tKDF key handling cleanup - tomb - the crypto undertaker
HTML git clone git://parazyd.org/tomb.git
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit f218c644ab882fec8ada3cb885f1c2ae173fddce
DIR parent 5dbcabdf2636300f6877e6bab27ef51c7b739a8f
HTML Author: Jaromil <jaromil@dyne.org>
Date: Tue, 25 Nov 2014 03:25:27 +0100
KDF key handling cleanup
Diffstat:
M tomb | 26 +++++++++++++++++---------
1 file changed, 17 insertions(+), 9 deletions(-)
---
DIR diff --git a/tomb b/tomb
t@@ -722,13 +722,15 @@ is_valid_key() {
# $1 is a string containing an encrypted key
_tomb_key_recover recover_key() {
- local key="$1" # Unique argument is an encrypted key
+ local key="${1}" # Unique argument is an encrypted key
_warning "Attempting key recovery."
+
+ _head="${key[(f)1]}" # take the first line
TOMBKEY="" # Reset global variable
- [[ $key =~ "_KDF_" ]] && TOMBKEY+="`print - $key | $head -n 1`\n"
+ [[ $_head =~ "^_KDF_" ]] && TOMBKEY+="$_head\n"
TOMBKEY+="-----BEGIN PGP MESSAGE-----\n"
TOMBKEY+="$key\n"
t@@ -827,18 +829,24 @@ get_lukskey() {
exhumedkey=""
- firstline=$(head -n1 <<< $TOMBKEY)
+ firstline="${TOMBKEY[(f)1]}"
# key is KDF encoded
if [[ $firstline =~ '^_KDF_' ]]; then
- _verbose "KDF: ::1 kdf::" $(cut -d_ -f 3 <<<$firstline)
- case `cut -d_ -f 3 <<<$firstline` in
- pbkdf2sha1)
- pbkdf2_param=`cut -d_ -f 4- <<<$firstline | tr '_' ' '`
- _password=$(tomb-kdb-pbkdf2 ${=pbkdf2_param} 2>/dev/null <<<$_password)
+ kdf_hash="${firstline[(ws:_:)2]}"
+ _verbose "KDF: ::1 kdf::" "$kdf_hash"
+ case "$kdf_hash" in
+ "pbkdf2sha1")
+ kdf_salt="${firstline[(ws:_:)3]}"
+ kdf_ic="${firstline[(ws:_:)4]}"
+ kdf_len="${firstline[(ws:_:)5]}"
+ _verbose "KDF salt: $kdf_salt"
+ _verbose "KDF ic: $kdf_ic"
+ _verbose "KDF len: $kdf_len"
+ _password=$(tomb-kdb-pbkdf2 $kdf_salt $kdf_ic $kdf_len 2>/dev/null <<<$_password)
;;
*)
- _failure "No suitable program for KDF ::1 program::." $(cut -f 3 <<<$firstline)
+ _failure "No suitable program for KDF ::1 program::." $pbkdf_hash
unset _password
return 1
;;