X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=tfcrypt.c;h=aac2e68e5116da44c74763f31ba13d8130d91826;hb=5faadb0da4b63d4aa3359cfd97953738ee59a90d;hp=2390516a2ae9b35d7b3715f82e8deb596d7d1c8b;hpb=8b7f1839b1981554979af1aa2e5e8b58ad63fe77;p=tfcrypt.git diff --git a/tfcrypt.c b/tfcrypt.c index 2390516..aac2e68 100644 --- a/tfcrypt.c +++ b/tfcrypt.c @@ -2,7 +2,7 @@ * tfcrypt -- high security Threefish encryption tool. * * tfcrypt is copyrighted: - * Copyright (C) 2012-2018 Andrey Rys. All rights reserved. + * Copyright (C) 2012-2019 Andrey Rys. All rights reserved. * * tfcrypt is licensed to you under the terms of std. MIT/X11 license: * @@ -28,6 +28,26 @@ #include "tfcrypt.h" +static tfc_byte svctr[TF_BLOCK_SIZE]; +static tfc_fsize rwd, do_read_loops, loopcnt; + +static void open_log(const char *logfile) +{ + int fd; + tfc_yesno ro; + + if (!strcmp(logfile, "-")) return; + + ro = read_only; + read_only = NO; + fd = xopen(logfile, O_WRONLY | O_CREAT | O_LARGEFILE | O_TRUNC); + read_only = ro; + xclose(2); + if (dup2(fd, 2) == -1) xexit(2); + xclose(fd); + do_statline_dynamic = NO; +} + static int getps_filter(struct getpasswd_state *getps, char chr, size_t pos) { if (chr == '\x03') { @@ -51,6 +71,62 @@ static int getps_hex_filter(struct getpasswd_state *getps, char chr, size_t pos) return 0; } +static inline int isctrlchr(int c) +{ + if (c == 9) return 0; + if (c >= 0 && c <= 31) return 1; + if (c == 127) return 1; + return 0; +} + +static int getps_plain_filter(struct getpasswd_state *getps, char chr, size_t pos) +{ + int x; + + x = getps_filter(getps, chr, pos); + if (x != 1) return x; + + if (pos < getps->pwlen && !isctrlchr(chr)) + write(getps->efd, &chr, sizeof(char)); + return 1; +} + +static int getps_plain_hex_filter(struct getpasswd_state *getps, char chr, size_t pos) +{ + int x; + + x = getps_hex_filter(getps, chr, pos); + if (x != 1) return x; + + if (pos < getps->pwlen && !isctrlchr(chr)) + write(getps->efd, &chr, sizeof(char)); + return 1; +} + +static void make_hint(void *hint, size_t szhint, const void *data, size_t szdata) +{ + char t[TF_FROM_BITS(TF_MAX_BITS)]; + + skein(t, TF_MAX_BITS, NULL, data, szdata); + xor_shrink(hint, szhint, t, sizeof(t)); + memset(t, 0, sizeof(t)); +} + +static void raw_say_hint(void *hint, size_t szhint, const void *data, size_t szdata, const char *prompt) +{ + make_hint(hint, szhint, data, szdata); + if (prompt) tfc_nfsay(stderr, "%s: ", prompt); + mehexdump(hint, szhint, szhint, 1); + memset(hint, 0, szhint); +} + +static void say_hint(const void *data, size_t szdata, const char *prompt) +{ + char t[TF_SIZE_UNIT]; + raw_say_hint(t, TF_SIZE_UNIT, data, szdata, prompt); + /* t[] is erased (automatically) */ +} + int main(int argc, char **argv) { int c; @@ -58,6 +134,7 @@ int main(int argc, char **argv) char *s, *d, *t, *stoi; size_t x, n; + progpid = getpid(); progname = basename(argv[0]); if (!isatty(2)) do_statline_dynamic = NO; @@ -65,13 +142,21 @@ int main(int argc, char **argv) s = (char *)srcblk; d = getenv("HOME"); if (!d) d = ""; - xstrlcat(s, d, PATH_MAX > sizeof(srcblk) ? sizeof(srcblk) : PATH_MAX); - xstrlcat(s, "/.tfcrypt.defs", PATH_MAX > sizeof(srcblk) ? sizeof(srcblk) : PATH_MAX); + n = PATH_MAX > sizeof(srcblk) ? sizeof(srcblk) : PATH_MAX; + if (xstrlcpy(s, d, n) >= n) goto _baddfname; + if (xstrlcat(s, "/.tfcrypt.defs", n) >= n) goto _baddfname; read_defaults(s, YES); - memset(s, 0, PATH_MAX > sizeof(srcblk) ? sizeof(srcblk) : PATH_MAX); +_baddfname: + memset(s, 0, n); + + if (!strcmp(progname, "iotool")) { + do_edcrypt = TFC_DO_PLAIN; + password = YES; + ctr_mode = TFC_MODE_PLAIN; + } opterr = 0; - while ((c = getopt(argc, argv, "L:s:aU:C:r:K:t:TPkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) { + while ((c = getopt(argc, argv, "L:s:aU:C:r:K:t:Pkzxc:l:qedn:vV:pwE:o:O:S:AmuM:R:Z:WHD:")) != -1) { switch (c) { case 'L': read_defaults(optarg, NO); @@ -89,6 +174,31 @@ int main(int argc, char **argv) counter_opt = TFC_CTR_HEAD; else if (!strcasecmp(optarg, "rand")) counter_opt = TFC_CTR_RAND; + else if (!strcasecmp(optarg, "zero")) + counter_opt = TFC_CTR_ZERO; + else if (strchr(optarg, ':')) { + char *ss, chr; + + counter_opt = TFC_CTR_SSET; + n = sizeof(ctr); + + s = d = optarg; t = NULL; + while ((s = strtok_r(d, ",", &t))) { + if (d) d = NULL; + + if (n == 0) break; + ss = strchr(s, ':'); + if (!ss) continue; + *ss = 0; ss++; + chr = (char)strtoul(s, &stoi, 16); + if (!str_empty(stoi)) continue; + x = (size_t)strtoul(ss, &stoi, 10); + if (!str_empty(stoi)) continue; + if (x > n) x = n; + memset(ctr+(sizeof(ctr)-n), (int)chr, x); + n -= x; + } + } else counter_file = sksum_hashlist_file = optarg; break; case 'C': @@ -112,10 +222,10 @@ int main(int argc, char **argv) ctr_mode = TFC_MODE_PLAIN; break; case 'e': - do_edcrypt = TFC_DO_ENCRYPT; + if (do_edcrypt != TFC_DO_PLAIN) do_edcrypt = TFC_DO_ENCRYPT; break; case 'd': - do_edcrypt = TFC_DO_DECRYPT; + if (do_edcrypt != TFC_DO_PLAIN) do_edcrypt = TFC_DO_DECRYPT; break; case 'D': macbits = strtoul(optarg, &stoi, 10); @@ -155,10 +265,7 @@ int main(int argc, char **argv) break; case 't': tweakf = optarg; - break; - case 'T': - tfc_saltsz = 0; - do_tfcrypt1 = YES; + do_full_key = NO; break; case 'l': if (maxlen != NOFSIZE) break; @@ -196,6 +303,9 @@ int main(int argc, char **argv) error_action = TFC_ERRACT_LSYNC; else xerror(NO, YES, YES, "invalid error action %s specified", optarg); break; + case 'o': + open_log(optarg); + break; case 'O': s = d = optarg; t = NULL; while ((s = strtok_r(d, ",", &t))) { @@ -204,10 +314,16 @@ int main(int argc, char **argv) write_flags |= O_SYNC; else if (!strcmp(s, "trunc")) write_flags |= O_TRUNC; + else if (!strcmp(s, "append")) + write_flags |= O_APPEND; else if (!strcmp(s, "fsync")) do_fsync = YES; else if (!strcmp(s, "pad")) do_pad = YES; + else if (!strcmp(s, "ro")) + read_only = YES; + else if (!strcmp(s, "rw")) + read_only = NO; else if (!strcmp(s, "xtime")) do_preserve_time = YES; else if (!strcmp(s, "gibsize")) @@ -224,6 +340,20 @@ int main(int argc, char **argv) mac_pw_prompt = s+10; else if (!strcmp(s, "shorthex")) do_full_hexdump = NO; + else if (!strcmp(s, "fullkey")) + do_full_key = YES; + else if (!strcmp(s, "showsecrets")) + show_secrets = YES; + else if (!strcmp(s, "finished")) + show_when_done = YES; + else if (!strcmp(s, "pid")) + show_pid = YES; + else if (!strncmp(s, "readloops", 9) && *(s+9) == '=') { + do_read_loops = tfc_humanfsize(s+10, &stoi); + if (!str_empty(stoi)) do_read_loops = NOSIZE; + } + else if (!strncmp(s, "logfile", 7) && *(s+7) == '=') + open_log(s+8); else if (!strncmp(s, "iobs", 4) && *(s+4) == '=') { s += 5; blksize = (size_t)tfc_humanfsize(s, &stoi); @@ -234,7 +364,7 @@ int main(int argc, char **argv) "%s: invalid block size value", s); } else