From c3679f9d3b3a78866b35877074e7ad4d2a0978fa Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Sat, 28 Dec 2019 19:10:22 +0000 Subject: [PATCH 1/6] fixup PRNG names in README.md --- README.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 3e24ddf..3e1ae70 100644 --- a/README.md +++ b/README.md @@ -17,9 +17,8 @@ The user can select from a variety of recognised secure erase methods which incl * Verify only - This method only reads the device and checks that it is all zero. It also includes the following pseudo random number generators: -* mersenne -* twister -* isaac +* Mersenne Twister +* ISAAC It is a fork of the dwipe command used by Darik's Boot and Nuke (dban). nwipe is included with [partedmagic](https://partedmagic.com) and From 97c736e630cabd43f33bef1969ed329dead4354a Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Sat, 28 Dec 2019 19:11:43 +0000 Subject: [PATCH 2/6] fixup a comment in method.c --- src/method.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/method.c b/src/method.c index 2f7c937..68ef338 100644 --- a/src/method.c +++ b/src/method.c @@ -22,11 +22,11 @@ /* HOWTO: Add another wipe method. * - * 1. Create a new function here and add the prototype to the 'nwipe.h' file. + * 1. Create a new function here and add the prototype to the 'method.h' file. * 2. Update nwipe_method_label() appropriately. - * 3. Put the passes that you wish to run into a nwipe_patterns_t array. + * 3. Put the passes that you wish to run into a nwipe_pattern_t array. * 4. Call nwipe_runmethod() with your array of patterns. - * 5. Cut-and-paste within the 'options.c' file so that the new method can be invoked. + * 5. Copy-and-paste within the 'options.c' file so that the new method can be invoked. * 6. Optionally try to plug your function into 'gui.c'. * * From f866d84e3dc08a763ea2b25b6e50e88913455723 Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Sat, 28 Dec 2019 20:20:32 +0000 Subject: [PATCH 3/6] fixup descriptions of --noblank Both display_help() and nwipe_options_parse() are consistent about the --noblank option, in that it exists and has no short form. Make the man page and nwipe_gui_noblank() indicate that correctly. Mention that "ops2" never blanks the device regardless of the option. --- man/nwipe.1 | 6 +++++- src/gui.c | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/man/nwipe.1 b/man/nwipe.1 index ed59017..a91675c 100644 --- a/man/nwipe.1 +++ b/man/nwipe.1 @@ -1,4 +1,4 @@ -.TH NWIPE "1" "September 2019" "nwipe version 0.26" "User Commands" +.TH NWIPE "1" "December 2019" "nwipe version 0.26" "User Commands" .SH NAME nwipe \- securely erase disks .SH SYNOPSIS @@ -37,6 +37,10 @@ those specified devices immediately. \fB\-\-sync\fR Open devices in sync mode .TP +\fB\-\-noblank\fR +Do not perform the final blanking pass after the wipe (default is to blank, +except when the method is RCMP TSSIT OPS\-II). +.TP \fB\-\-nowait\fR Do not wait for a key before exiting (default is to wait). .TP diff --git a/src/gui.c b/src/gui.c index 7440c0e..4e9e152 100644 --- a/src/gui.c +++ b/src/gui.c @@ -1366,15 +1366,19 @@ void nwipe_gui_noblank( void ) /* 0 1 2 3 4 5 6 7 8 */ mvwprintw( main_window, yy++, tab1, "Perform a final blanking pass after the wipe, leaving disk with only zeros. " ); + mvwprintw( main_window, yy++, tab1, "Note that the RCMP TSSIT OPS-II method never blanks the device regardless " ); + mvwprintw( main_window, yy++, tab1, "of this setting. " ); mvwprintw( main_window, yy++, tab1, " " ); break; case 1: - mvwprintw( main_window, 2, tab2, "syslinux.cfg: nuke=\"nwipe -b\"" ); + mvwprintw( main_window, 2, tab2, "syslinux.cfg: nuke=\"nwipe --noblank\"" ); /* 0 1 2 3 4 5 6 7 8 */ mvwprintw( main_window, yy++, tab1, "Do not perform a final blanking pass. Leave data as per final wiping pass. " ); + mvwprintw( main_window, yy++, tab1, "Note that the RCMP TSSIT OPS-II method never blanks the device regardless " ); + mvwprintw( main_window, yy++, tab1, "of this setting. " ); mvwprintw( main_window, yy++, tab1, " " ); break; From e2c9d030de9d4d49ff2128c8626d16b7bd3578a2 Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Sat, 28 Dec 2019 