Editing HDD Encryption/Decryption

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
[[Category:OtherOS]]
[[Category:Linux]]
=Introduction=
=Introduction=


Line 59: Line 59:


=GEOM geli=
=GEOM geli=
* Problem: how to set masterkey in GELI ?
* GEOM geli is a wrong approach and won't work. We need a new GEOM class for PS3 HDD decryption !!!
=GEOM AES-XTS=
* Use opencrypto framework for AES-XTS algorithm.
* The kernel module needs a user-space GEOM counterpart,  a shared library which is loaded and used by '''geom''' application to send commands to the kernel part.
http://gitorious.ps3dev.net/ps3freebsd/geom-aes-xts
http://gitorious.ps3dev.net/ps3freebsd/geom-aes-xts-lib


==Test==
==Test==


<pre>
<pre>
# UI shared library for GEOM AES-XTS
cp geom_aes_xts.so /lib/geom
# Load kernel module
kldload geom_aes_xts.ko
mdconfig -a -t vnode -f  ~/ps3da_enc.bin -u 1
mdconfig -a -t vnode -f  ~/ps3da_enc.bin -u 1


geom bswap16 create md1
geom bswap16 create md1


echo <your data key as hex string> <your tweak key as hex string> | xxd -r -p > hdd_key.bin
geli init -K hdd_key.bin -P -e AES-XTS -l 128 -s 512 /dev/md1.bswap16
 
geom aes_xts create -k hdd_key.bin /dev/md1.bswap1
 
ls -l /dev/md1.bswap1.aes_xts
 
sudo dd if=/dev/md1.bswap16.aes_xts bs=512 count=1 | hexdump -C
 
00000000  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
00000010  00 00 00 00 0f ac e0 ff  00 00 00 00 de ad fa ce  |................|
00000020  00 00 00 00 00 00 00 03  00 00 00 00 00 00 00 02  |................|
00000030  00 00 00 00 00 00 00 08  00 00 00 00 00 08 00 00  |................|
00000040  10 70 00 00 01 00 00 01  00 00 00 00 00 00 00 0b  |.p..............|
00000050  10 70 00 00 02 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
00000060  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000000c0  00 00 00 00 00 08 00 10  00 00 00 00 03 9a 8b 2d  |...............-|
000000d0  10 70 00 00 01 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
000000e0  10 70 00 00 02 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
000000f0  10 20 00 00 03 00 00 01  00 00 00 00 00 00 00 03  |. ..............|
00000100  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
00000150  00 00 00 00 03 a2 8b 45  00 00 00 00 00 3f ff f8  |.......E.....?..|
00000160  10 70 00 00 01 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
00000170  10 70 00 00 02 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
00000180  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |................|
*
000001e0  00 00 00 00 03 e2 8b 46  00 00 00 00 19 39 ce 0c  |.......F.....9..|
000001f0  10 70 00 00 02 00 00 01  00 00 00 00 00 00 00 03  |.p..............|
00000200


geli attach -p -k hdd_key.bin  /dev/md1.bswap16
</pre>
</pre>


=GEOM part PS3=
=GEOM part PS3=
* Alternative: Parse the PS3 partition table manually and use '''gnop''' GEOM to create regions
* But GEOM '''part''' is cooler because it does it automatically and we want to learn how to implement GEOM classes.


=Links=
=Links=


* https://www.dan.me.uk/blog/2012/05/05/full-disk-encryption-in-freebsd-9-x-well-almost/
* https://www.dan.me.uk/blog/2012/05/05/full-disk-encryption-in-freebsd-9-x-well-almost/
{{BSD}}<noinclude>[[Category:Main]]</noinclude>
Please note that all contributions to PS3 Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see PS3 Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)

Templates used on this page: