X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=tfcrypt.c;h=4eb2b04cc5d620af0741ed66af20c1f7998d54e1;hb=13cc886eb2edfe7be4e65067be6df01e2f08436a;hp=5ed5bbf1979cad49d5ee15bc876495b82ebc822a;hpb=ee5e048cace46d40dfb9fe450eb00f977c78ab12;p=tfcrypt.git

diff --git a/tfcrypt.c b/tfcrypt.c
index 5ed5bbf..4eb2b04 100644
--- a/tfcrypt.c
+++ b/tfcrypt.c
@@ -2,7 +2,7 @@
  * tfcrypt -- high security Threefish encryption tool.
  *
  * tfcrypt is copyrighted:
- * Copyright (C) 2012-2018 Andrey Rys. All rights reserved.
+ * Copyright (C) 2012-2019 Andrey Rys. All rights reserved.
  *
  * tfcrypt is licensed to you under the terms of std. MIT/X11 license:
  *
@@ -28,6 +28,22 @@
 
 #include "tfcrypt.h"
 
+static tfc_byte svctr[TF_BLOCK_SIZE];
+
+static void open_log(const char *logfile)
+{
+	int fd;
+
+	if (!strcmp(logfile, "-")) return;
+
+	fd = open(logfile, O_WRONLY | O_CREAT | O_LARGEFILE | O_TRUNC, 0666);
+	if (fd == -1) xerror(NO, NO, YES, "%s", logfile);
+	xclose(2);
+	if (dup2(fd, 2) == -1) xexit(2);
+	xclose(fd);
+	do_statline_dynamic = NO;
+}
+
 static int getps_filter(struct getpasswd_state *getps, char chr, size_t pos)
 {
 	if (chr == '\x03') {
@@ -83,12 +99,37 @@ static int getps_plain_hex_filter(struct getpasswd_state *getps, char chr, size_
 	return 1;
 }
 
+static void make_hint(void *hint, size_t szhint, const void *data, size_t szdata)
+{
+	char t[TF_FROM_BITS(TF_MAX_BITS)];
+
+	skein(t, TF_MAX_BITS, NULL, data, szdata);
+	xor_shrink(hint, szhint, t, sizeof(t));
+	memset(t, 0, sizeof(t));
+}
+
+static void raw_say_hint(void *hint, size_t szhint, const void *data, size_t szdata, const char *prompt)
+{
+	make_hint(hint, szhint, data, szdata);
+	if (prompt) tfc_nfsay(stderr, "%s: ", prompt);
+	mehexdump(hint, szhint, szhint, 1);
+	memset(hint, 0, szhint);
+}
+
+static void say_hint(const void *data, size_t szdata, const char *prompt)
+{
+	char t[TF_SIZE_UNIT];
+	raw_say_hint(t, TF_SIZE_UNIT, data, szdata, prompt);
+	/* t[] is erased (automatically) */
+}
+
 int main(int argc, char **argv)
 {
 	int c;
 	double td;
 	char *s, *d, *t, *stoi;
 	size_t x, n;
+	tfc_fsize rwd;
 
 	progname = basename(argv[0]);
 
@@ -104,8 +145,14 @@ int main(int argc, char **argv)
 _baddfname:
 	memset(s, 0, n);
 
