Module Name: othersrc
Committed By: agc
Date: Tue Feb 21 05:25:42 UTC 2012
Modified Files:
othersrc/crypto/external/bsd/ssss/dist/include: ssss.h
othersrc/crypto/external/bsd/ssss/dist/src/libssss: secsplit.c
othersrc/crypto/external/bsd/ssss/dist/src/ssss: main.c
othersrc/crypto/external/bsd/ssss/libssss: Makefile
Removed Files:
othersrc/crypto/external/bsd/ssss/dist/src/libssss: internal.h
threshold.c
Log Message:
Numerous changes to ssss(1) and libssss(3):
+ don't use the threshold headers any more - just use our own
header
+ "ssss" is the only algorithm supported by ssss(1)
+ add back (seamless) file I/O functionality, in the case that a
memory mapping, or subsequent memory allocation, fails
+ don't store information in the ssss share header which could be used
as part of an attack (specifically the threshold and total number of
shares).
+ size the extra memory required on a much better estimate of the size
needed, rather than a constant size
+ get rid of unneeded files, now that everything has been cleaned up
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.1 -r1.2 \
othersrc/crypto/external/bsd/ssss/dist/include/ssss.h
cvs rdiff -u -r1.1.1.1 -r0 \
othersrc/crypto/external/bsd/ssss/dist/src/libssss/internal.h
cvs rdiff -u -r1.5 -r1.6 \
othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c
cvs rdiff -u -r1.3 -r0 \
othersrc/crypto/external/bsd/ssss/dist/src/libssss/threshold.c
cvs rdiff -u -r1.2 -r1.3 \
othersrc/crypto/external/bsd/ssss/dist/src/ssss/main.c
cvs rdiff -u -r1.1.1.1 -r1.2 \
othersrc/crypto/external/bsd/ssss/libssss/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/crypto/external/bsd/ssss/dist/include/ssss.h
diff -u othersrc/crypto/external/bsd/ssss/dist/include/ssss.h:1.1.1.1 othersrc/crypto/external/bsd/ssss/dist/include/ssss.h:1.2
--- othersrc/crypto/external/bsd/ssss/dist/include/ssss.h:1.1.1.1 Mon Mar 21 05:43:35 2011
+++ othersrc/crypto/external/bsd/ssss/dist/include/ssss.h Tue Feb 21 05:25:42 2012
@@ -23,12 +23,12 @@
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef SSSS_H_
-#define SSSS_H_ 20110320
+#define SSSS_H_ 20120220
#include <sys/types.h>
#include <inttypes.h>
-#include <threshold.h>
+#include <stdio.h>
#ifndef __BEGIN_DECLS
# if defined(__cplusplus)
@@ -42,30 +42,66 @@
__BEGIN_DECLS
+enum {
+ SSSS_MAX_SHARES = 256,
+
+ SSSS_MAGIC_LENGTH = 4,
+
+ SSSS_SPLIT_SOURCE = SSSS_MAX_SHARES,
+ SSSS_JOIN_DEST = SSSS_MAX_SHARES
+};
+
+/* threshold header written to output file when splitting */
+typedef struct s4_head_t {
+ char magic[SSSS_MAGIC_LENGTH]; /* magic string */
+ uint8_t coeff; /* coefficient of this share */
+ uint8_t pad[3]; /* padding character */
+ uint64_t size; /* size of original file */
+} s4_head_t;
+
+/* io vector - look familiar? */
+typedef struct ssss_iovec_t {
+ size_t size; /* size of vector */
+ uint8_t *base; /* its base */
+} ssss_iovec_t;
+
+/* a threshold string */
+typedef struct ssss_str_t {
+ unsigned iotype; /* type of input mechanism */
+ size_t c; /* # of chars */
+ ssss_iovec_t io; /* iovec */
+ FILE *fp; /* file descriptor */
+} ssss_str_t;
+
+/* structure to hold threshold information */
+typedef struct ssss_t {
+ void *handle; /* implementation internals */
