Esempio n. 1
0
int decrypt_root_fs(const char *crypt, const char *decrypt, char *key) {
  FILE *in, *out;
  cencrypted_v1_header v1header;
  cencrypted_v2_pwheader v2header;

  uint8_t hmacsha1_key[20], aes_key[16], inbuf[CHUNK_SIZE], outbuf[CHUNK_SIZE];
  uint32_t chunk_no;
  int hdr_version, c,i, optError = 0;
  char inFile[512], outFile[512], passphrase[512];
  int iflag = 0, oflag = 0, pflag = 0, kflag = 0, verbose = 0;
  extern char *optarg;
  extern int optind, optopt;

  memset(inFile, 0, 512);
  memset(outFile, 0, 512);
  memset(passphrase, 0, 512);

      verbose++;
      optarg=(char *)crypt;
      if(optarg) strncpy(inFile, optarg, sizeof(inFile)-1);
      iflag=1;
      optarg=(char *)decrypt;
      if (optarg) strncpy(outFile, optarg, sizeof(outFile)-1);
      oflag=1;
      optarg=key;
      convert_hex(optarg, aes_key, 16);
      convert_hex(optarg+32, hmacsha1_key, 20);
      kflag=1;

  if (strlen(inFile) == 0) {
    in = stdin;
  } else {
    if ((in = fopen(inFile, "rb")) == NULL) {
      fprintf(stderr, "Error: unable to open %s\n", inFile);
      exit(1);
    }
  }

  if (strlen(outFile) == 0) {
    out = stdout;
  } else {
    if ((out = fopen(outFile, "wb")) == NULL) {
      fprintf(stderr, "Error: unable to open %s\n", outFile);
      exit(1);
    }
  }

  hdr_version = determine_header_version(in);

  if (verbose >= 1) {
    if (hdr_version > 0) {
      fprintf(stderr, "v%d header detected.\n", hdr_version);
    } else {
      fprintf(stderr, "unknown format.\n");
      exit(1);
    }
  }

  if (hdr_version == 1) {
    fseek(in, (long) -sizeof(cencrypted_v1_header), SEEK_END);
    if (fread(&v1header, sizeof(cencrypted_v1_header), 1, in) < 1) {
      fprintf(stderr, "header corrupted?\n"), exit(1);
    }
    adjust_v1_header_byteorder(&v1header);
    if(!kflag) unwrap_v1_header(passphrase, &v1header, aes_key, hmacsha1_key);
  }

  if (hdr_version == 2) {
    fseek(in, 0L, SEEK_SET);
    if (fread(&v2header, sizeof(cencrypted_v2_pwheader), 1, in) < 1) {
      fprintf(stderr, "header corrupted?\n"), exit(1);
    }
    adjust_v2_header_byteorder(&v2header);
    dump_v2_header(&v2header);
    if(!kflag) unwrap_v2_header(passphrase, &v2header, aes_key, hmacsha1_key);
    CHUNK_SIZE = v2header.blocksize;
  }

  HMAC_CTX_init(&hmacsha1_ctx);
  HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL);
  AES_set_decrypt_key(aes_key, CIPHER_KEY_LENGTH * 8, &aes_decrypt_key);

  if (verbose >= 1) {
    fprintf(stderr, "AES Key: \n");
    print_hex(aes_key, 16);
    fprintf(stderr, "SHA1 seed: \n");
    print_hex(hmacsha1_key, 20);
  }

  if (hdr_version == 2) fseek(in, v2header.dataoffset, SEEK_SET);
  else fseek(in, 0L, SEEK_SET);

  chunk_no = 0;
  while(fread(inbuf, CHUNK_SIZE, 1, in) > 0) {
    decrypt_chunk(inbuf, outbuf, chunk_no);
    chunk_no++;
    if(hdr_version == 2 && (v2header.datasize-ftell(out)) < CHUNK_SIZE) {
      fwrite(outbuf, v2header.datasize - ftell(out), 1, out);
      break;
    }
    fwrite(outbuf, CHUNK_SIZE, 1, out);
  }

