socsvn commit: r237896 - in soc2012/vchan/gtcp: . bwalex-tc-play
vchan at FreeBSD.org
vchan at FreeBSD.org
Mon Jun 18 17:31:47 UTC 2012
Author: vchan
Date: Mon Jun 18 17:31:44 2012
New Revision: 237896
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=237896
Log:
initial commit
Added:
soc2012/vchan/gtcp/
soc2012/vchan/gtcp/bwalex-tc-play/
soc2012/vchan/gtcp/bwalex-tc-play/LICENSE
soc2012/vchan/gtcp/bwalex-tc-play/Makefile
soc2012/vchan/gtcp/bwalex-tc-play/README.md
soc2012/vchan/gtcp/bwalex-tc-play/crc32.c
soc2012/vchan/gtcp/bwalex-tc-play/crc32.h
soc2012/vchan/gtcp/bwalex-tc-play/crypto-dev.c
soc2012/vchan/gtcp/bwalex-tc-play/crypto-gcrypt.c
soc2012/vchan/gtcp/bwalex-tc-play/crypto.c
soc2012/vchan/gtcp/bwalex-tc-play/generic_xts.c
soc2012/vchan/gtcp/bwalex-tc-play/generic_xts.h
soc2012/vchan/gtcp/bwalex-tc-play/hdr.c
soc2012/vchan/gtcp/bwalex-tc-play/humanize.c
soc2012/vchan/gtcp/bwalex-tc-play/humanize.h
soc2012/vchan/gtcp/bwalex-tc-play/io.c
soc2012/vchan/gtcp/bwalex-tc-play/main.c
soc2012/vchan/gtcp/bwalex-tc-play/pbkdf2-gcrypt.c
soc2012/vchan/gtcp/bwalex-tc-play/pbkdf2-openssl.c
soc2012/vchan/gtcp/bwalex-tc-play/safe_mem.c
soc2012/vchan/gtcp/bwalex-tc-play/tcplay.3
soc2012/vchan/gtcp/bwalex-tc-play/tcplay.8
soc2012/vchan/gtcp/bwalex-tc-play/tcplay.c
soc2012/vchan/gtcp/bwalex-tc-play/tcplay.h
soc2012/vchan/gtcp/bwalex-tc-play/tcplay.map
soc2012/vchan/gtcp/bwalex-tc-play/tcplay_api.c
soc2012/vchan/gtcp/bwalex-tc-play/tcplay_api.h
soc2012/vchan/gtcp/bwalex-tc-play/tcplay_api_test.c
Added: soc2012/vchan/gtcp/bwalex-tc-play/LICENSE
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/LICENSE Mon Jun 18 17:31:44 2012 (r237896)
@@ -0,0 +1,26 @@
+Copyright (c) 2011 Alex Hornung <alex at alexhornung.com>.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in
+ the documentation and/or other materials provided with the
+ distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
Added: soc2012/vchan/gtcp/bwalex-tc-play/Makefile
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/Makefile Mon Jun 18 17:31:44 2012 (r237896)
@@ -0,0 +1,66 @@
+# either linux or dragonfly
+SYSTEM?=linux
+
+# either openssl or gcrypt
+PBKDF_BACKEND?=openssl
+
+# system compiler, normally gcc
+CC?=gcc
+
+# whether to enable debugging or not
+DEBUG?=no
+
+WARNFLAGS= -Wsystem-headers -Werror -Wall -W -Wno-unused-parameter \
+ -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith \
+ -Wold-style-definition -Wreturn-type -Wcast-qual -Wwrite-strings \
+ -Wswitch -Wshadow -Wcast-align -Wunused-parameter -Wchar-subscripts \
+ -Winline -Wnested-externs
+
+SRCS= tcplay.c crc32.c safe_mem.c io.c hdr.c humanize.c
+SRCS+= crypto.c generic_xts.c
+OBJS= tcplay.o crc32.o safe_mem.o io.o hdr.o humanize.o
+OBJS+= crypto.o generic_xts.o
+
+CFLAGS+= $(WARNFLAGS)
+
+ifeq (${DEBUG}, yes)
+ CFLAGS+= -O0 -g -DDEBUG
+else
+ CFLAGS+= -O3
+endif
+
+ifeq (${SYSTEM}, linux)
+ CFLAGS+= -D_GNU_SOURCE
+ LIBS+= -lgcrypt -ldevmapper -luuid
+ SRCS+= crypto-gcrypt.c
+ OBJS+= crypto-gcrypt.o
