springboot>> Encryption-Decryption-Device-Linux>> 返回
项目作者: shagunuppal

项目描述 :
Kernel Modules for Encryption and Decryption Devices for a Linux System
高级语言: C
项目地址: git://github.com/shagunuppal/Encryption-Decryption-Device-Linux.git


Encryption-Decryption-Device-Linux

Course Assignment for Operating Systems (CSE231)

Instructor : Dr. Sambuddho Chakravarty

The aim of this assignment was to create character devices for encryption as well as decryption of files.

The Encryption Device (encdev) :


The device computes a simple block cipher (encryption) on a file (the input) and outputs the encrypted file.
For this, a kernel module based device driver for the encdev device needs to be written so as to use VFS data structures and define open(), read(), write() and close() functions for this device.
The device can be accesses via a call to open() system call, passing the device file path as an argument. The first call to write() internally initializes the shared random key (a random 128-bit number).
Subsequent write()s would result in the bytes being encrypted and stored internally in the kernel in some data structure, e.g. some dynamically allocated location.
The last block to be written is signaled through an EOF byte being written to the file, which is not encrypted.
Subsequent read()s result in reading off the encrypted blocks, until an EOF is encountered. Finally, upon calling close(), the initialized data structures are deallocated.






The Decryption Device (decdev) :


Just like encdev, there is a decdev device file which is used to decrement an encrypted file. Similar to encdev, there are functions like open() and write() which helps in writing blocks of encrypted file to the device. The first block of 128-bits (16 bytes) happens to be the key (the same is one used for encryption
and decryption). The subsequent blocks written are the cipher blocks (encrypted previously via the encdev). Here again the last block is signaled via the EOF character. Each of these blocks is decrypted and stored in some internal data structure.
Thereafter, subsequent read() calls result in reading blocks of decrypted blocks. The final block is again signaled through reading off the previously written EOF character.




Commands to create the devices

Following are the commands to first create the encryption and decryption devices on a Linux System :



mknod /dev/encdev c 150 1

chmod a+r+w /dev/encdev

cd enc

make

insmod encdev.ko



mknod /dev/decdev c 160 1

chmod a+r+w /dev/decdev

cd dec

make

insmod decdev.ko

Test Function

The test program can be used to check the functioning of the devices. Name of the file that is to be encrypted and decrypted must be passed as an argument on the comand line, for example some.txt here.


gcc test.c

./a.out some.txt