socsvn commit: r237896 - in soc2012/vchan/gtcp: . bwalex-tc-play

[vchan at FreeBSD.org]

Author: vchan
Date: Mon Jun 18 17:31:44 2012
New Revision: 237896
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=237896

Log:
  initial commit

Added:
  soc2012/vchan/gtcp/
  soc2012/vchan/gtcp/bwalex-tc-play/
  soc2012/vchan/gtcp/bwalex-tc-play/LICENSE
  soc2012/vchan/gtcp/bwalex-tc-play/Makefile
  soc2012/vchan/gtcp/bwalex-tc-play/README.md
  soc2012/vchan/gtcp/bwalex-tc-play/crc32.c
  soc2012/vchan/gtcp/bwalex-tc-play/crc32.h
  soc2012/vchan/gtcp/bwalex-tc-play/crypto-dev.c
  soc2012/vchan/gtcp/bwalex-tc-play/crypto-gcrypt.c
  soc2012/vchan/gtcp/bwalex-tc-play/crypto.c
  soc2012/vchan/gtcp/bwalex-tc-play/generic_xts.c
  soc2012/vchan/gtcp/bwalex-tc-play/generic_xts.h
  soc2012/vchan/gtcp/bwalex-tc-play/hdr.c
  soc2012/vchan/gtcp/bwalex-tc-play/humanize.c
  soc2012/vchan/gtcp/bwalex-tc-play/humanize.h
  soc2012/vchan/gtcp/bwalex-tc-play/io.c
  soc2012/vchan/gtcp/bwalex-tc-play/main.c
  soc2012/vchan/gtcp/bwalex-tc-play/pbkdf2-gcrypt.c
  soc2012/vchan/gtcp/bwalex-tc-play/pbkdf2-openssl.c
  soc2012/vchan/gtcp/bwalex-tc-play/safe_mem.c
  soc2012/vchan/gtcp/bwalex-tc-play/tcplay.3
  soc2012/vchan/gtcp/bwalex-tc-play/tcplay.8
  soc2012/vchan/gtcp/bwalex-tc-play/tcplay.c
  soc2012/vchan/gtcp/bwalex-tc-play/tcplay.h
  soc2012/vchan/gtcp/bwalex-tc-play/tcplay.map
  soc2012/vchan/gtcp/bwalex-tc-play/tcplay_api.c
  soc2012/vchan/gtcp/bwalex-tc-play/tcplay_api.h
  soc2012/vchan/gtcp/bwalex-tc-play/tcplay_api_test.c

Added: soc2012/vchan/gtcp/bwalex-tc-play/LICENSE
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/LICENSE	Mon Jun 18 17:31:44 2012	(r237896)
@@ -0,0 +1,26 @@
+Copyright (c) 2011 Alex Hornung <alex at alexhornung.com>.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in
+   the documentation and/or other materials provided with the
+   distribution.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
+COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.

Added: soc2012/vchan/gtcp/bwalex-tc-play/Makefile
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/Makefile	Mon Jun 18 17:31:44 2012	(r237896)
@@ -0,0 +1,66 @@
+# either linux or dragonfly
+SYSTEM?=linux
+
+# either openssl or gcrypt
+PBKDF_BACKEND?=openssl
+
+# system compiler, normally gcc
+CC?=gcc
+
+# whether to enable debugging or not
+DEBUG?=no
+
+WARNFLAGS= -Wsystem-headers -Werror -Wall -W -Wno-unused-parameter \
+	-Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith \
+	-Wold-style-definition -Wreturn-type -Wcast-qual -Wwrite-strings \
+	-Wswitch -Wshadow -Wcast-align -Wunused-parameter -Wchar-subscripts \
+	-Winline -Wnested-externs
+
+SRCS=	tcplay.c crc32.c safe_mem.c io.c hdr.c humanize.c
+SRCS+=	crypto.c generic_xts.c
+OBJS=	tcplay.o crc32.o safe_mem.o io.o hdr.o humanize.o
+OBJS+=	crypto.o generic_xts.o
+
+CFLAGS+= $(WARNFLAGS)
+
+ifeq (${DEBUG}, yes)
+  CFLAGS+= -O0 -g -DDEBUG
+else
+  CFLAGS+= -O3
+endif
+
+ifeq (${SYSTEM}, linux)
+  CFLAGS+=	-D_GNU_SOURCE
+  LIBS+=	-lgcrypt -ldevmapper -luuid
+  SRCS+=	crypto-gcrypt.c
+  OBJS+=	crypto-gcrypt.o
+  ifeq (${PBKDF_BACKEND}, gcrypt)
+    SRCS+=	pbkdf2-gcrypt.c
+    OBJS+=	pbkdf2-gcrypt.o
+  endif
