diff options
| -rw-r--r-- | actions/protector.go | 5 | ||||
| -rw-r--r-- | crypto/crypto.go | 9 | ||||
| -rw-r--r-- | crypto/rand.go | 67 |
3 files changed, 7 insertions, 74 deletions
diff --git a/actions/protector.go b/actions/protector.go index ffc3c43..bd87945 100644 --- a/actions/protector.go +++ b/actions/protector.go @@ -129,10 +129,7 @@ func CreateProtector(ctx *Context, name string, keyFn KeyFunc) (*Protector, erro fallthrough case metadata.SourceType_custom_passphrase: // Our passphrase sources need costs and a random salt. - if protector.data.Salt, err = crypto.NewRandomBuffer(metadata.SaltLen); err != nil { - return nil, err - } - + protector.data.Salt = crypto.NewRandomSlice(metadata.SaltLen) protector.data.Costs = ctx.Config.HashCosts } diff --git a/crypto/crypto.go b/crypto/crypto.go index a85d345..dbd13ff 100644 --- a/crypto/crypto.go +++ b/crypto/crypto.go @@ -42,6 +42,7 @@ import ( "crypto/aes" "crypto/cipher" "crypto/hmac" + "crypto/rand" "crypto/sha256" "crypto/sha512" "encoding/hex" @@ -135,11 +136,13 @@ func Wrap(wrappingKey, secretKey *Key) (*metadata.WrappedKeyData, error) { return nil, err } - data := &metadata.WrappedKeyData{EncryptedKey: make([]byte, secretKey.Len())} + data := &metadata.WrappedKeyData{ + EncryptedKey: make([]byte, secretKey.Len()), + IV: make([]byte, metadata.IVLen), + } // Get random IV - var err error - if data.IV, err = NewRandomBuffer(metadata.IVLen); err != nil { + if _, err := rand.Read(data.IV); err != nil { return nil, err } diff --git a/crypto/rand.go b/crypto/rand.go deleted file mode 100644 index 0778ebd..0000000 --- a/crypto/rand.go +++ /dev/null @@ -1,67 +0,0 @@ -/* - * rand.go - Reader used to generate secure random data for fscrypt. - * - * Copyright 2017 Google Inc. - * Author: Joe Richey (joerichey@google.com) - * - * Licensed under the Apache License, Version 2.0 (the "License"); you may not - * use this file except in compliance with the License. You may obtain a copy of - * the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT - * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the - * License for the specific language governing permissions and limitations under - * the License. - */ - -package crypto - -import ( - "io" - - "github.com/pkg/errors" - "golang.org/x/sys/unix" -) - -// NewRandomBuffer uses the Linux Getrandom() syscall to create random bytes. If -// the operating system has insufficient randomness, the buffer creation will -// fail. This is an improvement over Go's built-in crypto/rand which will still -// return bytes if the system has insufficiency entropy. -// See: https://github.com/golang/go/issues/19274 -// -// While this syscall was only introduced in Kernel v3.17, it predates the -// introduction of filesystem encryption, so it introduces no additional -// compatibility issues. -func NewRandomBuffer(length int) ([]byte, error) { - buffer := make([]byte, length) - if _, err := io.ReadFull(randReader{}, buffer); err != nil { - return nil, err - } - return buffer, nil -} - -// NewRandomKey creates a random key of the specified length. This function uses -// the same random number generation process a NewRandomBuffer. -func NewRandomKey(length int) (*Key, error) { - return NewFixedLengthKeyFromReader(randReader{}, length) -} - -// randReader just calls into Getrandom, so no internal data is needed. -type randReader struct{} - -func (r randReader) Read(buffer []byte) (int, error) { - n, err := unix.Getrandom(buffer, unix.GRND_NONBLOCK) - switch err { - case nil: - return n, nil - case unix.EAGAIN: - return 0, errors.Wrap(ErrGetrandomFail, "insufficient entropy in pool") - case unix.ENOSYS: - return 0, errors.Wrap(ErrGetrandomFail, "kernel must be v3.17 or later") - default: - return 0, errors.Wrap(ErrGetrandomFail, err.Error()) - } -} |