git: 8d2d1d651678 - main - Remove GBDE source files
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 07 May 2024 07:40:45 UTC
The branch main has been updated by phk:
URL: https://cgit.FreeBSD.org/src/commit/?id=8d2d1d651678178aa7f24f0530347f860423fd9e
commit 8d2d1d651678178aa7f24f0530347f860423fd9e
Author: Poul-Henning Kamp <phk@FreeBSD.org>
AuthorDate: 2024-05-07 07:31:09 +0000
Commit: Poul-Henning Kamp <phk@FreeBSD.org>
CommitDate: 2024-05-07 07:31:09 +0000
Remove GBDE source files
---
sbin/gbde/Makefile | 31 -
sbin/gbde/Makefile.depend | 18 -
sbin/gbde/gbde.8 | 271 ----
sbin/gbde/gbde.c | 895 ------------
sbin/gbde/image.uu | 3304 --------------------------------------------
sbin/gbde/template.txt | 31 -
sbin/gbde/test.sh | 66 -
sys/geom/bde/g_bde.c | 296 ----
sys/geom/bde/g_bde.h | 215 ---
sys/geom/bde/g_bde_crypt.c | 358 -----
sys/geom/bde/g_bde_lock.c | 478 -------
sys/geom/bde/g_bde_work.c | 778 -----------
12 files changed, 6741 deletions(-)
diff --git a/sbin/gbde/Makefile b/sbin/gbde/Makefile
deleted file mode 100644
index 8c84781fc4ed..000000000000
--- a/sbin/gbde/Makefile
+++ /dev/null
@@ -1,31 +0,0 @@
-
-PACKAGE=geom
-PROG= gbde
-SRCS= gbde.c template.c
-SRCS+= rijndael-alg-fst.c
-SRCS+= rijndael-api-fst.c
-SRCS+= g_bde_lock.c
-
-# rijndael-fst.c does evil casting things which can results in warnings,
-# the test-vectors check out however, so it works right.
-NO_WCAST_ALIGN=
-NO_WMISSING_VARIABLE_DECLARATIONS=
-
-CFLAGS+= -I${SRCTOP}/sys
-.PATH: ${SRCTOP}/sys/geom/bde \
- ${SRCTOP}/sys/crypto/rijndael \
- ${SRCTOP}/sys/crypto/sha2
-
-CLEANFILES+= template.c
-
-MAN= gbde.8
-LIBADD= md util geom
-
-template.c: template.txt
- file2c 'const char template[] = {' ',0};' \
- < ${.CURDIR}/template.txt > template.c
-
-test: ${PROG}
- sh ${.CURDIR}/test.sh ${.CURDIR}
-
-.include <bsd.prog.mk>
diff --git a/sbin/gbde/Makefile.depend b/sbin/gbde/Makefile.depend
deleted file mode 100644
index 2edf986e595a..000000000000
--- a/sbin/gbde/Makefile.depend
+++ /dev/null
@@ -1,18 +0,0 @@
-# Autogenerated - do NOT edit!
-
-DIRDEPS = \
- include \
- include/xlocale \
- lib/${CSU_DIR} \
- lib/libc \
- lib/libcompiler_rt \
- lib/libgeom \
- lib/libmd \
- lib/libutil \
-
-
-.include <dirdeps.mk>
-
-.if ${DEP_RELDIR} == ${_DEP_RELDIR}
-# local dependencies - needed for -jN in clean tree
-.endif
diff --git a/sbin/gbde/gbde.8 b/sbin/gbde/gbde.8
deleted file mode 100644
index 1f3d41017307..000000000000
--- a/sbin/gbde/gbde.8
+++ /dev/null
@@ -1,271 +0,0 @@
-.\"
-.\" Copyright (c) 2002 Poul-Henning Kamp
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
-.\" All rights reserved.
-.\"
-.\" This software was developed for the FreeBSD Project by Poul-Henning Kamp
-.\" and NAI Labs, the Security Research Division of Network Associates, Inc.
-.\" under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
-.\" DARPA CHATS research program.