+ unsigned sharesc; /* total # of shares */
+ unsigned threshold; /* # of shares in quorum */
+ unsigned strsize; /* size of share */
+ unsigned availc; /* # of shares we have added */
+ ssss_str_t shares[SSSS_MAX_SHARES + 1]; /* the shares themselves */
+} ssss_t;
+
/* initialisation function */
-int ssss_init(threshold_t *, const char *, unsigned, unsigned);
+int ssss_init(ssss_t *, unsigned, unsigned);
/* split functions */
-int ssss_split(threshold_t *);
+int ssss_split(ssss_t *);
/* reconstruction functions */
-int ssss_combine(threshold_t *);
+int ssss_combine(ssss_t *);
/* join function */
-int ssss_join(threshold_t *);
+int ssss_join(ssss_t *);
/* functions to retrieve a share or the result of a join */
-int ssss_add_share(threshold_t *, unsigned, const void *, ssize_t);
-int ssss_get_share(threshold_t *, unsigned, void **, size_t *);
-int ssss_write_share(threshold_t *, unsigned, const char *);
-
-/* header functions */
-int ssss_sane_header(thresh_head_t *, thresh_head_t *);
-int ssss_get_header(thresh_head_t *, const uint8_t *);
-int ssss_fmt_header(thresh_head_t *, const char *, unsigned, unsigned, uint64_t);
+int ssss_add_share(ssss_t *, unsigned, const void *, ssize_t);
+int ssss_get_share(ssss_t *, unsigned, void **, size_t *);
+int ssss_write_share(ssss_t *, unsigned, const char *);
/* finalisation function */
-int ssss_end(threshold_t *);
+int ssss_end(ssss_t *);
__END_DECLS
Index: othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c
diff -u othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c:1.5 othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c:1.6
--- othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c:1.5 Mon Feb 20 06:54:01 2012
+++ othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c Tue Feb 21 05:25:42 2012
@@ -50,10 +50,8 @@
* too.
*
* Shamir's algorithm relies on cryptographically strong, unguessable,
- * random numbers. This version of the program uses the /dev/urandom
- * interface to the kernel random number pool present on the free
- * Unices.
- *
+ * random numbers. This version of the program uses the arc4random(3)
+ * interface.
*
* Revision history:
* Version 1.0 October 23, 1993
@@ -135,8 +133,7 @@
#include <string.h>
#include <unistd.h>
-#include "threshold.h"
-#include "internal.h"
+#include "ssss.h"
#define LARGEST_PRIME 65521
@@ -150,6 +147,12 @@
#define S4_FILE_MAGIC "s4"
+enum {
+ SSSS_MEM_IO = 0,
+ SSSS_MAPPED_IO = 1,
+ SSSS_FILE_IO = 2
+};
+
#ifndef USE_ARG
#define USE_ARG(x) /*LINTED*/(void)&(x)
#endif
@@ -158,6 +161,8 @@
#define __arraycount(__x) (sizeof(__x) / sizeof(__x[0]))
#endif
+#define S4_IO_SPACE(x) (((x) * 2001) / 2000)
+
/* Multiplicative inverses of 1-48 mod LARGEST_PRIME */
static const int invtab[] = {
1, 32761, 43681, 49141, 52417, 54601, 56161, 57331,
@@ -177,6 +182,69 @@ typedef struct s4_t {
uint8_t sharesc; /* # of shares */
} s4_t;
+/* io stuff */
+#define BSWAP64(x) ((((x) & 0xffULL) << 56) | \
+ (((x) & 0xff00ULL) << 40) | \
+ (((x) & 0xff0000ULL) << 24) | \
+ (((x) & 0xff000000ULL) << 8) | \
+ (((x) & 0xff00000000ULL) >> 8) | \
+ (((x) & 0xff0000000000ULL) >> 24) | \
+ (((x) & 0xff000000000000ULL) >> 40) | \
+ (((x) & 0xff00000000000000ULL) >> 56))
+
+/* do 64bit integers in little-endian order */
