arch/all-pc/boot/grub2-aros/grub-core/disk/AFSplitter.c

   1 /*
   2  * AFsplitter - Anti forensic information splitter
   3  * Copyright 2004, Clemens Fruhwirth <clemens@endorphin.org>
   4  *
   5  * AFsplitter diffuses information over a large stripe of data,
   6  * therefor supporting secure data destruction.
   7  *
   8  *  This program is grub_free software; you can redistribute it and/or modify
   9  *  it under the terms of the GNU General Public License as published by
  10  *  the grub_free Software Foundation; either version 2 of the License, or
  11  *  (at your option) any later version.
  12  *
  13  *  This program is distributed in the hope that it will be useful,
  14  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  *  GNU Library General Public License for more details.
  17  *
  18  *  You should have received a copy of the GNU General Public License
  19  *  along with this program; if not, write to the grub_free Software
  20  *  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  21  */
  22
  23 #include <grub/crypto.h>
  24 #include <grub/mm.h>
  25 #include <grub/misc.h>
  26
  27 gcry_err_code_t AF_merge (const gcry_md_spec_t * hash, grub_uint8_t * src,
  28                           grub_uint8_t * dst, grub_size_t blocksize,
  29                           grub_size_t blocknumbers);
  30
  31 static void
  32 diffuse (const gcry_md_spec_t * hash, grub_uint8_t * src,
  33          grub_uint8_t * dst, grub_size_t size)
  34 {
  35   grub_size_t i;
  36   grub_uint32_t IV;             /* host byte order independend hash IV */
  37
  38   grub_size_t fullblocks = size / hash->mdlen;
  39   int padding = size % hash->mdlen;
  40   grub_uint8_t final[GRUB_CRYPTO_MAX_MDLEN];
  41   grub_uint8_t temp[sizeof (IV) + GRUB_CRYPTO_MAX_MDLEN];
  42
  43   /* hash block the whole data set with different IVs to produce
  44    * more than just a single data block
  45    */
  46   for (i = 0; i < fullblocks; i++)
  47     {
  48       IV = grub_cpu_to_be32 (i);
  49       grub_memcpy (temp, &IV, sizeof (IV));
  50       grub_memcpy (temp + sizeof (IV), src + hash->mdlen * i, hash->mdlen);
  51       grub_crypto_hash (hash, dst + hash->mdlen * i, temp,
  52                         sizeof (IV) + hash->mdlen);
  53     }
  54
  55   if (padding)
  56     {
  57       IV = grub_cpu_to_be32 (i);
  58       grub_memcpy (temp, &IV, sizeof (IV));
  59       grub_memcpy (temp + sizeof (IV), src + hash->mdlen * i, padding);
  60       grub_crypto_hash (hash, final, temp, sizeof (IV) + padding);
  61       grub_memcpy (dst + hash->mdlen * i, final, padding);
  62     }
  63 }
  64
  65 /**
  66  * Merges the splitted master key stored on disk into the original key
  67  */
  68 gcry_err_code_t
  69 AF_merge (const gcry_md_spec_t * hash, grub_uint8_t * src, grub_uint8_t * dst,
  70           grub_size_t blocksize, grub_size_t blocknumbers)
  71 {
  72   grub_size_t i;
  73   grub_uint8_t *bufblock;
  74
  75   if (hash->mdlen > GRUB_CRYPTO_MAX_MDLEN || hash->mdlen == 0)
  76     return GPG_ERR_INV_ARG;
  77
  78   bufblock = grub_zalloc (blocksize);
  79   if (bufblock == NULL)
  80     return GPG_ERR_OUT_OF_MEMORY;
  81
  82   grub_memset (bufblock, 0, blocksize);
  83   for (i = 0; i < blocknumbers - 1; i++)
  84     {
  85       grub_crypto_xor (bufblock, src + (blocksize * i), bufblock, blocksize);
  86       diffuse (hash, bufblock, bufblock, blocksize);
  87     }
  88   grub_crypto_xor (dst, src + (i * blocksize), bufblock, blocksize);
  89
  90   grub_free (bufblock);
  91   return GPG_ERR_NO_ERROR;
  92 }