-.\"
-.\" Redistribution and use in source and binary forms, with or without
-.\" modification, are permitted provided that the following conditions
-.\" are met:
-.\" 1. Redistributions of source code must retain the above copyright
-.\" notice, this list of conditions and the following disclaimer.
-.\" 2. Redistributions in binary form must reproduce the above copyright
-.\" notice, this list of conditions and the following disclaimer in the
-.\" documentation and/or other materials provided with the distribution.
-.\"
-.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-.\" SUCH DAMAGE.
-.\"
-.Dd October 3, 2016
-.Dt GBDE 8
-.Os
-.Sh NAME
-.Nm gbde
-.Nd operation and management utility for Geom Based Disk Encryption
-.Sh SYNOPSIS
-.Nm
-.Cm attach
-.Ar destination
-.Op Fl k Ar keyfile
-.Op Fl l Ar lockfile
-.Op Fl p Ar pass-phrase
-.Nm
-.Cm detach
-.Ar destination
-.Nm
-.Cm init
-.Ar destination
-.Op Fl i
-.Op Fl f Ar filename
-.Op Fl K Ar new-keyfile
-.Op Fl L Ar new-lockfile
-.Op Fl P Ar new-pass-phrase
-.Nm
-.Cm setkey
-.Ar destination
-.Op Fl n Ar key
-.Op Fl k Ar keyfile
-.Op Fl l Ar lockfile
-.Op Fl p Ar pass-phrase
-.Op Fl K Ar new-keyfile
-.Op Fl L Ar new-lockfile
-.Op Fl P Ar new-pass-phrase
-.Nm
-.Cm nuke
-.Ar destination
-.Op Fl n Ar key
-.Op Fl k Ar keyfile
-.Op Fl l Ar lockfile
-.Op Fl p Ar pass-phrase
-.Nm
-.Cm destroy
-.Ar destination
-.Op Fl k Ar keyfile
-.Op Fl l Ar lockfile
-.Op Fl p Ar pass-phrase
-.Sh DESCRIPTION
-.Bf -symbolic
-NOTICE:
-Please be aware that this code has not yet received much review
-and analysis by qualified cryptographers and therefore should be considered
-a slightly suspect experimental facility.
-.Pp
-We cannot at this point guarantee that the on-disk format will not change
-in response to reviews or bug-fixes, so potential users are advised to
-be prepared that
-.Xr dump 8 Ns / Ns
-.Xr restore 8
-based migrations may be called for in the future.
-.Ef
-.Pp
-The
-.Nm
-utility is the only official operation and management interface for the
-.Xr gbde 4
-.Tn GEOM
-based disk encryption kernel facility.
-The interaction between the
-.Nm
-utility and the kernel part is not a published interface.
-.Pp
-The operational aspect consists of two subcommands:
-one to open and attach
-a device to the in-kernel cryptographic
-.Nm
-module
-.Pq Cm attach ,
-and one to close and detach a device
-.Pq Cm detach .
-.Pp
-The management part allows initialization of the master key and lock sectors
-on a device
-.Pq Cm init ,
-initialization and replacement of pass-phrases
-.Pq Cm setkey ,
-and key invalidation
-.Pq Cm nuke
-and blackening
-.Pq Cm destroy
-functions.
-.Pp
-The
-.Fl l Ar lockfile
-argument is used to supply the lock selector data.
-If no
-.Fl l
-option is specified, the first sector is used for this purpose.
-.Pp
-The
-.Fl L Ar new-lockfile
-argument
-specifies the lock selector file for the key
-initialized with the
-.Cm init
-subcommand
-or modified with the
-.Cm setkey
-subcommand.
-.Pp
-The
-.Fl n Ar key
-argument can be used to specify to which of the four keys
-the operation applies.
-A value of 1 to 4 selects the specified key, a value of 0 (the default)
-means
-.Dq "this key"
-(i.e., the key used to gain access to the device)
-and a value of \-1 means
-.Dq "all keys" .
-.Pp
-The
-.Fl f Ar filename
-specifies an optional parameter file for use under initialization.