+ ifeq (${PBKDF_BACKEND}, gcrypt)
+ SRCS+= pbkdf2-gcrypt.c
+ OBJS+= pbkdf2-gcrypt.o
+ endif
+ ifeq (${PBKDF_BACKEND}, openssl)
+ SRCS+= pbkdf2-openssl.c
+ OBJS+= pbkdf2-openssl.o
+ LIBS+= -lcrypto
+ endif
+endif
+
+ifeq (${SYSTEM}, dragonfly)
+ LIBS+= -lcrypto -ldm -lprop
+ SRCS+= crypto-dev.c
+ OBJS+= crypto-dev.o
+ SRCS+= pbkdf2-openssl.c
+ OBJS+= pbkdf2-openssl.o
+endif
+
+program:
+ $(CC) $(CFLAGS) -o tcplay main.c $(SRCS) $(LIBS)
+lib:
+ $(CC) $(CFLAGS) -c -fPIC tcplay_api.c $(SRCS)
+ $(CC) -shared -Wl,-version-script=tcplay.map -o libtcplay.so tcplay_api.o $(OBJS)
+
+test:
+ gcc -O0 -g -L. -I. tcplay_api_test.c -ltcplay -lcrypto -ldm -lprop
+clean:
+ rm -f tcplay libtcplay.so tcplay.core *.o ktrace.out
+
Added: soc2012/vchan/gtcp/bwalex-tc-play/README.md
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/README.md Mon Jun 18 17:31:44 2012 (r237896)
@@ -0,0 +1,98 @@
+About
+==========
+tcplay is a free (BSD-licensed), pretty much fully featured (including multiple
+keyfiles, cipher cascades, etc) and stable TrueCrypt implementation.
+
+This implementation supports mapping (opening) both system and normal TrueCrypt
+volumes, as well as opening hidden volumes and opening an outer volume while
+protecting a hidden volume. There is also support to create volumes, including
+hidden volumes, etc.
+
+Since tcplay uses dm-crypt (or dm_target_crypt on DragonFly) it makes full use
+of any available hardware encryption/decryption support once the volume has been
+mapped.
+
+It is based solely on the documentation available on the TrueCrypt website,
+many hours of trial and error and the output of the Linux' TrueCrypt client.
+As it turns out, most technical documents on TrueCrypt contains mistakes, hence
+the trial and error approach.
+
+
+
+Implementation notes
+==========
+DragonFly BSD uses the hybrid OpenSSL + cryptodev(9) approach that can be
+found in crypto-dev.c. OpenSSL is only used for the hash/pbkdf2. The
+encryption/decryption is performed via cryptodev(9) with enabled cryptosoft.
+
+On Linux gcrypt is used for the encryption and decryption. For the hash/pbkdf2
+either gcrypt or OpenSSL can be used. gcrypt only supports pbkdf2 since its
+July 2011 release (1.5.0), while OpenSSL has had pbkdf2 since around December
+2010, so its easier to find in most distros.
+
+The crypto options can be chosen with make/Makefile parameters. Building on Linux
+is as easy as doing
+
+ make SYSTEM=linux
+
+you can even skip the SYSTEM=linux, since that's the default. To choose the
+PBKDF backend, you can use either,
+
+ make PBKDF_BACKEND=openssl
+
+or
+
+ make PBKDF_BACKEND=gcrypt
+
+The interface to device mapper is libdevmapper on Linux and libdm on DragonFly.
+libdm is a BSD-licensed version of libdevmapper that I hacked together in a few
+hours.
+
+
+
+OS Support
+==========
+tcplay is now available for both DragonFly BSD and Linux. It is a core part of
+the DragonFly BSD operating system and is available in a number of linux
+distros.
