X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=tfcrypt.c;h=125e5c9c3743e56c0ad01b6ef15a6bf931070730;hb=4666ae1134223898de8012eca176625cc63a281f;hp=aeedd02b22f5e04f07867a06564fef092fac25f1;hpb=f402e6aa2dd18138ec26e9bfb340dae294637aec;p=tfcrypt.git

diff --git a/tfcrypt.c b/tfcrypt.c
index aeedd02..125e5c9 100644
--- a/tfcrypt.c
+++ b/tfcrypt.c
@@ -51,6 +51,38 @@ static int getps_hex_filter(struct getpasswd_state *getps, char chr, size_t pos)
 	return 0;
 }
 
+static inline int isctrlchr(int c)
+{
+	if (c == 9) return 0;
+	if (c >= 0 && c <= 31) return 1;
+	if (c == 127) return 1;
+	return 0;
+}
+
+static int getps_plain_filter(struct getpasswd_state *getps, char chr, size_t pos)
+{
+	int x;
+
+	x = getps_filter(getps, chr, pos);
+	if (x != 1) return x;
+
+	if (pos < getps->pwlen && !isctrlchr(chr))
+		write(getps->efd, &chr, sizeof(char));
+	return 1;
+}
+
+static int getps_plain_hex_filter(struct getpasswd_state *getps, char chr, size_t pos)
+{
+	int x;
+
+	x = getps_hex_filter(getps, chr, pos);
+	if (x != 1) return x;
+
+	if (pos < getps->pwlen && !isctrlchr(chr))
+		write(getps->efd, &chr, sizeof(char));
+	return 1;
+}
+
 int main(int argc, char **argv)
 {
 	int c;
@@ -73,7 +105,7 @@ _baddfname:
 	memset(s, 0, n);
 
 	opterr = 0;
-	while ((c = getopt(argc, argv, "L:s:aU:C:r:K:t:TPkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) {
+	while ((c = getopt(argc, argv, "L:s:aU:C:r:K:t:Pkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) {
 		switch (c) {
 			case 'L':
 				read_defaults(optarg, NO);
@@ -159,10 +191,7 @@ _baddfname:
 				break;
 			case 't':
 				tweakf = optarg;
-				break;
-			case 'T':
-				tfc_saltsz = 0;
-				do_tfcrypt1 = YES;
+				do_full_key = NO;
 				break;
 			case 'l':
 				if (maxlen != NOFSIZE) break;
@@ -228,6 +257,10 @@ _baddfname:
 						mac_pw_prompt = s+10;
 					else if (!strcmp(s, "shorthex"))
 						do_full_hexdump = NO;
+					else if (!strcmp(s, "fullkey"))
+						do_full_key = YES;
+					else if (!strcmp(s, "showsecrets"))
+						show_secrets = YES;
 					else if (!strncmp(s, "iobs", 4) && *(s+4) == '=') {
 						s += 5;
 						blksize = (size_t)tfc_humanfsize(s, &stoi);
@@ -493,8 +526,6 @@ _baddfname:
 		xerror(NO, YES, YES, "Cannot encrypt and read CTR from source!");
 	if (overwrite_source && counter_opt == TFC_CTR_RAND)
 		xerror(NO, YES, YES, "Cannot embed a CTR into file when overwriting it!");
-	if (tweakf && do_tfcrypt1 == NO)
-		xerror(NO, YES, YES, "Use -T with -t tweakfile to enable old tfcrypt mode!");
 	if (ctr_mode == TFC_MODE_PLAIN
 	&& (do_edcrypt || do_mac || rawkey
 	|| mackey_opt || counter_opt || counter_file))
@@ -575,8 +606,8 @@ _mkragain:		lio = xread(mkfd, pblk, lrem);
 		getps.passwd = pwdask;
 		getps.pwlen = sizeof(pwdask)-1;
 		getps.echo = mac_pw_prompt ? mac_pw_prompt : "Enter MAC password: ";
-		getps.charfilter = getps_filter;
-		getps.maskchar = 'x';
+		getps.charfilter = (show_secrets == YES) ? getps_plain_filter : getps_filter;
+		getps.maskchar = (show_secrets == YES) ? 0 : 'x';
 		getps.flags = GETP_WAITFILL;
 		n = xgetpasswd(&getps);
 		if (n == NOSIZE) xerror(NO, NO, YES, "getting MAC password");
@@ -618,7 +649,7 @@ _mkragain:		lio = xread(mkfd, pblk, lrem);
 	else password = YES;
 
 	errno = 0;
-	if (do_tfcrypt1 == YES && tweakf) {
+	if (do_full_key == NO && tweakf) {
 		int twfd;
 
 		if (!strcmp(tweakf, "-")) twfd = 0;
@@ -770,8 +801,8 @@ _xts2keyaskstr:	memset(&getps, 0, sizeof(struct getpasswd_state));
 		getps.passwd = (char *)pblk;
 		getps.pwlen = n;
 		getps.echo = pw_prompt ? pw_prompt : "Enter rawkey (str): ";
-		getps.charfilter = getps_filter;
-		getps.maskchar = 'x';
+		getps.charfilter = (show_secrets == YES) ? getps_plain_filter : getps_filter;
+		getps.maskchar = (show_secrets == YES) ? 0 : 'x';
 		getps.flags = GETP_WAITFILL;
 		n = xgetpasswd(&getps);
 		if (n == NOSIZE) xerror(NO, NO, YES, "getting string rawkey");
@@ -794,8 +825,8 @@ _rawkey_hex_again:
 		getps.passwd = pwdask;
 		getps.pwlen = (TF_FROM_BITS(TFC_KEY_BITS)*2);
 		getps.echo = pw_prompt ? pw_prompt : "Enter rawkey (hex): ";
-		getps.charfilter = getps_hex_filter;
-		getps.maskchar = 'x';
+		getps.charfilter = (show_secrets == YES) ? getps_plain_hex_filter : getps_hex_filter;
+		getps.maskchar = (show_secrets == YES) ? 0 : 'x';
 		getps.flags = GETP_WAITFILL;
 		n = xgetpasswd(&getps);
 		if (n == NOSIZE) xerror(NO, NO, YES, "getting hex rawkey");
@@ -820,8 +851,8 @@ _pwdagain:	memset(&getps, 0, sizeof(struct getpasswd_state));
 		getps.passwd = pwdask;
 		getps.pwlen = sizeof(pwdask)-1;
 		getps.echo = pw_prompt ? pw_prompt : "Enter password: ";
-		getps.charfilter = getps_filter;
-		getps.maskchar = 'x';
+		getps.charfilter = (show_secrets == YES) ? getps_plain_filter : getps_filter;
+		getps.maskchar = (show_secrets == YES) ? 0 : 'x';
 		getps.flags = GETP_WAITFILL;
 		n = xgetpasswd(&getps);
 		if (n == NOSIZE) xerror(NO, NO, YES, "getting password");
@@ -914,7 +945,7 @@ _xts2genkey:	if (xwrite(krfd, pblk, TF_FROM_BITS(TFC_KEY_BITS)) == NOSIZE) xerro
 
 	tf_convkey(key);
 	if (ctr_mode == TFC_MODE_XTS) tf_convkey(xtskey);
-	if (do_tfcrypt1 == YES) {
+	if (do_full_key == NO) {
 		if (!tweakf) skein(tweak, TF_NR_TWEAK_BITS, NULL, key, TF_FROM_BITS(TFC_KEY_BITS));
 		tf_tweak_set(key, tweak);
 	}