+  ifeq (${PBKDF_BACKEND}, openssl)
+    SRCS+=	pbkdf2-openssl.c
+    OBJS+=	pbkdf2-openssl.o
+    LIBS+=	-lcrypto
+  endif
+endif
+
+ifeq (${SYSTEM}, dragonfly)
+  LIBS+=	-lcrypto -ldm -lprop
+  SRCS+=	crypto-dev.c
+  OBJS+=	crypto-dev.o
+  SRCS+=	pbkdf2-openssl.c
+  OBJS+=	pbkdf2-openssl.o
+endif
+
+program:
+	$(CC) $(CFLAGS) -o tcplay main.c $(SRCS) $(LIBS)
+lib:
+	$(CC) $(CFLAGS) -c -fPIC tcplay_api.c $(SRCS)
+	$(CC) -shared -Wl,-version-script=tcplay.map -o libtcplay.so tcplay_api.o $(OBJS)
+
+test:
+	gcc -O0 -g -L. -I. tcplay_api_test.c -ltcplay -lcrypto -ldm -lprop
+clean:
+	rm -f tcplay libtcplay.so tcplay.core *.o ktrace.out
+

Added: soc2012/vchan/gtcp/bwalex-tc-play/README.md
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/README.md	Mon Jun 18 17:31:44 2012	(r237896)
@@ -0,0 +1,98 @@
+About
+==========
+tcplay is a free (BSD-licensed), pretty much fully featured (including multiple
+keyfiles, cipher cascades, etc) and stable TrueCrypt implementation.
+
+This implementation supports mapping (opening) both system and normal TrueCrypt
+volumes, as well as opening hidden volumes and opening an outer volume while
+protecting a hidden volume. There is also support to create volumes, including
+hidden volumes, etc.
+
+Since tcplay uses dm-crypt (or dm_target_crypt on DragonFly) it makes full use
+of any available hardware encryption/decryption support once the volume has been
+mapped.
+
+It is based solely on the documentation available on the TrueCrypt website,
+many hours of trial and error and the output of the Linux' TrueCrypt client.
+As it turns out, most technical documents on TrueCrypt contains mistakes, hence
+the trial and error approach.
+
+
+
+Implementation notes
+==========
+DragonFly BSD uses the hybrid OpenSSL + cryptodev(9) approach that can be 
+found in crypto-dev.c. OpenSSL is only used for the hash/pbkdf2. The
+encryption/decryption is performed via cryptodev(9) with enabled cryptosoft.
+
+On Linux gcrypt is used for the encryption and decryption. For the hash/pbkdf2
+either gcrypt or OpenSSL can be used. gcrypt only supports pbkdf2 since its
+July 2011 release (1.5.0), while OpenSSL has had pbkdf2 since around December
+2010, so its easier to find in most distros.
+
+The crypto options can be chosen with make/Makefile parameters. Building on Linux
+is as easy as doing
+
+    make SYSTEM=linux
+
+you can even skip the SYSTEM=linux, since that's the default. To choose the
+PBKDF backend, you can use either,
+
+    make PBKDF_BACKEND=openssl
+
+or
+
+    make PBKDF_BACKEND=gcrypt
+
+The interface to device mapper is libdevmapper on Linux and libdm on DragonFly.
+libdm is a BSD-licensed version of libdevmapper that I hacked together in a few
+hours.
+
+
+
+OS Support
+==========
+tcplay is now available for both DragonFly BSD and Linux. It is a core part of
+the DragonFly BSD operating system and is available in a number of linux
+distros.
+
+
+
+Licensing
+==========
+The project is under a two-clause BSD license. I would consider dual-licensing
+it if required. Drop me an email to discuss the options.
+
+
+
+Development
+==========
+tcplay is pretty much stable, but if you find a bug, please report it.
