I looked at the source code. In /src/sys/dev/vnd.c, it
has the lines:
blf_ecb_encrypt(vnd->sc_keyctx, iv, sizeof(iv));
if (encrypt)
blf_cbc_encrypt(vnd->sc_keyctx, iv, addr, bsize);
This looks like it encrypts the key using the iv of
all zeroes. True, it doesn't add any salt using -k,
but it doesn't look like the user's key is the key
that is actually used. I am curious what happens if
the user enters a key longer than 448 bits. If the
user enters a 456 bit key, would the extra 8 bits just
be dropped from the key?
I was playing around on my system, and it seems that
you can enter around 248 or so of the 256 possible
characters. Exceptions include CTRl+C,CTRL+D, and a
few others.
____________________________________________________________________________________
Expecting? Get great news right away with email Auto-Check.
Try the Yahoo! Mail Beta.
http://advision.webevents.yahoo.com/mailbeta/newmail_tools.html