+
+
+
+Licensing
+==========
+The project is under a two-clause BSD license. I would consider dual-licensing
+it if required. Drop me an email to discuss the options.
+
+
+
+Development
+==========
+tcplay is pretty much stable, but if you find a bug, please report it.
+If anyone wants to add new features or port it to another OS, I'll gladly merge
+your changes into this repository so that there is a single point of contact.
+
+I've noticed that sometimes bugs are only reported downstream (e.g. in the
+distro's bugtracker). Please make sure those bugs are also reported upstream on
+github, otherwise odds are they will never reach me.
+
+Coming features:
+ - restoring header from backup header
+
+
+
+Bugs in the TrueCrypt documentation
+==========
+The TrueCrypt documentation is pretty bad and does not really represent the
+actual on-disk format nor the encryption/decryption process.
+
+Some notable differences between actual implementation and documentation:
+ - PBKDF using RIPEMD160 only uses 2000 iterations if the volume isn't a system
+ volume.
+ - The keyfile pool is not XOR'ed with the passphrase but modulo-8 summed.
+ - Every field *except* the minimum version field of the volume header are in
+ big endian.
+ - Some volume header fields (creation time of volume and header) are missing
+ in the documentation.
+ - All two-way cipher cascades are the wrong way round in the documentation,
+ but all three-way cipher cascades are correct.
+
Added: soc2012/vchan/gtcp/bwalex-tc-play/crc32.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crc32.c Mon Jun 18 17:31:44 2012 (r237896)
@@ -0,0 +1,109 @@
+/*-
+ * COPYRIGHT (C) 1986 Gary S. Brown. You may use this program, or
+ * code or tables extracted from it, as desired without restriction.
+ *
+ * First, the polynomial itself and its table of feedback terms. The
+ * polynomial is
+ * X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0
+ *
+ * Note that we take it "backwards" and put the highest-order term in
+ * the lowest-order bit. The X^32 term is "implied"; the LSB is the
+ * X^31 term, etc. The X^0 term (usually shown as "+1") results in
+ * the MSB being 1
+ *
+ * Note that the usual hardware shift register implementation, which
+ * is what we're using (we're merely optimizing it by doing eight-bit
+ * chunks at a time) shifts bits into the lowest-order term. In our
+ * implementation, that means shifting towards the right. Why do we
+ * do it this way? Because the calculated CRC must be transmitted in
+ * order from highest-order term to lowest-order term. UARTs transmit
+ * characters in order from LSB to MSB. By storing the CRC this way
+ * we hand it to the UART in the order low-byte to high-byte; the UART
+ * sends each low-bit to hight-bit; and the result is transmission bit
+ * by bit from highest- to lowest-order term without requiring any bit
+ * shuffling on our part. Reception works similarly
+ *
+ * The feedback terms table consists of 256, 32-bit entries. Notes
+ *
+ * The table can be generated at runtime if desired; code to do so
+ * is shown later. It might not be obvious, but the feedback
+ * terms simply represent the results of eight shift/xor opera
+ * tions for all combinations of data and CRC register values
+ *
+ * The values must be right-shifted by eight bits by the "updcrc
+ * logic; the shift must be unsigned (bring in zeroes). On some
+ * hardware you could probably optimize the shift in assembler by
+ * using byte-swap instructions
+ * polynomial $edb88320
+ */
+
+#include <stdlib.h>
+#include <stdint.h>
+#include "crc32.h"
+
+uint32_t crc32_tab[] = {
+ 0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f,
+ 0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
+ 0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2,
+ 0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
+ 0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9,
+ 0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
+ 0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c,
+ 0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
+ 0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423,
+ 0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
+ 0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106,
+ 0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
+ 0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d,
+ 0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
+ 0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
+ 0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
+ 0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7,
+ 0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
+ 0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa,
+ 0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
+ 0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81,
+ 0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
+ 0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84,
+ 0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
+ 0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
+ 0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
+ 0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e,
+ 0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
+ 0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55,
+ 0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
+ 0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28,
+ 0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
+ 0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f,
+ 0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
+ 0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
+ 0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
+ 0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,
+ 0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
+ 0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc,
+ 0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
+ 0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693,
+ 0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
+ 0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
+};
+
+uint32_t
+crc32(const void *buf, size_t size)
+{
+ const uint8_t *p;
+ uint32_t crc;
+
+ p = buf;
+ crc = ~0U;
+
+ while (size--)
+ crc = crc32_tab[(crc ^ *p++) & 0xFF] ^ (crc >> 8);
+
+ return crc ^ ~0U;
+}
+
+uint32_t
+crc32_intermediate(uint32_t crc, uint8_t d)
+{
+ return crc32_tab[(crc ^ d) & 0xFF] ^ (crc >> 8);
+}
Added: soc2012/vchan/gtcp/bwalex-tc-play/crc32.h
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crc32.h Mon Jun 18 17:31:44 2012 (r237896)
@@ -0,0 +1,2 @@
+uint32_t crc32(const void *buf, size_t size);
+uint32_t crc32_intermediate(uint32_t crc, uint8_t d);
Added: soc2012/vchan/gtcp/bwalex-tc-play/crypto-dev.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crypto-dev.c Mon Jun 18 17:31:44 2012 (r237896)
@@ -0,0 +1,165 @@
+/*
+ * Copyright (c) 2011 Alex Hornung <alex at alexhornung.com>.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/ioctl.h>
+#include <sys/sysctl.h>
+#include <crypto/cryptodev.h>
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include <stdio.h>
+
+#include "tcplay.h"
+
+static
+int
+getallowsoft(void)
+{
+ int old;
+ size_t olen;
+
+ olen = sizeof(old);
+
+ if (sysctlbyname("kern.cryptodevallowsoft", &old, &olen, NULL, 0) < 0) {
+ perror("accessing sysctl kern.cryptodevallowsoft failed");
+ }
+
+ return old;
