Can I make a encrypted image by using openssl encrypt tools instead of dmsetup?

Question

Generally, I can create a encrypted ext4 image by do this:

fallocate -l 6553600 encrypt.img
losetup -f encrypt.img
dmsetup create encrypt_disk --table "0 12800 crypt aes 32BYTEKEY 0 /dev/loop0 0"
mkfs.ext4 /dev/mapper/encrypt_disk

Then I can mount /dev/mapper/encrypt_disk to a directory and all files in this disk will be encrypted automatically. And I got a encrypt.img. It can loaded by dmsetup in the next time.

Here is my question: Can I make a encrypt.img by using openssl tools instead of dmsetup? Maybe it will like this:

fallocate -l 6553600 encrypt.img
losetup -f encrypt.img
mkfs.ext4 /dev/loop0
openssl aes ...

Thank you.

Answer 1

No, you can't do this:
Because the filesystem you use is implemented in the kernel, you need an underlying encrypted block device implementation that is also implemented in the kernel, which is the case with dmsetup ... crypt.
openssl is a userspace implementation that does encryption outside the kernel so cannot be used for implementing devices that support a file system.

If you used a userspace filesystem instead, which is not ext4, but could be something around fuse, then this one could be based on something else than a kernel based block device, but that's a quite different topic.