[ciphershed] Reviewed some of the code

  • From: Bill Cox <waywardgeek@xxxxxxxxx>
  • To: ciphershed@xxxxxxxxxxxxx
  • Date: Wed, 25 Jun 2014 15:22:45 -0400

Hash: SHA1

I had a chance to read through some of the TrueCrypt code.  I read the code
for the
Windows boot loader in the Boot directory.  It looks OK to me.  I was
fearing much worse!
The audit made it sound like a complete mess, but I think it's going to be
simple enough
to whip into shape.  If we must maintain this code, as it sounds like we
must for at least
a few years, then I volunteer to maintain it, or rewrite it if required for
reasons.  It looks like we will not be able to avoid the dependency on a
1993 version of
Microsoft Visual C, but I think we can live with it.  I would also like to
be involved in
a UEFI boot loader, assuming we write one.  We should collaborate with the
VeraCrypt guy
on this, I think, since he sounds fairly knowlegable about it.

There may be other more qualified people that will join the project who
have more boot
loader experience.  If someone like that does join who would like to
maintain this code,
I would prefer to hand it over.  I'm a lazy developer in general :-)  I
want to focus on
security, but am willing to do this sort of work.

I also looked into code that has any E4M copyright.

There are 47,602 lines of code derived in part from the E4M code.  The E4M
license claims
copyright 1998-2000 by Paul Le Roux.  SecureStar claims ownership of the
E4M code now,
though Paul Le Roux's license looks like it is valid, which is not
contraticted yet by
SecureStar, though it sounds like there is bad blood there.  However, this
code is really
really old!  It needs a rewrite.  It's not so much that Paul Le Roux did a
good/bad job.
The problem is that a *lot* of this code looks like it dates back as far as
1990!  GUI
APIs and portability have come a long way since then.

For example, the file Common/Dlgcode.c (9,000 lines long!) is written
directly to the
Windows API.  The code is Common/Crypto.c has a lot of core crypto stuff,
but the code is
highly dated.  We should rewrite it, even though it appears to be used
The E4M code mixes Windows GUI, and FAT/NTFS along with more generic code
that gets linked
into the Linux version.  Some of this code looks valuable, such as the
FAT/NTFS code, but
it needs to be cleanly isolated from the portable code.  Given the link to
E4M, I would
recommend we remove all of the E4M code from the system.

Much of this code is duplicated in the Linux version in a cleaner, more
portable way, so
we do not have to rewrite all 46,000 lines to get rid of the E4M code.
After that, we
still have a *lot* of code to rewrite due to migrating to a FOSS
(preferably BSD) license.
Mostly it's the wxWindows GUI code.  Maybe we could do this in two major
rewrites: first
eliminate the E4M code and have a major release, and then rewrite the
rest.  There's also
the issue of how to rewrite some of the crypto code.  There are well
reviewed BSD
compatible versions for most of the crypto code we need, I think.  As much
fun as it would
be, I'm not sure we need to write any actual encryption code.


I have never been served with any warrant such as an NSL, I have no gag
order of any kind,
and am not under any sort of compulsion related to the CipherShed project.
The last
CipherShed git commit I have personally verified (all the way to the first
commit) is
Version: GnuPG v1.4.13 (Cygwin)


Other related posts: