VaKeR CYBER ARMY
Logo of a company Server : Apache/2.4.41 (Ubuntu)
System : Linux absol.cf 5.4.0-198-generic #218-Ubuntu SMP Fri Sep 27 20:18:53 UTC 2024 x86_64
User : www-data ( 33)
PHP Version : 7.4.33
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
Directory :  /usr/share/doc/libafflib0v5/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : //usr/share/doc/libafflib0v5/crypto_api.txt
# This file is a work of a US government employee and as such is in the Public domain.
# Simson L. Garfinkel, March 12, 2012

IMPLEMENTATION
==============

AFFLIB encryption will continue to use the cryptographic primitives
provided by the OpenSSL library.

The AFFILE Structure will be modified to include these additional fields:
  AES_KEY ekey    - The OpenSSL AES256 encryption key
  AES_KEY dkey    - The OpenSSL AES256 decryption key


Reading:

Getting pages is currently implemented with a chain of functions:

  af_get_page() - gets the page and decompresses it if necessary.
  af_get_page_raw() - gets raw pages (without compression)
  af_get_seg()      - gets the actual segment


Proposed modification:
 
  If af_get_seg(s1) fails AND if a symmetric encryption key has been
  set, the function will then look for s1/aes. If this is found the
  segment will be decrypted and returned.

Writing:


Currently pages are written with these functions:

  af_update_page(af,pagenum,data,datalen)
  af_update_seg()

Procedure for writing encrypted pages:

 - Modify af_update_page() to call a new function,
   af_update_page_raw(), which does the encryption.


Other work that needs to be done:

 - Make sure that pages are only written with this function. In
    particular, check out afconvert, aimage, and atest


================================================================
Performance Notes:

When reading encrypted AFF files, specify read buffers that are at
least 16 bytes larger than you expect.  This gives the internal
routines space to do the decryption in place. Otherwise additional
memory needs to be allocated and data needs to be copied.


================================================================

VaKeR 2022