again [PATCH v1 2/2] command ccrypt

2017-10-09 Thread Gerd Pauli 
There was a bug in the last mail i sent. [PATCH v1 2/2] command ccrypt
This is the fix. Sorry for the dust :-)

Crypt and decrypt files using passwords in keystore.
Needs ccryptlib and keystore

Usage: ccrypt [-e|-d] -k KEYNAME_IN_KEYSTORE SRC DST

Signed-off-by: Gerd Pauli <g...@high-consulting.de>
---
 commands/Kconfig  |  10 +++
 commands/Makefile |   1 +
 commands/ccrypt.c | 228 ++
 3 files changed, 239 insertions(+)
 create mode 100644 commands/ccrypt.c

diff --git a/commands/Kconfig b/commands/Kconfig
index af2b215..2d53860 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -2138,6 +2138,16 @@ config CMD_SEED
help
  Seed the pseudo random number generator (PRNG)
 
+config CMD_CCRYPT
+tristate
+prompt "ccrypt"
+select CCRYPTLIB
+select CRYPTO_KEYSTORE
+help
+  encrypting/decrypting a character stream
+  ccrypt implements a stream cipher based on the block cipher
+  Rijndael, the candidate for the AES standard.
+
 # end Miscellaneous commands
 endmenu
 
diff --git a/commands/Makefile b/commands/Makefile
index 16c1768..b40eeb1 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -124,3 +124,4 @@ obj-$(CONFIG_CMD_SPD_DECODE)+= spd_decode.o
 obj-$(CONFIG_CMD_MMC_EXTCSD)   += mmc_extcsd.o
 obj-$(CONFIG_CMD_NAND_BITFLIP) += nand-bitflip.o
 obj-$(CONFIG_CMD_SEED) += seed.o
+obj-$(CONFIG_CMD_CCRYPT)+= ccrypt.o
diff --git a/commands/ccrypt.c b/commands/ccrypt.c
new file mode 100644
index 000..ad0158c
--- /dev/null
+++ b/commands/ccrypt.c
@@ -0,0 +1,228 @@
+/* -*- Mode:C; c-file-style:"linux"; -*- */
+
+/*
+ * ccrypt.c - Crypt and Decrypt Files using Password in Keystore
+ *uses ccryptlib
+ *
+ * Copyright (C) 2015 Alexander Smirnov <alll...@yandex.ru>
+ * Copyright (c) 2017 Gerd Pauli <g...@high-consulting.de>
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define INBUFSIZE 1024
+#define OUTBUFSIZE (INBUFSIZE + 32)
+
+static void ccrypt_error(int e)
+{
+   if (e == -1) {
+   printf("ccrypt: %s\n", strerror(errno));
+   return;
+   }
+   if (e == -2) {
+   switch (ccrypt_errno) {
+   case CCRYPT_EFORMAT:
+   printf("ccrypt: %s\n", "bad file format");
+   break;
+   case CCRYPT_EMISMATCH:
+   printf("ccrypt: %s\n", "key does not match");
+   break;
+   case CCRYPT_EBUFFER:
+   printf("ccrypt: %s\n", "buffer overflow");
+   break;
+   default:
+   /* do nothing */
+   printf("ccrypt: %s\n", "unknown error");
+   break;
+   }
+   return;
+   }
+   printf("ccrypt: %s\n", "unknown error");
+}
+
+static int do_ccrypt(int argc, char *argv[])
+{
+   int opt;
+   int ret = -EINVAL;
+   int encrypt = 0;
+   int decrypt = 0;
+   char *extract = NULL;
+   char *from = NULL;
+   char *to = NULL;
+   char *r_buf = NULL;
+   char *w_buf = NULL;
+   int from_fd = 0;
+   int to_fd = 0;
+   int r, w;
+   void *buf;
+   struct ccrypt_stream_s ccs;
+   struct ccrypt_stream_s *b = 
+   int flags = 0;
+   char *key;
+   int keylen;
+   int eof = 0;
+
+   while ((opt = getopt(argc, argv, "dek:")) > 0) {
+   switch (opt) {
+   case 'e':
+   encrypt = 1;
+   break;
+   case 'd':
+   decrypt = 1;
+   break;
+   case 'k':
+   extract = optarg;
+   break;
+   default:
+   break;
+   }
+   }
+   if (encrypt == 1 && decrypt == 1)
+   return ret;
+   if (extract == NULL)
+   return ret;
+
+   /* we need 2 non-option arguments */
+   if (argc - optind != 2)
+   return ret;
+
+   from = argv[optind];
+   to = argv[optind + 1];
+
+   r_buf = xmalloc(INBUFSIZE);
+   w_buf

