js/scrypt-genpass
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Convert tabs to spaces

Browse source
This commit is contained in:
Chris Oei 2012-09-08 17:17:34 -07:00
parent 80506f18fe
commit 74d492b50d
7 changed files with 462 additions and 462 deletions
Download patch file Download diff file Expand all files Collapse all files

200
lib/genpass/genpass.c
View file

@ -55,119 +55,119 @@ static int
pickparams(uint32_t maxmem, uint32_t megaops, pickparams(uint32_t maxmem, uint32_t megaops,
int * logN, uint32_t * r, uint32_t * p) int * logN, uint32_t * r, uint32_t * p)
{ {
size_t memlimit; size_t memlimit;
double opps; double opps;
double opslimit; double opslimit;
double maxN, maxrp; double maxN, maxrp;
int rc; int rc;
/* Figure out how much memory to use. */ /* Figure out how much memory to use. */
memlimit = MEGA * maxmem; memlimit = MEGA * maxmem;
opslimit = MEGA * megaops; opslimit = MEGA * megaops;
/* Fix r = 8 for now. */ /* Fix r = 8 for now. */
*r = 8; *r = 8;
/* /*
* The memory limit requires that 128Nr <= memlimit, while the CPU * The memory limit requires that 128Nr <= memlimit, while the CPU
* limit requires that 4Nrp <= opslimit. If opslimit < memlimit/32, * limit requires that 4Nrp <= opslimit. If opslimit < memlimit/32,
* opslimit imposes the stronger limit on N. * opslimit imposes the stronger limit on N.
*/ */
#ifdef DEBUG #ifdef DEBUG
fprintf(stderr, "Requiring 128Nr <= %zu, 4Nrp <= %f\n", fprintf(stderr, "Requiring 128Nr <= %zu, 4Nrp <= %f\n",
memlimit, opslimit); memlimit, opslimit);
#endif #endif
if (opslimit < memlimit/32) { if (opslimit < memlimit/32) {
/* Set p = 1 and choose N based on the CPU limit. */ /* Set p = 1 and choose N based on the CPU limit. */
*p = 1; *p = 1;
maxN = opslimit / (*r * 4); maxN = opslimit / (*r * 4);
for (*logN = 1; *logN < 63; *logN += 1) { for (*logN = 1; *logN < 63; *logN += 1) {
if ((uint64_t)(1) << *logN > maxN / 2) if ((uint64_t)(1) << *logN > maxN / 2)
break; break;
} }
} else { } else {
/* Set N based on the memory limit. */ /* Set N based on the memory limit. */
maxN = memlimit / (*r * 128); maxN = memlimit / (*r * 128);
for (*logN = 1; *logN < 63; *logN += 1) { for (*logN = 1; *logN < 63; *logN += 1) {
if ((uint64_t)(1) << *logN > maxN / 2) if ((uint64_t)(1) << *logN > maxN / 2)
break; break;
} }
/* Choose p based on the CPU limit. */ /* Choose p based on the CPU limit. */
maxrp = (opslimit / 4) / ((uint64_t)(1) << *logN); maxrp = (opslimit / 4) / ((uint64_t)(1) << *logN);
if (maxrp > 0x3fffffff) if (maxrp > 0x3fffffff)
maxrp = 0x3fffffff; maxrp = 0x3fffffff;
*p = (uint32_t)(maxrp) / *r; *p = (uint32_t)(maxrp) / *r;
} }
#ifdef DEBUG #ifdef DEBUG
fprintf(stderr, "N = %zu r = %d p = %d\n", fprintf(stderr, "N = %zu r = %d p = %d\n",
(size_t)(1) << *logN, (int)(*r), (int)(*p)); (size_t)(1) << *logN, (int)(*r), (int)(*p));
#endif #endif
/* Success! */ /* Success! */
return (0); return (0);
} }
static int static int
checkparams(uint32_t maxmem, uint32_t megaops, checkparams(uint32_t maxmem, uint32_t megaops,
int logN, uint32_t r, uint32_t p) int logN, uint32_t r, uint32_t p)
{ {
size_t memlimit; size_t memlimit;
double opps; double opps;
double opslimit; double opslimit;
uint64_t N; uint64_t N;
