git: tcplay - Use cryptoapi instead of /dev/crypto

Mon Apr 14 07:27:08 PDT 2025

commit c06d1031abbee2577e05da83882039fa6d19302a
Author: Michael Neumann <mneumann at ntecs.de>
Date:   Sun Apr 13 13:34:28 2025 +0200

    tcplay - Use cryptoapi instead of /dev/crypto
    
    tcplay(8) is a BSD-licensed Truecrypt/Veracrypt compatible
    implementation by Alex Hornung.
    
    libtcplay and tcplay no longer depend on the existence of /dev/crypto.
    OpenBSD, for one, removed /dev/crypto. Also, there are two bug
    reports #3311 and #3370 related to tcplay and/or cryptodev. I could
    not reproduce them anymore before this commit. So they might have
    already been fixed by other commits or they might be heisebugs.
    
    Why can't we use the algorithms from LibreSSL?
    
    Well, while we could use AES from LibreSSL, LibreSSL does not support
    Twofish and Serpent, two non-standardized algorithms. So we'd either
    have to drop Twofish and Serpent, or use cryptoapi for just those.
    
    Note that when using tcplay, all file encryption is performed by
    "dm_target_crypt" under the hood.
    
    Tested by creating a Veracrypt-encrypted drive using a chain of AES,
    Twofish and Serpent on Windows and then trying to open and use it on
    DragonFly. Works flawlessly.

Summary of changes:
 lib/libtcplay/Makefile                       |   9 +-
 lib/libtcplay/{crypto-dev.c => crypto-api.c} | 135 ++++++++-------------------
 2 files changed, 49 insertions(+), 95 deletions(-)
 copy lib/libtcplay/{crypto-dev.c => crypto-api.c} (50%)

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c06d1031abbee2577e05da83882039fa6d19302a


-- 
DragonFly BSD source repository