+}
+
+static
+void
+setallowsoft(int new)
+{
+ int old;
+ size_t olen, nlen;
+
+ olen = nlen = sizeof(new);
+
+ if (sysctlbyname("kern.cryptodevallowsoft", &old, &olen, &new, nlen) < 0) {
+ perror("accessing sysctl kern.cryptodevallowsoft failed");
+ }
+}
+
+static
+int
+get_cryptodev_cipher_id(struct tc_crypto_algo *cipher)
+{
+ if (strcmp(cipher->name, "AES-128-XTS") == 0)
+ return CRYPTO_AES_XTS;
+ else if (strcmp(cipher->name, "AES-256-XTS") == 0)
+ return CRYPTO_AES_XTS;
+ else if (strcmp(cipher->name, "TWOFISH-128-XTS") == 0)
+ return CRYPTO_TWOFISH_XTS;
+ else if (strcmp(cipher->name, "TWOFISH-256-XTS") == 0)
+ return CRYPTO_TWOFISH_XTS;
+ else if (strcmp(cipher->name, "SERPENT-128-XTS") == 0)
+ return CRYPTO_SERPENT_XTS;
+ else if (strcmp(cipher->name, "SERPENT-256-XTS") == 0)
+ return CRYPTO_SERPENT_XTS;
+ else
+ return -1;
+}
+
+int
+syscrypt(struct tc_crypto_algo *cipher, unsigned char *key, size_t klen, unsigned char *iv,
+ unsigned char *in, unsigned char *out, size_t len, int do_encrypt)
+{
+ struct session_op session;
+ struct crypt_op cryp;
+ int cipher_id;
+ int cryptodev_fd = -1, fd = -1;
+
+ cipher_id = get_cryptodev_cipher_id(cipher);
+ if (cipher_id < 0) {
+ tc_log(1, "Cipher %s not found\n",
+ cipher->name);
+ return ENOENT;
+ }
+
+ if ((cryptodev_fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
+ perror("Could not open /dev/crypto");
+ goto err;
+ }
+ if (ioctl(cryptodev_fd, CRIOGET, &fd) == -1) {
+ perror("CRIOGET failed");
+ goto err;
+ }
+ memset(&session, 0, sizeof(session));
+ session.cipher = cipher_id;
+ session.key = (caddr_t) key;
+ session.keylen = klen;
+ if (ioctl(fd, CIOCGSESSION, &session) == -1) {
+ perror("CIOCGSESSION failed");
+ goto err;
+ }
+ memset(&cryp, 0, sizeof(cryp));
+ cryp.ses = session.ses;
+ cryp.op = do_encrypt ? COP_ENCRYPT : COP_DECRYPT;
+ cryp.flags = 0;
+ cryp.len = len;
+ cryp.src = (caddr_t) in;
+ cryp.dst = (caddr_t) out;
+ cryp.iv = (caddr_t) iv;
+ cryp.mac = 0;
+ if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
+ perror("CIOCCRYPT failed");
+ goto err;
+ }
+ if (ioctl(fd, CIOCFSESSION, &session.ses) == -1) {
+ perror("CIOCFSESSION failed");
+ goto err;
+ }
+ close(fd);
+ close(cryptodev_fd);
+ return (0);
+
+err:
+ if (fd != -1)
+ close(fd);
+ if (cryptodev_fd != -1)
+ close(cryptodev_fd);
+ return (-1);
+}
+
+int
+tc_crypto_init(void)
+{
+ int allowed;
+
+ allowed = getallowsoft();
+ if (allowed == 0)
+ setallowsoft(1);
+
+ return 0;
+}
+
Added: soc2012/vchan/gtcp/bwalex-tc-play/crypto-gcrypt.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crypto-gcrypt.c Mon Jun 18 17:31:44 2012 (r237896)
@@ -0,0 +1,203 @@
+/*
+ * Copyright (c) 2011 Alex Hornung <alex at alexhornung.com>.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+//#include <unistd.h>
+#include <inttypes.h>
+#include <errno.h>
+#include <string.h>
+
+/*
+ * Yey for gcrypt and its broken includes...
+ * see http://lists.gnupg.org/pipermail/gcrypt-devel/2011-July/001830.html
+ * and http://seclists.org/wireshark/2011/Jul/208
+ * for more details...
+ */
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#include <gcrypt.h>
+#pragma GCC diagnostic warning "-Wdeprecated-declarations"
+
+#include "generic_xts.h"
+#include "tcplay.h"
+
+
+static int
+gcrypt_encrypt(void *ctx, size_t blk_len, const uint8_t *src, uint8_t *dst)
+{
+ gcry_cipher_hd_t cipher_hd = (gcry_cipher_hd_t)ctx;
+ gcry_error_t gcry_err;
+
+ gcry_err = gcry_cipher_encrypt(
+ cipher_hd,
+ dst,
+ blk_len, /* gcry_cipher_get_algo_blklen(GCRY_CIPHER_AES256) */
+ src,
+ blk_len);
+
+ return (gcry_err != 0);
+}
+
+static int
+gcrypt_decrypt(void *ctx, size_t blk_len, const uint8_t *src, uint8_t *dst)
+{
