Module Name: othersrc
Committed By: agc
Date: Fri Mar 9 06:37:23 UTC 2012
Modified Files:
othersrc/crypto/external/bsd/ssss/dist/src/libssss: secsplit.c
Log Message:
+ don't allocate space if we're passed an in-memory array as either
a source or a destination of split/combine
+ fix up the split_vec/combine_vec combinatino so that they both
work a bit better now - still some work needed here, though
+ free the internal s4 structure as part of the combine/combine_vec
operation, rather than doing it in ssss_end(). We know at that stage
that we have allocated it, and the principle of freeing memory in
the same place in the calling stack as it was allocated still applies
+ rip out parts of the initial comment which aren't really accurate
any more - i'm not sure there's that much of the original code left
To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 \
othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c
diff -u othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c:1.7 othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c:1.8
--- othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c:1.7 Thu Mar 8 02:44:06 2012
+++ othersrc/crypto/external/bsd/ssss/dist/src/libssss/secsplit.c Fri Mar 9 06:37:23 2012
@@ -15,74 +15,26 @@
* pieces give NO information about the original file (except its
* length).
*
- * It has been written for and tested on DOS and Unix systems.
- *
- * To split up a file, use the command; secsplit n k file where n is
- * the number of pieces to split it up to, and k is the number of
- * pieces needed to reconstruct it. k should be <= n and > 1. If you
- * get n and k backwards the program will swap them for you so don't
- * worry too much about remembering the order.
- *
- * The program will output to file.001, file.002, .... If the file has
- * an extension (e.g. "file.c") the extension will be stripped off
- * before the ".001", etc., are added (so "file.c" will also output to
- * "file.001", etc.).
- *
- * To reconstruct a file, use the command:
- * secsplit k file.*
- * or
- * secsplit k file file1 file2...
- *
* k should be >= the k used when the file was split; the minimum
* number of pieces needed to reconstruct the file. If you have too
* few pieces then the program won't give an error, but you'll get the
* wrong answer.
*
- * The first command form is for DOS or other systems which won't
- * expand the ".*" for you; the program scans for file.000, file.001,
- * etc., and uses the first k of them that it finds. In the second
- * form, the number of files given should be at least k, and again the
- * first k of them will be used.
- *
- * The output in the first form will be file.out; in the second form
- * it will be the first file on the command line, stripped of its
- * extension, and with ".out" added, so generally it will be file.out
- * too.
- *
* Shamir's algorithm relies on cryptographically strong, unguessable,
* random numbers. This version of the program uses the arc4random(3)
* interface.
*
- * Revision history:
- * Version 1.0 October 23, 1993
- *
- * Version 1.1 October 24, 1993
- * Added IDEA-based random-number-generator, initialized by MD5
- * of input file, plus the time of day.
- *
- * Version 1.2 March 31, 2000 Damien Miller <[email protected]>
- * Removed IDEA-based random-number generator in favour of
- * /dev/random. Removed MSDOSisms. Rearranged source code and
- * formatting according to OpenBSD style(9)
- *
- *
- * The file formats used for output are as follows. Each file starts
- * with one byte which is the index, from 1 through n, of that file.
- * This is the x value used for the polynomial evaluation in Shamir's
- * algorithm. The files then consist of a series of 16-bit values
- * (high byte first), which are the result of applying Shamir's
- * splitting algorithm to the input file taken in 16-bit chunks. The
- * prime used is slightly less than 2^16, meaning that input data
- * values close to 2^16 get turned into a pair of values (see below
- * for more information on this expansion).
+ * The files consist of a series of 16-bit values (high byte first),
+ * which are the result of applying Shamir's splitting algorithm to
+ * the input file taken in 16-bit chunks. The prime used is slightly
+ * less than 2^16.
*
* If the input file is of even length, the output files will each by
* of that length+1 (because of the 1 byte at the beginning). If the
* input file is of odd length, the input is padded with a random byte
* and processed normally to get a pair of output bytes, then each
* output file is padded with an extra random byte to indicate this
- * fact. So output files which have an odd length correspond to input
- * files with an even length, and vice versa.
+ * fact. So all output files should have an even number of bytes.
