Changeset View
Changeset View
Standalone View
Standalone View
head/stand/geli/geliboot.c
Show First 20 Lines • Show All 115 Lines • ▼ Show 20 Lines | |||||
static int | static int | ||||
geli_findkey(struct geli_entry *ge, struct dsk *dskp, u_char *mkey) | geli_findkey(struct geli_entry *ge, struct dsk *dskp, u_char *mkey) | ||||
{ | { | ||||
u_int keynum; | u_int keynum; | ||||
int i; | int i; | ||||
if (ge->keybuf_slot >= 0) { | if (ge->keybuf_slot >= 0) { | ||||
if (g_eli_mkey_decrypt(&ge->md, saved_keys[ge->keybuf_slot], | if (g_eli_mkey_decrypt_any(&ge->md, saved_keys[ge->keybuf_slot], | ||||
mkey, &keynum) == 0) { | mkey, &keynum) == 0) { | ||||
return (0); | return (0); | ||||
} | } | ||||
} | } | ||||
for (i = 0; i < nsaved_keys; i++) { | for (i = 0; i < nsaved_keys; i++) { | ||||
if (g_eli_mkey_decrypt(&ge->md, saved_keys[i], mkey, | if (g_eli_mkey_decrypt_any(&ge->md, saved_keys[i], mkey, | ||||
&keynum) == 0) { | &keynum) == 0) { | ||||
ge->keybuf_slot = i; | ge->keybuf_slot = i; | ||||
return (0); | return (0); | ||||
} | } | ||||
} | } | ||||
return (1); | return (1); | ||||
} | } | ||||
▲ Show 20 Lines • Show All 121 Lines • ▼ Show 20 Lines | pkcs5v2_genkey(dkey, sizeof(dkey), geli_e->md.md_salt, | ||||
sizeof(geli_e->md.md_salt), passphrase, | sizeof(geli_e->md.md_salt), passphrase, | ||||
geli_e->md.md_iterations); | geli_e->md.md_iterations); | ||||
g_eli_crypto_hmac_update(&ctx, dkey, sizeof(dkey)); | g_eli_crypto_hmac_update(&ctx, dkey, sizeof(dkey)); | ||||
explicit_bzero(dkey, sizeof(dkey)); | explicit_bzero(dkey, sizeof(dkey)); | ||||
} | } | ||||
g_eli_crypto_hmac_final(&ctx, key, 0); | g_eli_crypto_hmac_final(&ctx, key, 0); | ||||
error = g_eli_mkey_decrypt(&geli_e->md, key, mkey, &keynum); | error = g_eli_mkey_decrypt_any(&geli_e->md, key, mkey, &keynum); | ||||
if (error == -1) { | if (error == -1) { | ||||
explicit_bzero(mkey, sizeof(mkey)); | explicit_bzero(mkey, sizeof(mkey)); | ||||
explicit_bzero(key, sizeof(key)); | explicit_bzero(key, sizeof(key)); | ||||
printf("Bad GELI key: bad password?\n"); | printf("Bad GELI key: bad password?\n"); | ||||
return (error); | return (error); | ||||
} else if (error != 0) { | } else if (error != 0) { | ||||
explicit_bzero(mkey, sizeof(mkey)); | explicit_bzero(mkey, sizeof(mkey)); | ||||
explicit_bzero(key, sizeof(key)); | explicit_bzero(key, sizeof(key)); | ||||
▲ Show 20 Lines • Show All 160 Lines • Show Last 20 Lines |