again [PATCH v1 2/2] command ccrypt
There was a bug in the last mail i sent. [PATCH v1 2/2] command ccrypt This is the fix. Sorry for the dust :-) Crypt and decrypt files using passwords in keystore. Needs ccryptlib and keystore Usage: ccrypt [-e|-d] -k KEYNAME_IN_KEYSTORE SRC DST Signed-off-by: Gerd Pauli <g...@high-consulting.de> --- commands/Kconfig | 10 +++ commands/Makefile | 1 + commands/ccrypt.c | 228 ++ 3 files changed, 239 insertions(+) create mode 100644 commands/ccrypt.c diff --git a/commands/Kconfig b/commands/Kconfig index af2b215..2d53860 100644 --- a/commands/Kconfig +++ b/commands/Kconfig @@ -2138,6 +2138,16 @@ config CMD_SEED help Seed the pseudo random number generator (PRNG) +config CMD_CCRYPT +tristate +prompt "ccrypt" +select CCRYPTLIB +select CRYPTO_KEYSTORE +help + encrypting/decrypting a character stream + ccrypt implements a stream cipher based on the block cipher + Rijndael, the candidate for the AES standard. + # end Miscellaneous commands endmenu diff --git a/commands/Makefile b/commands/Makefile index 16c1768..b40eeb1 100644 --- a/commands/Makefile +++ b/commands/Makefile @@ -124,3 +124,4 @@ obj-$(CONFIG_CMD_SPD_DECODE)+= spd_decode.o obj-$(CONFIG_CMD_MMC_EXTCSD) += mmc_extcsd.o obj-$(CONFIG_CMD_NAND_BITFLIP) += nand-bitflip.o obj-$(CONFIG_CMD_SEED) += seed.o +obj-$(CONFIG_CMD_CCRYPT)+= ccrypt.o diff --git a/commands/ccrypt.c b/commands/ccrypt.c new file mode 100644 index 000..ad0158c --- /dev/null +++ b/commands/ccrypt.c @@ -0,0 +1,228 @@ +/* -*- Mode:C; c-file-style:"linux"; -*- */ + +/* + * ccrypt.c - Crypt and Decrypt Files using Password in Keystore + *uses ccryptlib + * + * Copyright (C) 2015 Alexander Smirnov <alll...@yandex.ru> + * Copyright (c) 2017 Gerd Pauli <g...@high-consulting.de> + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +#define INBUFSIZE 1024 +#define OUTBUFSIZE (INBUFSIZE + 32) + +static void ccrypt_error(int e) +{ + if (e == -1) { + printf("ccrypt: %s\n", strerror(errno)); + return; + } + if (e == -2) { + switch (ccrypt_errno) { + case CCRYPT_EFORMAT: + printf("ccrypt: %s\n", "bad file format"); + break; + case CCRYPT_EMISMATCH: + printf("ccrypt: %s\n", "key does not match"); + break; + case CCRYPT_EBUFFER: + printf("ccrypt: %s\n", "buffer overflow"); + break; + default: + /* do nothing */ + printf("ccrypt: %s\n", "unknown error"); + break; + } + return; + } + printf("ccrypt: %s\n", "unknown error"); +} + +static int do_ccrypt(int argc, char *argv[]) +{ + int opt; + int ret = -EINVAL; + int encrypt = 0; + int decrypt = 0; + char *extract = NULL; + char *from = NULL; + char *to = NULL; + char *r_buf = NULL; + char *w_buf = NULL; + int from_fd = 0; + int to_fd = 0; + int r, w; + void *buf; + struct ccrypt_stream_s ccs; + struct ccrypt_stream_s *b = + int flags = 0; + char *key; + int keylen; + int eof = 0; + + while ((opt = getopt(argc, argv, "dek:")) > 0) { + switch (opt) { + case 'e': + encrypt = 1; + break; + case 'd': + decrypt = 1; + break; + case 'k': + extract = optarg; + break; + default: + break; + } + } + if (encrypt == 1 && decrypt == 1) + return ret; + if (extract == NULL) + return ret; + + /* we need 2 non-option arguments */ + if (argc - optind != 2) + return ret; + + from = argv[optind]; + to = argv[optind + 1]; + + r_buf = xmalloc(INBUFSIZE); + w_buf
