diff options
| author | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2008-06-13 21:03:41 +0000 |
|---|---|---|
| committer | Hans-Joerg Hoexer <hshoexer@cvs.openbsd.org> | 2008-06-13 21:03:41 +0000 |
| commit | 4743fd3d70d1fce61146ff4761a1ba23af953aff (patch) | |
| tree | 6fa45227eb6ab820b7a6ee0d6ced4186e0d43e21 /sys | |
| parent | 6de47580a7d1b6e2b4ab4c332a5385825eca8f43 (diff) | |
Implement pbkdf2 in in bioctl to derive master key from a passphrase.
ok marco djm
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/dev/softraid_crypto.c | 8 | ||||
| -rw-r--r-- | sys/dev/softraidvar.h | 19 |
2 files changed, 21 insertions, 6 deletions
diff --git a/sys/dev/softraid_crypto.c b/sys/dev/softraid_crypto.c index 239cdeb9f38..c43f092cae2 100644 --- a/sys/dev/softraid_crypto.c +++ b/sys/dev/softraid_crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: softraid_crypto.c,v 1.22 2008/06/13 18:26:59 hshoexer Exp $ */ +/* $OpenBSD: softraid_crypto.c,v 1.23 2008/06/13 21:03:40 hshoexer Exp $ */ /* * Copyright (c) 2007 Marco Peereboom <marco@peereboom.us> * Copyright (c) 2008 Hans-Joerg Hoexer <hshoexer@openbsd.org> @@ -185,11 +185,11 @@ sr_crypto_get_kdf(struct bioc_createraid *bc, struct sr_discipline *sd) /* copy KDF hint to disk meta data */ if (kdfinfo->flags & SR_CRYPTOKDF_HINT) { if (sizeof(sd->mds.mdd_crypto.scr_meta.scm_kdfhint) < - kdfinfo->kdfhint.len) + kdfinfo->genkdf.len) goto out; - bcopy(&kdfinfo->kdfhint, + bcopy(&kdfinfo->genkdf, sd->mds.mdd_crypto.scr_meta.scm_kdfhint, - kdfinfo->kdfhint.len); + kdfinfo->genkdf.len); } /* copy mask key to run-time meta data */ diff --git a/sys/dev/softraidvar.h b/sys/dev/softraidvar.h index 6999078cd27..7a2712fb79f 100644 --- a/sys/dev/softraidvar.h +++ b/sys/dev/softraidvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: softraidvar.h,v 1.54 2008/06/13 18:27:42 djm Exp $ */ +/* $OpenBSD: softraidvar.h,v 1.55 2008/06/13 21:03:40 hshoexer Exp $ */ /* * Copyright (c) 2006 Marco Peereboom <marco@peereboom.us> * Copyright (c) 2008 Chris Kuethe <ckuethe@openbsd.org> @@ -107,6 +107,16 @@ struct sr_crypto_genkdf { #define SR_CRYPTOKDFT_PBKDF2 (1<<0) }; +struct sr_crypto_kdf_pbkdf2 { + u_int32_t len; + u_int32_t type; +#define SR_CRYPTOKDFT_INVALID (0) +#define SR_CRYPTOKDFT_PBKDF2 (1<<0) + u_int32_t rounds; + u_int8_t salt[128]; +}; + + struct sr_crypto_kdfinfo { u_int32_t len; u_int32_t flags; @@ -114,7 +124,12 @@ struct sr_crypto_kdfinfo { #define SR_CRYPTOKDF_KEY (1<<0) #define SR_CRYPTOKDF_HINT (1<<1) u_int8_t maskkey[SR_CRYPTO_MAXKEYBYTES]; - struct sr_crypto_genkdf kdfhint; + union { + struct sr_crypto_genkdf generic; + struct sr_crypto_kdf_pbkdf2 pbkdf2; + } _kdfhint; +#define genkdf _kdfhint.generic +#define pbkdf2 _kdfhint.pbkdf2 }; struct sr_crypto_metadata { |