diff options
Diffstat (limited to 'misc/dmg2img')
-rw-r--r-- | misc/dmg2img/0001-openssl-1.1-compatibility.patch | 219 | ||||
-rw-r--r-- | misc/dmg2img/dmg2img.1 | 42 | ||||
-rw-r--r-- | misc/dmg2img/dmg2img.SlackBuild | 19 | ||||
-rw-r--r-- | misc/dmg2img/dmg2img.info | 2 |
4 files changed, 278 insertions, 4 deletions
diff --git a/misc/dmg2img/0001-openssl-1.1-compatibility.patch b/misc/dmg2img/0001-openssl-1.1-compatibility.patch new file mode 100644 index 0000000000..b5ed45d2ff --- /dev/null +++ b/misc/dmg2img/0001-openssl-1.1-compatibility.patch @@ -0,0 +1,219 @@ +From f16f247d30f868e84f31e24792b4464488f1c009 Mon Sep 17 00:00:00 2001 +From: Peter Wu <peter@lekensteyn.nl> +Date: Tue, 2 May 2017 15:53:38 +0200 +Subject: [PATCH] vfdecrypt: OpenSSL 1.1 compatibility + +Allocate contexts from the heap on all OpenSSL versions, this is needed +since OpenSSL 1.1.0. No attempt is done at addressing issues like global +variables and fixing potential memleaks on error paths. + +Compile-tested only with OpenSSL 1.1.0e (Arch Linux) and OpenSSL 1.0.2g +(Ubuntu 16.04), I have no test file. + +Fixes https://github.com/Lekensteyn/dmg2img/issues/4 +--- + vfdecrypt.c | 103 ++++++++++++++++++++++++++++++++++++++++++++++-------------- + 1 file changed, 80 insertions(+), 23 deletions(-) + +diff --git a/vfdecrypt.c b/vfdecrypt.c +index 56d3530..b1a36d3 100644 +--- a/vfdecrypt.c ++++ b/vfdecrypt.c +@@ -183,7 +183,7 @@ void adjust_v2_header_byteorder(cencrypted_v2_pwheader *pwhdr) { + pwhdr->encrypted_keyblob_size = htonl(pwhdr->encrypted_keyblob_size); + } + +-HMAC_CTX hmacsha1_ctx; ++HMAC_CTX *hmacsha1_ctx; + AES_KEY aes_decrypt_key; + int CHUNK_SIZE=4096; // default + +@@ -196,9 +196,9 @@ void compute_iv(uint32_t chunk_no, uint8_t *iv) { + unsigned int mdLen; + + chunk_no = OSSwapHostToBigInt32(chunk_no); +- HMAC_Init_ex(&hmacsha1_ctx, NULL, 0, NULL, NULL); +- HMAC_Update(&hmacsha1_ctx, (void *) &chunk_no, sizeof(uint32_t)); +- HMAC_Final(&hmacsha1_ctx, mdResult, &mdLen); ++ HMAC_Init_ex(hmacsha1_ctx, NULL, 0, NULL, NULL); ++ HMAC_Update(hmacsha1_ctx, (void *) &chunk_no, sizeof(uint32_t)); ++ HMAC_Final(hmacsha1_ctx, mdResult, &mdLen); + memcpy(iv, mdResult, CIPHER_BLOCKSIZE); + } + +@@ -212,52 +212,75 @@ void decrypt_chunk(uint8_t *ctext, uint8_t *ptext, uint32_t chunk_no) { + /* DES3-EDE unwrap operation loosely based on to RFC 2630, section 12.6 + * wrapped_key has to be 40 bytes in length. */ + int apple_des3_ede_unwrap_key(uint8_t *wrapped_key, int wrapped_key_len, uint8_t *decryptKey, uint8_t *unwrapped_key) { +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx; + uint8_t *TEMP1, *TEMP2, *CEKICV; + uint8_t IV[8] = { 0x4a, 0xdd, 0xa2, 0x2c, 0x79, 0xe8, 0x21, 0x05 }; + int outlen, tmplen, i; + +- EVP_CIPHER_CTX_init(&ctx); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ ctx = EVP_CIPHER_CTX_new(); ++#else ++ ctx = malloc(sizeof(*ctx)); ++#endif ++ if (!ctx) { ++ fprintf(stderr, "Out of memory: EVP_CIPHER_CTX!\n"); ++ return(-1); ++ } ++ ++ EVP_CIPHER_CTX_init(ctx); + /* result of the decryption operation shouldn't be bigger than ciphertext */ + TEMP1 = malloc(wrapped_key_len); + TEMP2 = malloc(wrapped_key_len); + CEKICV = malloc(wrapped_key_len); + /* uses PKCS#7 padding for symmetric key operations by default */ +- EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV); ++ EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, IV); + +- if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) { ++ if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, wrapped_key, wrapped_key_len)) { + fprintf(stderr, "internal error (1) during key unwrap operation!\n"); + return(-1); + } +- if(!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) { ++ if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) { + fprintf(stderr, "internal error (2) during key unwrap operation!\n"); + return(-1); + } + outlen += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_reset(ctx); ++#else ++ EVP_CIPHER_CTX_cleanup(ctx); ++#endif + + /* reverse order of TEMP3 */ + for(i = 0; i < outlen; i++) TEMP2[i] = TEMP1[outlen - i - 1]; + +- EVP_CIPHER_CTX_init(&ctx); ++ EVP_CIPHER_CTX_init(ctx); + /* uses PKCS#7 padding for symmetric key operations by default */ +- EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2); +- if(!EVP_DecryptUpdate(&ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) { ++ EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, decryptKey, TEMP2); ++ if(!EVP_DecryptUpdate(ctx, CEKICV, &outlen, TEMP2+8, outlen-8)) { + fprintf(stderr, "internal error (3) during key unwrap operation!\n"); + return(-1); + } +- if(!EVP_DecryptFinal_ex(&ctx, CEKICV + outlen, &tmplen)) { ++ if(!EVP_DecryptFinal_ex(ctx, CEKICV + outlen, &tmplen)) { + fprintf(stderr, "internal error (4) during key unwrap operation!\n"); + return(-1); + } + + outlen += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_reset(ctx); ++#else ++ EVP_CIPHER_CTX_cleanup(ctx); ++#endif + + memcpy(unwrapped_key, CEKICV+4, outlen-4); + free(TEMP1); + free(TEMP2); + free(CEKICV); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_free(ctx); ++#else ++ free(ctx); ++#endif + return(0); + } + +@@ -279,31 +302,46 @@ int unwrap_v1_header(char *passphrase, cencrypted_v1_header *header, uint8_t *ae + int unwrap_v2_header(char *passphrase, cencrypted_v2_pwheader *header, uint8_t *aes_key, uint8_t *hmacsha1_key) { + /* derived key is a 3DES-EDE key */ + uint8_t derived_key[192/8]; +- EVP_CIPHER_CTX ctx; ++ EVP_CIPHER_CTX *ctx; + uint8_t *TEMP1; + int outlen, tmplen; + ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ ctx = EVP_CIPHER_CTX_new(); ++#else ++ ctx = malloc(sizeof(*ctx)); ++#endif ++ if (!ctx) { ++ fprintf(stderr, "Out of memory: EVP_CIPHER_CTX!\n"); ++ return(-1); ++ } ++ + PKCS5_PBKDF2_HMAC_SHA1(passphrase, strlen(passphrase), (unsigned char*)header->kdf_salt, 20, + PBKDF2_ITERATION_COUNT, sizeof(derived_key), derived_key); + + print_hex(derived_key, 192/8); + +- EVP_CIPHER_CTX_init(&ctx); ++ EVP_CIPHER_CTX_init(ctx); + /* result of the decryption operation shouldn't be bigger than ciphertext */ + TEMP1 = malloc(header->encrypted_keyblob_size); + /* uses PKCS#7 padding for symmetric key operations by default */ +- EVP_DecryptInit_ex(&ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv); ++ EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, derived_key, header->blob_enc_iv); + +- if(!EVP_DecryptUpdate(&ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) { ++ if(!EVP_DecryptUpdate(ctx, TEMP1, &outlen, header->encrypted_keyblob, header->encrypted_keyblob_size)) { + fprintf(stderr, "internal error (1) during key unwrap operation!\n"); + return(-1); + } +- if(!EVP_DecryptFinal_ex(&ctx, TEMP1 + outlen, &tmplen)) { ++ if(!EVP_DecryptFinal_ex(ctx, TEMP1 + outlen, &tmplen)) { + fprintf(stderr, "internal error (2) during key unwrap operation!