*
* The output files could have encoded k and n information, but this
* could be helpful to an attacker (he would know when he was close to
@@ -92,34 +44,12 @@
* The file formats are system-independent so files split on one kind
* of machine should be able to be reassembled on another kind of
* machine.
- *
- * One complication exists with this code. The algorithm must work
- * mod a prime which is bigger than all the data. We want the data to
- * be about 16 bits therefore, so that we can multiply two numbers and
- * have them fit in a 32-bit int. This means that the prime has to be
- * less than 2^16 in order for them to fit. The largest such prime is
- * 65521. This means that any data value > 65521 can't be processed
- * directly; instead, I split it into two values, a 65520, followed by
- * value-65520. Also, 65520 itself is split as 65520 followed by 0.
- * This complication is pretty well limited to the input routine on
- * splitting and the output routine on assembly.
- *
- * The purpose of the "magic" is to xor the incoming value with a
- * different number each time. This is purely intended to deal with
- * the problem that values of d >= limit-1 must be stored as four
- * bytes rather than two. I was worried that some file might have a
- * lot of 0xff's which would balloon in size. So I wanted to xor with
- * a rather random number. Then, I change the random number each time
- * in order to make it less likely that some other file would happen
- * to have a lot of ballooning values. This way it would be very rare
- * that a file managed to track my magic number in such a way that
- * many d's were over the size threshold.
- *
- * (The "magic" is not intended to increase the security or the
- * cryptographic strength of the algorithm in any way; it is purely to
- * keep the size of the output files from being much bigger than the
- * input.)
- *
+ */
+/*
+ * This source code has been cruelly munged around, and very little
+ * (if any) is left of the original sources. I have left the original
+ * leading comment in these sources (insofar as it pertains to this
+ * version of the code) for information.
*/
#include <sys/types.h>
#include <sys/stat.h>
@@ -135,16 +65,17 @@
#include "ssss.h"
-#define LARGEST_PRIME 65521
+#define LARGEST_PRIME 65521
#define S4_SMALLEST_INPUT 5
-#define S4_FILE_MAGIC "s4"
+#define S4_FILE_MAGIC "s4"
enum {
SSSS_MEM_IO = 0,
SSSS_MAPPED_IO = 1,
SSSS_FILE_IO = 2,
+ SSSS_EXTMEM_IO = 3,
SSSS_MAGIC_LENGTH = 4
};
@@ -317,6 +248,7 @@ ssss_getch(ssss_str_t *str, uint64_t las
switch(str->iotype) {
case SSSS_MEM_IO:
case SSSS_MAPPED_IO:
+ case SSSS_EXTMEM_IO:
return (str->c == last) ? SSSS_EOF : (int)(str->io.base[str->c++]);
case SSSS_FILE_IO:
return ((ch = fgetc(str->fp)) == EOF) ? SSSS_EOF : ch;
@@ -560,7 +492,7 @@ assemble(s4_t *s4, ssss_str_t *inputs, u
inputs[i].c += sizeof(heads[i]);
coeffs[i] = heads[i].coeff;
} else {
- coeffs[i] = i;
+ coeffs[i] = i + 1;
}
}
while (get_assemble(s4, nin, inputs, coeffs, &ch)) {
@@ -598,6 +530,7 @@ split_memory(ssss_t *ssss, const void *s
{
ssss_str_t mem;
unsigned i;
+ size_t size;
char small[8];
s4_t *s4;
@@ -617,7 +550,8 @@ split_memory(ssss_t *ssss, const void *s
ssss->sharesc = (unsigned)sharesc;
for (i = 0 ; i < sharesc ; i++) {