int rc; int rc;
/* Figure out the maximum amount of memory we can use. */ /* Figure out the maximum amount of memory we can use. */
memlimit = 1000000 * maxmem; memlimit = 1000000 * maxmem;
opslimit = 1000000 * megaops; opslimit = 1000000 * megaops;
/* Sanity-check values. */ /* Sanity-check values. */
if ((logN < 1) || (logN > 63)) if ((logN < 1) || (logN > 63))
return (7); return (7);
if ((uint64_t)(r) * (uint64_t)(p) >= 0x40000000) if ((uint64_t)(r) * (uint64_t)(p) >= 0x40000000)
return (7); return (7);
/* Check limits. */ /* Check limits. */
N = (uint64_t)(1) << logN; N = (uint64_t)(1) << logN;
if ((memlimit / N) / r < 128) if ((memlimit / N) / r < 128)
return (9); return (9);
if ((opslimit / N) / (r * p) < 4) if ((opslimit / N) / (r * p) < 4)
return (10); return (10);
/* Success! */ /* Success! */
return (0); return (0);
} }
int int
bintohex(char* outstring, size_t nbytes, uint8_t* data) bintohex(char* outstring, size_t nbytes, uint8_t* data)
{ {
int i; int i;
for (i = 0; i < nbytes; i++) for (i = 0; i < nbytes; i++)
sprintf(outstring + 2 * i, "%02x", data[i]); sprintf(outstring + 2 * i, "%02x", data[i]);
outstring[2 * nbytes] = '\0'; outstring[2 * nbytes] = '\0';
return 0; return 0;
} }
int int
sha256string(uint8_t hash[32], uint8_t* s, int n) sha256string(uint8_t hash[32], uint8_t* s, int n)
{ {
SHA256_CTX sha256_ctx; SHA256_CTX sha256_ctx;
SHA256_Init(&sha256_ctx); SHA256_Init(&sha256_ctx);
SHA256_Update(&sha256_ctx, (void*) s, n); SHA256_Update(&sha256_ctx, (void*) s, n);
SHA256_Final(hash, &sha256_ctx); SHA256_Final(hash, &sha256_ctx);
} }
static int static int
getsalt(uint8_t salt[32], char* site) getsalt(uint8_t salt[32], char* site)
{ {
sha256string(salt, (uint8_t*) site, strlen(site)); sha256string(salt, (uint8_t*) site, strlen(site));
char buf[65]; char buf[65];
bintohex(buf, 32, salt); bintohex(buf, 32, salt);
printf("Site hex: %s\n", buf); printf("Site hex: %s\n", buf);
return (0); return (0);
} }
int int
@ -175,31 +175,31 @@ genpass(uint8_t dk[64],
const uint8_t * passwd, size_t passwdlen, char* site, const uint8_t * passwd, size_t passwdlen, char* site,
uint32_t maxmem, uint32_t megaops) uint32_t maxmem, uint32_t megaops)
{ {
uint8_t salt[32]; uint8_t salt[32];
uint8_t hbuf[32]; uint8_t hbuf[32];
int logN; int logN;
uint64_t N; uint64_t N;
uint32_t r; uint32_t r;
uint32_t p; uint32_t p;
SHA256_CTX ctx; SHA256_CTX ctx;
uint8_t * key_hmac = &dk[32]; uint8_t * key_hmac = &dk[32];
HMAC_SHA256_CTX hctx; HMAC_SHA256_CTX hctx;
int rc; int rc;
/* Pick values for N, r, p. */ /* Pick values for N, r, p. */
if ((rc = pickparams(maxmem, megaops, if ((rc = pickparams(maxmem, megaops,
&logN, &r, &p)) != 0) &logN, &r, &p)) != 0)
return (rc); return (rc);
N = (uint64_t)(1) << logN; N = (uint64_t)(1) << logN;
/* Get some salt using the site. */ /* Get some salt using the site. */
if ((rc = getsalt(salt, site)) != 0) if ((rc = getsalt(salt, site)) != 0)
return (rc); return (rc);
/* Generate the derived keys. */ /* Generate the derived keys. */
if (crypto_scrypt(passwd, passwdlen, salt, 32, N, r, p, dk, 64)) if (crypto_scrypt(passwd, passwdlen, salt, 32, N, r, p, dk, 64))
return (3); return (3);
/* Success! */ /* Success! */
return (0); return (0);
} }

