[root@storageqe-66 cryptsetup_libblockdev]# vim luks_opal.py
[root@storageqe-66 cryptsetup_libblockdev]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop2 7:2 0 5G 0 loop
sda 8:0 0 558.9G 0 disk
├─sda1 8:1 0 600M 0 part /boot/efi
├─sda2 8:2 0 1G 0 part /boot
└─sda3 8:3 0 557.3G 0 part
├─rhel_storageqe--66-root 253:0 0 70G 0 lvm /
├─rhel_storageqe--66-swap 253:1 0 15.6G 0 lvm [SWAP]
└─rhel_storageqe--66-home 253:2 0 471.7G 0 lvm /home
sdb 8:16 1 0B 0 disk
nvme0n1 259:1 0 1.5T 0 disk
├─nvme0n1p1 259:3 0 5G 0 part
│ └─EnOv 253:3 0 5G 0 crypt
├─nvme0n1p2 259:8 0 5G 0 part
│ └─QpZF 253:4 0 5G 0 crypt
└─nvme0n1p3 259:9 0 5G 0 part
└─Pnck 253:5 0 5G 0 crypt
nvme1n1 259:5 0 5G 0 disk
[root@storageqe-66 cryptsetup_libblockdev]#
[root@storageqe-66 cryptsetup_libblockdev]#
[root@storageqe-66 cryptsetup_libblockdev]#
[root@storageqe-66 cryptsetup_libblockdev]# cyrusbdb2current ^C
[root@storageqe-66 cryptsetup_libblockdev]# cryptsetup luksDump /dev/nvme0n1p1
LUKS header information
Version: 2
Epoch: 5
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes]
UUID: 0cb197ad-8de4-425f-ad6a-08ce822e0e64
Label: (no label)
Subsystem: HW-OPAL
Flags: (no flags)
Requirements: opal Data segments:
0: hw-opal-crypt
offset: 16777216 [bytes]
length: 5351931904 [bytes]
cipher: aes-xts-plain64
sector: 4096 [bytes]
HW OPAL encryption:
OPAL segment number: 1
OPAL key: 256 bits
OPAL segment length: 5351931904 [bytes]Keyslots:
0: luks2
Key: 768 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: argon2id
Time cost: 4
Memory: 1016071
Threads: 4
Salt: 6a 89 7e d0 e4 5d 8c dd 69 c5 b4 38 68 25 e5 08
62 28 44 da 3b 4f ab 24 76 d5 14 20 13 aa 85 23
AF stripes: 4000
AF hash: sha256
Area offset:32768 [bytes]
Area length:385024 [bytes]
Digest ID: 0
1: luks2
Key: 768 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: pbkdf2
Hash: sha256
Iterations: 1000
Salt: 8b bd 27 7b 31 40 80 04 66 40 3b 61 01 01 26 83
e0 5d 52 61 83 67 6e 79 48 43 7f 1b 26 fa 80 4f
AF stripes: 4000
AF hash: sha256
Area offset:417792 [bytes]
Area length:385024 [bytes]
Digest ID: 0
Tokens:
0: clevis
Keyslot: 1
Digests:
0: pbkdf2
Hash: sha256
Iterations: 60569
Salt: 30 61 d9 e9 31 2f 4e 24 61 1e 30 cc f3 a8 04 71
53 e4 00 18 61 4c 8f 3a 22 a2 94 d5 0a e4 fd e8
Digest: 33 5b b7 bb 84 29 14 db 7a a9 b9 8d 52 f5 de 39
7e 15 86 3a c8 b5 e8 0a 4b 93 a7 9b 4a a0 5e b8
[root@storageqe-66 cryptsetup_libblockdev]# cryptsetup luksDump /dev/nvme0n1p2
LUKS header information
Version: 2
Epoch: 5
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes]
UUID: 56509c06-8039-48a1-b15a-9209a111ba00
Label: (no label)
Subsystem: HW-OPAL
Flags: (no flags)
Requirements: opal Data segments:
0: hw-opal-crypt
offset: 16777216 [bytes]
length: 5351931904 [bytes]
cipher: aes-xts-plain64
sector: 4096 [bytes]
HW OPAL encryption:
OPAL segment number: 2
OPAL key: 256 bits
OPAL segment length: 5351931904 [bytes]Keyslots:
0: luks2
Key: 768 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: argon2id
Time cost: 4
Memory: 1015803
Threads: 4
Salt: 63 be 7c 38 77 46 da e1 09 98 b9 ed c4 f3 a3 4c
e1 c4 d6 ee 3d 1e 7a 30 f1 71 05 7f 7c 49 db 5f
AF stripes: 4000
AF hash: sha256
Area offset:32768 [bytes]
Area length:385024 [bytes]
Digest ID: 0
1: luks2
Key: 768 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: pbkdf2
Hash: sha256
Iterations: 1000
Salt: d5 b4 fb 6d 1e 09 11 1c 50 9e d0 65 dd a5 de 10
15 e7 a9 55 50 a6 17 12 ce 43 36 e0 6c c6 0a 34
AF stripes: 4000
AF hash: sha256
Area offset:417792 [bytes]
Area length:385024 [bytes]
Digest ID: 0
Tokens:
0: clevis
Keyslot: 1
Digests:
0: pbkdf2
Hash: sha256
Iterations: 60681
Salt: 5b 7a 3a 60 10 2a 6e 18 ab ab 3b e5 9e 55 d5 6e
30 09 1e c3 94 ef a4 6f 1c d3 3d ca 43 5d 17 a1
Digest: c8 78 a0 0f bc 81 eb 2f ed a4 73 72 bc 27 b7 82
36 15 a6 eb f2 0d 30 e1 6f b8 2b 99 ef ec 46 d6
[root@storageqe-66 cryptsetup_libblockdev]# cryptsetup luksDump /dev/nvme0n1p3
LUKS header information
Version: 2
Epoch: 5
Metadata area: 16384 [bytes]
Keyslots area: 16744448 [bytes]
UUID: 28cf1063-dff5-4fec-b1c3-b28462336cec
Label: (no label)
Subsystem: HW-OPAL
Flags: (no flags)
Requirements: opal Data segments:
0: hw-opal-crypt
offset: 16777216 [bytes]
length: 5351931904 [bytes]
cipher: aes-xts-plain64
sector: 4096 [bytes]
HW OPAL encryption:
OPAL segment number: 3
OPAL key: 256 bits
OPAL segment length: 5351931904 [bytes]Keyslots:
0: luks2
Key: 768 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: argon2id
Time cost: 4
Memory: 1016056
Threads: 4
Salt: 81 22 ed 9b a6 70 f4 dd c9 0f 3d dd ed 4f 10 7f
bd 8d e9 75 02 2e e9 15 e4 e6 f0 2a f1 3a 6d 3c
AF stripes: 4000
AF hash: sha256
Area offset:32768 [bytes]
Area length:385024 [bytes]
Digest ID: 0
1: luks2
Key: 768 bits
Priority: normal
Cipher: aes-xts-plain64
Cipher key: 512 bits
PBKDF: pbkdf2
Hash: sha256
Iterations: 1000
Salt: cf a3 1e a5 ba 5e c4 26 74 55 ce 4e bd 57 70 75
e2 93 2e 7c dc 7e de 53 5b 9c d0 40 f4 e4 ec e2
AF stripes: 4000
AF hash: sha256
Area offset:417792 [bytes]
Area length:385024 [bytes]
Digest ID: 0
Tokens:
0: clevis
Keyslot: 1
Digests:
0: pbkdf2
Hash: sha256
Iterations: 60569
Salt: e8 db 9b a1 c9 62 23 67 31 55 85 5c 56 a8 ba 07
7b 65 06 d5 bf e9 ec e1 ee fb 72 66 13 5a 67 ae
Digest: f7 a9 f5 06 a1 46 61 cf 40 53 14 1d 6a e7 d9 69
a0 dc 4c 0c fa ca 7e 46 77 da e9 fc 07 c8 14 c3
[root@storageqe-66 cryptsetup_libblockdev]#
[root@storageqe-66 cryptsetup_libblockdev]# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop2 7:2 0 5G 0 loop
sda 8:0 0 558.9G 0 disk
├─sda1 8:1 0 600M 0 part /boot/efi
├─sda2 8:2 0 1G 0 part /boot
└─sda3 8:3 0 557.3G 0 part
├─rhel_storageqe--66-root 253:0 0 70G 0 lvm /
├─rhel_storageqe--66-swap 253:1 0 15.6G 0 lvm [SWAP]
└─rhel_storageqe--66-home 253:2 0 471.7G 0 lvm /home
sdb 8:16 1 0B 0 disk
nvme0n1 259:1 0 1.5T 0 disk
├─nvme0n1p1 259:3 0 5G 0 part
│ └─EnOv 253:3 0 5G 0 crypt
├─nvme0n1p2 259:8 0 5G 0 part
│ └─QpZF 253:4 0 5G 0 crypt
└─nvme0n1p3 259:9 0 5G 0 part
└─Pnck 253:5 0 5G 0 crypt
nvme1n1 259:5 0 5G 0 disk
[root@storageqe-66 cryptsetup_libblockdev]# cryptsetup close EnOv
[root@storageqe-66 cryptsetup_libblockdev]# cryptsetup erase /dev/nvme0n1p1
Enter OPAL Admin password:
[root@storageqe-66 cryptsetup_libblockdev]#
[root@storageqe-66 cryptsetup_libblockdev]# cryptsetup luksDump /dev/nvme0n1p2
Device /dev/nvme0n1p2 is not a valid LUKS device.
[root@storageqe-66 cryptsetup_libblockdev]# cryptsetup luksDump /dev/nvme0n1p3
Device /dev/nvme0n1p3 is not a valid LUKS device.
[root@storageqe-66 cryptsetup_libblockdev]#
[root@storageqe-66 cryptsetup_libblockdev]# /home/cryptsetup_libblockdev/opal-toolset/control list_range --locking-range=1 --admin=1 --verify-pin=passwdpasswd /dev/nvme0n1p1
Locking range 1: Start: 0, length: 0, R locked: no, W locked: no, R lock enabled: no, W lock enabled: no.
[root@storageqe-66 cryptsetup_libblockdev]# /home/cryptsetup_libblockdev/opal-toolset/control list_range --locking-range=2 --admin=1 --verify-pin=passwdpasswd /dev/nvme0n1p2
Locking range 2: Start: 10536960, length: 10452992, R locked: no, W locked: no, R lock enabled: yes, W lock enabled: yes.
[root@storageqe-66 cryptsetup_libblockdev]# /home/cryptsetup_libblockdev/opal-toolset/control list_range --locking-range=3 --admin=1 --verify-pin=passwdpasswd /dev/nvme0n1p3
Locking range 3: Start: 21024768, length: 10452992, R locked: no, W locked: no, R lock enabled: yes, W lock enabled: yes.
[root@storageqe-66 cryptsetup_libblockdev]#
Bug
Undefined
