From 3683d2c45057d999483fcc8eb100b1ba97ae66c0 Mon Sep 17 00:00:00 2001 From: LoRd_MuldeR Date: Fri, 16 Oct 2020 17:37:04 +0200 Subject: [PATCH] Slightly improved key derivation function + allow to read passphrase from environment. --- frontend/src/main.c | 90 ++++++++++++++++++++++-------------- frontend/src/platform.h | 2 + libMCrypt/include/mcrypt.h | 16 +++++-- libMCrypt/src/mcrypt.c | 93 ++++++++++++++++++++++++-------------- 4 files changed, 128 insertions(+), 73 deletions(-) diff --git a/frontend/src/main.c b/frontend/src/main.c index d79aa04..e68864f 100644 --- a/frontend/src/main.c +++ b/frontend/src/main.c @@ -16,6 +16,7 @@ #include #define BUFF_SIZE 4096U +static const CHR *const ENVV_PASSWD_NAME = T("MCRYPT_PASSWD"); static volatile int g_interrupted = 0; static char* read_passphrase(const CHR* const file_name) @@ -112,32 +113,34 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co goto clean_up; } + FPUTS(T("Encrypting file contents, please be patient... "), stderr); + uint64_t seed; - if (mcrypt_generate_seed(&seed) != 0) + if (mcrypt_generate_seed(&seed) != MCRYPT_SUCCESS) { - FPUTS(T("MCrypt error: Failed to generate seed!\n\n"), stderr); + FPUTS(T("\n\nMCrypt error: Failed to generate seed!\n\n"), stderr); goto clean_up; } if (fwrite(&seed, sizeof(uint64_t), 1U, file_out) < 1U) { - FPUTS(T("I/O error: Failed to write seed value!\n\n"), stderr); + FPUTS(T("\n\nI/O error: Failed to write seed value!\n\n"), stderr); goto clean_up; } - ctx = mcrypt_alloc(seed, passphrase); + ctx = mcrypt_alloc(seed, (const uint8_t*)passphrase, strlen(passphrase)); if (!ctx) { - FPUTS(T("MCrypt error: Failed to initialize encryption!\n\n"), stderr); + FPUTS(T("\n\nMCrypt error: Failed to initialize encryption!\n\n"), stderr); goto clean_up; } - FPRINTF(stderr, T("Encrypting file contents, please be patient... %5.1f%%"), 0.0); - clock_t clk_now, clk_update = clock(); uint64_t crc_actual = CRC_INITIALIZER, bytes_read = sizeof(uint64_t); uint8_t buffer[BUFF_SIZE]; + FPRINTF(stderr, T("%5.1f%% "), 0.0); + while (bytes_read < file_size) { const uint64_t bytes_remaining = file_size - bytes_read; @@ -147,7 +150,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co { crc_actual = crc64_update(crc_actual, buffer, count); bytes_read += count; - if (mcrypt_encrypt_inplace(ctx, buffer, count) != 0) + if (mcrypt_encrypt_inplace(ctx, buffer, count) != MCRYPT_SUCCESS) { FPUTS(T("\n\nMCrypt error: Failed to encrypt data!\n\n"), stderr); goto clean_up; @@ -164,7 +167,7 @@ static int encrypt(const char* const passphrase, const CHR* const input_path, co } if ((clk_now = clock()) - clk_update > CLOCKS_PER_SEC) { - FPRINTF(stderr, T("\b\b\b\b\b\b%5.1f%%"), (bytes_read / ((double)file_size)) * 100.0); + FPRINTF(stderr, T("\b\b\b\b\b\b\b%5.1f%% "), (bytes_read / ((double)file_size)) * 100.0); fflush(stderr); clk_update = clk_now; } @@ -244,27 +247,29 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co goto clean_up; } + FPUTS(T("Decrypting file contents, please be patient... "), stderr); + uint64_t seed; if (fread(&seed, sizeof(uint64_t), 1U, file_in) < 1U) { - FPUTS(T("I/O error: Failed to read seed value!\n\n"), stderr); + FPUTS(T("\n\nI/O error: Failed to read seed value!\n\n"), stderr); goto clean_up; } - ctx = mcrypt_alloc(seed, passphrase); + ctx = mcrypt_alloc(seed, (const uint8_t*)passphrase, strlen(passphrase)); if (!ctx) { - FPUTS(T("MCrypt error: Failed to initialize decryption!