[PATCH v1 2/2] command ccrypt

2017-10-09 Thread Gerd Pauli 
Crypt and Decrypt Files using Password in Keystore
needs ccryptlib and keystore
Rijandel Crypt and Decrypt of files

Usage: ccrypt [-e|-d] -k KEYNAME_IN_KEYSTORE SRC DST

Signed-off-by: Gerd Pauli 
---
 commands/Kconfig  |  10 +++
 commands/Makefile |   1 +
 commands/ccrypt.c | 228 ++
 3 files changed, 239 insertions(+)
 create mode 100644 commands/ccrypt.c

diff --git a/commands/Kconfig b/commands/Kconfig
index ae2dc4b..aebec15 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -2127,6 +2127,16 @@ config CMD_SEED
help
  Seed the pseudo random number generator (PRNG)
 
+config CMD_CCRYPT
+tristate
+prompt "ccrypt"
+select CCRYPTLIB
+select CRYPTO_KEYSTORE
+help
+  encrypting/decrypting a character stream
+  ccrypt implements a stream cipher based on the block cipher
+  Rijndael, the candidate for the AES standard.
+
 # end Miscellaneous commands
 endmenu
 
diff --git a/commands/Makefile b/commands/Makefile
index 37486dc..51cb89e 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -123,3 +123,4 @@ obj-$(CONFIG_CMD_SPD_DECODE)+= spd_decode.o
 obj-$(CONFIG_CMD_MMC_EXTCSD)   += mmc_extcsd.o
 obj-$(CONFIG_CMD_NAND_BITFLIP) += nand-bitflip.o
 obj-$(CONFIG_CMD_SEED) += seed.o
+obj-$(CONFIG_CMD_CCRYPT)+= ccrypt.o
diff --git a/commands/ccrypt.c b/commands/ccrypt.c
new file mode 100644
index 000..aaec57f
--- /dev/null
+++ b/commands/ccrypt.c
@@ -0,0 +1,228 @@
+/* -*- Mode:C; c-file-style:"linux"; -*- */
+
+/*
+ * ccrypt.c - Crypt and Decrypt Files using Password in Keystore
+ *uses ccryptlib
+ *
+ * Copyright (C) 2015 Alexander Smirnov 
+ * Copyright (c) 2017 Gerd Pauli 
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define INBUFSIZE 1024
+#define OUTBUFSIZE (INBUFSIZE + 32)
+
+static void ccrypt_error(int e)
+{
+   if (e == -1) {
+   printf("ccrypt: %s\n", strerror(errno));
+   return;
+   }
+   if (e == -2) {
+   switch (ccrypt_errno) {
+   case CCRYPT_EFORMAT:
+   printf("ccrypt: %s\n", "bad file format");
+   break;
+   case CCRYPT_EMISMATCH:
+   printf("ccrypt: %s\n", "key does not match");
+   break;
+   case CCRYPT_EBUFFER:
+   printf("ccrypt: %s\n", "buffer overflow");
+   break;
+   default:
+   /* do nothing */
+   printf("ccrypt: %s\n", "unknown error");
+   break;
+   }
+   return;
+   }
+   printf("ccrypt: %s\n", "unknown error");
+}
+
+static int do_ccrypt(int argc, char *argv[])
+{
+   int opt;
+   int ret = -EINVAL;
+   int encrypt = 0;
+   int decrypt = 0;
+   char *extract = NULL;
+   char *from = NULL;
+   char *to = NULL;
+   char *r_buf = NULL;
+   char *w_buf = NULL;
+   int from_fd = 0;
+   int to_fd = 0;
+   int r, w;
+   void *buf;
+   struct ccrypt_stream_s ccs;
+   struct ccrypt_stream_s *b = 
+   int flags = 0;
+   char *key;
+   int keylen;
+   int eof = 0;
+
+   while ((opt = getopt(argc, argv, "dek:")) > 0) {
+   switch (opt) {
+   case 'e':
+   encrypt = 1;
+   break;
+   case 'd':
+   decrypt = 1;
+   break;
+   case 'k':
+   extract = optarg;
+   break;
+   default:
+   break;
+   }
+   }
+   if (encrypt == 1 && decrypt == 1)
+   return ret;
+   if (extract == NULL)
+   return ret;
+
+   /* we need 2 non-option arguments */
+   if (argc - optind != 2)
+   return ret;
+
+   from = argv[optind];
+   to = argv[optind + 1];
+
+   r_buf = xmalloc(INBUFSIZE);
+   w_buf = xmalloc(OUTBUFSIZE);
+
+   ret = keystore_get_secret(extract, (const u8 **), );
+   if (ret)
+   goto out;
+
+   from_fd = open(from, O_RDONLY);
+   if (from_fd < 0) {
+   printf("could not open %s: %s\n", from,

