Peter J. Philipp wrote:
> Hi,
>
> I am not the best C reader and programmer out there so I try to make
> myself tools that may seem useless in order to better understand. I see
> this in /sys/dev/softraid_crypto.c
>
> ----
> int
> sr_crypto_encrypt(u_char *p, u_char *c, u_char *key, size_t size, int alg)
> {
> rijndael_ctx ctx;
> int i, rv = 1;
>
> switch (alg) {
> case SR_CRYPTOM_AES_ECB_256:
This function is only used to encrypt the master key, which is a small chunk
of random data.
> dd if=/dev/zero of=EFS2 bs=1g count=1
> vnconfig vnd0 EFS2
> bioctl -c C -l /dev/vnd0a softraid0
>
> And I created a filesystem on it and populated it. In fact I use this
> EFS2 file for storing work related things in it (so I can never share
> it). I ran this program over the EFS2 file:
> so it says that there is 652063 occurences where AES blocks were
> duplicated, to me that's near 10 MB of material someone can use like the
> above [1] where it says it could describe the data pattern.
It seems more likely you found the 652063 zero blocks that haven't been
written to yet.
Note that if you are concerned about people doing stat analysis on your
encrypted disk, you should be sure to overwrite the entirety of it. Either
with /dev/random on the outside, or /dev/zero on the inside, to ensure the
used and unused portions look the same.
