return 0;
}
+static inline int isctrlchr(int c)
+{
+ if (c == 9) return 0;
+ if (c >= 0 && c <= 31) return 1;
+ if (c == 127) return 1;
+ return 0;
+}
+
+static int getps_plain_filter(struct getpasswd_state *getps, char chr, size_t pos)
+{
+ int x;
+
+ x = getps_filter(getps, chr, pos);
+ if (x != 1) return x;
+
+ if (pos < getps->pwlen && !isctrlchr(chr))
+ write(getps->efd, &chr, sizeof(char));
+ return 1;
+}
+
+static int getps_plain_hex_filter(struct getpasswd_state *getps, char chr, size_t pos)
+{
+ int x;
+
+ x = getps_hex_filter(getps, chr, pos);
+ if (x != 1) return x;
+
+ if (pos < getps->pwlen && !isctrlchr(chr))
+ write(getps->efd, &chr, sizeof(char));
+ return 1;
+}
+
int main(int argc, char **argv)
{
int c;
if (!isatty(2)) do_statline_dynamic = NO;
+ s = (char *)srcblk;
+ d = getenv("HOME");
+ if (!d) d = "";
+ n = PATH_MAX > sizeof(srcblk) ? sizeof(srcblk) : PATH_MAX;
+ if (xstrlcpy(s, d, n) >= n) goto _baddfname;
+ if (xstrlcat(s, "/.tfcrypt.defs", n) >= n) goto _baddfname;
+ read_defaults(s, YES);
+_baddfname:
+ memset(s, 0, n);
+
opterr = 0;
- while ((c = getopt(argc, argv, "s:aU:C:r:K:t:TPkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) {
+ while ((c = getopt(argc, argv, "L:s:aU:C:r:K:t:Pkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) {
switch (c) {
+ case 'L':
+ read_defaults(optarg, NO);
+ break;
case 's':
saltf = optarg;
break;
counter_opt = TFC_CTR_HEAD;
else if (!strcasecmp(optarg, "rand"))
counter_opt = TFC_CTR_RAND;
+ else if (!strcasecmp(optarg, "zero"))
+ counter_opt = TFC_CTR_ZERO;
else counter_file = sksum_hashlist_file = optarg;
break;
case 'C':
break;
case 't':
tweakf = optarg;
- break;
- case 'T':
- tfc_saltsz = 0;
- do_tfcrypt1 = YES;
+ do_full_key = NO;
break;
case 'l':
if (maxlen != NOFSIZE) break;
catch_all_errors = YES;
break;
}
+ if (!strcmp(optarg, "xseek")) {
+ ignore_seek_errors = YES;
+ break;
+ }
if (!strcmp(optarg, "exit"))
error_action = TFC_ERRACT_EXIT;
else if (!strncmp(optarg, "cont", 4))
mac_pw_prompt = s+10;
else if (!strcmp(s, "shorthex"))
do_full_hexdump = NO;
+ else if (!strcmp(s, "fullkey"))
+ do_full_key = YES;
+ else if (!strcmp(s, "showsecrets"))
+ show_secrets = YES;
else if (!strncmp(s, "iobs", 4) && *(s+4) == '=') {
s += 5;
blksize = (size_t)tfc_humanfsize(s, &stoi);
if (counter_opt == TFC_CTR_HEAD)
maxlen += TF_BLOCK_SIZE;
}
+ else if (!strncmp(s, "ftrunc", 6) && *(s+6) == '=') {
+ s += 7;
+ ftrunc_dfd = tfc_humanfsize(s, &stoi);
+ if (!str_empty(stoi)) {
+ ftrunc_dfd = tfc_fnamesize(s, YES);
+ ftrunc_dfd = tfc_modifysize(ftrunc_dfd, strchr(s, ':'));
+ if (ftrunc_dfd == NOFSIZE) xerror(NO, YES, YES,