/* possibly need space to grow for padded chars */
- ssss->shares[i].io.size = S4_IO_SPACE(memsize + sizeof(s4_head_t) + 2);
+ size = (doheader) ? memsize + sizeof(s4_head_t) + 2 : memsize + 2;
+ ssss->shares[i].io.size = S4_IO_SPACE(size);
ssss->shares[i].c = 0;
if (ssss->shares[i].io.base == NULL &&
(ssss->shares[i].io.base = calloc(1, ssss->shares[i].io.size)) == NULL) {
@@ -637,7 +571,9 @@ join_memory(ssss_t *ssss, ssss_str_t *in
s4_t *s4;
s4 = ssss->handle;
- (void) memset(str, 0x0, sizeof(*str));
+ if (doheader) {
+ (void) memset(str, 0x0, sizeof(*str));
+ }
if (str->io.base == NULL &&
(str->io.base = calloc(1, str->io.size = bytes - sizeof(s4_head_t))) == NULL) {
warn("Bad alloc %zu bytes", bytes);
@@ -729,11 +665,14 @@ ssss_split(ssss_t *ssss)
int
ssss_split_vec(ssss_t *ssss, const char *buf, size_t size, struct iovec *iov, int iovc)
{
- int ret;
- int i;
+ const unsigned noheader = 0;
+ int ret;
+ int i;
- ssss_add_share(ssss, (unsigned)SSSS_SPLIT_SOURCE, buf, (long)size);
- ret = split_memory(ssss, buf, size, ssss->threshold, ssss->sharesc, 0);
+ ssss->shares[SSSS_SPLIT_SOURCE].io.base = __UNCONST(buf);
+ ssss->shares[SSSS_SPLIT_SOURCE].io.size = size;
+ ssss->shares[SSSS_SPLIT_SOURCE].iotype = SSSS_EXTMEM_IO;
+ ret = split_memory(ssss, buf, size, ssss->threshold, ssss->sharesc, noheader);
for (i = 0 ; ret && i < iovc ; i++) {
ssss_get_share(ssss, (unsigned)i, &iov[i].iov_base, &iov[i].iov_len);
}
@@ -753,7 +692,7 @@ ssss_combine(ssss_t *ssss)
}
if ((s4 = calloc(1, sizeof(*s4))) == NULL) {
warn("Unable to allocate ssss structure");
- return 0;
+ return -1;
}
s4->sharesc = SSSS_MAX_SHARES; /* guess for just now */
ssss->handle = s4;
@@ -762,6 +701,8 @@ ssss_combine(ssss_t *ssss)
&ssss->shares[SSSS_JOIN_DEST], 1)) {
return -1;
}
+ free(s4);
+ ssss->handle = NULL;
return (int)ssss->shares[SSSS_MAX_SHARES].c;
}
@@ -770,15 +711,17 @@ int
ssss_combine_vec(ssss_t *ssss, struct iovec *iov, int iovc, char *buf, size_t size)
{
s4_t *s4;
- void *vp;
int i;
for (i = 0 ; i < iovc ; i++) {
- ssss_add_share(ssss, (unsigned)i, iov[i].iov_base, (long)iov[i].iov_len);
+ ssss->shares[i].io.base = iov[i].iov_base;
+ ssss->shares[i].io.size = iov[i].iov_len;
+ ssss->shares[i].iotype = SSSS_EXTMEM_IO;
}
+ ssss->availc = iovc;
if ((s4 = calloc(1, sizeof(*s4))) == NULL) {
warn("Unable to allocate ssss structure");
- return 0;
+ return -1;
}
s4->sharesc = SSSS_MAX_SHARES; /* guess for just now */
ssss->handle = s4;
@@ -787,10 +730,11 @@ ssss_combine_vec(ssss_t *ssss, struct io
&ssss->shares[SSSS_JOIN_DEST], 0)) {
return -1;
}
- vp = buf;
- ssss_get_share(ssss, SSSS_JOIN_DEST, &vp, &size);
+ (void) memcpy(buf, ssss->shares[SSSS_JOIN_DEST].io.base, size);
+ ssss->shares[SSSS_JOIN_DEST].iotype = SSSS_EXTMEM_IO;
free(s4);
- return (int)ssss->shares[SSSS_MAX_SHARES].c;
+ ssss->handle = NULL;
+ return (int)ssss->shares[SSSS_JOIN_DEST].c;
}
/* write a share to a file */
@@ -853,8 +797,9 @@ ssss_end(ssss_t *ssss)
unsigned i;
s4_t *s4;
- s4 = ssss->handle;
- free(s4);
+ if ((s4 = ssss->handle) != NULL) {
+ free(s4);
+ }
ssss->handle = NULL;
for (i = 0 ; i < ssss->sharesc ; i++) {
switch (ssss->shares[i].iotype) {
@@ -867,6 +812,7 @@ ssss_end(ssss_t *ssss)
case SSSS_FILE_IO:
(void)fclose(ssss->shares[i].fp);
break;
+ case SSSS_EXTMEM_IO:
default:
break;
}
