mirrors
/
enchive
mirror of https://github.com/skeeto/enchive.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Parameterize maximum passphrase size.

pull/2/head
Christopher Wellons 2017-03-05 17:59:40 -05:00
parent 63b786386e
commit 84e65be1e3
3 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -147,6 +147,10 @@ at run time with `--iterations`.
Power-of-two exponent for secret key derivation. Can be configured at Power-of-two exponent for secret key derivation. Can be configured at
run time with the optional argument to `--derive`. run time with the optional argument to `--derive`.
### `ENCHIVE_PASSPHRASE_MAX`
Maximum passphrase size in bytes, including null terminator.
[myths]: http://www.2uo.de/myths-about-urandom/ [myths]: http://www.2uo.de/myths-about-urandom/
[djb]: https://blog.cr.yp.to/20140205-entropy.html [djb]: https://blog.cr.yp.to/20140205-entropy.html

4
config.h
View File

@ -39,6 +39,10 @@
# define ENCHIVE_AGENT_DEFAULT_ENABLED 0 # define ENCHIVE_AGENT_DEFAULT_ENABLED 0
#endif #endif
#ifndef ENCHIVE_PASSPHRASE_MAX
# define ENCHIVE_PASSPHRASE_MAX 1024
#endif
/* Required for correct builds */ /* Required for correct builds */
#ifndef _POSIX_SOURCE #ifndef _POSIX_SOURCE

8
enchive.c
View File

@ -12,8 +12,6 @@
int curve25519_donna(u8 *p, const u8 *s, const u8 *b); int curve25519_donna(u8 *p, const u8 *s, const u8 *b);
#define PASSPHRASE_MAX 1024
/* Global options. */ /* Global options. */
static char *global_pubkey = 0; static char *global_pubkey = 0;
static char *global_seckey = 0; static char *global_seckey = 0;
@ -594,7 +592,7 @@ write_seckey(const char *file, const u8 *seckey, unsigned long iterations)
if (iterations) { if (iterations) {
/* Prompt for a passphrase. */ /* Prompt for a passphrase. */
char pass[2][PASSPHRASE_MAX]; char pass[2][ENCHIVE_PASSPHRASE_MAX];
get_passphrase(pass[0], sizeof(pass[0]), get_passphrase(pass[0], sizeof(pass[0]),
"passphrase (empty for none): "); "passphrase (empty for none): ");
if (!pass[0][0]) { if (!pass[0][0]) {
@ -703,7 +701,7 @@ load_seckey(const char *file, u8 *seckey)
if (!agent_success) { if (!agent_success) {
/* Ask user for passphrase. */ /* Ask user for passphrase. */
char pass[PASSPHRASE_MAX]; char pass[ENCHIVE_PASSPHRASE_MAX];
unsigned long iterations = unsigned long iterations =
((unsigned long)buf_iterations[0] << 24) | ((unsigned long)buf_iterations[0] << 24) |
((unsigned long)buf_iterations[1] << 16) | ((unsigned long)buf_iterations[1] << 16) |
@ -871,7 +869,7 @@ command_keygen(struct optparse *options)
load_seckey(secfile, secret); load_seckey(secfile, secret);
} else if (derive) { } else if (derive) {
/* Generate secret key from passphrase. */ /* Generate secret key from passphrase. */
char pass[2][PASSPHRASE_MAX]; char pass[2][ENCHIVE_PASSPHRASE_MAX];
get_passphrase(pass[0], sizeof(pass[0]), get_passphrase(pass[0], sizeof(pass[0]),
"secret key passphrase: "); "secret key passphrase: ");
get_passphrase(pass[1], sizeof(pass[0]), get_passphrase(pass[1], sizeof(pass[0]),