Commit Graph

13 Commits

Author SHA1 Message Date
Poul-Henning Kamp
ddc6ffdccf Avoid off_t -> integer overflow when sorting the locksector addresses. 2003-04-14 09:36:39 +00:00
Poul-Henning Kamp
8b3ee9cd3b Use new GEOM OAM. Kernels have supported this for a number of days, so
people should be OK.
2003-03-31 18:38:31 +00:00
Tim J. Robbins
73657eba91 Fix two unsafe uses of sprintf(). 2003-02-23 07:37:47 +00:00
Tim J. Robbins
bdd64bca36 Correct some err() format string bugs. 2003-02-23 06:35:33 +00:00
Poul-Henning Kamp
1e90b74683 Solve another bug in the mapping code: correctly skip lock sectors.
Make sure sector zero is protected if it contains metadata.

Lower WARNS for gbde to 3 on non-i386 archs.  rijndael-fst is evil
but appearntly does the right thing and passes the test-vectors.

MFC Candidate.
2002-12-18 22:11:54 +00:00
Poul-Henning Kamp
88806cc28c Fix two blunders in the mapping functions which can lead to corrupt data,
for request sizes larger than the sectorsize or for multi-key setups.

See warning mailed to current@ for details of recovery.

Found by:	Marcus Reid <marcus@blazingdot.com>
2002-12-18 19:57:27 +00:00
Poul-Henning Kamp
c6e3e82803 Untwist a twisty bit of logic which gcc for some reason cannot see
through on ia64.
2002-12-18 07:25:33 +00:00
Poul-Henning Kamp
62998d5574 A couple of stylistic improvements. 2002-12-17 19:16:10 +00:00
Poul-Henning Kamp
725490c68f Synchronize usage() with reality.
Semi-automatic handling of /dev prefix for device names.

Sponsored by:	DARPA & NAI Labs.
Approved by:	re (blanket)
2002-12-01 15:58:28 +00:00
Poul-Henning Kamp
5afa461402 Run a revision on the GBDE encryption facility.
Replace ARC4 with SHA2-512.
Change lock-structure encoding to use random ordering rather for obscurity.
Encrypt lock-structure with AES/256 instead of AES/128.
Change kkey derivation to be MD5 hash based.
Watch for malloc(M_NOWAIT) failures and ditch our cache when they happen.
Remove clause 3 of the license with NAI Labs consent.

Many thanks to "Lucky Green" <shamrock@cypherpunks.to> and "David
Wagner" <daw@cs.berkeley.edu>, for code reading, inputs and
suggestions.

This code has still not been stared at for 10 years by a gang of
hard-core cryptographers.  Discretion advised.

NB: These changes result in the on-disk format changing: dump/restore needed.

Sponsored by:   DARPA & NAI Labs.
2002-11-04 09:27:01 +00:00
Poul-Henning Kamp
ab4be8c231 Initialize the new salt field in the lock sector.
Sponsored by:	DARPA & NAI Labs
2002-10-30 22:14:34 +00:00
Poul-Henning Kamp
930f6f2f6d s/dettach/detach/g etc.
Pointed out by:	chris
2002-10-20 19:08:56 +00:00
Poul-Henning Kamp
d220f5beb9 Complete the Geom Based Disk Encryption: Add the OAM utility.
Sponsored by:	DARPA and NAI Labs
2002-10-20 11:16:13 +00:00