From 04fe9f217eedbaa5d74cb77b610e8582fff072b0 Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Sat, 28 Dec 2019 21:39:28 +0000 Subject: [PATCH] add an initial implementation of HMG IS5 enhanced I could not find the original specification of this standard, although many proprietary implementations exist (or claim to exist). Also there are many 3rd-party descriptions of the method, which often differ in one or another detail, but after some reading I could conclude that the most likely definition should be as follows: 1. Fill the device with zeroes, do not verify. 2. Fill the device with ones, do not verify. 3. Fill the device with a PRNG stream, do verify. In other words, this is a simplified version of nwipe's "dodshort". --- README.md | 1 + man/nwipe.1 | 5 +++++ src/gui.c | 21 ++++++++++++++++++++- src/method.c | 24 +++++++++++++++++++++++- src/method.h | 1 + src/options.c | 6 ++++++ 6 files changed, 56 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3e1ae70..6e6ebdd 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ The user can select from a variety of recognised secure erase methods which incl * Gutmann Wipe - Peter Gutmann's method (Secure Deletion of Data from Magnetic and Solid-State Memory). * PRNG Stream - Fills the device with a stream from the PRNG. * Verify only - This method only reads the device and checks that it is all zero. +* HMG IS5 enhanced - Secure Sanitisation of Protectively Marked Information or Sensitive Information It also includes the following pseudo random number generators: * Mersenne Twister diff --git a/man/nwipe.1 b/man/nwipe.1 index b3c69ee..0db3f63 100644 --- a/man/nwipe.1 +++ b/man/nwipe.1 @@ -60,6 +60,9 @@ off \- Do not verify last \- Verify after the last pass .IP all \- Verify every pass +.IP +Please mind that HMG IS5 enhanced always verifies the last (PRNG) pass +regardless of this option. .TP \fB\-m\fR, \fB\-\-method\fR=\fIMETHOD\fR The wiping method (default: dodshort). @@ -77,6 +80,8 @@ random / prng / stream \- PRNG Stream zero / quick \- Overwrite with zeros .IP verify \- Verifies disk is zero filled +.IP +is5enh \- HMG IS5 enhanced .TP \fB\-l\fR, \fB\-\-logfile\fR=\fIFILE\fR Filename to log to. Default is STDOUT diff --git a/src/gui.c b/src/gui.c index 4e9e152..9d642c0 100644 --- a/src/gui.c +++ b/src/gui.c @@ -1454,7 +1454,7 @@ void nwipe_gui_method( void ) extern int terminate_signal; /* The number of implemented methods. */ - const int count = 7; + const int count = 8; /* The first tabstop. */ const int tab1 = 2; @@ -1483,6 +1483,7 @@ void nwipe_gui_method( void ) if( nwipe_options.method == &nwipe_gutmann ) { focus = 4; } if( nwipe_options.method == &nwipe_random ) { focus = 5; } if( nwipe_options.method == &nwipe_verify ) { focus = 6; } + if( nwipe_options.method == &nwipe_is5enh ) { focus = 7; } do @@ -1501,6 +1502,7 @@ void nwipe_gui_method( void ) mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_gutmann ) ); mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_random ) ); mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_verify ) ); + mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_is5enh ) ); mvwprintw( main_window, yy++, tab1, " " ); /* Print the cursor. */ @@ -1588,6 +1590,19 @@ void nwipe_gui_method( void ) break; + case 7: + + mvwprintw( main_window, 2, tab2, "syslinux.cfg: nuke=\"nwipe --method is5enh\"" ); + mvwprintw( main_window, 3, tab2, "Security Level: Medium (3 passes)" ); + + /* 0 1 2 3 4 5 6 7 8 */ + mvwprintw( main_window, yy++, tab1, "HMG IA/IS 