-.Pp
-Alternatively, the
-.Fl i
-option toggles an interactive mode where a template file with descriptions
-of the parameters can be interactively edited.
-.Pp
-The
-.Fl p Ar pass-phrase
-argument
-specifies the pass-phrase used for opening the device.
-If not specified, the controlling terminal will be used to prompt the user
-for the pass-phrase.
-Be aware that using this option may expose the pass-phrase to other
-users who happen to run
-.Xr ps 1
-or similar while the command is running.
-.Pp
-The
-.Fl P Ar new-pass-phrase
-argument
-can be used to specify the new pass-phrase to the
-.Cm init
-and
-.Cm setkey
-subcommands.
-If not specified, the user is prompted for the new pass-phrase on the
-controlling terminal.
-Be aware that using this option may expose the pass-phrase to other
-users who happen to run
-.Xr ps 1
-or similar while the command is running.
-.Pp
-The
-.Fl k Ar keyfile
-argument specifies a key file to be used in combination with the
-pass-phrase (whether the pass-phrase is specified on the command line
-or entered from the terminal) for opening the device.
-The device will only be opened if the contents of the key file and the
-pass-phrase are both correct.
-.Pp
-The
-.Fl K Ar new-keyfile
-argument can be used to specify a new key file to the
-.Cm init
-and
-.Cm setkey
-subcommands.
-If not specified, no key file will be used (even if one was previously
-used).
-.Sh EXAMPLES
-To initialize a device, using default parameters:
-.Pp
-.Dl "gbde init /dev/ada0s1f -L /etc/ada0s1f.lock"
-.Pp
-To attach an encrypted device:
-.Pp
-.Dl "gbde attach ada0s1f -l /etc/ada0s1f.lock"
-.Pp
-The encrypted device has the suffix
-.Pa .bde
-so a typical
-command to create and mount a file system would be:
-.Pp
-.Dl "newfs /dev/ada0s1f.bde"
-.Dl "mount /dev/ada0s1f.bde /secret"
-.Pp
-To detach an encrypted device:
-.Pp
-.Dl "gbde detach ada0s1f"
-.Pp
-Please notice that detaching an encrypted device corresponds to
-physically removing it, do not forget to unmount the file system first.
-.Pp
-To initialize the second key using a detached lockfile and a trivial
-pass-phrase:
-.Pp
-.Dl "gbde setkey ada0s1f -n 2 -P foo -L key2.lockfile"
-.Pp
-To invalidate your own masterkey:
-.Pp
-.Dl "gbde nuke ada0s1f"
-.Pp
-This will overwrite your masterkey sector with zeros, and results in
-a diagnostic if you try to use the key again.
-You can also destroy the other three copies of the masterkey with the
--n argument.
-.Pp
-You can also invalidate your masterkey without leaving a tell-tale sector
-full of zeros:
-.Pp
-.Dl "gbde destroy ada0s1f"
-.Pp
-This will overwrite the information fields in your masterkey sector,
-encrypt it and write it back.
-You get a (different) diagnostic if you try to use it.
-.Sh SEE ALSO
-.Xr gbde 4 ,
-.Xr geom 4
-.Sh HISTORY
-This software was developed for the
-.Fx
-Project by
-.An Poul-Henning Kamp
-and NAI Labs, the Security Research Division of Network Associates, Inc.\&
-under DARPA/SPAWAR contract N66001-01-C-8035
-.Pq Dq CBOSS ,
-as part of the
-DARPA CHATS research program.
-.Nm
-first appeared in
-.Fx 5.0 .
-.Sh AUTHORS
-.An Poul-Henning Kamp Aq Mt phk@FreeBSD.org
-.Sh BUGS
-The cryptographic algorithms and the overall design have not been
-attacked mercilessly for over 10 years by a gang of cryptoanalysts.
diff --git a/sbin/gbde/gbde.c b/sbin/gbde/gbde.c
deleted file mode 100644
index e173bb78ad90..000000000000
--- a/sbin/gbde/gbde.c
+++ /dev/null
@@ -1,895 +0,0 @@
-/*-
- * SPDX-License-Identifier: BSD-2-Clause
- *
- * Copyright (c) 2002 Poul-Henning Kamp
- * Copyright (c) 2002 Networks Associates Technology, Inc.
