From: Andrey Rys Date: Thu, 29 Nov 2018 07:46:28 +0000 (+0700) Subject: Salt user keys or passwords. X-Git-Url: https://jxself.org/git/?p=tfcrypt.git;a=commitdiff_plain;h=add1a38544028f7f763b0ccf9ac354e8b45bec23 Salt user keys or passwords. Secretizing turns value was not enough, so it was decided to add salt value which maybe hardcoded or loaded before key generation. --- diff --git a/VERSION b/VERSION index 0cfbf08..00750ed 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2 +3 diff --git a/tfc_error.c b/tfc_error.c index 7c001da..048c0bb 100644 --- a/tfc_error.c +++ b/tfc_error.c @@ -151,6 +151,8 @@ void usage(void) tfc_say("convert encrypted data into ASCII format to ease transmission."); tfc_say("\n"); tfc_say(" -e, -d: encrypt, decrypt (it maybe required)."); + tfc_say(" -s : load tfcrypt salt from file."); + tfc_say(" -s disable: disable key salting at all."); tfc_say(" -p: instead of using key, ask for password."); tfc_say(" -k: use raw (%u byte) key instead of deriving it from arbitrary data.", TFC_U(TF_KEY_SIZE)); tfc_say(" -z: ask for key in plain C string form through password asker."); diff --git a/tfc_vars.c b/tfc_vars.c index 7f78b84..4986334 100644 --- a/tfc_vars.c +++ b/tfc_vars.c @@ -27,14 +27,11 @@ */ #include "tfcrypt.h" +#include "tfcrypt_defs.h" char *progname; int exitcode; -size_t nr_turns = TFC_NR_TURNS; -int ctr_mode = TFC_CTR_MODE; -size_t macbits = TF_MAX_BITS; - tfc_byte key[TF_KEY_SIZE], ctr[TF_BLOCK_SIZE], xtskey[TF_KEY_SIZE], mackey[TF_FROM_BITS(TF_MAX_BITS)]; struct skein sk; struct tfe_stream tfe; @@ -67,7 +64,7 @@ tfc_yesno catch_all_errors, password, overwrite_source, do_fsync, do_pad, do_tfc tfc_yesno do_preserve_time, do_stats_in_gibs, do_statline_dynamic = YES, do_less_stats; tfc_yesno no_repeat, do_full_hexdump = YES, verbose, statline_was_shown; char *srcfname = TFC_STDIN_NAME, *dstfname = TFC_STDOUT_NAME, *do_mac_file, *counter_file, *sksum_hashlist_file; -char *genkeyf, *mackeyf, *tweakf; +char *saltf, *genkeyf, *mackeyf, *tweakf; char *pw_prompt, *mac_pw_prompt; tfc_useconds status_timer, bench_timer; tfc_useconds current_time, delta_time; diff --git a/tfcrypt.c b/tfcrypt.c index 6e30bc6..c544cfd 100644 --- a/tfcrypt.c +++ b/tfcrypt.c @@ -63,8 +63,11 @@ int main(int argc, char **argv) if (!isatty(2)) do_statline_dynamic = NO; opterr = 0; - while ((c = getopt(argc, argv, "aU:C:r:K:t:TPkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) { + while ((c = getopt(argc, argv, "s:aU:C:r:K:t:TPkzxc:l:qedn:vV:pwE:O:S:AmM:R:Z:WHD:")) != -1) { switch (c) { + case 's': + saltf = optarg; + break; case 'r': randsource = optarg; break; @@ -143,6 +146,7 @@ int main(int argc, char **argv) tweakf = optarg; break; case 'T': + tfc_saltsz = 0; do_tfcrypt1 = YES; break; case 'l': @@ -466,6 +470,23 @@ int main(int argc, char **argv) errno = 0; do_stop = NO; + if (saltf) { + int saltfd; + + memset(tfc_salt, 0, TFC_MAX_SALT); + tfc_saltsz = 0; + if (!strcasecmp(saltf, "disable")) goto _nosalt; + + if (!strcmp(saltf, "-")) saltfd = 0; + else saltfd = open(saltf, O_RDONLY | O_LARGEFILE); + if (saltfd == -1) xerror(NO, NO, YES, "%s", saltf); + lio = read(saltfd, tfc_salt, TFC_MAX_SALT - TF_FROM_BITS(TFC_KEY_BITS)); + if (lio == NOSIZE) xerror(NO, NO, YES, "%s", saltf); + tfc_saltsz = lio; + xclose(saltfd); + } + +_nosalt: if (mackey_opt == TFC_MACKEY_FILE && mackeyf) { int mkfd = -1; tfc_yesno do_stop; @@ -786,9 +807,14 @@ _pwdagain: memset(&getps, 0, sizeof(struct getpasswd_state)); xerror(NO, NO, YES, "hashing key"); } - if (nr_turns > 1 && rawkey == NO) { - for (x = 0; x < nr_turns; x++) + if (rawkey == NO) { + if (tfc_saltsz > 0) { + memcpy(tfc_salt+tfc_saltsz, key, TF_FROM_BITS(TFC_KEY_BITS)); + skein(key, TFC_KEY_BITS, mackey_opt ? mackey : NULL, tfc_salt, tfc_saltsz+TF_FROM_BITS(TFC_KEY_BITS)); + } + if (nr_turns > 1) for (x = 0; x < nr_turns; x++) skein(key, TFC_KEY_BITS, mackey_opt ? mackey : NULL, key, TF_FROM_BITS(TFC_KEY_BITS)); + memset(tfc_salt, 0, TFC_MAX_SALT); } if (ctr_mode == TFC_MODE_XTS && rawkey == NO) { diff --git a/tfcrypt.h b/tfcrypt.h index 9b1caf0..fcc75ee 100644 --- a/tfcrypt.h +++ b/tfcrypt.h @@ -72,18 +72,14 @@ typedef TF_BYTE_TYPE tfc_byte; typedef unsigned long long tfc_fsize; typedef unsigned long long tfc_useconds; -#ifndef TFC_NR_TURNS -#define TFC_NR_TURNS 262144 -#endif - -#ifndef TFC_CTR_MODE -#define TFC_CTR_MODE TFC_MODE_XTS -#endif - #ifndef TFC_BLKSIZE #define TFC_BLKSIZE 65536 #endif +#ifndef TFC_MAX_SALT +#define TFC_MAX_SALT (2048 + TF_KEY_SIZE) +#endif + #ifndef TFC_XTSBLOCKS #define TFC_XTSBLOCKS 32 #endif @@ -117,11 +113,14 @@ int xmhexdump(int to, const void *data, size_t szdata, int hgroup, int hexstr, i #define mhexdump(data, szdata, group, newline) xmhexdump(1, data, szdata, group, do_full_hexdump, newline) #define mehexdump(data, szdata, group, newline) xmhexdump(2, data, szdata, group, do_full_hexdump, newline) -extern char *progname; -extern int exitcode; extern size_t nr_turns; extern int ctr_mode; extern size_t macbits; +extern size_t tfc_saltsz; +extern tfc_byte tfc_salt[TFC_MAX_SALT]; + +extern char *progname; +extern int exitcode; extern tfc_byte key[TF_KEY_SIZE], ctr[TF_BLOCK_SIZE], xtskey[TF_KEY_SIZE], mackey[TF_FROM_BITS(TF_MAX_BITS)]; extern struct skein sk; extern struct tfe_stream tfe; @@ -148,7 +147,7 @@ extern tfc_yesno catch_all_errors, password, overwrite_source, do_fsync, do_pad, extern tfc_yesno do_preserve_time, do_stats_in_gibs, do_statline_dynamic, do_less_stats; extern tfc_yesno no_repeat, do_full_hexdump, verbose, statline_was_shown; extern char *srcfname, *dstfname, *do_mac_file, *counter_file, *sksum_hashlist_file; -extern char *genkeyf, *mackeyf, *tweakf; +extern char *saltf, *genkeyf, *mackeyf, *tweakf; extern char *pw_prompt, *mac_pw_prompt; extern tfc_useconds status_timer, bench_timer; extern tfc_useconds current_time, delta_time; diff --git a/tfcrypt_defs.h b/tfcrypt_defs.h new file mode 100644 index 0000000..28db479 --- /dev/null +++ b/tfcrypt_defs.h @@ -0,0 +1,15 @@ +#ifndef _TFCRYPT_DEFAULTS_HEADER +#define _TFCRYPT_DEFAULTS_HEADER + +size_t nr_turns = 262144; +int ctr_mode = TFC_MODE_XTS; +size_t macbits = TF_MAX_BITS; +size_t tfc_saltsz = 32; +tfc_byte tfc_salt[TFC_MAX_SALT] = { + 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 0x20, +}; + +#endif