diff options
author | phk <phk@FreeBSD.org> | 2002-11-04 09:27:01 +0000 |
---|---|---|
committer | phk <phk@FreeBSD.org> | 2002-11-04 09:27:01 +0000 |
commit | 16874ad9231c653cc0923d057079cb01dc655144 (patch) | |
tree | f63c9d7688c826251a2cc69a8cbf9eace1f02f75 /sys/geom/bde/g_bde_crypt.c | |
parent | 8f58d0f543eb1d2ede1aa0736e9fe5e958cba1d6 (diff) | |
download | FreeBSD-src-16874ad9231c653cc0923d057079cb01dc655144.zip FreeBSD-src-16874ad9231c653cc0923d057079cb01dc655144.tar.gz |
Run a revision on the GBDE encryption facility.
Replace ARC4 with SHA2-512.
Change lock-structure encoding to use random ordering rather for obscurity.
Encrypt lock-structure with AES/256 instead of AES/128.
Change kkey derivation to be MD5 hash based.
Watch for malloc(M_NOWAIT) failures and ditch our cache when they happen.
Remove clause 3 of the license with NAI Labs consent.
Many thanks to "Lucky Green" <shamrock@cypherpunks.to> and "David
Wagner" <daw@cs.berkeley.edu>, for code reading, inputs and
suggestions.
This code has still not been stared at for 10 years by a gang of
hard-core cryptographers. Discretion advised.
NB: These changes result in the on-disk format changing: dump/restore needed.
Sponsored by: DARPA & NAI Labs.
Diffstat (limited to 'sys/geom/bde/g_bde_crypt.c')
-rw-r--r-- | sys/geom/bde/g_bde_crypt.c | 57 |
1 files changed, 10 insertions, 47 deletions
diff --git a/sys/geom/bde/g_bde_crypt.c b/sys/geom/bde/g_bde_crypt.c index 6cabb52..6c545a8 100644 --- a/sys/geom/bde/g_bde_crypt.c +++ b/sys/geom/bde/g_bde_crypt.c @@ -16,9 +16,6 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. - * 3. The names of the authors may not be used to endorse or promote - * products derived from this software without specific prior written - * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -49,51 +46,12 @@ #include <sys/libkern.h> #include <sys/md5.h> -#include <geom/geom.h> -#include <geom/bde/g_bde.h> - #include <crypto/rijndael/rijndael.h> +#include <crypto/sha2/sha2.h> -/* - * These four functions wrap the raw Rijndael functions and make sure we - * explode if something fails which shouldn't. - */ - -static void -AES_init(cipherInstance *ci) -{ - int error; - - error = rijndael_cipherInit(ci, MODE_CBC, NULL); - KASSERT(error > 0, ("rijndael_cipherInit %d", error)); -} - -static void -AES_makekey(keyInstance *ki, int dir, u_int len, void *key) -{ - int error; - - error = rijndael_makeKey(ki, dir, len, key); - KASSERT(error > 0, ("rijndael_makeKey %d", error)); -} - -static void -AES_encrypt(cipherInstance *ci, keyInstance *ki, void *in, void *out, u_int len) -{ - int error; - - error = rijndael_blockEncrypt(ci, ki, in, len * 8, out); - KASSERT(error > 0, ("rijndael_blockEncrypt %d", error)); -} - -static void -AES_decrypt(cipherInstance *ci, keyInstance *ki, void *in, void *out, u_int len) -{ - int error; +#include <geom/geom.h> +#include <geom/bde/g_bde.h> - error = rijndael_blockDecrypt(ci, ki, in, len * 8, out); - KASSERT(error > 0, ("rijndael_blockDecrypt %d", error)); -} /* * Derive kkey from mkey + sector offset. @@ -120,10 +78,14 @@ g_bde_kkey(struct g_bde_softc *sc, keyInstance *ki, int dir, off_t sector) u_int t; MD5_CTX ct; u_char buf[16]; + u_char buf2[8]; + + /* We have to be architecture neutral */ + g_enc_le8(buf2, sector); MD5Init(&ct); MD5Update(&ct, sc->key.salt, 8); - MD5Update(&ct, (void *)§or, sizeof sector); + MD5Update(&ct, buf2, sizeof buf2); MD5Update(&ct, sc->key.salt + 8, 8); MD5Final(buf, &ct); @@ -131,8 +93,9 @@ g_bde_kkey(struct g_bde_softc *sc, keyInstance *ki, int dir, off_t sector) for (t = 0; t < 16; t++) { MD5Update(&ct, &sc->key.mkey[buf[t]], 1); if (t == 8) - MD5Update(&ct, (void *)§or, sizeof sector); + MD5Update(&ct, buf2, sizeof buf2); } + bzero(buf2, sizeof buf2); MD5Final(buf, &ct); bzero(&ct, sizeof ct); AES_makekey(ki, dir, G_BDE_KKEYBITS, buf); |