K 10
svn:author
V 6
gordon
K 8
svn:date
V 27
2023-02-08T18:28:31.131177Z
K 7
svn:log
V 779
geli: split the initalization of HMAC

GELI allows to read a user key from a standard input.
However if user initialize multiple providers at once, the standard
input will be empty for the second and next providers.
This caused GELI to encrypt a master key with an empty key file.

This commits initialize the HMAC with the key file, and then reuse the
finalized structure to generate different encryption keys for different
providers.

Reported by:	Nathan Dorfman
Tested by:	philip
Approved by:	so
Security:	FreeBSD-SA-23:01.geli
Security:	CVE-2023-0751

(cherry picked from commit 5fff09660e06a66bed6482da9c70df328e16bbb6)
(cherry picked from commit a5afaf4e9abd8d5e6cce5d6c433d2276bf9b8721)

Git Hash:   5e1ad8bebd36392eeaa898fe2fc5348bd5e5c863
Git Author: oshogbo@FreeBSD.org
END