Commit Graph

147 Commits

Author SHA1 Message Date
nia 1e8ef14842 cgdconfig.8: Use argon2id in examples 2021-12-04 15:03:58 +00:00
christos ccce93efc8 -lpthread to LDADD (fixes lint build) 2021-11-28 02:01:30 +00:00
nia 47fbfd2f6a cgdconfig(8): add some console feedback when calculating the number
of pkcs5_pbkdf2 iterations
2021-11-22 16:04:03 +00:00
nia 1569bcc0b3 cgdconfig(8): Add an argon2id password-based key generation method
This provides an extra level of side-channel and cracking resistance
compared to the pre-existing pkcs5_pbkdf2/sha1 method used for
password-based disk encryption.

Several new keygen parameters are supported:

	memory (integer, in kilobytes)
	parallelism (integer, usually the number of CPU cores)
	version (integer, usually 19...)

We do our best to calibrate these automatically when the paramsfile
is initially generated.

lgtm riastradh@
2021-11-22 14:34:35 +00:00
riastradh 3db1594692 cgdconfig(8): Fail more gracefully than SIGSEGV if shell_cmd fails. 2021-06-16 23:22:08 +00:00
prlw1 6fcffc8303 Make adiantum a first class citizen 2021-06-03 15:40:27 +00:00
nia cb91ad3daa cgdconfig.8: use gpt in examples, it's more versatile for this use case 2021-04-30 21:07:34 +00:00
maya 1b70e4604b The -n flag is useless with -g, don't mention it.
From rudolf in PR misc/36243
2021-04-18 19:56:09 +00:00
riastradh 800615b324 Touch up cgdconfig(8) man page.
- Suggest adiantum first.
- Remove references to Blowfish.
- Clarify that ivmethod is relevant only for ancient compatibility.
2020-12-11 21:52:19 +00:00
wiz c6cc6b9db4 Use Nm. 2020-06-23 14:08:01 +00:00
nia 44bd074d70 cgdconfig.8: remove references to using cgd for swap
this is potentially misleading now that the kernel does swap encryption
2020-06-23 13:23:56 +00:00
nia 4e9ba6e816 cgdconfig.8: Reflect actual behaviour of /dev/(u)random 2020-06-23 13:20:14 +00:00
kre 84b2b98300 KNF, 80 column police, a few other tidy ups (use if (ret == 0) rather
than if (!ret) when ret is not a boolean, and test fopen result against
NULL, for example).

NFCI.
2019-04-10 06:11:37 +00:00
kre c2cf8ad6d4 PR bin/53999 from rudolf (eq.cz)
Fix cgdconfig to report verification failures with gpt and mbr
verification methods (and not treat them as silent hard errors).
This also causes the cgd to be unconfigured when one of those
verification methods fails.

Add ATF tests to check that bad verification is reported, and
does not leave the cgd configured.

Patches from the PR applied.
2019-04-10 06:09:39 +00:00
mlelstv e93ebd453a Avoid crash when no algorithm is specified in parameter file. 2018-12-30 12:05:48 +00:00
wiz e63c9a2484 Sort SEE ALSO. 2018-12-29 18:34:01 +00:00
alnsn 7f3a8bf678 s/Dec/December/. 2018-12-28 18:33:54 +00:00
alnsn 4b140abf1c Document that cgd.conf supports NAME=label and ROOT.<suffix> targets.
XXX Default paramsfile for NAME=label is /etc/cgd/dkNN (resolved wedge
partition) and /etc/cgd/ROOT.<suffix> for ROOT.<suffix>. This isn't yet
documented. IMO, it should be the other way around: /etc/cgd/label
for the former and /et/cgd/[root-device] for the latter.
2018-12-27 21:17:08 +00:00
prlw1 30eeab08c0 typo 2018-09-01 11:46:52 +00:00
kre 0efffb3e4f With the change to use getpass_r the 128 byte passphrase limit no
longer applies, so update the BUGS section here to reflect that change.
The limit now is 1023 whichever method is used to fetch the passphrase.
2018-05-09 20:23:35 +00:00
alnsn 265610788f use explicit_memset(3) 2018-05-09 19:38:46 +00:00
alnsn 98def45107 Missed one change when doing a manual merge of my patch with kre's commit. 2018-05-09 18:18:11 +00:00
alnsn bf3984213d Add '-e' option (echo the passphrase) and wipe the passphrase after use.
XXX Using memset for wiping isn't a good idea because memset is likely
optimised away by gcc. This should be revisited.
2018-05-09 18:11:56 +00:00
wiz 9f41709322 Add commas in enumeration. 2018-05-09 17:35:03 +00:00
kre 2d50dc8f17 Fix missing -p in usage message (noted by Christoph Badura, thanks),
and update -l usage as well.

