On Fri, Mar 13, 2009 at 3:07 PM, Tyler Hicks <email address hidden> wrote:
> This is the current output:
> ---
> tyhicks@gentoo-virt /mnt/.ecryptfs-ext3 $ ecryptfs-stat ECRYPTFS_FNEK_ENCRYPTED.FWZzc4x9NjnS-UTsAK4mvaKSOBy.0pFk10nagE4Fnw8pg4-DKT2YKBm8Sk--
> File version: [3]
> Decrypted file size: [125]
> Number of header bytes at front of file: [8192]
> Metadata in the header region
> Encrypted
> HMAC disabled
> ---
>
> It would be nice to also know things like how many encrypted FEKs are in
> the header, what the signatures are of the FEKEKs used, the signature of
> the FNEK, etc.
Right, and it would be nice to be able to have a byte-by-byte accounting
of the contents, i.e.
1-128: header
129-255: FNEK_ENCRYPTED
256-258: file version (3)
[...]
X-Y: FEK_ENCRYPTED_WITH_FNEK
Y-Z: FEK_ROT13d
On Fri, Mar 13, 2009 at 3:07 PM, Tyler Hicks <email address hidden> wrote: FNEK_ENCRYPTED. FWZzc4x9NjnS- UTsAK4mvaKSOBy. 0pFk10nagE4Fnw8 pg4-DKT2YKBm8Sk --
> This is the current output:
> ---
> tyhicks@gentoo-virt /mnt/.ecryptfs-ext3 $ ecryptfs-stat ECRYPTFS_
> File version: [3]
> Decrypted file size: [125]
> Number of header bytes at front of file: [8192]
> Metadata in the header region
> Encrypted
> HMAC disabled
> ---
>
> It would be nice to also know things like how many encrypted FEKs are in
> the header, what the signatures are of the FEKEKs used, the signature of
> the FNEK, etc.
Right, and it would be nice to be able to have a byte-by-byte accounting WITH_FNEK
of the contents, i.e.
1-128: header
129-255: FNEK_ENCRYPTED
256-258: file version (3)
[...]
X-Y: FEK_ENCRYPTED_
Y-Z: FEK_ROT13d
:)