Crate luks2[−][src]
Expand description
This crate defines data structures to interact with a LUKS2 partition.
See the examples/ folder for how to use this with a real partition
or an .iso file on Linux and Windows (all examples need to be modified
or require creating some files before they work correctly).
You’ll probably want to compile in release mode most of the time, or else
the master key extraction (which happens everytime a LuksDevice is
created) will take quite a long time.
Modules
Recover information that was split antiforensically.
Custom error types.
Password input.
Structs
Global attributes for the LUKS device.
A struct representing a LUKS device.
A LUKS2 header as described here.
The LUKS2 user data integrity protection type, an experimental feature which is only included for parsing compatibility.
JSON metadata for the device as described here.
A token is an object that can describe how to get a passphrase to unlock a particular keyslot. It can also contain additional user-defined JSON metadata. No token types are implemented; this is only included for parsing compatibility.
Enums
An anti-forensic splitter of a LuksKeyslot. See
the LUKS1 spec
for more information.
Information on the allocated area in the binary keyslots area of a LuksKeyslot.
A digest is used to verify that a key decrypted from a keyslot is correct. Digests are assigned to keyslots and segments. If it is not assigned to a segment, then it is a digest for an unbound key. Every keyslot must have one assigned digest. The key digest also specifies the exact key size for the encryption algorithm of the segment.
Stores information on the PBKDF type and parameters of a LuksKeyslot.
A keyslot contains information about stored keys – areas, where binary keyslot data are located, encryption and anti-forensic function used, password-based key derivation function (PBKDF) and related parameters.
The priority of a LuksKeyslot.
A segment contains a definition of encrypted areas on the disk containing user data (in LUKS1 mentioned as the user data payload). For a normal LUKS device, there ist only one data segment present.
The size of a LuksSegment.