src/usr.bin/signify/signify.c - diff

Return to signify.c CVS log

Up to [local] / src / usr.bin / signify

version 1.49, 2014/03/07 19:49:44

version 1.50, 2014/03/07 19:53:33

Line 253

}

static void

kdf(uint8_t *salt, size_t saltlen, int rounds, uint8_t *key, size_t keylen)

kdf(uint8_t *salt, size_t saltlen, int rounds, int allowstdin,

uint8_t *key, size_t keylen)

{

char pass[1024];

int rppflags = RPP_ECHO_OFF;

Line 263

Line 264

return;

}

if (!isatty(STDIN_FILENO))

if (allowstdin && !isatty(STDIN_FILENO))

rppflags |= RPP_STDIN;

if (!readpassphrase("passphrase: ", pass, sizeof(pass), rppflags))

errx(1, "unable to read passphrase");

Line 313

Line 314

enckey.kdfrounds = htonl(rounds);

memcpy(enckey.fingerprint, fingerprint, FPLEN);

arc4random_buf(enckey.salt, sizeof(enckey.salt));

kdf(enckey.salt, sizeof(enckey.salt), rounds, xorkey, sizeof(xorkey));

kdf(enckey.salt, sizeof(enckey.salt), rounds, 1, xorkey, sizeof(xorkey));

memcpy(enckey.checksum, digest, sizeof(enckey.checksum));

for (i = 0; i < sizeof(enckey.seckey); i++)

enckey.seckey[i] ^= xorkey[i];

Line 355

Line 356

if (memcmp(enckey.kdfalg, KDFALG, 2))

errx(1, "unsupported KDF");

rounds = ntohl(enckey.kdfrounds);

kdf(enckey.salt, sizeof(enckey.salt), rounds, xorkey, sizeof(xorkey));

kdf(enckey.salt, sizeof(enckey.salt), rounds, strcmp(msgfile, "-") != 0,

xorkey, sizeof(xorkey));

for (i = 0; i < sizeof(enckey.seckey); i++)

enckey.seckey[i] ^= xorkey[i];

explicit_bzero(xorkey, sizeof(xorkey));