summaryrefslogtreecommitdiff
path: root/sys/src/cmd/cryptsetup
diff options
context:
space:
mode:
authorcinap_lenrek <cinap_lenrek@felloff.net>2016-10-24 20:56:11 +0200
committercinap_lenrek <cinap_lenrek@felloff.net>2016-10-24 20:56:11 +0200
commit234137bce39a03eab02044234c8f970498ccc5b0 (patch)
tree85e2d2707d34ac7f19ee0f7c6b23ea309701b470 /sys/src/cmd/cryptsetup
parentf3feafc476ff108231dd6e0e3ac3cd420a62a81c (diff)
fix bugs and cleanup cryptsetup code
devfs: - fix memory leak in devfs leaking the aes key - allocate aes-xts cipher state in secure memory - actually check if the hexkey got fully parsed cryptsetup: - get rid of stupid "type YES" prompt - use genrandom() to generate salts and keys - rewrite cryptsetup to use common pbkdf2 and readcons routines - fix alot of error handling and simplify the code - move cryptsetup command to disk/cryptsetup - update cryptsetup(8) manual page
Diffstat (limited to 'sys/src/cmd/cryptsetup')
-rw-r--r--sys/src/cmd/cryptsetup/crypt.h14
-rw-r--r--sys/src/cmd/cryptsetup/cryptsetup.c189
-rw-r--r--sys/src/cmd/cryptsetup/mkfile10
-rw-r--r--sys/src/cmd/cryptsetup/pbkdf2.c77
-rw-r--r--sys/src/cmd/cryptsetup/readcons.c77
5 files changed, 0 insertions, 367 deletions
diff --git a/sys/src/cmd/cryptsetup/crypt.h b/sys/src/cmd/cryptsetup/crypt.h
deleted file mode 100644
index 314077a31..000000000
--- a/sys/src/cmd/cryptsetup/crypt.h
+++ /dev/null
@@ -1,14 +0,0 @@
-// Author Taru Karttunen <taruti@taruti.net>
-// This file can be used as both Public Domain or Creative Commons CC0.
-#include <libsec.h>
-
-typedef struct {
- unsigned char Salt[16];
- unsigned char Key[32];
-} Slot;
-
-typedef struct {
- unsigned char Master[32];
- Slot Slots[8];
- AESstate C1, C2;
-} XtsState;
diff --git a/sys/src/cmd/cryptsetup/cryptsetup.c b/sys/src/cmd/cryptsetup/cryptsetup.c
deleted file mode 100644
index 13f9a3a4b..000000000
--- a/sys/src/cmd/cryptsetup/cryptsetup.c
+++ /dev/null
@@ -1,189 +0,0 @@
-// Author Taru Karttunen <taruti@taruti.net>
-// This file can be used as both Public Domain or Creative Commons CC0.
-#include <u.h>
-#include <libc.h>
-#include "crypt.h"
-
-void format(char *file[]);
-void copen(char *file[], int);
-char*readcons(char *prompt, char *def, int raw, char *buf, int nbuf);
-int pkcs5_pbkdf2(const unsigned char *pass, int pass_len, const unsigned char *salt, int salt_len, unsigned char *key, int key_len, int rounds);
-
-void
-usage(void)
-{
- print("usage: \ncryptsetup -f files \t\t# Format file or device\ncryptsetup -o files \t\t# Print commandline for open\ncryptsetup -i files\t\t# Install (open) files\n");
- exits("usage");
-}
-
-enum
-{
- NoMode,
- Format,
- Open,
- Install,
-};
-
-
-void
-main(int argc, char *argv[])
-{
- int mode;
-
- mode = 0;
-
- ARGBEGIN {
- default:
- usage();
- case 'f':
- mode = Format;
- break;
- case 'o':
- mode = Open;
- break;
- case 'i':
- mode = Install;
- break;
- } ARGEND;
-
- if((mode == NoMode) || (argc < 1))
- usage();
-
- switch(mode) {
- case Format:
- format(argv);
- break;
- case Install:
- case Open:
- copen(argv, mode);
- break;
- }
-}
-
-void
-format(char *files[])
-{
- char trand[48], pass1[64], pass2[64];
- unsigned char tkey[16], tivec[16], buf[64*1024];
- XtsState s;
- AESstate cbc;
- int i,j, fd;
-
- do {
- readcons("password", nil, 1, pass1, 64);
- readcons("confirm", nil, 1, pass2, 64);
- } while(strcmp(pass1, pass2) != 0);
-
- do {
- readcons("Are you sure you want to delete all data? (YES to procees)", nil, 0, (char*)buf, 4);
- } while(strcmp((char*)buf, "YES") != 0);
-
- srand(truerand());
-
- for(;*files;files++) {
-
