Derive a per-chunk chunk_id-dependent key to prevent chunk reordering

author: Tim Segers <tsegers@pm.me> 2025-12-07 19:42:56 +0100
committer: Tim Segers <tsegers@pm.me> 2025-12-07 19:43:28 +0100
commit: 9331455b902d2a853458f32806b624349a5e2405 (patch)
tree: 3b0dc644add994ecc7473856df88cd9fdef91594 /src
parent: 6b2edf74e4005a194546356c2141b7f09e013ca3 (diff)
download: tweetpipe-9331455b902d2a853458f32806b624349a5e2405.tar.gz
1 files changed, 8 insertions, 2 deletions
diff --git a/src/tweetpipe.c b/src/tweetpipe.c
index e369f70..768faaf 100644
--- a/src/tweetpipe.c
+++ b/src/tweetpipe.c
@@ -70,6 +70,7 @@ stream_encrypt(Context *ctx)
         chunk_nonce + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES;
     unsigned char *const chunk_msg = chunk_base + crypto_secretbox_ZEROBYTES;
     unsigned char        nonce[crypto_secretbox_NONCEBYTES];
+    unsigned char        chunk_key[crypto_secretbox_KEYBYTES];
     uint64_t             chunk_id;
     ssize_t              max_chunk_size;
     ssize_t              chunk_size;
@@ -109,6 +110,8 @@ stream_encrypt(Context *ctx)
         memzero(chunk_nonce, crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES +
                                  crypto_secretbox_ZEROBYTES);
         randombytes(nonce, crypto_secretbox_NONCEBYTES);
+        crypto_kdf(chunk_key, crypto_secretbox_KEYBYTES, chunk_id, (unsigned char *) "tweetkey",
+                   ctx->key, crypto_secretbox_KEYBYTES);
         /*
          * encrypt with crypto_secretbox()
          *
@@ -118,7 +121,7 @@ stream_encrypt(Context *ctx)
          * | 4 |   8   |       16      |       16      |       chunk_size
          */
         if (crypto_secretbox(chunk_base, chunk_base, chunk_size + crypto_secretbox_ZEROBYTES, nonce,
-                             ctx->key) != 0) {
+                             chunk_key) != 0) {
             die(0, "Encryption error");
         }
         /*
@@ -156,6 +159,7 @@ stream_decrypt(Context *ctx)
         chunk_nonce + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES;
     unsigned char *const chunk_msg = chunk_base + crypto_secretbox_ZEROBYTES;
     unsigned char        nonce[crypto_secretbox_NONCEBYTES];
+    unsigned char        chunk_key[crypto_secretbox_KEYBYTES];
     uint64_t             chunk_id;
     ssize_t              readnb;
     ssize_t              max_chunk_size;
@@ -181,8 +185,10 @@ stream_decrypt(Context *ctx)
         }
         memcpy(nonce, chunk_nonce, crypto_secretbox_NONCEBYTES);
         memzero(chunk_nonce, crypto_secretbox_NONCEBYTES);
+        crypto_kdf(chunk_key, crypto_secretbox_KEYBYTES, chunk_id, (unsigned char *) "tweetkey",
+                   ctx->key, crypto_secretbox_KEYBYTES);
         if (crypto_secretbox_open(chunk_base, chunk_base, chunk_size + crypto_secretbox_ZEROBYTES,
-                                  nonce, ctx->key) != 0) {
+                                  nonce, chunk_key) != 0) {
             printf("Unable to decrypt chunk #%" PRIu64 " - ", chunk_id);
             if (chunk_id == 0) {
                 die(0, "Wrong password or key?");
author	Tim Segers <tsegers@pm.me>	2025-12-07 19:42:56 +0100
committer	Tim Segers <tsegers@pm.me>	2025-12-07 19:43:28 +0100
commit	9331455b902d2a853458f32806b624349a5e2405 (patch)
tree	3b0dc644add994ecc7473856df88cd9fdef91594 /src
parent	6b2edf74e4005a194546356c2141b7f09e013ca3 (diff)
download	tweetpipe-9331455b902d2a853458f32806b624349a5e2405.tar.gz