KitCreator
Check-in [93d7e1f87e]
Login
HomeDownloadsSource CodeTicketsWiki
Overview
Comment:Added obsfucated CVFS support
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 93d7e1f87e2517370b6d4bb7a138a9c791a8b9e9
User & Date: rkeene on 2014-11-23 02:31:57
Other Links: manifest | tags
Context
2014-11-23
02:55
Documented obsfucated CVFS support check-in: ae6b7036ca user: rkeene tags: trunk
02:31
Added obsfucated CVFS support check-in: 93d7e1f87e user: rkeene tags: trunk
2014-11-19
20:56
Updated URL to a mirror of mk4tcl for now check-in: b1003b10ac user: rkeene tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Modified kitsh/buildsrc/kitsh-0.0/Makefile.common.in from [60b5e343af] to [93d968f811]. 

11
12
13
14
15
16
17

18
19
20
21
22
23

24
25
26
27
28
29
30

11
12
13
14
15
16
17
18
19
20
21
22
23

24
25
26
27
28
29
30
31








+





-
+








STRIPLIBS = @STRIPLIBS@ @EXTRA_OBJS@
EXTRA_OBJS = @EXTRA_OBJS@
LDRUNPATH = @LDRUNPATH@
EXTRA_KIT_DEPS = @EXTRA_KIT_DEPS@
EXTRA_VFS_OBJS = @EXTRA_VFS_OBJS@
TCLSH_NATIVE = tclsh
LDFLAGS_ADD = @LDFLAGS_ADD@
DIR2C_FLAGS = @DIR2C_FLAGS@

# Build targets
## VFS Build
cvfs_data_tcl.o: cvfs_data_tcl.c
cvfs_data_tcl.c: dir2c.tcl starpack.vfs cvfs_data.c
	"$(TCLSH_NATIVE)" dir2c.tcl tcl starpack.vfs > cvfs_data_tcl.c
	"$(TCLSH_NATIVE)" dir2c.tcl tcl starpack.vfs $(DIR2C_FLAGS) > cvfs_data_tcl.c

## Tcl scripts that need to be converted to C headers
cvfs.tcl.h: cvfs.tcl
	"$(TCLSH_NATIVE)" ./stringify.tcl cvfs.tcl > cvfs.tcl.h

boot.tcl.h: boot.tcl
	"$(TCLSH_NATIVE)" ./stringify.tcl boot.tcl > boot.tcl.h

Modified kitsh/buildsrc/kitsh-0.0/aclocal.m4 from [4e978303f9] to [b344f06840]. 

556
557
558
559
560
561
562
























556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585








+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

		])
	done

	LDFLAGS="${OLD_LDFLAGS}"

	AC_SUBST(LDRUNPATH)
])

AC_DEFUN(DC_SET_DIR2C_FLAGS, [
	AC_MSG_CHECKING([if we should obsufcate the CVFS])

	AC_ARG_WITH(obsfucated-cvfs, AC_HELP_STRING([--with-obsfucated-cvfs], [Obsfucate CVFS filesystem (requires --enable-kit-storage=cvfs)]), [
		obsfucate_cvfs=$withval
	], [
		obsfucate_cvfs='no'
	])

	case "$obsfucate_cvfs" in
		yes)
			AC_MSG_RESULT([yes])
			DIR2C_FLAGS='--obsfucate'
			;;
		*)
			AC_MSG_RESULT([no])
			DIR2C_FLAGS=''
			;;
	esac

	AC_SUBST(DIR2C_FLAGS)
])

Modified kitsh/buildsrc/kitsh-0.0/configure.ac from [68bb20ca2d] to [42d57f3f66]. 

186
187
188
189
190
191
192



193
194
195
196
197
198
199

186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202








+
+
+









		dnl Define that C-VFS should be make [load]-able
		AC_DEFINE([CVFS_MAKE_LOADABLE], [1], [Specify that the C-VFS should be able to be loaded])

		dnl Add appropriate dependencies
		EXTRA_KIT_DEPS="cvfs.tcl.h"
		EXTRA_VFS_OBJS="${EXTRA_VFS_OBJS} cvfs_data_tcl.o"

		dnl Set any flags as required
		DC_SET_DIR2C_FLAGS
	]
)

AC_SUBST(EXTRA_KIT_DEPS)
AC_SUBST(LDFLAGS_ADD)

dnl Put correct Makefile template in place

Modified kitsh/buildsrc/kitsh-0.0/cvfs_data.c from [c7558f05e3] to [981ef56829]. 

