s2k
This commit is contained in:
NIIBE Yutaka
10
ChangeLog
10
ChangeLog
@@ -1,3 +1,13 @@
|
|||||||
|
2012-06-30 Niibe Yutaka <gniibe@fsij.org>
|
||||||
|
|
||||||
|
* src/openpgp.c (s2k): New.
|
||||||
|
(resetcode_s2k): Remove.
|
||||||
|
(cmd_reset_user_password, cmd_change_password): Use s2k (was:
|
||||||
|
sha256 directly or resetcode_s2k).
|
||||||
|
* src/openpgp-do.c (proc_resetting_code, gpg_do_write_prvkey):
|
||||||
|
Likewise.
|
||||||
|
* src/ac.c (verify_user_0, verify_admin): Likewise.
|
||||||
|
|
||||||
2012-06-29 Niibe Yutaka <gniibe@fsij.org>
|
2012-06-29 Niibe Yutaka <gniibe@fsij.org>
|
||||||
|
|
||||||
* regnual/Makefile: Don't copy usb_lld.c.
|
* regnual/Makefile: Don't copy usb_lld.c.
|
||||||
|
|||||||
4
NEWS
4
NEWS
@@ -13,6 +13,10 @@ This tool is SWD flash ROM writer with ST-Link/V2.
|
|||||||
This tool is to dump USB strings, which include revision detail and config
|
This tool is to dump USB strings, which include revision detail and config
|
||||||
options.
|
options.
|
||||||
|
|
||||||
|
** Protection improvement (even when internal data is disclosed)
|
||||||
|
Even if PW1 and PW3 is same, content of encrypted DEK is different
|
||||||
|
now.
|
||||||
|
|
||||||
|
|
||||||
* Major changes in Gnuk 0.20
|
* Major changes in Gnuk 0.20
|
||||||
|
|
||||||
|
|||||||
6
src/ac.c
6
src/ac.c
@@ -1,7 +1,7 @@
|
|||||||
/*
|
/*
|
||||||
* ac.c -- Check access condition
|
* ac.c -- Check access condition
|
||||||
*
|
*
|
||||||
* Copyright (C) 2010 Free Software Initiative of Japan
|
* Copyright (C) 2010, 2012 Free Software Initiative of Japan
|
||||||
* Author: NIIBE Yutaka <gniibe@fsij.org>
|
* Author: NIIBE Yutaka <gniibe@fsij.org>
|
||||||
*
|
*
|
||||||
* This file is a part of Gnuk, a GnuPG USB Token implementation.
|
* This file is a part of Gnuk, a GnuPG USB Token implementation.
|
||||||
@@ -87,7 +87,7 @@ verify_user_0 (uint8_t access, const uint8_t *pw, int buf_len, int pw_len_known,
|
|||||||
}
|
}
|
||||||
|
|
||||||
success_one_step:
|
success_one_step:
|
||||||
sha256 (pw, pw_len, keystring);
|
s2k (BY_USER, pw, pw_len, keystring);
|
||||||
if (access == AC_PSO_CDS_AUTHORIZED)
|
if (access == AC_PSO_CDS_AUTHORIZED)
|
||||||
{
|
{
|
||||||
r1 = gpg_do_load_prvkey (GPG_KEY_FOR_SIGNING, BY_USER, keystring);
|
r1 = gpg_do_load_prvkey (GPG_KEY_FOR_SIGNING, BY_USER, keystring);
|
||||||
@@ -280,7 +280,7 @@ verify_admin (const uint8_t *pw, int pw_len)
|
|||||||
if (r <= 0)
|
if (r <= 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
sha256 (pw, pw_len, keystring_md_pw3);
|
s2k (BY_ADMIN, pw, pw_len, keystring_md_pw3);
|
||||||
auth_status |= AC_ADMIN_AUTHORIZED;
|
auth_status |= AC_ADMIN_AUTHORIZED;
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -194,8 +194,8 @@ struct prvkey_data {
|
|||||||
#define BY_RESETCODE 2
|
#define BY_RESETCODE 2
|
||||||
#define BY_ADMIN 3
|
#define BY_ADMIN 3
|
||||||
|
|
||||||
extern void resetcode_s2k (const unsigned char *input, unsigned int ilen,
|
extern void s2k (int who, const unsigned char *input, unsigned int ilen,
|
||||||
unsigned char output[32]);
|
unsigned char output[32]);
|
||||||
|
|
||||||
|
|
||||||
#define KEYSTRING_PASSLEN_SIZE 1
|
#define KEYSTRING_PASSLEN_SIZE 1
|
||||||
|
|||||||
@@ -28,7 +28,6 @@
|
|||||||
#include "sys.h"
|
#include "sys.h"
|
||||||
#include "gnuk.h"
|
#include "gnuk.h"
|
||||||
#include "openpgp.h"
|
#include "openpgp.h"
|
||||||
#include "sha256.h"
|
|
||||||
|
|
||||||
#include "polarssl/config.h"
|
#include "polarssl/config.h"
|
||||||
#include "polarssl/aes.h"
|
#include "polarssl/aes.h"
|
||||||
@@ -543,7 +542,7 @@ proc_resetting_code (const uint8_t *data, int len)
|
|||||||
|
|
||||||
newpw_len = len;
|
newpw_len = len;
|
||||||
newpw = data;
|
newpw = data;
|
||||||
resetcode_s2k (newpw, newpw_len, new_ks);
|
s2k (BY_RESETCODE, newpw, newpw_len, new_ks);
|
||||||
new_ks0[0] = newpw_len;
|
new_ks0[0] = newpw_len;
|
||||||
r = gpg_change_keystring (admin_authorized, old_ks, BY_RESETCODE, new_ks);
|
r = gpg_change_keystring (admin_authorized, old_ks, BY_RESETCODE, new_ks);
|
||||||
if (r <= -2)
|
if (r <= -2)
|
||||||
@@ -809,8 +808,8 @@ gpg_do_write_prvkey (enum kind_of_key kk, const uint8_t *key_data, int key_len,
|
|||||||
uint8_t ks123_pw1[KEYSTRING_SIZE_PW1];
|
uint8_t ks123_pw1[KEYSTRING_SIZE_PW1];
|
||||||
|
|
||||||
ks123_pw1[0] = strlen (OPENPGP_CARD_INITIAL_PW1);
|
ks123_pw1[0] = strlen (OPENPGP_CARD_INITIAL_PW1);
|
||||||
sha256 ((uint8_t *)OPENPGP_CARD_INITIAL_PW1,
|
s2k (BY_USER, (uint8_t *)OPENPGP_CARD_INITIAL_PW1,
|
||||||
strlen (OPENPGP_CARD_INITIAL_PW1), ks123_pw1+1);
|
strlen (OPENPGP_CARD_INITIAL_PW1), ks123_pw1+1);
|
||||||
encrypt_dek (ks123_pw1+1, pd->dek_encrypted_1);
|
encrypt_dek (ks123_pw1+1, pd->dek_encrypted_1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1297,8 +1296,8 @@ copy_do (const struct do_table_entry *do_p, int with_tag)
|
|||||||
}
|
}
|
||||||
case DO_PROC_READWRITE:
|
case DO_PROC_READWRITE:
|
||||||
{
|
{
|
||||||
int (*rw_func)(uint16_t, int, uint8_t *, int, int)
|
int (*rw_func)(uint16_t, int, const uint8_t *, int, int)
|
||||||
= (int (*)(uint16_t, int, uint8_t *, int, int))do_p->obj;
|
= (int (*)(uint16_t, int, const uint8_t *, int, int))do_p->obj;
|
||||||
|
|
||||||
return rw_func (do_p->tag, with_tag, NULL, 0, 0);
|
return rw_func (do_p->tag, with_tag, NULL, 0, 0);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -295,8 +295,8 @@ cmd_change_password (void)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sha256 (pw, pw_len, old_ks);
