lh_binary_encryption: Rework and fix broken AES encryption routines

Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
This commit is contained in:
Chris Lamb 2008-03-23 04:20:31 +00:00
parent 31dca28f67
commit ea375828e9
1 changed files with 39 additions and 35 deletions

View File

@ -92,54 +92,58 @@ Restore_cache cache/packages_binary
# Installing depends # Installing depends
Install_package Install_package
case "${LH_CHROOT_BUILD}" in Echo_message "Encrypting binary/${INITFS}/filesystem.${LH_CHROOT_FILESYSTEM} with ${LH_ENCRYPTION}..."
enabled)
# Moving image
mv binary/${INITFS}/filesystem.${LH_CHROOT_FILESYSTEM} chroot
echo "Encrypting binary/${INITFS}/filesystem.${ROOTFS} with ${LH_ENCRYPTION}..." if [ "${LH_CHROOT_BUILD}" = "enabled" ]
then
# Moving image
mv binary/${INITFS}/filesystem.${LH_CHROOT_FILESYSTEM} chroot
fi
cat >> chroot/encrypt.sh << EOF
while true while true
do do
cat filesystem.${ROOTFS} | aespipe -e ${LH_ENCRYPTION} -T > filesystem.${ROOTFS}.tmp && mv filesystem.${ROOTFS}.tmp filesystem.${ROOTFS} && break echo
echo " **************************************"
echo " ** Configuring encrypted filesystem **"
echo " **************************************"
echo " (Passwords must be at least 20 characters long)"
echo
echo -n "Something went wrong... Retry? [YES/no] " case "${LH_CHROOT_BUILD}" in
enabled)
if Chroot aespipe -e ${LH_ENCRYPTION} -T \
< chroot/filesystem.${LH_CHROOT_FILESYSTEM} \
> chroot/filesystem.${LH_CHROOT_FILESYSTEM}.tmp
then
mv chroot/filesystem.${LH_CHROOT_FILESYSTEM}.tmp binary/${INITFS}/filesystem.${LH_CHROOT_FILESYSTEM}
break
fi
;;
disabled)
if aespipe -e ${LH_ENCRYPTION} -T \
< binary/${INITFS}/filesystem.${LH_CHROOT_FILESYSTEM} \
> binary/${INITFS}/filesystem.${LH_CHROOT_FILESYSTEM}.tmp
then
mv binary/${INITFS}/filesystem.${LH_CHROOT_FILESYSTEM}.tmp binary/${INITFS}/filesystem.${LH_CHROOT_FILESYSTEM}
break
fi
;;
esac
printf "\nThere was an error configuring encryption ... Retry? [Y/n] "
read ANSWER read ANSWER
if [ "no" = "${ANSWER}" ] if [ "$(echo "${ANSWER}" | cut -b1 | tr A-Z a-z)" = "n" ]
then then
unset ANSWER unset ANSWER
break break
fi fi
done done
EOF
# Cleanup temporary filesystems
Chroot "sh encrypt.sh" rm -f chroot/filesystem.${LH_CHROOT_FILESYSTEM}
rm -f chroot/filesystem.${LH_CHROOT_FILESYSTEM}.tmp
# Move image rm -f binary/${INITFS}/filesystem.${LH_CHROOT_FILESYSTEM}.tmp
mv chroot/filesystem.${LH_CHROOT_FILESYSTEM} binary/${INITFS}
rm -f chroot/encrypt.sh
;;
disabled)
while true
do
cat binary/${INITFS}/filesystem.${ROOTFS} | aespipe -e ${LH_ENCRYPTION} -T > binary/${INITFS}/filesystem.${ROOTFS}.tmp && mv binary/${INITFS}/filesystem.${ROOTFS}.tmp binary/${INITFS}/filesystem.${ROOTFS} && break
echo -n "Something went wrong... Retry? [YES/no] "
read ANSWER
if [ "no" = "${ANSWER}" ]
then
unset ANSWER
break
fi
done
;;
esac
# Saving cache # Saving cache
Save_cache cache/packages_binary Save_cache cache/packages_binary