diff options
author | Damien Miller <djm@cvs.openbsd.org> | 2008-06-14 17:04:51 +0000 |
---|---|---|
committer | Damien Miller <djm@cvs.openbsd.org> | 2008-06-14 17:04:51 +0000 |
commit | 5517050d393fc1226611013717d55d4779503b7d (patch) | |
tree | 1d4d61992674ff3109e2fb8bbebe2f6233de190c /sbin/bioctl/bioctl.c | |
parent | fcba0fd831fe70ed197146d72af6b12bca76ce2a (diff) |
add a -r option to specify the number of PKCS5 PBKDF2 iterations used
to derive the password (minimum: 1000, maximum: more than you want)
ok hshoexer@
Diffstat (limited to 'sbin/bioctl/bioctl.c')
-rw-r--r-- | sbin/bioctl/bioctl.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/sbin/bioctl/bioctl.c b/sbin/bioctl/bioctl.c index 9ea26511c8f..aff172a0d94 100644 --- a/sbin/bioctl/bioctl.c +++ b/sbin/bioctl/bioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bioctl.c,v 1.67 2008/06/14 06:28:27 djm Exp $ */ +/* $OpenBSD: bioctl.c,v 1.68 2008/06/14 17:04:50 djm Exp $ */ /* * Copyright (c) 2004, 2005 Marco Peereboom @@ -82,6 +82,7 @@ int devh = -1; int human; int verbose; u_int32_t cflags = 0; +int rflag = 8192; struct bio_locate bl; @@ -94,13 +95,14 @@ main(int argc, char *argv[]) char *bioc_dev = NULL, *sd_dev = NULL; char *realname = NULL, *al_arg = NULL; char *bl_arg = NULL, *dev_list = NULL; + const char *errstr; int ch, rv, blink = 0, diskinq = 0; u_int16_t cr_level = 0; if (argc < 2) usage(); - while ((ch = getopt(argc, argv, "b:C:c:dl:u:H:ha:ivq")) != -1) { + while ((ch = getopt(argc, argv, "a:b:C:c:dH:hil:qr:vu:")) != -1) { switch (ch) { case 'a': /* alarm */ func |= BIOC_ALARM; @@ -144,6 +146,12 @@ main(int argc, char *argv[]) func |= BIOC_DEVLIST; dev_list = optarg; break; + case 'r': + rflag = strtonum(optarg, 1000, 1<<30, &errstr); + if (errstr != NULL) + errx(1, "Number of rounds is %s: %s", + errstr, optarg); + break; case 'v': verbose = 1; break; @@ -714,7 +722,7 @@ bio_kdf_generate(struct sr_crypto_kdfinfo *kdfinfo) kdfinfo->pbkdf2.len = sizeof(kdfinfo->pbkdf2); kdfinfo->pbkdf2.type = SR_CRYPTOKDFT_PBKDF2; - kdfinfo->pbkdf2.rounds = 10000; + kdfinfo->pbkdf2.rounds = rflag; kdfinfo->len = sizeof(*kdfinfo); kdfinfo->flags = (SR_CRYPTOKDF_KEY | SR_CRYPTOKDF_HINT); |