+static void
+swapheader(s4_head_t *head)
+{
+ int indian = 1;
+
+ head->size = (*(char *)(void *)&indian) ? head->size : (uint64_t)BSWAP64(head->size);
+}
+
+/* check we have a sane header */
+static int
+sane_header(s4_head_t *head, s4_head_t *refhead)
+{
+ return (head->size == refhead->size);
+}
+
+/* read a header from the share, and return any info desired */
+static int
+get_header(s4_head_t *head, const uint8_t *mem)
+{
+ if (mem == NULL) {
+ return 0;
+ }
+ (void) memcpy(head, mem, sizeof(*head));
+ swapheader(head);
+ return 1;
+}
+
+/* format the output header for split files */
+static int
+fmt_header(s4_head_t *head, const char *type, uint64_t size)
+{
+ (void) memset(head, 0x0, sizeof(*head));
+ (void) snprintf(head->magic, sizeof(head->magic), "%s", type);
+ head->size = size;
+ swapheader(head);
+ return 1;
+}
+
+/* allocate space from heap */
+static int
+allocate(ssss_str_t *share, const void *data, size_t size)
+{
+ if ((share->io.base = calloc(1, size)) == NULL) {
+ return 0;
+ }
+ if (data) {
+ (void) memcpy(share->io.base, data, size);
+ }
+ share->io.size = size;
+ return 1;
+}
+
/******************* Code related to splitting *********************/
/* Return a random number from 0 to x-1. */
@@ -184,7 +252,7 @@ typedef struct s4_t {
/*
* Evaluate the given polynomial, n coefficients, at point x=i.
- * Do it mod the specified modulus.
+ * Do it mod the LARGEST_PRIME
*
* poly = Polynomial coefficients
* n = # coefficients (order of polynomial + 1)
@@ -208,6 +276,24 @@ eval(uint32_t *poly, unsigned n, unsigne
#define SSSS_EOF -1
#define SSSS_ODD_SIZED_FILE -2
+/* return the next character in the stream/memory array */
+static int
+ssss_getch(ssss_str_t *str, uint64_t last)
+{
+ int ch;
+
+ switch(str->iotype) {
+ case SSSS_MEM_IO:
+ case SSSS_MAPPED_IO:
+ return (str->c == last) ? SSSS_EOF : (int)(str->io.base[str->c++]);
+ case SSSS_FILE_IO:
+ return ((ch = fgetc(str->fp)) == EOF) ? SSSS_EOF : ch;
+ default:
+ warn("weird method '%d'", str->iotype);
+ return -1;
+ }
+}
+
/*
* Return a 16-bit value from input, but limit it to be less than
* LARGEST_PRIME. Anything >= LARGEST_PRIME-1 gets returned as two
@@ -216,9 +302,9 @@ eval(uint32_t *poly, unsigned n, unsigne
* bytes.
*/
static int
-get_limited_16(s4_t *s4, thresh_str_t *str, int *d)
+get_limited_16(s4_t *s4, ssss_str_t *str, int *d)
{
- unsigned c[2];
+ int c[2];
/* First check for leftover from last time */
if (s4->padded) {
@@ -231,17 +317,14 @@ get_limited_16(s4_t *s4, thresh_str_t *s
return SSSS_ODD_SIZED_FILE;
}
/* Read data (bigendian), do the magic */
- if (str->c == str->io.size) {
+ if ((c[0] = ssss_getch(str, str->io.size)) == SSSS_EOF) {
return SSSS_EOF;
}
- c[0] = str->io.base[str->c++];
- if (str->c == str->io.size) {
+ if ((c[1] = ssss_getch(str, str->io.size)) == SSSS_EOF) {
c[1] = CRANDOM(0x100);
s4->oddsizefile = 1;
- } else {
- c[1] = str->io.base[str->c++];
}
- *d = ((c[0] & 0xff) << 8) + (c[1] & 0xff);
+ *d = (((uint8_t)c[0] & 0xff) << 8) + ((uint8_t)c[1] & 0xff);
*d ^= s4->magic;
s4->magic = (s4->magic + S4_DMAGIC) & 0xffff;
/*
@@ -261,7 +344,7 @@ get_limited_16(s4_t *s4, thresh_str_t *s
* sharesc files such that any k of them can reconstruct it.
