CVS commit: othersrc/crypto/external/bsd/ssss/ssss
Module Name:othersrc
Committed By: agc
Date: Sat Mar 10 21:18:04 UTC 2012
Modified Files:
othersrc/crypto/external/bsd//: Makefile
Log Message:
don't link with libthreshold any more
run simple tests in place without requiring lib installation
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 othersrc/crypto/external/bsd///Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/crypto/external/bsd///Makefile
diff -u othersrc/crypto/external/bsd///Makefile:1.1.1.1 othersrc/crypto/external/bsd///Makefile:1.2
--- othersrc/crypto/external/bsd///Makefile:1.1.1.1 Mon Mar 21 05:43:37 2011
+++ othersrc/crypto/external/bsd///Makefile Sat Mar 10 21:18:03 2012
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.1.1.1 2011/03/21 05:43:37 agc Exp $
+# $NetBSD: Makefile,v 1.2 2012/03/10 21:18:03 agc Exp $
.include
@@ -7,9 +7,6 @@ CPPFLAGS+= -I${EXTDIST}/include
LIBDIR!= cd ${.CURDIR}/../lib && ${PRINTOBJDIR}
LDADD+= -L${LIBDIR} -l
DPADD+= ${LIBDIR}/lib.a
-LIBTHRESHDIR!= cd ${.CURDIR}/../../../../../external/bsd/threshold/libthreshold && ${PRINTOBJDIR}
-LDADD+= -L${LIBTHRESHDIR} -lthreshold
-DPADD+= ${LIBTHRESHDIR}/libthreshold.a
USE_FORT?= yes
@@ -27,16 +24,16 @@ EXTDIST=${.CURDIR}/../dist
t test tst: $(PROG)
cp /etc/group secretfile
- ./${PROG} -t 3/10 secretfile
+ env LD_LIBRARY_PATH=${LIBDIR} ./${PROG} -t 3/10 secretfile
ls -al secretfile.0*
- ./${PROG} -j -o secretfile.recons secretfile.004 secretfile.002 secretfile.003
+ env LD_LIBRARY_PATH=${LIBDIR} ./${PROG} -j -o secretfile.recons secretfile.004 secretfile.002 secretfile.003
diff secretfile secretfile.recons
- ./${PROG} -t 2/10 < secretfile
- ls -al threshold.0*
- ./${PROG} -j -o secretfile.mem threshold.002 threshold.003
+ env LD_LIBRARY_PATH=${LIBDIR} ./${PROG} -t 2/10 < secretfile
+ ls -al .0*
+ env LD_LIBRARY_PATH=${LIBDIR} ./${PROG} -j -o secretfile.mem .002 .003
-diff secretfile secretfile.mem
- rm threshold.*
- ./${PROG} -t 5/10 -i
- ls -al threshold.0*
- ./${PROG} -j threshold.004 threshold.002 threshold.003 threshold.005 threshold.007
- rm -f secretfile.recons secretfile.0* secretfile secretfile.mem threshold.*
+ rm .*
+ env LD_LIBRARY_PATH=${LIBDIR} ./${PROG} -t 5/10 -i
+ ls -al .0*
+ env LD_LIBRARY_PATH=${LIBDIR} ./${PROG} -j .004 .002 .003 .005 .007
+ rm -f secretfile.recons secretfile.0* secretfile secretfile.mem .*
CVS commit: othersrc/crypto/external/bsd/ssss/dist/src/libssss
Module Name:othersrc Committed By: agc Date: Sat Mar 10 21:15:27 UTC 2012 Modified Files: othersrc/crypto/external/bsd//dist/src/lib: secsplit.c Log Message: restore correct operation for odd-sized files To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 \ othersrc/crypto/external/bsd//dist/src/lib/secsplit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: othersrc/crypto/external/bsd//dist/src/lib/secsplit.c diff -u othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.8 othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.9 --- othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.8 Fri Mar 9 06:37:23 2012 +++ othersrc/crypto/external/bsd//dist/src/lib/secsplit.c Sat Mar 10 21:15:27 2012 @@ -15,26 +15,74 @@ * pieces give NO information about the original file (except its * length). * + * It has been written for and tested on DOS and Unix systems. + * + * To split up a file, use the command; secsplit n k file where n is + * the number of pieces to split it up to, and k is the number of + * pieces needed to reconstruct it. k should be <= n and > 1. If you + * get n and k backwards the program will swap them for you so don't + * worry too much about remembering the order. + * + * The program will output to file.001, file.002, If the file has + * an extension (e.g. "file.c") the extension will be stripped off + * before the ".001", etc., are added (so "file.c" will also output to + * "file.001", etc.). + * + * To reconstruct a file, use the command: + *secsplit k file.* + * or + *secsplit k file file1 file2... + * * k should be >= the k used when the file was split; the minimum * number of pieces needed to reconstruct the file. If you have too * few pieces then the program won't give an error, but you'll get the * wrong answer. * + * The first command form is for DOS or other systems which won't + * expand the ".