HDD Encryption/Decryption: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
|||
(19 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
[[Category: | [[Category:OtherOS]] | ||
=Introduction= | =Introduction= | ||
Line 59: | Line 59: | ||
=GEOM geli= | =GEOM geli= | ||
* Problem: how to set masterkey in GELI ? | |||
* GEOM geli is a wrong approach and won't work. We need a new GEOM class for PS3 HDD decryption !!! | |||
=GEOM AES-XTS= | |||
* Use opencrypto framework for AES-XTS algorithm. | |||
* The kernel module needs a user-space GEOM counterpart, a shared library which is loaded and used by '''geom''' application to send commands to the kernel part. | |||
http://gitorious.ps3dev.net/ps3freebsd/geom-aes-xts | |||
http://gitorious.ps3dev.net/ps3freebsd/geom-aes-xts-lib | |||
==Test== | |||
<pre> | |||
# UI shared library for GEOM AES-XTS | |||
cp geom_aes_xts.so /lib/geom | |||
# Load kernel module | |||
kldload geom_aes_xts.ko | |||
mdconfig -a -t vnode -f ~/ps3da_enc.bin -u 1 | |||
geom bswap16 create md1 | |||
echo <your data key as hex string> <your tweak key as hex string> | xxd -r -p > hdd_key.bin | |||
geom aes_xts create -k hdd_key.bin /dev/md1.bswap1 | |||
ls -l /dev/md1.bswap1.aes_xts | |||
sudo dd if=/dev/md1.bswap16.aes_xts bs=512 count=1 | hexdump -C | |||
00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| | |||
00000010 00 00 00 00 0f ac e0 ff 00 00 00 00 de ad fa ce |................| | |||
00000020 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 02 |................| | |||
00000030 00 00 00 00 00 00 00 08 00 00 00 00 00 08 00 00 |................| | |||
00000040 10 70 00 00 01 00 00 01 00 00 00 00 00 00 00 0b |.p..............| | |||
00000050 10 70 00 00 02 00 00 01 00 00 00 00 00 00 00 03 |.p..............| | |||
00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| | |||
* | |||
000000c0 00 00 00 00 00 08 00 10 00 00 00 00 03 9a 8b 2d |...............-| | |||
000000d0 10 70 00 00 01 00 00 01 00 00 00 00 00 00 00 03 |.p..............| | |||
000000e0 10 70 00 00 02 00 00 01 00 00 00 00 00 00 00 03 |.p..............| | |||
000000f0 10 20 00 00 03 00 00 01 00 00 00 00 00 00 00 03 |. ..............| | |||
00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| | |||
* | |||
00000150 00 00 00 00 03 a2 8b 45 00 00 00 00 00 3f ff f8 |.......E.....?..| | |||
00000160 10 70 00 00 01 00 00 01 00 00 00 00 00 00 00 03 |.p..............| | |||
00000170 10 70 00 00 02 00 00 01 00 00 00 00 00 00 00 03 |.p..............| | |||
00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| | |||
* | |||
000001e0 00 00 00 00 03 e2 8b 46 00 00 00 00 19 39 ce 0c |.......F.....9..| | |||
000001f0 10 70 00 00 02 00 00 01 00 00 00 00 00 00 00 03 |.p..............| | |||
00000200 | |||
</pre> | |||
=GEOM part PS3= | =GEOM part PS3= | ||
* Alternative: Parse the PS3 partition table manually and use '''gnop''' GEOM to create regions | |||
* But GEOM '''part''' is cooler because it does it automatically and we want to learn how to implement GEOM classes. | |||
=Links= | =Links= | ||
* https://www.dan.me.uk/blog/2012/05/05/full-disk-encryption-in-freebsd-9-x-well-almost/ | * https://www.dan.me.uk/blog/2012/05/05/full-disk-encryption-in-freebsd-9-x-well-almost/ | ||
{{BSD}}<noinclude>[[Category:Main]]</noinclude> |
Latest revision as of 01:39, 3 February 2014
Introduction[edit | edit source]
- The goal is to mount a PS3 HDD on a FreeBSD PC (or FreeBSD PS3) and do changes to it without ENCDEC device.
