Index: sys/geom/bde/g_bde_lock.c
===================================================================
RCS file: /private/FreeBSD/src/sys/geom/bde/g_bde_lock.c,v
retrieving revision 1.15
diff -u -p -r1.15 g_bde_lock.c
--- sys/geom/bde/g_bde_lock.c	6 Jan 2005 18:27:29 -0000	1.15
+++ sys/geom/bde/g_bde_lock.c	3 Feb 2005 21:18:36 -0000
@@ -54,7 +54,8 @@
 #include <string.h>
 #include <stdlib.h>
 #include <stdio.h>
-#define g_free(foo)	free(foo)
+#define g_malloc(foo, flags)	malloc(foo)
+#define g_free(foo)		free(foo)
 #endif
 
 #include <crypto/rijndael/rijndael.h>
@@ -73,14 +74,32 @@
  * SHA2-512 makes this easy.
  */
 
+void *
+g_bde_passphrase_init(void)
+{
+	SHA512_CTX *cx;
+
+	cx = g_malloc(sizeof(*cx), M_NOWAIT);
+	if (cx != NULL)
+		SHA512_Init(cx);
+	return (cx);
+}
+
+void
+g_bde_passphrase_update(void *cxv, const void *input, u_int len)
+{
+	SHA512_CTX *cx = cxv;
+
+	SHA512_Update(cx, input, len);
+}
+
 void
-g_bde_hash_pass(struct g_bde_softc *sc, const void *input, u_int len)
+g_bde_passphrase_final(void *cxv, struct g_bde_softc *sc)
 {
-	SHA512_CTX cx;
+	SHA512_CTX *cx = cxv;
 
-	SHA512_Init(&cx);
-	SHA512_Update(&cx, input, len);
-	SHA512_Final(sc->sha2, &cx);
+	SHA512_Final(sc->sha2, cx);
+	g_free(cxv);
 }
 
 /*
Index: sys/geom/bde/g_bde.h
===================================================================
RCS file: /private/FreeBSD/src/sys/geom/bde/g_bde.h,v
retrieving revision 1.6
diff -u -p -r1.6 g_bde.h
--- sys/geom/bde/g_bde.h	7 Oct 2003 09:28:07 -0000	1.6
+++ sys/geom/bde/g_bde.h	3 Feb 2005 18:43:16 -0000
@@ -157,7 +157,9 @@ int g_bde_decode_lock(struct g_bde_softc
 int g_bde_keyloc_encrypt(u_char *sha2, uint64_t v0, uint64_t v1, void *output);
 int g_bde_keyloc_decrypt(u_char *sha2, void *input, uint64_t *output);
 int g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *keymat, u_char *meta, off_t mediasize, u_int sectorsize, u_int *nkey);
-void g_bde_hash_pass(struct g_bde_softc *sc, const void *input, u_int len);
+void *g_bde_passphrase_init(void);
+void g_bde_passphrase_update(void *cxv, const void *input, u_int len);
+void g_bde_passphrase_final(void *cxv, struct g_bde_softc *sc);
 
 /* g_bde_math .c */
 uint64_t g_bde_max_sector(struct g_bde_key *lp);
Index: sbin/gbde/gbde.c
===================================================================
RCS file: /private/FreeBSD/src/sbin/gbde/gbde.c,v
retrieving revision 1.28
diff -u -p -r1.28 gbde.c
--- sbin/gbde/gbde.c	3 Feb 2005 21:34:39 -0000	1.28
+++ sbin/gbde/gbde.c	3 Feb 2005 22:34:35 -0000
@@ -46,8 +46,6 @@
  *
  * Introduce -m/-M store encrypted+encoded masterkey in file
  *
- * Introduce -k/-K get pass-phrase part from file/cmd
- *
  * Introduce -d add more dest-devices to worklist.
  *
  * Add key-option: selfdestruct bit.
@@ -137,11 +135,11 @@ usage(const char *reason)
 	p = getprogname();
 	fprintf(stderr, "Usage error: %s", reason);
 	fprintf(stderr, "Usage:\n");
-	fprintf(stderr, "\t%s attach dest [-l lockfile] [-p pass-phrase]\n", p);
+	fprintf(stderr, "\t%s attach dest [-N] [-l lockfile] [-k keyfile] [-p pass-phrase]\n", p);
 	fprintf(stderr, "\t%s detach dest\n", p);
-	fprintf(stderr, "\t%s init /dev/dest [-i] [-f filename] [-L lockfile] [-P pass-phrase]\n", p);
-	fprintf(stderr, "\t%s setkey dest [-n key] [-l lockfile] [-p pass-phrase] [-L new-lockfile] [-P new-pass-phrase]\n", p);
-	fprintf(stderr, "\t%s destroy dest [-n key] [-l lockfile] [-p pass-phrase] [-L lockfile]\n", p);
+	fprintf(stderr, "\t%s init dest [-iN] [-f filename] [-L lockfile] [-K keyfile] [-P pass-phrase]\n", p);
+	fprintf(stderr, "\t%s setkey dest [-N] [-n key] [-l lockfile] [-k keyfile] [-p pass-phrase] [-L new-lockfile] [-K keyfile] [-P new-pass-phrase]\n", p);
+	fprintf(stderr, "\t%s destroy dest [-N] [-n key] [-l lockfile] [-k keyfile] [-p pass-phrase] [-L lockfile]\n", p);
 	exit (1);
 }
 
