From 7456d4f4b79e3ce24e845b8d65438d58aaf86012 Mon Sep 17 00:00:00 2001 From: Narrat Date: Wed, 24 Jul 2024 18:28:22 +0200 Subject: [PATCH 1/6] Improve argon2 handling and KDF in general Previously it wasn't possible to use argon2 as KDF function without the tomb tools from extras/kdf-keys being available. To change that behaviour introduce checks on the ARGON2 variable. Additionally add a fallback function to create a salt that is compatible to tomb-kdb-pbkdf2-gensalt. Options specific for the different supported KDF algorithm are reorganized. Some options align between the various KDF and some are unique to them. The output of -h is enhanced with the various --kdf options and depends on the available optional tools. argon2 specific cli arguments won't be displayed if argon2 is not available. Add case for results beside argon2 and pbkdf2. Key creation won't be stopped, just a warning is issued that the resulting key won't be protected via KDF. Regarding the cli options. The argument for the suboption --kdf is made optional. In that regard one needs to make sure, that --kdf is the last option before an argument. Or - to separate. Third option would be use -k to specify the keyname. Example: tomb forge --kdf - testkey.tomb Example: tomb forge --kdf -k testkey.tomb Example: tomb forge -k testkey.tomb --kdf Additonally the kdf options are reorganized, which is a possible breaking change for scripts or GUI helpers. * --kdftype is changed to --kdf * --kdfiter is introduced as replacement the for previous --kdf definition * --kdfpar is introduced to support the parallelism option of argon2 (nice to have if someone wants to adjust memory or iteration costs without increasing the time that much) Only --kdf is mandatory to get a key which is protected with KDF. For every other option safe defaults are set and can be optionally adjusted. KDF related subcommand options are removed where they don't come into play. gen_key() is only called in forge and passwd. Closes #526 --- tomb | 93 +++++++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 60 insertions(+), 33 deletions(-) diff --git a/tomb b/tomb index f2be494..4b079e9 100755 --- a/tomb +++ b/tomb @@ -66,6 +66,7 @@ typeset -i RECOLL=1 typeset -i QRENCODE=1 typeset -i LSOF=1 typeset -i ACL=1 +typeset -i ARGON2=1 # Default mount options typeset MOUNTOPTS="rw,noatime,nodev" @@ -749,8 +750,13 @@ usage() { _print " -R provide GnuPG hidden recipients (separated by comma)" _print " --sudo super user exec alternative to sudo (doas or none)" - [[ $KDF == 1 ]] && { - _print " --kdf forge keys armored against dictionary attacks" + [[ $KDF == 1 ]] || [[ $ARGON2 == 1 ]] && { + _print " --kdf forge keys armored against dictionary attacks (pbkdf2 (default), argon2)" + _print " --kdfiter Number of iterations (meaning depending on KDF algorithm) (pbkdf2, argon2)" + } + [[ $ARGON2 == 1 ]] && { + _print " --kdfmem memory to be used (argon2)" + _print " --kdfpar number of threads (argon2)" } echo @@ -1225,11 +1231,14 @@ get_lukskey() { kdf_salt="${firstline[(ws:_:)3]}" kdf_ic="${firstline[(ws:_:)4]}" kdf_mem="${firstline[(ws:_:)5]}" + kdf_par="${firstline[(ws:_:)6]}" + # ToDo also parse kdf_len? _message "Unlocking KDF key protection (::1 kdf::)" $kdf_hash _verbose "KDF salt: $kdf_salt" _verbose "KDF ic: $kdf_ic" _verbose "KDF mem: $kdf_mem" - _password=$(argon2 $kdf_salt -m $kdf_mem -t $kdf_ic -l 64 -r 2>/dev/null <<<$_password) + _verbose "KDF # threads: $kdf_par" + _password=$(argon2 $kdf_salt -m $kdf_mem -t $kdf_ic -p $kdf_par -l 64 -r 2>/dev/null <<<$_password) ;; *) @@ -1472,50 +1481,68 @@ gen_key() { fi header="" - [[ $KDF == 1 ]] && { + [[ $KDF == 1 ]] || [[ $ARGON2 == 1 ]] && { { option_is_set --kdf } && { - # KDF is a new key strenghtening technique against brute forcing + # KDF is a key strengthening technique against brute forcing # see: https://github.com/dyne/Tomb/issues/82 - itertime="`option_value --kdf`" + # Two KDF are currently supported: + # * pbkdf2 (time restrictive) + # * argon2 (memory, parallelismn restrictive and through those time) + + # --kdfiter takes one integer value as parameter + # argon2: # of iterations (default of 3); + # pbkdf2: calculates # of iterations to reach this as time cost in seconds + itertime="`option_value --kdfiter`" + itertime=${itertime:-3} + # removing support of floating points because they can't be type checked well # if [[ "$itertime" != <-> ]]; then # unset tombpass # unset tombpasstmp - # _warning "Wrong argument for --kdf: must be an integer number (iteration seconds)." + # _warning "Wrong argument for --kdfiter: must be an integer number (iteration seconds)." # _failure "Depending on the speed of machines using this tomb, use 1 to 10, or more" # return 1 # fi - # # --kdf takes one parameter: iter time (on present machine) in seconds - kdftype="`option_value --kdftype`" + # Generating salt (either via tomb-kdb-pbkdf2 or a shell fallback) + if $(command -v tomb-kdb-pbkdf2-gensalt 1>/dev/null 2>/dev/null); then + kdfsalt=`tomb-kdb-pbkdf2-gensalt` + else + kdfsalt=$(LC_CTYPE=C tr -cd 'a-f0-9' < /dev/random | head -c 64) + fi + _message "kdf salt: ::1 kdfsalt::" $kdfsalt + + # --kdf takes one optional parameter: what KDF + # (pbkdf2 being the default) + kdftype="`option_value --kdf`" kdftype=${kdftype:-pbkdf2} case ${kdftype} in - pbkdf2) + pbkdf2) local -i microseconds microseconds=$(( itertime * 1000000 )) - _success "Using KDF, iteration time: ::1 microseconds::" $microseconds - _message "generating salt" - pbkdf2_salt=`tomb-kdb-pbkdf2-gensalt` - _message "calculating iterations" + _success "Using pbkdf2 as KDF" + _message "iteration time: ::1 microseconds::" $microseconds pbkdf2_iter=`tomb-kdb-pbkdf2-getiter $microseconds` - _message "encoding the password" + _message "iterations: ::1 pbkdf2_iter::" $pbkdf2_iter # We use a length of 64bytes = 512bits (more than needed!?) - tombpass=`tomb-kdb-pbkdf2 $pbkdf2_salt $pbkdf2_iter 64 <<<"${tombpass}"` - - header="_KDF_pbkdf2sha1_${pbkdf2_salt}_${pbkdf2_iter}_64\n" + tombpass=`tomb-kdb-pbkdf2 $kdfsalt $pbkdf2_iter 64 <<<"${tombpass}"` + header="_KDF_pbkdf2sha1_${kdfsalt}_${pbkdf2_iter}_64\n" ;; - argon2) - _success "Using KDF Argon2" + argon2) + _success "Using Argon2 as KDF" + _message "iterations: ::1 kdfiterations::" $itertime kdfmem="`option_value --kdfmem`" kdfmem=${kdfmem:-18} _message "memory used: 2^::1 kdfmemory::" $kdfmem - itertime="`option_value --kdf`" - itertime=${itertime:-3} - kdfsalt=`tomb-kdb-pbkdf2-gensalt` - _message "kdf salt: ::1 kdfsalt::" $kdfsalt - _message "kdf iterations: ::1 kdfiterations::" $itertime - tombpass=`argon2 $kdfsalt -m $kdfmem -t $itertime -l 64 -r <<<"${tombpass}"` - header="_KDF_argon2_${kdfsalt}_${itertime}_${kdfmem}_64\n" + kdfpar="`option_value --kdfpar`" + kdfpar=${kdfpar:-1} + _message "parallelismn: ::1 