+ gcry_cipher_hd_t cipher_hd = (gcry_cipher_hd_t)ctx;
+ gcry_error_t gcry_err;
+
+ gcry_err = gcry_cipher_decrypt(
+ cipher_hd,
+ dst,
+ blk_len /* gcry_cipher_get_algo_blklen(GCRY_CIPHER_AES256) */,
+ src,
+ blk_len);
+
+ return (gcry_err != 0);
+}
+
+static int
+gcrypt_set_key(void **ctx, void *arg1, void *arg2 __unused, const u_int8_t *key,
+ int keybits __unused)
+{
+ gcry_cipher_hd_t *cipher_hd = (gcry_cipher_hd_t *)ctx;
+ int cipher = *((int *)arg1);
+ gcry_error_t gcry_err;
+
+ gcry_err = gcry_cipher_open(
+ cipher_hd,
+ cipher,
+ GCRY_CIPHER_MODE_ECB,
+ 0);
+
+ if (gcry_err)
+ return -1;
+
+ gcry_err = gcry_cipher_setkey(
+ *cipher_hd,
+ key,
+ gcry_cipher_get_algo_keylen(cipher));
+
+ if (gcry_err) {
+ gcry_cipher_close(*cipher_hd);
+ *ctx = NULL;
+ return -1;
+ }
+
+ return 0;
+}
+
+static int
+gcrypt_zero_key(void **ctx)
+{
+ gcry_cipher_hd_t *cipher_hd = (gcry_cipher_hd_t *)ctx;
+
+ if (*cipher_hd == NULL)
+ return 0;
+
+ gcry_cipher_close(*cipher_hd);
+ return 0;
+}
+
+static
+int
+get_gcrypt_cipher_id(struct tc_crypto_algo *cipher)
+{
+ if (strcmp(cipher->name, "AES-128-XTS") == 0)
+ return GCRY_CIPHER_AES128;
+ else if (strcmp(cipher->name, "AES-256-XTS") == 0)
+ return GCRY_CIPHER_AES256;
+ else if (strcmp(cipher->name, "TWOFISH-128-XTS") == 0)
+ return GCRY_CIPHER_TWOFISH128;
+ else if (strcmp(cipher->name, "TWOFISH-256-XTS") == 0)
+ return GCRY_CIPHER_TWOFISH; /* XXX: really 256? */
+ else if (strcmp(cipher->name, "SERPENT-128-XTS") == 0)
+ return GCRY_CIPHER_SERPENT128;
+ else if (strcmp(cipher->name, "SERPENT-256-XTS") == 0)
+ return GCRY_CIPHER_SERPENT256;
+ else
+ return -1;
+}
+
+int
+syscrypt(struct tc_crypto_algo *cipher, unsigned char *key, size_t klen, unsigned char *iv,
+ unsigned char *in, unsigned char *out, size_t len, int do_encrypt)
+{
+ struct xts_ctx *ctx;
+ int cipher_id;
+ int err;
+
+ cipher_id = get_gcrypt_cipher_id(cipher);
+ if (cipher_id < 0) {
+ tc_log(1, "Cipher %s not found\n",
+ cipher->name);
+ return ENOENT;
+ }
+
+ if ((ctx = (struct xts_ctx *)alloc_safe_mem(sizeof(struct xts_ctx))) ==
+ NULL) {
+ tc_log(1, "Could not allocate safe xts_xts memory\n");
+ return ENOMEM;
+ }
+
+ err = xts_init(ctx, &cipher_id, NULL, gcrypt_set_key, gcrypt_zero_key,
+ gcrypt_encrypt, gcrypt_decrypt,
+ gcry_cipher_get_algo_blklen(cipher_id),
+ key, klen);
+ if (err) {
+ tc_log(1, "Error initializing generic XTS\n");
+ return EINVAL;
+ }
+
+ memcpy(out, in, len);
+ if (do_encrypt)
+ err = xts_encrypt(ctx, out, len, iv);
+ else
+ err = xts_decrypt(ctx, out, len, iv);
+
+ if (err) {
+ tc_log(1, "Error encrypting/decrypting\n");
+ xts_uninit(ctx);
+ return EINVAL;
+ }
+
+ xts_uninit(ctx);
+ free_safe_mem(ctx);
+
+ return 0;
+}
+
+int
+tc_crypto_init(void)
+{
+ gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN);
+ gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);
+ gcry_control(GCRYCTL_RESUME_SECMEM_WARN);
+
+ gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+
+ return 0;
+}
+
Added: soc2012/vchan/gtcp/bwalex-tc-play/crypto.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crypto.c Mon Jun 18 17:31:44 2012 (r237896)
@@ -0,0 +1,272 @@
+/*
+ * Copyright (c) 2011 Alex Hornung <alex at alexhornung.com>.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+#include <sys/types.h>
+#include <sys/param.h>
+#include <inttypes.h>
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include <stdio.h>
+
+#include "crc32.h"
+#include "tcplay.h"
+
+int
+tc_cipher_chain_populate_keys(struct tc_cipher_chain *cipher_chain,
+ unsigned char *key)
+{
+ int total_key_bytes, used_key_bytes;
+ struct tc_cipher_chain *dummy_chain;
+
+ /*
+ * We need to determine the total key bytes as the key locations
+ * depend on it.
