5a3ef8b40f
Prior to Ib563b0ea the passphrase used by CryptsetupEncryptor and LuksEncryptor had any leading zeros per hexadecimal digit removed, for example 0x04 or 04 would turn into 0x4 or 4. As a result any volume encrypted prior to the release of Newton used a modified passphrase that was different to that stored by the key manager being used in the environment. To correct this for LuksEncryptor volumes permission denied errors are now caught when attempting to open a volume. A second attempt to open the volume is then made using a mangled passphrase. If successful the correct passphrase is then added to the volume before the mangled passphrase is finally removed. This workaround can be removed in a future release once it is safe to assume that all LuksEncryptor volumes have had any mangled passphrases replaced in this way. This isn't possible for CryptsetupEncryptor volumes as the plain mode used by cryptsetup does not provide a way for adding and removing keys. As such on a permission denied error a second attempt is made to open the volume using a mangled passphrase. Unlike the above workaround this cannot be removed in a future release. Change-Id: I7096463c5eba951dd6322ee6965435e877ca0371 Partial-bug: #1633518 |
||
|---|---|---|
| .. | ||
| cryptsetup.py | ||