*" for you; the program scans for file.000, file.001, + * etc., and uses the first k of them that it finds. In the second + * form, the number of files given should be at least k, and again the + * first k of them will be used. + * + * The output in the first form will be file.out; in the second form + * it will be the first file on the command line, stripped of its + * extension, and with ".out" added, so generally it will be file.out + * too. + * * Shamir's algorithm relies on cryptographically strong, unguessable, * random numbers. This version of the program uses the arc4random(3) * interface. * - * The files consist of a series of 16-bit values (high byte first), - * which are the result of applying Shamir's splitting algorithm to - * the input file taken in 16-bit chunks. The prime used is slightly - * less than 2^16. + * Revision history: + *Version 1.0 October 23, 1993 + * + *Version 1.1 October 24, 1993 + * Added IDEA-based random-number-generator, initialized by MD5 + * of input file, plus the time of day. + * + *Version 1.2 March 31, 2000 Damien Miller + * Removed IDEA-based random-number generator in favour of + * /dev/random. Removed MSDOSisms. Rearranged source code and + * formatting according to OpenBSD style(9) + * + * + * The file formats used for output are as follows. Each file starts + * with one byte which is the index, from 1 through n, of that file. + * This is the x value used for the polynomial evaluation in Shamir's + * algorithm. The files then consist of a series of 16-bit values + * (high byte first), which are the result of applying Shamir's + * splitting algorithm to the input file taken in 16-bit chunks. The + * prime used is slightly less than 2^16, meaning that input data + * values close to 2^16 get turned into a pair of values (see below + * for more information on this expansion). * * If the input file is of even length, the output files will each by * of that length+1 (because of the 1 byte at the beginning). If the * input file is of odd length, the input is padded with a random byte * and processed normally to get a pair of output bytes, then each * output file is padded with an extra random byte to indicate this - * fact. So all output files should have an even number of bytes. + * fact. So output files which have an odd length correspond to input + * files with an even length, and vice versa. * * The output files could have encoded k and n information, but this * could be helpful to an attacker (he would know when he was close to @@ -44,12 +92,34 @@ * The file formats are system-independent so files split on one kind * of machine should be able to be reassembled on another kind of * machine. - */ -/* - * This source code has been cruelly munged around, and very little - * (if any) is left of the original sources. I have left the original - * leading co
CVS commit: othersrc/crypto/external/bsd/ssss/dist/src/libssss
Module Name:othersrc Committed By: agc Date: Fri Mar 9 06:37:23 UTC 2012 Modified Files: othersrc/crypto/external/bsd//dist/src/lib: secsplit.c Log Message: + don't allocate space if we're passed an in-memory array as either a source or a destination of split/combine + fix up the split_vec/combine_vec combinatino so that they both work a bit better now - still some work needed here, though + free the internal s4 structure as part of the combine/combine_vec operation, rather than doing it in _end(). We know at that stage that we have allocated it, and the principle of freeing memory in the same place in the calling stack as it was allocated still applies + rip out parts of the initial comment which aren't really accurate any more - i'm not sure there's that much of the original code left To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 \ othersrc/crypto/external/bsd//dist/src/lib/secsplit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: othersrc/crypto/external/bsd//dist/src/lib/secsplit.c diff -u othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.7 othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.8 --- othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.7 Thu Mar 8 02:44:06 2012 +++ othersrc/crypto/external/bsd//dist/src/lib/secsplit.c Fri Mar 9 06:37:23 2012 @@ -15,74 +15,26 @@ * pieces give NO information about the original file (except its * length). * - * It has been written for and tested on DOS and Unix systems. - * - * To split up a file, use the command; secsplit n k file where n is - * the number of pieces to split it up to, and k is the number of - * pieces needed to reconstruct it. k should be <= n and > 1. If you - * get n and k backwards the program will swap them for you so don't - * worry too much about remembering the order. - * - * The program will output to file.001, file.002, If the file has - * an extension (e.g. "file.c") the extension will be stripped off - * before the ".001", etc., are added (so "file.c" will also output to - * "file.001", etc.). - * - * To reconstruct a file, use the command: - *secsplit k file.* - * or - *secsplit k file file1 file2... - * * k should be >= the k used when the file was split; the minimum * number of pieces needed to reconstruct the file. If you have too * few pieces then the program won't give an error, but you'll get the * wrong answer. * - * The first command form is for DOS or other systems which won't - * expand the ".*" for you; the program scans for file.000, file.001, - * etc., and uses the first k of them that it finds. In the second - * form, the number of files given should be at least k, and again the - * first k of them will be used. - * - * The output in the first form will be file.out; in the second form - * it will be the first file on the command line, stripped of its - * extension, and with ".out" added, so generally it will be file.out - * too. - * * Shamir's algorithm relies on cryptographically strong, unguessable, * random numbers. This version of the program uses the arc4random(3) * interface. * - * Revision history: - *Version 1.0 October 23, 1993 - * - *Version 1.1 October 24, 1993 - * Added IDEA-based random-number-generator, initialized by MD5 - * of input file, plus the time of day. - * - *Version 1.2 March 31, 2000 Damien Miller - * Removed IDEA-based random-number generator in favour of - * /dev/random. Removed MSDOSisms. Rearranged source code and - * formatting according to OpenBSD style(9) - * - * - * The file formats used for output are as follows. Each file starts - * with one byte which is the index, from 1 through n, of that file. - * This is the x value used for the polynomial evaluation in Shamir's - * algorithm. The files then consist of a series of 16-bit values - * (high byte first), which are the result of applying Shamir's - * splitting algorithm to the input file taken in 16-bit chunks. The - * prime used is slightly less than 2^16, meaning that input data - * values close to 2^16 get turned into a pair of values (see below - * for more information on this expansion). + * The files consist of a series of 16-bit values (high byte first), + * which are the result of applying Shamir's splitting algorithm to + * the input file taken in 16-bit chunks. The prime used is slightly + * less than 2^16. * * If the input file is of even length, the output files will each by * of that length+1 (because of the 1 byte at the beginning). If the * input file is of odd length, the input is padded with a random byte * and processed normally to get a pair of output bytes, then each * output file is padded with an extra random byte to indicate this - * fact. So output files which have an odd length correspond to
CVS commit: othersrc/crypto/external/bsd/ssss/dist
Module Name:othersrc
Committed By: agc
Date: Thu Mar 8 02:44:06 UTC 2012
Modified Files:
othersrc/crypto/external/bsd//dist/include: .h
othersrc/crypto/external/bsd//dist/src/lib: lib.3
secsplit.c
Log Message:
Update the code:
+ add the ability to encode split shares as 16bit or 24-bit values,
which greatly simplifies input and output, and allows constant-sized
output for given inputs. This also gives us the ability to use larger
primes, although space is wasted with these, and it's not immediately
obvious what advantage would accrue. But it's there, just in case.
+ we advertise being able to do 255 (_MAX_SHARES) shares - so
complete the inverse table for GF(16) arithmetic modulo P for 256
values
+ use _MAX_SHARES (255) internally, rather than the previous
internal (and much smaller) limits
+ simplify the I/O in this library - it was a remnant from 1993
+ remove private structs and definitions from the header file - they're
not part of the public interface, and shouldn't be exposed
+ add _split_vec() and _combine_vec() which give input and
oputput to split and combine via struct iovec
+ update the manual page
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 \
othersrc/crypto/external/bsd//dist/include/.h
cvs rdiff -u -r1.2 -r1.3 \
othersrc/crypto/external/bsd//dist/src/lib/lib.3
cvs rdiff -u -r1.6 -r1.7 \
othersrc/crypto/external/bsd//dist/src/lib/secsplit.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/crypto/external/bsd//dist/include/.h
diff -u othersrc/crypto/external/bsd//dist/include/.h:1.2 othersrc/crypto/external/bsd//dist/include/.h:1.3
--- othersrc/crypto/external/bsd//dist/include/.h:1.2 Tue Feb 21 05:25:42 2012
+++ othersrc/crypto/external/bsd//dist/include/.h Thu Mar 8 02:44:05 2012
@@ -26,6 +26,7 @@
#define _H_ 20120220
#include
+#include
#include
#include
@@ -45,20 +46,10 @@ __BEGIN_DECLS
enum {
_MAX_SHARES = 256,
- _MAGIC_LENGTH = 4,
-
_SPLIT_SOURCE = _MAX_SHARES,
_JOIN_DEST = _MAX_SHARES
};
-/* threshold header written to output file when splitting */
-typedef struct s4_head_t {
- char magic[_MAGIC_LENGTH]; /* magic string */
- uint8_t coeff; /* coefficient of this share */
