diff --git a/init_dir.go b/init_dir.go index 70ba2ed..7953870 100644 --- a/init_dir.go +++ b/init_dir.go @@ -86,9 +86,17 @@ func initDir(args *argContainer) { fido2HmacSalt = nil } creator := tlog.ProgramName + " " + GitVersion - err = configfile.Create(args.config, password, args.plaintextnames, - args.scryptn, creator, args.aessiv, args.devrandom, fido2CredentialID, fido2HmacSalt, - args.deterministic_names) + err = configfile.Create2(&configfile.CreateArgs{ + Filename: args.config, + Password: password, + PlaintextNames: args.plaintextnames, + LogN: args.scryptn, + Creator: creator, + AESSIV: args.aessiv, + Devrandom: args.devrandom, + Fido2CredentialID: fido2CredentialID, + Fido2HmacSalt: fido2HmacSalt, + DeterministicNames: args.deterministic_names}) if err != nil { tlog.Fatal.Println(err) os.Exit(exitcodes.WriteConf) diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go index b54bd51..db29f43 100644 --- a/internal/configfile/config_file.go +++ b/internal/configfile/config_file.go @@ -76,44 +76,75 @@ func randBytesDevRandom(n int) []byte { return b } -// Create - create a new config with a random key encrypted with -// "password" and write it to "filename". -// Uses scrypt with cost parameter logN. +// CreateArgs exists because the argument list to Create became too long. +type CreateArgs struct { + Filename string + Password []byte + PlaintextNames bool + LogN int + Creator string + AESSIV bool + Devrandom bool + Fido2CredentialID []byte + Fido2HmacSalt []byte + DeterministicNames bool +} + func Create(filename string, password []byte, plaintextNames bool, logN int, creator string, aessiv bool, devrandom bool, fido2CredentialID []byte, fido2HmacSalt []byte, deterministicNames bool) error { + args := CreateArgs{ + Filename: filename, + Password: password, + PlaintextNames: plaintextNames, + LogN: logN, + Creator: creator, + AESSIV: aessiv, + Devrandom: devrandom, + Fido2CredentialID: fido2CredentialID, + Fido2HmacSalt: fido2HmacSalt, + DeterministicNames: deterministicNames, + } + log.Panicf("Use Create2(%#v) instead\n", args) + return nil +} + +// Create - create a new config with a random key encrypted with +// "Password" and write it to "Filename". +// Uses scrypt with cost parameter "LogN". +func Create2(args *CreateArgs) error { var cf ConfFile - cf.filename = filename - cf.Creator = creator + cf.filename = args.Filename + cf.Creator = args.Creator cf.Version = contentenc.CurrentVersion // Set feature flags cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagGCMIV128]) cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagHKDF]) - if plaintextNames { + if args.PlaintextNames { cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagPlaintextNames]) } else { - if !deterministicNames { + if !args.DeterministicNames { cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagDirIV]) } cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagEMENames]) cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagLongNames]) cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagRaw64]) } - if aessiv { + if args.AESSIV { cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagAESSIV]) } - if len(fido2CredentialID) > 0 { + if len(args.Fido2CredentialID) > 0 { cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagFIDO2]) cf.FIDO2 = &FIDO2Params{ - CredentialID: fido2CredentialID, - HMACSalt: fido2HmacSalt, + CredentialID: args.Fido2CredentialID, + HMACSalt: args.Fido2HmacSalt, } } { // Generate new random master key var key []byte - if devrandom { + if args.Devrandom { key = randBytesDevRandom(cryptocore.KeyLen) } else { key = cryptocore.RandBytes(cryptocore.KeyLen) @@ -122,7 +153,7 @@ func Create(filename string, password []byte, plaintextNames bool, // Encrypt it using the password // This sets ScryptObject and EncryptedKey // Note: this looks at the FeatureFlags, so call it AFTER setting them. - cf.EncryptKey(key, password, logN) + cf.EncryptKey(key, args.Password, args.LogN) for i := range key { key[i] = 0 } diff --git a/internal/configfile/config_test.go b/internal/configfile/config_test.go index 17ca80c..659ddd9 100644 --- a/internal/configfile/config_test.go +++ b/internal/configfile/config_test.go @@ -62,7 +62,11 @@ func TestLoadV2StrangeFeature(t *testing.T) { } func TestCreateConfDefault(t *testing.T) { - err := Create("config_test/tmp.conf", testPw, false, 10, "test", false, false, nil, nil, false) + err := Create2(&CreateArgs{ + Filename: "config_test/tmp.conf", + Password: testPw, + LogN: 10, + Creator: "test"}) if err != nil { t.Fatal(err) } @@ -83,14 +87,24 @@ func TestCreateConfDefault(t *testing.T) { } func TestCreateConfDevRandom(t *testing.T) { - err := Create("config_test/tmp.conf", testPw, false, 10, "test", false, true, nil, nil, false) + err := Create2(&CreateArgs{ + Filename: "config_test/tmp.conf", + Password: testPw, + LogN: 10, + Creator: "test", + Devrandom: true}) if err != nil { t.Fatal(err) } } func TestCreateConfPlaintextnames(t *testing.T) { - err := Create("config_test/tmp.conf", testPw, true, 10, "test", false, false, nil, nil, false) + err := Create2(&CreateArgs{ + Filename: "config_test/tmp.conf", + Password: testPw, + PlaintextNames: true, + LogN: 10, + Creator: "test"}) if err != nil { t.Fatal(err) } @@ -111,7 +125,12 @@ func TestCreateConfPlaintextnames(t *testing.T) { // Reverse mode uses AESSIV func TestCreateConfFileAESSIV(t *testing.T) { - err := Create("config_test/tmp.conf", testPw, false, 10, "test", true, false, nil, nil, false) + err := Create2(&CreateArgs{ + Filename: "config_test/tmp.conf", + Password: testPw, + LogN: 10, + Creator: "test", + AESSIV: true}) if err != nil { t.Fatal(err) }