From b014a9a4409e162a801f749efc50f34093985268 Mon Sep 17 00:00:00 2001 From: Peter Cai Date: Mon, 10 Oct 2022 20:13:52 -0400 Subject: [PATCH] Concatenate the symmetric keys instead of using HMAC-SHA256 There is no point trying to KDF here. Gocryptfs does its own KDF anyway (https://nuetzlich.net/gocryptfs/forward_mode_crypto/), and a leaked gocryptfs password is not really in our security model (because that compromises the entire storage in any case). --- README.md | 3 +-- gocrypt.bash | 22 +++++++--------------- 2 files changed, 8 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index 29c1d20..71fd177 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ of the original password store (`gocrypt/`), and all read operations from `pass` without any special care (other than remembering to unlock the subtree first). The encrypted subdirectory is stored in the original password store under `.gocrypt/`, and can be managed by `git` just like how it was without encryption. -The biggest caveat of this is that write operations (such as `edit` and `generate`) **has** to be prefixed by the `gocrypt` subcommand +The biggest caveat of this is that write operations (such as `edit` and `generate`) **have** to be prefixed by the `gocrypt` subcommand to ensure compatibility when the outer password store is a git repository. Without the prefix, git commits that are normally created automatically by `pass` will not be generated during a write. See the Usage section of this document for examples. @@ -41,7 +41,6 @@ Dependencies: - pass - bash -- perl - gocryptfs Usage diff --git a/gocrypt.bash b/gocrypt.bash index d33c97c..d5bf021 100755 --- a/gocrypt.bash +++ b/gocrypt.bash @@ -9,7 +9,6 @@ readonly gocrypt_needs_passphrase_marker=".gocrypt-needs-passphrase" gocrypt_sys_check() { which gocryptfs > /dev/null || gocrypt_die "gocryptfs not found in PATH" - which perl > /dev/null || gocrypt_die "perl not found in PATH" } gocrypt_env_check() { @@ -36,13 +35,6 @@ _cmd_git() { [ -d '.git' ] && cmd_git "$@" } -gocrypt_derive_password() { - local data="$1" - local key="$2" - - perl <<< "use Digest::SHA qw(hmac_sha256_hex);\$digest=hmac_sha256_hex(\"$data\n\", \"$key\");print(\$digest);" -} - gocrypt_init() { local needs_passphrase=false local passphrase="" @@ -67,7 +59,6 @@ gocrypt_init() { if $needs_passphrase; then echo -n "Enter passphrase: " read -s passphrase - [[ "$passphrase" =~ [^a-zA-Z0-9\ ] ]] && gocrypt_die "Only alphanumeric characters are allowed for now" local passphrase_confirm="" echo echo -n "Confirm passphrase: " @@ -84,7 +75,7 @@ gocrypt_init() { mkdir "$gocrypt_dir" if $needs_passphrase; then touch "$gocrypt_needs_passphrase_marker" - gocrypt_passwd="$(gocrypt_derive_password "$gocrypt_passwd" "$passphrase")" + gocrypt_passwd="$gocrypt_passwd$passphrase" fi gocryptfs -passfile /dev/stdin -init "$gocrypt_dir" <<< "$gocrypt_passwd" || gocrypt_die "Unable to initialize gocryptfs" @@ -121,7 +112,7 @@ gocrypt_open() { local passphrase="" echo -n "Enter passphrase: " read -s passphrase - gocrypt_passwd="$(gocrypt_derive_password "$gocrypt_passwd" "$passphrase")" + gocrypt_passwd="$gocrypt_passwd$passphrase" fi fi @@ -169,10 +160,11 @@ usage You can optionally use an extra piece of symmetric passphrase to encrypt the subdirectory, by passing the argument -p or --passphrase when invoking this command to initialize. In this case, - the passphrase you input will be used along with the generated password to derive a new master - password for gocryptfs. This second piece of passphrase will not be stored in the password store, - and you will be asked for it every time you invoke \`$PROGRAM gocrypt open\`. This mode adds an - extra layer of protection in case the gpg-encrypted master password is somehow compromised. + the passphrase you input will be used along with the generated password to derive the encryption + key (KEK) of the master key of gocryptfs. This second piece of passphrase will not be stored in + the password store, and you will be asked for it every time you invoke \`$PROGRAM gocrypt open\`. + This mode adds an extra layer of protection in case the gpg-encrypted master password is somehow + compromised. $PROGRAM gocrypt open Mount the encrypted subdirectory to \$PASSWORD_STORE_DIR/$gocrypt_dec_dir.