diff --git a/cryptfs/config_file.go b/cryptfs/config_file.go index a0ab218..be37c60 100644 --- a/cryptfs/config_file.go +++ b/cryptfs/config_file.go @@ -35,8 +35,9 @@ type ConfFile struct { } // CreateConfFile - create a new config with a random key encrypted with -// "password" and write it to "filename" -func CreateConfFile(filename string, password string, plaintextNames bool) error { +// "password" and write it to "filename". +// Uses scrypt with cost parameter logN. +func CreateConfFile(filename string, password string, plaintextNames bool, logN int) error { var cf ConfFile cf.filename = filename @@ -45,7 +46,7 @@ func CreateConfFile(filename string, password string, plaintextNames bool) error // Encrypt it using the password // This sets ScryptObject and EncryptedKey - cf.EncryptKey(key, password) + cf.EncryptKey(key, password, logN) // Set defaults cf.Version = HEADER_CURRENT_VERSION @@ -109,10 +110,12 @@ func LoadConfFile(filename string, password string) ([]byte, *ConfFile, error) { } // EncryptKey - encrypt "key" using an scrypt hash generated from "password" -// and store it in cf.EncryptedKey -func (cf *ConfFile) EncryptKey(key []byte, password string) { +// and store it in cf.EncryptedKey. +// Uses scrypt with cost parameter logN and stores the scrypt parameters in +// cf.ScryptObject. +func (cf *ConfFile) EncryptKey(key []byte, password string, logN int) { // Generate derived key from password - cf.ScryptObject = NewScryptKdf() + cf.ScryptObject = NewScryptKdf(logN) scryptHash := cf.ScryptObject.DeriveKey(password) // Lock master key using password-based key diff --git a/cryptfs/config_test.go b/cryptfs/config_test.go index e052428..1c5a375 100644 --- a/cryptfs/config_test.go +++ b/cryptfs/config_test.go @@ -59,7 +59,7 @@ func TestLoadV2StrangeFeature(t *testing.T) { } func TestCreateConfFile(t *testing.T) { - err := CreateConfFile("config_test/tmp.conf", "test", false) + err := CreateConfFile("config_test/tmp.conf", "test", false, 0) if err != nil { t.Fatal(err) } diff --git a/cryptfs/kdf.go b/cryptfs/kdf.go index 32870cd..73be0bb 100644 --- a/cryptfs/kdf.go +++ b/cryptfs/kdf.go @@ -1,6 +1,8 @@ package cryptfs import ( + "os" + "math" "fmt" "golang.org/x/crypto/scrypt" ) @@ -8,7 +10,7 @@ import ( const ( // 1 << 16 uses 64MB of memory, // takes 4 seconds on my Atom Z3735F netbook - SCRYPT_DEFAULT_N = 1 << 16 + SCRYPT_DEFAULT_LOGN = 16 ) type scryptKdf struct { @@ -19,10 +21,18 @@ type scryptKdf struct { KeyLen int } -func NewScryptKdf() scryptKdf { +func NewScryptKdf(logN int) scryptKdf { var s scryptKdf s.Salt = RandBytes(KEY_LEN) - s.N = SCRYPT_DEFAULT_N + if logN <= 0 { + s.N = 1 << SCRYPT_DEFAULT_LOGN + } else { + if logN < 10 { + fmt.Printf("Error: scryptn below 10 is too low to make sense. Aborting.") + os.Exit(1) + } + s.N = 1 << uint32(logN) + } s.R = 8 // Always 8 s.P = 1 // Always 1 s.KeyLen = KEY_LEN @@ -36,3 +46,9 @@ func (s *scryptKdf) DeriveKey(pw string) []byte { } return k } + +// LogN - N is saved as 2^LogN, but LogN is much easier to work with. +// This function gives you LogN = Log2(N). +func (s *scryptKdf) LogN() int { + return int(math.Log2(float64(s.N))+0.5) +} diff --git a/integration_tests/cli_test.go b/integration_tests/cli_test.go index d79b877..7047edb 100644 --- a/integration_tests/cli_test.go +++ b/integration_tests/cli_test.go @@ -17,7 +17,7 @@ func TestInit(t *testing.T) { if err != nil { t.Fatal(err) } - cmd := exec.Command(gocryptfsBinary, "-init", "-extpass", "echo test", dir) + cmd := exec.Command(gocryptfsBinary, "-init", "-extpass", "echo test", "-scryptn=10", dir) if testing.Verbose() { cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr @@ -52,7 +52,7 @@ func TestInitConfig(t *testing.T) { t.Fatal(err) } cmd := exec.Command(gocryptfsBinary, "-init", "-extpass", "echo test", - "-config", config, dir) + "-config", config, "-scryptn=10", dir) if testing.Verbose() { cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr diff --git a/main.go b/main.go index ab2c1f1..7184255 100644 --- a/main.go +++ b/main.go @@ -37,7 +37,7 @@ type argContainer struct { debug, init, zerokey, fusedebug, openssl, passwd, foreground, version, plaintextnames, quiet, diriv bool masterkey, mountpoint, cipherdir, cpuprofile, config, extpass string - notifypid int + notifypid, scryptn int } var flagSet *flag.FlagSet @@ -62,7 +62,7 @@ func initDir(args *argContainer) { // Create gocryptfs.conf cryptfs.Info.Printf("Choose a password for protecting your files.\n") password := readPasswordTwice(args.extpass) - err = cryptfs.CreateConfFile(args.config, password, args.plaintextnames) + err = cryptfs.CreateConfFile(args.config, password, args.plaintextnames, args.scryptn) if err != nil { fmt.Println(err) os.Exit(ERREXIT_INIT) @@ -109,7 +109,7 @@ func changePassword(args *argContainer) { masterkey, confFile := loadConfig(args) fmt.Printf("Please enter your new password.\n") newPw := readPasswordTwice(args.extpass) - confFile.EncryptKey(masterkey, newPw) + confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN()) err := confFile.WriteFile() if err != nil { fmt.Println(err) @@ -151,6 +151,8 @@ func main() { flagSet.StringVar(&args.extpass, "extpass", "", "Use external program for the password prompt") flagSet.IntVar(&args.notifypid, "notifypid", 0, "Send USR1 to the specified process after "+ "successful mount - used internally for daemonization") + flagSet.IntVar(&args.scryptn, "scryptn", cryptfs.SCRYPT_DEFAULT_LOGN, "scrypt cost parameter logN. "+ + "Setting this to a lower value speeds up mounting but makes the password susceptible to brute-force attacks") flagSet.Parse(os.Args[1:]) // By default, let the child handle everything.