diff options
Diffstat (limited to 'Documentation')
-rw-r--r-- | Documentation/device-mapper/dm-crypt.txt | 47 |
1 files changed, 30 insertions, 17 deletions
diff --git a/Documentation/device-mapper/dm-crypt.txt b/Documentation/device-mapper/dm-crypt.txt index a2a6627aa659..8140b71f3c54 100644 --- a/Documentation/device-mapper/dm-crypt.txt +++ b/Documentation/device-mapper/dm-crypt.txt @@ -11,14 +11,31 @@ Parameters: <cipher> <key> <iv_offset> <device path> \ <offset> [<#opt_params> <opt_params>] <cipher> - Encryption cipher and an optional IV generation mode. - (In format cipher[:keycount]-chainmode-ivmode[:ivopts]). + Encryption cipher, encryption mode and Initial Vector (IV) generator. + + The cipher specifications format is: + cipher[:keycount]-chainmode-ivmode[:ivopts] Examples: - des aes-cbc-essiv:sha256 - twofish-ecb + aes-xts-plain64 + serpent-xts-plain64 + + Cipher format also supports direct specification with kernel crypt API + format (selected by capi: prefix). The IV specification is the same + as for the first format type. + This format is mainly used for specification of authenticated modes. - /proc/crypto contains supported crypto modes + The crypto API cipher specifications format is: + capi:cipher_api_spec-ivmode[:ivopts] + Examples: + capi:cbc(aes)-essiv:sha256 + capi:xts(aes)-plain64 + Examples of authenticated modes: + capi:gcm(aes)-random + capi:authenc(hmac(sha256),xts(aes))-random + capi:rfc7539(chacha20,poly1305)-random + + The /proc/crypto contains a list of curently loaded crypto modes. <key> Key used for encryption. It is encoded either as a hexadecimal number @@ -94,20 +111,16 @@ submit_from_crypt_cpus same context. integrity:<bytes>:<type> - Calculates and verifies integrity for the encrypted device (uses - authenticated encryption). This mode requires metadata stored in per-bio - integrity structure of <bytes> in size. - - This option requires that the underlying device is created by dm-integrity - target and provides exactly <bytes> of per-sector metadata. + The device requires additional <bytes> metadata per-sector stored + in per-bio integrity structure. This metadata must by provided + by underlying dm-integrity target. - There can by two options for <type>. The first one is used when encryption - mode is Authenticated mode (AEAD mode), then type must be just "aead". - The second option is integrity calculated by keyed hash (HMAC), then - <type> is for example "hmac(sha256)". + The <type> can be "none" if metadata is used only for persistent IV. - If random IV is used (persistently stored IV in metadata per-sector), - then <bytes> includes both space for random IV and authentication tag. + For Authenticated Encryption with Additional Data (AEAD) + the <type> is "aead". An AEAD mode additionally calculates and verifies + integrity for the encrypted device. The additional space is then + used for storing authentication tag (and persistent IV if needed). Example scripts =============== |