*/
static void
-split_out(uint32_t d, unsigned sharesc, unsigned k, thresh_str_t *shares)
+split_out(uint32_t d, unsigned sharesc, unsigned k, ssss_str_t *shares)
{
uint32_t poly[S4_KMAX];
uint32_t di;
@@ -290,14 +373,14 @@ split_out(uint32_t d, unsigned sharesc,
* k = Threshhold for re-assembl
*/
static void
-split(s4_t *s4, thresh_str_t *str, unsigned sharesc, unsigned k, thresh_str_t *shares)
+split(s4_t *s4, ssss_str_t *str, unsigned sharesc, unsigned k, ssss_str_t *shares)
{
- thresh_head_t head;
+ s4_head_t head;
unsigned i;
int d;
int ret;
- thresh_fmt_header(&head, S4_FILE_MAGIC, k, sharesc, str->io.size);
+ fmt_header(&head, S4_FILE_MAGIC, str->io.size);
for (i = 0; i < sharesc; i++) {
/* Prefix each file with "x" coordinate, 1 byte */
head.coeff = i + 1;
@@ -393,27 +476,25 @@ interpolate(int *x, uint32_t *y, unsigne
* two bytes ahead to know this.
*/
static int
-get_assemble_16(s4_t *s4, thresh_str_t *inputs, unsigned i)
+get_assemble_16(s4_t *s4, ssss_str_t *inputs, unsigned i)
{
int ch;
int c[2];
- if (inputs[i].c == sizeof(thresh_head_t)) {
+ if (inputs[i].c == sizeof(s4_head_t)) {
/* Get ahead the first time */
- c[0] = inputs[i].io.base[inputs[i].c++];
- c[1] = inputs[i].io.base[inputs[i].c++];
+ c[0] = ssss_getch(&inputs[i], inputs[i].io.size + 2);
+ c[1] = ssss_getch(&inputs[i], inputs[i].io.size + 2);
s4->peek[i] = ((c[0] & 0xff) << 8) + (c[1] & 0xff);
}
ch = s4->peek[i];
- if (inputs[i].c == inputs[i].io.size + 2) {
+ if ((c[0] = ssss_getch(&inputs[i], inputs[i].io.size + 2)) == SSSS_EOF) {
s4->peek[i] = SSSS_EOF;
} else {
- c[0] = inputs[i].io.base[inputs[i].c++];
- if (inputs[i].c == inputs[i].io.size + 2) {
+ if ((c[1] = ssss_getch(&inputs[i], inputs[i].io.size + 2)) == SSSS_EOF) {
s4->oddsizefile = 1;
s4->peek[i] = SSSS_EOF;
} else {
- c[1] = inputs[i].io.base[inputs[i].c++];
s4->peek[i] = ((c[0] & 0xff) << 8) + (c[1] & 0xff);
}
}
@@ -426,7 +507,7 @@ get_assemble_16(s4_t *s4, thresh_str_t *
* only the high 8 bits of this interpolated value are valid.
*/
static int
-get_assemble(s4_t *s4, unsigned nin, thresh_str_t *inputs, int *x, int *ret)
+get_assemble(s4_t *s4, unsigned nin, ssss_str_t *inputs, int *x, int *ret)
{
unsigned i;
int y[S4_KMAX];
@@ -445,9 +526,9 @@ get_assemble(s4_t *s4, unsigned nin, thr
* original file. This is the main routine for the assembly case.