- for(i = 0; i < 16*4096; i++)
- buf[i] = rand();
-
- for(i = 0; i < 48; i+=4)
- *((unsigned*)&trand[i]) = truerand();
- memcpy(s.Master, trand, 32);
- memcpy(s.Slots[0].Salt, trand+32, 16);
-
- pkcs5_pbkdf2((unsigned char*)pass1, strlen(pass1), s.Slots[0].Salt, 16, (unsigned char*)tkey, 16, 9999);
- memset(tivec, 0, 16);
- setupAESstate(&cbc, tkey, 16, tivec);
- memcpy(s.Slots[0].Key, s.Master, 32);
- aesCBCencrypt(s.Slots[0].Key, 32, &cbc);
-
- for(i=0; i<16; i++)
- for(j=0; j<8; j++) {
- buf[(4096*i)] = 1;
- buf[(4096*i)+(4*j)+1] = s.Slots[j].Salt[i];
- buf[(4096*i)+(4*j)+2] = s.Slots[j].Key[i];
- buf[(4096*i)+(4*j)+3] = s.Slots[j].Key[i+16];
- }
-
- if((fd = open(*files, OWRITE)) < 0)
- exits("Cannot open disk ");
-
- /* make the pad for checking crypto */
- for(i=0; i<8; i++) {
- buf[(64*1024)-8+i] = ~buf[(64*1024)-16+i];
- }
- memset(tivec, 0, 16);
- setupAESstate(&cbc, s.Master, 16, tivec);
- aes_encrypt(cbc.ekey, cbc.rounds, &buf[(64*1024)-16], &buf[(64*1024)-16]);
-
- write(fd, buf, 16*4096);
-
- print("Disk %s written\n", *files);
- }
-}
-
-void copen(char *files[], int mode) {
- unsigned char pass[32], buf[1024*64], tkey[16], tivec[16], cbuf[16];
- XtsState s;
- int i,j,fd, oldpass;
- AESstate cbc;
- char *base, fdpath[1024];
-
- oldpass = 0;
- for(;*files; files++) {
- if((fd = open(*files, OREAD)) < 0)
- exits("Cannot open disk");
-
- if(read(fd, buf, 1024*64) != 1024*64)
- exits("Cannot read disk");
-
- openpass:
- for(i=0; i<16; i++)
- for(j=0; j<8; j++) {
- s.Slots[j].Salt[i] = buf[(4096*i)+(4*j)+1];
- s.Slots[j].Key[i] = buf[(4096*i)+(4*j)+2];
- s.Slots[j].Key[i+16] = buf[(4096*i)+(4*j)+3];
- }
-
- if(!oldpass)
- readcons("Password", nil, 1, (char*)pass, 32);
-
- memcpy(s.Master, s.Slots[0].Key, 32);
-
- pkcs5_pbkdf2(pass, strlen((char*)pass), s.Slots[0].Salt, 16, tkey, 16, 9999);
- memset(tivec, 0, 16);
- setupAESstate(&cbc, tkey, 16, tivec);
- aesCBCdecrypt(s.Master, 32, &cbc);
-
- memset(tivec, 0, 16);
- setupAESstate(&cbc, s.Master, 16, tivec);
-
- memcpy(cbuf, &buf[(64*1024)-16], 16);
- aes_decrypt(cbc.dkey, cbc.rounds, cbuf, cbuf);
-
- /* make the pad for checking crypto */
- for(i=0; i<8; i++)
- if((cbuf[i] ^ cbuf[i+8]) != 255) {
- oldpass=0;
- goto openpass;
- }
-
- base = utfrrune(*files, '/');
- fd2path(fd, fdpath, 1024);
- j = sprint((char*)buf, "crypt %s %s ", base ? base+1 : *files, fdpath);
-
- for(i=0; i<32; i++) {
- sprint((char*)&buf[j], "%02X", s.Master[i]);
- j += 2;
- }
- buf[j++] = '\n';
- close(fd);
- if(mode == Install) {
- fd = open("/dev/fs/ctl", OWRITE);
- write(fd, buf, j);
- close(fd);
- } else {
- write(1, buf, j);
- }
- oldpass=1;
- }
-} \ No newline at end of file
diff --git a/sys/src/cmd/cryptsetup/mkfile b/sys/src/cmd/cryptsetup/mkfile
deleted file mode 100644
index 7dc3ede08..000000000
--- a/sys/src/cmd/cryptsetup/mkfile
+++ /dev/null
@@ -1,10 +0,0 @@
-</$objtype/mkfile
-
-BIN=/$objtype/bin
-TARG=cryptsetup
-OFILES=\
- cryptsetup.$O\
- readcons.$O\
- pbkdf2.$O\
-
-</sys/src/cmd/mkone
diff --git a/sys/src/cmd/cryptsetup/pbkdf2.c b/sys/src/cmd/cryptsetup/pbkdf2.c
deleted file mode 100644
index e1b0f4e89..000000000
--- a/sys/src/cmd/cryptsetup/pbkdf2.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* $OpenBSD: pbkdf2.c,v 1.1 2008/06/14 06:28:27 djm Exp $ */
-
-/*-
- * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <u.h>
-#include <libc.h>
-#include <mp.h>
-#include <libsec.h>
-#define DS DigestState /* only to abbreviate SYNOPSIS */
-#define SHA1_DIGEST_LENGTH 20
-#define MIN(a,b) ((a < b) ? a : b)
-
-/*
- * Password-Based Key Derivation Function 2 (PKCS #5 v2.0).
