trezor: add TrezorPayload

TrezorPayload stores 32 random bytes used for unlocking the master key using a Trezor security module. The randomness makes sure that a unique unlock value is used for each gocryptfs filesystem.
author: Jakob Unterwurzacher 2018-06-25 22:27:15 +0200
committer: Jakob Unterwurzacher 2018-07-01 20:56:22 +0200
commit: 9a15dfa494c76b5fcadcd32e2e46cbee84218a87 (patch)
tree: 5dcb84d222f355750d1b0773660b891b509dadb1 /internal
parent: 91de77943fba3cb993aad4e9756e159c4514764a (diff)
3 files changed, 22 insertions, 8 deletions
diff --git a/internal/configfile/config_file.go b/internal/configfile/config_file.go
index a70a511..c856ad0 100644
--- a/internal/configfile/config_file.go
+++ b/internal/configfile/config_file.go
@@ -45,6 +45,10 @@ type ConfFile struct {
 	// mounting. This mechanism is analogous to the ext4 feature flags that are
 	// stored in the superblock.
 	FeatureFlags []string
+	// TrezorPayload stores 32 random bytes used for unlocking the master key using
+	// a Trezor security module. The randomness makes sure that a unique unlock
+	// value is used for each gocryptfs filesystem.
+	TrezorPayload []byte `json:",omitempty"`
 	// Filename is the name of the config file. Not exported to JSON.
 	filename string
 }
@@ -68,7 +72,7 @@ func randBytesDevRandom(n int) []byte {
 // "password" and write it to "filename".
 // Uses scrypt with cost parameter logN.
 func Create(filename string, password []byte, plaintextNames bool,
-	logN int, creator string, aessiv bool, devrandom bool, trezor bool) error {
+	logN int, creator string, aessiv bool, devrandom bool, trezorPayload []byte) error {
 	var cf ConfFile
 	cf.filename = filename
 	cf.Creator = creator
@@ -88,8 +92,9 @@ func Create(filename string, password []byte, plaintextNames bool,
 	if aessiv {
 		cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagAESSIV])
 	}
-	if trezor {
+	if len(trezorPayload) > 0 {
 		cf.FeatureFlags = append(cf.FeatureFlags, knownFlags[FlagTrezor])
+		cf.TrezorPayload = trezorPayload
 	}
 	{
 		// Generate new random master key
diff --git a/internal/configfile/config_test.go b/internal/configfile/config_test.go
index e130cfa..b8ee150 100644
--- a/internal/configfile/config_test.go
+++ b/internal/configfile/config_test.go
@@ -62,7 +62,7 @@ func TestLoadV2StrangeFeature(t *testing.T) {
 }
 
 func TestCreateConfDefault(t *testing.T) {
-	err := Create("config_test/tmp.conf", testPw, false, 10, "test", false, false, false)
+	err := Create("config_test/tmp.conf", testPw, false, 10, "test", false, false, nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -83,14 +83,14 @@ func TestCreateConfDefault(t *testing.T) {
 }
 
 func TestCreateConfDevRandom(t *testing.T) {
-	err := Create("config_test/tmp.conf", testPw, false, 10, "test", false, true, false)
+	err := Create("config_test/tmp.conf", testPw, false, 10, "test", false, true, nil)
 	if err != nil {
 		t.Fatal(err)
 	}
 }
 
 func TestCreateConfPlaintextnames(t *testing.T) {
-	err := Create("config_test/tmp.conf", testPw, true, 10, "test", false, false, false)
+	err := Create("config_test/tmp.conf", testPw, true, 10, "test", false, false, nil)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -111,7 +111,7 @@ func TestCreateConfPlaintextnames(t *testing.T) {
 
 // Reverse mode uses AESSIV
 func TestCreateConfFileAESSIV(t *testing.T) {
-	err := Create("config_test/tmp.conf", testPw, false, 10, "test", true, false, false)
+	err := Create("config_test/tmp.conf", testPw, false, 10, "test", true, false, nil)
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/internal/readpassword/trezor.go b/internal/readpassword/trezor.go
index 37dde79..45edfd8 100644
--- a/internal/readpassword/trezor.go
+++ b/internal/readpassword/trezor.go
@@ -7,12 +7,22 @@ import (
 	"github.com/rfjakob/gocryptfs/internal/tlog"
 )
 
+const (
+	// TrezorPayloadLen is the length of the payload data passed to Trezor's
+	// CipherKeyValue function.
+	TrezorPayloadLen = 32
+)
+
 // Trezor reads 16 deterministically derived bytes from a
 // SatoshiLabs Trezor USB security module.
 // The bytes are pseudorandom binary data and may contain null bytes.
 // This function either succeeds and returns 16 bytes or calls os.Exit to end
 // the application.
-func Trezor() []byte {
+func Trezor(payload []byte) []byte {
+	if len(payload) != TrezorPayloadLen {
+		tlog.Fatal.Printf("Invalid TrezorPayload length: wanted %d, got %d bytes\n", TrezorPayloadLen, len(payload))
+		os.Exit(exitcodes.LoadConf)
+	}
 	var err error
 	// TODO try to read bytes here....
 	// Handle errors
@@ -20,7 +30,6 @@ func Trezor() []byte {
 		tlog.Fatal.Printf("xxx some error was encountered...")
 		os.Exit(exitcodes.TrezorError)
 	}
-
 	tlog.Warn.Println("XXX readpassword.Trezor(): not implemented yet - returning hardcoded dummy bytes XXX")
 	return []byte("1234567890123456")
 }
author	Jakob Unterwurzacher	2018-06-25 22:27:15 +0200
committer	Jakob Unterwurzacher	2018-07-01 20:56:22 +0200
commit	9a15dfa494c76b5fcadcd32e2e46cbee84218a87 (patch)
tree	5dcb84d222f355750d1b0773660b891b509dadb1 /internal
parent	91de77943fba3cb993aad4e9756e159c4514764a (diff)