  if (verbose)  fprintf(stderr, "%d chunks written\n", chunk_no);
  return 0;

	return 0;
}
Esempio n. 2
0
int main(int argc, char *argv[]) {
  FILE *in, *out;
  cencrypted_v1_header v1header;
  cencrypted_v2_pwheader v2header;

  uint8_t hmacsha1_key[20], aes_key[16], inbuf[CHUNK_SIZE], outbuf[CHUNK_SIZE];
  uint32_t chunk_no;
  int hdr_version, c,i, optError = 0;
  char inFile[512], outFile[512], passphrase[512];
  int iflag = 0, oflag = 0, pflag = 0, kflag = 0, verbose = 0;
  extern char *optarg;
  extern int optind, optopt;

  memset(inFile, 0, 512);
  memset(outFile, 0, 512);
  memset(passphrase, 0, 512);

  while((c = getopt(argc, argv, "hvi:o:p:k:")) != -1) {
    switch(c) {
    case 'h':
      usage("Help is on the way. Stay calm.");
      break;
    case 'v':
      verbose++;
      break;
    case 'i':
      if(optarg) strncpy(inFile, optarg, sizeof(inFile)-1);
      iflag = 1;
      break;
    case 'o':
      if (optarg) strncpy(outFile, optarg, sizeof(outFile)-1);
      oflag = 1;
      break;
    case 'p':
      if (optarg) strncpy(passphrase, optarg, sizeof(passphrase)-1);
      pflag = 1;
      break;
    case 'k':
      convert_hex(optarg, aes_key, 16);
      convert_hex(optarg+32, hmacsha1_key, 20);
      kflag=1;
      break;
    case '?':
      fprintf(stderr, "Unknown option: -%c\n", optopt);
      optError++;
      break;
    }
  }

  /* check to see if our user gave incorrect options */
  if (optError) usage("Incorrect arguments.");

  if (strlen(inFile) == 0) {
    in = stdin;
  } else {
    if ((in = fopen(inFile, "rb")) == NULL) {
      fprintf(stderr, "Error: unable to open %s\n", inFile);
      exit(1);
    }
  }

  if (strlen(outFile) == 0) {
    out = stdout;
  } else {
    if ((out = fopen(outFile, "wb")) == NULL) {
      fprintf(stderr, "Error: unable to open %s\n", outFile);
      exit(1);
    }
  }

  if (!pflag && !kflag) {
    fprintf(stderr, "No Passphrase given.\n");
    exit(1);
  }

  hdr_version = determine_header_version(in);

  if (verbose >= 1) {
    if (hdr_version > 0) {
      fprintf(stderr, "v%d header detected.\n", hdr_version);
    } else {
      fprintf(stderr, "unknown format.\n");
      exit(1);
    }
  }

  if (hdr_version == 1) {
    fseek(in, (long) -sizeof(cencrypted_v1_header), SEEK_END);
    if (fread(&v1header, sizeof(cencrypted_v1_header), 1, in) < 1) {
      fprintf(stderr, "header corrupted?\n"), exit(1);
    }
    adjust_v1_header_byteorder(&v1header);
    if(!kflag) unwrap_v1_header(passphrase, &v1header, aes_key, hmacsha1_key);
  }

  if (hdr_version == 2) {
    fseek(in, 0L, SEEK_SET);
    if (fread(&v2header, sizeof(cencrypted_v2_pwheader), 1, in) < 1) {
      fprintf(stderr, "header corrupted?\n"), exit(1);
    }
    adjust_v2_header_byteorder(&v2header);
    dump_v2_header(&v2header);
    if(!kflag) unwrap_v2_header(passphrase, &v2header, aes_key, hmacsha1_key);
    CHUNK_SIZE = v2header.blocksize;
  }

  HMAC_CTX_init(&hmacsha1_ctx);
  HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL);
  AES_set_decrypt_key(aes_key, CIPHER_KEY_LENGTH * 8, &aes_decrypt_key);

  if (verbose >= 1) {
    fprintf(stderr, "AES Key: \n");
    print_hex(aes_key, 16);
    fprintf(stderr, "SHA1 seed: \n");
    print_hex(hmacsha1_key, 20);
  }

  if (hdr_version == 2) fseek(in, v2header.dataoffset, SEEK_SET);
  else fseek(in, 0L, SEEK_SET);

  chunk_no = 0;
  while(fread(inbuf, CHUNK_SIZE, 1, in) > 0) {
    decrypt_chunk(inbuf, outbuf, chunk_no);
    chunk_no++;
    if(hdr_version == 2 && (v2header.datasize-ftell(out)) < CHUNK_SIZE) {
      fwrite(outbuf, v2header.datasize - ftell(out), 1, out);
      break;
    }
    fwrite(outbuf, CHUNK_SIZE, 1, out);
  }

  if (verbose)  fprintf(stderr, "%d chunks written\n", chunk_no);
  return(0);
}
Esempio n. 3
0
int main(int argc, char *argv[])
{
  FILE *in, *out;
  cencrypted_v1_header v1header;
  cencrypted_v2_pwheader v2header;
  char hmacsha1_key_str[20*2+1];
  char aes_key_str[16*2+1];
  uint8_t hmacsha1_key[20];
  uint8_t aes_key[16];
  uint8_t inbuf[CHUNK_SIZE], outbuf[CHUNK_SIZE];
  uint32_t chunk_no;
  int hdr_version;
  
  /* getopts */
  int c;
  int optError;
  char inFile[512] = "";
  char outFile[512] = "";
  char passphrase[512];
  int kflag = 0, iflag = 0, oflag = 0, pflag = 0, mflag = 0;
  int verbose = 0;
  extern char *optarg;
  extern int optind, optopt;

  memset(hmacsha1_key_str, '0', sizeof(hmacsha1_key_str)-1);
  hmacsha1_key_str[sizeof(hmacsha1_key_str)-1] = '\0';

  optError = 0;
  while((c = getopt(argc, argv, "hvi:o::p::k:m:")) != -1){
    switch(c) {
    case 'h':      
      usage("Help is on the way. Stay calm.");
      break;
    case 'v':      
      verbose = verbose + 1;
      break;
    case 'i':
      if(optarg) {
	strncpy(inFile, optarg, sizeof(inFile)-1);
      } 
      iflag = 1;
      break;
    case 'o':
      if (optarg) {
	strncpy(outFile, optarg, sizeof(outFile)-1);
      }
      oflag = 1;
      break;
    case 'p':
      if (optarg) {
	strncpy(passphrase, optarg, sizeof(passphrase)-1);
      }
      pflag = 1;
      break;
    case 'k':
      if (optarg) {
	if (strlen(optarg) == 2*(16+20)) {
	  strncpy(aes_key_str, optarg, sizeof(aes_key_str));
	  aes_key_str[sizeof(aes_key_str)-1] = '\0';
	  strncpy(hmacsha1_key_str, optarg+(2*16), sizeof(hmacsha1_key_str));
	  hmacsha1_key_str[sizeof(hmacsha1_key_str)-1] = '\0';
	  mflag = 1;
	} else if(strlen(optarg) == 2*16) {
	  strncpy(aes_key_str, optarg, sizeof(aes_key_str));
	  aes_key_str[sizeof(aes_key_str)-1] = '\0';
	} else {
	  usage("you should either specify a aeskey||hmacsha1key or simply aeskey");
	  optError++;
	}
      }
      kflag = 1;
      break;
    case 'm':
      if (mflag) {
	usage("hmacsha1 key has already been specified!");
	optError++;
      }
      if (optarg && strlen(optarg) == 2*20) {
	strncpy(hmacsha1_key_str, optarg, sizeof(hmacsha1_key_str));
	hmacsha1_key_str[sizeof(hmacsha1_key_str)-1] = '\0';
      } else {
        usage("Perhaps you'd like to give us 40 hex bytes of the HMACSHA1 key?");
	optError++;
      }
      mflag = 1;
      break;
    case '?':
      fprintf(stderr, "Unknown option: -%c\n", optopt);
      optError++;
      break;
    }
  }