*/
static int
-assemble(s4_t *s4, thresh_str_t *inputs, unsigned nin, thresh_str_t *output)
+assemble(s4_t *s4, ssss_str_t *inputs, unsigned nin, ssss_str_t *output)
{
- thresh_head_t heads[THRESH_MAX_SHARES];
+ s4_head_t heads[SSSS_MAX_SHARES];
uint32_t magic;
unsigned i;
int x[S4_KMAX];
@@ -455,8 +536,8 @@ assemble(s4_t *s4, thresh_str_t *inputs,
magic = S4_IMAGIC;
for (i = 0; i < nin; i++) {
- thresh_get_header(&heads[i], inputs[i].io.base);
- if (!thresh_sane_header(&heads[i], &heads[0])) {
+ get_header(&heads[i], inputs[i].io.base);
+ if (!sane_header(&heads[i], &heads[0])) {
warn("insane ssss header %u", i);
return 0;
}
@@ -500,14 +581,14 @@ check_values(unsigned threshold, unsigne
/* split the secret file into shares */
static int
-split_memory(threshold_t *thresh, const void *secret, size_t memsize, unsigned threshold, unsigned sharesc)
+split_memory(ssss_t *ssss, const void *secret, size_t memsize, unsigned threshold, unsigned sharesc)
{
- thresh_str_t mem;
+ ssss_str_t mem;
unsigned i;
char small[8];
s4_t *s4;
- s4 = thresh->handle;
+ s4 = ssss->handle;
if (!check_values(threshold, sharesc)) {
return 0;
}
@@ -520,33 +601,32 @@ split_memory(threshold_t *thresh, const
mem.io.base = (uint8_t *)__UNCONST(secret);
}
/* allocate space for outputs */
- thresh->sharesc = (unsigned)sharesc;
+ ssss->sharesc = (unsigned)sharesc;
for (i = 0 ; i < sharesc ; i++) {
- /* need space to grow for chars */
- /* 8192 is a fudge factor here */
- thresh->shares[i].io.size = memsize + sizeof(thresh_head_t) + 2 + 8192;
- thresh->shares[i].c = 0;
- if (thresh->shares[i].io.base == NULL &&
- (thresh->shares[i].io.base = calloc(1, thresh->shares[i].io.size)) == NULL) {
+ /* need space to grow for padded chars */
+ ssss->shares[i].io.size = S4_IO_SPACE(memsize + sizeof(s4_head_t) + 2);
+ ssss->shares[i].c = 0;
+ if (ssss->shares[i].io.base == NULL &&
+ (ssss->shares[i].io.base = calloc(1, ssss->shares[i].io.size)) == NULL) {
warn("Bad alloc");
return 0;
}
}
/* Do the work */
- split(s4, &mem, sharesc, threshold, thresh->shares);
+ split(s4, &mem, sharesc, threshold, ssss->shares);
return 1;
}
/* reconstruct the shares from memory */
static int
-join_memory(threshold_t *thresh, thresh_str_t *input, size_t bytes, unsigned filec, thresh_str_t *str)
+join_memory(ssss_t *ssss, ssss_str_t *input, size_t bytes, unsigned filec, ssss_str_t *str)
{
s4_t *s4;
- s4 = thresh->handle;
+ s4 = ssss->handle;
(void) memset(str, 0x0, sizeof(*str));
if (str->io.base == NULL &&
- (str->io.base = calloc(1, str->io.size = bytes - sizeof(thresh_head_t))) == NULL) {
+ (str->io.base = calloc(1, str->io.size = bytes - sizeof(s4_head_t))) == NULL) {
warn("Bad alloc %zu bytes", bytes);
return 0;
}
@@ -554,56 +634,188 @@ join_memory(threshold_t *thresh, thresh_
return assemble(s4, input, filec, str);
}
-/******************** exported functions from here on ********************/
