1 // Original Author Taru Karttunen <taruti@taruti.net>
2 // This file can be used as both Public Domain or Creative Commons CC0.
19 uchar zeros[16] = {0};
25 setupkey(char *pass, uchar salt[16], AESstate *aes)
29 pbkdf2_x((uchar*)pass, strlen(pass), salt, 16, 9999, tkey, 32, hmac_sha1, SHA1dlen);
30 setupAESstate(aes, tkey, 16, zeros);
31 memset(tkey, 0, sizeof(tkey));
38 memset(pass, 0, strlen(pass));
44 cformat(char *files[])
52 pass = readcons("Password", nil, 1);
53 if(pass == nil || pass[0] == 0)
54 sysfatal("input aborted");
55 tmp = readcons("Confirm", nil, 1);
56 if(tmp == nil || tmp[0] == 0)
57 sysfatal("input aborted");
58 i = strcmp(pass, tmp);
62 for(;*files != nil; files++) {
63 genrandom((uchar*)&s, sizeof(s));
64 setupkey(pass, s.Slots[0].Salt, &cbc);
65 memcpy(s.Slots[0].Key, s.Master, 32);
66 aesCBCencrypt(s.Slots[0].Key, 32, &cbc);
68 genrandom(buf, 16*4096);
71 buf[(4096*i)+(4*j)+1] = s.Slots[j].Salt[i];
72 buf[(4096*i)+(4*j)+2] = s.Slots[j].Key[i];
73 buf[(4096*i)+(4*j)+3] = s.Slots[j].Key[i+16];
76 if((fd = open(*files, OWRITE)) < 0)
77 sysfatal("open disk: %r");
79 /* make the pad for checking crypto */
81 buf[(64*1024)-8+i] = ~buf[(64*1024)-16+i];
83 setupAESstate(&cbc, s.Master, 16, zeros);
84 aes_encrypt(cbc.ekey, cbc.rounds, &buf[(64*1024)-16], &buf[(64*1024)-16]);
86 if(write(fd, buf, 64*1024) != 64*1024)
87 sysfatal("writing disk: %r");
92 copen(char *files[], int ctl)
99 for(;*files != nil; files++) {
100 memset(&s, 0, sizeof(s));
101 if((fd = open(*files, OREAD)) < 0)
102 sysfatal("open disk: %r");
104 if(read(fd, buf, 1024*64) != 1024*64)
105 sysfatal("read disk: %r");
110 s.Slots[j].Salt[i] = buf[(4096*i)+(4*j)+1];
111 s.Slots[j].Key[i] = buf[(4096*i)+(4*j)+2];
112 s.Slots[j].Key[i+16] = buf[(4096*i)+(4*j)+3];
116 pass = readcons("Password", nil, 1);
117 if(pass == nil || pass[0] == 0)
118 sysfatal("input aborted");
121 setupkey(pass, s.Slots[0].Salt, &cbc);
122 memcpy(s.Master, s.Slots[0].Key, 32);
123 aesCBCdecrypt(s.Master, 32, &cbc);
124 setupAESstate(&cbc, s.Master, 16, zeros);
126 memcpy(cbuf, &buf[(64*1024)-16], 16);
127 aes_decrypt(cbc.dkey, cbc.rounds, cbuf, cbuf);
129 /* make the pad for checking crypto */
131 if((cbuf[i] ^ cbuf[i+8]) != 255) {
134 fprint(2, "wrong key\n");
138 fd2path(fd, (char*)buf, sizeof(buf));
141 if((name = strrchr(*files, '/')) != nil)
146 if(fprint(ctl, "crypt %q %q %.32H\n", name, (char*)buf, s.Master) < 0)
147 sysfatal("write: %r");
155 "%s -f files\t\t# Format file or device\n"
156 "%s -o files\t\t# Print commandline for open\n"
157 "%s -i files\t\t# Install (open) files\n",
158 argv0, argv0, argv0);
163 main(int argc, char *argv[])
174 fmtinstall('H', encodefmt);
203 if((ctl = open("/dev/fs/ctl", OWRITE)) < 0)
204 sysfatal("open ctl: %r");