While here fix man page synopses and a few other odds and ends.
2018-05-09 14:27:41 +00:00
kre 99316b228e Check arg count in configure() at entry, rather than later.
This avoids the stupid null deref I added a couple of commits
ago (on bad usage) and also simplifies the rest of the routine
which no longer needs to check the arg count nearly as much.

Thanks to Alexander Nasonov for finding the null deref bug.
2018-05-09 13:19:33 +00:00
kre ed050bc6ea Fix usage for rump. Fixes test breakage caused by previous commit. 2018-05-06 20:55:42 +00:00
kre 8880a43f55 Check whether the cgd device selected is available to be
configured,that is, not already in use, before requesting
passwords from the user (or elsewhere).
2018-05-05 11:28:44 +00:00
christos 8cdbd53a62 Need <sys/stat.h> for S_IFBLK. 2017-01-10 20:45:19 +00:00
alnsn 11d74f071c Add aes-xts to cgdconfig(8). 2016-12-11 00:34:39 +00:00
sevan d2528dc7eb Spelling mistake.
Bump date.
2016-09-11 01:09:34 +00:00
christos 55b06df259 replace openssl HMAC(3) with our hmac(3). 2016-07-01 22:50:09 +00:00
christos 35da36c439 CID 1340063: fix TOCTOU 2015-11-24 14:07:18 +00:00
christos fc8a4870ed Don't chdir to the config directory; just form the parameters file with a
path if needed.
2015-11-22 20:24:19 +00:00
christos d3037dba83 fix error messages containing \n 2015-06-16 23:18:54 +00:00
christos d980f336d5 fix possibly uninitialized variable. 2014-12-14 23:27:14 +00:00
christos d4b702a5f2 avoid local variable shadowing devname. 2014-12-14 23:25:07 +00:00
wiz b1ec4779e4 Bump date for previous. Fix typo. 2014-12-14 17:15:14 +00:00
mlelstv a0b59f5f8a Add validation methods "mbr" and "gpt" for disks without a valid disklabel. 2014-12-14 12:31:39 +00:00
mlelstv f902d9ca42 support wedge names.
The default param file for a wedge is still named after the device (dkN)
which might be unpredictable. Use an explicit param file instead.
2014-12-14 11:31:39 +00:00
christos 2882a9c896 List all cgd's no matter if they are not contiguously allocated 2013-06-09 18:37:40 +00:00
wiz 5fd31fe80e Whitespace.
New sentence, new line.
2012-12-05 08:56:54 +00:00
christos 0f179f793d add cgdconfig -l like vnconfig -l 2012-12-05 02:23:20 +00:00
matt cf7ed4c9cc Convert to C89 function definitions 2012-03-20 18:50:30 +00:00
joerg baa8e84b6f Use __dead 2011-08-29 14:34:58 +00:00
dholland a1d28c6e00 fix typo 2011-07-03 19:05:10 +00:00
pooka 5f732a29cb Convert from the oldstyle cgd_kops.op_open to the newstyle prog_open
and define RUMPPRG.  Get rid of the Makefile.inc stuff, since it was
useful only for the oldstyle regime.
2010-12-14 17:46:21 +00:00
pooka 39f08af21d mirror change of -lrumpcrypto ==> -lrumpkern_crypto 2010-12-05 20:13:26 +00:00
elric 297cd81a0d Remove a line that was intended only for my personal testing and that
breaks things.
2010-12-02 18:02:58 +00:00
elric 7de6a71be4 In -G, refuse to operate if KEYGEN_URANDOM is specified as we already do
for KEYGEN_RANDOMKEY.

Print a warning if such a refusal is made---this will help the user understand
why there is an error.

Patch provided by:  Taylor R Campbell <campbell+netbsd@mumble.net>.
2010-12-02 04:54:32 +00:00