- * All rights reserved.
- *
- * This software was developed for the FreeBSD Project by Poul-Henning Kamp
- * and NAI Labs, the Security Research Division of Network Associates, Inc.
- * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
- * DARPA CHATS research program.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * XXX: Future stuff
- *
- * Replace the template file options (-i & -f) with command-line variables
- * "-v property=foo"
- *
- * Introduce -e, extra entropy source (XOR with /dev/random)
- *
- * Introduce -E, alternate entropy source (instead of /dev/random)
- *
- * Introduce -i take IV from keyboard or
- *
- * Introduce -I take IV from file/cmd
- *
- * Introduce -m/-M store encrypted+encoded masterkey in file
- *
- * Introduce -k/-K get pass-phrase part from file/cmd
- *
- * Introduce -d add more dest-devices to worklist.
- *
- * Add key-option: selfdestruct bit.
- *
- * New/changed verbs:
- * "onetime" attach with onetime nonstored locksector
- * "key"/"unkey" to blast memory copy of key without orphaning
- * "nuke" blow away everything attached, crash/halt/power-off if possible.
- * "blast" destroy all copies of the masterkey
- * "destroy" destroy one copy of the masterkey
- * "backup"/"restore" of masterkey sectors.
- *
- * Make all verbs work on both attached/detached devices.
- *
- */
-
-#include <sys/types.h>
-#include <sys/queue.h>
-#include <sys/mutex.h>
-#include <md5.h>
-#include <readpassphrase.h>
-#include <string.h>
-#include <stdint.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <paths.h>
-#include <strings.h>
-#include <stdlib.h>
-#include <err.h>
-#include <stdio.h>
-#include <libutil.h>
-#include <libgeom.h>
-#include <sys/errno.h>
-#include <sys/disk.h>
-#include <sys/stat.h>
-#include <crypto/rijndael/rijndael-api-fst.h>
-#include <crypto/sha2/sha512.h>
-#include <sys/param.h>
-#include <sys/linker.h>
-
-#define GBDEMOD "geom_bde"
-#define KASSERT(foo, bar) do { if(!(foo)) { warn bar ; exit (1); } } while (0)
-
-#include <geom/geom.h>
-#include <geom/bde/g_bde.h>
-
-extern const char template[];
-
-
-#if 0
-static void
-g_hexdump(void *ptr, int length)
-{
- int i, j, k;
- unsigned char *cp;
-
- cp = ptr;
- for (i = 0; i < length; i+= 16) {
- printf("%04x ", i);
- for (j = 0; j < 16; j++) {
- k = i + j;
- if (k < length)
- printf(" %02x", cp[k]);
- else
- printf(" ");
- }
- printf(" |");
- for (j = 0; j < 16; j++) {
- k = i + j;
- if (k >= length)
- printf(" ");
- else if (cp[k] >= ' ' && cp[k] <= '~')
- printf("%c", cp[k]);
- else
- printf(".");
- }
- printf("|\n");
- }
-}
-#endif
-
-static void __dead2
-usage(void)
-{
-
- (void)fprintf(stderr,
-"usage: gbde attach destination [-k keyfile] [-l lockfile] [-p pass-phrase]\n"
-" gbde detach destination\n"
-" gbde init destination [-i] [-f filename] [-K new-keyfile]\n"
-" [-L new-lockfile] [-P new-pass-phrase]\n"
-" gbde setkey destination [-n key]\n"
-" [-k keyfile] [-l lockfile] [-p pass-phrase]\n"
-" [-K new-keyfile] [-L new-lockfile] [-P new-pass-phrase]\n"
