2 * AFsplitter - Anti forensic information splitter
3 * Copyright 2004, Clemens Fruhwirth <clemens@endorphin.org>
4 * Copyright (C) 2009 Red Hat, Inc. All rights reserved.
6 * AFsplitter diffuses information over a large stripe of data,
7 * therefor supporting secure data destruction.
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * version 2 as published by the Free Software Foundation.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Library General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
26 #include <netinet/in.h>
31 static void XORblock(char const *src1, char const *src2, char *dst, size_t n)
35 for(j = 0; j < n; ++j)
36 dst[j] = src1[j] ^ src2[j];
39 static int hash_buf(char *src, char *dst, uint32_t iv, int len, int hash_id)
42 unsigned char *digest;
45 if (gcry_md_open(&hd, hash_id, 0))
47 gcry_md_write(hd, (unsigned char *)&iv, sizeof(iv));
48 gcry_md_write(hd, src, len);
49 digest = gcry_md_read(hd, hash_id);
50 memcpy(dst, digest, len);
55 /* diffuse: Information spreading over the whole dataset with
56 * the help of hash function.
59 static int diffuse(char *src, char *dst, size_t size, int hash_id)
61 unsigned int digest_size = gcry_md_get_algo_dlen(hash_id);
62 unsigned int i, blocks, padding;
64 blocks = size / digest_size;
65 padding = size % digest_size;
67 for (i = 0; i < blocks; i++)
68 if(hash_buf(src + digest_size * i,
69 dst + digest_size * i,
70 i, digest_size, hash_id))
74 if(hash_buf(src + digest_size * i,
75 dst + digest_size * i,
83 * Information splitting. The amount of data is multiplied by
84 * blocknumbers. The same blocksize and blocknumbers values
85 * must be supplied to AF_merge to recover information.
88 int AF_split(char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash)
95 if (!(hash_id = gcry_md_map_name(hash)))
98 if((bufblock = calloc(blocksize, 1)) == NULL) return -ENOMEM;
100 /* process everything except the last block */
101 for(i=0; i<blocknumbers-1; i++) {
102 r = crypt_random_get(NULL, dst+(blocksize*i), blocksize, CRYPT_RND_NORMAL);
105 XORblock(dst+(blocksize*i),bufblock,bufblock,blocksize);
106 if(diffuse(bufblock, bufblock, blocksize, hash_id))
109 /* the last block is computed */
110 XORblock(src,bufblock,dst+(i*blocksize),blocksize);
117 int AF_merge(char *src, char *dst, size_t blocksize, unsigned int blocknumbers, const char *hash)
124 if (!(hash_id = gcry_md_map_name(hash)))
127 if((bufblock = calloc(blocksize, 1)) == NULL)
130 memset(bufblock,0,blocksize);
131 for(i=0; i<blocknumbers-1; i++) {
132 XORblock(src+(blocksize*i),bufblock,bufblock,blocksize);
133 if(diffuse(bufblock, bufblock, blocksize, hash_id))
136 XORblock(src + blocksize * i, bufblock, dst, blocksize);