+ "%s: invalid ftrunc value", s);
+ }
+ else ftrunc_dfd = tfc_modifysize(ftrunc_dfd, strchr(s, ':'));
+ }
else if (!strncmp(s, "xkey", 4) && *(s+4) == '=') {
s += 5;
maxkeylen = tfc_humanfsize(s, &stoi);
xerror(NO, YES, YES, "Cannot encrypt and read CTR from source!");
if (overwrite_source && counter_opt == TFC_CTR_RAND)
xerror(NO, YES, YES, "Cannot embed a CTR into file when overwriting it!");
- if (tweakf && do_tfcrypt1 == NO)
- xerror(NO, YES, YES, "Use -T with -t tweakfile to enable old tfcrypt mode!");
if (ctr_mode == TFC_MODE_PLAIN
&& (do_edcrypt || do_mac || rawkey
|| mackey_opt || counter_opt || counter_file))
getps.passwd = pwdask;
getps.pwlen = sizeof(pwdask)-1;
getps.echo = mac_pw_prompt ? mac_pw_prompt : "Enter MAC password: ";
- getps.charfilter = getps_filter;
- getps.maskchar = 'x';
+ getps.charfilter = (show_secrets == YES) ? getps_plain_filter : getps_filter;
+ getps.maskchar = (show_secrets == YES) ? 0 : 'x';
getps.flags = GETP_WAITFILL;
n = xgetpasswd(&getps);
if (n == NOSIZE) xerror(NO, NO, YES, "getting MAC password");
else password = YES;
errno = 0;
- if (do_tfcrypt1 == YES && tweakf) {
+ if (do_full_key == NO && tweakf) {
int twfd;
if (!strcmp(tweakf, "-")) twfd = 0;
else twfd = open(tweakf, O_RDONLY | O_LARGEFILE);
if (twfd == -1) xerror(NO, NO, YES, "%s", tweakf);
- lio = ldone = xread(twfd, key+TF_FROM_BITS(TF_MAX_BITS)+TF_SIZE_UNIT, 2*TF_SIZE_UNIT);
+ lio = ldone = xread(twfd, tweak, TF_TWEAK_SIZE);
if (lio == NOSIZE) xerror(NO, NO, YES, "%s", tweakf);
- if (ldone < 2*TF_SIZE_UNIT)
- xerror(NO, NO, YES, "%s: %zu bytes tweak required", tweakf, 2*TF_SIZE_UNIT);
+ if (ldone < TF_TWEAK_SIZE)
+ xerror(NO, NO, YES, "%s: %zu bytes tweak required", tweakf, TF_TWEAK_SIZE);
xclose(twfd);
}
if (counter_opt == TFC_CTR_HEAD && ctr_mode != TFC_MODE_ECB)
iseek += ctrsz;
if (lseek(sfd, iseek, SEEK_SET) == -1)
- xerror(YES, NO, NO, "%s: seek failed", srcfname);
+ xerror(ignore_seek_errors, NO, NO, "%s: seek failed", srcfname);
}
if (ctr_mode == TFC_MODE_PLAIN) goto _plain;
getps.passwd = (char *)pblk;
getps.pwlen = n;
getps.echo = pw_prompt ? pw_prompt : "Enter rawkey (str): ";
- getps.charfilter = getps_filter;
- getps.maskchar = 'x';
+ getps.charfilter = (show_secrets == YES) ? getps_plain_filter : getps_filter;
+ getps.maskchar = (show_secrets == YES) ? 0 : 'x';
getps.flags = GETP_WAITFILL;
n = xgetpasswd(&getps);
if (n == NOSIZE) xerror(NO, NO, YES, "getting string rawkey");
getps.passwd = pwdask;
getps.pwlen = (TF_FROM_BITS(TFC_KEY_BITS)*2);
getps.echo = pw_prompt ? pw_prompt : "Enter rawkey (hex): ";
- getps.charfilter = getps_hex_filter;
- getps.maskchar = 'x';
