28c28
< __FBSDID("$FreeBSD: head/sys/geom/eli/g_eli.c 290406 2015-11-05 17:37:35Z smh $");
---
> __FBSDID("$FreeBSD: head/sys/geom/eli/g_eli.c 293306 2016-01-07 05:47:34Z allanjude $");
574,607d573
< /*
< * Here we generate IV. It is unique for every sector.
< */
< void
< g_eli_crypto_ivgen(struct g_eli_softc *sc, off_t offset, u_char *iv,
< size_t size)
< {
< uint8_t off[8];
<
< if ((sc->sc_flags & G_ELI_FLAG_NATIVE_BYTE_ORDER) != 0)
< bcopy(&offset, off, sizeof(off));
< else
< le64enc(off, (uint64_t)offset);
<
< switch (sc->sc_ealgo) {
< case CRYPTO_AES_XTS:
< bcopy(off, iv, sizeof(off));
< bzero(iv + sizeof(off), size - sizeof(off));
< break;
< default:
< {
< u_char hash[SHA256_DIGEST_LENGTH];
< SHA256_CTX ctx;
<
< /* Copy precalculated SHA256 context for IV-Key. */
< bcopy(&sc->sc_ivctx, &ctx, sizeof(ctx));
< SHA256_Update(&ctx, off, sizeof(off));
< SHA256_Final(hash, &ctx);
< bcopy(hash, iv, MIN(sizeof(hash), size));
< break;
< }
< }
< }
<
754,769c720
< sc->sc_version = md->md_version;
< sc->sc_inflight = 0;
< sc->sc_crypto = G_ELI_CRYPTO_UNKNOWN;
< sc->sc_flags = md->md_flags;
< /* Backward compatibility. */
< if (md->md_version < G_ELI_VERSION_04)
< sc->sc_flags |= G_ELI_FLAG_NATIVE_BYTE_ORDER;
< if (md->md_version < G_ELI_VERSION_05)
< sc->sc_flags |= G_ELI_FLAG_SINGLE_KEY;
< if (md->md_version < G_ELI_VERSION_06 &&
< (sc->sc_flags & G_ELI_FLAG_AUTH) != 0) {
< sc->sc_flags |= G_ELI_FLAG_FIRST_KEY;
< }
< if (md->md_version < G_ELI_VERSION_07)
< sc->sc_flags |= G_ELI_FLAG_ENC_IVKEY;
< sc->sc_ealgo = md->md_ealgo;
---
> eli_metadata_softc(sc, md, bpp->sectorsize, bpp->mediasize);
772,791d722
< if (sc->sc_flags & G_ELI_FLAG_AUTH) {
< sc->sc_akeylen = sizeof(sc->sc_akey) * 8;
< sc->sc_aalgo = md->md_aalgo;
< sc->sc_alen = g_eli_hashlen(sc->sc_aalgo);
<
< sc->sc_data_per_sector = bpp->sectorsize - sc->sc_alen;
< /*
< * Some hash functions (like SHA1 and RIPEMD160) generates hash
< * which length is not multiple of 128 bits, but we want data
< * length to be multiple of 128, so we can encrypt without
< * padding. The line below rounds down data length to multiple
< * of 128 bits.
< */
< sc->sc_data_per_sector -= sc->sc_data_per_sector % 16;
<
< sc->sc_bytes_per_sector =
< (md->md_sectorsize - 1) / sc->sc_data_per_sector + 1;
< sc->sc_bytes_per_sector *= bpp->sectorsize;
< }
<
834,844d764
< sc->sc_sectorsize = md->md_sectorsize;
< sc->sc_mediasize = bpp->mediasize;
< if (!(sc->sc_flags & G_ELI_FLAG_ONETIME))
< sc->sc_mediasize -= bpp->sectorsize;
< if (!(sc->sc_flags & G_ELI_FLAG_AUTH))
< sc->sc_mediasize -= (sc->sc_mediasize % sc->sc_sectorsize);
< else {
< sc->sc_mediasize /= sc->sc_bytes_per_sector;
< sc->sc_mediasize *= sc->sc_sectorsize;
< }
<
849d768
< sc->sc_ekeylen = md->md_keylen;
< __FBSDID("$FreeBSD: head/sys/geom/eli/g_eli.c 290406 2015-11-05 17:37:35Z smh $");
---
> __FBSDID("$FreeBSD: head/sys/geom/eli/g_eli.c 293306 2016-01-07 05:47:34Z allanjude $");
574,607d573
< /*
< * Here we generate IV. It is unique for every sector.
