262,7 +263,7 @@ setup_cryptdev () { fi fi if [ $keytype = passphrase ]; then - setup_luks $cryptdev $realdev $cipher $ivalgorithm $keysize $keyfile || return 1 + setup_luks $cryptdev $realdev $cipher $ivalgorithm $keyhash $keysize $keyfile || return 1 elif [ $keytype = random ]; then setup_dmcrypt $cryptdev $realdev $cipher $ivalgorithm plain $keysize /dev/urandom || return 1 else