tfc_say("convert encrypted data into ASCII format to ease transmission.");
tfc_say("\n");
tfc_say(" -e, -d: encrypt, decrypt (it maybe required).");
+ tfc_say(" -s <file>: load tfcrypt salt from file.");
+ tfc_say(" -s disable: disable key salting at all.");
tfc_say(" -p: instead of using key, ask for password.");
tfc_say(" -k: use raw (%u byte) key instead of deriving it from arbitrary data.", TFC_U(TF_KEY_SIZE));
tfc_say(" -z: ask for key in plain C string form through password asker.");
*/
#include "tfcrypt.h"
+#include "tfcrypt_defs.h"
char *progname;
int exitcode;
-size_t nr_turns = TFC_NR_TURNS;
-int ctr_mode = TFC_CTR_MODE;
-size_t macbits = TF_MAX_BITS;
-
tfc_byte key[TF_KEY_SIZE], ctr[TF_BLOCK_SIZE], xtskey[TF_KEY_SIZE], mackey[TF_FROM_BITS(TF_MAX_BITS)];
struct skein sk;
struct tfe_stream tfe;
tfc_yesno do_preserve_time, do_stats_in_gibs, do_statline_dynamic = YES, do_less_stats;
tfc_yesno no_repeat, do_full_hexdump = YES, verbose, statline_was_shown;
char *srcfname = TFC_STDIN_NAME, *dstfname = TFC_STDOUT_NAME, *do_mac_file, *counter_file, *sksum_hashlist_file;
-char *genkeyf, *mackeyf, *tweakf;
+char *saltf, *genkeyf, *mackeyf, *tweakf;
char *pw_prompt, *mac_pw_prompt;
tfc_useconds status_timer, bench_timer;
tfc_useconds current_time, delta_time;
if (!isatty(2)) do_statline_dynamic = NO;
opterr = 0;
- while ((c = getopt(argc, argv, "aU:C:r:K:t:TPkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) {
+ while ((c = getopt(argc, argv, "s:aU:C:r:K:t:TPkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) {
switch (c) {
+ case 's':
+ saltf = optarg;
+ break;
case 'r':
randsource = optarg;
break;
tweakf = optarg;
break;
case 'T':
+ tfc_saltsz = 0;
do_tfcrypt1 = YES;
break;
case 'l':
errno = 0;
do_stop = NO;
+ if (saltf) {
+ int saltfd;
+
+ memset(tfc_salt, 0, TFC_MAX_SALT);
+ tfc_saltsz = 0;
+ if (!strcasecmp(saltf, "disable")) goto _nosalt;
+
+ if (!strcmp(saltf, "-")) saltfd = 0;
+ else saltfd = open(saltf, O_RDONLY | O_LARGEFILE);
+ if (saltfd == -1) xerror(NO, NO, YES, "%s", saltf);
+ lio = read(saltfd, tfc_salt, TFC_MAX_SALT - TF_FROM_BITS(TFC_KEY_BITS));
+ if (lio == NOSIZE) xerror(NO, NO, YES, "%s", saltf);
+ tfc_saltsz = lio;
+ xclose(saltfd);
+ }
+
+_nosalt:
if (mackey_opt == TFC_MACKEY_FILE && mackeyf) {
int mkfd = -1;
tfc_yesno do_stop;
xerror(NO, NO, YES, "hashing key");
}
- if (nr_turns > 1 && rawkey == NO) {
- for (x = 0; x < nr_turns; x++)
+ if (rawkey == NO) {
+ if (tfc_saltsz > 0) {
+ memcpy(tfc_salt+tfc_saltsz, key, TF_FROM_BITS(TFC_KEY_BITS));
+ skein(key, TFC_KEY_BITS, mackey_opt ? mackey : NULL, tfc_salt, tfc_saltsz+TF_FROM_BITS(TFC_KEY_BITS));
+ }
+ if (nr_turns > 1) for (x = 0; x < nr_turns; x++)
skein(key, TFC_KEY_BITS, mackey_opt ? mackey : NULL, key, TF_FROM_BITS(TFC_KEY_BITS));
+ memset(tfc_salt, 0, TFC_MAX_SALT);
}
if (ctr_mode == TFC_MODE_XTS && rawkey == NO) {
typedef unsigned long long tfc_fsize;
typedef unsigned long long tfc_useconds;
-#ifndef TFC_NR_TURNS
-#define TFC_NR_TURNS 262144
-#endif
-
-#ifndef TFC_CTR_MODE
-#define TFC_CTR_MODE TFC_MODE_XTS
-#endif
-
#ifndef TFC_BLKSIZE
#define TFC_BLKSIZE 65536
#endif
+#ifndef TFC_MAX_SALT
+#define TFC_MAX_SALT (2048 + TF_KEY_SIZE)
+#endif
+
#ifndef TFC_XTSBLOCKS
#define TFC_XTSBLOCKS 32
#endif
#define mhexdump(data, szdata, group, newline) xmhexdump(1, data, szdata, group, do_full_hexdump, newline)
#define mehexdump(data, szdata, group, newline) xmhexdump(2, data, szdata, group, do_full_hexdump, newline)
-extern char *progname;
-extern int exitcode;
extern size_t nr_turns;
extern int ctr_mode;
extern size_t macbits;
+extern size_t tfc_saltsz;
+extern tfc_byte tfc_salt[TFC_MAX_SALT];
+
+extern char *progname;
+extern int exitcode;
extern tfc_byte key[TF_KEY_SIZE], ctr[TF_BLOCK_SIZE], xtskey[TF_KEY_SIZE], mackey[TF_FROM_BITS(TF_MAX_BITS)];
extern struct skein sk;
extern struct tfe_stream tfe;
extern tfc_yesno do_preserve_time, do_stats_in_gibs, do_statline_dynamic, do_less_stats;
extern tfc_yesno no_repeat, do_full_hexdump, verbose, statline_was_shown;
extern char *srcfname, *dstfname, *do_mac_file, *counter_file, *sksum_hashlist_file;
-extern char *genkeyf, *mackeyf, *tweakf;
+extern char *saltf, *genkeyf, *mackeyf, *tweakf;
extern char *pw_prompt, *mac_pw_prompt;
extern tfc_useconds status_timer, bench_timer;
extern tfc_useconds current_time, delta_time;
--- /dev/null
+#ifndef _TFCRYPT_DEFAULTS_HEADER
+#define _TFCRYPT_DEFAULTS_HEADER
+
+size_t nr_turns = 262144;
+int ctr_mode = TFC_MODE_XTS;
+size_t macbits = TF_MAX_BITS;
+size_t tfc_saltsz = 32;
+tfc_byte tfc_salt[TFC_MAX_SALT] = {
+ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
+ 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10,
+ 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
+ 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20,
+};
+
+#endif
projects / tfcrypt.git / commitdiff