From 5d29bc014a33d9bdc1c5fb4b8add2f38850f46a8 Mon Sep 17 00:00:00 2001
From: Vojtech Trefny <vtrefny@redhat.com>
Date: Wed, 24 Feb 2021 14:44:03 +0100
Subject: [PATCH] crypto: Fix default key size for non XTS ciphers

512 bits should be default only for AES-XTS which needs two keys,
default for other modes must be 256 bits.

resolves: rhbz#1931847
---
 src/plugins/crypto.c | 11 +++++++++--
 src/plugins/crypto.h |  2 +-
 tests/crypto_test.py | 36 ++++++++++++++++++++++++++++++++++++
 3 files changed, 46 insertions(+), 3 deletions(-)

diff --git a/src/plugins/crypto.c b/src/plugins/crypto.c
index f4a2e8f0..1e7043fa 100644
--- a/src/plugins/crypto.c
+++ b/src/plugins/crypto.c
@@ -774,8 +774,15 @@ static gboolean luks_format (const gchar *device, const gchar *cipher, guint64 k
         return FALSE;
     }
 
-    /* resolve requested/default key_size (should be in bytes) */
-    key_size = (key_size != 0) ? (key_size / 8) : (DEFAULT_LUKS_KEYSIZE_BITS / 8);
+    if (key_size == 0) {
+        if (g_str_has_prefix (cipher_specs[1], "xts-"))
+            key_size = DEFAULT_LUKS_KEYSIZE_BITS * 2;
+        else
+            key_size = DEFAULT_LUKS_KEYSIZE_BITS;
+    }
+
+    /* key_size should be in bytes */
+    key_size = key_size / 8;
 
     /* wait for enough random data entropy (if requested) */
     if (min_entropy > 0) {
diff --git a/src/plugins/crypto.h b/src/plugins/crypto.h
index 71a1438d..a38724d9 100644
--- a/src/plugins/crypto.h
+++ b/src/plugins/crypto.h
@@ -36,7 +36,7 @@ typedef enum {
 /* 20 chars * 6 bits per char (64-item charset) = 120 "bits of security" */
 #define BD_CRYPTO_BACKUP_PASSPHRASE_LENGTH 20
 
-#define DEFAULT_LUKS_KEYSIZE_BITS 512
+#define DEFAULT_LUKS_KEYSIZE_BITS 256
 #define DEFAULT_LUKS_CIPHER "aes-xts-plain64"
 #define DEFAULT_LUKS2_SECTOR_SIZE 512
 
diff --git a/tests/crypto_test.py b/tests/crypto_test.py
index 0609a070..0aecc032 100644
--- a/tests/crypto_test.py
+++ b/tests/crypto_test.py
@@ -236,6 +236,42 @@ def test_luks2_format(self):
             self.fail("Failed to get pbkdf information from:\n%s %s" % (out, err))
         self.assertEqual(int(m.group(1)), 5)
 
+    def _get_luks1_key_size(self, device):
+        _ret, out, err = run_command("cryptsetup luksDump %s" % device)
+        m = re.search(r"MK bits:\s*(\S+)\s*", out)
+        if not m or len(m.groups()) != 1:
+            self.fail("Failed to get key size information from:\n%s %s" % (out, err))
+        key_size = m.group(1)
+        if not key_size.isnumeric():
+            self.fail("Failed to get key size information from: %s" % key_size)
+        return int(key_size)
+
+    @tag_test(TestTags.SLOW, TestTags.CORE)
+    def test_luks_format_key_size(self):
+        """Verify that formating device as LUKS works"""
+
+        # aes-xts: key size should default to 512
+        succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-xts-plain64", 0, PASSWD, None, 0)
+        self.assertTrue(succ)
+
+        key_size = self._get_luks1_key_size(self.loop_dev)
+        self.assertEqual(key_size, 512)
+
+        # aes-cbc: key size should default to 256
+        succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-cbc-essiv:sha256", 0, PASSWD, None, 0)
+        self.assertTrue(succ)
+
+        key_size = self._get_luks1_key_size(self.loop_dev)
+        self.assertEqual(key_size, 256)
+
+        # try specifying key size for aes-xts
+        succ = BlockDev.crypto_luks_format(self.loop_dev, "aes-xts-plain64", 256, PASSWD, None, 0)
+        self.assertTrue(succ)
+
+        key_size = self._get_luks1_key_size(self.loop_dev)
+        self.assertEqual(key_size, 256)
+
+
 class CryptoTestResize(CryptoTestCase):
 
     def _get_key_location(self, device):