+If anyone wants to add new features or port it to another OS, I'll gladly merge
+your changes into this repository so that there is a single point of contact.
+
+I've noticed that sometimes bugs are only reported downstream (e.g. in the
+distro's bugtracker). Please make sure those bugs are also reported upstream on
+github, otherwise odds are they will never reach me.
+
+Coming features:
+ - restoring header from backup header
+
+
+
+Bugs in the TrueCrypt documentation
+==========
+The TrueCrypt documentation is pretty bad and does not really represent the
+actual on-disk format nor the encryption/decryption process.
+
+Some notable differences between actual implementation and documentation:
+ - PBKDF using RIPEMD160 only uses 2000 iterations if the volume isn't a system
+   volume.
+ - The keyfile pool is not XOR'ed with the passphrase but modulo-8 summed.
+ - Every field *except* the minimum version field of the volume header are in
+   big endian.
+ - Some volume header fields (creation time of volume and header) are missing
+   in the documentation.
+ - All two-way cipher cascades are the wrong way round in the documentation,
+   but all three-way cipher cascades are correct.
+

Added: soc2012/vchan/gtcp/bwalex-tc-play/crc32.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crc32.c	Mon Jun 18 17:31:44 2012	(r237896)
@@ -0,0 +1,109 @@
+/*-
+ *  COPYRIGHT (C) 1986 Gary S. Brown.  You may use this program, or
+ *  code or tables extracted from it, as desired without restriction.
+ *
+ *  First, the polynomial itself and its table of feedback terms.  The
+ *  polynomial is
+ *  X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0
+ *
+ *  Note that we take it "backwards" and put the highest-order term in
+ *  the lowest-order bit.  The X^32 term is "implied"; the LSB is the
+ *  X^31 term, etc.  The X^0 term (usually shown as "+1") results in
+ *  the MSB being 1
+ *
+ *  Note that the usual hardware shift register implementation, which
+ *  is what we're using (we're merely optimizing it by doing eight-bit
+ *  chunks at a time) shifts bits into the lowest-order term.  In our
+ *  implementation, that means shifting towards the right.  Why do we
+ *  do it this way?  Because the calculated CRC must be transmitted in
+ *  order from highest-order term to lowest-order term.  UARTs transmit
+ *  characters in order from LSB to MSB.  By storing the CRC this way
+ *  we hand it to the UART in the order low-byte to high-byte; the UART
+ *  sends each low-bit to hight-bit; and the result is transmission bit
+ *  by bit from highest- to lowest-order term without requiring any bit
+ *  shuffling on our part.  Reception works similarly
+ *
+ *  The feedback terms table consists of 256, 32-bit entries.  Notes
+ *
+ *      The table can be generated at runtime if desired; code to do so
+ *      is shown later.  It might not be obvious, but the feedback
+ *      terms simply represent the results of eight shift/xor opera
+ *      tions for all combinations of data and CRC register values
+ *
+ *      The values must be right-shifted by eight bits by the "updcrc
+ *      logic; the shift must be unsigned (bring in zeroes).  On some
+ *      hardware you could probably optimize the shift in assembler by
+ *      using byte-swap instructions
+ *      polynomial $edb88320
+ */
+
+#include <stdlib.h>
+#include <stdint.h>
+#include "crc32.h"
+
+uint32_t crc32_tab[] = {
+	0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f,
+	0xe963a535, 0x9e6495a3,	0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988,
+	0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2,
+	0xf3b97148, 0x84be41de,	0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7,
+	0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec,	0x14015c4f, 0x63066cd9,