+/**************************************************************************/
+/* external functions */
+/**************************************************************************/
-/* split the memory */
+/* initialise */
int
-s4_split(threshold_t *thresh)
+ssss_init(ssss_t *ssss, unsigned threshold, unsigned sharesc)
{
- thresh_str_t *mem;
+ s4_t *s4;
- mem = &thresh->shares[THRESH_MAX_SHARES];
- return split_memory(thresh, mem->io.base, mem->io.size, thresh->threshold, thresh->sharesc);
+ ssss->sharesc = sharesc;
+ ssss->threshold = threshold;
+ if ((s4 = calloc(1, sizeof(*s4))) == NULL) {
+ warn("Unable to allocate ssss structure");
+ return 0;
+ }
+ s4->magic = S4_IMAGIC;
+ s4->sharesc = S4_KMAX; /* guess for just now */
+ ssss->handle = s4;
+ return 1;
}
-/* single combine function */
+/* add a share */
int
-s4_combine(threshold_t *thresh)
+ssss_add_share(ssss_t *ssss, unsigned subscr, const void *data, ssize_t size)
{
- if (!join_memory(thresh, thresh->shares,
- thresh->shares[0].io.size - 2, thresh->threshold,
- &thresh->shares[THRESH_JOIN_DEST])) {
- return -1;
+ struct stat st;
+ ssss_str_t *share;
+ unsigned n;
+ ssize_t rc;
+ ssize_t cc;
+ FILE *fp;
+
+ n = (subscr == SSSS_SPLIT_SOURCE) ? subscr : ssss->availc++;
+ share = &ssss->shares[n];
+ if (size < 0) {
+ if ((fp = fopen(data, "r")) == NULL) {
+ warn("can't open file '%s'", (const char *)data);
+ return 0;
+ }
+ (void) fstat(fileno(fp), &st);
+ share->io.size = (size_t)st.st_size;
+ share->io.base = mmap(NULL, share->io.size, PROT_READ, MAP_PRIVATE, fileno(fp), 0);
+ if (share->io.base == MAP_FAILED) {
+ if (!allocate(share, NULL, (size_t)st.st_size)) {
+ ssss->shares[n].iotype = SSSS_FILE_IO;
+ ssss->shares[n].fp = fp;
+ return 1;
+ }
+ for (cc = 0 ; cc < st.st_size ; cc += rc) {
+ if ((rc = read(fileno(fp), &share->io.base[cc], (size_t)(st.st_size - cc))) < 0) {
+ break;
+ }
+ }
+ ssss->shares[n].iotype = SSSS_MEM_IO;
+ } else {
+ ssss->shares[n].iotype = SSSS_MAPPED_IO;
+ }
+ (void) fclose(fp);
+ } else {
+ if (!allocate(share, data, (size_t)size)) {
+ warn("can't allocate memory for %zd bytes", size);
+ return 0;
+ }
+ ssss->shares[n].iotype = SSSS_MEM_IO;
}
- return (int)thresh->shares[THRESH_MAX_SHARES].c;
+ return 1;
}
-/* initialise for s4 */
+/* split via different algorithms */
int
-s4_init(threshold_t *threshold, unsigned thresh, unsigned sharesc)
+ssss_split(ssss_t *ssss)
{
- s4_t *s4;
+ ssss_str_t *mem;
- USE_ARG(thresh);
- USE_ARG(sharesc);
+ mem = &ssss->shares[SSSS_MAX_SHARES];
+ return split_memory(ssss, mem->io.base, mem->io.size, ssss->threshold, ssss->sharesc);
+}
+
+/* combine/join/decode into one */
+int
+ssss_combine(ssss_t *ssss)
+{
+ s4_head_t head;
+ s4_t *s4;
+
+ (void) memset(&head, 0x0, sizeof(head));
+ if (!get_header(&head, ssss->shares[0].io.base)) {
+ return -1;
+ }
if ((s4 = calloc(1, sizeof(*s4))) == NULL) {
warn("Unable to allocate ssss structure");
