def luks_format(device, passphrase=None, cipher=None, key_size=None, key_file=None): if not passphrase: raise ValueError("luks_format requires passphrase") cs = CryptSetup(device=device, yesDialog = askyes, logFunc = dolog, passwordDialog = askpassphrase) #None is not considered as default value and pycryptsetup doesn't accept it #so we need to filter out all Nones kwargs = {} # Split cipher designator to cipher name and cipher mode cipherType = None cipherMode = None if cipher: cparts = cipher.split("-") cipherType = "".join(cparts[0:1]) cipherMode = "-".join(cparts[1:]) if cipherType: kwargs["cipher"] = cipherType if cipherMode: kwargs["cipherMode"] = cipherMode if key_size: kwargs["keysize"] = key_size rc = cs.luksFormat(**kwargs) if rc: raise CryptoError("luks_format failed for '%s'" % device) # activate first keyslot cs.addKeyByVolumeKey(newPassphrase = passphrase) if rc: raise CryptoError("luks_add_key_by_volume_key failed for '%s'" % device)
def luks_format(device, passphrase=None, key_file=None, cipher=None, key_size=None): cs = CryptSetup(yesDialog = askyes, logFunc = dolog) key_file_unlink = False if passphrase: key_file = cs.prepare_passphrase_file(passphrase) key_file_unlink = True elif key_file and os.path.isfile(key_file): pass else: raise ValueError("luks_format requires either a passphrase or a key file") #None is not considered as default value and pycryptsetup doesn't accept it #so we need to filter out all Nones kwargs = {} kwargs["device"] = device if cipher: kwargs["cipher"] = cipher if key_file: kwargs["keyfile"] = key_file if key_size: kwargs["keysize"] = key_size rc = cs.luksFormat(**kwargs) if key_file_unlink: os.unlink(key_file) if rc: raise CryptoError("luks_format failed for '%s'" % device)
def luks_format(device, passphrase=None, key_file=None, cipher=None, key_size=None): cs = CryptSetup(yesDialog=askyes, logFunc=dolog) key_file_unlink = False if passphrase: key_file = cs.prepare_passphrase_file(passphrase) key_file_unlink = True elif key_file and os.path.isfile(key_file): pass else: raise ValueError( "luks_format requires either a passphrase or a key file") #None is not considered as default value and pycryptsetup doesn't accept it #so we need to filter out all Nones kwargs = {} kwargs["device"] = device if cipher: kwargs["cipher"] = cipher if key_file: kwargs["keyfile"] = key_file if key_size: kwargs["keysize"] = key_size rc = cs.luksFormat(**kwargs) if key_file_unlink: os.unlink(key_file) if rc: raise CryptoError("luks_format failed for '%s'" % device)
def luks_format(device, passphrase=None, cipher=None, key_size=None, key_file=None): if not passphrase: raise ValueError("luks_format requires passphrase") cs = CryptSetup(device=device, yesDialog=askyes, logFunc=dolog, passwordDialog=askpassphrase) #None is not considered as default value and pycryptsetup doesn't accept it #so we need to filter out all Nones kwargs = {} # Split cipher designator to cipher name and cipher mode cipherType = None cipherMode = None if cipher: cparts = cipher.split("-") cipherType = "".join(cparts[0:1]) cipherMode = "-".join(cparts[1:]) if cipherType: kwargs["cipher"] = cipherType if cipherMode: kwargs["cipherMode"] = cipherMode if key_size: kwargs["keysize"] = key_size rc = cs.luksFormat(**kwargs) if rc: raise CryptoError("luks_format failed for '%s'" % device) # activate first keyslot cs.addKeyByVolumeKey(newPassphrase=passphrase) if rc: raise CryptoError("luks_add_key_by_volume_key failed for '%s'" % device)
def luks_format(device, passphrase, cipher=None, key_size=None, key_file=None, min_entropy=0): cs = CryptSetup(device=device, yesDialog=yesDialog, logFunc=logFunc, passwordDialog=passwordDialog) kwargs = {} cipherType, cipherMode = None, None if cipher: cparts = cipher.split("-") cipherType = "".join(cparts[0:1]) cipherMode = "-".join(cparts[1:]) if cipherType: kwargs["cipher"] = cipherType if cipherMode: kwargs["cipherMode"] = cipherMode if key_size: kwargs["keysize"] = key_size if min_entropy > 0: while get_current_entropy() < min_entropy: time.sleep(1) rc = cs.luksFormat(**kwargs) if rc: return rc rc = cs.addKeyByVolumeKey(newPassphrase=passphrase) return rc if rc else 0
def luks_format(device, passphrase, cipher=None, key_size=None, key_file=None, min_entropy=0): """ Format a device as a LUKS device. :param str device: device identifier :param str passphrase: passphrase to encrypt with :param str cipher: cipher to use (if not default) :param int key_size: key size to use (if not default) :param str key_file: path to key file to use (optional) :param int min_entropy: Don't encrypt until system has this much entropy :returns: 0 on success """ cs = CryptSetup(device=device, yesDialog=yesDialog, logFunc=logFunc) kwargs = {} cipherType, cipherMode = None, None if cipher: cparts = cipher.split("-") cipherType = "".join(cparts[0:1]) cipherMode = "-".join(cparts[1:]) if cipherType: kwargs["cipher"] = cipherType if cipherMode: kwargs["cipherMode"] = cipherMode if key_size: kwargs["keysize"] = key_size if min_entropy > 0: while get_current_entropy() < min_entropy: time.sleep(1) rc = cs.luksFormat(**kwargs) if rc: return rc rc = cs.addKeyByVolumeKey(newPassphrase=passphrase) return rc if rc else 0
def luks_format(device, passphrase=None, cipher=None, key_size=None, key_file=None, min_entropy=0): """ Format device as LUKS with the specified parameters. :param str device: device to format :param str passphrase: passphrase to add to the new LUKS device :param str cipher: cipher mode to use :param int keysize: keysize to use :param str key_file: key file to use :param int min_entropy: minimum random data entropy level required for LUKS format creation (0 means entropy level is not checked) note:: If some minimum entropy is required (min_entropy > 0), the function waits for enough entropy to be gathered by the kernel which may potentially take very long time or even forever. """ # pylint: disable=unused-argument if not passphrase: raise ValueError("luks_format requires passphrase") cs = CryptSetup(device=device, yesDialog=yesDialog, logFunc=logFunc, passwordDialog=passwordDialog) #None is not considered as default value and pycryptsetup doesn't accept it #so we need to filter out all Nones kwargs = {} # Split cipher designator to cipher name and cipher mode cipherType = None cipherMode = None if cipher: cparts = cipher.split("-") cipherType = "".join(cparts[0:1]) cipherMode = "-".join(cparts[1:]) if cipherType: kwargs["cipher"] = cipherType if cipherMode: kwargs["cipherMode"] = cipherMode if key_size: kwargs["keysize"] = key_size if min_entropy > 0: # min_entropy == 0 means "don't care" while get_current_entropy() < min_entropy: # wait for entropy to become high enough time.sleep(1) rc = cs.luksFormat(**kwargs) if rc: raise CryptoError("luks_format failed for '%s'" % device) # activate first keyslot cs.addKeyByVolumeKey(newPassphrase=passphrase) if rc: raise CryptoError("luks_add_key_by_volume_key failed for '%s'" % device)