@@ -194,28 +192,76 @@ reset_passphrase(struct g_bde_softc *sc)
 	memcpy(sc->sha2, sha2, SHA512_DIGEST_LENGTH);
 }
 
+static void *
+init_passphrase(void *cxv)
+{
+
+	if (cxv != NULL)
+		return (cxv);
+	cxv = g_bde_passphrase_init();
+	if (cxv == NULL)
+		errx(1, "no memory");
+	return (cxv);
+}
+
+#define	update_passphrase_file(cxv, file)	do {			\
+	(cxv) = init_passphrase(cxv);					\
+	_update_passphrase_file((cxv), (file));				\
+} while (0)
 static void
-setup_passphrase(struct g_bde_softc *sc, int sure, const char *input)
+_update_passphrase_file(void *cxv, const char *file)
 {
-	char buf1[BUFSIZ], buf2[BUFSIZ], *p;
+	char buf[MAXPHYS];
+	ssize_t size;
+	int fd;
 
-	if (input != NULL) {
-		g_bde_hash_pass(sc, input, strlen(input));
-		memcpy(sha2, sc->sha2, SHA512_DIGEST_LENGTH);
-		return;
+	fd = open(file, O_RDONLY);
+	if (fd == -1)
+		err(1, "cannot open keyfile %s", file);
+	for (;;) {
+		size = read(fd, buf, sizeof(buf));
+		if (size == -1)
+			err(1, "cannot read keyfile %s", file);
+		else if (size == 0)
+			break;
+		else if (size > 0)
+			g_bde_passphrase_update(cxv, buf, size);
 	}
+	close(fd);
+}
+
+#define	update_passphrase_argument(cxv, input)	do {			\
+	(cxv) = init_passphrase(cxv);					\
+	_update_passphrase_argument((cxv), (input));			\
+} while (0)
+static void
+_update_passphrase_argument(void *cxv, const char *input)
+{
+
+	g_bde_passphrase_update(cxv, input, strlen(input));
+}
+
+#define	update_passphrase_prompt(cxv, sure, ask)	do {		\
+	if (ask) {							\
+		(cxv) = init_passphrase(cxv);				\
+		_update_passphrase_prompt((cxv), (sure));		\
+	}								\
+} while (0)
+static void
+_update_passphrase_prompt(void *cxv, int sure)
+{
+	char buf1[BUFSIZ], buf2[BUFSIZ], *p;
+
 	for (;;) {
 		p = readpassphrase(
 		    sure ? "Enter new passphrase:" : "Enter passphrase: ",
-		    buf1, sizeof buf1,
-		    RPP_ECHO_OFF | RPP_REQUIRE_TTY);
+		    buf1, sizeof buf1, RPP_ECHO_OFF | RPP_REQUIRE_TTY);
 		if (p == NULL)
 			err(1, "readpassphrase");
 
 		if (sure) {
 			p = readpassphrase("Reenter new passphrase: ",
-			    buf2, sizeof buf2,
-			    RPP_ECHO_OFF | RPP_REQUIRE_TTY);
+			    buf2, sizeof buf2, RPP_ECHO_OFF | RPP_REQUIRE_TTY);
 			if (p == NULL)
 				err(1, "readpassphrase");
 