46
lib/genpass/genpass.h
View file

@ -56,20 +56,20 @@
*/ */
/** /**
* Return codes from scrypt(enc|dec)_(buf|file): * Return codes from scrypt(enc|dec)_(buf|file):
* 0 success * 0 success
* 1 getrlimit or sysctl(hw.usermem) failed * 1 getrlimit or sysctl(hw.usermem) failed
* 2 clock_getres or clock_gettime failed * 2 clock_getres or clock_gettime failed
* 3 error computing derived key * 3 error computing derived key
* 4 could not read salt from /dev/urandom * 4 could not read salt from /dev/urandom
* 5 error in OpenSSL * 5 error in OpenSSL
* 6 malloc failed * 6 malloc failed
* 7 data is not a valid scrypt-encrypted block * 7 data is not a valid scrypt-encrypted block
* 8 unrecognized scrypt format * 8 unrecognized scrypt format
* 9 decrypting file would take too much memory * 9 decrypting file would take too much memory
* 10 decrypting file would take too long * 10 decrypting file would take too long
* 11 password is incorrect * 11 password is incorrect
* 12 error writing output file * 12 error writing output file
* 13 error reading input file * 13 error reading input file
*/ */
int bintohex(char* outstring, size_t nbytes, uint8_t* data); int bintohex(char* outstring, size_t nbytes, uint8_t* data);
@ -80,15 +80,15 @@ int genpass(uint8_t dk[64],
uint32_t maxmem, uint32_t megaops); uint32_t maxmem, uint32_t megaops);
typedef struct { typedef struct {
char* keyfile; char* keyfile;
uint32_t maxmem; uint32_t maxmem;
uint32_t megaops; uint32_t megaops;
int numbers_only; int numbers_only;
size_t outputlength; size_t outputlength;
uint8_t* passwd; uint8_t* passwd;
size_t passwdlen; size_t passwdlen;
char* site; char* site;
int verbose; int verbose;
} sg_parms_t, *sg_parms_ptr; } sg_parms_t, *sg_parms_ptr;
#endif /* !_GENPASS_H_ */ #endif /* !_GENPASS_H_ */

34
lib/util/hashtopass.c
View file

@ -2,29 +2,29 @@
void hashtopass(int numbers_only, char* p, size_t len, uint8_t* key) void hashtopass(int numbers_only, char* p, size_t len, uint8_t* key)
{ {
int i; int i;
char* numerals = "0123456789"; char* numerals = "0123456789";
if (numbers_only) { if (numbers_only) {
for (i = 0; i < len; i++) for (i = 0; i < len; i++)
p[i] = numerals[key[i] % 10]; p[i] = numerals[key[i] % 10];
} else { } else {
char* lowers = "abcdefghijklmnopqrstuvwxyz"; char* lowers = "abcdefghijklmnopqrstuvwxyz";
char* uppers = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; char* uppers = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
char* allchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; char* allchars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
p[0] = lowers[key[0] % 26]; p[0] = lowers[key[0] % 26];
p[1] = numerals[key[1] % 10]; p[1] = numerals[key[1] % 10];
p[2] = uppers[key[2] % 26]; p[2] = uppers[key[2] % 26];
size_t i; size_t i;
for (i = 3; i < len; i++) for (i = 3; i < len; i++)
p[i] = allchars[key[i] % (26 + 26 + 10)]; p[i] = allchars[key[i] % (26 + 26 + 10)];
} }
p[len] = '\0'; p[len] = '\0';
} }

144
lib/util/readpass.c
View file

@ -52,92 +52,92 @@ int
tarsnap_readpass(char ** passwd, const char * prompt, tarsnap_readpass(char ** passwd, const char * prompt,
const char * confirmprompt, int devtty) const char * confirmprompt, int devtty)
{ {
FILE * readfrom; FILE * readfrom;
char passbuf[MAXPASSLEN]; char passbuf[MAXPASSLEN];
char confpassbuf[MAXPASSLEN]; char confpassbuf[MAXPASSLEN];
struct termios term, term_old; struct termios term, term_old;
int usingtty; int usingtty;
/* /*
* If devtty != 0, try to open /dev/tty; if that fails, or if devtty * If devtty != 0, try to open /dev/tty; if that fails, or if devtty
* is zero, we'll read the password from stdin instead. * is zero, we'll read the password from stdin instead.
*/ */
if ((devtty == 0) || ((readfrom = fopen("/dev/tty", "r")) == NULL)) if ((devtty == 0) || ((readfrom = fopen("/dev/tty", "r")) == NULL))
readfrom = stdin; readfrom = stdin;
/* If we're reading from a terminal, try to disable echo. */ /* If we're reading from a terminal, try to disable echo. */
if ((usingtty = isatty(fileno(readfrom))) != 0) { if ((usingtty = isatty(fileno(readfrom))) != 0) {
if (tcgetattr(fileno(readfrom), &term_old)) { if (tcgetattr(fileno(readfrom), &term_old)) {
warn("Cannot read terminal settings"); warn("Cannot read terminal settings");
goto err1; goto err1;
} }
memcpy(&term, &term_old, sizeof(struct termios)); memcpy(&term, &term_old, sizeof(struct termios));
term.c_lflag = (term.c_lflag & ~ECHO) | ECHONL; term.c_lflag = (term.c_lflag & ~ECHO) | ECHONL;
if (tcsetattr(fileno(readfrom), TCSANOW, &term)) { if (tcsetattr(fileno(readfrom), TCSANOW, &term)) {
warn("Cannot set terminal settings"); warn("Cannot set terminal settings");
goto err1; goto err1;
} }
} }
retry: retry:
/* If we have a terminal, prompt the user to enter the password. */ /* If we have a terminal, prompt the user to enter the password. */
if (usingtty) if (usingtty)
fprintf(stderr, "%s: ", prompt); fprintf(stderr, "%s: ", prompt);
/* Read the password. */ /* Read the password. */
if (fgets(passbuf, MAXPASSLEN, readfrom) == NULL) { if (fgets(passbuf, MAXPASSLEN, readfrom) == NULL) {
warn("Cannot read password"); warn("Cannot read password");
goto err2; goto err2;
} }
/* Confirm the password if necessary. */ /* Confirm the password if necessary. */
if (confirmprompt != NULL) { if (confirmprompt != NULL) {
if (usingtty) if (usingtty)
fprintf(stderr, "%s: ", confirmprompt); fprintf(stderr, "%s: ", confirmprompt);
if (fgets(confpassbuf, MAXPASSLEN, readfrom) == NULL) { if (fgets(confpassbuf, MAXPASSLEN, readfrom) == NULL) {
warn("Cannot read password"); warn("Cannot read password");
goto err2; goto err2;
} }
if (strcmp(passbuf, confpassbuf)) { if (strcmp(passbuf, confpassbuf)) {
fprintf(stderr, fprintf(stderr,
"Passwords mismatch, please try again\n"); "Passwords mismatch, please try again\n");
goto retry; goto retry;
} }
} }
/* Terminate the string at the first "\r" or "\n" (if any). */ /* Terminate the string at the first "\r" or "\n" (if any). */
passbuf[strcspn(passbuf, "\r\n")] = '\0'; passbuf[strcspn(passbuf, "\r\n")] = '\0';
/* If we changed terminal settings, reset them. */ /* If we changed terminal settings, reset them. */
if (usingtty) if (usingtty)
tcsetattr(fileno(readfrom), TCSANOW, &term_old); tcsetattr(fileno(readfrom), TCSANOW, &term_old);
/* Close /dev/tty if we opened it. */ /* Close /dev/tty if we opened it. */
if (readfrom != stdin) if (readfrom != stdin)
fclose(readfrom); fclose(readfrom);
/* Copy the password out. */ /* Copy the password out. */
if ((*passwd = strdup(passbuf)) == NULL) { if ((*passwd = strdup(passbuf)) == NULL) {
warn("Cannot allocate memory"); warn("Cannot allocate memory");
goto err1; goto err1;
} }
/* Zero any stored passwords. */ /* Zero any stored passwords. */
memset(passbuf, 0, MAXPASSLEN); memset(passbuf, 0, MAXPASSLEN);
memset(confpassbuf, 0, MAXPASSLEN); memset(confpassbuf, 0, MAXPASSLEN);
/* Success! */ /* Success! */
return (0); return (0);
err2: err2:
/* Reset terminal settings if necessary. */ /* Reset terminal settings if necessary. */
if (usingtty) if (usingtty)
tcsetattr(fileno(readfrom), TCSAFLUSH, &term_old); tcsetattr(fileno(readfrom), TCSAFLUSH, &term_old);
err1: err1:
/* Close /dev/tty if we opened it. */ /* Close /dev/tty if we opened it. */
if (readfrom != stdin) if (readfrom != stdin)
fclose(readfrom); fclose(readfrom);
/* Failure! */ /* Failure! */
return (-1); return (-1);
} }

88
lib/util/sysendian.h
View file

@ -47,93 +47,93 @@
static inline uint32_t static inline uint32_t
be32dec(const void *pp) be32dec(const void *pp)
{ {
const uint8_t *p = (uint8_t const *)pp; const uint8_t *p = (uint8_t const *)pp;
return ((uint32_t)(p[3]) + ((uint32_t)(p[2]) << 8) + return ((uint32_t)(p[3]) + ((uint32_t)(p[2]) << 8) +
((uint32_t)(p[1]) << 16) + ((uint32_t)(p[0]) << 24)); ((uint32_t)(p[1]) << 16) + ((uint32_t)(p[0]) << 24));
} }
static inline void static inline void
be32enc(void *pp, uint32_t x) be32enc(void *pp, uint32_t x)
{ {
uint8_t * p = (uint8_t *)pp; uint8_t * p = (uint8_t *)pp;
p[3] = x & 0xff; p[3] = x & 0xff;
p[2] = (x >> 8) & 0xff; p[2] = (x >> 8) & 0xff;
p[1] = (x >> 16) & 0xff; p[1] = (x >> 16) & 0xff;
p[0] = (x >> 24) & 0xff; p[0] = (x >> 24) & 0xff;
} }
static inline uint64_t static inline uint64_t
be64dec(const void *pp) be64dec(const void *pp)
{ {
const uint8_t *p = (uint8_t const *)pp; const uint8_t *p = (uint8_t const *)pp;
return ((uint64_t)(p[7]) + ((uint64_t)(p[6]) << 8) + return ((uint64_t)(p[7]) + ((uint64_t)(p[6]) << 8) +
((uint64_t)(p[5]) << 16) + ((uint64_t)(p[4]) << 24) + ((uint64_t)(p[5]) << 16) + ((uint64_t)(p[4]) << 24) +
((uint64_t)(p[3]) << 32) + ((uint64_t)(p[2]) << 40) + ((uint64_t)(p[3]) << 32) + ((uint64_t)(p[2]) << 40) +
((uint64_t)(p[1]) << 48) + ((uint64_t)(p[0]) << 56)); ((uint64_t)(p[1]) << 48) + ((uint64_t)(p[0]) << 56));
} }
static inline void static inline void
be64enc(void *pp, uint64_t x) be64enc(void *pp, uint64_t x)
{ {
uint8_t * p = (uint8_t *)pp; uint8_t * p = (uint8_t *)pp;
p[7] = x & 0xff; p[7] = x & 0xff;
p[6] = (x >> 8) & 0xff; p[6] = (x >> 8) & 0xff;
p[5] = (x >> 16) & 0xff; p[5] = (x >> 16) & 0xff;
p[4] = (x >> 24) & 0xff; p[4] = (x >> 24) & 0xff;
p[3] = (x >> 32) & 0xff; p[3] = (x >> 32) & 0xff;
p[2] = (x >> 40) & 0xff; p[2] = (x >> 40) & 0xff;
p[1] = (x >> 48) & 0xff; p[1] = (x >> 48) & 0xff;
p[0] = (x >> 56) & 0xff; p[0] = (x >> 56) & 0xff;
} }
static inline uint32_t static inline uint32_t
le32dec(const void *pp) le32dec(const void *pp)
{ {
const uint8_t *p = (uint8_t const *)pp; const uint8_t *p = (uint8_t const *)pp;
return ((uint32_t)(p[0]) + ((uint32_t)(p[1]) << 8) + return ((uint32_t)(p[0]) + ((uint32_t)(p[1]) << 8) +
((uint32_t)(p[2]) << 16) + ((uint32_t)(p[3]) << 24)); ((uint32_t)(p[2]) << 16) + ((uint32_t)(p[3]) << 24));
} }
static inline void static inline void
le32enc(void *pp, uint32_t x) le32enc(void *pp, uint32_t x)
{ {
uint8_t * p = (uint8_t *)pp; uint8_t * p = (uint8_t *)pp;
p[0] = x & 0xff; p[0] = x & 0xff;
p[1] = (x >> 8) & 0xff; p[1] = (x >> 8) & 0xff;
p[2] = (x >> 16) & 0xff; p[2] = (x >> 16) & 0xff;
p[3] = (x >> 24) & 0xff; p[3] = (x >> 24) & 0xff;
} }
static inline uint64_t static inline uint64_t
le64dec(const void *pp) le64dec(const void *pp)
{ {
const uint8_t *p = (uint8_t const *)pp; const uint8_t *p = (uint8_t const *)pp;
return ((uint64_t)(p[0]) + ((uint64_t)(p[1]) << 8) + return ((uint64_t)(p[0]) + ((uint64_t)(p[1]) << 8) +
((uint64_t)(p[2]) << 16) + ((uint64_t)(p[3]) << 24) + ((uint64_t)(p[2]) << 16) + ((uint64_t)(p[3]) << 24) +
((uint64_t)(p[4]) << 32) + ((uint64_t)(p[5]) << 40) + ((uint64_t)(p[4]) << 32) + ((uint64_t)(p[5]) << 40) +
((uint64_t)(p[6]) << 48) + ((uint64_t)(p[7]) << 56)); ((uint64_t)(p[6]) << 48) + ((uint64_t)(p[7]) << 56));
} }
static inline void static inline void
le64enc(void *pp, uint64_t x) le64enc(void *pp, uint64_t x)
{ {
uint8_t * p = (uint8_t *)pp; uint8_t * p = (uint8_t *)pp;
p[0] = x & 0xff; p[0] = x & 0xff;
p[1] = (x >> 8) & 0xff; p[1] = (x >> 8) & 0xff;
p[2] = (x >> 16) & 0xff; p[2] = (x >> 16) & 0xff;
p[3] = (x >> 24) & 0xff; p[3] = (x >> 24) & 0xff;
p[4] = (x >> 32) & 0xff; p[4] = (x >> 32) & 0xff;
p[5] = (x >> 40) & 0xff; p[5] = (x >> 40) & 0xff;
p[6] = (x >> 48) & 0xff; p[6] = (x >> 48) & 0xff;
p[7] = (x >> 56) & 0xff; p[7] = (x >> 56) & 0xff;
} }
#endif /* !HAVE_SYS_ENDIAN_H */ #endif /* !HAVE_SYS_ENDIAN_H */

36
lib/util/warn.c
View file

@ -46,30 +46,30 @@ const char * warn_progname = "(null)";
void void
warn(const char * fmt, ...) warn(const char * fmt, ...)
{ {
va_list ap; va_list ap;
va_start(ap, fmt); va_start(ap, fmt);
fprintf(stderr, "%s", warn_progname); fprintf(stderr, "%s", warn_progname);
if (fmt != NULL) { if (fmt != NULL) {
fprintf(stderr, ": "); fprintf(stderr, ": ");
vfprintf(stderr, fmt, ap); vfprintf(stderr, fmt, ap);
} }
fprintf(stderr, ": %s\n", strerror(errno)); fprintf(stderr, ": %s\n", strerror(errno));
va_end(ap); va_end(ap);
} }
void void
warnx(const char * fmt, ...) warnx(const char * fmt, ...)
{ {
va_list ap; va_list ap;
va_start(ap, fmt); va_start(ap, fmt);
fprintf(stderr, "%s", warn_progname); fprintf(stderr, "%s", warn_progname);
if (fmt != NULL) { if (fmt != NULL) {
fprintf(stderr, ": "); fprintf(stderr, ": ");
vfprintf(stderr, fmt, ap); vfprintf(stderr, fmt, ap);
} }
fprintf(stderr, "\n"); fprintf(stderr, "\n");
va_end(ap); va_end(ap);
} }
#endif #endif

376
main.c
View file

@ -40,220 +40,220 @@ static void
usage(void) usage(void)
{ {
fprintf(stderr, fprintf(stderr,
"usage: scrypt-genpass [-l LEN] [-m MAXMEM] [-n] [-o MAXOPS] [-k KEYFILE] [-p PASS] <site>\n"); "usage: scrypt-genpass [-l LEN] [-m MAXMEM] [-n] [-o MAXOPS] [-k KEYFILE] [-p PASS] <site>\n");
fprintf(stderr, fprintf(stderr,
" scrypt-genpass -t\n"); " scrypt-genpass -t\n");
fprintf(stderr, "Version: %s\n", SGVERSION); fprintf(stderr, "Version: %s\n", SGVERSION);
exit(1); exit(1);
} }
void unit_tests() void unit_tests()
{ {
if (sizeof(char)!=1) { if (sizeof(char)!=1) {
fprintf(stderr, "sizeof(char) != 1\n"); fprintf(stderr, "sizeof(char) != 1\n");
exit(1); exit(1);
} }
uint8_t testhash[32]; uint8_t testhash[32];
sha256string(testhash, (uint8_t*) "abc", 3); sha256string(testhash, (uint8_t*) "abc", 3);
char testbuf[65]; char testbuf[65];
bintohex(testbuf, 32, testhash); bintohex(testbuf, 32, testhash);
if (strcmp(testbuf, if (strcmp(testbuf,
"ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad")) { "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad")) {
fprintf(stderr, "SHA256 test failed\n"); fprintf(stderr, "SHA256 test failed\n");
exit(1); exit(1);
} }
fprintf(stderr, "All internal tests pass\n"); fprintf(stderr, "All internal tests pass\n");
exit(0); exit(0);
} }
int int
main(int argc, char *argv[]) main(int argc, char *argv[])
{ {
FILE * infile = NULL; FILE * infile = NULL;
FILE * outfile = stdout; FILE * outfile = stdout;
int dec = 0; int dec = 0;
size_t passwdlen = 0; size_t passwdlen = 0;
size_t outputlength = 16; size_t outputlength = 16;
uint32_t maxmem = 1000; uint32_t maxmem = 1000;
uint32_t megaops = 32; uint32_t megaops = 32;
char ch; char ch;
char * keyfile = NULL; char * keyfile = NULL;
uint8_t* passwd = NULL; uint8_t* passwd = NULL;
int numbers_only = 0; int numbers_only = 0;
int verbose = 0; int verbose = 0;
int rc; int rc;
#ifdef NEED_WARN_PROGNAME #ifdef NEED_WARN_PROGNAME
warn_progname = "scrypt-genpass"; warn_progname = "scrypt-genpass";
#endif #endif
if (argc < 1) if (argc < 1)
usage(); usage();
/* Parse arguments. */ /* Parse arguments. */
while ((ch = getopt(argc, argv, "htk:l:m:no:p:")) != -1) { while ((ch = getopt(argc, argv, "htk:l:m:no:p:")) != -1) {
switch (ch) { switch (ch) {
case 'k': case 'k':
keyfile = strdup(optarg); keyfile = strdup(optarg);
break; break;
case 'l': case 'l':
outputlength = atoi(optarg); outputlength = atoi(optarg);
break; break;
case 'm': case 'm':
maxmem = atoi(optarg); maxmem = atoi(optarg);
break; break;
case 'n': case 'n':
numbers_only++; numbers_only++;
break; break;
case 'o': case 'o':
megaops = atoi(optarg); megaops = atoi(optarg);
break; break;
case 'p': case 'p':
passwd = strdup(optarg); passwd = strdup(optarg);
break; break;
case 't': case 't':
unit_tests(); unit_tests();
break; break;
case 'v': case 'v':
verbose = 1; verbose = 1;
break; break;
default: default:
usage(); usage();
} }
} }
argc -= optind; argc -= optind;
argv += optind; argv += optind;
/* We must have one parameters left. */ /* We must have one parameters left. */
if (argc != 1) if (argc != 1)
usage(); usage();
if (!passwd) { if (!passwd) {
/* Prompt for a password. */ /* Prompt for a password. */
if (tarsnap_readpass((char**)&passwd, "Please enter passphrase", if (tarsnap_readpass((char**)&passwd, "Please enter passphrase",
dec ? NULL : "Please confirm passphrase", 1)) dec ? NULL : "Please confirm passphrase", 1))
exit(1); exit(1);
} }
passwdlen = strlen(passwd); passwdlen = strlen(passwd);
if (keyfile) { if (keyfile) {
FILE *fp; FILE *fp;
size_t keyfilelen; size_t keyfilelen;
fp = fopen(keyfile, "rb"); fp = fopen(keyfile, "rb");
if (fp) { if (fp) {
fseek(fp, 0, SEEK_END); fseek(fp, 0, SEEK_END);
keyfilelen = ftell(fp); keyfilelen = ftell(fp);
fseek(fp, 0, SEEK_SET); fseek(fp, 0, SEEK_SET);
uint8_t* combinedkey = malloc(passwdlen + keyfilelen + 1); uint8_t* combinedkey = malloc(passwdlen + keyfilelen + 1);
if (combinedkey) { if (combinedkey) {
strcpy(combinedkey, passwd); strcpy(combinedkey, passwd);
memset(passwd, 0, passwdlen); memset(passwd, 0, passwdlen);
free(passwd); free(passwd);
size_t n = fread(combinedkey + passwdlen, keyfilelen, 1, fp); size_t n = fread(combinedkey + passwdlen, keyfilelen, 1, fp);
fclose(fp); fclose(fp);
if (n != 1) { if (n != 1) {
warn("Unable to read keyfile"); warn("Unable to read keyfile");
exit(1); exit(1);
} }
passwd = combinedkey; passwd = combinedkey;
passwdlen += keyfilelen; passwdlen += keyfilelen;
} else { } else {
warn("Unable to allocate memory for combined key"); warn("Unable to allocate memory for combined key");
exit(1); exit(1);
} }
} else { } else {
warn("Unable to open keyfile %s", keyfile); warn("Unable to open keyfile %s", keyfile);
exit(1); exit(1);
} }
} }
uint8_t passhash[32]; uint8_t passhash[32];
sha256string(passhash, passwd, passwdlen); sha256string(passhash, passwd, passwdlen);
char buf1[65]; char buf1[65];
bintohex(buf1, 32, passhash); bintohex(buf1, 32, passhash);
printf("Master hex: %s\n", buf1); printf("Master hex: %s\n", buf1);
memset(buf1, 0, 65); memset(buf1, 0, 65);
uint8_t dk[64]; uint8_t dk[64];
rc = genpass(dk, (uint8_t *)passwd, passwdlen, (void*) *argv, rc = genpass(dk, (uint8_t *)passwd, passwdlen, (void*) *argv,
maxmem, megaops); maxmem, megaops);
/* Zero and free the password. */ /* Zero and free the password. */
memset(passwd, 0, passwdlen); memset(passwd, 0, passwdlen);
free(passwd); free(passwd);
free(keyfile); free(keyfile);
char buf[129]; char buf[129];
bintohex(buf, 64, dk); bintohex(buf, 64, dk);
printf("Pass hex: %s\n", buf); printf("Pass hex: %s\n", buf);
memset(buf, 0, 129); memset(buf, 0, 129);
if ((outputlength < 3)||(outputlength > 64)) { if ((outputlength < 3)||(outputlength > 64)) {
warn("Unable to generate password for output length %lu", outputlength); warn("Unable to generate password for output length %lu", outputlength);
exit(1); exit(1);
} }
char output[outputlength + 1]; char output[outputlength + 1];
hashtopass(numbers_only, output, outputlength, dk); hashtopass(numbers_only, output, outputlength, dk);
printf("Generated password: %s\n", output); printf("Generated password: %s\n", output);
memset(output, 0, outputlength + 1); memset(output, 0, outputlength + 1);
/* If we failed, print the right error message and exit. */ /* If we failed, print the right error message and exit. */
if (rc != 0) { if (rc != 0) {
switch (rc) { switch (rc) {
case 1: case 1:
warn("Error determining amount of available memory"); warn("Error determining amount of available memory");
break; break;
case 2: case 2:
warn("Error reading clocks"); warn("Error reading clocks");
break; break;
case 3: case 3:
warn("Error computing derived key"); warn("Error computing derived key");
break; break;
case 4: case 4:
warn("Error reading salt"); warn("Error reading salt");
break; break;
case 5: case 5:
warn("OpenSSL error"); warn("OpenSSL error");
break; break;
case 6: case 6:
warn("Error allocating memory"); warn("Error allocating memory");
break; break;
case 7: case 7:
warnx("Input is not valid scrypt-encrypted block"); warnx("Input is not valid scrypt-encrypted block");
break; break;
case 8: case 8:
warnx("Unrecognized scrypt format version"); warnx("Unrecognized scrypt format version");
break; break;
case 9: case 9:
warnx("Decrypting file would require too much memory"); warnx("Decrypting file would require too much memory");
break; break;
case 10: case 10:
warnx("Decrypting file would take too much CPU time"); warnx("Decrypting file would take too much CPU time");
break; break;
case 11: case 11:
warnx("Passphrase is incorrect"); warnx("Passphrase is incorrect");
break; break;
case 12: case 12:
warn("Error writing file: %s", warn("Error writing file: %s",
(argc > 1) ? argv[1] : "standard output"); (argc > 1) ? argv[1] : "standard output");
break; break;
case 13: case 13:
warn("Error reading file: %s", argv[0]); warn("Error reading file: %s", argv[0]);
break; break;
case 14: case 14:
warn("Unable to open keyfile: %s", keyfile); warn("Unable to open keyfile: %s", keyfile);
break; break;
case 15: case 15:
warn("Unable to allocate memory for combined key"); warn("Unable to allocate memory for combined key");
break; break;
} }
exit(1); exit(1);
} }
return (0); return (0);
} }