+ */
+ total_key_bytes = 0;
+ for (dummy_chain = cipher_chain;
+ dummy_chain != NULL;
+ dummy_chain = dummy_chain->next) {
+ total_key_bytes += dummy_chain->cipher->klen;
+ }
+
+ /*
+ * Now we need to get prepare the keys, as the keys are in
+ * forward order with respect to the cipher cascade, but
+ * the actual decryption is in reverse cipher cascade order.
+ */
+ used_key_bytes = 0;
+ for (dummy_chain = cipher_chain;
+ dummy_chain != NULL;
+ dummy_chain = dummy_chain->next) {
+ dummy_chain->key = alloc_safe_mem(dummy_chain->cipher->klen);
+ if (dummy_chain->key == NULL) {
+ tc_log(1, "tc_decrypt: Could not allocate key "
+ "memory\n");
+ return ENOMEM;
+ }
+
+ /* XXX: here we assume XTS operation! */
+ memcpy(dummy_chain->key,
+ key + used_key_bytes/2,
+ dummy_chain->cipher->klen/2);
+ memcpy(dummy_chain->key + dummy_chain->cipher->klen/2,
+ key + (total_key_bytes/2) + used_key_bytes/2,
+ dummy_chain->cipher->klen/2);
+
+ /* Remember how many key bytes we've seen */
+ used_key_bytes += dummy_chain->cipher->klen;
+ }
+
+ return 0;
+}
+
+int
+tc_cipher_chain_free_keys(struct tc_cipher_chain *cipher_chain)
+{
+ for (; cipher_chain != NULL; cipher_chain = cipher_chain->next) {
+ if (cipher_chain->key != NULL) {
+ free_safe_mem(cipher_chain->key);
+ cipher_chain->key = NULL;
+ }
+ }
+
+ return 0;
+}
+
+int
+tc_encrypt(struct tc_cipher_chain *cipher_chain, unsigned char *key,
+ unsigned char *iv,
+ unsigned char *in, int in_len, unsigned char *out)
+{
+ struct tc_cipher_chain *chain_start;
+ int err;
+
+ chain_start = cipher_chain;
+
+ if ((err = tc_cipher_chain_populate_keys(cipher_chain, key)))
+ return err;
+
+#ifdef DEBUG
+ printf("tc_encrypt: starting chain\n");
+#endif
+
+ /*
+ * Now process the actual decryption, in forward cascade order.
+ */
+ for (;
+ cipher_chain != NULL;
+ cipher_chain = cipher_chain->next) {
+#ifdef DEBUG
+ printf("tc_encrypt: Currently using cipher %s\n",
+ cipher_chain->cipher->name);
+#endif
+
+ err = syscrypt(cipher_chain->cipher, cipher_chain->key,
+ cipher_chain->cipher->klen, iv, in, out, in_len, 1);
+
+ /* Deallocate this key, since we won't need it anymore */
+ free_safe_mem(cipher_chain->key);
+ cipher_chain->key = NULL;
+
+ if (err != 0) {
+ tc_cipher_chain_free_keys(chain_start);
+ return err;
+ }
+
+ /* Set next input buffer as current output buffer */
+ in = out;
+ }
+
+ tc_cipher_chain_free_keys(chain_start);
+
+ return 0;
+}
+
+int
+tc_decrypt(struct tc_cipher_chain *cipher_chain, unsigned char *key,
+ unsigned char *iv,
+ unsigned char *in, int in_len, unsigned char *out)
+{
+ struct tc_cipher_chain *chain_start;
+ int err;
+
+ chain_start = cipher_chain;
+
+ if ((err = tc_cipher_chain_populate_keys(cipher_chain, key)))
+ return err;
+
+#ifdef DEBUG
+ printf("tc_decrypt: starting chain!\n");
+#endif
+
+ /*
+ * Now process the actual decryption, in reverse cascade order; so
+ * first find the last element in the chain.