5 (Infosec Standard 5): Secure Sanitisation of Protectively Marked " ); + mvwprintw( main_window, yy++, tab1, "Information or Sensitive Information " ); + mvwprintw( main_window, yy++, tab1, " " ); + mvwprintw( main_window, yy++, tab1, "This method fills the device with 0s, then with 1s, then with a PRNG stream, " ); + mvwprintw( main_window, yy++, tab1, "then reads the device to verify the PRNG stream was successfully written. " ); + break; + } /* switch */ /* Add a border. */ @@ -1665,6 +1680,10 @@ void nwipe_gui_method( void ) case 6: nwipe_options.method = &nwipe_verify; break; + + case 7: + nwipe_options.method = &nwipe_is5enh; + break; } diff --git a/src/method.c b/src/method.c index 68ef338..727c61a 100644 --- a/src/method.c +++ b/src/method.c @@ -66,6 +66,7 @@ const char* nwipe_ops2_label = "RCMP TSSIT OPS-II"; const char* nwipe_random_label = "PRNG Stream"; const char* nwipe_zero_label = "Zero Fill"; const char* nwipe_verify_label = "Verify Blank"; +const char* nwipe_is5enh_label = "HMG IS5 Enhanced"; const char* nwipe_unknown_label = "Unknown Method (FIXME)"; @@ -83,6 +84,7 @@ const char* nwipe_method_label( void* method ) if( method == &nwipe_random ) { return nwipe_random_label; } if( method == &nwipe_zero ) { return nwipe_zero_label; } if( method == &nwipe_verify ) { return nwipe_verify_label; } + if( method == &nwipe_is5enh ) { return nwipe_is5enh_label; } /* else */ return nwipe_unknown_label; @@ -574,7 +576,24 @@ void *nwipe_ops2( void *ptr ) return NULL; } /* nwipe_ops2 */ +void *nwipe_is5enh( void *ptr ) +{ + nwipe_context_t *c = (nwipe_context_t *) ptr; + c->wipe_status = 1; + char is5enh[3] = {'\x00', '\xFF', '\x00'}; + nwipe_pattern_t patterns[] = + { + { 1, &is5enh[0] }, /* Pass 1: 0s */ + { 1, &is5enh[1] }, /* Pass 2: 1s */ + { -1, &is5enh[2] }, /* Pass 3: random bytes with verification */ + { 0, NULL } + }; + c->result = nwipe_runmethod( c, patterns ); + + c->wipe_status = 0; + return NULL; +} /* nwipe_is5enh */ void *nwipe_random( void *ptr ) { @@ -796,7 +815,10 @@ int nwipe_runmethod( nwipe_context_t* c, nwipe_pattern_t* patterns ) /* Check for a fatal error. */ if( r < 0 ) { return r; } - if( nwipe_options.verify == NWIPE_VERIFY_ALL || lastpass == 1 ) + /* Make sure IS5 enhanced always verifies its PRNG pass regardless */ + /* of the current combination of the --noblank (which influences */ + /* the lastpass variable) and --verify options. */ + if( nwipe_options.verify == NWIPE_VERIFY_ALL || lastpass == 1 || nwipe_options.method == &nwipe_is5enh ) { nwipe_log( NWIPE_LOG_NOTICE, "Verifying pass %i of %i, round %i of %i, on device '%s'.", \ c->pass_working, c->pass_count, c->round_working, c->round_count, c->device_name ); diff --git a/src/method.h b/src/method.h index 89b30da..5096780 100644 --- a/src/method.h +++ b/src/method.h @@ -50,6 +50,7 @@ void *nwipe_dod522022m( void *ptr ); void *nwipe_dodshort( void *ptr ); void *nwipe_gutmann( void *ptr ); void *nwipe_ops2( void *ptr ); +void *nwipe_is5enh( void *ptr ); void *nwipe_random( void *ptr ); void *nwipe_zero( void *ptr ); void *nwipe_verify( void *ptr ); diff --git a/src/options.c b/src/options.c index 396d697..17551c7 100644 --- a/src/options.c +++ b/src/options.c @@ -254,6 +254,12 @@ int nwipe_options_parse( int argc, char** argv ) break; } + if( strcmp( optarg, "is5enh" ) == 0 ) + { + nwipe_options.method = &nwipe_is5enh; + break; + } + /* Else we do not know this wipe method. */ fprintf( stderr, "Error: Unknown wipe method '%s'.\n", optarg ); exit( EINVAL );