1
2
3
4
5
6
7
8

9
10
11
12

13
14
15
16
17
18
19

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21









+




+








#include <tcl.h>

#ifdef HAVE_STDLIB_H
#  include <stdlib.h>
#endif

typedef struct cvfs_data *(cmd_getData_t)(const char *, unsigned long);
typedef unsigned long (cmd_getChildren_t)(const char *, unsigned long *, unsigned long);
typedef void (cmd_decryptFile_t)(const char *, struct cvfs_data *); 

/* Your implementation must provide these */
static cmd_getData_t *getCmdData(const char *hashkey);
static cmd_getChildren_t *getCmdChildren(const char *hashkey);
static cmd_decryptFile_t *getCmdDecryptFile(const char *hashkey);

/* Tcl Commands */
static int getMetadata(ClientData cd, Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[]) {
	cmd_getData_t *cmd_getData;
	cmd_getChildren_t *cmd_getChildren;
	struct cvfs_data *finfo = NULL;
	Tcl_Obj *ret_list, *ret_list_items[20];

105
106
107
108
109
110
111

112
113
114
115
116
117
118

107
108
109
110
111
112
113
114
115
116
117
118
119
120
121








+









	return(TCL_OK);
}

static int getData(ClientData cd, Tcl_Interp *interp, int objc, Tcl_Obj *CONST objv[]) {
	struct cvfs_data *finfo = NULL;
	cmd_getData_t *cmd_getData;
	cmd_decryptFile_t *cmd_decryptFile;
	const char *hashkey;
	const char *file;
	const char *end_str;
	Tcl_Obj *ret_str;
	long start = 0;
	long end = -1;
	int tclGetLFO_ret;

158
159
160
161
162
163
164








165
166
167
168
169
170
171

161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182








+
+
+
+
+
+
+
+








	finfo = cmd_getData(file, 0);

	if (finfo == NULL) {
		Tcl_SetResult(interp, "No such file or directory", TCL_STATIC);

		return(TCL_ERROR);
	}

	if (finfo->type == CVFS_FILETYPE_OBSFUCATED_FILE || finfo->type == CVFS_FILETYPE_ENCRYPTED_FILE) {
		cmd_decryptFile = getCmdDecryptFile(hashkey);

		if (cmd_decryptFile != NULL) {
			cmd_decryptFile(file, finfo);
		}
	}

	if (finfo->type != CVFS_FILETYPE_FILE) {
		Tcl_SetResult(interp, "Not a file", TCL_STATIC);

		return(TCL_ERROR);
	}

Modified kitsh/buildsrc/kitsh-0.0/dir2c.tcl from [903b20a63c] to [a9768c9e59]. 

1
2







3
4

5
6
7
8
9
10
11

1
2
3
4
5
6
7
8
9
10

11
12
13
14
15
16
17
18



+
+
+
+
+
+
+

-
+








#! /usr/bin/env tclsh

set obsfucate 0
if {[lindex $argv end] == "--obsfucate"} {
	set obsfucate 1

	set argv [lrange $argv 0 end-1]
}

if {[llength $argv] != 2} {
	puts stderr "Usage: dir2c.tcl <hashkey> <startdir>"
	puts stderr "Usage: dir2c.tcl <hashkey> <startdir> \[--obsfucate\]"

	exit 1
}

set hashkey [lindex $argv 0]
set startdir [lindex $argv 1]


70
71
72
73
74
75
76































































































77
78
79
80
81
82
83

77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185








+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+









	set ret [string trim $ret "\n\""]

	set ret "\"$ret\""

	return $ret
}

# Encrypt the data
proc random_byte {} {
	set value [expr {int(256 * rand())}]

	return $value
}

proc encrypt_key_generate {method} {
	switch -- $method {
		"rotate_subst" {
			set key(method) $method
			set key(rotate_length) [random_byte]

			set key_data [list]
			while {[llength $key_data] != 256} {
				set value [random_byte]
				if {[lsearch -exact $key_data $value] != -1} {
					continue
				}

