Changeset View
Changeset View
Standalone View
Standalone View
head/stand/geli/geliboot.c
| Show First 20 Lines • Show All 115 Lines • ▼ Show 20 Lines | |||||
| static int | static int | ||||
| geli_findkey(struct geli_entry *ge, struct dsk *dskp, u_char *mkey) | geli_findkey(struct geli_entry *ge, struct dsk *dskp, u_char *mkey) | ||||
| { | { | ||||
| u_int keynum; | u_int keynum; | ||||
| int i; | int i; | ||||
| if (ge->keybuf_slot >= 0) { | if (ge->keybuf_slot >= 0) { | ||||
| if (g_eli_mkey_decrypt(&ge->md, saved_keys[ge->keybuf_slot], | if (g_eli_mkey_decrypt_any(&ge->md, saved_keys[ge->keybuf_slot], | ||||
| mkey, &keynum) == 0) { | mkey, &keynum) == 0) { | ||||
| return (0); | return (0); | ||||
| } | } | ||||
| } | } | ||||
| for (i = 0; i < nsaved_keys; i++) { | for (i = 0; i < nsaved_keys; i++) { | ||||
| if (g_eli_mkey_decrypt(&ge->md, saved_keys[i], mkey, | if (g_eli_mkey_decrypt_any(&ge->md, saved_keys[i], mkey, | ||||
| &keynum) == 0) { | &keynum) == 0) { | ||||
| ge->keybuf_slot = i; | ge->keybuf_slot = i; | ||||
| return (0); | return (0); | ||||
| } | } | ||||
| } | } | ||||
| return (1); | return (1); | ||||
| } | } | ||||
| ▲ Show 20 Lines • Show All 121 Lines • ▼ Show 20 Lines | pkcs5v2_genkey(dkey, sizeof(dkey), geli_e->md.md_salt, | ||||
| sizeof(geli_e->md.md_salt), passphrase, | sizeof(geli_e->md.md_salt), passphrase, | ||||
| geli_e->md.md_iterations); | geli_e->md.md_iterations); | ||||
| g_eli_crypto_hmac_update(&ctx, dkey, sizeof(dkey)); | g_eli_crypto_hmac_update(&ctx, dkey, sizeof(dkey)); | ||||
| explicit_bzero(dkey, sizeof(dkey)); | explicit_bzero(dkey, sizeof(dkey)); | ||||
| } | } | ||||
| g_eli_crypto_hmac_final(&ctx, key, 0); | g_eli_crypto_hmac_final(&ctx, key, 0); | ||||
| error = g_eli_mkey_decrypt(&geli_e->md, key, mkey, &keynum); | error = g_eli_mkey_decrypt_any(&geli_e->md, key, mkey, &keynum); | ||||
| if (error == -1) { | if (error == -1) { | ||||
| explicit_bzero(mkey, sizeof(mkey)); | explicit_bzero(mkey, sizeof(mkey)); | ||||
| explicit_bzero(key, sizeof(key)); | explicit_bzero(key, sizeof(key)); | ||||
| printf("Bad GELI key: bad password?\n"); | printf("Bad GELI key: bad password?\n"); | ||||
| return (error); | return (error); | ||||
| } else if (error != 0) { | } else if (error != 0) { | ||||
| explicit_bzero(mkey, sizeof(mkey)); | explicit_bzero(mkey, sizeof(mkey)); | ||||
| explicit_bzero(key, sizeof(key)); | explicit_bzero(key, sizeof(key)); | ||||
| ▲ Show 20 Lines • Show All 160 Lines • Show Last 20 Lines | |||||