Constify input to the arc4 seed function.
Implement the lockfile hunting in sector zero. Sponsored by: DARPA & NAI Labs.
This commit is contained in:
parent
9d649c1fd0
commit
8e91949016
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=105512
@ -91,6 +91,7 @@ struct g_bde_key {
|
|||||||
/* Physical offsets */
|
/* Physical offsets */
|
||||||
uint32_t sectorsize;
|
uint32_t sectorsize;
|
||||||
uint32_t flags;
|
uint32_t flags;
|
||||||
|
/* 1 = lockfile in sector 0 */
|
||||||
uint8_t hash[16];
|
uint8_t hash[16];
|
||||||
uint8_t spare[48];
|
uint8_t spare[48];
|
||||||
uint8_t key[G_BDE_MKEYLEN];
|
uint8_t key[G_BDE_MKEYLEN];
|
||||||
@ -135,7 +136,7 @@ void g_bde_encode_lock(struct g_bde_key *gl, u_char *ptr);
|
|||||||
void g_bde_decode_lock(struct g_bde_key *gl, u_char *ptr);
|
void g_bde_decode_lock(struct g_bde_key *gl, u_char *ptr);
|
||||||
u_char g_bde_arc4(struct g_bde_softc *sc);
|
u_char g_bde_arc4(struct g_bde_softc *sc);
|
||||||
void g_bde_arc4_seq(struct g_bde_softc *sc, void *ptr, u_int len);
|
void g_bde_arc4_seq(struct g_bde_softc *sc, void *ptr, u_int len);
|
||||||
void g_bde_arc4_seed(struct g_bde_softc *sc, void *ptr, u_int len);
|
void g_bde_arc4_seed(struct g_bde_softc *sc, const void *ptr, u_int len);
|
||||||
int g_bde_keyloc_encrypt(struct g_bde_softc *sc, void *input, void *output);
|
int g_bde_keyloc_encrypt(struct g_bde_softc *sc, void *input, void *output);
|
||||||
int g_bde_keyloc_decrypt(struct g_bde_softc *sc, void *input, void *output);
|
int g_bde_keyloc_decrypt(struct g_bde_softc *sc, void *input, void *output);
|
||||||
int g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *sbox, u_char *meta, off_t mediasize, u_int sectorsize, u_int *nkey);
|
int g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *sbox, u_char *meta, off_t mediasize, u_int sectorsize, u_int *nkey);
|
||||||
|
@ -143,9 +143,10 @@ g_bde_arc4_seq(struct g_bde_softc *sc, void *ptr, u_int len)
|
|||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
g_bde_arc4_seed(struct g_bde_softc *sc, void *ptr, u_int len)
|
g_bde_arc4_seed(struct g_bde_softc *sc, const void *ptr, u_int len)
|
||||||
{
|
{
|
||||||
u_char k[256], *p, c;
|
u_char k[256], c;
|
||||||
|
const u_char *p;
|
||||||
u_int i;
|
u_int i;
|
||||||
|
|
||||||
p = ptr;
|
p = ptr;
|
||||||
@ -180,6 +181,8 @@ g_bde_keyloc_encrypt(struct g_bde_softc *sc, void *input, void *output)
|
|||||||
keyInstance ki;
|
keyInstance ki;
|
||||||
cipherInstance ci;
|
cipherInstance ci;
|
||||||
|
|
||||||
|
bcopy(input, output, 16);
|
||||||
|
return 0;
|
||||||
rijndael_cipherInit(&ci, MODE_CBC, NULL);
|
rijndael_cipherInit(&ci, MODE_CBC, NULL);
|
||||||
p = input;
|
p = input;
|
||||||
g_bde_arc4_seq(sc, buf, sizeof buf);
|
g_bde_arc4_seq(sc, buf, sizeof buf);
|
||||||
@ -189,6 +192,7 @@ g_bde_keyloc_encrypt(struct g_bde_softc *sc, void *input, void *output)
|
|||||||
rijndael_makeKey(&ki, DIR_ENCRYPT, G_BDE_KKEYBITS, buf);
|
rijndael_makeKey(&ki, DIR_ENCRYPT, G_BDE_KKEYBITS, buf);
|
||||||
rijndael_blockEncrypt(&ci, &ki, buf1, 16 * 8, output);
|
rijndael_blockEncrypt(&ci, &ki, buf1, 16 * 8, output);
|
||||||
bzero(&ci, sizeof ci);
|
bzero(&ci, sizeof ci);
|
||||||
|
bzero(&ki, sizeof ki);
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -201,6 +205,8 @@ g_bde_keyloc_decrypt(struct g_bde_softc *sc, void *input, void *output)
|
|||||||
keyInstance ki;
|
keyInstance ki;
|
||||||
cipherInstance ci;
|
cipherInstance ci;
|
||||||
|
|
||||||
|
bcopy(input, output, 16);
|
||||||
|
return 0;
|
||||||
rijndael_cipherInit(&ci, MODE_CBC, NULL);
|
rijndael_cipherInit(&ci, MODE_CBC, NULL);
|
||||||
g_bde_arc4_seq(sc, buf1, sizeof buf1);
|
g_bde_arc4_seq(sc, buf1, sizeof buf1);
|
||||||
g_bde_arc4_seq(sc, buf2, sizeof buf2);
|
g_bde_arc4_seq(sc, buf2, sizeof buf2);
|
||||||
@ -210,15 +216,16 @@ g_bde_keyloc_decrypt(struct g_bde_softc *sc, void *input, void *output)
|
|||||||
for (i = 0; i < sizeof buf1; i++)
|
for (i = 0; i < sizeof buf1; i++)
|
||||||
p[i] ^= buf1[i];
|
p[i] ^= buf1[i];
|
||||||
bzero(&ci, sizeof ci);
|
bzero(&ci, sizeof ci);
|
||||||
|
bzero(&ki, sizeof ki);
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Encode/Decode lock sectors.