+ */
+ for (; cipher_chain->next != NULL; cipher_chain = cipher_chain->next)
+ ;
+ for (;
+ cipher_chain != NULL;
+ cipher_chain = cipher_chain->prev) {
+#ifdef DEBUG
+ printf("tc_decrypt: Currently using cipher %s\n",
+ cipher_chain->cipher->name);
+#endif
+
+ err = syscrypt(cipher_chain->cipher, cipher_chain->key,
+ cipher_chain->cipher->klen, iv, in, out, in_len, 0);
+
+ /* Deallocate this key, since we won't need it anymore */
+ free_safe_mem(cipher_chain->key);
+ cipher_chain->key = NULL;
+
+ if (err != 0) {
+ tc_cipher_chain_free_keys(chain_start);
+ return err;
+ }
+
+ /* Set next input buffer as current output buffer */
+ in = out;
+ }
+
+ tc_cipher_chain_free_keys(chain_start);
+
+ return 0;
+}
+
+int
+apply_keyfiles(unsigned char *pass, size_t pass_memsz, const char *keyfiles[],
+ int nkeyfiles)
+{
+ int pl, k;
+ unsigned char *kpool;
+ unsigned char *kdata;
+ int kpool_idx;
+ size_t i, kdata_sz;
+ uint32_t crc;
+
+ if (pass_memsz < MAX_PASSSZ) {
+ tc_log(1, "Not enough memory for password manipluation\n");
+ return ENOMEM;
+ }
+
+ pl = strlen((char *)pass);
+ memset(pass+pl, 0, MAX_PASSSZ-pl);
+
+ if ((kpool = alloc_safe_mem(KPOOL_SZ)) == NULL) {
+ tc_log(1, "Error allocating memory for keyfile pool\n");
+ return ENOMEM;
+ }
+
+ memset(kpool, 0, KPOOL_SZ);
+
+ for (k = 0; k < nkeyfiles; k++) {
+#ifdef DEBUG
+ printf("Loading keyfile %s into kpool\n", keyfiles[k]);
+#endif
+ kpool_idx = 0;
+ crc = ~0U;
+ kdata_sz = MAX_KFILE_SZ;
+
+ if ((kdata = read_to_safe_mem(keyfiles[k], 0, &kdata_sz)) == NULL) {
+ tc_log(1, "Error reading keyfile %s content\n",
+ keyfiles[k]);
+ free_safe_mem(kpool);
+ return EIO;
+ }
+
+ for (i = 0; i < kdata_sz; i++) {
+ crc = crc32_intermediate(crc, kdata[i]);
+
+ kpool[kpool_idx++] += (unsigned char)(crc >> 24);
+ kpool[kpool_idx++] += (unsigned char)(crc >> 16);
+ kpool[kpool_idx++] += (unsigned char)(crc >> 8);
+ kpool[kpool_idx++] += (unsigned char)(crc);
+
+ /* Wrap around */
+ if (kpool_idx == KPOOL_SZ)
+ kpool_idx = 0;
+ }
+
+ free_safe_mem(kdata);
+ }
+
+#ifdef DEBUG
+ printf("Applying kpool to passphrase\n");
+#endif
+ /* Apply keyfile pool to passphrase */
+ for (i = 0; i < KPOOL_SZ; i++)
+ pass[i] += kpool[i];
+
+ free_safe_mem(kpool);
+
+ return 0;
+}
Added: soc2012/vchan/gtcp/bwalex-tc-play/generic_xts.c
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/generic_xts.c Mon Jun 18 17:31:44 2012 (r237896)
@@ -0,0 +1,175 @@
+/*
+ * Copyright (C) 2008, Damien Miller
+ * Copyright (C) 2011, Alex Hornung
+ *
+ * Permission to use, copy, and modify this software with or without fee
+ * is hereby granted, provided that this entire notice is included in
+ * all copies of any software which is or includes a copy or
+ * modification of this software.
+ * You may use this code under the GNU public license if you so wish. Please
+ * contribute changes back to the authors under this freer than GPL license
+ * so that we may further the use of strong encryption without limitations to
+ * all.
+ *
+ * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
+ * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
+ * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
+ * PURPOSE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <inttypes.h>
+
+#include "tcplay.h"
+#include "generic_xts.h"
+
+
+
+static int
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-soc-all
mailing list