\n"); + return(-1); + } + outlen += tmplen; +- EVP_CIPHER_CTX_cleanup(&ctx); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ EVP_CIPHER_CTX_free(ctx); ++#else ++ EVP_CIPHER_CTX_cleanup(ctx); ++ free(ctx); ++#endif + memcpy(aes_key, TEMP1, 16); + memcpy(hmacsha1_key, TEMP1, 20); + +@@ -446,8 +484,21 @@ int main(int argc, char *argv[]) { + CHUNK_SIZE = v2header.blocksize; + } + +- HMAC_CTX_init(&hmacsha1_ctx); +- HMAC_Init_ex(&hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ hmacsha1_ctx = HMAC_CTX_new(); ++#else ++ hmacsha1_ctx = malloc(sizeof(*hmacsha1_ctx)); ++#endif ++ if (!hmacsha1_ctx) { ++ fprintf(stderr, "Out of memory: HMAC CTX!\n"); ++ exit(1); ++ } ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ HMAC_CTX_reset(hmacsha1_ctx); ++#else ++ HMAC_CTX_init(hmacsha1_ctx); ++#endif ++ HMAC_Init_ex(hmacsha1_ctx, hmacsha1_key, sizeof(hmacsha1_key), EVP_sha1(), NULL); + AES_set_decrypt_key(aes_key, CIPHER_KEY_LENGTH * 8, &aes_decrypt_key); + + if (verbose >= 1) { +@@ -472,5 +523,11 @@ int main(int argc, char *argv[]) { + } + + if (verbose) fprintf(stderr, "%"PRIX32" chunks written\n", chunk_no); ++#if OPENSSL_VERSION_NUMBER >= 0x10100000L ++ HMAC_CTX_free(hmacsha1_ctx); ++#else ++ HMAC_CTX_cleanup(hmacsha1_ctx); ++ free(hmacsha1_ctx); ++#endif + return(0); + } diff --git a/misc/dmg2img/dmg2img.1 b/misc/dmg2img/dmg2img.1 new file mode 100644 index 0000000000..5f3ac1b777 --- /dev/null +++ b/misc/dmg2img/dmg2img.1 @@ -0,0 +1,42 @@ +.TH "dmg2img" 1 +.SH NAME +dmg2img \- convert compressed dmg to standard (hfsplus) image disk files +.SH SYNOPSIS +.B dmg2img +[-s] [-v] [-V] [-d] <input.dmg> [<output.img>] +.PP +.B dmg2img +[-s] [-v] [-V] [-d] -i <input.dmg> -o <output.img> +.SH DESCRIPTION +.B dmg2img +is an Apple's compressed dmg to standard (hfsplus) image disk file conversion tool. +.SH OPTIONS +.TP +.B \-i +Path to the input .dmg file. +.TP +.B \-s +Silent operation +.TP +.B \-v +Verbose operation +Try to extract key from input file. +.TP +.B \-V +Extremely verbose operation +.TP +.B \-d +Enable debugging. +.TP +.B \-o +The output file (if left out it will be named <input_file>.img). +.SH "SEE ALSO" +vfdecrypt(1) +.SH AUTHORS +.TP +vu1tur <to@vu1tur.eu.org> +.TP +Jean-Pierre Demailly <demailly@fourier.ujf-grenoble.fr>. +.PP +This manual page was written by Soeren Sonnenburg <sonne@debian.org>, +for the Debian project (but may be used by others). diff --git a/misc/dmg2img/dmg2img.SlackBuild b/misc/dmg2img/dmg2img.SlackBuild index 941b7bae53..58316fc58c 100644 --- a/misc/dmg2img/dmg2img.SlackBuild +++ b/misc/dmg2img/dmg2img.SlackBuild @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # Slackware build script for dmg2img @@ -24,10 +24,13 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +cd $(dirname $0) ; CWD=$(pwd) + PRGNAM=dmg2img VERSION=${VERSION:-1.6.7} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} +PKGTYPE=${PKGTYPE:-tgz} if [ -z "$ARCH" ]; then case "$( uname -m )" in @@ -37,7 +40,14 @@ if [ -z "$ARCH" ]; then esac fi -CWD=$(pwd) +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE" + exit 0 +fi + TMP=${TMP:-/tmp/SBo} PKG=$TMP/package-$PRGNAM OUTPUT=${OUTPUT:-/tmp} @@ -71,6 +81,9 @@ find -L . \ \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; +# Thanks Archlinux! +patch -lp1 < $CWD/0001-openssl-1.1-compatibility.patch + make CFLAGS="$SLKCFLAGS" make install DESTDIR=$PKG @@ -93,4 +106,4 @@ mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.$PKGTYPE diff --git a/misc/dmg2img/dmg2img.info b/misc/dmg2img/dmg2img.info index e9add05f7f..9c56e9a2b8 100644 --- a/misc/dmg2img/dmg2img.info +++ b/misc/dmg2img/dmg2img.info @@ -7,4 +7,4 @@ DOWNLOAD_x86_64="" MD5SUM_x86_64="" REQUIRES="" MAINTAINER="Edward W. Koenig" -EMAIL="kingbeowulf@gmail.com" +EMAIL="kingbeowulf@linuxgalaxy.org" |