Hi Ludwig, I think you should go for a separate program, because this wil lead to a clean interface bertween the two functionalities. Then write a wrapper-script, to get the same convenience as a single, monolithic program would have for the user. This way you get the best of both approaches and have full flexibility for future extension. Furthermore you only need cryptsetyp to remain interface compatible, its implementation can change without impact on your extensions. Arno On Thu, May 03, 2007 at 01:27:16PM +0200, Ludwig Nussel wrote: > Hi, > > SUSE Linux used to ship a losetup with loop-AES patches. For 10.3 > we'd like to stay closer to upstream util-linux-ng and get rid of > such paches. In order for users to still be able to mount their old > encrypted volumes dm-crypt/crypsetup must be able to handle them. > That works just fine for the majority of volumes as they are just > twofish-cbc-null with sha512 passphrase hash. There are also volumes > around that use the 'itercountk' option of loop-AES' losetup though. > That means the passphrase hash additionally needs to be encrypted > using aes. I wonder whether to implement that method directly in > cryptsetup or whether to write a separate program like hashalot that > can be used to pipe the binary key into cryptsetup. The former is > certainly more convenient for users whereas the latter is less > intrusive and likely easier to implement. Any opinions on that? > > cu > Ludwig > > -- > (o_ Ludwig Nussel > //\ SUSE Labs > V_/_ http://www.suse.de/ > SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) > > > > --------------------------------------------------------------------- > dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ > To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx > For additional commands, e-mail: dm-crypt-help@xxxxxxxx > -- Arno Wagner, Dipl. Inform., CISSP --- CSG, ETH Zurich, wagner@xxxxxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans There is considerable overlap between the intelligence of the smartest bears and the dumbest tourists. -- Yosemite park ranger on bear-proof trashcans --------------------------------------------------------------------- dm-crypt mailing list - http://www.saout.de/misc/dm-crypt/ To unsubscribe, e-mail: dm-crypt-unsubscribe@xxxxxxxx For additional commands, e-mail: dm-crypt-help@xxxxxxxx
