7 rnd=`mktemp /tmp/$base.XXXXXX` || exit 1
8 keyfile1=`mktemp /tmp/$base.XXXXXX` || exit 1
9 keyfile2=`mktemp /tmp/$base.XXXXXX` || exit 1
10 keyfile3=`mktemp /tmp/$base.XXXXXX` || exit 1
11 keyfile4=`mktemp /tmp/$base.XXXXXX` || exit 1
12 keyfile5=`mktemp /tmp/$base.XXXXXX` || exit 1
13 mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
17 dd if=/dev/random of=${rnd} bs=512 count=${sectors} >/dev/null 2>&1
18 hash1=`dd if=${rnd} bs=512 count=${sectors} 2>/dev/null | md5`
19 dd if=/dev/random of=${keyfile1} bs=512 count=16 >/dev/null 2>&1
20 dd if=/dev/random of=${keyfile2} bs=512 count=16 >/dev/null 2>&1
21 dd if=/dev/random of=${keyfile3} bs=512 count=16 >/dev/null 2>&1
22 dd if=/dev/random of=${keyfile4} bs=512 count=16 >/dev/null 2>&1
23 dd if=/dev/random of=${keyfile5} bs=512 count=16 >/dev/null 2>&1
25 geli init -B none -P -K $keyfile1 md${no}
26 geli attach -p -k $keyfile1 md${no}
28 dd if=${rnd} of=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null
30 hash2=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
32 # Change current key (0) for attached provider.
33 geli setkey -P -K $keyfile2 md${no}
41 # We cannot use keyfile1 anymore.
42 geli attach -p -k $keyfile1 md${no} 2>/dev/null
49 # Attach with new key.
50 geli attach -p -k $keyfile2 md${no}
56 hash3=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
58 # Change key 1 for attached provider.
59 geli setkey -n 1 -P -K $keyfile3 md${no}
68 geli attach -p -k $keyfile3 md${no}
74 hash4=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
77 # Change current (1) key for detached provider.
78 geli setkey -p -k $keyfile3 -P -K $keyfile4 md${no}
85 # We cannot use keyfile3 anymore.
86 geli attach -p -k $keyfile3 md${no} 2>/dev/null
94 geli attach -p -k $keyfile4 md${no}
100 hash5=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
103 # Change key 0 for detached provider.
104 geli setkey -n 0 -p -k $keyfile4 -P -K $keyfile5 md${no}
105 if [ $? -eq 0 ]; then
111 # We cannot use keyfile2 anymore.
112 geli attach -p -k $keyfile2 md${no} 2>/dev/null
113 if [ $? -ne 0 ]; then
120 geli attach -p -k $keyfile5 md${no}
121 if [ $? -eq 0 ]; then
126 hash6=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
129 if [ ${hash1} = ${hash2} ]; then
134 if [ ${hash1} = ${hash3} ]; then
139 if [ ${hash1} = ${hash4} ]; then
144 if [ ${hash1} = ${hash5} ]; then
149 if [ ${hash1} = ${hash6} ]; then
156 rm -f $keyfile1 $keyfile2 $keyfile3 $keyfile4 $keyfile5