diff --git a/tomb b/tomb index 34b41020..d5bbee8e 100755 --- a/tomb +++ b/tomb @@ -65,6 +65,7 @@ typeset -i SPHINX=1 typeset -i RESIZER=1 typeset -i RECOLL=1 typeset -i QRENCODE=1 +typeset -i ARGON2=1 # Default mount options typeset MOUNTOPTS="rw,noatime,nodev" @@ -840,8 +841,12 @@ usage() { _print " --sphx-host host associated with the key (for use with pitchforkedsphinx)" } - [[ $KDF == 1 ]] && { - _print " --kdf forge keys armored against dictionary attacks" + [[ $KDF == 1 ]] || [[ $ARGON2 == 1 ]] && { + _print " --kdf forge keys armored against dictionary attacks" # needs the note, that this also accepts an argument for iteration + _print " --kdftype what KDF function to use (pbkdf2, argon2)" + } + [[ $ARGON2 == 1 ]] && { + _print " --kdfmem memory to be used for argon2" } echo @@ -1589,11 +1594,18 @@ gen_key() { fi header="" - [[ $KDF == 1 ]] && { + ([[ $KDF == 1 ]] || [[ $ARGON2 == 1 ]]) && { { option_is_set --kdf } && { - # KDF is a new key strenghtening technique against brute forcing + # KDF is a key strengthening technique against brute forcing # see: https://github.com/dyne/Tomb/issues/82 + # Two algorithm currently supported: + # * pbkdf2 (covers against CPU) + # * argon2 (covers against CPU, memory and) itertime="`option_value --kdf`" + itertime=${itertime:-3} + # Set default (argon2 has a default of 3 iterations; the resulting itertime with this + # default is considered safe enough for pbkdf2) + # removing support of floating points because they can't be type checked well # if [[ "$itertime" != <-> ]]; then # unset tombpass @@ -1602,7 +1614,15 @@ gen_key() { # _failure "Depending on the speed of machines using this tomb, use 1 to 10, or more" # return 1 # fi - # # --kdf takes one parameter: iter time (on present machine) in seconds + # # --kdf takes one optional parameter: iter time (on present machine) in seconds + + # Generating salt (either via tomb-kdb-pbkdf2 or a shell fallback) + if $(command -v tomb-kdb-pbkdf2-gensalt 1>/dev/null 2>/dev/null); then + kdfsalt=`tomb-kdb-pbkdf2-gensalt` + else + kdfsalt=$(LC_CTYPE=C tr -cd 'a-z0-9' < /dev/random | head -c 64) + fi + _message "kdf salt: ::1 kdfsalt::" $kdfsalt kdftype="`option_value --kdftype`" kdftype=${kdftype:-pbkdf2} @@ -1610,26 +1630,19 @@ gen_key() { pbkdf2) local -i microseconds microseconds=$(( itertime * 1000000 )) - _success "Using KDF, iteration time: ::1 microseconds::" $microseconds - _message "generating salt" - pbkdf2_salt=`tomb-kdb-pbkdf2-gensalt` + _success "Using pbkdf2 as KDF, iteration time: ::1 microseconds::" $microseconds _message "calculating iterations" pbkdf2_iter=`tomb-kdb-pbkdf2-getiter $microseconds` _message "encoding the password" # We use a length of 64bytes = 512bits (more than needed!?) - tombpass=`tomb-kdb-pbkdf2 $pbkdf2_salt $pbkdf2_iter 64 <<<"${tombpass}"` - - header="_KDF_pbkdf2sha1_${pbkdf2_salt}_${pbkdf2_iter}_64\n" + tombpass=`tomb-kdb-pbkdf2 $kdf_salt $pbkdf2_iter 64 <<<"${tombpass}"` + header="_KDF_pbkdf2sha1_${kdf_salt}_${pbkdf2_iter}_64\n" ;; argon2) - _success "Using KDF Argon2" + _success "Using Argon2 as KDF" kdfmem="`option_value --kdfmem`" kdfmem=${kdfmem:-18} _message "memory used: 2^::1 kdfmemory::" $kdfmem - itertime="`option_value --kdf`" - itertime=${itertime:-3} - kdfsalt=`tomb-kdb-pbkdf2-gensalt` - _message "kdf salt: ::1 kdfsalt::" $kdfsalt _message "kdf iterations: ::1 kdfiterations::" $itertime tombpass=`argon2 $kdfsalt -m $kdfmem -t $itertime -l 64 -r <<<"${tombpass}"` header="_KDF_argon2_${kdfsalt}_${itertime}_${kdfmem}_64\n" @@ -2095,7 +2108,7 @@ forge_key() { $destkey $algo [[ $KDF == 1 ]] && { ! option_is_set -g } && { - _message "Using KDF to protect the key password (`option_value --kdf` rounds)" + _message "Using KDF to protect the key password (`option_value --kdf` rounds)" # something to be done here to see the default } TOMBKEYFILE="$destkey" # Set global variable