fz0x1/Picocrypt
1
0
Fork 0
mirror of https://github.com/Picocrypt/Picocrypt.git synced 2025-05-12 05:48:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

handle more errors for keyfile code

Browse source
This commit is contained in:
Evan Su 2025-04-18 16:29:42 -04:00
parent 1b55200b84
commit b0c2943bb0
1 changed files with 58 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
src/Picocrypt.go
View file

@ -1537,7 +1537,12 @@ func work() {
giu.Update()
// Subtract the header size from the total size if decrypting
stat, _ := os.Stat(inputFile)
stat, err := os.Stat(inputFile)
if err != nil {
resetUI()
accessDenied("Read")
return
}
total := stat.Size()
if mode == "decrypt" {
total -= 789
@ -1642,6 +1647,18 @@ func work() {
if _, err := rand.Read(nonce); err != nil {
panic(err)
}
if bytes.Equal(salt, make([]byte, 16)) {
panic(errors.New("fatal crypto/rand error"))
}
if bytes.Equal(hkdfSalt, make([]byte, 32)) {
panic(errors.New("fatal crypto/rand error"))
}
if bytes.Equal(serpentIV, make([]byte, 16)) {
panic(errors.New("fatal crypto/rand error"))
}
if bytes.Equal(nonce, make([]byte, 24)) {
panic(errors.New("fatal crypto/rand error"))
}
// Encode values with Reed-Solomon and write to file
_, errs[4] = fout.Write(rsEncode(rs16, salt))
@ -1764,6 +1781,9 @@ func work() {
32,
)
}
if bytes.Equal(key, make([]byte, 32)) {
panic(errors.New("fatal crypto/argon2 error"))
}
// If keyfiles are being used
if len(keyfiles) > 0 || keyfile {
@ -1772,7 +1792,10 @@ func work() {
var keyfileTotal int64
for _, path := range keyfiles {
stat, _ := os.Stat(path)
stat, err := os.Stat(path)
if err != nil {
panic(err) // we already checked os.Stat in onDrop
}
keyfileTotal += stat.Size()
}
@ -1782,7 +1805,10 @@ func work() {
// For each keyfile...
for _, path := range keyfiles {
fin, _ := os.Open(path)
fin, err := os.Open(path)
if err != nil {
panic(err)
}
for { // Read in chunks of 1 MiB
data := make([]byte, MiB)
size, err := fin.Read(data)
@ -1790,27 +1816,36 @@ func work() {
break
}
data = data[:size]
tmp.Write(data) // Hash the data
if _, err := tmp.Write(data); err != nil { // Hash the data
panic(err)
}
// Update progress
keyfileDone += size
progress = float32(keyfileDone) / float32(keyfileTotal)
giu.Update()
}
fin.Close()
if err := fin.Close(); err != nil {
panic(err)
}
}
keyfileKey = tmp.Sum(nil) // Get the SHA3-256
// Store a hash of 'keyfileKey' for comparison
tmp = sha3.New256()
tmp.Write(keyfileKey)
if _, err := tmp.Write(keyfileKey); err != nil {
panic(err)
}
keyfileHash = tmp.Sum(nil)
} else { // If order doesn't matter, hash individually and combine
var keyfileDone int
// For each keyfile...
for _, path := range keyfiles {
fin, _ := os.Open(path)
fin, err := os.Open(path)
if err != nil {
panic(err)
}
tmp := sha3.New256()
for { // Read in chunks of 1 MiB
data := make([]byte, MiB)
@ -1819,14 +1854,18 @@ func work() {
break
}
data = data[:size]
tmp.Write(data) // Hash the data
if _, err := tmp.Write(data); err != nil { // Hash the data
panic(err)
}
// Update progress
keyfileDone += size
progress = float32(keyfileDone) / float32(keyfileTotal)
giu.Update()
}
fin.Close()
if err := fin.Close(); err != nil {
panic(err)
}
sum := tmp.Sum(nil) // Get the SHA3-256
@ -1842,7 +1881,9 @@ func work() {
// Store a hash of 'keyfileKey' for comparison
tmp := sha3.New256()
tmp.Write(keyfileKey)
if _, err := tmp.Write(keyfileKey); err != nil {
panic(err)
}
keyfileHash = tmp.Sum(nil)
}
}
@ -1852,7 +1893,9 @@ func work() {
// Hash the encryption key for comparison when decrypting
tmp := sha3.New512()
tmp.Write(key)
if _, err := tmp.Write(key); err != nil {
panic(err)
}
keyHash = tmp.Sum(nil)
// Validate the password and/or keyfiles
@ -1926,7 +1969,10 @@ func work() {
}
done, counter := 0, 0
chacha, _ := chacha20.NewUnauthenticatedCipher(key, nonce)
chacha, err := chacha20.NewUnauthenticatedCipher(key, nonce)
if err != nil {
panic(err)
}
// Use HKDF-SHA3 to generate a subkey for the MAC
var mac hash.Hash