20:43:53 +0000 Subject: [PATCH 4/6] fixup list formatting for --verify in the man page --- man/nwipe.1 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/man/nwipe.1 b/man/nwipe.1 index a91675c..b3c69ee 100644 --- a/man/nwipe.1 +++ b/man/nwipe.1 @@ -54,8 +54,11 @@ SIGUSR1 can be used to retrieve the current wiping statistics. .TP \fB\-\-verify\fR=\fITYPE\fR Whether to perform verification of erasure (default: last) +.IP off \- Do not verify +.IP last \- Verify after the last pass +.IP all \- Verify every pass .TP \fB\-m\fR, \fB\-\-method\fR=\fIMETHOD\fR From ead64479f47e3aeb6b55ff4cd42c1aeebccb4e03 Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Sat, 28 Dec 2019 21:32:54 +0000 Subject: [PATCH 5/6] remove duplicate "h" from nwipe_options_short[] --- src/options.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/options.c b/src/options.c index 84f485a..396d697 100644 --- a/src/options.c +++ b/src/options.c @@ -53,7 +53,7 @@ int nwipe_options_parse( int argc, char** argv ) int i; /* The list of acceptable short options. */ - char nwipe_options_short[] = "Vhl:hm:p:r:e:"; + char nwipe_options_short[] = "Vhl:m:p:r:e:"; /* The list of acceptable long options. */ static struct option nwipe_options_long[] = { From 04fe9f217eedbaa5d74cb77b610e8582fff072b0 Mon Sep 17 00:00:00 2001 From: Denis Ovsienko Date: Sat, 28 Dec 2019 21:39:28 +0000 Subject: [PATCH 6/6] add an initial implementation of HMG IS5 enhanced I could not find the original specification of this standard, although many proprietary implementations exist (or claim to exist). Also there are many 3rd-party descriptions of the method, which often differ in one or another detail, but after some reading I could conclude that the most likely definition should be as follows: 1. Fill the device with zeroes, do not verify. 2. Fill the device with ones, do not verify. 3. Fill the device with a PRNG stream, do verify. In other words, this is a simplified version of nwipe's "dodshort". --- README.md | 1 + man/nwipe.1 | 5 +++++ src/gui.c | 21 ++++++++++++++++++++- src/method.c | 24 +++++++++++++++++++++++- src/method.h | 1 + src/options.c | 6 ++++++ 6 files changed, 56 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3e1ae70..6e6ebdd 100644 --- a/README.md +++ b/README.md @@ -15,6 +15,7 @@ The user can select from a variety of recognised secure erase methods which incl * Gutmann Wipe - Peter Gutmann's method (Secure Deletion of Data from Magnetic and Solid-State Memory). * PRNG Stream - Fills the device with a stream from the PRNG. * Verify only - This method only reads the device and checks that it is all zero. +* HMG IS5 enhanced - Secure Sanitisation of Protectively Marked Information or Sensitive Information It also includes the following pseudo random number generators: * Mersenne Twister diff --git a/man/nwipe.1 b/man/nwipe.1 index b3c69ee..0db3f63 100644 --- a/man/nwipe.1 +++ b/man/nwipe.1 @@ -60,6 +60,9 @@ off \- Do not verify last \- Verify after the last pass .IP all \- Verify every pass +.IP +Please mind that HMG IS5 enhanced always verifies the last (PRNG) pass +regardless of this option. .TP \fB\-m\fR, \fB\-\-method\fR=\fIMETHOD\fR The wiping method (default: dodshort). @@ -77,6 +80,8 @@ random / prng / stream \- PRNG Stream zero / quick \- Overwrite with zeros .IP verify \- Verifies disk is zero filled +.IP +is5enh \- HMG IS5 enhanced .TP \fB\-l\fR, \fB\-\-logfile\fR=\fIFILE\fR Filename to log to. Default is STDOUT diff --git a/src/gui.c b/src/gui.c index 4e9e152..9d642c0 100644 --- a/src/gui.c +++ b/src/gui.c @@ -1454,7 +1454,7 @@ void nwipe_gui_method( void ) extern int terminate_signal; /* The number of implemented methods. */ - const int count = 7; + const int count = 8; /* The first tabstop. */ const int tab1 = 2; @@ -1483,6 +1483,7 @@ void nwipe_gui_method( void ) if( nwipe_options.method == &nwipe_gutmann ) { focus = 4; } if( nwipe_options.method == &nwipe_random ) { focus = 5; } if( nwipe_options.method == &nwipe_verify ) { focus = 6; } + if( nwipe_options.method == &nwipe_is5enh ) { focus = 7; } do @@ -1501,6 +1502,7 @@ void nwipe_gui_method( void ) mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_gutmann ) ); mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_random ) ); mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_verify ) ); + mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_is5enh ) ); mvwprintw( main_window, yy++, tab1, " " ); /* Print the cursor. */ @@ -1588,6 +1590,19 @@ void nwipe_gui_method( void ) break; + case 7: + + mvwprintw( main_window, 2, tab2, "syslinux.cfg: nuke=\"nwipe --method is5enh\"" ); + mvwprintw( main_window, 3, tab2, "Security Level: Medium (3 passes)" ); + + /* 0 1 2 3 4 5 6 7 8 */ + mvwprintw( main_window, yy++, tab1, "HMG IA/IS 5 (Infosec Standard 5): Secure Sanitisation of Protectively Marked " ); + mvwprintw( main_window, yy++, tab1, "Information or Sensitive Information " ); + mvwprintw( main_window, yy++, tab1, " " ); + mvwprintw( main_window, yy++, tab1, "This method fills the device with 0s, then with 1s, then with a PRNG stream, " ); + mvwprintw( main_window, yy++, tab1, "then reads the device to verify the PRNG stream was successfully written. " ); + break; + } /* switch */ /* Add a border. */ @@ -1665,6 +1680,10 @@ void nwipe_gui_method( void ) case 6: nwipe_options.method = &nwipe_verify; break; + + case 7: + nwipe_options.method = &nwipe_is5enh; + break; } diff --git a/src/method.c b/src/method.c index 68ef338..727c61a 100644 --- a/src/method.c +++ b/src/method.c @@ -66,6 +66,7 @@ const char* nwipe_ops2_label = "RCMP TSSIT OPS-II"; const char* nwipe_random_label = "PRNG Stream"; const char* nwipe_zero_label = "Zero Fill"; const char* nwipe_verify_label = "Verify Blank"; +const char* nwipe_is5enh_label = "HMG IS5 Enhanced"; const char* nwipe_unknown_label = "Unknown Method (FIXME)"; @@ -83,6 +84,7 @@ const char* nwipe_method_label( void* method ) if( method == &nwipe_random ) { return nwipe_random_label; } if( method == &nwipe_zero ) { return nwipe_zero_label; } if( method == &nwipe_verify ) { return nwipe_verify_label; } + if( method == &nwipe_is5enh ) { return nwipe_is5enh_label; } /* else */ return nwipe_unknown_label; @@ -574,7 +576,24 @@ void *nwipe_ops2( void *ptr ) return NULL; } /* nwipe_ops2 */ +void *nwipe_is5enh( void *ptr ) +{ + nwipe_context_t *c = (nwipe_context_t *) ptr; + c->wipe_status = 1; + char is5enh[3] = {'\x00', '\xFF', '\x00'}; + nwipe_pattern_t patterns[] = + { + { 1, &is5enh[0] }, /* Pass 1: 0s */ + { 1, &is5enh[1] }, /* Pass 2: 1s */ + { -1, &is5enh[2] }, /* Pass 3: random bytes with verification */ + { 0, NULL } + }; + c->result = nwipe_runmethod( c, patterns ); + + c->wipe_status = 0; + return NULL; +} /* nwipe_is5enh */ void *nwipe_random( void *ptr ) { @@ -796,7 +815,10 @@ int nwipe_runmethod( nwipe_context_t* c, nwipe_pattern_t* patterns ) /* Check for a fatal error. */ if( r < 0 ) { return r; } - if( nwipe_options.verify == NWIPE_VERIFY_ALL || lastpass == 1 ) + /* Make sure IS5 enhanced always verifies its PRNG pass regardless */ + /* of the current combination of the --noblank (which influences */ + /* the lastpass variable) and --verify options. */ + if( nwipe_options.verify == NWIPE_VERIFY_ALL || lastpass == 1 || nwipe_options.method == &nwipe_is5enh ) { nwipe_log( NWIPE_LOG_NOTICE, "Verifying pass %i of %i, round %i of %i, on device '%s'.", \ c->pass_working, c->pass_count, c->round_working, c->round_count, c->device_name ); diff --git a/src/method.h b/src/method.h index 89b30da..5096780 100644 --- a/src/method.h +++ b/src/method.h @@ -50,6 +50,7 @@ void *nwipe_dod522022m( void *ptr ); void *nwipe_dodshort( void *ptr ); void *nwipe_gutmann( void *ptr ); void *nwipe_ops2( void *ptr ); +void *nwipe_is5enh( void *ptr ); void *nwipe_random( void *ptr ); void *nwipe_zero( void *ptr ); void *nwipe_verify( void *ptr ); diff --git a/src/options.c b/src/options.c index 396d697..17551c7 100644 --- a/src/options.c +++ b/src/options.c @@ -254,6 +254,12 @@ int nwipe_options_parse( int argc, char** argv ) break; } + if( strcmp( optarg, "is5enh" ) == 0 ) + { + nwipe_options.method = &nwipe_is5enh; + break; + } + /* Else we do not know this wipe method. */ fprintf( stderr, "Error: Unknown wipe method '%s'.\n", optarg ); exit( EINVAL );