+	0xfa0f3d63, 0x8d080df5,	0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172,
+	0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b,	0x35b5a8fa, 0x42b2986c,
+	0xdbbbc9d6, 0xacbcf940,	0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59,
+	0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423,
+	0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924,
+	0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d,	0x76dc4190, 0x01db7106,
+	0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433,
+	0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d,
+	0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e,
+	0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950,
+	0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65,
+	0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7,
+	0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0,
+	0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa,
+	0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f,
+	0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81,
+	0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a,
+	0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84,
+	0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1,
+	0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb,
+	0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc,
+	0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e,
+	0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b,
+	0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55,
+	0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236,
+	0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28,
+	0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d,
+	0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f,
+	0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38,
+	0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242,
+	0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777,
+	0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69,
+	0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2,
+	0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc,
+	0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9,
+	0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693,
+	0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94,
+	0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d
+};
+
+uint32_t
+crc32(const void *buf, size_t size)
+{
+	const uint8_t *p;
+	uint32_t crc;
+
+	p = buf;
+	crc = ~0U;
+
+	while (size--)
+		crc = crc32_tab[(crc ^ *p++) & 0xFF] ^ (crc >> 8);
+
+	return crc ^ ~0U;
+}
+
+uint32_t
+crc32_intermediate(uint32_t crc, uint8_t d)
+{
+	return crc32_tab[(crc ^ d) & 0xFF] ^ (crc >> 8);
+}

Added: soc2012/vchan/gtcp/bwalex-tc-play/crc32.h
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crc32.h	Mon Jun 18 17:31:44 2012	(r237896)
@@ -0,0 +1,2 @@
+uint32_t crc32(const void *buf, size_t size);
+uint32_t crc32_intermediate(uint32_t crc, uint8_t d);

Added: soc2012/vchan/gtcp/bwalex-tc-play/crypto-dev.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crypto-dev.c	Mon Jun 18 17:31:44 2012	(r237896)
@@ -0,0 +1,165 @@
+/*
+ * Copyright (c) 2011 Alex Hornung <alex at alexhornung.com>.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/ioctl.h>
+#include <sys/sysctl.h>
+#include <crypto/cryptodev.h>
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include <stdio.h>
+
+#include "tcplay.h"
+
+static
+int
+getallowsoft(void)
+{
+	int old;
+	size_t olen;
+
+	olen = sizeof(old);
+
+	if (sysctlbyname("kern.cryptodevallowsoft", &old, &olen, NULL, 0) < 0) {
+		perror("accessing sysctl kern.cryptodevallowsoft failed");
+	}
+
+	return old;
+}
+
+static
+void
+setallowsoft(int new)
+{
+	int old;
