On Sat, Nov 15, 2008 at 04:21:36PM +0100, Michael Habermann wrote: > I was trying to install the HMAC patch, without success. > > I tried the following: > linux 2.6.24-rc5, hmac-patch 2.6.24-rc5-2, ecryptfs-utils 40, 46, 58 and 61. > In ecryptfs-utils 58 and 61, I patched the ECRYPTFS_VERSION_HMAC to 0x40. > In the kernels crypt_stat structure, I had to add the field > num_header_bytes_at_front. > > Mounting from command line with and without enabling HMAC works, but > writing a file produces a encrypted file with garbage content on > unmounting. A remount and reading the file results in -EIO. > > I guess, there's a version mismatch between the patch, the kernel > and the userspace utilities. Did anyone succeed using the HMAC > patch? Which version combination works?
The HMAC patch is not known to be functional with current versions of ecryptfs-utils, and HMAC will never be submitted upstream, since it makes more sense to use GCM to provide integrity. The patch is only available at this point to provide the tooling necessary to implement GCM sometime in the future.
signature.asc
Description: Digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ eCryptfs-users mailing list eCryptfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ecryptfs-users