path: root/file2key.c

/* See LICENSE file for copyright and license details. */
#include <sys/stat.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#ifndef WITH_LIBPASSPHRASE
# include <termios.h>
#endif
#include <unistd.h>

#ifdef WITH_LIBPASSPHRASE
# include <passphrase.h>
#endif
#include <libkeccak.h>

#include "config.h"
#include "settings.h"


/**
 * Map from hexadecimal to colour-coded hexadecimal
 */
const char *const COLOUR_HEX[] = {
	['0'] = "\033[31m0",
	['1'] = "\033[31m1",
	['2'] = "\033[32m2",
	['3'] = "\033[33m3",
	['4'] = "\033[32m4",
	['5'] = "\033[33m5",
	['6'] = "\033[31m6",
	['7'] = "\033[34m7",
	['8'] = "\033[34m8",
	['9'] = "\033[34m9",
	['a'] = "\033[32ma",
	['b'] = "\033[31mb",
	['c'] = "\033[33mc",
	['d'] = "\033[34md",
	['e'] = "\033[33me",
	['f'] = "\033[32mf",
};



/**
 * `argv[0]` from `main`
 */
static char *argv0;



/**
 * Ask the user for the passphrase
 * 
 * @param   passphrasep  Output parameter for the passphrase
 * @return               Zero on success, an appropriate exit value on error
 */
static int
get_passphrase(char **passphrasep)
{
#ifndef WITH_LIBPASSPHRASE
	struct termios stty, stty_saved;
	char *passphrase = NULL, *new;
	size_t len = 0, size = 0;
	ssize_t r;
#endif
	int ttyfd;
	ttyfd = open("/dev/tty", O_RDONLY);
	if (ttyfd < 0) {
		perror(argv0);
		return 2;
	}

#ifdef WITH_LIBPASSPHRASE
	passphrase_disable_echo1(ttyfd);
	fprintf(stderr, "%s", PASSPHRASE_PROMPT_STRING);
	fflush(stderr);
	*passphrasep = passphrase_read2(ttyfd, PASSPHRASE_READ_EXISTING);
	if (!*passphrasep)
		perror(argv0);
	passphrase_reenable_echo1(ttyfd);
	close(ttyfd);
	return *passphrasep ? 0 : 2;

#else
	memset(&stty, 0, sizeof(stty));
	if (tcgetattr(ttyfd, &stty)) {
		perror(argv0);
		close(ttyfd);
		return 2;
	}
	memcpy(&stty_saved, &stty, sizeof(stty));
	stty.c_lflag &= (tcflag_t)~ECHO;
	tcsetattr(ttyfd, TCSAFLUSH, &stty);
	fprintf(stderr, "%s", PASSPHRASE_PROMPT_STRING);
	fflush(stderr);

	for (;;) {
		if (len == size) {
			new = realloc(passphrase, size += 32);
			if (!new) {
				perror(argv0);
				close(ttyfd);
				if (passphrase) {
					memset(passphrase, 0, len);
					free(passphrase);
				}
				return 2;
			}
			passphrase = new;
		}
		r = read(ttyfd, &passphrase[len], 1);
		if (r < 0) {
			perror(argv0);
			memset(passphrase, 0, len);
			free(passphrase);
			close(ttyfd);
			return 2;
		} else if (!r || passphrase[len] == '\n') {
			passphrase[len] = 0;
			break;
		} else {
			len += 1;
		}
	}

	fprintf(stderr, "\n");
	tcsetattr(ttyfd, TCSAFLUSH, &stty_saved);
	close(ttyfd);
	*passphrasep = passphrase;
	return 0;
#endif
}


/**
 * Hash, and display, passphrase so to hint the
 * user whether it as typed correctly or not
 * 
 * @param   passphrase  The passphrase
 * @return              Zero on success, an appropriate exit value on error
 */
static int
hash_passphrase(const char *passphrase)
{
	struct libkeccak_spec spec;
	struct libkeccak_state state;
	char hashsum[PASSPHRASE_KECCAK_OUTPUT / 8];
	char hexsum[PASSPHRASE_KECCAK_OUTPUT / 4 + 1];
	size_t i, n;

	spec.bitrate  = PASSPHRASE_KECCAK_RATE;
	spec.capacity = PASSPHRASE_KECCAK_CAPACITY;
	spec.output   = PASSPHRASE_KECCAK_OUTPUT;

	if (libkeccak_spec_check(&spec) || PASSPHRASE_KECCAK_SQUEEZES <= 0) {
		fprintf(stderr, "%s: bad passhprase hashing parameters, please recompile file2key with with "
		                    "proper values on PASSPHRASE_KECCAK_RATE, PASSPHRASE_KECCAK_CAPACITY, "
		                    "PASSPHRASE_KECCAK_OUTPUT and PASSPHRASE_KECCAK_SQUEEZES", argv0);
		return 1;
	}