kdfparallel::" $kdfpar + tombpass=`argon2 $kdfsalt -m $kdfmem -t $itertime -p $kdfpar -l 64 -r <<<"${tombpass}"` + header="_KDF_argon2_${kdfsalt}_${itertime}_${kdfmem}_${kdfpar}_64\n" + ;; + *) + _warning "unrecognized KDF ::1::" $kdftype + _warning "key won\'t be protected via a KDF implementation" ;; esac } @@ -1978,7 +2005,7 @@ forge_key() { $destkey $algo [[ $KDF == 1 ]] && { ! option_is_set -g } && { - _message "Using KDF to protect the key password (`option_value --kdf` rounds)" + _message "Using KDF to protect the key password" } TOMBKEYFILE="$destkey" # Set global variable @@ -3131,19 +3158,19 @@ main() { main_opts=(q -quiet=q D -debug=D h -help=h v -version=v f -force=f -tmp: U: G: T: -no-color -unsafe g -gpgkey=g -sudo:) subcommands_opts[__default]="" # -o in open and mount is used to pass alternate mount options - subcommands_opts[open]="n -nohook=n k: -kdf: -kdftype: -kdfmem: o: -ignore-swap -tomb-pwd: r: R: -sphx-host: -sphx-user: p -preserve-ownership=p" + subcommands_opts[open]="n -nohook=n k: o: -ignore-swap -tomb-pwd: r: R: -sphx-host: -sphx-user: p -preserve-ownership=p" subcommands_opts[mount]=${subcommands_opts[open]} subcommands_opts[create]="" # deprecated, will issue warning # -o in forge and lock is used to pass an alternate cipher. - subcommands_opts[forge]="-ignore-swap k: -kdf: -kdftype: -kdfmem: o: -tomb-pwd: -use-random r: R: -sphx-host: -sphx-user: " + subcommands_opts[forge]="-ignore-swap k: -kdf:: -kdfiter: -kdfmem: -kdfpar: o: -tomb-pwd: -use-random r: R: -sphx-host: -sphx-user: " subcommands_opts[dig]="-ignore-swap s: -size=s " - subcommands_opts[lock]="-ignore-swap k: -kdf: -kdftype: -kdfmem: o: -tomb-pwd: r: R: -sphx-host: -sphx-user: -filesystem: " - subcommands_opts[setkey]="k: -ignore-swap -kdf: -kdftype: -kdfmem: -tomb-old-pwd: -tomb-pwd: r: R: -sphx-host: -sphx-user: " + subcommands_opts[lock]="-ignore-swap k: o: -tomb-pwd: r: R: -sphx-host: -sphx-user: -filesystem: " + subcommands_opts[setkey]="k: -ignore-swap -tomb-old-pwd: -tomb-pwd: r: R: -sphx-host: -sphx-user: " subcommands_opts[engrave]="k: " - subcommands_opts[passwd]="k: -ignore-swap -kdf: -kdftype: -kdfmem: -tomb-old-pwd: -tomb-pwd: r: R: -sphx-host: -sphx-user: " + subcommands_opts[passwd]="k: -ignore-swap -kdf:: -kdfiter: -kdfmem: -kdfpar: -tomb-old-pwd: -tomb-pwd: r: R: -sphx-host: -sphx-user: " subcommands_opts[close]="" subcommands_opts[help]="" subcommands_opts[slam]="" From 7f323ef6eebe94e9f01665c574105402a6c4794d Mon Sep 17 00:00:00 2001 From: Narrat Date: Fri, 26 Jul 2024 13:03:06 +0200 Subject: [PATCH 2/6] update man page for recent KDF changes --- doc/tomb.1 | 48 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 35 insertions(+), 13 deletions(-) diff --git a/doc/tomb.1 b/doc/tomb.1 index e29567e..652e34f 100644 --- a/doc/tomb.1 +++ b/doc/tomb.1 @@ -49,8 +49,10 @@ more recipient GPG ids can be indicated (comma separated). The default cipher to protect the key is AES256, a custom one can be specified using the \fI-o\fR option, for a list of supported ciphers use \fI-v\fR. For additional protection against dictionary attacks on keys, the \fI--kdf\fR option can be used when -forging a key, making sure that the binaries in \fIextras/kdf\fR were compiled -and installed on the system. +forging a key. Two KDF are currently supported: \fIargon2\fR and \fIpbkdf2\fR. +\fIpbkdf2\fR is available from \fIextras/kdf\fR and needs to be compiled