+	size_t olen, nlen;
+
+	olen = nlen = sizeof(new);
+
+	if (sysctlbyname("kern.cryptodevallowsoft", &old, &olen, &new, nlen) < 0) {
+		perror("accessing sysctl kern.cryptodevallowsoft failed");
+	}
+}
+
+static
+int
+get_cryptodev_cipher_id(struct tc_crypto_algo *cipher)
+{
+	if	(strcmp(cipher->name, "AES-128-XTS") == 0)
+		return CRYPTO_AES_XTS;
+	else if (strcmp(cipher->name, "AES-256-XTS") == 0)
+		return CRYPTO_AES_XTS;
+	else if (strcmp(cipher->name, "TWOFISH-128-XTS") == 0)
+		return CRYPTO_TWOFISH_XTS;
+	else if (strcmp(cipher->name, "TWOFISH-256-XTS") == 0)
+		return CRYPTO_TWOFISH_XTS;
+	else if (strcmp(cipher->name, "SERPENT-128-XTS") == 0)
+		return CRYPTO_SERPENT_XTS;
+	else if (strcmp(cipher->name, "SERPENT-256-XTS") == 0)
+		return CRYPTO_SERPENT_XTS;
+	else
+		return -1;
+}
+
+int
+syscrypt(struct tc_crypto_algo *cipher, unsigned char *key, size_t klen, unsigned char *iv,
+    unsigned char *in, unsigned char *out, size_t len, int do_encrypt)
+{
+	struct session_op session;
+	struct crypt_op cryp;
+	int cipher_id;
+	int cryptodev_fd = -1, fd = -1;
+
+	cipher_id = get_cryptodev_cipher_id(cipher);
+	if (cipher_id < 0) {
+		tc_log(1, "Cipher %s not found\n",
+		    cipher->name);
+		return ENOENT;
+	}
+
+	if ((cryptodev_fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
+		perror("Could not open /dev/crypto");
+		goto err;
+	}
+	if (ioctl(cryptodev_fd, CRIOGET, &fd) == -1) {
+		perror("CRIOGET failed");
+		goto err;
+	}
+	memset(&session, 0, sizeof(session));
+	session.cipher = cipher_id;
+	session.key = (caddr_t) key;
+	session.keylen = klen;
+	if (ioctl(fd, CIOCGSESSION, &session) == -1) {
+		perror("CIOCGSESSION failed");
+		goto err;
+	}
+	memset(&cryp, 0, sizeof(cryp));
+	cryp.ses = session.ses;
+	cryp.op = do_encrypt ? COP_ENCRYPT : COP_DECRYPT;
+	cryp.flags = 0;
+	cryp.len = len;
+	cryp.src = (caddr_t) in;
+	cryp.dst = (caddr_t) out;
+	cryp.iv = (caddr_t) iv;
+	cryp.mac = 0;
+	if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
+		perror("CIOCCRYPT failed");
+		goto err;
+	}
+	if (ioctl(fd, CIOCFSESSION, &session.ses) == -1) {
+		perror("CIOCFSESSION failed");
+		goto err;
+	}
+	close(fd);
+	close(cryptodev_fd);
+	return (0);
+
+err:
+	if (fd != -1)
+		close(fd);
+	if (cryptodev_fd != -1)
+		close(cryptodev_fd);
+	return (-1);
+}
+
+int
+tc_crypto_init(void)
+{
+	int allowed;
+
+	allowed = getallowsoft();
+	if (allowed == 0)
+		setallowsoft(1);
+
+	return 0;
+}
+

Added: soc2012/vchan/gtcp/bwalex-tc-play/crypto-gcrypt.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crypto-gcrypt.c	Mon Jun 18 17:31:44 2012	(r237896)
@@ -0,0 +1,203 @@
+/*
+ * Copyright (c) 2011 Alex Hornung <alex at alexhornung.com>.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+//#include <unistd.h>
+#include <inttypes.h>
+#include <errno.h>
+#include <string.h>
+
+/*
+ * Yey for gcrypt and its broken includes...
+ * see http://lists.gnupg.org/pipermail/gcrypt-devel/2011-July/001830.html
+ * and http://seclists.org/wireshark/2011/Jul/208
+ * for more details...
+ */
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+#include <gcrypt.h>
+#pragma GCC diagnostic warning "-Wdeprecated-declarations"
+
+#include "generic_xts.h"
+#include "tcplay.h"
+
+
+static int
+gcrypt_encrypt(void *ctx, size_t blk_len, const uint8_t *src, uint8_t *dst)
+{
+	gcry_cipher_hd_t cipher_hd = (gcry_cipher_hd_t)ctx;
+	gcry_error_t gcry_err;
+
+	gcry_err = gcry_cipher_encrypt(
+	    cipher_hd,
+	    dst,
+	    blk_len, /* gcry_cipher_get_algo_blklen(GCRY_CIPHER_AES256) */
+	    src,
+	    blk_len);
+
+	return (gcry_err != 0);
+}
+
+static int
+gcrypt_decrypt(void *ctx, size_t blk_len, const uint8_t *src, uint8_t *dst)
+{
+	gcry_cipher_hd_t cipher_hd = (gcry_cipher_hd_t)ctx;
+	gcry_error_t gcry_err;
+
