d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Conceiveably, there may exist an algorithm which can tell if a sequence of bytes

Browse Source 
are the output of AES/128/CBC or ARC4RANDOM.  Encrypt the random data with which
we wipe when we get a BIO_DELETE to make such an algorithm useful.

Sponsored by:	DARPA & NAI Labs
Approved by:	re (blanket)
This commit is contained in:
phk 2002-12-01 15:50:48 +00:00
parent 2e45221c26
commit d2f5accf6d
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/geom/bde/g_bde_crypt.c
View File

@ -191,9 +191,13 @@ g_bde_crypt_delete(struct g_bde_work *wp)
struct g_bde_softc *sc;
u_char *d;
off_t o;
u_char skey[G_BDE_SKEYLEN];
keyInstance ki;
cipherInstance ci;
sc = wp->softc;
d = wp->sp->data;
AES_init(&ci);
/*
* Do not unroll this loop!
* Our zone may be significantly wider than the amount of random
@ -202,6 +206,9 @@ g_bde_crypt_delete(struct g_bde_work *wp)
*/
for (o = 0; o < wp->length; o += sc->sectorsize) {
arc4rand(d, sc->sectorsize, 0);
arc4rand(&skey, sizeof skey, 0);
AES_makekey(&ki, DIR_ENCRYPT, G_BDE_SKEYBITS, skey);
AES_encrypt(&ci, &ki, d, d, sc->sectorsize);
d += sc->sectorsize;
}
/*