\n\n"), stderr); + FPUTS(T("\n\nMCrypt error: Failed to initialize decryption!\n\n"), stderr); goto clean_up; } - - FPRINTF(stderr, T("Decrypting file contents, please be patient... %5.1f%%"), 0.0); clock_t clk_now, clk_update = clock(); uint64_t crc_actual = CRC_INITIALIZER, bytes_read = sizeof(uint64_t); uint8_t buffer[BUFF_SIZE]; const uint64_t read_limit = file_size - sizeof(uint64_t); + FPRINTF(stderr, T("%5.1f%% "), 0.0); + while (bytes_read < read_limit) { const uint64_t bytes_remaining = read_limit - bytes_read; @@ -273,7 +278,7 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co if (count > 0U) { bytes_read += count; - if (mcrypt_decrypt_inplace(ctx, buffer, count) != 0) + if (mcrypt_decrypt_inplace(ctx, buffer, count) != MCRYPT_SUCCESS) { FPUTS(T("\n\nMCrypt error: Failed to decrypt data!\n\n"), stderr); goto clean_up; @@ -291,7 +296,7 @@ static int decrypt(const char* const passphrase, const CHR* const input_path, co } if ((clk_now = clock()) - clk_update > CLOCKS_PER_SEC) { - FPRINTF(stderr, T("\b\b\b\b\b\b%5.1f%%"), (bytes_read / ((double)read_limit)) * 100.0); + FPRINTF(stderr, T("\b\b\b\b\b\b\b%5.1f%% "), (bytes_read / ((double)read_limit)) * 100.0); fflush(stderr); clk_update = clk_now; } @@ -358,14 +363,14 @@ clean_up: static int run_test(const char *const message) { - static const char* const passphrase = "OrpheanBeh0lderScryDoubt!"; + static const char* const passphrase = "OrpheanBeh0lderScry!Doubt"; const size_t length = strlen(message) + 1U; int result = 1; mcrypt_t ctx = MCRYPT_NULL; uint64_t seed; - if (mcrypt_generate_seed(&seed) != 0) + if (mcrypt_generate_seed(&seed) != MCRYPT_SUCCESS) { FPUTS(T("\n\nWhoops: Failed to generate seed!\n\n"), stderr); return 1; @@ -378,14 +383,14 @@ static int run_test(const char *const message) goto clean_up; } - ctx = mcrypt_alloc(seed, passphrase); + ctx = mcrypt_alloc(seed, (const uint8_t*)passphrase, strlen(passphrase)); if (!ctx) { FPUTS(T("\n\nnWhoops: Failed to initialize encoder!\n\n"), stderr); goto clean_up; } - if (mcrypt_encrypt_inplace(ctx, (uint8_t*)text_temp, length) != 0) + if (mcrypt_encrypt_inplace(ctx, (uint8_t*)text_temp, length) != MCRYPT_SUCCESS) { FPUTS(T("\n\nWhoops: Failed to encrypt the message!\n\n"), stderr); goto clean_up; @@ -397,13 +402,13 @@ static int run_test(const char *const message) goto clean_up; } - if (mcrypt_reset(ctx, seed, passphrase) != 0) + if (mcrypt_reset(ctx, seed, (const uint8_t*)passphrase, strlen(passphrase)) != MCRYPT_SUCCESS) { FPUTS(T("\n\nWhoops: Failed to initialize decoder!\n\n"), stderr); goto clean_up; } - if (mcrypt_decrypt_inplace(ctx, (uint8_t*)text_temp, length) != 0) + if (mcrypt_decrypt_inplace(ctx, (uint8_t*)text_temp, length) != MCRYPT_SUCCESS) { FPUTS(T("\n\nWhoops: Failed to decrypt the message!\n\n"), stderr); goto clean_up; @@ -450,6 +455,11 @@ static int self_test(void) { return 1; } + if (g_interrupted) + { + FPUTS(T("\n\nProcess interrupted!\n\n"), stderr); + return 1; + } } } @@ -480,15 +490,20 @@ int MAIN(int argc, CHR* argv[]) if ((!STRICMP(argv[1U], T("-h"))) || (!STRICMP(argv[1U], T("/?"))) || (!STRICMP(argv[1U], T("--help")))) { const CHR* const program = get_file_name(argv[0U]); - FPUTS(T("--------------------------------------------------------------------\n"), stderr); + FPUTS(T("====================================================================\n"), stderr); FPUTS(T("This software has been released under the CC0 1.0 Universal license:\n"), stderr); FPUTS(T("https://creativecommons.org/publicdomain/zero/1.0/legalcode\n"), stderr); - FPUTS(T("--------------------------------------------------------------------\n\n"), stderr); + FPUTS(T("====================================================================\n\n"), stderr); FPUTS(T("Usage:\n"), stderr); - FPRINTF(stderr, T(" %") T(PRISTR) T(" --encrypt [@] \n"), program); - FPRINTF(stderr, T(" %") T(PRISTR) T(" --decrypt [@] \n\n"), program); - FPUTS(T("Note: If is prefixed with an '@' symbol, then it specifies the\n"), stderr); - FPUTS(T("file to read the passphrase from. Only the first line in that file is used!\n\n"), stderr); + FPRINTF(stderr, T(" %") T(PRISTR) T(" --encrypt [[@][:]] \n"), program); + FPRINTF(stderr, T(" %") T(PRISTR) T(" --decrypt [[@][:]] \n\n"), program); + FPUTS(T("Notes:\n"), stderr); + FPUTS(T("- If is prefixed with a '@' character, then it specifies the file\n"), stderr); + FPUTS(T(" to read the passphrase from; only the first line in that file is used!\n"), stderr); + FPUTS(T("- If is prefixed with a ':' character, then the leading character\n"), stderr); + FPUTS(T(" is skipped and the remainder of the argument is used as passphrase.\n"), stderr); + FPUTS(T("- If the argument is *not* present, then the environment variable\n"), stderr); + FPRINTF(stderr, T(" \"%") T(PRISTR) T("\" must be set and it specifies the passphrase to be used.\n\n"), ENVV_PASSWD_NAME); return 0; } if ((!STRICMP(argv[1U], T("-t"))) || (!STRICMP(argv[1U], T("--self-test")))) @@ -497,18 +512,23 @@ int MAIN(int argc, CHR* argv[]) } } - if (argc < 5) + if (argc < 4) { const CHR* const program = get_file_name(argv[0U]); FPRINTF(stderr, T("Error: Nothing to do. Please type '%") T(PRISTR) T(" --help' for details!\n\n"), program); return 1; } - - const CHR *const command = argv[1U], *const passphrase = argv[2U], *const input_file = argv[3U], *const output_file = argv[4U]; - - if ((!passphrase[0U]) || ((passphrase[0U] == T('@')) && (!passphrase[1U]))) + else if (argc > 5) { - FPUTS(T("Error: The passphrase or passphrase file must not be empty!\n\n"), stderr); + FPUTS(T("Warning: Excess command-line argument is ignored!\n\n"), stderr); + } + + const CHR *const command = argv[1U], *const passphrase = (argc > 4) ? argv[2U] : GETENV(ENVV_PASSWD_NAME); + const CHR *const input_file = argv[(argc > 4) ? 3U : 2U], *const output_file = argv[(argc > 4) ? 4U : 3U]; + + if ((!passphrase) || (!passphrase[0U]) || (((passphrase[0U] == T('@')) || (passphrase[0U] == T(':'))) && (!passphrase[1U]))) + { + FPUTS(T("Error: The passphrase (file name) must not be empty!\n\n"), stderr); return 1; } @@ -518,7 +538,7 @@ int MAIN(int argc, CHR* argv[]) return 1; } - char *const passphrase_buffer = (passphrase[0U] == T('@')) ? read_passphrase(passphrase + 1U) : CHR_to_utf8(passphrase); + char *const passphrase_buffer = (passphrase[0U] == T('@')) ? read_passphrase(passphrase + 1U) : CHR_to_utf8((passphrase[0U] == T(':')) ? (passphrase + 1U) : passphrase); if (!passphrase_buffer) { FPUTS(T("Error: Failed to read the passphrase file!\n\n"), stderr); diff --git a/frontend/src/platform.h b/frontend/src/platform.h index 944d66e..62f6d5c 100644 --- a/frontend/src/platform.h +++ b/frontend/src/platform.h @@ -53,6 +53,7 @@ #define MAIN wmain #define CHR wchar_t #define _T(X) L##X +#define GETENV(X) _wgetenv((X)) #define STRLEN(X) wcslen((X)) #define STRICMP(X,Y) _wcsicmp((X),(Y)) #define STRRCHR(X,Y) wcsrchr((X),(Y)) @@ -72,6 +73,7 @@ #define MAIN main #define CHR char #define _T(X) X +#define GETENV(X) getenv((X)) #define STRLEN(X) strlen((X)) #define STRICMP(X,Y) strcasecmp((X),(Y)) #define STRRCHR(X,Y) strrchr((X),(Y)) diff --git a/libMCrypt/include/mcrypt.h b/libMCrypt/include/mcrypt.h index 31dedf1..0e34b02 100644 --- a/libMCrypt/include/mcrypt.h +++ b/libMCrypt/include/mcrypt.h @@ -16,7 +16,13 @@ extern const char* const LIBMCRYPT_BUILDNO; * Opaque handle to internal state */ typedef uintptr_t mcrypt_t; + +/* + * Constants + */ #define MCRYPT_NULL ((mcrypt_t)NULL) +#define MCRYPT_SUCCESS 0 +#define MCRYPT_FAILURE (-1) /* * Seed generator @@ -26,20 +32,20 @@ int mcrypt_generate_seed(uint64_t* const seed); /* * Allocate, reset or free state */ -mcrypt_t mcrypt_alloc(const uint64_t salt, const char* const passphrase); -int mcrypt_reset(const mcrypt_t context, const uint64_t salt, const char* const passphrase); +mcrypt_t mcrypt_alloc(const uint64_t salt, const uint8_t *const passwd, const size_t passwd_len); +int mcrypt_reset(const mcrypt_t context, const uint64_t salt, const uint8_t *const passwd, const size_t passwd_len); void mcrypt_free(const mcrypt_t context); /* * Encryption routines */ -int mcrypt_encrypt(const mcrypt_t context, const uint8_t* const input, uint8_t* const output, size_t length); -int mcrypt_encrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t length); +int mcrypt_encrypt(const mcrypt_t context, const uint8_t *const input, uint8_t* const output, size_t length); +int mcrypt_encrypt_inplace(const mcrypt_t context, uint8_t *const buffer, size_t length); /* * Decryption routines */ -int mcrypt_decrypt(const mcrypt_t context, const uint8_t* const input, uint8_t* const output, size_t length); +int mcrypt_decrypt(const mcrypt_t context, const uint8_t *const input, uint8_t *const output, size_t length); int mcrypt_decrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t length); /* diff --git a/libMCrypt/src/mcrypt.c b/libMCrypt/src/mcrypt.c index f56aee9..b9a2439 100644 --- a/libMCrypt/src/mcrypt.c +++ b/libMCrypt/src/mcrypt.c @@ -23,6 +23,12 @@ const char* const LIBMCRYPT_VERSION = "1.0.0"; const char* const LIBMCRYPT_BUILDNO = __DATE__", "__TIME__; +typedef struct +{ + uint64_t a, b; +} +key_t; + typedef struct { uint8_t wheel_fwd[256U][256U]; @@ -46,7 +52,7 @@ rand_state_t; // Hash function // ========================================================================== -static void hash_update(uint64_t* const h, const uint8_t* const data, const size_t data_len) +static FORCE_INLINE void hash_update(uint64_t *const h, const uint8_t* const data, const size_t data_len) { for (size_t i = 0U; i < data_len; ++i) { @@ -64,20 +70,39 @@ static uint64_t hash_code(const uint64_t salt, const uint16_t pepper, const uint return h; } +// ========================================================================== +// Key derivation +// ========================================================================== + +static FORCE_INLINE uint64_t keygen_loop(uint64_t value, const uint16_t pepper, const uint8_t* const passwd, const size_t passwd_len) +{ + for (size_t i = 0U; i < 99971U; ++i) + { + value = hash_code(value, pepper, passwd, passwd_len); + } + return value; +} + +static void generate_key(key_t *const key, const uint64_t salt, const uint16_t pepper, const uint8_t* const passwd, const size_t passwd_len) +{ + key->a = keygen_loop(salt, pepper & 0x7FFF, passwd, passwd_len); + key->b = keygen_loop(salt, pepper | 0x8000, passwd, passwd_len); +} + // ========================================================================== // PRNG // ========================================================================== static void random_init(rand_state_t* const state, const uint64_t seed_0, const uint64_t seed_1) { - state->counter = 0U; - state->a = (uint32_t)(seed_0 & 0xFFFFFFFF); + mcrypt_bzero(state, sizeof(rand_state_t)); + state->a = (uint32_t)( seed_0 & 0xFFFFFFFF); state->b = (uint32_t)((seed_0 >> 32) & 0xFFFFFFFF); - state->c = (uint32_t)(seed_1 & 0xFFFFFFFF); + state->c = (uint32_t)( seed_1 & 0xFFFFFFFF); state->d = (uint32_t)((seed_1 >> 32) & 0xFFFFFFFF); } -static uint32_t random_next(rand_state_t* const state) +static uint32_t random_next(rand_state_t *const state) { uint32_t t = state->d; const uint32_t s = state->a; @@ -91,28 +116,31 @@ static uint32_t random_next(rand_state_t* const state) return t + (state->counter += 362437U); } -static void random_seed(rand_state_t* const state, const uint64_t salt, const uint16_t pepper, const uint8_t* const key, const size_t key_len) +static void random_seed(rand_state_t* const state, const uint64_t salt, const uint16_t pepper, const uint8_t *const passwd, const size_t passwd_len) { - const uint64_t hash_code_0 = hash_code(salt, pepper & 0x7FFF, key, key_len); - const uint64_t hash_code_1 = hash_code(salt, pepper | 0x8000, key, key_len); - random_init(state, hash_code_0, hash_code_1); - for (size_t i = 0U; i < 13U; ++i) + key_t key; + generate_key(&key, salt, pepper, passwd, passwd_len); + random_init(state, key.a, key.b); + for (size_t i = 0U; i < (salt % 97U) + 13U; ++i) { random_next(state); } + mcrypt_bzero(&key, sizeof(key_t)); } // ========================================================================== // Initialization // ========================================================================== -static void initialize_state(crypt_state_t* const crypt_state, const uint64_t salt, const uint8_t* const key, const size_t key_len) +static void initialize_state(crypt_state_t* const crypt_state, const uint64_t salt, const uint8_t* const passwd, const size_t passwd_len) { + mcrypt_bzero(crypt_state, sizeof(crypt_state_t)); + /* set up wheels and initial rotation */ rand_state_t rand_state; for (size_t r = 0U; r < 256U; ++r) { - random_seed(&rand_state, salt, (uint16_t)r, key, key_len); + random_seed(&rand_state, salt, (uint16_t)r, passwd, passwd_len); crypt_state->rotation_bwd[0U][255U - r] = crypt_state->rotation_fwd[0U][r] = (uint8_t)random_next(&rand_state); crypt_state->rotation_bwd[1U][255U - r] = crypt_state->rotation_fwd[1U][r] = 0U; for (size_t i = 0U; i < 256U; ++i) @@ -132,7 +160,7 @@ static void initialize_state(crypt_state_t* const crypt_state, const uint64_t sa } /* set up stepping */ - random_seed(&rand_state, salt, 0x0100, key, key_len); + random_seed(&rand_state, salt, 256U, passwd, passwd_len); for (size_t i = 0U; i < 256U; ++i) { const size_t j = random_next(&rand_state) % (i + 1U); @@ -145,7 +173,6 @@ static void initialize_state(crypt_state_t* const crypt_state, const uint64_t sa crypt_state->step_bwd[j] = (uint8_t)(255U - i); } - crypt_state->counter = 0U; mcrypt_bzero(&rand_state, sizeof(rand_state_t)); } @@ -196,22 +223,22 @@ int mcrypt_generate_seed(uint64_t* const seed) { if (!seed) { - return -1; + return MCRYPT_FAILURE; } do { if (mcrypt_random_bytes((uint8_t*)seed, sizeof(uint64_t)) != 0) { - return -1; + return MCRYPT_FAILURE; } } while (!(*seed)); - return 0; + return MCRYPT_SUCCESS; } -mcrypt_t mcrypt_alloc(const uint64_t salt, const char* const passphrase) +mcrypt_t mcrypt_alloc(const uint64_t salt, const uint8_t *const passwd, const size_t passwd_len) { - if (!passphrase) + if ((!passwd) || (passwd_len < 1U)) { return ((mcrypt_t)NULL); } @@ -220,19 +247,19 @@ mcrypt_t mcrypt_alloc(const uint64_t salt, const char* const passphrase) { return ((mcrypt_t)NULL); } - initialize_state(state, salt, (uint8_t*)passphrase, strlen(passphrase)); + initialize_state(state, salt, passwd, passwd_len); return ((mcrypt_t)state); } -int mcrypt_reset(const mcrypt_t context, const uint64_t salt, const char* const passphrase) +int mcrypt_reset(const mcrypt_t context, const uint64_t salt, const uint8_t *const passwd, const size_t passwd_len) { crypt_state_t* const state = (crypt_state_t*)context; - if ((!state) || (!passphrase)) + if ((!state) || (!passwd) || (passwd_len < 1U)) { - return -1; + return MCRYPT_FAILURE; } - initialize_state(state, salt, (uint8_t*)passphrase, strlen(passphrase)); - return 0; + initialize_state(state, salt, passwd, passwd_len); + return MCRYPT_SUCCESS; } int mcrypt_encrypt(const mcrypt_t context, const uint8_t* const input, uint8_t* const output, size_t length) @@ -240,13 +267,13 @@ int mcrypt_encrypt(const mcrypt_t context, const uint8_t* const input, uint8_t* crypt_state_t* const state = (crypt_state_t*)context; if (!state) { - return -1; + return MCRYPT_FAILURE; } for (size_t i = 0; i < length; ++i) { output[i] = process_enc(state, input[i]); } - return 0; + return MCRYPT_SUCCESS; } int mcrypt_encrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t length) @@ -254,13 +281,13 @@ int mcrypt_encrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t crypt_state_t* const state = (crypt_state_t*)context; if (!state) { - return -1; + return MCRYPT_FAILURE; } for (size_t i = 0; i < length; ++i) { buffer[i] = process_enc(state, buffer[i]); } - return 0; + return MCRYPT_SUCCESS; } @@ -269,13 +296,13 @@ int mcrypt_decrypt(const mcrypt_t context, const uint8_t* const input, uint8_t* crypt_state_t* const state = (crypt_state_t*)context; if (!state) { - return -1; + return MCRYPT_FAILURE; } for (size_t i = 0; i < length; ++i) { output[i] = process_dec(state, input[i]); } - return 0; + return MCRYPT_SUCCESS; } int mcrypt_decrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t length) @@ -283,13 +310,13 @@ int mcrypt_decrypt_inplace(const mcrypt_t context, uint8_t* const buffer, size_t crypt_state_t* const state = (crypt_state_t*)context; if (!state) { - return -1; + return MCRYPT_FAILURE; } for (size_t i = 0; i < length; ++i) { buffer[i] = process_dec(state, buffer[i]); } - return 0; + return MCRYPT_SUCCESS; } void mcrypt_free(const mcrypt_t context)