summaryrefslogtreecommitdiffstats
path: root/lib/luks1/af.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 17:44:12 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 17:44:12 +0000
commit1be69c2c660b70ac2f4de2a5326e27e3e60eb82d (patch)
treebb299ab6f411f4fccd735907035de710e4ec6abc /lib/luks1/af.c
parentInitial commit. (diff)
downloadcryptsetup-upstream.tar.xz
cryptsetup-upstream.zip
Adding upstream version 2:2.3.7.upstream/2%2.3.7upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'lib/luks1/af.c')
-rw-r--r--lib/luks1/af.c170
1 files changed, 170 insertions, 0 deletions
diff --git a/lib/luks1/af.c b/lib/luks1/af.c
new file mode 100644
index 0000000..3aa319d
--- /dev/null
+++ b/lib/luks1/af.c
@@ -0,0 +1,170 @@
+/*
+ * AFsplitter - Anti forensic information splitter
+ *
+ * Copyright (C) 2004 Clemens Fruhwirth <clemens@endorphin.org>
+ * Copyright (C) 2009-2021 Red Hat, Inc. All rights reserved.
+ *
+ * AFsplitter diffuses information over a large stripe of data,
+ * therefore supporting secure data destruction.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include <stddef.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include "internal.h"
+#include "af.h"
+
+static void XORblock(const char *src1, const char *src2, char *dst, size_t n)
+{
+ size_t j;
+
+ for (j = 0; j < n; j++)
+ dst[j] = src1[j] ^ src2[j];
+}
+
+static int hash_buf(const char *src, char *dst, uint32_t iv,
+ size_t len, const char *hash_name)
+{
+ struct crypt_hash *hd = NULL;
+ char *iv_char = (char *)&iv;
+ int r;
+
+ iv = be32_to_cpu(iv);
+ if (crypt_hash_init(&hd, hash_name))
+ return -EINVAL;
+
+ if ((r = crypt_hash_write(hd, iv_char, sizeof(uint32_t))))
+ goto out;
+
+ if ((r = crypt_hash_write(hd, src, len)))
+ goto out;
+
+ r = crypt_hash_final(hd, dst, len);
+out:
+ crypt_hash_destroy(hd);
+ return r;
+}
+
+/*
+ * diffuse: Information spreading over the whole dataset with
+ * the help of hash function.
+ */
+static int diffuse(char *src, char *dst, size_t size, const char *hash_name)
+{
+ int r, hash_size = crypt_hash_size(hash_name);
+ unsigned int digest_size;
+ unsigned int i, blocks, padding;
+
+ if (hash_size <= 0)
+ return -EINVAL;
+ digest_size = hash_size;
+
+ blocks = size / digest_size;
+ padding = size % digest_size;
+
+ for (i = 0; i < blocks; i++) {
+ r = hash_buf(src + digest_size * i,
+ dst + digest_size * i,
+ i, (size_t)digest_size, hash_name);
+ if (r < 0)
+ return r;
+ }
+
+ if (padding) {
+ r = hash_buf(src + digest_size * i,
+ dst + digest_size * i,
+ i, (size_t)padding, hash_name);
+ if (r < 0)
+ return r;
+ }
+
+ return 0;
+}
+
+/*
+ * Information splitting. The amount of data is multiplied by
+ * blocknumbers. The same blocksize and blocknumbers values
+ * must be supplied to AF_merge to recover information.
+ */
+int AF_split(struct crypt_device *ctx, const char *src, char *dst,
+ size_t blocksize, unsigned int blocknumbers, const char *hash)
+{
+ unsigned int i;
+ char *bufblock;
+ int r;
+
+ bufblock = crypt_safe_alloc(blocksize);
+ if (!bufblock)
+ return -ENOMEM;
+
+ /* process everything except the last block */
+ for (i = 0; i < blocknumbers - 1; i++) {
+ r = crypt_random_get(ctx, dst + blocksize * i, blocksize, CRYPT_RND_NORMAL);
+ if (r < 0)
+ goto out;
+
+ XORblock(dst + blocksize * i, bufblock, bufblock, blocksize);
+ r = diffuse(bufblock, bufblock, blocksize, hash);
+ if (r < 0)
+ goto out;
+ }
+ /* the last block is computed */
+ XORblock(src, bufblock, dst + blocksize * i, blocksize);
+ r = 0;
+out:
+ crypt_safe_free(bufblock);
+ return r;
+}
+
+int AF_merge(struct crypt_device *ctx __attribute__((unused)), const char *src, char *dst,
+ size_t blocksize, unsigned int blocknumbers, const char *hash)
+{
+ unsigned int i;
+ char *bufblock;
+ int r;
+
+ bufblock = crypt_safe_alloc(blocksize);
+ if (!bufblock)
+ return -ENOMEM;
+
+ for(i = 0; i < blocknumbers - 1; i++) {
+ XORblock(src + blocksize * i, bufblock, bufblock, blocksize);
+ r = diffuse(bufblock, bufblock, blocksize, hash);
+ if (r < 0)
+ goto out;
+ }
+ XORblock(src + blocksize * i, bufblock, dst, blocksize);
+ r = 0;
+out:
+ crypt_safe_free(bufblock);
+ return r;
+}
+
+/* Size of final split data including sector alignment */
+size_t AF_split_sectors(size_t blocksize, unsigned int blocknumbers)
+{
+ size_t af_size;
+
+ /* data material * stripes */
+ af_size = blocksize * blocknumbers;
+
+ /* round up to sector */
+ af_size = (af_size + (SECTOR_SIZE - 1)) / SECTOR_SIZE;
+
+ return af_size;
+}