Commit Graph

78 Commits

Author SHA1 Message Date
wiz
3f812bdc84 Bump date for previous. 2008-05-13 09:31:06 +00:00
elric
98059cd502 Add a new keygen method which will execute an external command and
take its output as the key.  I've been meaning to do this for quite
a while...
2008-05-11 03:15:21 +00:00
elric
ba6026f365 Add -p flag to retrieve passphrases from stdin. This is mainly aimed
at programatic use where the caller wants to be able to use PKCS#5.

Disable looping on invalid verifications unless both a passphrase method
is in use and the -p flag is not specified.

Update man page to document -p flag.
2008-05-10 21:38:40 +00:00
martin
11a6dbe728 Convert TNF licenses to new 2 clause variant 2008-04-30 13:10:46 +00:00
martin
ce099b4099 Remove clause 3 and 4 from TNF licenses 2008-04-28 20:22:51 +00:00
christos
ab3d20195f PR/28627: Andreas Gustafsson: Try 5 times to calibrate before failing. Should
fix issues with CPU's that don't produce consistent timing output due to code
morphing or power-savings.
2008-04-21 15:23:35 +00:00
matt
f664ab11b6 Change incorrect usage of CFLAGS to CPPFLAGS 2008-02-16 17:56:36 +00:00
matt
04686d0e18 yyerror returns void, not int 2008-02-16 17:56:11 +00:00
christos
f4f95f573f simplify and fix the combination code. Hi pooka. 2007-11-11 22:44:12 +00:00
martin
4babfd8202 size_t != unsigned int - so don't pass the address of the former when a
pointer to the latter is expected.
2007-11-06 10:48:39 +00:00
martin
309213c31a Do not use %d for size_t 2007-11-06 10:44:23 +00:00
christos
ad18d2e41e 3 month roland feedback timeout:
- Pass lint
- knf
- convert ints to size_t's
2007-11-06 02:50:48 +00:00
rumble
8f8bfb23ec Add a DIAGNOSTICS section and explain that the error message "could not
calibrate pkcs5_pbkdf2" could have resulted due to dynamic changes in cpu
clock frequency.
2007-02-23 20:00:04 +00:00
cbiere
a91470cccd Fixed format string in opendisk_werror() which was wrong since my previous
commit.
2007-02-06 14:04:01 +00:00
cbiere
a63e176c73 * 1 -> EXIT_FAILURE.
* Replaced atoi() with parse_int().
 * Use an enum for ACTION_* instead of #define.
 * Use strdup() or asnprintf() instead of strlcpy() to avoid truncation.
 * pread() returns ssize_t not int.
 * Suppress "unused parameter" warnings.
 * verify_disklabel(): Pass the correct size to disklabel_scan().
 * verify_ffs():
   * Don't indicate success if pread() fails.
   * Check the amount of bytes read.
   * Don't cast buf to (struct fs *), it's not aligned.
 * eliminate_cores(): No need for a temporary variable.
2007-02-06 02:09:19 +00:00
cbiere
6d1dbd06cb Use warn() and warnx(). 2007-02-06 01:55:40 +00:00
cbiere
6065c2bb2b crypt_defaults_lookup():
* Avoid comparison of int with unsigned.
 * Simplified.
2007-02-06 00:51:09 +00:00
cbiere
b90361afef memxor(): Fixed size_t/int mismatch. 2007-02-06 00:48:37 +00:00
cbiere
140287a3de Replaced int_encode() with be32enc(). 2007-01-27 08:29:14 +00:00
hubertf
df06563bc3 Remove more duplicate #includes,
from Slava Semushin <slava.semushin@gmail.com>
2007-01-17 21:59:49 +00:00
christos
2a1607d040 Programs that use efun. 2006-08-26 18:14:28 +00:00
mrg
aadd7d4847 sprinkle some -fno-strict-aliasing and -Wno-pointer-sign with GCC4. 2006-05-11 23:16:28 +00:00
mrg
c2d7663a8e __b64_pton() wants unsigned char *. 2006-05-11 00:42:08 +00:00
mrg
41093909e9 HMAC() wants unsigned int pointer for the final argument; make it so. 2006-05-11 00:40:54 +00:00
christos
fbdfb6fbf0 Coverity CID 2753: Free the correct variable. 2006-03-22 16:35:44 +00:00
christos
bd5a805fc3 fix compile problem. 2006-03-22 15:45:16 +00:00
christos
7ef824757b Coverity CID 1593: Plug memory leak 2006-03-22 02:21:20 +00:00
christos
25207a2398 Coverity CID 1203: Check return code of b64_ntop(). 2006-03-20 00:53:39 +00:00
elad
6ec9e1c359 Proper bounds check, found by Coverity, CID 1468. 2006-03-17 13:58:27 +00:00
simonb
3204463045 We link against libl and liby, so depend on them too. 2006-02-25 11:57:52 +00:00
christos
cc9c2b575d - constify.
- don't dup extern declarations on each file because they end up being
  inconsistent (yyerror).
2005-06-27 03:07:45 +00:00
lukem
2d447a3b0c Avoid dereferencing/free()ing invalid pointers if the random device
cannot be opened.
Detected with gcc -Wuninitialized.
(The bug was fixed in rev 1.4 by rumble but reintroduced in rev 1.5 by tv !)
2005-06-02 01:31:30 +00:00
elric
1cdd98012f setprogname(3) needs to come before calls to err(3). 2005-03-30 20:59:34 +00:00
elric
6230b2ec40 Lock all memory. 2005-03-30 19:56:05 +00:00
elric
646d61aa58 one more malloc -> emalloc. 2005-03-30 17:17:51 +00:00
christos
f8ce51d45f Centralize error checking for malloc,calloc,strdup. 2005-03-30 17:10:18 +00:00
elric
2dcfc0c616 Turn off core dumps. 2005-03-30 15:45:56 +00:00
christos
192c2eccf6 Add -lcrypt where -lcrypto is specified. 2005-03-09 03:11:22 +00:00
elric
0664f91dd8 s/milliseconds/microseconds/ in comments and a variable because it is
misleading to say one when we've been meaning the other.
2005-01-04 04:55:18 +00:00
elric
1b0f3868f6 Fix comment. We're using microseconds not milliseconds. 2005-01-04 04:52:50 +00:00
elric
d28b037b6f Fix bits vs. bytes problem in call to calibration routine. 2005-01-04 04:50:26 +00:00
salo
61948d78ec Correct the omission in 're-enter' verification method addition in EXAMPLES. 2004-10-15 15:25:14 +00:00
wiz
a5c8081d79 Bump date for previous, and re-add some flags that were removed in the
previous commit without a mention in the commit message, and which are
still in the usage.
2004-08-13 15:24:03 +00:00
tv
21840e450a Add "urandomkey" key generation method as described in PR kern/22766;
useful for configuring a throwaway key for cgd-on-swap at boot time.
2004-08-13 15:03:57 +00:00
rumble
6b72b5c789 In getkey(), check the return values of the various keygen functions
and abort if necessary. Also, check for errors in its callers and
handle them gracefully.

