Milan Broz: > On 10/10/2017 10:42 PM, segfault wrote: >> I'm currently working on integrating support for unlocking VeraCrypt and >> TrueCrypt via udisks and GNOME Disks. I just noticed that if the >> cryptsetup unlock function is called with the VeraCrypt option, it also >> tries the legacy TrueCrypt modes in addition to the VeraCrypt modes. As >> a result, it is possible to unlock legacy TrueCrypt volumes even if the >> VeraCrypt option is used. This makes things easier for me, because I >> don't have to ask the user to tell me if the volume is VeraCrypt or >> TrueCrypt. I just want to make sure: Is this expected behavior and can I >> rely on this staying this way? > > Yes, it is intentional. > > The Veracrypt switch just adds new modes to check (and new signature) > but all Truecrypt modes are checked as well. Great! > The reason it is separated is that opening Veracypt volumes can take very long time > (because of increased number of iterations). Try to open some volume with > wrong password (and add --debug to see how it iterates through all possible algorithms). Right. So we could still ask the user, in order to allow faster unlocking of TrueCrypt volumes. I expect that UX-wise fewer options will be better than a few seconds less waiting for unlocking, but this we will discuss on other channels. Thanks for the quick answer! _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