and +installed on the system. \fIargon2\fR is generally available from distribution +repositories. .B .IP "lock" @@ -283,24 +285,44 @@ Provide a new set of recipient(s) to encrypt a tomb key. \fIgpg_ids\fR can be one or more GPG key ID, comma separated. All GPG keys must be trusted keys in GPG. .B -.IP "--kdf \fI\fR" -Activate the KDF feature against dictionary attacks when creating a key: forces -a delay of \fI\fR times every time this key is used. The actual time -to wait depends on the CPU speed (default) or the RAM size (argon2) of the -computer where the key is used. Using 5 or 10 is a sane amount for modern -computers, the value is multiplied by 1 million. -.B -.IP "--kdftype \fIargon2 | pbkdf2\fR" -Adopt the \fIargon2\fR algorithm for KDF, stressing the RAM capacity rather -than the CPU speed of the computer decrypting the tomb. Requires the -\fIargon2\fR binary by P-H-C to be installed, as packaged by most distros. +.IP "--kdf \fI[argon2 | pbkdf2]\fR" +Enable the KDF feature against dictionary attacks when creating a key. +An optional argument allows to choose between \fIargon2\fR or \fIpbkdf2\fR. +\fIargon2\fR is using a mix of RAM capacity, number of threads and +iterations to achieve a time cost. +\fIpbkdf2\fR is only about calculation speed to achieve a time cost. +Due to a low memory footprint and no restrictions regarding threads, this +time cost can be somewhat negated due to parallelization. Especially on +GPUs with their high number of cores. +\fIargon2\fR requires the respective binary by P-H-C to be installed, as +packaged by most distros. \fIpbkdf2\fR is available from the \fItomb\fR +sources and is a custom implementation of the algorithm. Default is \fIpbkdf2\fR. .B +.IP "--kdfiter \fI\fR" +Available for \fIargon2\fR and \fIpbkdf2\fR. In general this controls how +often the algorithm will be run. In case of \fIpbkdf2\fR the argument will +be interpret as an interval in seconds. The actual number of iterations to +achieve this delay will be calculated with \fItomb-kdb-pbkdf2-getiter\fR, +which needs to available (normally installed alongside tomb's pbkdf2 tools). +Reason being that the actual time to wait depends on the CPU speed. +OWASP recommendations from 2023 suggest a minimal iteration count of 600000 +for \fIpbkdf2\fR, which should be achieved with the current default value. +Default is 3 (based on the \fIargon2\fR default). +.B .IP "--kdfmem \fI\fR" In case of \fIargon2\fR KDF algorithm, this value specifies the size of RAM used: it consists of a number which is the elevated power of two in kilobytes. Default is 18 which is 250 MiB (2^18 = 262,144 kilobytes). .B +.IP "--kdfpar \fI<# of threads>\fR" +In case of \fIargon2\fR KDF algorithm, this value specifies the number of +threads that should be used. This helps to remedy the effects of an increased +time cost for your system whereas setups of ASICs or GPUs don't profit. Only +increase if memory or iteration got increased that much, that key decryption +takes massively longer on regular systems. +Default is 1 thread (based on the \fIargon2\fR default). +.B .IP "--sudo \fI\fR" Select a different tool than sudo for privilege escalation. Alternatives supported so far are: pkexec, doas, sup, sud. For any From 88e04b9177f702a4a21a5f6c3975efa495c46978 Mon Sep 17 00:00:00 2001 From: Narrat Date: Fri, 26 Jul 2024 13:03:57 +0200 Subject: [PATCH 3/6] remove commented