- * Code based on IEEE Std 802.11-2007, Annex H.4.2.
- */
-int
-pkcs5_pbkdf2(const unsigned char *pass, int pass_len, const unsigned char *salt, int salt_len,
- unsigned char *key, int key_len, int rounds)
-{
- unsigned char *asalt, obuf[SHA1_DIGEST_LENGTH];
- unsigned char d1[SHA1_DIGEST_LENGTH], d2[SHA1_DIGEST_LENGTH];
- unsigned i, j;
- unsigned count;
- unsigned r;
-
- if (rounds < 1 || key_len == 0)
- return -1;
- if (salt_len == 0)
- return -1;
- if ((asalt = malloc(salt_len + 4)) == nil)
- return -1;
-
- memcpy(asalt, salt, salt_len);
-
- for (count = 1; key_len > 0; count++) {
- asalt[salt_len + 0] = (count >> 24) & 0xff;
- asalt[salt_len + 1] = (count >> 16) & 0xff;
- asalt[salt_len + 2] = (count >> 8) & 0xff;
- asalt[salt_len + 3] = count & 0xff;
- hmac_sha1(asalt, salt_len + 4, pass, pass_len, d1, nil);
- memcpy(obuf, d1, sizeof(obuf));
-
- for (i = 1; i < rounds; i++) {
- hmac_sha1(d1, sizeof(d1), pass, pass_len, d2, nil);
- memcpy(d1, d2, sizeof(d1));
- for (j = 0; j < sizeof(obuf); j++)
- obuf[j] ^= d1[j];
- }
-
- r = MIN(key_len, SHA1_DIGEST_LENGTH);
- memcpy(key, obuf, r);
- key += r;
- key_len -= r;
- };
- memset(asalt, 0, salt_len + 4);
- free(asalt);
- memset(d1, 0, sizeof(d1));
- memset(d2, 0, sizeof(d2));
- memset(obuf, 0, sizeof(obuf));
-
- return 0;
-}
diff --git a/sys/src/cmd/cryptsetup/readcons.c b/sys/src/cmd/cryptsetup/readcons.c
deleted file mode 100644
index cc2926cf0..000000000
--- a/sys/src/cmd/cryptsetup/readcons.c
+++ /dev/null
@@ -1,77 +0,0 @@
-/* From /sys/src/libauthsrv/readnvram.c, LPL licensed */
-#include <u.h>
-#include <libc.h>
-
-
-char*
-readcons(char *prompt, char *def, int raw, char *buf, int nbuf)
-{
- int fdin, fdout, ctl, n, m;
- char line[10];
-
- fdin = open("/dev/cons", OREAD);
- if(fdin < 0)
- fdin = 0;
- fdout = open("/dev/cons", OWRITE);
- if(fdout < 0)
- fdout = 1;
- if(def != nil)
- fprint(fdout, "%s[%s]: ", prompt, def);
- else
- fprint(fdout, "%s: ", prompt);
- if(raw){
- ctl = open("/dev/consctl", OWRITE);
- if(ctl >= 0)
- write(ctl, "rawon", 5);
- } else
- ctl = -1;
-
- m = 0;
- for(;;){
- n = read(fdin, line, 1);
- if(n == 0){
- close(ctl);
- werrstr("readcons: EOF");
- return nil;
- }
- if(n < 0){
- close(ctl);
- werrstr("can't read cons");
- return nil;
- }
- if(line[0] == 0x7f)
- exits(0);
- if(n == 0 || line[0] == '\n' || line[0] == '\r'){
- if(raw){
- write(ctl, "rawoff", 6);
- write(fdout, "\n", 1);
- close(ctl);
- }
- buf[m] = '\0';
- if(buf[0]=='\0' && def)
- strcpy(buf, def);
- return buf;
- }
- if(line[0] == '\b'){
- if(m > 0)
- m--;
- }else if(line[0] == 0x15){ /* ^U: line kill */
- m = 0;
- if(def != nil)
- fprint(fdout, "%s[%s]: ", prompt, def);
- else
- fprint(fdout, "%s: ", prompt);
- }else{
- if(m >= nbuf-1){
- fprint(fdout, "line too long\n");
- m = 0;
- if(def != nil)
- fprint(fdout, "%s[%s]: ", prompt, def);
- else
- fprint(fdout, "%s: ", prompt);
- }else
- buf[m++] = line[0];
- }
- }
-}
-
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 19:07:15 +0000