[PATCH v1 2/2] command ccrypt
Crypt and Decrypt Files using Password in Keystore needs ccryptlib and keystore Rijandel Crypt and Decrypt of files Usage: ccrypt [-e|-d] -k KEYNAME_IN_KEYSTORE SRC DST Signed-off-by: Gerd Pauli--- commands/Kconfig | 10 +++ commands/Makefile | 1 + commands/ccrypt.c | 228 ++ 3 files changed, 239 insertions(+) create mode 100644 commands/ccrypt.c diff --git a/commands/Kconfig b/commands/Kconfig index ae2dc4b..aebec15 100644 --- a/commands/Kconfig +++ b/commands/Kconfig @@ -2127,6 +2127,16 @@ config CMD_SEED help Seed the pseudo random number generator (PRNG) +config CMD_CCRYPT +tristate +prompt "ccrypt" +select CCRYPTLIB +select CRYPTO_KEYSTORE +help + encrypting/decrypting a character stream + ccrypt implements a stream cipher based on the block cipher + Rijndael, the candidate for the AES standard. + # end Miscellaneous commands endmenu diff --git a/commands/Makefile b/commands/Makefile index 37486dc..51cb89e 100644 --- a/commands/Makefile +++ b/commands/Makefile @@ -123,3 +123,4 @@ obj-$(CONFIG_CMD_SPD_DECODE)+= spd_decode.o obj-$(CONFIG_CMD_MMC_EXTCSD) += mmc_extcsd.o obj-$(CONFIG_CMD_NAND_BITFLIP) += nand-bitflip.o obj-$(CONFIG_CMD_SEED) += seed.o +obj-$(CONFIG_CMD_CCRYPT)+= ccrypt.o diff --git a/commands/ccrypt.c b/commands/ccrypt.c new file mode 100644 index 000..aaec57f --- /dev/null +++ b/commands/ccrypt.c @@ -0,0 +1,228 @@ +/* -*- Mode:C; c-file-style:"linux"; -*- */ + +/* + * ccrypt.c - Crypt and Decrypt Files using Password in Keystore + *uses ccryptlib + * + * Copyright (C) 2015 Alexander Smirnov + * Copyright (c) 2017 Gerd Pauli + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +#define INBUFSIZE 1024 +#define OUTBUFSIZE (INBUFSIZE + 32) + +static void ccrypt_error(int e) +{ + if (e == -1) { + printf("ccrypt: %s\n", strerror(errno)); + return; + } + if (e == -2) { + switch (ccrypt_errno) { + case CCRYPT_EFORMAT: + printf("ccrypt: %s\n", "bad file format"); + break; + case CCRYPT_EMISMATCH: + printf("ccrypt: %s\n", "key does not match"); + break; + case CCRYPT_EBUFFER: + printf("ccrypt: %s\n", "buffer overflow"); + break; + default: + /* do nothing */ + printf("ccrypt: %s\n", "unknown error"); + break; + } + return; + } + printf("ccrypt: %s\n", "unknown error"); +} + +static int do_ccrypt(int argc, char *argv[]) +{ + int opt; + int ret = -EINVAL; + int encrypt = 0; + int decrypt = 0; + char *extract = NULL; + char *from = NULL; + char *to = NULL; + char *r_buf = NULL; + char *w_buf = NULL; + int from_fd = 0; + int to_fd = 0; + int r, w; + void *buf; + struct ccrypt_stream_s ccs; + struct ccrypt_stream_s *b = + int flags = 0; + char *key; + int keylen; + int eof = 0; + + while ((opt = getopt(argc, argv, "dek:")) > 0) { + switch (opt) { + case 'e': + encrypt = 1; + break; + case 'd': + decrypt = 