	if (libkeccak_state_initialise(&state, &spec)) {
		perror(argv0);
		return 2;
	}

	if (libkeccak_digest(&state, passphrase, strlen(passphrase), 0, NULL, PASSPHRASE_KECCAK_SQUEEZES == 1 ? hashsum : NULL)) {
		perror(argv0);
		libkeccak_state_destroy(&state);
		return 2;
	}
	if (PASSPHRASE_KECCAK_SQUEEZES > 2)
		libkeccak_fast_squeeze(&state, PASSPHRASE_KECCAK_SQUEEZES - 2);
	if (PASSPHRASE_KECCAK_SQUEEZES > 1)
		libkeccak_squeeze(&state, hashsum);

	libkeccak_state_destroy(&state);

	libkeccak_behex_lower(hexsum, hashsum, sizeof(hashsum) / sizeof(char));
	fprintf(stderr, "%s: passphrase hash: ", argv0);
	for (i = 0, n = strlen(hexsum); i < n; i++)
		fprintf(stderr, "%s", COLOUR_HEX[(unsigned char)hexsum[i]]);
	fprintf(stderr, "\033[00m\n");

	return 0;
}


/**
 * @return  0: success
 *          1: user error
 *          2: on system error
 */
int
main(int argc, char *argv[])
{
	struct libkeccak_generalised_spec gspec;
	struct libkeccak_spec spec;
	struct libkeccak_state state;
	char *passphrase = NULL;
	char *hash = NULL;
	size_t hash_size = 0;
	size_t hash_ptr = 0;
	char *data = NULL;
	size_t data_size = 0;
	size_t data_ptr = 0;
	size_t blksize = 4096;
	int r, fd = -1;
	struct stat attr;
	size_t start;
	ssize_t n;

	argv0 = *argv++, argc--;
	if (argc > 0 && argv[0][0] == '-') {
		if (argv[0][1] == '-' && !argv[0][2])
			argv++, argc--;
		else if (argv[0][1])
			goto usage;
	}
	if (argc > 1) {
	usage:
		fprintf(stderr, "usage: %s [file]\n", argv0);
		return 1;
	}

	if (argc > 0 && strcmp(argv[0], "-")) {
		fd = open(argv[0], O_RDONLY);
		if (fd < 0)
			goto pfail;
	} else {
		fd = STDIN_FILENO;
	}
	if (isatty(fd)) {
		fprintf(stderr, "%s: input file must not be a terminal\n", argv0);
		close(fd);
		return 1;
	}
	if (fstat(fd, &attr) == 0)
		if (attr.st_blksize > 0)
			blksize = (size_t)attr.st_blksize;

	libkeccak_generalised_spec_initialise(&gspec);
	libkeccak_degeneralise_spec(&gspec, &spec);
	if (libkeccak_state_initialise(&state, &spec))
		goto pfail;
	if ((r = get_passphrase(&passphrase)))
		goto fail;
	if ((r = hash_passphrase(passphrase)))
		goto fail;
	if (libkeccak_update(&state, passphrase, strlen(passphrase)))
		goto pfail;
#ifdef WITH_LIBPASSPHRASE
	passphrase_wipe(passphrase, strlen(passphrase));
#else
	memset(passphrase, 0, strlen(passphrase));
#endif
	free(passphrase);
	passphrase = NULL;

	hash_size = (size_t)(spec.output / 8);
	if (!(hash = malloc(hash_size)))
		goto pfail;
	if (!(data = malloc(blksize)))
		goto pfail;

	if (libkeccak_digest(&state, KEY_PEPPER, strlen(KEY_PEPPER), 0, NULL, hash))
		goto pfail;

	for (;;) {
		if (hash_ptr == hash_size) {
			libkeccak_squeeze(&state, hash);
			hash_ptr = 0;
		}

		if (data_ptr == data_size) {
			n = read(fd, data, blksize);
			if (n <= 0) {
				if (!n)
					break;
				goto pfail;
			}
			data_size = (size_t)n;
			data_ptr = 0;
		}

		start = data_ptr;
		while (hash_ptr < hash_size && data_ptr < data_size)
			data[data_ptr++] ^= hash[hash_ptr++];

		while (start < data_ptr) {
			n = write(STDOUT_FILENO, &data[start], data_ptr - start);
			if (n <= 0)
				goto pfail;
			start += (size_t)n;
		}
	}

	r = 0;
	goto done;

pfail:
	r = 2;
	perror(*argv);
fail:
	if (passphrase) {
#ifdef WITH_LIBPASSPHRASE
		passphrase_wipe(passphrase, strlen(passphrase));
#else
		memset(passphrase, 0, strlen(passphrase));
#endif
		free(passphrase);
	}
done:
	libkeccak_state_destroy(&state);
	free(data);
	free(hash);
	if (argc > 0 && fd >= 0)
		close(fd);
	return r;
}