OK'd by elric.
2004-08-10 02:29:34 +00:00
rumble
3db339be14 Avoid dereferencing/free()ing invalid pointers if the random device
cannot be opened.

OK'd by elric.
2004-08-10 02:27:26 +00:00
elric
04b4d00046 Add options to SYNOPSIS.
Addresses PR misc/26065.
2004-07-04 17:19:57 +00:00
wiz
edf16149c3 Drop trailing whitespace; new sentence, new line. 2004-03-17 01:40:34 +00:00
dan
064ca2e3d1 Fix a longstanding algorithmic flaw in PKCS#5 key generation.
The existing pkcs5_pbdkf2 keygen method is retained functionally
as-is, for compatibility with existing params files.  The corrected
algorithm, which is now the default for new params file generation, is
called pkcs5_pbkdf2/sha1.

NB. The backwards compatibility for the miscreant keygen method will
be removed at the same time as support for the previous parameters
file syntax. Sometime between now and then, users should update their
params files using -G, which will create a new params file including
an xor value so that the resulting generated key is the same; they
should also

Problem discovery and 2-char algorithm fix by Charles Blundell, messy
compat goop by me, long complicated names by Roland Dowdeswell.

Update manpage accordingly and bump date.
2004-03-17 01:29:13 +00:00
cb
88823a8138 back out revision 1.3. this should not have been committed yet,
since it breaks backward compatibility.

noticed by recht@
2003-09-25 01:43:12 +00:00