|
* Encode/Decode lock sectors, do the real work.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
int
|
static int
|
||||||
g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *sbox, u_char *meta, off_t mediasize, u_int sectorsize, u_int *nkey)
|
g_bde_decrypt_lockx(struct g_bde_softc *sc, u_char *sbox, u_char *meta, off_t mediasize, u_int sectorsize, u_int *nkey)
|
||||||
{
|
{
|
||||||
u_char *buf, k1buf[16], k2buf[G_BDE_LOCKSIZE], k3buf[16], *q;
|
u_char *buf, k1buf[16], k2buf[G_BDE_LOCKSIZE], k3buf[16], *q;
|
||||||
struct g_bde_key *gl;
|
struct g_bde_key *gl;
|
||||||
@ -239,7 +246,7 @@ g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *sbox, u_char *meta, off_t med
|
|||||||
|
|
||||||
if (off[0] + G_BDE_LOCKSIZE > (uint64_t)mediasize) {
|
if (off[0] + G_BDE_LOCKSIZE > (uint64_t)mediasize) {
|
||||||
bzero(off, sizeof off);
|
bzero(off, sizeof off);
|
||||||
return (ESRCH);
|
return (EINVAL);
|
||||||
}
|
}
|
||||||
off[1] = 0;
|
off[1] = 0;
|
||||||
m = 1;
|
m = 1;
|
||||||
@ -256,7 +263,7 @@ g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *sbox, u_char *meta, off_t med
|
|||||||
q = buf + off[0] % sectorsize;
|
q = buf + off[0] % sectorsize;
|
||||||
|
|
||||||
off[1] = 0;
|
off[1] = 0;
|
||||||
for (i = 0; i < (int)sizeof(*gl); i++)
|
for (i = 0; i < G_BDE_LOCKSIZE; i++)
|
||||||
off[1] += q[i];
|
off[1] += q[i];
|
||||||
|
|
||||||
if (off[1] == 0) {
|
if (off[1] == 0) {
|
||||||
@ -287,7 +294,7 @@ g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *sbox, u_char *meta, off_t med
|
|||||||
bzero(buf, sectorsize * m);
|
bzero(buf, sectorsize * m);
|
||||||
g_free(buf);
|
g_free(buf);
|
||||||
off[0] = 0;
|
off[0] = 0;
|
||||||
return (ESRCH);
|
return (ENOTDIR);
|
||||||
}
|
}
|
||||||
bzero(k1buf, sizeof k1buf);
|
bzero(k1buf, sizeof k1buf);
|
||||||
|
|
||||||
@ -309,3 +316,38 @@ g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *sbox, u_char *meta, off_t med
|
|||||||
|
|
||||||
return (0);
|
return (0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Encode/Decode lock sectors.
|
||||||
|
*/
|
||||||
|
|
||||||
|
int
|
||||||
|
g_bde_decrypt_lock(struct g_bde_softc *sc, u_char *sbox, u_char *meta, off_t mediasize, u_int sectorsize, u_int *nkey)
|
||||||
|
{
|
||||||
|
u_char *buf, buf1[16];
|
||||||
|
int error, e, i;
|
||||||
|
|
||||||
|
bzero(buf1, sizeof buf1);
|
||||||
|
if (bcmp(buf1, meta, sizeof buf1))
|
||||||
|
return (g_bde_decrypt_lockx(sc, sbox, meta, mediasize,
|
||||||
|
sectorsize, nkey));
|
||||||
|
|
||||||
|
buf = g_read_data(sc->consumer, 0, sectorsize, &error);
|
||||||
|
if (buf == NULL)
|
||||||
|
return(error);
|
||||||
|
error = 0;
|
||||||
|
for (i = 0; i < G_BDE_MAXKEYS; i++) {
|
||||||
|
e = g_bde_decrypt_lockx(sc, sbox, buf + i * 16, mediasize,
|
||||||
|
sectorsize, nkey);
|
||||||
|
if (e == 0 || e == ENOENT) {
|
||||||
|
error = e;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (e == ESRCH)
|
||||||
|
error = ENOTDIR;
|
||||||
|
else if (e != 0)
|
||||||
|
error = e;
|
||||||
|
}
|
||||||
|
g_free(buf);
|
||||||
|
return (error);
|
||||||
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user