- And learn the cool FreeBSD GEOM framework as well :)
- Everything was tested by me on FreeBSD 9.1.
GEOM bswap16[edit | edit source]
- Swaps bytes in every 16-bit word
- Similar to dm-bswap16 on Linux.
- The kernel module needs a user-space GEOM counterpart, a shared library which is loaded and used by geom application to send commands to the kernel part.
http://gitorious.ps3dev.net/ps3freebsd/geom-bswap16
http://gitorious.ps3dev.net/ps3freebsd/geom-bswap16-lib
Test[edit | edit source]
# UI shared library for GEOM bswap16 cp geom_bswap16.so /lib/geom # Load kernel module kldload geom_bswap16.ko # Create a memory block device for testing mdconfig -a -t vnode -f ~/test.bin -u 0 # Create /dev/md0.bswap16 geom bswap16 create /dev/md0 hexdump -C /dev/md0 00000000 bb aa dd cc 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 ee ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00100000 hexdump -C /dev/md0.bswap16 00000000 aa bb cc dd 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000020 ff ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00100000 geom bswap16 destroy md0.bswap16 mdconfig -d -u 0
GEOM geli[edit | edit source]
- Problem: how to set masterkey in GELI ?
- GEOM geli is a wrong approach and won't work. We need a new GEOM class for PS3 HDD decryption !!!
GEOM AES-XTS[edit | edit source]
- Use opencrypto framework for AES-XTS algorithm.
- The kernel module needs a user-space GEOM counterpart, a shared library which is loaded and used by geom application to send commands to the kernel part.
http://gitorious.ps3dev.net/ps3freebsd/geom-aes-xts
http://gitorious.ps3dev.net/ps3freebsd/geom-aes-xts-lib
Test[edit | edit source]
# UI shared library for GEOM AES-XTS cp geom_aes_xts.so /lib/geom # Load kernel module kldload geom_aes_xts.ko mdconfig -a -t vnode -f ~/ps3da_enc.bin -u 1 geom bswap16 create md1 echo <your data key as hex string> <your tweak key as hex string> | xxd -r -p > hdd_key.bin geom aes_xts create -k hdd_key.bin /dev/md1.bswap1 ls -l /dev/md1.bswap1.aes_xts sudo dd if=/dev/md1.bswap16.aes_xts bs=512 count=1 | hexdump -C 00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| 00000010 00 00 00 00 0f ac e0 ff 00 00 00 00 de ad fa ce |................| 00000020 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 02 |................| 00000030 00 00 00 00 00 00 00 08 00 00 00 00 00 08 00 00 |................| 00000040 10 70 00 00 01 00 00 01 00 00 00 00 00 00 00 0b |.p..............| 00000050 10 70 00 00 02 00 00 01 00 00 00 00 00 00 00 03 |.p..............| 00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000000c0 00 00 00 00 00 08 00 10 00 00 00 00 03 9a 8b 2d |...............-| 000000d0 10 70 00 00 01 00 00 01 00 00 00 00 00 00 00 03 |.p..............| 000000e0 10 70 00 00 02 00 00 01 00 00 00 00 00 00 00 03 |.p..............| 000000f0 10 20 00 00 03 00 00 01 00 00 00 00 00 00 00 03 |. ..............| 00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 00000150 00 00 00 00 03 a2 8b 45 00 00 00 00 00 3f ff f8 |.......E.....?..| 00000160 10 70 00 00 01 00 00 01 00 00 00 00 00 00 00 03 |.p..............| 00000170 10 70 00 00 02 00 00 01 00 00 00 00 00 00 00 03 |.p..............| 00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000001e0 00 00 00 00 03 e2 8b 46 00 00 00 00 19 39 ce 0c |.......F.....9..| 000001f0 10 70 00 00 02 00 00 01 00 00 00 00 00 00 00 03 |.p..............| 00000200
GEOM part PS3[edit | edit source]
- Alternative: Parse the PS3 partition table manually and use gnop GEOM to create regions
- But GEOM part is cooler because it does it automatically and we want to learn how to implement GEOM classes.
Links[edit | edit source]
|