-" gbde nuke destination [-n key]\n"
-" [-k keyfile] [-l lockfile] [-p pass-phrase]\n"
-" gbde destroy destination [-k keyfile] [-l lockfile] [-p pass-phrase]\n");
- exit(1);
-}
-
-void *
-g_read_data(struct g_consumer *cp, off_t offset, off_t length, int *error)
-{
- void *p;
- int fd, i;
- off_t o2;
-
- p = malloc(length);
- if (p == NULL)
- err(1, "malloc");
- fd = *(int *)cp;
- o2 = lseek(fd, offset, SEEK_SET);
- if (o2 != offset)
- err(1, "lseek");
- i = read(fd, p, length);
- if (i != length)
- err(1, "read");
- if (error != NULL)
- error = 0;
- return (p);
-}
-
-static void
-random_bits(void *p, u_int len)
-{
- arc4random_buf(p, len);
-}
-
-/* XXX: not nice */
-static u_char sha2[SHA512_DIGEST_LENGTH];
-
-static void
-reset_passphrase(struct g_bde_softc *sc)
-{
-
- memcpy(sc->sha2, sha2, SHA512_DIGEST_LENGTH);
-}
-
-static void
-setup_passphrase(struct g_bde_softc *sc, int sure, const char *input,
- const char *keyfile)
-{
- char buf1[BUFSIZ + SHA512_DIGEST_LENGTH];
- char buf2[BUFSIZ + SHA512_DIGEST_LENGTH];
- char *p;
- int kfd, klen, bpos = 0;
-
- if (keyfile != NULL) {
- /* Read up to BUFSIZ bytes from keyfile */
- kfd = open(keyfile, O_RDONLY, 0);
- if (kfd < 0)
- err(1, "%s", keyfile);
- klen = read(kfd, buf1, BUFSIZ);
- if (klen == -1)
- err(1, "%s", keyfile);
- close(kfd);
-
- /* Prepend the passphrase with the hash of the key read */
- g_bde_hash_pass(sc, buf1, klen);
- memcpy(buf1, sc->sha2, SHA512_DIGEST_LENGTH);
- memcpy(buf2, sc->sha2, SHA512_DIGEST_LENGTH);
- bpos = SHA512_DIGEST_LENGTH;
- }
-
- if (input != NULL) {
- if (strlen(input) >= BUFSIZ)
- errx(1, "Passphrase too long");
- strcpy(buf1 + bpos, input);
-
- g_bde_hash_pass(sc, buf1, strlen(buf1 + bpos) + bpos);
- memcpy(sha2, sc->sha2, SHA512_DIGEST_LENGTH);
- return;
- }
- for (;;) {
- p = readpassphrase(
- sure ? "Enter new passphrase:" : "Enter passphrase: ",
- buf1 + bpos, sizeof buf1 - bpos,
- RPP_ECHO_OFF | RPP_REQUIRE_TTY);
- if (p == NULL)
- err(1, "readpassphrase");
-
- if (sure) {
- p = readpassphrase("Reenter new passphrase: ",
- buf2 + bpos, sizeof buf2 - bpos,
- RPP_ECHO_OFF | RPP_REQUIRE_TTY);
- if (p == NULL)
- err(1, "readpassphrase");
-
- if (strcmp(buf1 + bpos, buf2 + bpos)) {
- printf("They didn't match.\n");
- continue;
- }
- }
- if (strlen(buf1 + bpos) < 3) {
- printf("Too short passphrase.\n");
- continue;
- }
- break;
- }
- g_bde_hash_pass(sc, buf1, strlen(buf1 + bpos) + bpos);
- memcpy(sha2, sc->sha2, SHA512_DIGEST_LENGTH);
-}
-
-static void
-encrypt_sector(void *d, int len, int klen, void *key)
-{
- keyInstance ki;
- cipherInstance ci;
- int error;
-
- error = rijndael_cipherInit(&ci, MODE_CBC, NULL);
- if (error <= 0)
- errx(1, "rijndael_cipherInit=%d", error);
- error = rijndael_makeKey(&ki, DIR_ENCRYPT, klen, key);
- if (error <= 0)
- errx(1, "rijndael_makeKeY=%d", error);
- error = rijndael_blockEncrypt(&ci, &ki, d, len * 8, d);
- if (error <= 0)
- errx(1, "rijndael_blockEncrypt=%d", error);
-}
-
-static void
-cmd_attach(const struct g_bde_softc *sc, const char *dest, const char *lfile)
-{
- int ffd;
- u_char buf[16];
- struct gctl_req *r;
- const char *errstr;
-
- r = gctl_get_handle();
- gctl_ro_param(r, "verb", -1, "create geom");
- gctl_ro_param(r, "class", -1, "BDE");
- gctl_ro_param(r, "provider", -1, dest);
- gctl_ro_param(r, "pass", SHA512_DIGEST_LENGTH, sc->sha2);
- if (lfile != NULL) {
- ffd = open(lfile, O_RDONLY, 0);
- if (ffd < 0)
- err(1, "%s", lfile);
- read(ffd, buf, 16);
- gctl_ro_param(r, "key", 16, buf);
- close(ffd);
- }
- errstr = gctl_issue(r);
- if (errstr != NULL)
- errx(1, "Attach to %s failed: %s", dest, errstr);
-
- exit (0);
-}
-
-static void
-cmd_detach(const char *dest)
-{
- struct gctl_req *r;
- const char *errstr;
- char buf[BUFSIZ];
-
- r = gctl_get_handle();
- gctl_ro_param(r, "verb", -1, "destroy geom");
- gctl_ro_param(r, "class", -1, "BDE");
- sprintf(buf, "%s.bde", dest);
- gctl_ro_param(r, "geom", -1, buf);
- /* gctl_dump(r, stdout); */
- errstr = gctl_issue(r);
- if (errstr != NULL)
- errx(1, "Detach of %s failed: %s", dest, errstr);
- exit (0);
-}
-
-static void
-cmd_open(struct g_bde_softc *sc, int dfd , const char *l_opt, u_int *nkey)
-{
- int error;
- int ffd;
- u_char keyloc[16];
- u_int sectorsize;
- off_t mediasize;
- struct stat st;
-
- error = ioctl(dfd, DIOCGSECTORSIZE, §orsize);
- if (error)
- sectorsize = 512;
- error = ioctl(dfd, DIOCGMEDIASIZE, &mediasize);
- if (error) {
- error = fstat(dfd, &st);
- if (error == 0 && S_ISREG(st.st_mode))
- mediasize = st.st_size;
- else
- error = ENOENT;
- }
- if (error)
- mediasize = (off_t)-1;
- if (l_opt != NULL) {
- ffd = open(l_opt, O_RDONLY, 0);
- if (ffd < 0)
- err(1, "%s", l_opt);
- read(ffd, keyloc, sizeof keyloc);
- close(ffd);
- } else {
- memset(keyloc, 0, sizeof keyloc);
- }
-
- error = g_bde_decrypt_lock(sc, sc->sha2, keyloc, mediasize,
- sectorsize, nkey);
- if (error == ENOENT)
- errx(1, "Lock was destroyed.");
- if (error == ESRCH)
- errx(1, "Lock was nuked.");
- if (error == ENOTDIR)
- errx(1, "Lock not found");
- if (error != 0)
- errx(1, "Error %d decrypting lock", error);
- if (nkey)
- printf("Opened with key %u\n", 1 + *nkey);
- return;
-}
-
-static void
-cmd_nuke(struct g_bde_key *gl, int dfd , int key)
-{
- int i;
- u_char *sbuf;
- off_t offset, offset2;
-
- sbuf = malloc(gl->sectorsize);
- memset(sbuf, 0, gl->sectorsize);
- offset = (gl->lsector[key] & ~(gl->sectorsize - 1));
- offset2 = lseek(dfd, offset, SEEK_SET);
- if (offset2 != offset)
- err(1, "lseek");
- i = write(dfd, sbuf, gl->sectorsize);
- free(sbuf);
- if (i != (int)gl->sectorsize)
- err(1, "write");
- printf("Nuked key %d\n", 1 + key);
-}
-
-static void
-cmd_write(struct g_bde_key *gl, struct g_bde_softc *sc, int dfd , int key, const char *l_opt)
-{
- int i, ffd;
- uint64_t off[2];
- u_char keyloc[16];
- u_char *sbuf, *q;
- off_t offset, offset2;
-
- sbuf = malloc(gl->sectorsize);
- /*
- * Find the byte-offset in the lock sector where we will put the lock
- * data structure. We can put it any random place as long as the
- * structure fits.
