Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 78550 - aes encryption option is not available
Summary: aes encryption option is not available
Keywords:
Status: CLOSED DUPLICATE of bug 56698
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: util-linux
Version: 8.0
Hardware: i686
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Elliot Lee
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-11-25 17:47 UTC by Michael Lee Yohe
Modified: 2007-04-18 16:48 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2002-12-07 14:28:34 UTC


Attachments (Terms of Use)

Description Michael Lee Yohe 2002-11-25 17:47:11 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.6 (X11; Linux i686; U;) Gecko/20020830

Description of problem:
When discussing loopback encryption with Arjan, he said that instead of having
to use DES, I could use AES instead (since it is bundled with Red Hat Linux) -
losetup does not recognize "aes" as an available encryption option.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. # losetup -e aes /dev/loop0 test.img 

Actual Results:  Unsupported encryption type aes

Expected Results:  Should allow user to setup an aes encrypted loopback device.

Additional info:

$ rpm -q losetup
losetup-2.11r-10

Comment 1 Michael Lee Yohe 2002-11-25 17:54:06 UTC
Further, I force injected the "cipher-aes" module:

# modprobe cipher-aes
# losetup -e aes /dev/loop0 /home/myohe/test.img 
Unsupported encryption type aes
# losetup -e cipher-aes /dev/loop0 /home/myohe/test.img 
Unsupported encryption type cipher-aes
# losetup -e AES /dev/loop0 /home/myohe/test.img 
Unsupported encryption type AES


Comment 2 Michael Lee Yohe 2002-11-25 17:56:39 UTC
I should finish my thoughts before hitting "submit.."

# dmesg | grep cryptoapi
cryptoapi: loaded
cryptoapi: Registered aes-ecb (0)
cryptoapi: Registered aes-cbc (65536)
cryptoapi: Registered aes-cfb (131072)
cryptoapi: Registered aes-ctr (262144)
cryptoapi: Registered aes-rtc (524288)

# losetup -e aes-rtc /dev/loop0 /home/myohe/test.img 
Unsupported encryption type aes-rtc
# losetup -e aes-ecb /dev/loop0 /home/myohe/test.img 
Unsupported encryption type aes-ecb
# losetup -e aes-cfb /dev/loop0 /home/myohe/test.img 
Unsupported encryption type aes-cfb
# losetup -e aes-ctr /dev/loop0 /home/myohe/test.img 
Unsupported encryption type aes-ctr
# losetup -e aes-cbc /dev/loop0 /home/myohe/test.img 
Unsupported encryption type aes-cbc



Comment 3 Need Real Name 2002-12-05 08:45:04 UTC
And while it's open (along the same lines); 
how come it only supports XOR which is slow and DES which doesn't work anyway:

losetup -e des /dev/loop0 /file
Password:
Init (up to 16 hex digits):
ioctl: LOOP_SET_STATUS: Invalid argument

Lets take DES out as everyone agrees it is too weak and doesn't work anyway, 
and lets put at least one decent one in by default; AES, IDEA or something, and 
even better would be to be able to use loadable encryption modules.


Comment 4 Michael Lee Yohe 2002-12-05 15:01:26 UTC
The DES problem is related to Bug 56698 and includes a semi-howto on what to do
to get encrypted filesystems to work under Red Hat Linux (albeit a non-packaged
method).

I filed Bug 78544 against the kernel - Arjan correctly informed me that the
_kernel_ has loopback encryption support.  However, the Red Hat Linux
distribution itself _does not_ have the support.  I will modify Bug 78544
accordingly to reference the distribution's lack of a method EVEN when the man
pages (documentation) say otherwise.

Comment 5 Need Real Name 2002-12-05 21:30:40 UTC
Does this mean I can just get the src.rpm to losetup and util-linux packages 
and add to the .spec file the patches from 
http://www.kernel.org/pub/linux/kernel/crypto/v2.4/ and expect it to work?

If I understand the problem correctly, and it is so, then I am happy to put 
together and updated src.rpm for rawhide and/or redhat update.

Sam
[Yes, and I meant XOR was fast, not slow]

Comment 6 Need Real Name 2002-12-07 14:28:28 UTC
Well.... I derived the patch for the util-linux package but it doesn't apply 
cleanly when combined with all the other redhat linux-util patches part of 
the .src.rpm

And not knowing the purposes behind many of the applied patches I can't tell 
how far from a working crypto losetup we are; or if or how much still needs 
patching.

So I'll have to leave it to the util-linux package maintainers to sort out what 
is still missing and fix it up.


Comment 7 Elliot Lee 2002-12-09 18:59:07 UTC

*** This bug has been marked as a duplicate of 56698 ***


Note You need to log in before you can comment on or make changes to this bug.