- uint8_t pad[3]; /* padding character */
- uint64_t size; /* size of original file */
-} s4_head_t;
-
/* io vector - look familiar? */
typedef struct _iovec_t {
size_t size; /* size of vector */
@@ -84,24 +75,23 @@ typedef struct _t {
} _t;
/* initialisation function */
-int _init(_t *, unsigned, unsigned);
+int _init(_t */**/, unsigned, unsigned);
/* split functions */
-int _split(_t *);
+int _split(_t */**/);
+int _split_vec(_t */**/, const char */*buf*/, size_t /*size*/, struct iovec */*iov*/, int /*iovc*/);
/* reconstruction functions */
-int _combine(_t *);
-
-/* join function */
-int _join(_t *);
+int _combine(_t */**/);
+int _combine_vec(_t */**/, struct iovec */*iov*/, int /*iovc*/, char */*buf*/, size_t /*size*/);
/* functions to retrieve a share or the result of a join */
-int _add_share(_t *, unsigned, const void *, ssize_t);
-int _get_share(_t *, unsigned, void **, size_t *);
-int _write_share(_t *, unsigned, const char *);
+int _add_share(_t */**/, unsigned, const void *, ssize_t);
+int _get_share(_t */**/, unsigned, void **, size_t *);
+int _write_share(_t */**/, unsigned, const char *);
/* finalisation function */
-int _end(_t *);
+int _end(_t */**/);
__END_DECLS
Index: othersrc/crypto/external/bsd//dist/src/lib/lib.3
diff -u othersrc/crypto/external/bsd//dist/src/lib/lib.3:1.2 othersrc/crypto/external/bsd//dist/src/lib/lib.3:1.3
--- othersrc/crypto/external/bsd//dist/src/lib/lib.3:1.2 Mon Mar 21 14:44:47 2011
+++ othersrc/crypto/external/bsd//dist/src/lib/lib.3 Thu Mar 8 02:44:06 2012
@@ -1,6 +1,6 @@
-.\" $NetBSD: lib.3,v 1.2 2011/03/21 14:44:47 wiz Exp $
+.\" $NetBSD: lib.3,v 1.3 2012/03/08 02:44:06 agc Exp $
.\"
-.\" Copyright (c) 2010,2011 Alistair Crooks
+.\" Copyright (c) 2010-2012 Alistair Crooks
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
@@ -23,7 +23,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"/
-.Dd April 13, 2010
+.Dd March 7, 2012
.Dt LIB 3
.Os
.Sh NAME
@@ -37,48 +37,42 @@
The following functions split the input into shared parts:
.Ft int
.Fo _init
-.Fa "threshold_t *thresh" "c
CVS commit: othersrc/crypto/external/bsd/ssss
Module Name:othersrc
Committed By: agc
Date: Tue Feb 21 05:25:42 UTC 2012
Modified Files:
othersrc/crypto/external/bsd//dist/include: .h
othersrc/crypto/external/bsd//dist/src/lib: secsplit.c
othersrc/crypto/external/bsd//dist/src/: main.c
othersrc/crypto/external/bsd//lib: Makefile
Removed Files:
othersrc/crypto/external/bsd//dist/src/lib: internal.h
threshold.c
Log Message:
Numerous changes to (1) and lib(3):
+ don't use the threshold headers any more - just use our own
header
+ "" is the only algorithm supported by (1)
+ add back (seamless) file I/O functionality, in the case that a
memory mapping, or subsequent memory allocation, fails
+ don't store information in the share header which could be used
as part of an attack (specifically the threshold and total number of
shares).
+ size the extra memory required on a much better estimate of the size
needed, rather than a constant size
+ get rid of unneeded files, now that everything has been cleaned up
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
othersrc/crypto/external/bsd//dist/include/.h
cvs rdiff -u -r1.1.1.1 -r0 \
othersrc/crypto/external/bsd//dist/src/lib/internal.h
cvs rdiff -u -r1.5 -r1.6 \
othersrc/crypto/external/bsd//dist/src/lib/secsplit.c
cvs rdiff -u -r1.3 -r0 \
othersrc/crypto/external/bsd//dist/src/lib/threshold.c
cvs rdiff -u -r1.2 -r1.3 \
othersrc/crypto/external/bsd//dist/src//main.c
cvs rdiff -u -r1.1.1.1 -r1.2 \
othersrc/crypto/external/bsd//lib/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/crypto/external/bsd//dist/include/.h
diff -u othersrc/crypto/external/bsd//dist/include/.h:1.1.1.1 othersrc/crypto/external/bsd//dist/include/.h:1.2
--- othersrc/crypto/external/bsd//dist/include/.h:1.1.1.1 Mon Mar 21 05:43:35 2011
+++ othersrc/crypto/external/bsd//dist/include/.h Tue Feb 21 05:25:42 2012
@@ -23,12 +23,12 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _H_
-#define _H_ 20110320
+#define _H_ 20120220
#include
#include
-#include
+#include
#ifndef __BEGIN_DECLS
# if defined(__cplusplus)
@@ -42,30 +42,66 @@
__BEGIN_DECLS
+enum {
+ _MAX_SHARES = 256,
+
+ _MAGIC_LENGTH = 4,
+
+ _SPLIT_SOURCE = _MAX_SHARES,
+ _JOIN_DEST = _MAX_SHARES
+};
+
+/* threshold header written to output file when splitting */
+typedef struct s4_head_t {
+ char magic[_MAGIC_LENGTH]; /* magic string */
+ uint8_t coeff; /* coefficient of this share */
+ uint8_t pad[3]; /* padding character */
+ uint64_t size; /* size of original file */
+} s4_head_t;
+
+/* io vector - look familiar? */
+typedef struct _iovec_t {
+ size_t size; /* size of vector */
+ uint8_t *base; /* its base */