				lappend key_data $value
			}

			foreach value $key_data {
				append key(subst) [format %c $value]
			}

			return [array get key]
		}
	}
	error "not implemented"
}

proc encrypt_key_export {key_dict target} {
	array set key $key_dict

	switch -- $key(method) {
		"rotate_subst" {
			switch -- $target {
				"c" {
					set retval ".type = CVFS_KEYTYPE_ROTATE_SUBST,\n"
					append retval ".typedata.rotate_subst.rotate_length = $key(rotate_length),\n"
					append retval ".typedata.rotate_subst.subst         = [stringify $key(subst)]\n"

					return $retval
				}
			}
		}
	}

	error "not implemented"
}

proc encrypt {data key_dict {decrypt 0}} {
	array set key $key_dict

	switch -- $key(method) {
		"rotate_subst" {
			set retval ""
			set datalen [string length $data]

			for {set i 0} {$i < $datalen} {incr i $key(rotate_length)} {
				set map [list]
				for {set j 0} {$j < 256} {incr j} {
					if {$decrypt} {
						lappend map [format %c $j] [string index $key(subst) $j]
					} else {
						lappend map [string index $key(subst) $j] [format %c $j]
					}
				}

				set end [expr {$i + $key(rotate_length) - 1}]

				set block [string range $data $i $end]
				set block [string map $map $block]

				append retval $block

				set key_end [string index $key(subst) 0]
				set key(subst) [string range $key(subst) 1 end]$key_end
			}

			return $retval
		}
		"aes" {
			package require aes
		}
	}
	error "not implemented"
}

proc decrypt {data key_dict} {
	return [encrypt $data $key_dict 1]
}

# This function must be kept in-sync with the generated C function below
proc cvfs_hash {path} {
	set h 0
	set g 0

	for {set idx 0} {$idx < [string length $path]} {incr idx} {

91
92
93
94
95
96
97





98
99
100
101
102
103
104

193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211








+
+
+
+
+








		}

		set h [expr {$h & ((~$g) & 0xffffffff)}]
	}

	return $h
}

# If encryption is requested, generate a key
if {$obsfucate} {
	set obsfucation_key [encrypt_key_generate "rotate_subst"]
}

# Generate list of files to include in output
set files [recursive_glob $startdir]

# Insert dummy entry cooresponding to C dummy entry
set files [linsert $files 0 "__DUMMY__"]


113
114
115
116
117
118
119



120
121
122
123
124
125
126



127
128
129
130
131
132
133




134
135
136
137
138
139
140
141
142














143
144
145
146
147
148
149
150
151
152
153
154
155
156
157


















158
159
160
161
162
163
164

220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244


245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311








+
+
+







+
+
+





-
-
+
+
+
+









+
+
+
+
+
+
+
+
+
+
+
+
+
+















+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+








#  ifdef HAVE_STDC
#    ifndef HAVE_UNISTD_H
#      define HAVE_UNISTD_H 1
#    endif
#    ifndef HAVE_STRING_H
#      define HAVE_STRING_H 1
#    endif
#    ifndef HAVE_STDLIB_H
#      define HAVE_STDLIB_H 1
#    endif
#  endif
#  ifdef HAVE_UNISTD_H
#    include <unistd.h>
#  endif
#  ifdef HAVE_STRING_H
#    include <string.h>
#  endif
#  ifdef HAVE_STDLIB_H
#    include <stdlib.h>
#  endif

#  ifndef LOADED_CVFS_COMMON
#    define LOADED_CVFS_COMMON 1

typedef enum {
	CVFS_FILETYPE_FILE,
	CVFS_FILETYPE_DIR
	CVFS_FILETYPE_FILE            = 0,
	CVFS_FILETYPE_DIR             = 1,
	CVFS_FILETYPE_OBSFUCATED_FILE = 2,
	CVFS_FILETYPE_ENCRYPTED_FILE  = 3,
} cvfs_filetype_t;

struct cvfs_data {
	const char *             name;
	unsigned long            index;
	unsigned long            size;
	cvfs_filetype_t          type;
	const unsigned char *    data;
};

typedef enum {
	CVFS_KEYTYPE_ROTATE_SUBST     = 0,
} cvfs_keytype_t;

struct cvfs_key {
	cvfs_keytype_t type;
	union {
		struct {
			int rotate_length;
			unsigned char *subst;
		} rotate_subst;
	} typedata;
};

static unsigned long cvfs_hash(const unsigned char *path) {
	unsigned long i, h = 0, g = 0;

