The LUKS partition and data file format offers several advantages as an on-disk data format, so I wanted Revelation (which I use to store many of my passwords) to use it as its native format. So I developed this python class to support reading, writing, and creating a LUKS file from inside python. This python class has nothing to do with Revelation, and I believe it can be generally helpful. I then patched Revelation to use the new class I have written.
Some helpful links
The LUKS code: (all the following .txt files should be renamed to .py)
Here are a few scripts to test luks.py.
I also tested by using the linux kernel
$ dd if=/dev/zero of=kern.data bs=1M count=4 $ losetup /dev/loop0 kern.data $ cryptsetup luksFormat -c "aes-cbc-essiv:sha256" /dev/loop0 $ crypsetup luksOpen /dev/loop0 kern $ cp luks.py /dev/mapper/kern $ cryptsetup remove kern $ losetup -d /dev/loop0 $ python decrypt.py kern.data ... $ python create.py aes.data ... $ dd if=/dev/zero of=pad bs=512 count=20 $ cat pad >> aes.data $ losetup /dev/loop0 aes.data $ cryptsetup luksOpen /dev/loop0 aes $ dd if=/dev/mapper/aes bs=512 count=3 $ cryptsetup remove luksOpen $ losetup -d /dev/loop0
(The addition of a pad on the end of a file created by my python class was needed to get cryptsetup to recognize the file. Smaller files caused cryptsetup to error out. I am currently unsure if this is a bug in cryptsetup or what, but just extending the size of the file by a few K makes it work fine)
The patch to revelation, made against revision 564 of the revelation/trunk branch of the revelation SVN: rvl.diff.