+ getps.charfilter = (show_secrets == YES) ? getps_plain_hex_filter : getps_hex_filter;
+ getps.maskchar = (show_secrets == YES) ? 0 : 'x';
getps.flags = GETP_WAITFILL;
n = xgetpasswd(&getps);
if (n == NOSIZE) xerror(NO, NO, YES, "getting hex rawkey");
getps.passwd = pwdask;
getps.pwlen = sizeof(pwdask)-1;
getps.echo = pw_prompt ? pw_prompt : "Enter password: ";
- getps.charfilter = getps_filter;
- getps.maskchar = 'x';
+ getps.charfilter = (show_secrets == YES) ? getps_plain_filter : getps_filter;
+ getps.maskchar = (show_secrets == YES) ? 0 : 'x';
getps.flags = GETP_WAITFILL;
n = xgetpasswd(&getps);
if (n == NOSIZE) xerror(NO, NO, YES, "getting password");
tf_convkey(key);
if (ctr_mode == TFC_MODE_XTS) tf_convkey(xtskey);
- if (do_tfcrypt1 == YES) {
- if (!tweakf) skein(key+TF_FROM_BITS(TF_MAX_BITS)+TF_SIZE_UNIT, 2*TF_UNIT_BITS, NULL, key, TF_FROM_BITS(TFC_KEY_BITS));
- tf_key_tweak_compat(key);
+ if (do_full_key == NO) {
+ if (!tweakf) skein(tweak, TF_NR_TWEAK_BITS, NULL, key, TF_FROM_BITS(TFC_KEY_BITS));
+ tf_tweak_set(key, tweak);
}
- if (ctr_mode == TFC_MODE_STREAM) tfe_init_iv(&tfe, key, ctr);
if (ctr_mode == TFC_MODE_ECB) goto _ctrskip2;
+
+ if (counter_opt == TFC_CTR_ZERO) memset(ctr, 0, ctrsz);
+
tfc_data_to_words64(&iseek_blocks, sizeof(iseek_blocks));
tf_ctr_set(ctr, &iseek_blocks, sizeof(iseek_blocks));
- switch (counter_opt) {
- case TFC_CTR_SHOW:
- switch (do_outfmt) {
- case TFC_OUTFMT_B64: tfc_printbase64(stderr, ctr, ctrsz, YES); break;
- case TFC_OUTFMT_RAW: xwrite(2, ctr, ctrsz); break;
- case TFC_OUTFMT_HEX: mehexdump(ctr, ctrsz, ctrsz, YES); break;
- }
- break;
- case TFC_CTR_RAND: tfc_getrandom(ctr, ctrsz); break;
+ if (counter_opt == TFC_CTR_SHOW) {
+ switch (do_outfmt) {
+ case TFC_OUTFMT_B64: tfc_printbase64(stderr, ctr, ctrsz, YES); break;
+ case TFC_OUTFMT_RAW: xwrite(2, ctr, ctrsz); break;
+ case TFC_OUTFMT_HEX: mehexdump(ctr, ctrsz, ctrsz, YES); break;
+ }
}
+ else if (counter_opt == TFC_CTR_RAND) tfc_getrandom(ctr, ctrsz);
_ctrskip2:
if (kfd != -1) {
if (oseek) {
if (lseek(dfd, oseek, SEEK_SET) == -1)
- xerror(YES, NO, NO, "%s: seek failed", dstfname);
+ xerror(ignore_seek_errors, NO, NO, "%s: seek failed", dstfname);
}
for (x = 1; x < NSIG; x++) signal(x, SIG_IGN);
delta_processed += ldone;
}
+ if (ctr_mode == TFC_MODE_STREAM) tfe_init_iv(&tfe, key, ctr);
+
errno = 0;
do_stop = NO;
while (1) {
if (do_preserve_time) fcopy_matime(dfd, &s_stat);
xclose(sfd);
+ if (ftrunc_dfd != NOFSIZE) if (ftruncate(dfd, (off_t)ftrunc_dfd) == -1) xerror(YES, NO, YES, "ftruncate(%d)", dfd);
xclose(dfd);
xexit(exitcode);
projects / tfcrypt.git / blobdiff