< */
< void
< g_eli_crypto_ivgen(struct g_eli_softc *sc, off_t offset, u_char *iv,
< size_t size)
< {
< uint8_t off[8];
<
< if ((sc->sc_flags & G_ELI_FLAG_NATIVE_BYTE_ORDER) != 0)
< bcopy(&offset, off, sizeof(off));
< else
< le64enc(off, (uint64_t)offset);
<
< switch (sc->sc_ealgo) {
< case CRYPTO_AES_XTS:
< bcopy(off, iv, sizeof(off));
< bzero(iv + sizeof(off), size - sizeof(off));
< break;
< default:
< {
< u_char hash[SHA256_DIGEST_LENGTH];
< SHA256_CTX ctx;
<
< /* Copy precalculated SHA256 context for IV-Key. */
< bcopy(&sc->sc_ivctx, &ctx, sizeof(ctx));
< SHA256_Update(&ctx, off, sizeof(off));
< SHA256_Final(hash, &ctx);
< bcopy(hash, iv, MIN(sizeof(hash), size));
< break;
< }
< }
< }
<
754,769c720
< sc->sc_version = md->md_version;
< sc->sc_inflight = 0;
< sc->sc_crypto = G_ELI_CRYPTO_UNKNOWN;
< sc->sc_flags = md->md_flags;
< /* Backward compatibility. */
< if (md->md_version < G_ELI_VERSION_04)
< sc->sc_flags |= G_ELI_FLAG_NATIVE_BYTE_ORDER;
< if (md->md_version < G_ELI_VERSION_05)
< sc->sc_flags |= G_ELI_FLAG_SINGLE_KEY;
< if (md->md_version < G_ELI_VERSION_06 &&
< (sc->sc_flags & G_ELI_FLAG_AUTH) != 0) {
< sc->sc_flags |= G_ELI_FLAG_FIRST_KEY;
< }
< if (md->md_version < G_ELI_VERSION_07)
< sc->sc_flags |= G_ELI_FLAG_ENC_IVKEY;
< sc->sc_ealgo = md->md_ealgo;
---
> eli_metadata_softc(sc, md, bpp->sectorsize, bpp->mediasize);
772,791d722
< if (sc->sc_flags & G_ELI_FLAG_AUTH) {
< sc->sc_akeylen = sizeof(sc->sc_akey) * 8;
< sc->sc_aalgo = md->md_aalgo;
< sc->sc_alen = g_eli_hashlen(sc->sc_aalgo);
<
< sc->sc_data_per_sector = bpp->sectorsize - sc->sc_alen;
< /*
< * Some hash functions (like SHA1 and RIPEMD160) generates hash
< * which length is not multiple of 128 bits, but we want data
< * length to be multiple of 128, so we can encrypt without
< * padding. The line below rounds down data length to multiple
< * of 128 bits.
< */
< sc->sc_data_per_sector -= sc->sc_data_per_sector % 16;
<
< sc->sc_bytes_per_sector =
< (md->md_sectorsize - 1) / sc->sc_data_per_sector + 1;
< sc->sc_bytes_per_sector *= bpp->sectorsize;
< }
<
834,844d764
< sc->sc_sectorsize = md->md_sectorsize;
< sc->sc_mediasize = bpp->mediasize;
< if (!(sc->sc_flags & G_ELI_FLAG_ONETIME))
< sc->sc_mediasize -= bpp->sectorsize;
< if (!(sc->sc_flags & G_ELI_FLAG_AUTH))
< sc->sc_mediasize -= (sc->sc_mediasize % sc->sc_sectorsize);
< else {
< sc->sc_mediasize /= sc->sc_bytes_per_sector;
< sc->sc_mediasize *= sc->sc_sectorsize;
< }
<
849d768
< sc->sc_ekeylen = md->md_keylen;