blksize = (size_t)tfc_modifysize((tfc_fsize)blksize, strchr(s, ':')); - if (blksize < TF_BLOCK_SIZE) xerror(NO, YES, YES, + if (do_edcrypt != TFC_DO_PLAIN && blksize < TF_BLOCK_SIZE) xerror(NO, YES, YES, "%s: block size is lesser than TF_BLOCK_SIZE (%u bytes)", s, TFC_U(TF_BLOCK_SIZE)); if (blksize > TFC_BLKSIZE) xerror(NO, YES, YES, "%s: block size exceeds %u bytes", @@ -326,6 +456,33 @@ int main(int argc, char **argv) } else oseek = tfc_modifysize(oseek, strchr(s, ':')); } + else if (!strncmp(s, "ioseek", 6) && *(s+6) == '=') { + s += 7; + + iseek = tfc_humanfsize(s, &stoi); + if (!str_empty(stoi)) { + iseek = tfc_fnamesize(s, YES); + iseek = tfc_modifysize(iseek, strchr(s, ':')); + if (iseek == NOFSIZE) xerror(NO, YES, YES, + "%s: invalid iseek value", s); + } + else iseek = tfc_modifysize(iseek, strchr(s, ':')); + if (ctr_mode != TFC_MODE_PLAIN && iseek % TF_BLOCK_SIZE) + xerror(NO, YES, YES, + "%s: not round to TF block size " + "of %u bytes", + s, TFC_U(TF_BLOCK_SIZE)); + iseek_blocks = iseek / TF_BLOCK_SIZE; + + oseek = tfc_humanfsize(s, &stoi); + if (!str_empty(stoi)) { + oseek = tfc_fnamesize(s, YES); + oseek = tfc_modifysize(oseek, strchr(s, ':')); + if (oseek == NOFSIZE) xerror(NO, YES, YES, + "%s: invalid oseek value", s); + } + else oseek = tfc_modifysize(oseek, strchr(s, ':')); + } else if (!strncmp(s, "count", 5) && *(s+5) == '=') { s += 6; maxlen = tfc_humanfsize(s, &stoi); @@ -339,6 +496,24 @@ int main(int argc, char **argv) if (counter_opt == TFC_CTR_HEAD) maxlen += TF_BLOCK_SIZE; } + else if (!strncmp(s, "ftrunc", 6) && *(s+6) == '=') { + s += 7; + if (!strcmp(s, "tail")) { + do_ftrunc = TFC_FTRUNC_TAIL; + ftrunc_dfd = NOFSIZE; + } + else { + do_ftrunc = TFC_DO_FTRUNC; + ftrunc_dfd = tfc_humanfsize(s, &stoi); + if (!str_empty(stoi)) { + ftrunc_dfd = tfc_fnamesize(s, YES); + ftrunc_dfd = tfc_modifysize(ftrunc_dfd, strchr(s, ':')); + if (ftrunc_dfd == NOFSIZE) xerror(NO, YES, YES, + "%s: invalid ftrunc value", s); + } + else ftrunc_dfd = tfc_modifysize(ftrunc_dfd, strchr(s, ':')); + } + } else if (!strncmp(s, "xkey", 4) && *(s+4) == '=') { s += 5; maxkeylen = tfc_humanfsize(s, &stoi); @@ -393,9 +568,11 @@ int main(int argc, char **argv) do_mac_file = optarg; break; case 'm': + case 'u': if (do_mac != TFC_MAC_VRFY) xerror(NO, YES, YES, "signature source was not specified"); do_mac = TFC_MAC_JUST_VRFY; + if (c == 'u') do_mac = TFC_MAC_JUST_VRFY2; break; case 'R': case 'Z': @@ -439,7 +616,9 @@ int main(int argc, char **argv) break; case 'q': quiet = YES; + xexit_no_nl = YES; verbose = NO; + do_full_hexdump = NO; status_timer = 0; break; case 'v': @@ -489,8 +668,6 @@ int main(int argc, char **argv) xerror(NO, YES, YES, "Cannot encrypt and read CTR from source!"); if (overwrite_source && counter_opt == TFC_CTR_RAND) xerror(NO, YES, YES, "Cannot embed a CTR into file when overwriting it!"); - if (tweakf && do_tfcrypt1 == NO) - xerror(NO, YES, YES, "Use -T with -t tweakfile to enable old tfcrypt mode!"); if (ctr_mode == TFC_MODE_PLAIN && (do_edcrypt || do_mac || rawkey || mackey_opt || counter_opt || counter_file)) @@ -507,8 +684,7 @@ int main(int argc, char **argv) if (!strcasecmp(saltf, "disable")) goto _nosalt; if (!strcmp(saltf, "-")) saltfd = 0; - else saltfd = open(saltf, O_RDONLY | O_LARGEFILE); - if (saltfd == -1) xerror(NO, NO, YES, "%s", saltf); + else saltfd = xopen(saltf, O_RDONLY | O_LARGEFILE); lio = xread(saltfd, tfc_salt, TFC_MAX_SALT - TF_FROM_BITS(TFC_KEY_BITS)); if (lio == NOSIZE) xerror(NO, NO, YES, "%s", saltf); tfc_saltsz = lio; @@ -521,8 +697,7 @@ _nosalt: tfc_yesno do_stop; if (!strcmp(mackeyf, "-")) mkfd = 0; - else mkfd = open(mackeyf, O_RDONLY | O_LARGEFILE); - if (mkfd == -1) xerror(NO, NO, YES, "%s", mackeyf); + else mkfd = xopen(mackeyf, O_RDONLY | O_LARGEFILE); skein_init(&sk, TFC_KEY_BITS); @@ -534,7 +709,7 @@ _nosalt: lrem = lblock = sizeof(tmpdata); if (error_action == TFC_ERRACT_SYNC) rdpos = tfc_fdgetpos(mkfd); _mkragain: lio = xread(mkfd, pblk, lrem); - if (lio == 0) do_stop = YES; + if (lio == 0 && do_stop == NO) do_stop = YES; if (lio != NOSIZE) ldone += lio; else { if (errno != EIO && catch_all_errors != YES) @@ -571,20 +746,14 @@ _mkragain: lio = xread(mkfd, pblk, lrem); getps.passwd = pwdask; getps.pwlen = sizeof(pwdask)-1; getps.echo = mac_pw_prompt ? mac_pw_prompt : "Enter MAC password: "; - getps.charfilter = getps_filter; - getps.maskchar = 'x'; + getps.charfilter = (show_secrets == YES) ? getps_plain_filter : getps_filter; + getps.maskchar = (show_secrets == YES) ? 0 : 'x'; getps.flags = GETP_WAITFILL; n = xgetpasswd(&getps); if (n == NOSIZE) xerror(NO, NO, YES, "getting MAC password"); if (n == ((size_t)-2)) xexit(1); + if (verbose) say_hint(pwdask, n, "MAC password hint"); skein(mackey, TF_MAX_BITS, NULL, pwdask, n); - if (verbose) { - skein(tmpdata, TF_MAX_BITS, NULL, mackey, TF_FROM_BITS(TF_MAX_BITS)); - xor_shrink(tmpdata+TF_FROM_BITS(TF_MAX_BITS), TF_SIZE_UNIT, tmpdata, TF_FROM_BITS(TF_MAX_BITS)); - tfc_nfsay(stderr, "MAC password hint: "); - mehexdump(tmpdata+TF_FROM_BITS(TF_MAX_BITS), TF_SIZE_UNIT, TF_SIZE_UNIT, 1); - memset(tmpdata, 0, sizeof(tmpdata)); - } } @@ -603,8 +772,7 @@ _mkragain: lio = xread(mkfd, pblk, lrem); if (argv[idx]) { if (password || rawkey > TFC_RAWKEY_KEYFILE) goto _nokeyfd; if (!strcmp(argv[idx], "-")) kfd = 0; - else kfd = open(argv[idx], O_RDONLY | O_LARGEFILE); - if (kfd == -1) xerror(NO, NO, YES, "%s", argv[idx]); + else kfd = xopen(argv[idx], O_RDONLY | O_LARGEFILE); lio = strnlen(argv[idx], PATH_MAX); memset(argv[idx], '*', lio); @@ -614,16 +782,16 @@ _mkragain: lio = xread(mkfd, pblk, lrem); else password = YES; errno = 0; - if (do_tfcrypt1 == YES && tweakf) { + if (do_full_key == NO && tweakf) { int twfd; if (!strcmp(tweakf, "-")) twfd = 0; else twfd = open(tweakf, O_RDONLY | O_LARGEFILE); if (twfd == -1) xerror(NO, NO, YES, "%s", tweakf); - lio = ldone = xread(twfd, key+TF_FROM_BITS(TF_MAX_BITS)+TF_SIZE_UNIT, 2*TF_SIZE_UNIT); + lio = ldone = xread(twfd, tweak, TF_TWEAK_SIZE); if (lio == NOSIZE) xerror(NO, NO, YES, "%s", tweakf); - if (ldone < 2*TF_SIZE_UNIT) - xerror(NO, NO, YES, "%s: %zu bytes tweak required", tweakf, 2*TF_SIZE_UNIT); + if (ldone < TF_TWEAK_SIZE) + xerror(NO, NO, YES, "%s: %zu bytes tweak required", tweakf, TF_TWEAK_SIZE); xclose(twfd); } @@ -632,19 +800,12 @@ _nokeyfd: if (argv[idx]) { if (!strcmp(argv[idx], "-") && kfd) sfd = 0; else { - sfd = open(argv[idx], O_RDONLY | O_LARGEFILE); + sfd = xopen(argv[idx], O_RDONLY | O_LARGEFILE); if (do_preserve_time) if (fstat(sfd, &s_stat) == -1) xerror(YES, NO, YES, "stat(%s)", argv[idx]); } - if (sfd == -1) xerror(NO, NO, YES, "%s", argv[idx]); - - if (do_edcrypt == TFC_DO_DECRYPT && do_mac != NO && maxlen != NOFSIZE) { - if (verbose) tfc_esay("%s: disabling signature verification