1; + break; + case 'k': + extract = optarg; + break; + default: + break; + } + } + if (encrypt == 1 && decrypt == 1) + return ret; + if (extract == NULL) + return ret; + + /* we need 2 non-option arguments */ + if (argc - optind != 2) + return ret; + + from = argv[optind]; + to = argv[optind + 1]; + + r_buf = xmalloc(INBUFSIZE); + w_buf = xmalloc(OUTBUFSIZE); + + ret = keystore_get_secret(extract, (const u8 **), ); + if (ret) + goto out; + + from_fd = open(from, O_RDONLY); + if (from_fd < 0) { + printf("could not open %s: %s\n", from,
Re: [PATCH v1 2/2] command: ccrypt Crypt and Decrypt Files uses keystore for passwords compatible with https://sourceforge.net/projects/ccrypt/ keystore_init Simple Keystore initializer
Hi Gerd, On Thu, Sep 14, 2017 at 02:29:41PM +0200, g...@high-consulting.de wrote: > From: Gerd Pauli> > Signed-off-by: Gerd Pauli > --- > commands/Kconfig | 14 + > commands/Makefile | 2 + > commands/ccrypt.c | 247 +++ > commands/keystore_init.c | 79 + > include/ccryptlib.h | 98 ++ > lib/Kconfig | 3 + > lib/Makefile | 1 + > lib/ccryptlib/Makefile| 4 + > lib/ccryptlib/ccryptlib.c | 417 + > lib/ccryptlib/rijndael.c | 347 + > lib/ccryptlib/rijndael.h | 76 + > lib/ccryptlib/tables.c| 768 > ++ > lib/ccryptlib/tables.h| 10 + > 13 files changed, 2066 insertions(+) > create mode 100644 commands/ccrypt.c > create mode 100644 commands/keystore_init.c > create mode 100644 include/ccryptlib.h > create mode 100644 lib/ccryptlib/Makefile > create mode 100644 lib/ccryptlib/ccryptlib.c > create mode 100644 lib/ccryptlib/rijndael.c > create mode 100644 lib/ccryptlib/rijndael.h > create mode 100644 lib/ccryptlib/tables.c > create mode 100644 lib/ccryptlib/tables.h > > diff --git a/commands/Kconfig b/commands/Kconfig > index 89b3103..2e296a3 100644 > --- a/commands/Kconfig > +++ b/commands/Kconfig > @@ -2137,6 +2137,20 @@ config CMD_SEED > help > Seed the pseudo random number generator (PRNG) > > +config CMD_CCRYPT > + tristate > + prompt "ccrypt" > + select CCRYPTLIB > + help > + AES crypt and decrypt support Please run the patch through sscripts/checkpatch.pl. The code doesn't match the barebox coding style, contains trailing whitespaces and other stuff. > + > +config CMD_KEYSTOREINIT > + tristate > + prompt "keystore_init" > + select CRYPTO_KEYSTORE > + help > + Keystore initialisation > + > # end Miscellaneous commands > endmenu > > diff --git a/commands/Makefile b/commands/Makefile > index 16c1768..42bc1d8 100644 > --- a/commands/Makefile > +++ b/commands/Makefile > @@ -124,3 +124,5 @@ obj-$(CONFIG_CMD_SPD_DECODE) += spd_decode.o > obj-$(CONFIG_CMD_MMC_EXTCSD) += mmc_extcsd.o > obj-$(CONFIG_CMD_NAND_BITFLIP) += nand-bitflip.o > obj-$(CONFIG_CMD_SEED) += seed.o > +obj-$(CONFIG_CMD_CCRYPT)+= ccrypt.o > +obj-$(CONFIG_CMD_KEYSTOREINIT) += keystore_init.o > diff --git a/commands/ccrypt.c b/commands/ccrypt.c > new file mode 100644 > index 000..f299b9c > --- /dev/null > +++ b/commands/ccrypt.c > @@ -0,0 +1,247 @@ > +/* > + * ccrypt.c - Crypt and Decrypt Files using Password in Keystore > + * > + * Copyright (C) 2015 Alexander Smirnov > + * Copyright (c) 2017 Gerd Pauli , HighConsulting > GmbH & Co. KG > + * > + * This program is free software; you can redistribute it and/or > + * modify it under the terms of the GNU General Public License as > + * published by the Free Software Foundation; either version 2 of > + * the License, or (at your option) any later version. > + * > + * This program is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > + * GNU General Public License for more details. > + * > + */ > + > +#include > +#include > +#include > +#include > +#include > +#include > +#include > +#include > + > +#define INBUFSIZE 1024 > +#define OUTBUFSIZE INBUFSIZE+32 > + > +void ccrypt_error( int e ) { Should be static > + if ( e == -1 ) { > +printf("ccrypt: %s\n",strerror(errno)); > +return; > + } > + if ( e == -2 ) { > +switch (ccrypt_errno) { > +case CCRYPT_EFORMAT: > + printf("ccrypt: %s\n","bad file format"); > + break; > +case CCRYPT_EMISMATCH: > + printf("ccrypt: %s\n","key does not match"); > + break; > +case CCRYPT_EBUFFER: > + printf("ccrypt: %s\n","buffer overflow"); > + break; > +default: > + /* do nothing */ > + printf("ccrypt: %s\n","unknown error"); > + break; > +} > +return; > + } > + printf("ccrypt: %s\n","unknown error"); > +} > + > +void print_b (ccrypt_stream_t *b) { > + /* ccrypt_state_t *s; > + s = b->state; > + printf("in: %p %d, out: %p > %d\n",b->next_in,b->avail_in,b->next_out,b->avail_out); */ > +} > + > +static int do_ccrypt(int argc, char *argv[]) > +{ > + int opt; > + int ret=-EINVAL; > + int encrypt=0; > + int decrypt=0; > + char *extract = NULL; > + char *from = NULL; > + char *to = NULL; > + char *r_buf = NULL; > + char *w_buf = NULL; > + int from_fd = 0; > + int to_fd = 0; > + int r,w; > + void *buf; > + ccrypt_stream_t ccs; > + ccrypt_stream_t *b = > + int flags=0; > + char *key; > + int keylen; > + int eof=0; > + > + while ((opt = getopt(argc, argv, "dek:")) > 0) { > +
[PATCH v1 2/2] command: ccrypt Crypt and Decrypt Files uses keystore for passwords compatible with https://sourceforge.net/projects/ccrypt/ keystore_init Simple Keystore initializer
From: Gerd PauliSigned-off-by: Gerd Pauli --- commands/Kconfig | 14 + commands/Makefile | 2 + commands/ccrypt.c | 247 +++ commands/keystore_init.c | 79 + include/ccryptlib.h | 98 ++ lib/Kconfig | 3 + lib/Makefile | 1 + lib/ccryptlib/Makefile| 4 + lib/ccryptlib/ccryptlib.c | 417 + lib/ccryptlib/rijndael.c | 347 + lib/ccryptlib/rijndael.h | 76 + lib/ccryptlib/tables.c| 768 ++ lib/ccryptlib/tables.h| 10 + 13 files changed, 2066 insertions(+) create mode 100644 commands/ccrypt.c create mode 100644 commands/keystore_init.c create mode 100644 include/ccryptlib.h create mode 100644 lib/ccryptlib/Makefile create mode 100644 lib/ccryptlib/ccryptlib.c create mode 100644 lib/ccryptlib/rijndael.c create mode 100644 lib/ccryptlib/rijndael.h create mode 100644 lib/ccryptlib/tables.c create mode 100644 lib/ccryptlib/tables.h diff --git a/commands/Kconfig b/commands/Kconfig index 89b3103..2e296a3 100644 --- a/commands/Kconfig +++ b/commands/Kconfig @@ -2137,6 +2137,20 @@ config CMD_SEED help Seed the pseudo random number generator (PRNG) +config CMD_CCRYPT + tristate + prompt "ccrypt" + select CCRYPTLIB + help + AES crypt and decrypt support + +config CMD_KEYSTOREINIT + tristate + prompt "keystore_init" + select CRYPTO_KEYSTORE + help + Keystore initialisation + # end Miscellaneous commands endmenu diff --git a/commands/Makefile b/commands/Makefile index 16c1768..42bc1d8 100644 --- a/commands/Makefile +++ b/commands/Makefile @@ -124,3 +124,5 @@ obj-$(CONFIG_CMD_SPD_DECODE)+= spd_decode.o obj-$(CONFIG_CMD_MMC_EXTCSD) += mmc_extcsd.o obj-$(CONFIG_CMD_NAND_BITFLIP) += nand-bitflip.o obj-$(CONFIG_CMD_SEED) += seed.o +obj-$(CONFIG_CMD_CCRYPT)+= ccrypt.o +obj-$(CONFIG_CMD_KEYSTOREINIT) += keystore_init.o diff --git a/commands/ccrypt.c b/commands/ccrypt.c new file mode 100644 index 000..f299b9c --- /dev/null +++ b/commands/ccrypt.c @@ -0,0 +1,247 @@ +/* + * ccrypt.c - Crypt and Decrypt Files using Password in Keystore + * + * Copyright (C) 2015 Alexander Smirnov + * Copyright (c) 2017 Gerd Pauli , HighConsulting GmbH & Co. KG + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation; either version 2 of + * the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + */ + +#include +#include +#include +#include +#include +#include +#include +#include + +#define INBUFSIZE 1024 +#define OUTBUFSIZE INBUFSIZE+32 + +void ccrypt_error( int e ) { + if ( e == -1 ) { +printf("ccrypt: %s\n",strerror(errno)); +return; + } + if ( e == -2 ) { +switch (ccrypt_errno) { +case CCRYPT_EFORMAT: + printf("ccrypt: %s\n","bad file format"); + break; +case CCRYPT_EMISMATCH: + printf("ccrypt: %s\n","key does not match"); + break; +case CCRYPT_EBUFFER: + printf("ccrypt: %s\n","buffer overflow"); + break; +default: + /* do nothing */ + printf("ccrypt: %s\n","unknown error"); + break; +} +return; + } + printf("ccrypt: %s\n","unknown error"); +} + +void print_b (ccrypt_stream_t *b) { + /* ccrypt_state_t *s; + s = b->state; + printf("in: %p %d, out: %p %d\n",b->next_in,b->avail_in,b->next_out,b->avail_out); */ +} + +static int do_ccrypt(int argc, char *argv[]) +{ + int opt; + int ret=-EINVAL; + int encrypt=0; + int decrypt=0; + char *extract = NULL; + char *from = NULL; + char *to = NULL; + char *r_buf = NULL; + char *w_buf = NULL; + int from_fd = 0; + int to_fd = 0; + int r,w; + void *buf; + ccrypt_stream_t ccs; + ccrypt_stream_t *b = + int flags=0; + char *key; + int keylen; + int eof=0; + + while ((opt = getopt(argc, argv, "dek:")) > 0) { +switch(opt) { +case 'e': + encrypt=1; + break; +case 'd': + decrypt=1; + break; +case 'k': + extract = optarg; + break; +} + } + if ( encrypt == 1 && decrypt == 1 ) +return ret; + if ( extract == NULL ) +return ret; + + if ( optind != 4 ) +return ret; + + if ( argc != 6 ) +return ret; + + from = argv[optind]; + to = argv[optind + 1]; + + r_buf=xmalloc(INBUFSIZE); + w_buf=xmalloc(OUTBUFSIZE); + + ret=keystore_get_secret(extract, (const u8 **), ); + if ( ret ) +goto out; + + /* printf("%d %d %s %s