X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=tfcrypt.c;h=7e9ef8c16915ddb15f7a718516f0ca9cdd518730;hb=335d0464d6ea90d5f30e6846e3142c287e0d582c;hp=5ed5bbf1979cad49d5ee15bc876495b82ebc822a;hpb=ee5e048cace46d40dfb9fe450eb00f977c78ab12;p=tfcrypt.git

diff --git a/tfcrypt.c b/tfcrypt.c
index 5ed5bbf..7e9ef8c 100644
--- a/tfcrypt.c
+++ b/tfcrypt.c
@@ -83,6 +83,30 @@ static int getps_plain_hex_filter(struct getpasswd_state *getps, char chr, size_
 	return 1;
 }
 
+static void make_hint(void *hint, size_t szhint, const void *data, size_t szdata)
+{
+	char t[TF_FROM_BITS(TF_MAX_BITS)];
+
+	skein(t, TF_MAX_BITS, NULL, data, szdata);
+	xor_shrink(hint, szhint, t, sizeof(t));
+	memset(t, 0, sizeof(t));
+}
+
+static void raw_say_hint(void *hint, size_t szhint, const void *data, size_t szdata, const char *prompt)
+{
+	make_hint(hint, szhint, data, szdata);
+	if (prompt) tfc_nfsay(stderr, "%s: ", prompt);
+	mehexdump(hint, szhint, szhint, 1);
+	memset(hint, 0, szhint);
+}
+
+static void say_hint(const void *data, size_t szdata, const char *prompt)
+{
+	char t[TF_SIZE_UNIT];
+	raw_say_hint(t, TF_SIZE_UNIT, data, szdata, prompt);
+	/* t[] is erased (automatically) */
+}
+
 int main(int argc, char **argv)
 {
 	int c;
@@ -376,6 +400,17 @@ _baddfname:
 						if (counter_opt == TFC_CTR_HEAD)
 							maxlen += TF_BLOCK_SIZE;
 					}
+					else if (!strncmp(s, "ftrunc", 6) && *(s+6) == '=') {
+						s += 7;
+						ftrunc_dfd = tfc_humanfsize(s, &stoi);
+						if (!str_empty(stoi)) {
+							ftrunc_dfd = tfc_fnamesize(s, YES);
+							ftrunc_dfd = tfc_modifysize(ftrunc_dfd, strchr(s, ':'));
+							if (ftrunc_dfd == NOFSIZE) xerror(NO, YES, YES,
+							"%s: invalid ftrunc value", s);
+						}
+						else ftrunc_dfd = tfc_modifysize(ftrunc_dfd, strchr(s, ':'));
+					}
 					else if (!strncmp(s, "xkey", 4) && *(s+4) == '=') {
 						s += 5;
 						maxkeylen = tfc_humanfsize(s, &stoi);
@@ -477,6 +512,7 @@ _baddfname:
 			case 'q':
 				quiet = YES;
 				verbose = NO;
+				do_full_hexdump = NO;
 				status_timer = 0;
 				break;
 			case 'v':
@@ -612,14 +648,8 @@ _mkragain:		lio = xread(mkfd, pblk, lrem);
 		n = xgetpasswd(&getps);
 		if (n == NOSIZE) xerror(NO, NO, YES, "getting MAC password");
 		if (n == ((size_t)-2)) xexit(1);
+		if (verbose) say_hint(pwdask, n, "MAC password hint");
 		skein(mackey, TF_MAX_BITS, NULL, pwdask, n);
-		if (verbose) {
-			skein(tmpdata, TF_MAX_BITS, NULL, mackey, TF_FROM_BITS(TF_MAX_BITS));
-			xor_shrink(tmpdata+TF_FROM_BITS(TF_MAX_BITS), TF_SIZE_UNIT, tmpdata, TF_FROM_BITS(TF_MAX_BITS));
-			tfc_nfsay(stderr, "MAC password hint: ");
-			mehexdump(tmpdata+TF_FROM_BITS(TF_MAX_BITS), TF_SIZE_UNIT, TF_SIZE_UNIT, 1);
-			memset(tmpdata, 0, sizeof(tmpdata));
-		}
 	}
 
 	
@@ -807,6 +837,7 @@ _xts2keyaskstr:	memset(&getps, 0, sizeof(struct getpasswd_state));
 		n = xgetpasswd(&getps);
 		if (n == NOSIZE) xerror(NO, NO, YES, "getting string rawkey");
 		if (n == ((size_t)-2)) xexit(1);
+		if (verbose) say_hint(pblk, n, "Raw string key hint");
 		if (ctr_mode == TFC_MODE_XTS) {
 			if (xtskeyset == NO) {
 				pblk = xtskey; n = sizeof(xtskey);
@@ -837,6 +868,7 @@ _rawkey_hex_again:
 		}
 		hex2bin(pblk, pwdask);
 		memset(pwdask, 0, sizeof(pwdask));
+		if (verbose) say_hint(pblk, n/2, "Raw hex key hint");
 		if (ctr_mode == TFC_MODE_XTS) {
 			if (xtskeyset == NO) {
 				pblk = xtskey;
@@ -871,6 +903,7 @@ _pwdagain:	memset(&getps, 0, sizeof(struct getpasswd_state));
 				goto _pwdagain;
 			}
 		}
+		if (verbose) say_hint(pwdask, n, "Password hint");
 		skein(key, TFC_KEY_BITS, mackey_opt ? mackey : NULL, pwdask, n);
 		memset(pwdask, 0, sizeof(pwdask));
 		memset(pwdagain, 0, sizeof(pwdagain));
@@ -1277,6 +1310,7 @@ _nomac:
 
 	if (do_preserve_time) fcopy_matime(dfd, &s_stat);
 	xclose(sfd);
+	if (ftrunc_dfd != NOFSIZE) if (ftruncate(dfd, (off_t)ftrunc_dfd) == -1) xerror(YES, NO, YES, "ftruncate(%d)", dfd);
 	xclose(dfd);
 
 	xexit(exitcode);