Concatenate the symmetric keys instead of using HMAC-SHA256

There is no point trying to KDF here. Gocryptfs does its own KDF anyway (https://nuetzlich.net/gocryptfs/forward_mode_crypto/), and a leaked gocryptfs password is not really in our security model (because that compromises the entire storage in any case).
6 months ago · b014a9a440
parent 518e38b11b
commit b014a9a440
2 changed files with 8 additions and 17 deletions
--- a/README.md
+++ b/README.md
@ -25,7 +25,7 @@ of the original password store (`gocrypt/`), and all read operations from `pass`
 without any special care (other than remembering to unlock the subtree first). The encrypted subdirectory is stored in the original
 password store under `.gocrypt/`, and can be managed by `git` just like how it was without encryption.

-The biggest caveat of this is that write operations (such as `edit` and `generate`) **has** to be prefixed by the `gocrypt` subcommand
+The biggest caveat of this is that write operations (such as `edit` and `generate`) **have** to be prefixed by the `gocrypt` subcommand
 to ensure compatibility when the outer password store is a git repository. Without the prefix, git commits that are normally created
 automatically by `pass` will not be generated during a write. See the Usage section of this document for examples.

@ -41,7 +41,6 @@ Dependencies:

 - pass
 - bash
- perl
 - gocryptfs

 Usage
--- a/gocrypt.bash
+++ b/gocrypt.bash
@ -9,7 +9,6 @@ readonly gocrypt_needs_passphrase_marker=".gocrypt-needs-passphrase"

 gocrypt_sys_check() {
    which gocryptfs > /dev/null || gocrypt_die "gocryptfs not found in PATH"
-    which perl > /dev/null || gocrypt_die "perl not found in PATH"
 }

 gocrypt_env_check() {
@ -36,13 +35,6 @@ _cmd_git() {
    [ -d '.git' ] && cmd_git "$@"
 }

-gocrypt_derive_password() {
-    local data="$1"
-    local key="$2"
-
-    perl <<< "use Digest::SHA qw(hmac_sha256_hex);\$digest=hmac_sha256_hex(\"$data\n\", \"$key\");print(\$digest);"
-}
-
 gocrypt_init() {
    local needs_passphrase=false
    local passphrase=""
@ -67,7 +59,6 @@ gocrypt_init() {
    if $needs_passphrase; then
        echo -n "Enter passphrase: "
        read -s passphrase
-        [[ "$passphrase" =~ [^a-zA-Z0-9\ ] ]] && gocrypt_die "Only alphanumeric characters are allowed for now"
        local passphrase_confirm=""
        echo
        echo -n "Confirm passphrase: "
@ -84,7 +75,7 @@ gocrypt_init() {
    mkdir "$gocrypt_dir"
    if $needs_passphrase; then
        touch "$gocrypt_needs_passphrase_marker"
-        gocrypt_passwd="$(gocrypt_derive_password "$gocrypt_passwd" "$passphrase")"
+        gocrypt_passwd="$gocrypt_passwd$passphrase"
    fi
    gocryptfs -passfile /dev/stdin -init "$gocrypt_dir" <<< "$gocrypt_passwd" || gocrypt_die "Unable to initialize gocryptfs"

@ -121,7 +112,7 @@ gocrypt_open() {
            local passphrase=""
            echo -n "Enter passphrase: "
            read -s passphrase
-            gocrypt_passwd="$(gocrypt_derive_password "$gocrypt_passwd" "$passphrase")"
+            gocrypt_passwd="$gocrypt_passwd$passphrase"
        fi
    fi

@ -169,10 +160,11 @@ usage

        You can optionally use an extra piece of symmetric passphrase to encrypt the subdirectory, by
        passing the argument -p or --passphrase when invoking this command to initialize. In this case,
-        the passphrase you input will be used along with the generated password to derive a new master
-        password for gocryptfs. This second piece of passphrase will not be stored in the password store,
-        and you will be asked for it every time you invoke \`$PROGRAM gocrypt open\`. This mode adds an
-        extra layer of protection in case the gpg-encrypted master password is somehow compromised.
+        the passphrase you input will be used along with the generated password to derive the encryption
+        key (KEK) of the master key of gocryptfs. This second piece of passphrase will not be stored in
+        the password store, and you will be asked for it every time you invoke \`$PROGRAM gocrypt open\`.
+        This mode adds an extra layer of protection in case the gpg-encrypted master password is somehow
+        compromised.

    $PROGRAM gocrypt open
        Mount the encrypted subdirectory to \$PASSWORD_STORE_DIR/$gocrypt_dec_dir.