+} _iovec_t;
+
+/* a threshold string */
+typedef struct _str_t {
+ unsigned iotype; /* type of input mechanism */
+ size_t c; /* # of chars */
+ _iovec_t io; /* iovec */
+ FILE *fp; /* file descriptor */
+} _str_t;
+
+/* structure to hold threshold information */
+typedef struct _t {
+ void *handle; /* implementation internals */
+ unsigned sharesc; /* total # of shares */
+ unsigned threshold; /* # of shares in quorum */
+ unsigned strsize; /* size of share */
+ unsigned availc; /* # of shares we have added */
+ _str_t shares[_MAX_SHARES + 1]; /* the shares themselves */
+} _t;
+
/* initialisation function */
-int _init(threshold_t *, const char *, unsigned, unsigned);
+int _init(_t *, unsigned, unsigned);
/* split functions */
-int _split(threshold_t *);
+int _split(_t *);
/* reconstruction functions */
-int _combine(threshold_t *);
+int _combine(_t *);
/* join function */
-int _join(threshold_t *);
+int _join(_t *);
/* functions to retrieve a share or the result of a join */
-int _add_share(threshold_t *, unsigned, const void *, ssize_t);
-int _get_share(threshold_t *, unsigned, void **, size_t *);
-int _write_share(threshold_t *, unsigned, const char *);
-
-/* header functions */
-int _sane_header(thresh_head_t *, thresh_head_t *);
-int _get_header(thresh_head_t *, const uint8_t *);
-int _fmt_header(thresh_head_t *, const char *, unsigned, unsigned, uint64_t);
+int _add_share(_t *, unsigned, const void *, ssize_t);
+int _get_share(_t *, unsigned, void **, size_t *);
+int _write_share(_t *, unsigned, const char *);
/* finalisation function */
-int _end(threshold_t *);
+int _end(_t *);
__END_DECLS
Index: othersrc/crypto/external/bsd//dist/src/lib/secsplit.c
diff -u othersrc/crypto/external/bsd//dist/src/lib/secsp
CVS commit: othersrc/crypto/external/bsd/ssss/dist/src/libssss
Module Name:othersrc
Committed By: agc
Date: Mon Feb 20 06:54:01 UTC 2012
Modified Files:
othersrc/crypto/external/bsd//dist/src/lib: secsplit.c
Log Message:
minor cosmetic changes to make this more readable - no functional change
To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 \
othersrc/crypto/external/bsd//dist/src/lib/secsplit.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/crypto/external/bsd//dist/src/lib/secsplit.c
diff -u othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.4 othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.5
--- othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.4 Sat Feb 18 02:17:42 2012
+++ othersrc/crypto/external/bsd//dist/src/lib/secsplit.c Mon Feb 20 06:54:01 2012
@@ -365,9 +365,7 @@ interpolate(int *x, uint32_t *y, unsigne
unsigned i;
unsigned j;
- for (i = 0; i < n; i++) {
- alpha[i] = y[i];
- }
+ (void) memcpy(alpha, y, n * sizeof(alpha[0]));
for (i = 1; i < n; i++) {
for (j = n - 1; j >= i; j--) {
if (alpha[j] > alpha[j - 1]) {
@@ -381,11 +379,7 @@ interpolate(int *x, uint32_t *y, unsigne
}
product = alpha[n - 1];
for (i = n - 2; (int)i >= 0; i--) {
- if (x[i] > 0) {
- product *= 0 - x[i] + LARGEST_PRIME;
- } else {
- product *= 0 - x[i];
- }
+ product *= -x[i] + ((x[i] > 0) ? LARGEST_PRIME : 0);
product += alpha[i];
product %= LARGEST_PRIME;
}
@@ -447,7 +441,7 @@ get_assemble(s4_t *s4, unsigned nin, thr
}
/*
- * Given a set of nin file descriptors, assemble them to generate the
+ * Given a set of nin input descriptors, assemble them to generate the
* original file. This is the main routine for the assembly case.
*/
static int
CVS commit: othersrc/crypto/external/bsd/ssss/dist/src
Module Name:othersrc
Committed By: agc
Date: Sat Feb 18 02:17:42 UTC 2012
Modified Files:
othersrc/crypto/external/bsd//dist/src/lib: secsplit.c
threshold.c
othersrc/crypto/external/bsd//dist/src/: main.c
Log Message:
Various fixes to improve stability and code readability
+ previously not enough space was allocated for the unusual occurrence that
a 16-bit entity was greater than the largest 16bit prime (65521). Introduce
an overhead allocation which works around this issue
+ the largest prime is not about to change - define it, and don't bother
passing it as an argument to functions.
+ remove an extraneous "can't happen" call to exit()
+ fix some lint (as seen on amd64)
+ use better names for variables in the code
+ move occurrences of fprintf() to warn() - thanks, Christos!
+ use definitions instead of magic integer constants to make it obvious
what's happening with end of file, and odd-sized files
+ hold on information on input parsing in a separate struct, rather than
using arguments to functions
+ check input arguments to (1), and improve error checking in general
With this in place, (1) will now combine shares accessible through
httpdev(8) - which opens up a number of opportunities...
