Narcissus/nwipe
2
0
Fork 0
mirror of https://github.com/martijnvanbrummelen/nwipe.git synced 2026-02-20 22:15:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add ones (0xFF) verification method.

Browse Source
This commit is contained in:
PartialVolume
2021-10-28 21:50:19 +01:00
parent 9196e7748b
commit a379329fca
5 changed files with 116 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
man/nwipe.1
View File

@@ -98,11 +98,13 @@ ops2 \- RCMP TSSIT OPS\-II
.IP
random / prng / stream \- PRNG Stream
.IP
zero / quick \- Overwrite with zeros
zero / quick \- Overwrite with zeros 0x00
.IP
one \- Overwrite with ones
one \- Overwrite with ones 0xFF
.IP
verify \- Verifies disk is zero filled
verify_zero \- Verifies disk is zero filled
.IP
verify_one \- Verifies disk is 0xFF filled
.IP
is5enh \- HMG IS5 enhanced
.TP

33
src/gui.c
View File

@@ -1048,7 +1048,7 @@ void nwipe_gui_select( int count, nwipe_context_t** c )
break;
}
if( nwipe_options.method == &nwipe_verify )
if( nwipe_options.method == &nwipe_verify_zero || nwipe_options.method == &nwipe_verify_one )
{
/* Warn the user about that zero blanking with the ops2 method is not allowed */
wattron( footer_window, COLOR_PAIR( 10 ) );
@@ -1244,7 +1244,8 @@ void nwipe_gui_options( void )
mvwprintw( options_window, NWIPE_GUI_OPTIONS_ROUNDS_Y, NWIPE_GUI_OPTIONS_ROUNDS_X, "Rounds: " );
/* Disable blanking for ops2 and verify methods */
if( nwipe_options.method == &nwipe_ops2 || nwipe_options.method == &nwipe_verify )
if( nwipe_options.method == &nwipe_ops2 || nwipe_options.method == &nwipe_verify_zero
|| nwipe_options.method == &nwipe_verify_one )
{
nwipe_options.noblank = 1;
}
@@ -1930,7 +1931,7 @@ void nwipe_gui_method( void )
extern int terminate_signal;
/* The number of implemented methods. */
const int count = 9;
const int count = 10;
/* The first tabstop. */
const int tab1 = 2;
@@ -1980,14 +1981,18 @@ void nwipe_gui_method( void )
{
focus = 6;
}
if( nwipe_options.method == &nwipe_verify )
if( nwipe_options.method == &nwipe_verify_zero )
{
focus = 7;
}
if( nwipe_options.method == &nwipe_is5enh )
if( nwipe_options.method == &nwipe_verify_one )
{
focus = 8;
}
if( nwipe_options.method == &nwipe_is5enh )
{
focus = 9;
}
do
{
@@ -2007,7 +2012,8 @@ void nwipe_gui_method( void )
mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_dod522022m ) );
mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_gutmann ) );
mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_random ) );
mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_verify ) );
mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_verify_zero ) );
mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_verify_one ) );
mvwprintw( main_window, yy++, tab1, " %s", nwipe_method_label( &nwipe_is5enh ) );
mvwprintw( main_window, yy++, tab1, " " );
@@ -2124,6 +2130,15 @@ void nwipe_gui_method( void )
case 8:
mvwprintw( main_window, 2, tab2, "Security Level: Not applicable" );
mvwprintw( main_window, 4, tab2, "This method only reads the device and checks " );
mvwprintw( main_window, 5, tab2, "that it is all ones (0xFF). " );
break;
case 9:
mvwprintw( main_window, 2, tab2, "Security Level: higher (3 passes)" );
mvwprintw( main_window, 4, tab2, "HMG IA/IS 5 (Infosec Standard 5): Secure " );
@@ -2220,10 +2235,14 @@ void nwipe_gui_method( void )
break;
case 7:
nwipe_options.method = &nwipe_verify;
nwipe_options.method = &nwipe_verify_zero;
break;
case 8:
nwipe_options.method = &nwipe_verify_one;
break;
case 9:
nwipe_options.method = &nwipe_is5enh;
break;
}

83
src/method.c
View File

@@ -65,7 +65,8 @@ const char* nwipe_ops2_label = "RCMP TSSIT OPS-II";
const char* nwipe_random_label = "PRNG Stream";
const char* nwipe_zero_label = "Fill With Zeros";
const char* nwipe_one_label = "Fill With Ones";
const char* nwipe_verify_label = "Verify Blank";
const char* nwipe_verify_zero_label = "Verify Zeros (0x00)";
const char* nwipe_verify_one_label = "Verify Ones (0xFF)";
const char* nwipe_is5enh_label = "HMG IS5 Enhanced";
const char* nwipe_unknown_label = "Unknown Method (FIXME)";
@@ -105,9 +106,13 @@ const char* nwipe_method_label( void* method )
{
return nwipe_one_label;
}
if( method == &nwipe_verify )
if( method == &nwipe_verify_zero )
{
return nwipe_verify_label;
return nwipe_verify_zero_label;
}
if( method == &nwipe_verify_one )
{
return nwipe_verify_one_label;
}
if( method == &nwipe_is5enh )
{
@@ -185,10 +190,40 @@ void* nwipe_one( void* ptr )
return NULL;
} /* nwipe_one */
void* nwipe_verify( void* ptr )
void* nwipe_verify_zero( void* ptr )
{
/**
* Fill the device with zeroes.
* Verify the device is full of zeros.
*/
nwipe_context_t* c;
c = (nwipe_context_t*) ptr;
/* get current time at the start of the wipe */
time( &c->start_time );
/* set wipe in progress flag for GUI */
c->wipe_status = 1;
/* Do nothing because nwipe_runmethod appends a zero-fill. */
nwipe_pattern_t patterns[] = { { 0, NULL } };
/* Run the method. */
c->result = nwipe_runmethod( c, patterns );
/* Finished. Set the wipe_status flag so that the GUI knows */
c->wipe_status = 0;
/* get current time at the end of the wipe */
time( &c->end_time );
return NULL;
} /* nwipe_verify zeros */
void* nwipe_verify_one( void* ptr )
{
/**
* Verify the device is full of ones.
*/
nwipe_context_t* c;
@@ -739,6 +774,9 @@ int nwipe_runmethod( nwipe_context_t* c, nwipe_pattern_t* patterns )
/* The zero-fill pattern for the final pass of most methods. */
nwipe_pattern_t pattern_zero = { 1, "\x00" };
/* The one-fill pattern for verification of the ones fill */
nwipe_pattern_t pattern_one = { 1, "\xFF" };
/* Create the PRNG state buffer. */
c->prng_seed.length = NWIPE_KNOB_PRNG_STATE_LENGTH;
c->prng_seed.s = malloc( c->prng_seed.length );
@@ -769,7 +807,7 @@ int nwipe_runmethod( nwipe_context_t* c, nwipe_pattern_t* patterns )
c->result = c->round_size;
/* If only verifing then the round size is the device size */
if( nwipe_options.method == &nwipe_verify )
if( nwipe_options.method == &nwipe_verify_zero || nwipe_options.method == &nwipe_verify_one )
{
c->round_size = c->device_size;
}
@@ -1032,9 +1070,9 @@ int nwipe_runmethod( nwipe_context_t* c, nwipe_pattern_t* patterns )
} /* final ops2 */
else if( nwipe_options.method == &nwipe_verify )
else if( nwipe_options.method == &nwipe_verify_zero )
{
nwipe_log( NWIPE_LOG_NOTICE, "Verifying that %s is empty", c->device_name );
nwipe_log( NWIPE_LOG_NOTICE, "Verifying that %s is zeroed", c->device_name );
/* Verify the final zero pass. */
c->pass_type = NWIPE_PASS_VERIFY;
@@ -1048,11 +1086,36 @@ int nwipe_runmethod( nwipe_context_t* c, nwipe_pattern_t* patterns )
}
if( c->verify_errors == 0 )
{
nwipe_log( NWIPE_LOG_NOTICE, "[SUCCESS] Verified that %s is empty.", c->device_name );
nwipe_log( NWIPE_LOG_NOTICE, "[SUCCESS] Verified that %s is Zeroed.", c->device_name );
}
else
{
nwipe_log( NWIPE_LOG_ERROR, "[FAILURE] %s is not empty .", c->device_name );
nwipe_log( NWIPE_LOG_ERROR, "[FAILURE] %s has not been Zeroed .", c->device_name );
}
} /* verify */
else if( nwipe_options.method == &nwipe_verify_one )
{
nwipe_log( NWIPE_LOG_NOTICE, "Verifying that %s is Ones (0xFF)", c->device_name );
/* Verify the final ones pass. */
c->pass_type = NWIPE_PASS_VERIFY;
r = nwipe_static_verify( c, &pattern_one );
c->pass_type = NWIPE_PASS_NONE;
/* Check for a fatal error. */
if( r < 0 )
{
return r;
}
if( c->verify_errors == 0 )
{
nwipe_log( NWIPE_LOG_NOTICE, "[SUCCESS] Verified that %s is full of ones (0xFF).", c->device_name );
}
else
{
nwipe_log( NWIPE_LOG_ERROR, "[FAILURE] %s is not full of ones (0xFF).", c->device_name );
}
} /* verify */

3
src/method.h
View File

@@ -52,7 +52,8 @@ void* nwipe_is5enh( void* ptr );
void* nwipe_random( void* ptr );
void* nwipe_zero( void* ptr );
void* nwipe_one( void* ptr );
void* nwipe_verify( void* ptr );
void* nwipe_verify_zero( void* ptr );
void* nwipe_verify_one( void* ptr );
void calculate_round_size( nwipe_context_t* );

13
src/options.c
View File

@@ -282,9 +282,15 @@ int nwipe_options_parse( int argc, char** argv )
break;
}
if( strcmp( optarg, "verify" ) == 0 )
if( strcmp( optarg, "verify_zero" ) == 0 )
{
nwipe_options.method = &nwipe_verify;
nwipe_options.method = &nwipe_verify_zero;
break;
}
if( strcmp( optarg, "verify_one" ) == 0 )
{
nwipe_options.method = &nwipe_verify_one;
break;
}
@@ -536,7 +542,8 @@ void display_help()
puts( " random / prng / stream - PRNG Stream" );
puts( " zero / quick - Overwrite with zeros" );
puts( " one - Overwrite with ones (0xFF)" );
puts( " verify - Verifies disk is zero filled\n" );
puts( " verify_zero - Verifies disk is zero filled\n" );
puts( " verify_one - Verifies disk is 0xFF filled\n" );
puts( " -l, --logfile=FILE Filename to log to. Default is STDOUT\n" );
puts( " -p, --prng=METHOD PRNG option (mersenne|twister|isaac)\n" );
puts( " -r, --rounds=NUM Number of times to wipe the device using the selected" );