return 0;
}
- threshold->handle = s4;
s4->magic = S4_IMAGIC;
s4->sharesc = S4_KMAX; /* guess for just now */
+ ssss->handle = s4;
+ if (!join_memory(ssss, ssss->shares,
+ ssss->shares[0].io.size - 2, ssss->availc,
+ &ssss->shares[SSSS_JOIN_DEST])) {
+ return -1;
+ }
+ return (int)ssss->shares[SSSS_MAX_SHARES].c;
+}
+
+/* write a share to a file */
+int
+ssss_write_share(ssss_t *ssss, unsigned n, const char *f)
+{
+ ssss_str_t *out;
+ ssize_t wc;
+ size_t last;
+ size_t cc;
+ FILE *fp;
+ int ok;
+
+ if (n >= ssss->sharesc && n != SSSS_SPLIT_SOURCE) {
+ warn("share %u out of range (max %u)", n, ssss->sharesc);
+ return 0;
+ }
+ out = &ssss->shares[n];
+ if (f == NULL) {
+ fp = stdout;
+ } else {
+ if ((fp = fopen(f, "w")) == NULL) {
+ warn("can't write to '%s'", f);
+ return 0;
+ }
+ }
+ last = (n == SSSS_JOIN_DEST) ? out->c - 2 : out->c;
+ for (ok = 1, cc = 0 ; ok && cc < last ; cc += wc) {
+ if ((wc = write(fileno(fp), &out->io.base[cc], last - cc)) <= 0) {
+ warn("Short write");
+ ok = 0;
+ }
+ }
+ if (f != NULL) {
+ (void) fclose(fp);
+ }
+ return ok;
+}
+
+/* get a share */
+int
+ssss_get_share(ssss_t *ssss, unsigned n, void **outp, size_t *size)
+{
+ ssss_str_t *share;
+
+ if (n >= ssss->sharesc && n != SSSS_SPLIT_SOURCE) {
+ warn("share %u out of range (max %u)", n, ssss->sharesc);
+ return 0;
+ }
+ share = &ssss->shares[(n == SSSS_SPLIT_SOURCE) ? SSSS_MAX_SHARES : n];
+ *outp = (char *)share->io.base;
+ *size = share->c;
return 1;
}
-/* free up resources */
+/* finish up */
int
-s4_end(threshold_t *thresh)
+ssss_end(ssss_t *ssss)
{
+ unsigned i;
s4_t *s4;
- s4 = thresh->handle;
+ s4 = ssss->handle;
free(s4);
- thresh->handle = NULL;
+ ssss->handle = NULL;
+ for (i = 0 ; i < ssss->sharesc ; i++) {
+ switch (ssss->shares[i].iotype) {
+ case SSSS_MAPPED_IO:
+ (void) munmap(ssss->shares[i].io.base, ssss->shares[i].io.size);
+ break;
+ case SSSS_MEM_IO:
+ free(ssss->shares[i].io.base);
+ break;
+ case SSSS_FILE_IO:
+ (void)fclose(ssss->shares[i].fp);
+ break;
+ default:
+ break;
+ }
+ }
return 1;
}
Index: othersrc/crypto/external/bsd/ssss/dist/src/ssss/main.c
diff -u othersrc/crypto/external/bsd/ssss/dist/src/ssss/main.c:1.2 othersrc/crypto/external/bsd/ssss/dist/src/ssss/main.c:1.3
--- othersrc/crypto/external/bsd/ssss/dist/src/ssss/main.c:1.2 Sat Feb 18 02:17:42 2012
+++ othersrc/crypto/external/bsd/ssss/dist/src/ssss/main.c Tue Feb 21 05:25:42 2012
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2010,2011 Alistair Crooks <[email protected]>
+ * Copyright (c) 2010,2011,2012 Alistair Crooks <[email protected]>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -55,12 +55,11 @@ readstdin(int sz, int *cc)
int
main(int argc, char **argv)
{
- threshold_t threshold;
const char *out;
- const char *alg;
unsigned shares;
unsigned thresh;
unsigned maxsz;
+ ssss_t ssss;
char f[MAXPATHLEN];
char *s;
int interactive;