  /* check to see if our user gave incorrect options */
  if (optError) {
    usage("Incorrect arguments.");
  }

  if (strlen(inFile) == 0) {
    in = stdin; 
  } else {
    if ((in = fopen(inFile, "rb")) == NULL) {
      fprintf(stderr, "Error: unable to open %s\n", inFile);
      exit(1);
    }
  }

  if (strlen(outFile) == 0) {
    out = stdout;
  } else {
    if ((out = fopen(outFile, "wb")) == NULL) {
      fprintf(stderr, "Error: unable to open %s\n", outFile);
      exit(1);
    }
  }

  /* Obviously change this if we implement brute force methods inside vfdecrypt */
  if (!kflag && !pflag) {
    fprintf(stderr, "Neither a passphrase nor a valid key/hmac combo were given.\n");
    exit(1);
  }

  if (kflag && !mflag) {
    fprintf(stderr, "Setting HMAC-SHA1 key to all zeros!\n");
  }

  hdr_version = determine_header_version(in);
 
  if (verbose >= 1) {
    if (hdr_version > 0) {
      fprintf(stderr, "v%d header detected.\n", hdr_version);
    } else {
      fprintf(stderr, "unknown format.\n");
      exit(1);
    }
  }

  if (hdr_version == 1) {
    fseek(in, (long) -sizeof(cencrypted_v1_header), SEEK_END);
    if (fread(&v1header, sizeof(cencrypted_v1_header), 1, in) < 1) {
      fprintf(stderr, "header corrupted?\n"), exit(1);
    }
    adjust_v1_header_byteorder(&v1header);
    if(!kflag) unwrap_v1_header(passphrase, &v1header, aes_key, hmacsha1_key);
  }
  
  if (hdr_version == 2) {
    fseek(in, 0L, SEEK_SET);
    if (fread(&v2header, sizeof(cencrypted_v2_pwheader), 1, in) < 1) {
      fprintf(stderr, "header corrupted?\n"), exit(1);
    }
    adjust_v2_header_byteorder(&v2header);
    if (verbose >= 1) {
      dump_v2_header(&v2header);
    }
    if(!kflag) unwrap_v2_header(passphrase, &v2header, aes_key, hmacsha1_key);
    CHUNK_SIZE = v2header.blocksize;
  }

  if (kflag) {
    convert_hex(aes_key_str, aes_key, 16);
    convert_hex(hmacsha1_key_str, hmacsha1_key, 20);
  }
  
  HMAC_CTX_init(&hmacsha1_ctx);
  HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL);
  AES_set_decrypt_key(aes_key, CIPHER_KEY_LENGTH * 8, &aes_decrypt_key);

  if (verbose >= 1) {
    fprintf(stderr, "aeskey:\n");
    print_hex(stderr, aes_key, 16);
  }
  if (verbose >= 1) {
    fprintf(stderr, "hmacsha1key:\n");
    print_hex(stderr, hmacsha1_key, 20);
  }
  if (hdr_version == 2) {
    if (verbose >= 1) {
      fprintf(stderr, "data offset : %llu\n", v2header.dataoffset);
      fprintf(stderr, "data size   : %llu\n", v2header.datasize);
    }
    fseek(in, v2header.dataoffset, SEEK_SET);
  } else  {
    fseek(in, 0L, SEEK_SET);
  }

  chunk_no = 0;
  while(fread(inbuf, CHUNK_SIZE, 1, in) > 0) {
    decrypt_chunk(inbuf, outbuf, chunk_no);
    chunk_no++;
    // fix for last chunk
    if(hdr_version == 2 && (v2header.datasize-ftell(out)) < CHUNK_SIZE) {
      fwrite(outbuf, v2header.datasize - ftell(out), 1, out);
      break;
    }
    fwrite(outbuf, CHUNK_SIZE, 1, out);
  }
  if (verbose >= 1) {
    fprintf(stderr, "%d chunks written\n", chunk_no);
  }
  fclose(in);
  fclose(out);
  return(0);
}