- */
- for(;;) {
- random_bits(off, sizeof off);
- off[0] &= (gl->sectorsize - 1);
- if (off[0] + G_BDE_LOCKSIZE > gl->sectorsize)
- continue;
- break;
- }
-
- /* Add the sector offset in bytes */
- off[0] += (gl->lsector[key] & ~(gl->sectorsize - 1));
- gl->lsector[key] = off[0];
-
- i = g_bde_keyloc_encrypt(sc->sha2, off[0], off[1], keyloc);
- if (i)
- errx(1, "g_bde_keyloc_encrypt()");
- if (l_opt != NULL) {
- ffd = open(l_opt, O_WRONLY | O_CREAT | O_TRUNC, 0600);
- if (ffd < 0)
- err(1, "%s", l_opt);
- write(ffd, keyloc, sizeof keyloc);
- close(ffd);
- } else if (gl->flags & GBDE_F_SECT0) {
- offset2 = lseek(dfd, 0, SEEK_SET);
- if (offset2 != 0)
- err(1, "lseek");
- i = read(dfd, sbuf, gl->sectorsize);
- if (i != (int)gl->sectorsize)
- err(1, "read");
- memcpy(sbuf + key * 16, keyloc, sizeof keyloc);
- offset2 = lseek(dfd, 0, SEEK_SET);
- if (offset2 != 0)
- err(1, "lseek");
- i = write(dfd, sbuf, gl->sectorsize);
- if (i != (int)gl->sectorsize)
- err(1, "write");
- } else {
- errx(1, "No -L option and no space in sector 0 for lockfile");
- }
-
- /* Allocate a sectorbuffer and fill it with random junk */
- if (sbuf == NULL)
- err(1, "malloc");
- random_bits(sbuf, gl->sectorsize);
-
- /* Fill random bits in the spare field */
- random_bits(gl->spare, sizeof(gl->spare));
-
- /* Encode the structure where we want it */
- q = sbuf + (off[0] % gl->sectorsize);
- i = g_bde_encode_lock(sc->sha2, gl, q);
- if (i < 0)
- errx(1, "programming error encoding lock");
-
- encrypt_sector(q, G_BDE_LOCKSIZE, 256, sc->sha2 + 16);
- offset = gl->lsector[key] & ~(gl->sectorsize - 1);
- offset2 = lseek(dfd, offset, SEEK_SET);
- if (offset2 != offset)
- err(1, "lseek");
- i = write(dfd, sbuf, gl->sectorsize);
- if (i != (int)gl->sectorsize)
- err(1, "write");
- free(sbuf);
-#if 0
- printf("Wrote key %d at %jd\n", key, (intmax_t)offset);
- printf("s0 = %jd\n", (intmax_t)gl->sector0);
- printf("sN = %jd\n", (intmax_t)gl->sectorN);
- printf("l[0] = %jd\n", (intmax_t)gl->lsector[0]);
- printf("l[1] = %jd\n", (intmax_t)gl->lsector[1]);
- printf("l[2] = %jd\n", (intmax_t)gl->lsector[2]);
- printf("l[3] = %jd\n", (intmax_t)gl->lsector[3]);
- printf("k = %jd\n", (intmax_t)gl->keyoffset);
- printf("ss = %jd\n", (intmax_t)gl->sectorsize);
-#endif
-}
-
-static void
-cmd_destroy(struct g_bde_key *gl, int nkey)
-{
- int i;
-
- bzero(&gl->sector0, sizeof gl->sector0);
- bzero(&gl->sectorN, sizeof gl->sectorN);
- bzero(&gl->keyoffset, sizeof gl->keyoffset);
- gl->flags &= GBDE_F_SECT0;
- bzero(gl->mkey, sizeof gl->mkey);
- for (i = 0; i < G_BDE_MAXKEYS; i++)
- if (i != nkey)
- gl->lsector[i] = ~0;
-}
-
-static int
-sorthelp(const void *a, const void *b)
-{
- const uint64_t *oa, *ob;
-
- oa = a;
- ob = b;
- if (*oa > *ob)