	for (i = 0; path[i]; i++) {
		h = (h << 4) + path[i];
		g = h & 0xf0000000;
		if (g) {
			h ^= (g >> 24);
		}
		h &= ((~g) & 0xffffffffLU);
	}
        
        return(h);
}

#include <stdio.h>
static int cvfs_decrypt(unsigned char *out, const unsigned char *in, unsigned long in_out_length, struct cvfs_key *key) {
	unsigned long i;
	unsigned char in_ch, out_ch;
	int ch_idx;

	for (i = 0; i < in_out_length; i++) {
		in_ch = in[i];

		ch_idx = (in_ch + (i / key->typedata.rotate_subst.rotate_length)) % 256;

		out_ch = key->typedata.rotate_subst.subst[ch_idx];
		out[i] = out_ch;
	}

	return(0);
}

#  endif /* !LOADED_CVFS_COMMON */}
puts ""

puts "static struct cvfs_data ${code_tag}_data\[\] = {"
puts "\t{"
puts "\t\t.name  = NULL,"

172
173
174
175
176
177
178
179
180
181
182
183
184
185
186





187


188
189
190
191
192
193
194

319
320
321
322
323
324
325

326
327
328
329
330
331
332
333
334
335
336
337

338
339
340
341
342
343
344
345
346








-







+
+
+
+
+
-
+
+








	set shortfile [shorten_file $startdir $file]

	unset -nocomplain finfo type
	file stat $file finfo

	switch -- $finfo(type) {
		"file" {
			set type "CVFS_FILETYPE_FILE"
			set size $finfo(size)

			set fd [open $file]
			fconfigure $fd -translation binary
			set data [read $fd]
			close $fd

			if {$obsfucate} {
				set type "CVFS_FILETYPE_OBSFUCATED_FILE"
				set data "(unsigned char *) [stringify [encrypt $data $obsfucation_key]]"
			} else {
				set type "CVFS_FILETYPE_FILE"
			set data "(unsigned char *) [stringify $data]"
				set data "(unsigned char *) [stringify $data]"
			}
		}
		"directory" {
			set type "CVFS_FILETYPE_DIR"
			set data "NULL"
			set size 0
		}
	}

346
347
348
349
350
351
352




















353
354
355
356
357
358
359
360
361
362
363
364
365
366








367
368
369
370
371
372
373

498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530

531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552








+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+






-







+
+
+
+
+
+
+
+








}

puts "\t}"
puts ""
puts "\treturn(num_children);"
puts "}"
puts ""

if {$obsfucate} {
	puts "static void ${code_tag}_decryptFile(const char *path, struct cvfs_data *finfo) {"
	puts "\tstatic struct cvfs_key key = { [string map [list "\n" " "] [encrypt_key_export $obsfucation_key "c"]] };"
	puts "\tunsigned char *new_data;"
	puts "\tint decrypt_ret;"
	puts ""
	puts "\tnew_data = malloc(finfo->size);"
	puts "\tdecrypt_ret = cvfs_decrypt(new_data, finfo->data, finfo->size, &key);"
	puts "\tif (decrypt_ret != 0) {"
	puts "\t\tfree(new_data);"
	puts ""
	puts "\t\treturn;"
	puts "\t}"
	puts "\tfinfo->data = new_data;"
	puts "\tfinfo->type = CVFS_FILETYPE_FILE;"
	puts "\treturn;"
	puts "}"
	puts ""
}

puts "#  ifdef CVFS_MAKE_LOADABLE"

set fd [open "cvfs_data.c"]
puts [read $fd]
close $fd


puts "static cmd_getData_t *getCmdData(const char *hashkey) {"
puts "\treturn(${code_tag}_getData);"
puts "}"
puts ""
puts "static cmd_getChildren_t *getCmdChildren(const char *hashkey) {"
puts "\treturn(${code_tag}_getChildren);"
puts "}"
puts ""
puts "static cmd_decryptFile_t *getCmdDecryptFile(const char *hashkey) {"
if {$obsfucate} {
	puts "\treturn(${code_tag}_decryptFile);"
} else {
	puts "\treturn(NULL);"
}
puts "}"
puts ""

puts "int Cvfs_data_${hashkey}_Init(Tcl_Interp *interp) {"
puts "\tTcl_Command tclCreatComm_ret;"
puts "\tint tclPkgProv_ret;"
puts ""

Powered by Fossil · RSS