My notes on making encrypted filesystems 'Just Work(tm)'

W. Michael Petullo mike at
Thu Dec 16 19:59:28 PST 2004

>> I have a prototype "Setup" script written in bash that should allow us
>> to discuss this portion further.  Before I present the script, here is
>> the cryptheader I used:


> Anyway, I think this is a good start anyway. Further comments below:


Okay, I made some changes to the prototype script.

1.  I now verify volume.fstype is crypto_sesame.
2.  I now ensure the cleartext key ends in SESAME0.
3.  I now strip SESAME0 from the key before unlocking the filesystem.
4.  I now name the dm-crypt device "sesame_crypto_"$UUID"

Should the SHA-1 hash of the key be performed with or without the SESAME0
at the end?  Is my SESAME0-handling logic right?  Once the everything
seems right I will take a shot at implementing this in C as a statically
linked program so it may be used in and initrd.  Does anyone have a
suggestion for a crypto library (my experience is with OpenSSL/libcrypto)?

Here is the new script:

# FIXME: should be able to get this from the environment.

# FIXME: should be able to read this from stdin.

# Get information from hal, should be available from environment someday.
# May want to read some of this directly from device in case hal is not running.
BLOCK_KEY_CIPHER=`hal-get-property --udi="$UDI" --key volume.crypto_sesame.block_key_cipher`
BLOCK_KEY_SHA1=`hal-get-property --udi="$UDI" --key volume.crypto_sesame.block_key_sha1`
UUID=`hal-get-property --udi="$UDI" --key volume.crypto_sesame.uuid`
VERSION=`hal-get-property --udi="$UDI" --key volume.crypto_sesame.version`
DEVICE=`hal-get-property --udi="$UDI" --key block.device`
VOLUME_FSTYPE=`hal-get-property --udi="$UDI" --key volume.fstype`

# FIXME: this should be published by hal -- a 128 bit key (as hex).
# For some reason hald is not providing this information.
# Key was created with:
# echo `dd if=/dev/urandom bs=1c count=128`SESAME0 | \
#   openssl enc -aes-256-ecb | xxd -p
# Passphrase is "sesame" (see PASSPHRASE defined above)

# Make sure volume has correct fstype.
if [ x"$VOLUME_FSTYPE" != xcrypto_sesame ]; then
        echo fstype is not crypto_sesame >&2
        exit 1

# Decrypt the key using the passphrase.
# FIXME: uh oh, how do I pass both passphrase and data to openssl?
KEY=`echo "$ENC_KEY" | xxd -r -p | openssl enc -d -aes-256-ecb -pass "pass:$PASSPHRASE"`

# Ensure cleartext key ends in SESAME0.
echo $KEY | grep SESAME0$ > /dev/null
if [ $? != 0 ]; then
        echo cleartext key does not end in SESAME0 >&2
        exit 1

# Strip SESAME0.
KEY=`echo $KEY | sed 's/SESAME0$//g'`

# Check to make sure hash of key matches that provided by hal.
if [ "$BLOCK_KEY_SHA1" != `echo $KEY | sha1sum | awk '{ print $1 }'` ]; then
        echo key sha1 hash does not match data provided by hal >&2
        exit 1

# Set up the dm-crypt device.
echo setting up $DEVICE using $BLOCK_KEY_CIPHER, default hash and 128 bit key
echo "$KEY" | cryptsetup -s 128 -c "$BLOCK_KEY_CIPHER" create sesame_crypto_"$UUID" "$DEVICE"


hal mailing list
hal at

More information about the Hal mailing list