Reputation: 31
CoreStorage functionality (Mac OS X FileVault Encryption)
Currently i am working on mac os x.and i want to write a driver which will encrypt a device. As mac os x 10.7 and above encrypts a device. Similar functionality i want to achieve. 1. Is anyone know how mac os x10.7 does encryption? 2. When it uses the coreStorage functionality, exactly where the password is kept in CoreStorage volume? (Which sector of device) 3. Is there any open source site which can help me debugging the driver. Thanks in Advance.
Upvotes: 1
Views: 423
Answers (1)
Reputation: 23438
Filevault 2 is implemented in CoreStorage.kext. That implements a IOStorage filter service which does logical block mapping and optionally encrypts/decrypts blocks using AES-XTS.
The password isn't stored with the volume, that's kind of the point. For system volumes, the password you enter on login is used to derive a key with which the master key of the volume can be decrypted. For other volumes, you can choose to store the password in your local OS X keychain.
Libfvde is an open-source library for accessing FileVault/CoreStorage volumes. See https://github.com/libyal/libfvde
The wikipedia article on FileVault is actually pretty detailed and worth reading.
Upvotes: 1
Related Questions
- NSFileProtectionComplete doesn't encrypt the core data file
- Encrypting CoreData with CloudKit
- How can I use this encryption method to save my data encrypted in core data?
- Codeless kext for usb storage device
- Core Data data encryption
- Core Data Encryption?
- Core Data Encryption Class
- Core Data Encryption
- Mac: load Mass Storage Driver Kext for testing
- How to encrypt/decrypt data in Core Data?