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 \
othersrc/crypto/external/bsd//dist/src/lib/secsplit.c
cvs rdiff -u -r1.2 -r1.3 \
othersrc/crypto/external/bsd//dist/src/lib/threshold.c
cvs rdiff -u -r1.1.1.1 -r1.2 \
othersrc/crypto/external/bsd//dist/src//main.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/crypto/external/bsd//dist/src/lib/secsplit.c
diff -u othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.3 othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.4
--- othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.3 Thu Oct 13 15:13:39 2011
+++ othersrc/crypto/external/bsd//dist/src/lib/secsplit.c Sat Feb 18 02:17:42 2012
@@ -128,6 +128,7 @@
#include
#include
+#include
#include
#include
#include
@@ -137,7 +138,7 @@
#include "threshold.h"
#include "internal.h"
-#define PRIME 65521
+#define LARGEST_PRIME 65521
#define S4_KMAX 48
#define S4_NMAX 48
@@ -147,7 +148,17 @@
#define S4_SMALLEST_INPUT 5
-/* Multiplicative inverses of 1-48 mod PRIME */
+#define S4_FILE_MAGIC "s4"
+
+#ifndef USE_ARG
+#define USE_ARG(x) /*LINTED*/(void)&(x)
+#endif
+
+#ifndef __arraycount
+#define __arraycount(__x) (sizeof(__x) / sizeof(__x[0]))
+#endif
+
+/* Multiplicative inverses of 1-48 mod LARGEST_PRIME */
static const int invtab[] = {
1, 32761, 43681, 49141, 52417, 54601, 56161, 57331,
58241, 58969, 11913, 60061, 60481, 60841, 61153, 61426,
@@ -160,16 +171,15 @@ static const int invtab[] = {
typedef struct s4_t {
unsigned extra; /* extra from last call */
unsigned magic; /* magic number */
- int have_extra; /* 16-bit entity input */
- int oddflag; /* last return included a pad */
- int seen[S4_KMAX]; /* if seen, then not the first */
- unsigned next_d1[S4_KMAX]; /* for two byte lookahead */
+ int padded; /* escaped 16-bit entity input */
+ int oddsizefile; /* last return included a pad */
+ int peek[S4_KMAX]; /* for two byte lookahead */
uint8_t sharesc; /* # of shares */
} s4_t;
/*** Code related to splitting */
-/* Return a random number from 0 to n-1. */
+/* Return a random number from 0 to x-1. */
#define CRANDOM(x) (uint32_t)(arc4random() % (x))
/*
@@ -179,77 +189,79 @@ typedef struct s4_t {
* poly = Polynomial coefficients
* n = # coefficients (order of polynomial + 1)
* i = Point to evaluate it at
- * mod = Modulus for evaluation
*/
static uint32_t
-eval(uint32_t *poly, unsigned n, unsigned i, uint32_t mod)
+eval(uint32_t *poly, unsigned n, unsigned i)
{
- u_int32_t prod; /* Accumulated product */
- int j; /* index */
+ uint32_t prod; /* Accumulated product */
+ int j; /* index */
prod = poly[n - 1];
for (j = (n - 1); --j >= 0; ) {
prod *= i;
prod += poly[j];
- prod %= mod;
+ prod %= LARGEST_PRIME;
}
return prod;
}
+#define _EOF -1
+#define _ODD_SIZED_FILE -2
+
/*
- * Return a 16-bit value from file f_in, but limit it to be less than limit.
- * Anything >= limit-1 gets returned as two consecutive values (on 2 calls).
- * Return -1 on EOF, or -2 if the previous return value had been padded
- * because the file had an odd # bytes.
+ * Return a 16-bit value from input, but limit it to be less than
+ * LARGEST_PRIME. Anything >= LARGEST_PRIME-1 gets returned as two
+ * consecutive values (on 2 calls). Return -1 on EOF, or -2 if the
+ * previous return value had been padded because the file had an odd #
+ * bytes.
*/
-static uint32_t
-get_limited_16(s4_t *s4, thresh_str_t *str, uint32_t li
CVS commit: othersrc/crypto/external/bsd/ssss/dist/src/libssss
Module Name:othersrc
Committed By: agc
Date: Fri Feb 17 02:11:18 UTC 2012
Modified Files:
othersrc/crypto/external/bsd//dist/src/lib: threshold.c
Log Message:
don't rely on an application (such as (1)) being able to mmap(2) the
shares it presents via lib - allocate space using calloc(3) if the mmap
fails.
this change allows us to use (1) to combine shares from different
websites, mounted using httpdev(8).