@@ -230,7 +276,16 @@ setup_passphrase(struct g_bde_softc *sc,
 		}
 		break;
 	}
-	g_bde_hash_pass(sc, buf1, strlen(buf1));
+	g_bde_passphrase_update(cxv, buf1, strlen(buf1));
+}
+
+static void
+final_passphrase(void *cxv, struct g_bde_softc *sc)
+{
+
+	if (cxv == NULL)
+		errx(1, "no passphrase given");
+	g_bde_passphrase_final(cxv, sc);
 	memcpy(sha2, sc->sha2, SHA512_DIGEST_LENGTH);
 }
 
@@ -709,15 +764,15 @@ main(int argc, char **argv)
 {
 	const char *opts;
 	const char *l_opt, *L_opt;
-	const char *p_opt, *P_opt;
 	const char *f_opt;
 	char *dest;
-	int i_opt, n_opt, ch, dfd, doopen;
+	int i_opt, n_opt, N_opt, ch, dfd, doopen;
 	u_int nkey;
 	int i;
 	char *q, buf[BUFSIZ];
 	struct g_bde_key *gl;
 	struct g_bde_softc sc;
+	void *passphrase, *Passphrase;
 
 	if (argc < 3)
 		usage("Too few arguments\n");
@@ -730,26 +785,26 @@ main(int argc, char **argv)
 	doopen = 0;
 	if (!strcmp(argv[1], "attach")) {
 		action = ACT_ATTACH;
-		opts = "l:p:";
+		opts = "k:l:Np:";
 	} else if (!strcmp(argv[1], "detach")) {
 		action = ACT_DETACH;
 		opts = "";
 	} else if (!strcmp(argv[1], "init")) {
 		action = ACT_INIT;
 		doopen = 1;
-		opts = "f:iL:P:";
+		opts = "f:iK:L:NP:";
 	} else if (!strcmp(argv[1], "setkey")) {
 		action = ACT_SETKEY;
 		doopen = 1;
-		opts = "l:L:n:p:P:";
+		opts = "k:K:l:L:n:Np:P:";
 	} else if (!strcmp(argv[1], "destroy")) {
 		action = ACT_DESTROY;
 		doopen = 1;
-		opts = "l:p:";
+		opts = "k:l:Np:";
 	} else if (!strcmp(argv[1], "nuke")) {
 		action = ACT_NUKE;
 		doopen = 1;
-		opts = "l:n:p:";
+		opts = "k:l:n:Np:";
 	} else {
 		usage("Unknown sub command\n");
 	}
@@ -760,12 +815,13 @@ main(int argc, char **argv)
 	argc--;
 	argv++;
 
-	p_opt = NULL;
-	P_opt = NULL;
+	passphrase = NULL;
+	Passphrase = NULL;
 	l_opt = NULL;
 	L_opt = NULL;
 	f_opt = NULL;
 	n_opt = 0;
+	N_opt = 0;
 	i_opt = 0;
 
