]> git.proxmox.com Git - mirror_qemu.git/commit
projects / mirror_qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 59b060b) | patch
crypto: make PBKDF iterations configurable for LUKS format
authorDaniel P. Berrange <berrange@redhat.com>
Tue, 6 Sep 2016 17:43:00 +0000 (18:43 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Mon, 19 Sep 2016 15:30:45 +0000 (16:30 +0100)
commit3bd18890cab82735ae2565fa50aa122e1b4a0ef0
tree1fd465fd7a0b3cbf686ad01c6bf53934e59895e5tree
parent59b060be184aff59cfa101c937c8139e66f452f2commit | diff
crypto: make PBKDF iterations configurable for LUKS format

As protection against bruteforcing passphrases, the PBKDF
algorithm is tuned by counting the number of iterations
needed to produce 1 second of running time. If the machine
that the image will be used on is much faster than the
machine where the image is created, it can be desirable
to raise the number of iterations. This change adds a new
'iter-time' property that allows the user to choose the
iteration wallclock time.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
block/crypto.c diff | blob | blame | history
crypto/block-luks.c diff | blob | blame | history
qapi/crypto.json diff | blob | blame | history
QEMU mirror