plain: Print warning if using default cipher ahd hash options.

Unlike LUKS, plain mode uses no metadata where configured.
As we need to upgrade algorithms form time to time because of security
reasons, warn user to specify these options explicitly.

Related #758.

1 files changed, 18 insertions, 0 deletions

diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index 537e7db7..2f18c71d 100644
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -151,6 +151,7 @@ static int action_open_plain(void)
 	size_t passwordLen, key_size_max, signatures = 0,
 	       key_size = (ARG_UINT32(OPT_KEY_SIZE_ID) ?: DEFAULT_PLAIN_KEYBITS) / 8;
 	uint32_t activate_flags = 0;
+	bool compat_warning = false;
 	int r;
 
 	r = crypt_parse_name_and_mode(ARG_STR(OPT_CIPHER_ID) ?: DEFAULT_CIPHER(PLAIN),
@@ -160,6 +161,23 @@ static int action_open_plain(void)
 		goto out;
 	}
 
+	/*
+	 * Warn user if no cipher options and passphrase hashing is not specified.
+	 * For keyfile, password hashing is not used, no need to print warning for missing --hash.
+	 * Keep this enabled even in batch mode to fix scripts and avoid data corruption.
+	 */
+	if (!ARG_SET(OPT_CIPHER_ID) || !ARG_SET(OPT_KEY_SIZE_ID)) {
+		log_err(_("WARNING: Using default options for cipher (%s-%s, key size %u bits) that could be incompatible with older versions."),
+			cipher, cipher_mode, key_size * 8);
+		compat_warning = true;
+	}
+	if (!ARG_SET(OPT_HASH_ID) && !ARG_SET(OPT_KEY_FILE_ID)) {
+		log_err(_("WARNING: Using default options for hash (%s) that could be incompatible with older versions."), params.hash);
+		compat_warning = true;
+	}
+	if (compat_warning)
+		log_err(_("For plain mode, always use options --cipher, --key-size and if no keyfile is used, then also --hash."));
+
 	/* FIXME: temporary hack, no hashing for keyfiles in plain mode */
 	if (ARG_SET(OPT_KEY_FILE_ID) && !tools_is_stdin(ARG_STR(OPT_KEY_FILE_ID))) {
 		params.hash = NULL;