code in KDF section The check if the argument of --kdfiter is an integer is unnecessary. Neither argon2 nor tomb-kdb-pbkdf2-getiter care about float input. --- tomb | 9 --------- 1 file changed, 9 deletions(-) diff --git a/tomb b/tomb index 4b079e9..6e7afc2 100755 --- a/tomb +++ b/tomb @@ -1495,15 +1495,6 @@ gen_key() { itertime="`option_value --kdfiter`" itertime=${itertime:-3} - # removing support of floating points because they can't be type checked well - # if [[ "$itertime" != <-> ]]; then - # unset tombpass - # unset tombpasstmp - # _warning "Wrong argument for --kdfiter: must be an integer number (iteration seconds)." - # _failure "Depending on the speed of machines using this tomb, use 1 to 10, or more" - # return 1 - # fi - # Generating salt (either via tomb-kdb-pbkdf2 or a shell fallback) if $(command -v tomb-kdb-pbkdf2-gensalt 1>/dev/null 2>/dev/null); then kdfsalt=`tomb-kdb-pbkdf2-gensalt` From 27707714d47e4054b2abf122537e8238e8174ff9 Mon Sep 17 00:00:00 2001 From: Narrat Date: Sun, 28 Jul 2024 20:39:08 +0200 Subject: [PATCH 4/6] extras/tests: adjust 30_kdf for KDF related changes --- extras/test/30_kdf.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/extras/test/30_kdf.sh b/extras/test/30_kdf.sh index 3262862..86a585f 100644 --- a/extras/test/30_kdf.sh +++ b/extras/test/30_kdf.sh @@ -8,7 +8,7 @@ if test_have_prereq KDF; then test_export "kdf" test_expect_success 'Testing KDF: tomb creation' ' tt_dig -s 20 && - tt_forge --tomb-pwd $DUMMYPASS --kdf 1 && + tt_forge --tomb-pwd $DUMMYPASS --kdf && print $DUMMYPASS \ | gpg --batch --passphrase-fd 0 --no-tty --no-options -d $tomb_key \ | xxd && From 651681a9fb5a63af547265d65238c45e635b818e Mon Sep 17 00:00:00 2001 From: Narrat Date: Sun, 28 Jul 2024 21:09:24 +0200 Subject: [PATCH 5/6] extras/tests: add test for argon2 functionality rename original kdf test accordingly to be pbkdf2 related. --- extras/test/30_kdf-pbkdf2.sh | 31 +++++++++++++++++++ extras/test/30_kdf.sh | 58 ------------------------------------ extras/test/31_kdf-argon2.sh | 31 +++++++++++++++++++ extras/test/setup | 1 + 4 files changed, 63 insertions(+), 58 deletions(-) create mode 100644 extras/test/30_kdf-pbkdf2.sh delete mode 100644 extras/test/30_kdf.sh create mode 100644 extras/test/31_kdf-argon2.sh diff --git a/extras/test/30_kdf-pbkdf2.sh b/extras/test/30_kdf-pbkdf2.sh new file mode 100644 index 0000000..a97f4a5 --- /dev/null +++ b/extras/test/30_kdf-pbkdf2.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env zsh + +export test_description="Testing tomb with pbkdf2 KDF key" + +source ./setup + +if test_have_prereq KDF; then + test_export "kdf" + test_expect_success 'Testing pbkdf2 KDF: tomb creation' ' + tt_dig -s 20 && + tt_forge --tomb-pwd $DUMMYPASS --kdf && + print $DUMMYPASS \ + | gpg --batch --passphrase-fd 0 --no-tty --no-options -d $tomb_key \ + | xxd && + tt_lock --tomb-pwd $DUMMYPASS + ' + + test_expect_success 'Testing pbkdf2 KDF: tomb passwd' ' + tt passwd -k $tomb_key \ + --unsafe --tomb-old-pwd $DUMMYPASS --tomb-pwd $DUMMYPASSNEW && + tt passwd -k $tomb_key \ + --unsafe --tomb-old-pwd $DUMMYPASSNEW --tomb-pwd $DUMMYPASS + ' + + test_expect_success 'Testing pbkdf2 KDF: tomb open & close' ' + tt_open --tomb-pwd $DUMMYPASS && + tt_close + ' +fi + +test_done diff --git a/extras/test/30_kdf.sh b/extras/test/30_kdf.sh deleted file mode 100644 index 86a585f..0000000 --- a/extras/test/30_kdf.