 	while((ch = getopt(argc, argv, opts)) != -1)
@@ -775,6 +831,12 @@ main(int argc, char **argv)
 			break;
 		case 'i':
 			i_opt = !i_opt;
+		case 'k':
+			update_passphrase_file(passphrase, optarg);
+			break;
+		case 'K':
+			update_passphrase_file(Passphrase, optarg);
+			break;
 		case 'l':
 			l_opt = optarg;
 			break;
@@ -788,11 +850,14 @@ main(int argc, char **argv)
 			if (n_opt < -1 || n_opt > G_BDE_MAXKEYS)
 				usage("-n argument out of range\n");
 			break;
+		case 'N':
+			N_opt = 1;
+			break;
 		case 'p':
-			p_opt = optarg;
+			update_passphrase_argument(passphrase, optarg);
 			break;
 		case 'P':
-			P_opt = optarg;
+			update_passphrase_argument(passphrase, optarg);
 			break;
 		default:
 			usage("Invalid option\n");
@@ -819,7 +884,8 @@ main(int argc, char **argv)
 	gl = &sc.key;
 	switch(action) {
 	case ACT_ATTACH:
-		setup_passphrase(&sc, 0, p_opt);
+		update_passphrase_prompt(passphrase, 0, !N_opt);
+		final_passphrase(passphrase, &sc);
 		cmd_attach(&sc, dest, l_opt);
 		break;
 	case ACT_DETACH:
@@ -827,26 +893,31 @@ main(int argc, char **argv)
 		break;
 	case ACT_INIT:
 		cmd_init(gl, dfd, f_opt, i_opt, L_opt);
-		setup_passphrase(&sc, 1, P_opt);
+		update_passphrase_prompt(Passphrase, 1, !N_opt);
+		final_passphrase(Passphrase, &sc);
 		cmd_write(gl, &sc, dfd, 0, L_opt);
 		break;
 	case ACT_SETKEY:
-		setup_passphrase(&sc, 0, p_opt);
+		update_passphrase_prompt(passphrase, 0, !N_opt);
+		final_passphrase(passphrase, &sc);
 		cmd_open(&sc, dfd, l_opt, &nkey);
 		if (n_opt == 0)
 			n_opt = nkey + 1;
-		setup_passphrase(&sc, 1, P_opt);
+		update_passphrase_prompt(Passphrase, 1, !N_opt);
+		final_passphrase(Passphrase, &sc);
 		cmd_write(gl, &sc, dfd, n_opt - 1, L_opt);
 		break;
 	case ACT_DESTROY:
-		setup_passphrase(&sc, 0, p_opt);
+		update_passphrase_prompt(passphrase, 0, !N_opt);
+		final_passphrase(passphrase, &sc);
 		cmd_open(&sc, dfd, l_opt, &nkey);
 		cmd_destroy(gl, nkey);
 		reset_passphrase(&sc);
 		cmd_write(gl, &sc, dfd, nkey, l_opt);
 		break;
 	case ACT_NUKE:
-		setup_passphrase(&sc, 0, p_opt);
+		update_passphrase_prompt(passphrase, 0, !N_opt);
+		final_passphrase(passphrase, &sc);
 		cmd_open(&sc, dfd, l_opt, &nkey);
 		if (n_opt == 0)
 			n_opt = nkey + 1;
Index: sbin/gbde/gbde.8
===================================================================
RCS file: /private/FreeBSD/src/sbin/gbde/gbde.8,v
retrieving revision 1.12
diff -u -p -r1.12 gbde.8
--- sbin/gbde/gbde.8	23 May 2004 08:40:52 -0000	1.12
+++ sbin/gbde/gbde.8	3 Feb 2005 22:47:24 -0000
@@ -40,31 +40,39 @@
 .Sh SYNOPSIS
 .Nm
 .Cm attach
-.Ar destination
+.Ar dest
+.Op Fl N
+.Op Fl k Ar keyfile
 .Op Fl l Ar lockfile
 .Op Fl p Ar pass-phrase
 .Nm
 .Cm detach
-.Ar destination
+.Ar dest
 .Nm
 .Cm init
-.Ar destination
-.Op Fl i
+.Ar dest
+.Op Fl iN
 .Op Fl f Ar filename
+.Op Fl K Ar keyfile
 .Op Fl L Ar lockfile
 .Op Fl P Ar pass-phrase
 .Nm
 .Cm setkey
-.Ar destination
+.Ar dest
+.Op Fl N
 .Op Fl n Ar key
+.Op Fl k Ar keyfile
 .Op Fl l Ar lockfile
 .Op Fl p Ar pass-phrase
+.Op Fl K Ar new-keyfile
 .Op Fl L Ar new-lockfile
 .Op Fl P Ar new-pass-phrase
 .Nm
 .Cm destroy
-.Ar destination
+.Ar dest
+.Op Fl N
 .Op Fl n Ar key
+.Op Fl k Ar keyfile
 .Op Fl l Ar lockfile
 .Op Fl p Ar pass-phrase
 .Op Fl L Ar lockfile
@@ -163,6 +171,30 @@ Be aware that using this option may expo
 users who happen to run
 .Xr ps 1
 or similar while the command is running.
+.Pp
+The
+.Fl k Ar keyfile
+argument
+specifies the file which contains part of the pass-phrase.
+This option can be used multiple times when more than one file contains the
+pass-phrase.
+.Pp
+The
+.Fl K Ar new-keyfile
+argument
+can be used to specify a file which contains the new pass-phrase to the
+.Cm init
+and
+.Cm setkey
+subcommands.
+This option can be used multiple times.
+.Pp
+Whe
+.Fl N
+option is given,
+.Nm
+will not prompt the user for the pass-phrase, which means pass-phrase will be
+taken only from the specified files.
 .Sh EXAMPLES
 To initialize a device, using default parameters:
 .Pp