+	gcry_err = gcry_cipher_decrypt(
+	    cipher_hd,
+	    dst,
+	    blk_len /* gcry_cipher_get_algo_blklen(GCRY_CIPHER_AES256) */,
+	    src,
+	    blk_len);
+
+	return (gcry_err != 0);
+}
+
+static int
+gcrypt_set_key(void **ctx, void *arg1, void *arg2 __unused, const u_int8_t *key,
+    int keybits __unused)
+{
+	gcry_cipher_hd_t *cipher_hd = (gcry_cipher_hd_t *)ctx;
+	int cipher = *((int *)arg1);
+	gcry_error_t	gcry_err;
+
+	gcry_err = gcry_cipher_open(
+	    cipher_hd,
+	    cipher,
+	    GCRY_CIPHER_MODE_ECB,
+	    0);
+
+	if (gcry_err)
+		return -1;
+
+	gcry_err = gcry_cipher_setkey(
+	    *cipher_hd,
+	    key,
+	    gcry_cipher_get_algo_keylen(cipher));
+
+	if (gcry_err) {
+		gcry_cipher_close(*cipher_hd);
+		*ctx = NULL;
+		return -1;
+	}
+
+	return 0;
+}
+
+static int
+gcrypt_zero_key(void **ctx)
+{
+	gcry_cipher_hd_t *cipher_hd = (gcry_cipher_hd_t *)ctx;
+
+	if (*cipher_hd == NULL)
+		return 0;
+
+	gcry_cipher_close(*cipher_hd);
+	return 0;
+}
+
+static
+int
+get_gcrypt_cipher_id(struct tc_crypto_algo *cipher)
+{
+	if	(strcmp(cipher->name, "AES-128-XTS") == 0)
+		return GCRY_CIPHER_AES128;
+	else if (strcmp(cipher->name, "AES-256-XTS") == 0)
+		return GCRY_CIPHER_AES256;
+	else if (strcmp(cipher->name, "TWOFISH-128-XTS") == 0)
+		return GCRY_CIPHER_TWOFISH128;
+	else if (strcmp(cipher->name, "TWOFISH-256-XTS") == 0)
+		return GCRY_CIPHER_TWOFISH; /* XXX: really 256? */
+	else if (strcmp(cipher->name, "SERPENT-128-XTS") == 0)
+		return GCRY_CIPHER_SERPENT128;
+	else if (strcmp(cipher->name, "SERPENT-256-XTS") == 0)
+		return GCRY_CIPHER_SERPENT256;
+	else
+		return -1;
+}
+
+int
+syscrypt(struct tc_crypto_algo *cipher, unsigned char *key, size_t klen, unsigned char *iv,
+    unsigned char *in, unsigned char *out, size_t len, int do_encrypt)
+{
+	struct xts_ctx *ctx;
+	int cipher_id;
+	int err;
+
+	cipher_id = get_gcrypt_cipher_id(cipher);
+	if (cipher_id < 0) {
+		tc_log(1, "Cipher %s not found\n",
+		    cipher->name);
+		return ENOENT;
+	}
+
+	if ((ctx = (struct xts_ctx *)alloc_safe_mem(sizeof(struct xts_ctx))) ==
+	    NULL) {
+		tc_log(1, "Could not allocate safe xts_xts memory\n");
+		return ENOMEM;
+	}
+
+	err = xts_init(ctx, &cipher_id, NULL, gcrypt_set_key, gcrypt_zero_key,
+	    gcrypt_encrypt, gcrypt_decrypt,
+	    gcry_cipher_get_algo_blklen(cipher_id),
+	    key, klen);
+	if (err) {
+		tc_log(1, "Error initializing generic XTS\n");
+		return EINVAL;
+	}
+
+	memcpy(out, in, len);
+	if (do_encrypt)
+		err = xts_encrypt(ctx, out, len, iv);
+	else
+		err = xts_decrypt(ctx, out, len, iv);
+
+	if (err) {
+		tc_log(1, "Error encrypting/decrypting\n");
+		xts_uninit(ctx);
+		return EINVAL;
+	}
+
+	xts_uninit(ctx);
+	free_safe_mem(ctx);
+
+	return 0;
+}
+
+int
+tc_crypto_init(void)
+{
+	gcry_control(GCRYCTL_SUSPEND_SECMEM_WARN);
+	gcry_control(GCRYCTL_INIT_SECMEM, 16384, 0);
+	gcry_control(GCRYCTL_RESUME_SECMEM_WARN);
+
+	gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
+
+	return 0;
+}
+

Added: soc2012/vchan/gtcp/bwalex-tc-play/crypto.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/crypto.c	Mon Jun 18 17:31:44 2012	(r237896)
@@ -0,0 +1,272 @@
+/*
+ * Copyright (c) 2011 Alex Hornung <alex at alexhornung.com>.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
+ * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+#include <sys/types.h>
+#include <sys/param.h>
+#include <inttypes.h>
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include <stdio.h>
+
+#include "crc32.h"
+#include "tcplay.h"
+
+int
+tc_cipher_chain_populate_keys(struct tc_cipher_chain *cipher_chain,
+    unsigned char *key)
+{
+	int total_key_bytes, used_key_bytes;
+	struct tc_cipher_chain *dummy_chain;
+
+	/*
+	 * We need to determine the total key bytes as the key locations
+	 * depend on it.
