version 1.49, 2014/03/07 19:49:44 |
version 1.50, 2014/03/07 19:53:33 |
|
|
} |
} |
|
|
static void |
static void |
kdf(uint8_t *salt, size_t saltlen, int rounds, uint8_t *key, size_t keylen) |
kdf(uint8_t *salt, size_t saltlen, int rounds, int allowstdin, |
|
uint8_t *key, size_t keylen) |
{ |
{ |
char pass[1024]; |
char pass[1024]; |
int rppflags = RPP_ECHO_OFF; |
int rppflags = RPP_ECHO_OFF; |
|
|
return; |
return; |
} |
} |
|
|
if (!isatty(STDIN_FILENO)) |
if (allowstdin && !isatty(STDIN_FILENO)) |
rppflags |= RPP_STDIN; |
rppflags |= RPP_STDIN; |
if (!readpassphrase("passphrase: ", pass, sizeof(pass), rppflags)) |
if (!readpassphrase("passphrase: ", pass, sizeof(pass), rppflags)) |
errx(1, "unable to read passphrase"); |
errx(1, "unable to read passphrase"); |
|
|
enckey.kdfrounds = htonl(rounds); |
enckey.kdfrounds = htonl(rounds); |
memcpy(enckey.fingerprint, fingerprint, FPLEN); |
memcpy(enckey.fingerprint, fingerprint, FPLEN); |
arc4random_buf(enckey.salt, sizeof(enckey.salt)); |
arc4random_buf(enckey.salt, sizeof(enckey.salt)); |
kdf(enckey.salt, sizeof(enckey.salt), rounds, xorkey, sizeof(xorkey)); |
kdf(enckey.salt, sizeof(enckey.salt), rounds, 1, xorkey, sizeof(xorkey)); |
memcpy(enckey.checksum, digest, sizeof(enckey.checksum)); |
memcpy(enckey.checksum, digest, sizeof(enckey.checksum)); |
for (i = 0; i < sizeof(enckey.seckey); i++) |
for (i = 0; i < sizeof(enckey.seckey); i++) |
enckey.seckey[i] ^= xorkey[i]; |
enckey.seckey[i] ^= xorkey[i]; |
|
|
if (memcmp(enckey.kdfalg, KDFALG, 2)) |
if (memcmp(enckey.kdfalg, KDFALG, 2)) |
errx(1, "unsupported KDF"); |
errx(1, "unsupported KDF"); |
rounds = ntohl(enckey.kdfrounds); |
rounds = ntohl(enckey.kdfrounds); |
kdf(enckey.salt, sizeof(enckey.salt), rounds, xorkey, sizeof(xorkey)); |
kdf(enckey.salt, sizeof(enckey.salt), rounds, strcmp(msgfile, "-") != 0, |
|
xorkey, sizeof(xorkey)); |
for (i = 0; i < sizeof(enckey.seckey); i++) |
for (i = 0; i < sizeof(enckey.seckey); i++) |
enckey.seckey[i] ^= xorkey[i]; |
enckey.seckey[i] ^= xorkey[i]; |
explicit_bzero(xorkey, sizeof(xorkey)); |
explicit_bzero(xorkey, sizeof(xorkey)); |