+	if (!strcmp(progname, "iotool")) {
+		do_edcrypt = TFC_DO_PLAIN;
+		password = YES;
+		ctr_mode = TFC_MODE_PLAIN;
+	}
+
 	opterr = 0;
-	while ((c = getopt(argc, argv, "L:s:aU:C:r:K:t:Pkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) {
+	while ((c = getopt(argc, argv, "L:s:aU:C:r:K:t:Pkzxc:l:qedn:vV:pwE:o:O:S:AmuM:R:Z:WHD:")) != -1) {
 		switch (c) {
 			case 'L':
 				read_defaults(optarg, NO);
@@ -125,6 +172,29 @@ _baddfname:
 					counter_opt = TFC_CTR_RAND;
 				else if (!strcasecmp(optarg, "zero"))
 					counter_opt = TFC_CTR_ZERO;
+				else if (strchr(optarg, ':')) {
+					char *ss, chr;
+
+					counter_opt = TFC_CTR_SSET;
+					n = sizeof(ctr);
+
+					s = d = optarg; t = NULL;
+					while ((s = strtok_r(d, ",", &t))) {
+						if (d) d = NULL;
+
+						if (n == 0) break;
+						ss = strchr(s, ':');
+						if (!ss) continue;
+						*ss = 0; ss++;
+						chr = (char)strtoul(s, &stoi, 16);
+						if (!str_empty(stoi)) continue;
+						x = (size_t)strtoul(ss, &stoi, 10);
+						if (!str_empty(stoi)) continue;
+						if (x > n) x = n;
+						memset(ctr+(sizeof(ctr)-n), (int)chr, x);
+						n -= x;
+					}
+				}
 				else counter_file = sksum_hashlist_file = optarg;
 				break;
 			case 'C':
@@ -148,10 +218,10 @@ _baddfname:
 				ctr_mode = TFC_MODE_PLAIN;
 				break;
 			case 'e':
-				do_edcrypt = TFC_DO_ENCRYPT;
+				if (do_edcrypt != TFC_DO_PLAIN) do_edcrypt = TFC_DO_ENCRYPT;
 				break;
 			case 'd':
-				do_edcrypt = TFC_DO_DECRYPT;
+				if (do_edcrypt != TFC_DO_PLAIN) do_edcrypt = TFC_DO_DECRYPT;
 				break;
 			case 'D':
 				macbits = strtoul(optarg, &stoi, 10);
@@ -229,6 +299,9 @@ _baddfname:
 					error_action = TFC_ERRACT_LSYNC;
 				else xerror(NO, YES, YES, "invalid error action %s specified", optarg);
 				break;
+			case 'o':
+				open_log(optarg);
+				break;
 			case 'O':
 				s = d = optarg; t = NULL;
 				while ((s = strtok_r(d, ",", &t))) {
@@ -261,6 +334,10 @@ _baddfname:
 						do_full_key = YES;
 					else if (!strcmp(s, "showsecrets"))
 						show_secrets = YES;
+					else if (!strcmp(s, "finished"))
+						show_when_done = YES;
+					else if (!strncmp(s, "logfile", 7) && *(s+7) == '=')
+						open_log(s+8);
 					else if (!strncmp(s, "iobs", 4) && *(s+4) == '=') {
 						s += 5;
 						blksize = (size_t)tfc_humanfsize(s, &stoi);
@@ -376,6 +453,24 @@ _baddfname:
 						if (counter_opt == TFC_CTR_HEAD)
 							maxlen += TF_BLOCK_SIZE;
 					}
+					else if (!strncmp(s, "ftrunc", 6) && *(s+6) == '=') {
+						s += 7;
+						if (!strcmp(s, "tail")) {
+							do_ftrunc = TFC_FTRUNC_TAIL;
+							ftrunc_dfd = NOFSIZE;
+						}
+						else {
+							do_ftrunc = TFC_DO_FTRUNC;
+							ftrunc_dfd = tfc_humanfsize(s, &stoi);
+							if (!str_empty(stoi)) {
+								ftrunc_dfd = tfc_fnamesize(s, YES);
+								ftrunc_dfd = tfc_modifysize(ftrunc_dfd, strchr(s, ':'));
+								if (ftrunc_dfd == NOFSIZE) xerror(NO, YES, YES,
+								"%s: invalid ftrunc value", s);
+							}
+							else ftrunc_dfd = tfc_modifysize(ftrunc_dfd, strchr(s, ':'));
+						}
+					}
 					else if (!strncmp(s, "xkey", 4) && *(s+4) == '=') {
 						s += 5;
 						maxkeylen = tfc_humanfsize(s, &stoi);
@@ -430,9 +525,11 @@ _baddfname:
 					do_mac_file = optarg;
 				break;
 			case 'm':
+			case 'u':
 				if (do_mac != TFC_MAC_VRFY)
 					xerror(NO, YES, YES, "signature source was not specified");
 				do_mac = TFC_MAC_JUST_VRFY;
+				if (c == 'u') do_mac = TFC_MAC_JUST_VRFY2;
 				break;
 			case 'R':
 			case 'Z':
@@ -477,6 +574,7 @@ _baddfname:
 			case 'q':
 				quiet = YES;
 				verbose = NO;
+				do_full_hexdump = NO;
 				status_timer = 0;
 				break;
 			case 'v':
@@ -569,7 +667,7 @@ _nosalt:
 			lrem = lblock = sizeof(tmpdata);
 			if (error_action == TFC_ERRACT_SYNC) rdpos = tfc_fdgetpos(mkfd);
 _mkragain:		lio = xread(mkfd, pblk, lrem);
-			if (lio == 0) do_stop = YES;
+			if (lio == 0 && do_stop == NO) do_stop = YES;
 			if (lio != NOSIZE) ldone += lio;
 			else {
 				if (errno != EIO && catch_all_errors != YES)
@@ -612,14 +710,8 @@ _mkragain:		lio = xread(mkfd, pblk, lrem);
 		n = xgetpasswd(&getps);
 		if (n == NOSIZE) xerror(NO, NO, YES, "getting MAC password");
 		if (n == ((size_t)-2)) xexit(1);
+		if (verbose) say_hint(pwdask, n, "MAC password hint");
 		skein(mackey, TF_MAX_BITS, NULL, pwdask, n);
-		if (verbose) {
-			skein(tmpdata, TF_MAX_BITS, NULL, mackey, TF_FROM_BITS(TF_MAX_BITS));
-			xor_shrink(tmpdata+TF_FROM_BITS(TF_MAX_BITS), TF_SIZE_UNIT, tmpdata, TF_FROM_BITS(TF_MAX_BITS));
-			tfc_nfsay(stderr, "MAC password hint: ");
-			mehexdump(tmpdata+TF_FROM_BITS(TF_MAX_BITS), TF_SIZE_UNIT, TF_SIZE_UNIT, 1);
-			memset(tmpdata, 0, sizeof(tmpdata));
-		}
 	}
 
