tReuse salt of special entry '.lock' if present - safe - password protected secret keeper
(HTM) git clone git://git.z3bra.org/safe.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 5dab94f82b2ff901e004fb3ef9692e3644208aac
(DIR) parent d559d079f0cbe3f4347898ce51962877c05eda01
(HTM) Author: Willy Goiffon <dev@z3bra.org>
Date: Mon, 3 Jun 2019 11:37:42 +0200
Reuse salt of special entry '.lock' if present
Diffstat:
M safe.c | 30 +++++++++++++++++++++++++++++-
1 file changed, 29 insertions(+), 1 deletion(-)
---
(DIR) diff --git a/safe.c b/safe.c
t@@ -4,6 +4,7 @@
#include <sys/un.h>
#include <err.h>
+#include <errno.h>
#include <fcntl.h>
#include <limits.h>
#include <stdint.h>
t@@ -155,6 +156,20 @@ secret_decrypt(struct safe *s, uint8_t *c, size_t clen, uint8_t *m, unsigned lon
}
int
+secret_exists(const char *secret)
+{
+ struct stat sb;
+
+ if (!stat(secret, &sb))
+ return 1;
+
+ if (errno == ENOENT)
+ return 0;
+
+ err(1, "stat: %s", secret);
+}
+
+int
readpass(const char *prompt, uint8_t **target, size_t *len)
{
char pass[BUFSIZ], *p;
t@@ -265,7 +280,17 @@ getkey(struct safe *s, char *path)
int
genkey(struct safe *s)
{
- memset(s->salt, 0, sizeof(s->salt));
+ int fd;
+
+ if (secret_exists(LOCK)) {
+ if ((fd = open(LOCK, O_RDONLY)) < 0)
+ err(1, "open %s", LOCK);
+
+ xread(fd, s->salt, sizeof(s->salt), NULL);
+ } else {
+ randombytes_buf(s->salt, sizeof(s->salt));
+ }
+
readpass("password:", &passphrase, &pplen);
deriv((char *)passphrase, s);
t@@ -286,6 +311,8 @@ store_secret(struct safe *s, int fd, char *name)
if (sfd < 0)
err(1, "open %s", name);
+ xwrite(sfd, s->salt, sizeof(s->salt));
+
flags = SAFE_INIT;
while ((n = xread(fd, m, sizeof(m), &eof)) > 0) {
flags |= eof ? SAFE_FINAL : 0;
t@@ -316,6 +343,7 @@ show_secret(struct safe *s, int fd, char *name)
if (sfd < 0)
err(1, "open %s", name);
+ xread(sfd, s->salt, sizeof(s->salt), NULL);
xread(sfd, s->h, sizeof(s->h), NULL);
flags = SAFE_INIT;