|
s2k (who_old, pw, pw_len, old_ks);
|
||||||
sha256 (newpw, newpw_len, new_ks);
|
s2k (who, newpw, newpw_len, new_ks);
|
||||||
new_ks0[0] = newpw_len;
|
new_ks0[0] = newpw_len;
|
||||||
|
|
||||||
r = gpg_change_keystring (who_old, old_ks, who, new_ks);
|
r = gpg_change_keystring (who_old, old_ks, who, new_ks);
|
||||||
@@ -335,18 +335,24 @@ cmd_change_password (void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
#define USER_S2K_MAGIC "\xffUSER\r\n"
|
||||||
#define RESETCODE_S2K_MAGIC "\xffRESET\r\n"
|
#define RESETCODE_S2K_MAGIC "\xffRESET\r\n"
|
||||||
|
|
||||||
void
|
void
|
||||||
resetcode_s2k (const unsigned char *input, unsigned int ilen,
|
s2k (int who, const unsigned char *input, unsigned int ilen,
|
||||||
unsigned char output[32])
|
unsigned char output[32])
|
||||||
{
|
{
|
||||||
sha256_context ctx;
|
sha256_context ctx;
|
||||||
|
|
||||||
sha256_start (&ctx);
|
sha256_start (&ctx);
|
||||||
sha256_update (&ctx, input, ilen);
|
sha256_update (&ctx, input, ilen);
|
||||||
sha256_update (&ctx, (unsigned char *)RESETCODE_S2K_MAGIC,
|
if (who == BY_USER)
|
||||||
sizeof (RESETCODE_S2K_MAGIC));
|
sha256_update (&ctx, (unsigned char *)USER_S2K_MAGIC,
|
||||||
|
sizeof (USER_S2K_MAGIC));
|
||||||
|
else if (who == BY_RESETCODE)
|
||||||
|
sha256_update (&ctx, (unsigned char *)RESETCODE_S2K_MAGIC,
|
||||||
|
sizeof (RESETCODE_S2K_MAGIC));
|
||||||
|
/* Not add any for BY_ADMIN */
|
||||||
sha256_finish (&ctx, output);
|
sha256_finish (&ctx, output);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -391,8 +397,8 @@ cmd_reset_user_password (void)
|
|||||||
pw_len = ks_rc[0];
|
pw_len = ks_rc[0];
|
||||||
newpw = pw + pw_len;
|
newpw = pw + pw_len;
|
||||||
newpw_len = len - pw_len;
|
newpw_len = len - pw_len;
|
||||||
resetcode_s2k (pw, pw_len, old_ks);
|
s2k (BY_RESETCODE, pw, pw_len, old_ks);
|
||||||
sha256 (newpw, newpw_len, new_ks);
|
s2k (BY_USER, newpw, newpw_len, new_ks);
|
||||||
new_ks0[0] = newpw_len;
|
new_ks0[0] = newpw_len;
|
||||||
r = gpg_change_keystring (BY_RESETCODE, old_ks, BY_USER, new_ks);
|
r = gpg_change_keystring (BY_RESETCODE, old_ks, BY_USER, new_ks);
|
||||||
if (r <= -2)
|
if (r <= -2)
|
||||||
@@ -443,7 +449,7 @@ cmd_reset_user_password (void)
|
|||||||
|
|
||||||
newpw_len = len;
|
newpw_len = len;
|
||||||
newpw = pw;
|
newpw = pw;
|
||||||
sha256 (newpw, newpw_len, new_ks);
|
s2k (BY_USER, newpw, newpw_len, new_ks);
|
||||||
new_ks0[0] = newpw_len;
|
new_ks0[0] = newpw_len;
|
||||||
r = gpg_change_keystring (admin_authorized, old_ks, BY_USER, new_ks);
|
r = gpg_change_keystring (admin_authorized, old_ks, BY_USER, new_ks);
|
||||||
if (r <= -2)
|
if (r <= -2)
|
||||||
|
|||||||
Reference in New Issue
Block a user