@@ -68,18 +67,14 @@ main(int argc, char **argv)
int cc;
int i;
- (void) memset(&threshold, 0x0, sizeof(threshold));
+ (void) memset(&ssss, 0x0, sizeof(ssss));
split = 1;
out = NULL;
shares = thresh = 0;
- alg = "ssss";
interactive = 0;
maxsz = 4;
- while ((i = getopt(argc, argv, "a:ijm:o:st:")) != -1) {
+ while ((i = getopt(argc, argv, "ijm:o:st:")) != -1) {
switch(i) {
- case 'a':
- alg = optarg;
- break;
case 'i':
interactive = 1;
break;
@@ -113,7 +108,7 @@ main(int argc, char **argv)
if (shares == 0 || thresh == 0) {
errx(EXIT_FAILURE, "Need to specify threshold and shares (-t t/s)");
}
- ssss_init(&threshold, alg, thresh, shares);
+ ssss_init(&ssss, thresh, shares);
if (argc == optind) {
if (interactive) {
s = getpass("Data to share: ");
@@ -122,29 +117,29 @@ main(int argc, char **argv)
} else if ((s = readstdin(MB(maxsz), &cc)) == NULL) {
err(EXIT_FAILURE, "can't allocate %d bytes", MB(maxsz));
}
- ssss_add_share(&threshold, (unsigned)THRESH_SPLIT_SOURCE, s, strlen(s));
+ ssss_add_share(&ssss, (unsigned)SSSS_SPLIT_SOURCE, s, strlen(s));
if (out == NULL) {
- out = "threshold";
+ out = "ssss";
}
} else {
- if (!ssss_add_share(&threshold, (unsigned)THRESH_SPLIT_SOURCE, out = argv[optind], -1)) {
+ if (!ssss_add_share(&ssss, (unsigned)SSSS_SPLIT_SOURCE, out = argv[optind], -1)) {
err(EXIT_FAILURE, "can't read file '%s'", argv[optind]);
}
}
- ssss_split(&threshold);
+ ssss_split(&ssss);
for (i = 0 ; i < (int)shares ; i++) {
(void) snprintf(f, sizeof(f), "%s.%03d", out, i);
- ssss_write_share(&threshold, (unsigned)i, f);
+ ssss_write_share(&ssss, (unsigned)i, f);
}
} else {
for (i = optind ; i < argc ; i++) {
- if (!ssss_add_share(&threshold, (unsigned)i - optind, argv[i], -1)) {
+ if (!ssss_add_share(&ssss, 0, argv[i], -1)) {
warn("can't read file '%s'", argv[optind]);
}
}
- ssss_combine(&threshold);
- ssss_write_share(&threshold, THRESH_JOIN_DEST, out);
+ ssss_combine(&ssss);
+ ssss_write_share(&ssss, SSSS_JOIN_DEST, out);
}
- ssss_end(&threshold);
+ ssss_end(&ssss);
exit(EXIT_SUCCESS);
}
Index: othersrc/crypto/external/bsd/ssss/libssss/Makefile
diff -u othersrc/crypto/external/bsd/ssss/libssss/Makefile:1.1.1.1 othersrc/crypto/external/bsd/ssss/libssss/Makefile:1.2
--- othersrc/crypto/external/bsd/ssss/libssss/Makefile:1.1.1.1 Mon Mar 21 05:43:37 2011
+++ othersrc/crypto/external/bsd/ssss/libssss/Makefile Tue Feb 21 05:25:42 2012
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.1.1.1 2011/03/21 05:43:37 agc Exp $
+# $NetBSD: Makefile,v 1.2 2012/02/21 05:25:42 agc Exp $
USE_FORT?= yes
LIB=ssss
-SRCS=secsplit.c threshold.c
+SRCS=secsplit.c
WARNS=4
CPPFLAGS+= -I${.CURDIR} -I${EXTDIST}/include
MAN=libssss.3
@@ -11,8 +11,6 @@ MAN=libssss.3
EXTDIST=${.CURDIR}/../dist
.PATH: ${EXTDIST}/include ${EXTDIST}/src/libssss
-LIBDPLIBS+= threshold ${.CURDIR}/../../../../../external/bsd/threshold/libthreshold
-
INCS+= ssss.h
INCSDIR=/usr/include