on " - "requested partial decryption.", progname); - do_mac = NO; - } - if ((do_mac >= TFC_MAC_VRFY || do_mac == TFC_MAC_DROP) && !do_mac_file) { + if ((do_mac >= TFC_MAC_VRFY || do_mac <= TFC_MAC_DROP) && !do_mac_file) { maxlen = tfc_fdsize(sfd); if (maxlen == NOFSIZE) xerror(NO, YES, YES, @@ -667,8 +828,7 @@ _nokeyfd: int ctrfd; if (!strcmp(counter_file, "-")) ctrfd = 0; - else ctrfd = open(counter_file, O_RDONLY | O_LARGEFILE); - if (ctrfd == -1) xerror(NO, NO, YES, "%s", counter_file); + else ctrfd = xopen(counter_file, O_RDONLY | O_LARGEFILE); lio = xread(ctrfd, ctr, ctrsz); if (lio == NOSIZE) xerror(NO, NO, YES, "%s", counter_file); if (lio < ctrsz) xerror(NO, YES, YES, "counter file is too small (%zu)!", lio); @@ -715,7 +875,7 @@ _ctrskip1: if (ctr_mode == TFC_MODE_PLAIN) goto _plain; - if (verbose) tfc_esay("%s: hashing password", progname); + if (verbose) tfc_esay("%s: hashing password", tfc_format_pid(progname)); if (rawkey == TFC_RAWKEY_KEYFILE) { tfc_yesno xtskeyset = NO; @@ -766,12 +926,13 @@ _xts2keyaskstr: memset(&getps, 0, sizeof(struct getpasswd_state)); getps.passwd = (char *)pblk; getps.pwlen = n; getps.echo = pw_prompt ? pw_prompt : "Enter rawkey (str): "; - getps.charfilter = getps_filter; - getps.maskchar = 'x'; + getps.charfilter = (show_secrets == YES) ? getps_plain_filter : getps_filter; + getps.maskchar = (show_secrets == YES) ? 0 : 'x'; getps.flags = GETP_WAITFILL; n = xgetpasswd(&getps); if (n == NOSIZE) xerror(NO, NO, YES, "getting string rawkey"); if (n == ((size_t)-2)) xexit(1); + if (verbose) say_hint(pblk, n, "Raw string key hint"); if (ctr_mode == TFC_MODE_XTS) { if (xtskeyset == NO) { pblk = xtskey; n = sizeof(xtskey); @@ -790,8 +951,8 @@ _rawkey_hex_again: getps.passwd = pwdask; getps.pwlen = (TF_FROM_BITS(TFC_KEY_BITS)*2); getps.echo = pw_prompt ? pw_prompt : "Enter rawkey (hex): "; - getps.charfilter = getps_hex_filter; - getps.maskchar = 'x'; + getps.charfilter = (show_secrets == YES) ? getps_plain_hex_filter : getps_hex_filter; + getps.maskchar = (show_secrets == YES) ? 0 : 'x'; getps.flags = GETP_WAITFILL; n = xgetpasswd(&getps); if (n == NOSIZE) xerror(NO, NO, YES, "getting hex rawkey"); @@ -802,6 +963,7 @@ _rawkey_hex_again: } hex2bin(pblk, pwdask); memset(pwdask, 0, sizeof(pwdask)); + if (verbose) say_hint(pblk, n/2, "Raw hex key hint"); if (ctr_mode == TFC_MODE_XTS) { if (xtskeyset == NO) { pblk = xtskey; @@ -816,8 +978,8 @@ _pwdagain: memset(&getps, 0, sizeof(struct getpasswd_state)); getps.passwd = pwdask; getps.pwlen = sizeof(pwdask)-1; getps.echo = pw_prompt ? pw_prompt : "Enter password: "; - getps.charfilter = getps_filter; - getps.maskchar = 'x'; + getps.charfilter = (show_secrets == YES) ? getps_plain_filter : getps_filter; + getps.maskchar = (show_secrets == YES) ? 0 : 'x'; getps.flags = GETP_WAITFILL; n = xgetpasswd(&getps); if (n == NOSIZE) xerror(NO, NO, YES, "getting password"); @@ -836,6 +998,7 @@ _pwdagain: memset(&getps, 0, sizeof(struct getpasswd_state)); goto _pwdagain; } } + if (verbose) say_hint(pwdask, n, "Password hint"); skein(key, TFC_KEY_BITS, mackey_opt ? mackey : NULL, pwdask, n); memset(pwdask, 0, sizeof(pwdask)); memset(pwdagain, 0, sizeof(pwdagain)); @@ -865,14 +1028,13 @@ _pwdagain: memset(&getps, 0, sizeof(struct getpasswd_state)); pblk = key; if (!strcmp(genkeyf, "-")) krfd = 1; - else krfd = open(genkeyf, O_WRONLY | O_CREAT | O_LARGEFILE | write_flags, 0666); - if (krfd == -1) xerror(NO, NO, YES, "%s", genkeyf); + else krfd = xopen(genkeyf, O_WRONLY | O_CREAT | O_LARGEFILE | write_flags); _xts2genkey: if (xwrite(krfd, pblk, TF_FROM_BITS(TFC_KEY_BITS)) == NOSIZE) xerror(NO, NO, YES, "%s", genkeyf); if (do_fsync && fsync(krfd) == -1) xerror(NO, NO, YES, "%s", genkeyf); if (verbose && xtskeyset == NO) { - tfc_esay("%s: password hashing done", progname); - tfc_esay("%s: rawkey written to %s.", progname, genkeyf); - tfc_esay("%s: Have a nice day!", progname); + tfc_esay("%s: password hashing done", tfc_format_pid(progname)); + tfc_esay("%s: rawkey written to %s.", tfc_format_pid(progname), genkeyf); + tfc_esay("%s: Have a nice day!", tfc_format_pid(progname)); } if (ctr_mode == TFC_MODE_XTS) { @@ -888,17 +1050,11 @@ _xts2genkey: if (xwrite(krfd, pblk, TF_FROM_BITS(TFC_KEY_BITS)) == NOSIZE) xerro xexit(0); } - if (iseek_blocks && (do_edcrypt == TFC_DO_DECRYPT && do_mac != NO)) { - if (verbose) tfc_esay("%s: disabling signature verification on " - "requested partial decryption.", progname); - do_mac = NO; - } - if (do_mac != NO) { if (mackey_opt == TFC_MACKEY_RAWKEY) skein(mackey, TF_MAX_BITS, key, key, TF_FROM_BITS(TFC_KEY_BITS)); if (ctr_mode < TFC_MODE_OCB) { if (verbose) tfc_esay("%s: doing MAC calculation, processing speed " - "will be slower.", progname); + "will be slower.", tfc_format_pid(progname)); if (mackey_opt) skein_init_key(&sk, mackey, macbits); else skein_init(&sk, macbits); } @@ -910,44 +1066,41 @@ _xts2genkey: if (xwrite(krfd, pblk, TF_FROM_BITS(TFC_KEY_BITS)) == NOSIZE) xerro tf_convkey(key); if (ctr_mode == TFC_MODE_XTS) tf_convkey(xtskey); - if (do_tfcrypt1 == YES) { - if (!tweakf) skein(key+TF_FROM_BITS(TF_MAX_BITS)+TF_SIZE_UNIT, 2*TF_UNIT_BITS, NULL, key, TF_FROM_BITS(TFC_KEY_BITS)); - tf_key_tweak_compat(key); + if (do_full_key == NO) { + if (!tweakf) skein(tweak, TF_NR_TWEAK_BITS, NULL, key, TF_FROM_BITS(TFC_KEY_BITS)); + tf_tweak_set(key, tweak); } if (ctr_mode == TFC_MODE_ECB) goto _ctrskip2; + + if (counter_opt == TFC_CTR_ZERO) memset(ctr, 0, ctrsz); + tfc_data_to_words64(&iseek_blocks, sizeof(iseek_blocks)); tf_ctr_set(ctr, &iseek_blocks, sizeof(iseek_blocks)); + if (do_mac == TFC_MAC_JUST_VRFY2) memcpy(svctr, ctr, TF_BLOCK_SIZE); - if (ctr_mode == TFC_MODE_STREAM) tfe_init_iv(&tfe, key, ctr); - - switch (counter_opt) { - case TFC_CTR_SHOW: - switch (do_outfmt) { - case TFC_OUTFMT_B64: tfc_printbase64(stderr, ctr, ctrsz, YES); break; - case TFC_OUTFMT_RAW: xwrite(2, ctr, ctrsz); break; - case TFC_OUTFMT_HEX: mehexdump(ctr, ctrsz, ctrsz, YES); break; - } - break; - case TFC_CTR_RAND: tfc_getrandom(ctr, ctrsz); break; + if (counter_opt == TFC_CTR_SHOW) { + switch (do_outfmt) { + case TFC_OUTFMT_B64: tfc_printbase64(stderr, ctr, ctrsz, YES); break; + case TFC_OUTFMT_RAW: xwrite(2, ctr, ctrsz); break; + case TFC_OUTFMT_HEX: mehexdump(ctr, ctrsz, ctrsz, YES); break; + } } + else if (counter_opt == TFC_CTR_RAND) tfc_getrandom(ctr, ctrsz); _ctrskip2: if (kfd != -1) { xclose(kfd); kfd = -1; } - if (verbose) tfc_esay("%s: password hashing done", progname); + if (verbose) tfc_esay("%s: password hashing done", tfc_format_pid(progname)); if (overwrite_source && srcfname) argv[idx] = srcfname; _plain: if (argv[idx]) { if (!strcmp(argv[idx], "-")) dfd = 1; - else dfd = open(argv[idx], O_RDWR | O_LARGEFILE | write_flags, 0666); - if (dfd == -1) { - dfd = open(argv[idx], O_WRONLY | O_CREAT | O_LARGEFILE | write_flags, 0666); - if (dfd == -1) xerror(NO, NO, YES, "%s", argv[idx]); - } + else dfd = xxopen(YES, argv[idx], O_RDWR | O_LARGEFILE | write_flags); + if (dfd == -1) dfd = xopen(argv[idx], O_WRONLY | O_CREAT | O_LARGEFILE | write_flags); dstfname = argv[idx]; idx++; } @@ -962,9 +1115,8 @@ _plain: sigact.sa_flags = SA_RESTART; sigact.sa_handler = print_crypt_status; sigaction(SIGUSR1, &sigact, NULL); - sigaction(SIGTSTP, &sigact, NULL); sigaction(SIGALRM, &sigact, NULL); - if (status_timer) setup_next_alarm(status_timer); + if (status_timer) setup_next_alarm(status_timer > 1000000 ? 1000000 : status_timer); sigact.sa_handler = change_status_width; sigaction(SIGQUIT, &sigact, NULL); sigact.sa_handler = change_status_timer; @@ -973,11 +1125,14 @@ _plain: sigact.sa_handler = print_crypt_status; sigaction(SIGINT, &sigact, NULL); sigaction(SIGTERM, &sigact, NULL); + sigaction(SIGTSTP, &sigact, NULL); } else { sigact.sa_handler = exit_sigterm; sigaction(SIGINT, &sigact, NULL); sigaction(SIGTERM, &sigact, NULL); + sigact.sa_handler = handle_sigtstp; + sigaction(SIGTSTP, &sigact, NULL); } memset(&sigact, 0, sizeof(struct sigaction)); @@ -997,10 +1152,32 @@ _ctrwagain: lio = xwrite(dfd, pblk, lrem); lrem -= lio; goto _ctrwagain; } + total_written_dst += ldone; total_processed_dst += ldone; delta_processed += ldone; } + if (ctr_mode == TFC_MODE_STREAM) tfe_init_iv(&tfe, key, ctr); + + if (do_mac == TFC_MAC_JUST_VRFY2) { + rwd = tfc_fdgetpos(sfd); + if (rwd == NOFSIZE) { + tfc_esay("%s: WARNING: input is not seekable, disabling MAC testing mode", tfc_format_pid(progname)); + do_mac = TFC_MAC_VRFY; + } + goto _nodecrypt_again_vrfy2; + +_decrypt_again_vrfy2: + if (lseek(sfd, (off_t)rwd, SEEK_SET) == ((off_t)-1)) { + xerror(ignore_seek_errors, NO, YES, "MAC testing seek failed"); + } + total_processed_src = rwd; + memcpy(ctr, svctr, TF_BLOCK_SIZE); + memset(svctr, 0, TF_BLOCK_SIZE); + } + +_nodecrypt_again_vrfy2: + loopcnt = 1; errno = 0; do_stop = NO; while (1) { @@ -1010,7 +1187,15 @@ _ctrwagain: lio = xwrite(dfd, pblk, lrem); lrem = lblock = blk_len_adj(maxlen, total_processed_src, blksize); if (error_action == TFC_ERRACT_SYNC) rdpos = tfc_fdgetpos(sfd); _ragain: lio = xread(sfd, pblk, lrem); - if (lio == 0) do_stop = TFC_STOP_BEGAN; + if (lio == 0) { + if ((do_read_loops != 0 && sfd != 0) && (loopcnt < do_read_loops)) { + lseek(sfd, 0L, SEEK_SET); + loopcnt++; + goto _ragain; + } + + do_stop = YES; + } if (lio != NOSIZE) ldone += lio; else { if (errno != EIO && catch_all_errors != YES) @@ -1070,7 +1255,7 @@ _ragain: lio = xread(sfd, pblk, lrem); if (do_mac >= TFC_MAC_VRFY && ctr_mode < TFC_MODE_OCB) skein_update(&sk, dstblk, ldone); - if (do_mac == TFC_MAC_JUST_VRFY) goto _nowrite; + if (do_mac >= TFC_MAC_JUST_VRFY) goto _nowrite; pblk = dstblk; lrem = ldone; @@ -1084,13 +1269,17 @@ _wagain: lio = xwrite(dfd, pblk, lrem); lrem -= lio; goto _wagain; } + total_written_dst += ldone; _nowrite: total_processed_dst += ldone; delta_processed += ldone; - if (maxlen != NOFSIZE && total_processed_src >= maxlen) break; + if (maxlen != NOFSIZE && total_processed_src >= maxlen) { + do_stop = YES; + break; + } } - if (do_stop == TFC_STOP_FULL) goto _nomac; + if (verbose && status_timer && do_statline_dynamic == YES && statline_was_shown == YES) tfc_esay("\n"); errno = 0; if (do_mac >= TFC_MAC_VRFY) { @@ -1128,8 +1317,7 @@ _macragain: lio = xread(sfd, pblk, lrem); int mfd; if (!strcmp(do_mac_file, "-")) mfd = 0; - else mfd = open(do_mac_file, O_RDONLY | O_LARGEFILE); - if (mfd == -1) xerror(YES, NO, NO, "%s", do_mac_file); + else mfd = xopen(do_mac_file, O_RDONLY | O_LARGEFILE); lio = ldone = xread(mfd, tmpdata, sizeof(tmpdata)); if (lio == NOSIZE) xerror(NO, NO, YES, "%s", do_mac_file); if (!memcmp(tmpdata, TFC_ASCII_TFC_MAC_FOURCC, TFC_ASCII_TFC_MAC_FOURCC_LEN)) { @@ -1144,7 +1332,7 @@ _macragain: lio = xread(sfd, pblk, lrem); if (ldone < TF_FROM_BITS(macbits)) { if (quiet == NO) tfc_esay("%s: short signature (%zu), " - "not verifying", progname, ldone); + "not verifying", tfc_format_pid(progname), ldone); exitcode = 1; goto _shortmac; } @@ -1161,16 +1349,25 @@ _macragain: lio = xread(sfd, pblk, lrem); if (!memcmp(tmpdata, macresult, TF_FROM_BITS(macbits))) { if (quiet == NO) { - tfc_esay("%s: signature is good", progname); + tfc_esay("%s: signature is good", tfc_format_pid(progname)); if (verbose) { if (do_outfmt == TFC_OUTFMT_B64) tfc_printbase64(stderr, macresult, TF_FROM_BITS(macbits), YES); else mehexdump(macresult, TF_FROM_BITS(macbits), TF_FROM_BITS(macbits), YES); } } + if (do_mac == TFC_MAC_JUST_VRFY2) { + if (verbose) tfc_esay("%s: -u: MAC signature is valid, proceeding with decrypting it again", tfc_format_pid(progname)); + maxlen = total_processed_src - SKEIN_DIGEST_SIZE; + do_mac = TFC_MAC_DROP2; + goto _decrypt_again_vrfy2; + } } else { - if (quiet == NO) tfc_esay("%s: signature is BAD: " - "wrong password, key, mode, or file is not signed", progname); + if (quiet == NO) { + tfc_esay("%s: signature is BAD: " + "wrong password, key, mode, or file is not signed", tfc_format_pid(progname)); + if (do_mac == TFC_MAC_JUST_VRFY2) tfc_esay("%s: -u: MAC signature is invalid, not decrypting it again", tfc_format_pid(progname)); + } exitcode = 1; } @@ -1178,7 +1375,6 @@ _shortmac: memset(macvrfy, 0, sizeof(macvrfy)); memset(macresult, 0, sizeof(macresult)); memset(tmpdata, 0, sizeof(tmpdata)); } - else if (do_mac == TFC_MAC_SIGN) { if (ctr_mode < TFC_MODE_OCB) skein_final(macresult, &sk); else skein(macresult, macbits, mackey, macresult, TF_FROM_BITS(macbits)); @@ -1204,6 +1400,7 @@ _macwagain: lio = xwrite(dfd, pblk, lrem); lrem -= lio; goto _macwagain; } + total_written_dst += ldone; total_processed_dst += ldone; delta_processed += ldone; } @@ -1211,8 +1408,7 @@ _macwagain: lio = xwrite(dfd, pblk, lrem); int mfd; if (!strcmp(do_mac_file, "-")) mfd = 1; - else mfd = open(do_mac_file, O_WRONLY | O_CREAT | O_LARGEFILE | write_flags, 0666); - if (mfd == -1) xerror(YES, NO, NO, "%s", do_mac_file); + else mfd = xopen(do_mac_file, O_WRONLY | O_CREAT | O_LARGEFILE | write_flags); if (do_outfmt == TFC_OUTFMT_B64) { memcpy(macvrfy, tmpdata, TF_FROM_BITS(macbits)); memset(tmpdata, 0, TFC_TMPSIZE); @@ -1235,13 +1431,9 @@ _macwagain: lio = xwrite(dfd, pblk, lrem); memset(macresult, 0, sizeof(macresult)); memset(tmpdata, 0, sizeof(tmpdata)); } + else if (do_mac == TFC_MAC_DROP2) total_processed_src += SKEIN_DIGEST_SIZE; -_nomac: - if (verbose || status_timer || do_stop == TFC_STOP_FULL) print_crypt_status(0); - - if (do_preserve_time) fcopy_matime(dfd, &s_stat); - xclose(sfd); - xclose(dfd); + if (verbose || status_timer || (do_stop == YES && quiet == NO)) print_crypt_status(0); xexit(exitcode); return -1;