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
othersrc/crypto/external/bsd//dist/src/lib/threshold.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/crypto/external/bsd//dist/src/lib/threshold.c
diff -u othersrc/crypto/external/bsd//dist/src/lib/threshold.c:1.1.1.1 othersrc/crypto/external/bsd//dist/src/lib/threshold.c:1.2
--- othersrc/crypto/external/bsd//dist/src/lib/threshold.c:1.1.1.1 Mon Mar 21 05:43:35 2011
+++ othersrc/crypto/external/bsd//dist/src/lib/threshold.c Fri Feb 17 02:11:18 2012
@@ -85,6 +85,21 @@ swapheader(thresh_head_t *head)
head->size = (*(char *)(void *)&indian) ? head->size : (uint64_t)BSWAP64(head->size);
}
+/* allocate space from heap */
+static int
+allocate(thresh_str_t *share, const void *data, size_t size)
+{
+ if ((share->io.base = calloc(1, size)) == NULL) {
+ (void) fprintf(stderr, "allocate: can't calloc %zu\n", size);
+ return 0;
+ }
+ if (data) {
+ (void) memcpy(share->io.base, data, size);
+ }
+ share->io.size = size;
+ return 1;
+}
+
/**/
/* check we have a sane header */
@@ -134,6 +149,8 @@ _add_share(threshold_t *thresh, unsi
{
thresh_str_t *share;
struct stat st;
+ ssize_t rc;
+ ssize_t cc;
FILE *fp;
if (n != THRESH_MAX_SHARES) {
@@ -149,19 +166,23 @@ _add_share(threshold_t *thresh, unsi
share->io.size = (size_t)st.st_size;
share->io.base = mmap(NULL, share->io.size, PROT_READ, MAP_PRIVATE, fileno(fp), 0);
if (share->io.base == MAP_FAILED) {
- (void) fprintf(stderr, "ida_add_share: can't mmap file '%s'\n", (const char *)data);
- (void) fclose(fp);
- return 0;
+ if (!allocate(share, NULL, (size_t)st.st_size)) {
+return 0;
+ }
+ for (cc = 0 ; cc < st.st_size ; cc += rc) {
+if ((rc = read(fileno(fp), &share->io.base[cc], st.st_size - cc)) < 0) {
+ break;
+}
+ }
+ thresh->mapped[n] = ALLOCATED;
+ } else {
+ thresh->mapped[n] = MMAPPED;
}
- thresh->mapped[n] = MMAPPED;
+ (void) fclose(fp);
} else {
- if ((share->io.base = calloc(1, (size_t)size)) == NULL) {
- (void) fprintf(stderr, "ida_add_share: can't calloc %zu\n",
-(size_t)size);
+ if (!allocate(share, data, size)) {
return 0;
}
- (void) memcpy(share->io.base, data, (size_t)size);
- share->io.size = (size_t)size;
thresh->mapped[n] = ALLOCATED;
}
return 1;
CVS commit: othersrc/crypto/external/bsd/ssss/dist/src/libssss
Module Name:othersrc
Committed By: agc
Date: Thu Oct 13 15:13:39 UTC 2011
Modified Files:
othersrc/crypto/external/bsd//dist/src/lib: secsplit.c
Log Message:
remove a commented out line, and distribute the size allocation nearer
to where it's used: make sure there's enough space in the allocated
arrays, especially when odd numbers of bytes are being split/joined.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 \
othersrc/crypto/external/bsd//dist/src/lib/secsplit.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/crypto/external/bsd//dist/src/lib/secsplit.c
diff -u othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.2 othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.3
--- othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.2 Thu Aug 18 04:19:47 2011
+++ othersrc/crypto/external/bsd//dist/src/lib/secsplit.c Thu Oct 13 15:13:39 2011
@@ -466,7 +466,6 @@ assemble(s4_t *s4, thresh_str_t *inputs,
}
inputs[i].c += sizeof(heads[i]);
x[i] = heads[i].coeff;
- //inputs[i].io.size += 2;
}
for (;;) {
if ((d = get_assemble(s4, nin, inputs, x, mod, &oddflag)) == -1) {
@@ -532,7 +531,7 @@ split_memory(threshold_t *thresh, const
/* allocate space for outputs */
thresh->sharesc = (unsigned)sharesc;
for (i = 0 ; i < sharesc ; i++) {
- thresh->shares[i].io.size = memsize + sizeof(thresh_head_t);
+ thresh->shares[i].io.size = memsize + sizeof(thresh_head_t) + 2;
thresh->shares[i].c = 0;
if (thresh->shares[i].io.base == NULL &&
(thresh->shares[i].io.base = calloc(1, thresh->shares[i].io.size)) == NULL) {
@@ -579,7 +578,7 @@ int
s4_combine(threshold_t *thresh)
{
if (!join_memory(thresh, thresh->shares,
- thresh->shares[0].io.size, thresh->threshold,
+ thresh->shares[0].io.size - 2, thresh->threshold,
&thresh->shares[THRESH_JOIN_DEST])) {
return -1;
}
CVS commit: othersrc/crypto/external/bsd/ssss/dist/src/libssss
Module Name:othersrc Committed By: agc Date: Thu Aug 18 04:19:47 UTC 2011 Modified Files: othersrc/crypto/external/bsd//dist/src/lib: secsplit.c Log Message: With thanks to yamt for the heads-up, and to tls for the suggestion, needs a csprng - use arc4random(3) rather than random(3) for an unpredictable source of randomness. To generate a diff of this commit: cvs rdiff -u -r1.1.1.1 -r1.2 \ othersrc/crypto/external/bsd//dist/src/lib/secsplit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: othersrc/crypto/external/bsd//dist/src/lib/secsplit.c diff -u othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.1.1.1 othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.2 --- othersrc/crypto/external/bsd//dist/src/lib/secsplit.c:1.1.1.1 Mon Mar 21 05:43:35 2011 +++ othersrc/crypto/external/bsd//dist/src/lib/secsplit.c Thu Aug 18 04:19:47 2011 @@ -170,7 +170,7 @@ /*** Code related to splitting */ /* Return a random number from 0 to n-1. */ -#define CRANDOM(x) (uint32_t)(random() % (x)) +#define CRANDOM(x) (uint32_t)(arc4random() % (x)) /* * Evaluate the given polynomial, n coefficients, at point x=i.
