FreeBSD-src - Raptor Engineering's fork of pfsense FreeBSD src with pfSense changes

	Commit message (Collapse)	Author	Age	Files	Lines
*	Interior decoration changes.	phk	2003-10-07	1	-4/+4
\|
*	Optimize the size of the work-items by letting the mapping function	phk	2003-01-02	1	-1/+1
\| \| \| \| \|	decide the largest size which stays inside the zone and does not collide with a lock sector.
*	Run a revision on the GBDE encryption facility.	phk	2002-11-04	1	-18/+77
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Replace ARC4 with SHA2-512. Change lock-structure encoding to use random ordering rather for obscurity. Encrypt lock-structure with AES/256 instead of AES/128. Change kkey derivation to be MD5 hash based. Watch for malloc(M_NOWAIT) failures and ditch our cache when they happen. Remove clause 3 of the license with NAI Labs consent. Many thanks to "Lucky Green" <shamrock@cypherpunks.to> and "David Wagner" <daw@cs.berkeley.edu>, for code reading, inputs and suggestions. This code has still not been stared at for 10 years by a gang of hard-core cryptographers. Discretion advised. NB: These changes result in the on-disk format changing: dump/restore needed. Sponsored by: DARPA & NAI Labs.
*	Change the kkey generation cherry-picker to use MD5.	phk	2002-10-30	1	-2/+3
\| \| \| \|	Sponsored by: DARPA & NAI Labs
*	Constify input to the arc4 seed function.	phk	2002-10-20	1	-1/+2
\| \| \| \| \| \|	Implement the lockfile hunting in sector zero. Sponsored by: DARPA & NAI Labs.
*	Add Geom Based Disk Encryption to the tree.	phk	2002-10-19	1	-0/+150
	This is an encryption module designed for to secure denial of access to the contents of "cold disks" with or without destruction activation. Major features: * Based on AES, MD5 and ARC4 algorithms. * Four cryptographic barriers: 1) Pass-phrase encrypts the master key. 2) Pass-phrase + Lock data locates master key. 3) 128 bit key derived from 2048 bit master key protects sector key. 3) 128 bit random single-use sector keys protect data payload. * Up to four different changeable pass-phrases. * Blackening feature for provable destruction of master key material. * Isotropic disk contents offers no information about sector contents. * Configurable destination sector range allows steganographic deployment. This commit adds the kernel part, separate commits will follow for the userland utility and documentation. This software was developed for the FreeBSD Project by Poul-Henning Kamp and NAI Labs, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program. Many thanks to Robert Watson, CBOSS Principal Investigator for making this possible. Sponsored by: DARPA & NAI Labs.