+	 */
+	total_key_bytes = 0;
+	for (dummy_chain = cipher_chain;
+	    dummy_chain != NULL;
+	    dummy_chain = dummy_chain->next) {
+		total_key_bytes += dummy_chain->cipher->klen;
+	}
+
+	/*
+	 * Now we need to get prepare the keys, as the keys are in
+	 * forward order with respect to the cipher cascade, but
+	 * the actual decryption is in reverse cipher cascade order.
+	 */
+	used_key_bytes = 0;
+	for (dummy_chain = cipher_chain;
+	    dummy_chain != NULL;
+	    dummy_chain = dummy_chain->next) {
+		dummy_chain->key = alloc_safe_mem(dummy_chain->cipher->klen);
+		if (dummy_chain->key == NULL) {
+			tc_log(1, "tc_decrypt: Could not allocate key "
+			    "memory\n");
+			return ENOMEM;
+		}
+
+		/* XXX: here we assume XTS operation! */
+		memcpy(dummy_chain->key,
+		    key + used_key_bytes/2,
+		    dummy_chain->cipher->klen/2);
+		memcpy(dummy_chain->key + dummy_chain->cipher->klen/2,
+		    key + (total_key_bytes/2) + used_key_bytes/2,
+		    dummy_chain->cipher->klen/2);
+
+		/* Remember how many key bytes we've seen */
+		used_key_bytes += dummy_chain->cipher->klen;
+	}
+
+	return 0;
+}
+
+int
+tc_cipher_chain_free_keys(struct tc_cipher_chain *cipher_chain)
+{
+	for (; cipher_chain != NULL; cipher_chain = cipher_chain->next) {
+		if (cipher_chain->key != NULL) {
+			free_safe_mem(cipher_chain->key);
+			cipher_chain->key = NULL;
+		}
+	}
+
+	return 0;
+}
+
+int
+tc_encrypt(struct tc_cipher_chain *cipher_chain, unsigned char *key,
+    unsigned char *iv,
+    unsigned char *in, int in_len, unsigned char *out)
+{
+	struct tc_cipher_chain *chain_start;
+	int err;
+
+	chain_start = cipher_chain;
+
+	if ((err = tc_cipher_chain_populate_keys(cipher_chain, key)))
+		return err;
+
+#ifdef DEBUG
+	printf("tc_encrypt: starting chain\n");
+#endif
+
+	/*
+	 * Now process the actual decryption, in forward cascade order.
+	 */
+	for (;
+	    cipher_chain != NULL;
+	    cipher_chain = cipher_chain->next) {
+#ifdef DEBUG
+		printf("tc_encrypt: Currently using cipher %s\n",
+		    cipher_chain->cipher->name);
+#endif
+
+		err = syscrypt(cipher_chain->cipher, cipher_chain->key,
+		    cipher_chain->cipher->klen, iv, in, out, in_len, 1);
+
+		/* Deallocate this key, since we won't need it anymore */
+		free_safe_mem(cipher_chain->key);
+		cipher_chain->key = NULL;
+
+		if (err != 0) {
+			tc_cipher_chain_free_keys(chain_start);
+			return err;
+		}
+
+		/* Set next input buffer as current output buffer */
+		in = out;
+	}
+
+	tc_cipher_chain_free_keys(chain_start);
+
+	return 0;
+}
+
+int
+tc_decrypt(struct tc_cipher_chain *cipher_chain, unsigned char *key,
+    unsigned char *iv,
+    unsigned char *in, int in_len, unsigned char *out)
+{
+	struct tc_cipher_chain *chain_start;
+	int err;
+
+	chain_start = cipher_chain;
+
+	if ((err = tc_cipher_chain_populate_keys(cipher_chain, key)))
+		return err;
+
+#ifdef DEBUG
+	printf("tc_decrypt: starting chain!\n");
+#endif
+
+	/*
+	 * Now process the actual decryption, in reverse cascade order; so
+	 * first find the last element in the chain.