- return 1;
- if (*oa < *ob)
- return -1;
- return 0;
-}
-
-static void
-cmd_init(struct g_bde_key *gl, int dfd, const char *f_opt, int i_opt, const char *l_opt)
-{
- int i;
- u_char *buf;
- unsigned sector_size;
- uint64_t first_sector;
- uint64_t last_sector;
- uint64_t total_sectors;
- off_t off, off2;
- unsigned nkeys;
- const char *p;
- char *q, cbuf[BUFSIZ];
- unsigned u, u2;
- uint64_t o;
- properties params;
-
- bzero(gl, sizeof *gl);
- if (f_opt != NULL) {
- i = open(f_opt, O_RDONLY);
- if (i < 0)
- err(1, "%s", f_opt);
- params = properties_read(i);
- close (i);
- } else if (i_opt) {
- /* XXX: Polish */
- asprintf(&q, "%stemp.XXXXXXXXXX", _PATH_TMP);
- if (q == NULL)
- err(1, "asprintf");
- i = mkstemp(q);
- if (i < 0)
- err(1, "%s", q);
- write(i, template, strlen(template));
- close (i);
- p = getenv("EDITOR");
- if (p == NULL)
- p = "vi";
- if (snprintf(cbuf, sizeof(cbuf), "%s %s\n", p, q) >=
- (ssize_t)sizeof(cbuf)) {
- unlink(q);
- errx(1, "EDITOR is too long");
- }
- system(cbuf);
- i = open(q, O_RDONLY);
- if (i < 0)
- err(1, "%s", f_opt);
- params = properties_read(i);
- close (i);
- unlink(q);
- free(q);
- } else {
- /* XXX: Hack */
- i = open(_PATH_DEVNULL, O_RDONLY);
- if (i < 0)
- err(1, "%s", _PATH_DEVNULL);
- params = properties_read(i);
- close (i);
- }
-
- /* <sector_size> */
- p = property_find(params, "sector_size");
- i = ioctl(dfd, DIOCGSECTORSIZE, &u);
- if (p != NULL) {
- sector_size = strtoul(p, &q, 0);
- if (!*p || *q)
- errx(1, "sector_size not a proper number");
- } else if (i == 0) {
- sector_size = u;
- } else {
- errx(1, "Missing sector_size property");
- }
- if (sector_size & (sector_size - 1))
- errx(1, "sector_size not a power of 2");
- if (sector_size < 512)
- errx(1, "sector_size is smaller than 512");
- buf = malloc(sector_size);
- if (buf == NULL)
- err(1, "Failed to malloc sector buffer");
- gl->sectorsize = sector_size;
-
- i = ioctl(dfd, DIOCGMEDIASIZE, &off);
- if (i == 0) {
- first_sector = 0;
- total_sectors = off / sector_size;
- last_sector = total_sectors - 1;
- } else {
- first_sector = 0;
- last_sector = 0;
- total_sectors = 0;
- }
-
- /* <first_sector> */
- p = property_find(params, "first_sector");
- if (p != NULL) {
- first_sector = strtoul(p, &q, 0);
- if (!*p || *q)
- errx(1, "first_sector not a proper number");
- }
-
- /* <last_sector> */
- p = property_find(params, "last_sector");
- if (p != NULL) {
- last_sector = strtoul(p, &q, 0);
- if (!*p || *q)
- errx(1, "last_sector not a proper number");
- if (last_sector <= first_sector)
- errx(1, "last_sector not larger than first_sector");
- total_sectors = last_sector + 1;
- }
-
- /* <total_sectors> */
- p = property_find(params, "total_sectors");
- if (p != NULL) {
*** 5852 LINES SKIPPED ***