 	
@@ -807,6 +899,7 @@ _xts2keyaskstr:	memset(&getps, 0, sizeof(struct getpasswd_state));
 		n = xgetpasswd(&getps);
 		if (n == NOSIZE) xerror(NO, NO, YES, "getting string rawkey");
 		if (n == ((size_t)-2)) xexit(1);
+		if (verbose) say_hint(pblk, n, "Raw string key hint");
 		if (ctr_mode == TFC_MODE_XTS) {
 			if (xtskeyset == NO) {
 				pblk = xtskey; n = sizeof(xtskey);
@@ -837,6 +930,7 @@ _rawkey_hex_again:
 		}
 		hex2bin(pblk, pwdask);
 		memset(pwdask, 0, sizeof(pwdask));
+		if (verbose) say_hint(pblk, n/2, "Raw hex key hint");
 		if (ctr_mode == TFC_MODE_XTS) {
 			if (xtskeyset == NO) {
 				pblk = xtskey;
@@ -871,6 +965,7 @@ _pwdagain:	memset(&getps, 0, sizeof(struct getpasswd_state));
 				goto _pwdagain;
 			}
 		}
+		if (verbose) say_hint(pwdask, n, "Password hint");
 		skein(key, TFC_KEY_BITS, mackey_opt ? mackey : NULL, pwdask, n);
 		memset(pwdask, 0, sizeof(pwdask));
 		memset(pwdagain, 0, sizeof(pwdagain));
@@ -955,6 +1050,7 @@ _xts2genkey:	if (xwrite(krfd, pblk, TF_FROM_BITS(TFC_KEY_BITS)) == NOSIZE) xerro
 
 	tfc_data_to_words64(&iseek_blocks, sizeof(iseek_blocks));
 	tf_ctr_set(ctr, &iseek_blocks, sizeof(iseek_blocks));
+	if (do_mac == TFC_MAC_JUST_VRFY2) memcpy(svctr, ctr, TF_BLOCK_SIZE);
 
 	if (counter_opt == TFC_CTR_SHOW) {
 		switch (do_outfmt) {
@@ -996,9 +1092,8 @@ _plain:
 	sigact.sa_flags = SA_RESTART;
 	sigact.sa_handler = print_crypt_status;
 	sigaction(SIGUSR1, &sigact, NULL);
-	sigaction(SIGTSTP, &sigact, NULL);
 	sigaction(SIGALRM, &sigact, NULL);
-	if (status_timer) setup_next_alarm(status_timer);
+	if (status_timer) setup_next_alarm(status_timer > 1000000 ? 1000000 : status_timer);
 	sigact.sa_handler = change_status_width;
 	sigaction(SIGQUIT, &sigact, NULL);
 	sigact.sa_handler = change_status_timer;
@@ -1007,11 +1102,14 @@ _plain:
 		sigact.sa_handler = print_crypt_status;
 		sigaction(SIGINT, &sigact, NULL);
 		sigaction(SIGTERM, &sigact, NULL);
+		sigaction(SIGTSTP, &sigact, NULL);
 	}
 	else {
 		sigact.sa_handler = exit_sigterm;
 		sigaction(SIGINT, &sigact, NULL);
 		sigaction(SIGTERM, &sigact, NULL);
+		sigact.sa_handler = handle_sigtstp;
+		sigaction(SIGTSTP, &sigact, NULL);
 	}
 	memset(&sigact, 0, sizeof(struct sigaction));
 