+	 */
+	for (; cipher_chain->next != NULL; cipher_chain = cipher_chain->next)
+		;
+	for (;
+	    cipher_chain != NULL;
+	    cipher_chain = cipher_chain->prev) {
+#ifdef DEBUG
+		printf("tc_decrypt: Currently using cipher %s\n",
+		    cipher_chain->cipher->name);
+#endif
+
+		err = syscrypt(cipher_chain->cipher, cipher_chain->key,
+		    cipher_chain->cipher->klen, iv, in, out, in_len, 0);
+
+		/* Deallocate this key, since we won't need it anymore */
+		free_safe_mem(cipher_chain->key);
+		cipher_chain->key = NULL;
+
+		if (err != 0) {
+			tc_cipher_chain_free_keys(chain_start);
+			return err;
+		}
+
+		/* Set next input buffer as current output buffer */
+		in = out;
+	}
+
+	tc_cipher_chain_free_keys(chain_start);
+
+	return 0;
+}
+
+int
+apply_keyfiles(unsigned char *pass, size_t pass_memsz, const char *keyfiles[],
+    int nkeyfiles)
+{
+	int pl, k;
+	unsigned char *kpool;
+	unsigned char *kdata;
+	int kpool_idx;
+	size_t i, kdata_sz;
+	uint32_t crc;
+
+	if (pass_memsz < MAX_PASSSZ) {
+		tc_log(1, "Not enough memory for password manipluation\n");
+		return ENOMEM;
+	}
+
+	pl = strlen((char *)pass);
+	memset(pass+pl, 0, MAX_PASSSZ-pl);
+
+	if ((kpool = alloc_safe_mem(KPOOL_SZ)) == NULL) {
+		tc_log(1, "Error allocating memory for keyfile pool\n");
+		return ENOMEM;
+	}
+
+	memset(kpool, 0, KPOOL_SZ);
+
+	for (k = 0; k < nkeyfiles; k++) {
+#ifdef DEBUG
+		printf("Loading keyfile %s into kpool\n", keyfiles[k]);
+#endif
+		kpool_idx = 0;
+		crc = ~0U;
+		kdata_sz = MAX_KFILE_SZ;
+
+		if ((kdata = read_to_safe_mem(keyfiles[k], 0, &kdata_sz)) == NULL) {
+			tc_log(1, "Error reading keyfile %s content\n",
+			    keyfiles[k]);
+			free_safe_mem(kpool);
+			return EIO;
+		}
+
+		for (i = 0; i < kdata_sz; i++) {
+			crc = crc32_intermediate(crc, kdata[i]);
+
+			kpool[kpool_idx++] += (unsigned char)(crc >> 24);
+			kpool[kpool_idx++] += (unsigned char)(crc >> 16);
+			kpool[kpool_idx++] += (unsigned char)(crc >> 8);
+			kpool[kpool_idx++] += (unsigned char)(crc);
+
+			/* Wrap around */
+			if (kpool_idx == KPOOL_SZ)
+				kpool_idx = 0;
+		}
+
+		free_safe_mem(kdata);
+	}
+
+#ifdef DEBUG
+	printf("Applying kpool to passphrase\n");
+#endif
+	/* Apply keyfile pool to passphrase */
+	for (i = 0; i < KPOOL_SZ; i++)
+		pass[i] += kpool[i];
+
+	free_safe_mem(kpool);
+
+	return 0;
+}

Added: soc2012/vchan/gtcp/bwalex-tc-play/generic_xts.c
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ soc2012/vchan/gtcp/bwalex-tc-play/generic_xts.c	Mon Jun 18 17:31:44 2012	(r237896)
@@ -0,0 +1,175 @@
+/*
+ * Copyright (C) 2008, Damien Miller
+ * Copyright (C) 2011, Alex Hornung
+ *
+ * Permission to use, copy, and modify this software with or without fee
+ * is hereby granted, provided that this entire notice is included in
+ * all copies of any software which is or includes a copy or
+ * modification of this software.
+ * You may use this code under the GNU public license if you so wish. Please
+ * contribute changes back to the authors under this freer than GPL license
+ * so that we may further the use of strong encryption without limitations to
+ * all.
+ *
+ * THIS SOFTWARE IS BEING PROVIDED "AS IS", WITHOUT ANY EXPRESS OR
+ * IMPLIED WARRANTY. IN PARTICULAR, NONE OF THE AUTHORS MAKES ANY
+ * REPRESENTATION OR WARRANTY OF ANY KIND CONCERNING THE
+ * MERCHANTABILITY OF THIS SOFTWARE OR ITS FITNESS FOR ANY PARTICULAR
+ * PURPOSE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <inttypes.h>
+
+#include "tcplay.h"
+#include "generic_xts.h"
+
+
+
+static int

*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***