summarylogtreecommitdiffstats
path: root/crypto.patch
blob: 987370afdfd6631a603228b8d9c7c24804d6ef39 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
diff -Naur revelation.orig/src/bundle/AfSplitter.py revelation/src/bundle/AfSplitter.py
--- revelation.orig/src/bundle/AfSplitter.py	2018-09-01 12:38:17.702662965 +0200
+++ revelation/src/bundle/AfSplitter.py	2018-09-01 12:30:00.584871451 +0200
@@ -42,14 +42,8 @@
 
 # will need changed to use Crypto.Random (now in python-crypt git)
 # see: http://lists.dlitz.net/pipermail/pycrypto/2008q3/000020.html
-from Crypto.Util.randpool import RandomPool
-from Crypto.Cipher import XOR
-
-def _xor(a, b):
-	"""Internal function to performs XOR on two strings a and b"""
-
-	xor = XOR.new(a)
-	return xor.encrypt(b)
+from Crypto.Random import get_random_bytes
+from Crypto.Util.strxor import strxor
 
 def _diffuse(block, size, digest):
 	"""Internal function to diffuse information inside a buffer"""
@@ -81,26 +75,19 @@
 
 	blockSize = len(data)
 
-	rand = RandomPool()
-
 	bufblock = "\x00" * blockSize
 
 	ret = ""
 	for i in range(0, stripes-1):
 
 		# Get some random data
-		rand.randomize()
-		rand.stir()
-		r = rand.get_bytes(blockSize)
-		if rand.entropy < 0:
-			print "Warning: RandomPool entropy dropped below 0"
+		r = get_random_bytes(blockSize)
 
 		ret += r
-		bufblock = _xor(r, bufblock)
+		bufblock = strxor(r, bufblock)
 		bufblock = _diffuse(bufblock, blockSize, digesttype)
-		rand.add_event(bufblock)
 
-	ret += _xor(bufblock, data)
+	ret += strxor(bufblock, data)
 	return ret
 
 def AFMerge(data, stripes, digesttype='sha1'):
@@ -113,7 +100,7 @@
 
 	bufblock = "\x00" * blockSize
 	for i in range(0, stripes - 1):
-		bufblock = _xor(data[i*blockSize:(i+1)*blockSize], bufblock)
+		bufblock = strxor(data[i*blockSize:(i+1)*blockSize], bufblock)
 		bufblock = _diffuse(bufblock, blockSize, digesttype)
 
-	return _xor(data[(stripes-1)*blockSize:], bufblock)
+	return strxor(data[(stripes-1)*blockSize:], bufblock)
diff -Naur revelation.orig/src/bundle/luks.py revelation/src/bundle/luks.py
--- revelation.orig/src/bundle/luks.py	2018-09-01 12:38:17.702662965 +0200
+++ revelation/src/bundle/luks.py	2018-09-01 12:47:42.047084845 +0200
@@ -65,7 +65,7 @@
 
 # will need changed to use Crypto.Random (now in python-crypt git)
 # see: http://lists.dlitz.net/pipermail/pycrypto/2008q3/000020.html
-from Crypto.Util.randpool import RandomPool
+from Crypto.Random import get_random_bytes
 from Crypto.Cipher import *
 import PBKDFv2, AfSplitter
 
@@ -178,13 +178,11 @@
 		self.keyBytes = masterSize
 		self.hashSpec = hashSpec
 
-		rand = RandomPool(self.SALT_SIZE + 16 + masterSize)
-
 		# Generate the salt
-		self.mkDigestSalt = rand.get_bytes(self.SALT_SIZE)
+		self.mkDigestSalt = get_random_bytes(self.SALT_SIZE)
 
 		# Generate a random master key
-		self.masterKey = rand.get_bytes(self.keyBytes)
+		self.masterKey = get_random_bytes(self.keyBytes)
 		self.ivGen.set_key(self.masterKey)
 
 		# generate the master key digest
@@ -210,7 +208,7 @@
 		self.payloadOffset = currentSector
 
 		# Generate a UUID for this file
-		self._uuidgen(rand)
+		self._uuidgen()
 
 		# Create a new file, and save the header into it
 		self.file = file
@@ -263,8 +261,7 @@
 		key.passwordIterations = iterations
 
 		# Generate a random salt for this key
-		rand = RandomPool(self.SALT_SIZE)
-		key.passwordSalt = rand.get_bytes(self.SALT_SIZE)
+		key.passwordSalt = get_random_bytes(self.SALT_SIZE)
 
 		# Hash the key using PBKDFv2
 		pbkdf = PBKDFv2.PBKDFv2()
@@ -594,13 +591,13 @@
 		self.cipherName = cipherName
 		self.cipherMode = cipherMode
 
-	def _uuidgen(self, rand):
+	def _uuidgen(self):
 		"""Internal function to generate a UUID"""
 
 		# I copied this code (and slightly modified it) from a module written
 		# by Denys Duchier http://ofxsuite.berlios.de/uuid.py  (which is under the GPL)
 
-		buf = rand.get_bytes(16)
+		buf = get_random_bytes(16)
 		low,mid,hi_and_version,seq,node = struct.unpack(">IHHH6s",buf)
 		seq = (seq & 0x3FFF) | 0x8000
 		hi_and_version = (hi_and_version & 0x0FFF) | 0x4000
diff -Naur revelation.orig/src/bundle/PBKDFv2.py revelation/src/bundle/PBKDFv2.py
--- revelation.orig/src/bundle/PBKDFv2.py	2018-09-01 12:38:17.702662965 +0200
+++ revelation/src/bundle/PBKDFv2.py	2018-09-01 12:35:22.345594877 +0200
@@ -32,7 +32,7 @@
 """
 
 import struct, string, math, hashlib, hmac # RFC2104
-from Crypto.Cipher import XOR
+from Crypto.Util.strxor import strxor
 
 ################ PBKDFv2
 class PBKDFv2:
@@ -145,5 +145,4 @@
         if len(a) != len(b):
             raise ValueError("ERROR: Strings are of different size! %s %s" % (len(a), len(b)))
 
-	xor = XOR.new(a)
-	return xor.encrypt(b)
+	return strxor(a, b)