Re: [PATCH v1 2/2] command: ccrypt Crypt and Decrypt Files uses keystore for passwords compatible with https://sourceforge.net/projects/ccrypt/ keystore_init Simple Keystore initializer

2017-09-18 Thread Sascha Hauer 
Hi Gerd,

On Thu, Sep 14, 2017 at 02:29:41PM +0200, g...@high-consulting.de wrote:
> From: Gerd Pauli 
> 
> Signed-off-by: Gerd Pauli 
> ---
>  commands/Kconfig  |  14 +
>  commands/Makefile |   2 +
>  commands/ccrypt.c | 247 +++
>  commands/keystore_init.c  |  79 +
>  include/ccryptlib.h   |  98 ++
>  lib/Kconfig   |   3 +
>  lib/Makefile  |   1 +
>  lib/ccryptlib/Makefile|   4 +
>  lib/ccryptlib/ccryptlib.c | 417 +
>  lib/ccryptlib/rijndael.c  | 347 +
>  lib/ccryptlib/rijndael.h  |  76 +
>  lib/ccryptlib/tables.c| 768 
> ++
>  lib/ccryptlib/tables.h|  10 +
>  13 files changed, 2066 insertions(+)
>  create mode 100644 commands/ccrypt.c
>  create mode 100644 commands/keystore_init.c
>  create mode 100644 include/ccryptlib.h
>  create mode 100644 lib/ccryptlib/Makefile
>  create mode 100644 lib/ccryptlib/ccryptlib.c
>  create mode 100644 lib/ccryptlib/rijndael.c
>  create mode 100644 lib/ccryptlib/rijndael.h
>  create mode 100644 lib/ccryptlib/tables.c
>  create mode 100644 lib/ccryptlib/tables.h
> 
> diff --git a/commands/Kconfig b/commands/Kconfig
> index 89b3103..2e296a3 100644
> --- a/commands/Kconfig
> +++ b/commands/Kconfig
> @@ -2137,6 +2137,20 @@ config CMD_SEED
>   help
> Seed the pseudo random number generator (PRNG)
>  
> +config CMD_CCRYPT
> +   tristate
> +   prompt "ccrypt"
> +   select CCRYPTLIB
> +   help
> + AES crypt and decrypt support

Please run the patch through sscripts/checkpatch.pl. The code doesn't
match the barebox coding style, contains trailing whitespaces and other
stuff.

> +
> +config CMD_KEYSTOREINIT
> +   tristate
> +   prompt "keystore_init"
> +   select CRYPTO_KEYSTORE
> +   help
> + Keystore initialisation   
> +
>  # end Miscellaneous commands
>  endmenu
>  
> diff --git a/commands/Makefile b/commands/Makefile
> index 16c1768..42bc1d8 100644
> --- a/commands/Makefile
> +++ b/commands/Makefile
> @@ -124,3 +124,5 @@ obj-$(CONFIG_CMD_SPD_DECODE)  += spd_decode.o
>  obj-$(CONFIG_CMD_MMC_EXTCSD) += mmc_extcsd.o
>  obj-$(CONFIG_CMD_NAND_BITFLIP)   += nand-bitflip.o
>  obj-$(CONFIG_CMD_SEED)   += seed.o
> +obj-$(CONFIG_CMD_CCRYPT)+= ccrypt.o
> +obj-$(CONFIG_CMD_KEYSTOREINIT)   += keystore_init.o
> diff --git a/commands/ccrypt.c b/commands/ccrypt.c
> new file mode 100644
> index 000..f299b9c
> --- /dev/null
> +++ b/commands/ccrypt.c
> @@ -0,0 +1,247 @@
> +/*
> + * ccrypt.c - Crypt and Decrypt Files using Password in Keystore
> + * 
> + * Copyright (C) 2015 Alexander Smirnov 
> + * Copyright (c) 2017 Gerd Pauli , HighConsulting 
> GmbH & Co. KG
> + * 
> + * This program is free software; you can redistribute it and/or
> + * modify it under the terms of the GNU General Public License as
> + * published by the Free Software Foundation; either version 2 of
> + * the License, or (at your option) any later version.
> + *
> + * This program is distributed in the hope that it will be useful,
> + * but WITHOUT ANY WARRANTY; without even the implied warranty of
> + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + * GNU General Public License for more details.
> + *
> + */
> +
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +
> +#define INBUFSIZE 1024  
> +#define OUTBUFSIZE INBUFSIZE+32
> +
> +void ccrypt_error( int e ) {

Should be static

> +  if ( e == -1 ) {  
> +printf("ccrypt: %s\n",strerror(errno));
> +return;
> +  }
> +  if ( e == -2 ) {
> +switch (ccrypt_errno) {
> +case CCRYPT_EFORMAT:
> +  printf("ccrypt: %s\n","bad file format");
> +  break;
> +case CCRYPT_EMISMATCH:
> +  printf("ccrypt: %s\n","key does not match");
> +  break;
> +case CCRYPT_EBUFFER:
> +  printf("ccrypt: %s\n","buffer overflow");
> +  break;
> +default:
> +  /* do nothing */
> +  printf("ccrypt: %s\n","unknown error");
> +  break;
> +}
> +return;
> +  }
> +  printf("ccrypt: %s\n","unknown error");
> +}
> +
> +void print_b (ccrypt_stream_t *b) {
> +  /*  ccrypt_state_t *s; 
> +  s = b->state; 
> +  printf("in: %p %d, out: %p 
> %d\n",b->next_in,b->avail_in,b->next_out,b->avail_out);  */
> +}
> +
> +static int do_ccrypt(int argc, char *argv[])
> +{
> +  int opt;
> +  int ret=-EINVAL;
> +  int encrypt=0;
> +  int decrypt=0;
> +  char *extract = NULL;
> +  char *from = NULL;
> +  char *to = NULL;
> +  char *r_buf = NULL;
> +  char *w_buf = NULL;
> +  int from_fd = 0;
> +  int to_fd = 0;
> +  int r,w;
> +  void *buf;
> +  ccrypt_stream_t ccs;
> +  ccrypt_stream_t *b = 
> +  int flags=0;
> +  char *key;
> +  int keylen;
> +  int eof=0;
> +
> +  while ((opt = getopt(argc, argv, "dek:")) > 0) {
> +

[PATCH v1 2/2] command: ccrypt Crypt and Decrypt Files uses keystore for passwords compatible with https://sourceforge.net/projects/ccrypt/ keystore_init Simple Keystore initializer

2017-09-14 Thread gp 
From: Gerd Pauli 

Signed-off-by: Gerd Pauli 
---
 commands/Kconfig  |  14 +
 commands/Makefile |   2 +
 commands/ccrypt.c | 247 +++
 commands/keystore_init.c  |  79 +
 include/ccryptlib.h   |  98 ++
 lib/Kconfig   |   3 +
 lib/Makefile  |   1 +
 lib/ccryptlib/Makefile|   4 +
 lib/ccryptlib/ccryptlib.c | 417 +
 lib/ccryptlib/rijndael.c  | 347 +
 lib/ccryptlib/rijndael.h  |  76 +
 lib/ccryptlib/tables.c| 768 ++
 lib/ccryptlib/tables.h|  10 +
 13 files changed, 2066 insertions(+)
 create mode 100644 commands/ccrypt.c
 create mode 100644 commands/keystore_init.c
 create mode 100644 include/ccryptlib.h
 create mode 100644 lib/ccryptlib/Makefile
 create mode 100644 lib/ccryptlib/ccryptlib.c
 create mode 100644 lib/ccryptlib/rijndael.c
 create mode 100644 lib/ccryptlib/rijndael.h
 create mode 100644 lib/ccryptlib/tables.c
 create mode 100644 lib/ccryptlib/tables.h

diff --git a/commands/Kconfig b/commands/Kconfig
index 89b3103..2e296a3 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -2137,6 +2137,20 @@ config CMD_SEED
help
  Seed the pseudo random number generator (PRNG)
 
+config CMD_CCRYPT
+   tristate
+   prompt "ccrypt"
+   select CCRYPTLIB
+   help
+ AES crypt and decrypt support
+
+config CMD_KEYSTOREINIT
+   tristate
+   prompt "keystore_init"
+   select CRYPTO_KEYSTORE
+   help
+ Keystore initialisation   
+
 # end Miscellaneous commands
 endmenu
 
diff --git a/commands/Makefile b/commands/Makefile
index 16c1768..42bc1d8 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -124,3 +124,5 @@ obj-$(CONFIG_CMD_SPD_DECODE)+= spd_decode.o
 obj-$(CONFIG_CMD_MMC_EXTCSD)   += mmc_extcsd.o
 obj-$(CONFIG_CMD_NAND_BITFLIP) += nand-bitflip.o
 obj-$(CONFIG_CMD_SEED) += seed.o
+obj-$(CONFIG_CMD_CCRYPT)+= ccrypt.o
+obj-$(CONFIG_CMD_KEYSTOREINIT) += keystore_init.o
diff --git a/commands/ccrypt.c b/commands/ccrypt.c
new file mode 100644
index 000..f299b9c
--- /dev/null
+++ b/commands/ccrypt.c
@@ -0,0 +1,247 @@
+/*
+ * ccrypt.c - Crypt and Decrypt Files using Password in Keystore
+ * 
+ * Copyright (C) 2015 Alexander Smirnov 
+ * Copyright (c) 2017 Gerd Pauli , HighConsulting 
GmbH & Co. KG
+ * 
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of
+ * the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#define INBUFSIZE 1024  
+#define OUTBUFSIZE INBUFSIZE+32
+
+void ccrypt_error( int e ) {
+  if ( e == -1 ) {  
+printf("ccrypt: %s\n",strerror(errno));
+return;
+  }
+  if ( e == -2 ) {
+switch (ccrypt_errno) {
+case CCRYPT_EFORMAT:
+  printf("ccrypt: %s\n","bad file format");
+  break;
+case CCRYPT_EMISMATCH:
+  printf("ccrypt: %s\n","key does not match");
+  break;
+case CCRYPT_EBUFFER:
+  printf("ccrypt: %s\n","buffer overflow");
+  break;
+default:
+  /* do nothing */
+  printf("ccrypt: %s\n","unknown error");
+  break;
+}
+return;
+  }
+  printf("ccrypt: %s\n","unknown error");
+}
+
+void print_b (ccrypt_stream_t *b) {
+  /*  ccrypt_state_t *s; 
+  s = b->state; 
+  printf("in: %p %d, out: %p 
%d\n",b->next_in,b->avail_in,b->next_out,b->avail_out);  */
+}
+
+static int do_ccrypt(int argc, char *argv[])
+{
+  int opt;
+  int ret=-EINVAL;
+  int encrypt=0;
+  int decrypt=0;
+  char *extract = NULL;
+  char *from = NULL;
+  char *to = NULL;
+  char *r_buf = NULL;
+  char *w_buf = NULL;
+  int from_fd = 0;
+  int to_fd = 0;
+  int r,w;
+  void *buf;
+  ccrypt_stream_t ccs;
+  ccrypt_stream_t *b = 
+  int flags=0;
+  char *key;
+  int keylen;
+  int eof=0;
+
+  while ((opt = getopt(argc, argv, "dek:")) > 0) {
+switch(opt) {
+case 'e':
+  encrypt=1;
+  break;
+case 'd':
+  decrypt=1;
+  break;
+case 'k':
+  extract = optarg;
+  break;
+}
+  }
+  if ( encrypt == 1 && decrypt == 1 ) 
+return ret;
+  if ( extract == NULL )
+return ret;
+
+  if ( optind != 4 ) 
+return ret;
+
+  if ( argc != 6 )
+return ret;
+
+  from = argv[optind];
+  to = argv[optind + 1];
+
+  r_buf=xmalloc(INBUFSIZE);
+  w_buf=xmalloc(OUTBUFSIZE);
+  
+  ret=keystore_get_secret(extract, (const u8 **), );
+  if ( ret )
+goto out;
+
+  /* printf("%d %d %s %s