2 * tfcrypt -- high security Threefish encryption tool.
4 * tfcrypt is copyrighted:
5 * Copyright (C) 2012-2019 Andrey Rys. All rights reserved.
7 * tfcrypt is licensed to you under the terms of std. MIT/X11 license:
9 * Permission is hereby granted, free of charge, to any person obtaining
10 * a copy of this software and associated documentation files (the
11 * "Software"), to deal in the Software without restriction, including
12 * without limitation the rights to use, copy, modify, merge, publish,
13 * distribute, sublicense, and/or sell copies of the Software, and to
14 * permit persons to whom the Software is furnished to do so, subject to
15 * the following conditions:
17 * The above copyright notice and this permission notice shall be
18 * included in all copies or substantial portions of the Software.
20 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
21 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
22 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
23 * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
24 * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
25 * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
26 * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
31 void read_defaults(const char *path, tfc_yesno noerr)
34 char *s, *d, *t, *stoi;
40 if (noerr == YES) return;
41 xerror(NO, NO, YES, "%s", path);
45 memset(ln, 0, sizeof(ln));
46 if (xfgets(ln, sizeof(ln), f) != YES) break;
49 if (!strcmp(ln, "# tfcrypt.defs")) valid = YES;
53 if (str_empty(ln) || ln[0] == '#') continue;
60 /* yay! GOTO hell! You'll "like" it! */
61 _spc1: t = strchr(s, ' ');
64 _spc2: t = strchr(d, ' ');
66 *t = 0; d = t+1; goto _spc2;
68 if (!strcmp(s, "nr_turns")) {
69 nr_turns = strtoul(d, &stoi, 10);
70 if (!str_empty(stoi)) xerror(NO, YES, YES, "[%s] nr_turns=%s: invalid number of turns", path, d);
72 else if (!strcmp(s, "ctr_mode")) {
73 if (!strcasecmp(d, "ctr"))
74 ctr_mode = TFC_MODE_CTR;
75 else if (!strcasecmp(d, "stream"))
76 ctr_mode = TFC_MODE_STREAM;
77 else if (!strcasecmp(d, "cbc"))
78 ctr_mode = TFC_MODE_CBC;
79 else if (!strcasecmp(d, "ecb"))
80 ctr_mode = TFC_MODE_ECB;
81 else if (!strcasecmp(d, "xts"))
82 ctr_mode = TFC_MODE_XTS;
83 else if (!strcasecmp(d, "ocb"))
84 ctr_mode = TFC_MODE_OCB;
85 else xerror(NO, YES, YES, "[%s] ctr_mode=%s: invalid mode of operation", path, d);
87 else if (!strcmp(s, "tfc_salt")) {
88 memset(tfc_salt, 0, TFC_MAX_SALT);
89 tfc_saltsz = base64_decode((char *)tfc_salt, TFC_MAX_SALT, d, strlen(d));
91 else if (!strcmp(s, "macbits")) {
92 macbits = strtoul(d, &stoi, 10);
93 if (macbits == 0 || !str_empty(stoi) || macbits < 8
94 || macbits > TF_MAX_BITS || macbits % 8)
95 xerror(NO, YES, YES, "[%s] macbits=%s: invalid MAC bits setting", path, d);
97 else if (!strcmp(s, "do_full_key")) {
98 if (!strcasecmp(d, "yes")) do_full_key = YES;
99 else if (!strcasecmp(d, "no")) do_full_key = NO;
101 else xerror(NO, YES, YES, "[%s] %s: unknown keyword", path, s);
104 memset(ln, 0, sizeof(ln));
108 void hash_defaults(char *uhash, size_t szuhash)
113 tfc_byte hash[TF_FROM_BITS(256)];
115 skein_init(&sk, 256);
117 skein_update(&sk, tfc_salt, tfc_saltsz);
119 memset(shash, 0, sizeof(shash));
120 sprintf(shash, "%zu", nr_turns);
121 skein_update(&sk, shash, strlen(shash));
123 mode = tfc_modename(ctr_mode);
124 skein_update(&sk, mode, strlen(mode));
126 memset(shash, 0, sizeof(shash));
127 sprintf(shash, "%zu", macbits);
128 skein_update(&sk, shash, strlen(shash));
130 skein_update(&sk, do_full_key ? "1" : "0", 1);
132 skein_final(hash, &sk);
133 memset(shash, 0, sizeof(shash));
134 base64_encode(shash, (const char *)hash, sizeof(hash));
135 memset(hash, 0, sizeof(hash));
137 xstrlcpy(uhash, shash, szuhash);