CVS commit: othersrc/crypto/external/bsd/ssss
Module Name:othersrc Committed By: agc Date: Mon Mar 21 05:43:38 UTC 2011 Update of /cvsroot/othersrc/crypto/external/bsd/ In directory ivanova.netbsd.org:/tmp/cvs-serv27364 Log Message: Initial import of alternative threshold code to othersrc/crypto to perform Shamir's Secret Sharing Scheme. For more information on Sharmir's Secret Sharing Scheme ( or S4), please see: http://en.wikipedia.org/wiki/Shamir's_Secret_Sharing To re-iterate: this is a threshold scheme where an original secret is split into shares. When a threshold of shares is presented, the original secret can be reconstructed. This is closely related to the threshold routines previously imported into othersrc; the difference is that this code does not reveal any of the information in the original secret until a threshold of shares is presented. Compared to IDA, for example, an share is the same size as the original data (compared to originalsize / threshold for IDA), but provides privacy which IDA does not do. This implementation of keeps the same interface as the threshold(1) and libthreshold(3), for convenience sake. Status: Vendor Tag: CROOKS Release Tags: -base N othersrc/crypto/external/bsd//Makefile N othersrc/crypto/external/bsd//mkdist N othersrc/crypto/external/bsd//Makefile.inc N othersrc/crypto/external/bsd//dist/Makefile.am N othersrc/crypto/external/bsd//dist/TODO N othersrc/crypto/external/bsd//dist/aclocal.m4 N othersrc/crypto/external/bsd//dist/configure N othersrc/crypto/external/bsd//dist/configure.ac N othersrc/crypto/external/bsd//dist/libtool N othersrc/crypto/external/bsd//dist/tst N othersrc/crypto/external/bsd//dist/buildaux/config.guess N othersrc/crypto/external/bsd//dist/buildaux/config.sub N othersrc/crypto/external/bsd//dist/buildaux/depcomp N othersrc/crypto/external/bsd//dist/buildaux/install-sh N othersrc/crypto/external/bsd//dist/buildaux/ltmain.sh N othersrc/crypto/external/bsd//dist/buildaux/missing N othersrc/crypto/external/bsd//dist/include/.h N othersrc/crypto/external/bsd//dist/include/Makefile.am N othersrc/crypto/external/bsd//dist/src/Makefile.am N othersrc/crypto/external/bsd//dist/src/Makefile.in N othersrc/crypto/external/bsd//dist/src//.1 N othersrc/crypto/external/bsd//dist/src//Makefile.am N othersrc/crypto/external/bsd//dist/src//Makefile.in N othersrc/crypto/external/bsd//dist/src//main.c N othersrc/crypto/external/bsd//dist/src/lib/Makefile.am N othersrc/crypto/external/bsd//dist/src/lib/Makefile.in N othersrc/crypto/external/bsd//dist/src/lib/config.h.in N othersrc/crypto/external/bsd//dist/src/lib/internal.h N othersrc/crypto/external/bsd//dist/src/lib/lib.3 N othersrc/crypto/external/bsd//dist/src/lib/secsplit.c N othersrc/crypto/external/bsd//dist/src/lib/threshold.c N othersrc/crypto/external/bsd//dist/autom4te.cache/requests N othersrc/crypto/external/bsd//dist/autom4te.cache/output.0 N othersrc/crypto/external/bsd//dist/autom4te.cache/traces.0 N othersrc/crypto/external/bsd///Makefile N othersrc/crypto/external/bsd//lib/shlib_version N othersrc/crypto/external/bsd//lib/Makefile N othersrc/crypto/external/bsd//lib/config.h No conflicts created by this import