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/usr/bin/env zsh - -export test_description="Testing tomb with KDF keys" - -source ./setup - -if test_have_prereq KDF; then - test_export "kdf" - test_expect_success 'Testing KDF: tomb creation' ' - tt_dig -s 20 && - tt_forge --tomb-pwd $DUMMYPASS --kdf && - print $DUMMYPASS \ - | gpg --batch --passphrase-fd 0 --no-tty --no-options -d $tomb_key \ - | xxd && - tt_lock --tomb-pwd $DUMMYPASS - ' - - test_expect_success 'Testing KDF: tomb passwd' ' - tt passwd -k $tomb_key \ - --unsafe --tomb-old-pwd $DUMMYPASS --tomb-pwd $DUMMYPASSNEW && - tt passwd -k $tomb_key \ - --unsafe --tomb-old-pwd $DUMMYPASSNEW --tomb-pwd $DUMMYPASS - ' - - test_expect_success 'Testing KDF: tomb open & close' ' - tt_open --tomb-pwd $DUMMYPASS && - tt_close - ' -fi - -# clean to avoid overwrite errors -# rm -f "$tomb_key" "$tomb" - -if test_have_prereq ARGON2; then - test_export "argon2" - test_expect_success 'Testing KDF ARGON2: tomb creation' ' - tt_dig -s 20 && - tt_forge --tomb-pwd $DUMMYPASS --kdftype argon2 --kdfmem 18 --kdf 1 && - print $DUMMYPASS \ - | gpg --batch --passphrase-fd 0 --no-tty --no-options -d $tomb_key \ - | xxd && - tt_lock --tomb-pwd $DUMMYPASS - ' - - test_expect_success 'Testing KDF ARGON2: tomb passwd' ' - tt passwd -k $tomb_key \ - --unsafe --tomb-old-pwd $DUMMYPASS --tomb-pwd $DUMMYPASSNEW && - tt passwd -k $tomb_key \ - --unsafe --tomb-old-pwd $DUMMYPASSNEW --tomb-pwd $DUMMYPASS - ' - - test_expect_success 'Testing KDF ARGON2: tomb open & close' ' - tt_open --tomb-pwd $DUMMYPASS && - tt_close - ' -fi - -test_done diff --git a/extras/test/31_kdf-argon2.sh b/extras/test/31_kdf-argon2.sh new file mode 100644 index 0000000..9aa7157 --- /dev/null +++ b/extras/test/31_kdf-argon2.sh @@ -0,0 +1,31 @@ +#!/usr/bin/env zsh + +export test_description="Testing tomb with argon2 KDF key" + +source ./setup + +if test_have_prereq ARGON; then + test_export "argon" + test_expect_success 'Testing argon2 KDF: tomb creation' ' + tt_dig -s 20 && + tt_forge --tomb-pwd $DUMMYPASS --kdf argon2 && + print $DUMMYPASS \ + | gpg --batch --passphrase-fd 0 --no-tty --no-options -d $tomb_key \ + | xxd && + tt_lock --tomb-pwd $DUMMYPASS + ' + + test_expect_success 'Testing argon2 KDF: tomb passwd' ' + tt passwd -k $tomb_key --kdf argon2 \ + --unsafe --tomb-old-pwd $DUMMYPASS --tomb-pwd $DUMMYPASSNEW && + tt passwd -k $tomb_key --kdf argon2 \ + --unsafe --tomb-old-pwd $DUMMYPASSNEW --tomb-pwd $DUMMYPASS + ' + + test_expect_success 'Testing argon2 KDF: tomb open & close' ' + tt_open --tomb-pwd $DUMMYPASS && + tt_close + ' +fi + +test_done diff --git a/extras/test/setup b/extras/test/setup index 91b5f5b..d939019 100755 --- a/extras/test/setup +++ b/extras/test/setup @@ -50,6 +50,7 @@ MEDIA="/media" command -v steghide > /dev/null && test_set_prereq STEGHIDE command -v e2fsck resize2fs > /dev/null && test_set_prereq RESIZER command -v tomb-kdb-pbkdf2 > /dev/null && test_set_prereq KDF +command -v argon2 > /dev/null && test_set_prereq ARGON command -v qrencode > /dev/null && test_set_prereq QRENCODE command -v lsof > /dev/null && test_set_prereq LSOF command -v python3 > /dev/null && test_set_prereq PYTHON3 From 40ee08c3b46465ce58365cb363f303f41fb9a193 Mon Sep 17 00:00:00 2001 From: Narrat Date: Wed, 30 Oct 2024 22:10:12 +0100 Subject: [PATCH 6/6] argument for --kdf required again While possible to make the argument optional, it