@@ -1037,6 +1135,24 @@ _ctrwagain:	lio = xwrite(dfd, pblk, lrem);
 
 	if (ctr_mode == TFC_MODE_STREAM) tfe_init_iv(&tfe, key, ctr);
 
+	if (do_mac == TFC_MAC_JUST_VRFY2) {
+		rwd = tfc_fdgetpos(sfd);
+		if (rwd == NOFSIZE) {
+			tfc_esay("%s: WARNING: input is not seekable, disabling MAC testing mode", progname);
+			do_mac = TFC_MAC_VRFY;
+		}
+		goto _nodecrypt_again_vrfy2;
+
+_decrypt_again_vrfy2:
+		if (lseek(sfd, (off_t)rwd, SEEK_SET) == ((off_t)-1)) {
+			xerror(ignore_seek_errors, NO, YES, "MAC testing seek failed");
+		}
+		total_processed_src = rwd;
+		memcpy(ctr, svctr, TF_BLOCK_SIZE);
+		memset(svctr, 0, TF_BLOCK_SIZE);
+	}
+
+_nodecrypt_again_vrfy2:
 	errno = 0;
 	do_stop = NO;
 	while (1) {
@@ -1046,7 +1162,7 @@ _ctrwagain:	lio = xwrite(dfd, pblk, lrem);
 		lrem = lblock = blk_len_adj(maxlen, total_processed_src, blksize);
 		if (error_action == TFC_ERRACT_SYNC) rdpos = tfc_fdgetpos(sfd);
 _ragain:	lio = xread(sfd, pblk, lrem);
-		if (lio == 0) do_stop = TFC_STOP_BEGAN;
+		if (lio == 0) do_stop = YES;
 		if (lio != NOSIZE) ldone += lio;
 		else {
 			if (errno != EIO && catch_all_errors != YES)
@@ -1106,7 +1222,7 @@ _ragain:	lio = xread(sfd, pblk, lrem);
 
 		if (do_mac >= TFC_MAC_VRFY && ctr_mode < TFC_MODE_OCB)
 			skein_update(&sk, dstblk, ldone);
-		if (do_mac == TFC_MAC_JUST_VRFY) goto _nowrite;
+		if (do_mac >= TFC_MAC_JUST_VRFY) goto _nowrite;
 
 		pblk = dstblk;
 		lrem = ldone;
@@ -1120,14 +1236,16 @@ _wagain:	lio = xwrite(dfd, pblk, lrem);
 			lrem -= lio;
 			goto _wagain;
 		}
+		total_written_dst += ldone;
 _nowrite:	total_processed_dst += ldone;
 		delta_processed += ldone;
 
-		if (maxlen != NOFSIZE && total_processed_src >= maxlen) break;
+		if (maxlen != NOFSIZE && total_processed_src >= maxlen) {
+			do_stop = YES;
+			break;
+		}
 	}
 
-	if (do_stop == TFC_STOP_FULL) goto _nomac;
-
 	errno = 0;
 	if (do_mac >= TFC_MAC_VRFY) {
 		if (!do_mac_file) {
@@ -1203,10 +1321,18 @@ _macragain:		lio = xread(sfd, pblk, lrem);
 					else mehexdump(macresult, TF_FROM_BITS(macbits), TF_FROM_BITS(macbits), YES);
 				}
 			}
+			if (do_mac == TFC_MAC_JUST_VRFY2) {
+				if (verbose) tfc_esay("%s: -u: MAC signature is valid, proceeding with decrypting it again", progname);
+				do_mac = TFC_MAC_DROP;
+				goto _decrypt_again_vrfy2;
+			}
 		}
 		else {
-			if (quiet == NO) tfc_esay("%s: signature is BAD: "
+			if (quiet == NO) {
+				tfc_esay("%s: signature is BAD: "
 				"wrong password, key, mode, or file is not signed", progname);
+				if (do_mac == TFC_MAC_JUST_VRFY2) tfc_esay("%s: -u: MAC signature is invalid, not decrypting it again", progname);
+			}
 			exitcode = 1;
 		}
 
@@ -1272,12 +1398,7 @@ _macwagain:		lio = xwrite(dfd, pblk, lrem);
 		memset(tmpdata, 0, sizeof(tmpdata));
 	}
 
-_nomac:
-	if (verbose || status_timer || do_stop == TFC_STOP_FULL) print_crypt_status(0);
-
-	if (do_preserve_time) fcopy_matime(dfd, &s_stat);
-	xclose(sfd);
-	xclose(dfd);
+	if (verbose || status_timer || (do_stop == YES && quiet == NO)) print_crypt_status(0);
 
 	xexit(exitcode);
 	return -1;