introduced some wonkyness. It kinda required a fixed ordering of arguments then, which wasn't needed before. --- doc/tomb.1 | 3 ++- extras/test/30_kdf-pbkdf2.sh | 2 +- tomb | 11 +++++------ 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/doc/tomb.1 b/doc/tomb.1 index 652e34f..5bd0c50 100644 --- a/doc/tomb.1 +++ b/doc/tomb.1 @@ -287,7 +287,8 @@ trusted keys in GPG. .B .IP "--kdf \fI[argon2 | pbkdf2]\fR" Enable the KDF feature against dictionary attacks when creating a key. -An optional argument allows to choose between \fIargon2\fR or \fIpbkdf2\fR. +The required argument currently allows to choose between \fIargon2\fR +or \fIpbkdf2\fR. \fIargon2\fR is using a mix of RAM capacity, number of threads and iterations to achieve a time cost. \fIpbkdf2\fR is only about calculation speed to achieve a time cost. diff --git a/extras/test/30_kdf-pbkdf2.sh b/extras/test/30_kdf-pbkdf2.sh index a97f4a5..f89cc5d 100644 --- a/extras/test/30_kdf-pbkdf2.sh +++ b/extras/test/30_kdf-pbkdf2.sh @@ -8,7 +8,7 @@ if test_have_prereq KDF; then test_export "kdf" test_expect_success 'Testing pbkdf2 KDF: tomb creation' ' tt_dig -s 20 && - tt_forge --tomb-pwd $DUMMYPASS --kdf && + tt_forge --tomb-pwd $DUMMYPASS --kdf pbkdf2 && print $DUMMYPASS \ | gpg --batch --passphrase-fd 0 --no-tty --no-options -d $tomb_key \ | xxd && diff --git a/tomb b/tomb index 6e7afc2..707a52d 100755 --- a/tomb +++ b/tomb @@ -751,7 +751,7 @@ usage() { _print " --sudo super user exec alternative to sudo (doas or none)" [[ $KDF == 1 ]] || [[ $ARGON2 == 1 ]] && { - _print " --kdf forge keys armored against dictionary attacks (pbkdf2 (default), argon2)" + _print " --kdf forge keys armored against dictionary attacks (pbkdf2, argon2)" _print " --kdfiter Number of iterations (meaning depending on KDF algorithm) (pbkdf2, argon2)" } [[ $ARGON2 == 1 ]] && { @@ -1503,10 +1503,8 @@ gen_key() { fi _message "kdf salt: ::1 kdfsalt::" $kdfsalt - # --kdf takes one optional parameter: what KDF - # (pbkdf2 being the default) + # --kdf takes one parameter: what KDF kdftype="`option_value --kdf`" - kdftype=${kdftype:-pbkdf2} case ${kdftype} in pbkdf2) local -i microseconds @@ -1534,6 +1532,7 @@ gen_key() { *) _warning "unrecognized KDF ::1::" $kdftype _warning "key won\'t be protected via a KDF implementation" + _warning "only pbkdf2 and argon2 are valid arguments" ;; esac } @@ -3155,13 +3154,13 @@ main() { subcommands_opts[create]="" # deprecated, will issue warning # -o in forge and lock is used to pass an alternate cipher. - subcommands_opts[forge]="-ignore-swap k: -kdf:: -kdfiter: -kdfmem: -kdfpar: o: -tomb-pwd: -use-random r: R: -sphx-host: -sphx-user: " + subcommands_opts[forge]="-ignore-swap k: -kdf: -kdfiter: -kdfmem: -kdfpar: o: -tomb-pwd: -use-random r: R: -sphx-host: -sphx-user: " subcommands_opts[dig]="-ignore-swap s: -size=s " subcommands_opts[lock]="-ignore-swap k: o: -tomb-pwd: r: R: -sphx-host: -sphx-user: -filesystem: " subcommands_opts[setkey]="k: -ignore-swap -tomb-old-pwd: -tomb-pwd: r: R: -sphx-host: -sphx-user: " subcommands_opts[engrave]="k: " - subcommands_opts[passwd]="k: -ignore-swap -kdf:: -kdfiter: -kdfmem: -kdfpar: -tomb-old-pwd: -tomb-pwd: r: R: -sphx-host: -sphx-user: " + subcommands_opts[passwd]="k: -ignore-swap -kdf: -kdfiter: -kdfmem: -kdfpar: -tomb-old-pwd: -tomb-pwd: r: R: -sphx-host: -sphx-user: " subcommands_opts[close]="" subcommands_opts[help]="" subcommands_opts[slam]=""