From bdb43c486b1f5dbd8eedf866b4161b31f1e5d75a Mon Sep 17 00:00:00 2001 From: Tim Segers Date: Thu, 30 Oct 2025 23:30:50 +0100 Subject: Rename encpipe to tweetpipe --- Makefile | 22 ++-- src/encpipe.c | 301 ------------------------------------------------------ src/encpipe_p.h | 41 -------- src/tweetpipe.c | 301 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/tweetpipe_p.h | 41 ++++++++ 5 files changed, 353 insertions(+), 353 deletions(-) delete mode 100644 src/encpipe.c delete mode 100644 src/encpipe_p.h create mode 100644 src/tweetpipe.c create mode 100644 src/tweetpipe_p.h diff --git a/Makefile b/Makefile index b098ba0..fb589f6 100644 --- a/Makefile +++ b/Makefile @@ -4,45 +4,45 @@ CFLAGS ?= -O3 -mtune=native -fno-exceptions -flto $(WFLAGS) CPPFLAGS += -I. -Iext/tweetnacl -Iext/tweetpwhash -Iext/util STRIP ?= strip -OBJ = ext/tweetnacl/tweetnacl.o ext/tweetpwhash/tweetpwhash.o ext/util/util.o src/encpipe.o src/safe_rw.o +OBJ = ext/tweetnacl/tweetnacl.o ext/tweetpwhash/tweetpwhash.o ext/util/util.o src/tweetpipe.o src/safe_rw.o SRC = \ ext/tweetnacl/tweetnacl.c \ ext/tweetpwhash/tweetpwhash.c \ ext/util/util.c \ src/common.h \ - src/encpipe.c \ - src/encpipe_p.h \ + src/tweetpipe.c \ + src/tweetpipe_p.h \ src/safe_rw.c \ src/safe_rw.h all: bin test -bin: encpipe +bin: tweetpipe $(OBJ): $(SRC) .c.o: $(CC) $(CFLAGS) $(CPPFLAGS) -o $@ -c $< -encpipe: $(OBJ) - $(CC) $(CFLAGS) -o encpipe $(LDFLAGS) $(OBJ) +tweetpipe: $(OBJ) + $(CC) $(CFLAGS) -o tweetpipe $(LDFLAGS) $(OBJ) install: all - -$(STRIP) --strip-all encpipe 2> /dev/null || $(STRIP) encpipe 2> /dev/null + -$(STRIP) --strip-all tweetpipe 2> /dev/null || $(STRIP) tweetpipe 2> /dev/null mkdir -p $(PREFIX)/bin - install -o 0 -g 0 -m 0755 encpipe $(PREFIX)/bin 2> /dev/null || install -m 0755 encpipe $(PREFIX)/bin + install -o 0 -g 0 -m 0755 tweetpipe $(PREFIX)/bin 2> /dev/null || install -m 0755 tweetpipe $(PREFIX)/bin uninstall: - rm -f $(PREFIX)/bin/encpipe + rm -f $(PREFIX)/bin/tweetpipe test: bin - @echo test | ./encpipe -e -p password | ./encpipe -d -p password -o /dev/null + @echo test | ./tweetpipe -e -p password | ./tweetpipe -d -p password -o /dev/null .PHONY: clean clean: - rm -f encpipe $(OBJ) + rm -f tweetpipe $(OBJ) distclean: clean diff --git a/src/encpipe.c b/src/encpipe.c deleted file mode 100644 index a41a222..0000000 --- a/src/encpipe.c +++ /dev/null @@ -1,301 +0,0 @@ -#include "encpipe_p.h" -#include "tweetpwhash.h" -#include "util.h" - -static struct option getopt_long_options[] = { - { "help", 0, NULL, 'h' }, { "decrypt", 0, NULL, 'd' }, { "encrypt", 0, NULL, 'e' }, - { "in", 1, NULL, 'i' }, { "out", 1, NULL, 'o' }, { "pass", 1, NULL, 'p' }, - { "passfile", 1, NULL, 'P' }, { "passgen", 0, NULL, 'G' }, { NULL, 0, NULL, 0 } -}; -static const char *getopt_options = "hdeGi:o:p:P:"; - -static void -usage(FILE *stream) -{ - fputs( - "Usage:\n" - " encpipe -G\n" - " encpipe {-e | -d} {-p | -P } [-i ] [-o ]\n" - "\n" - "Options:\n" - " -G, --passgen generate a random password\n" - " -e, --encrypt encryption mode\n" - " -d, --decrypt decryption mode\n" - " -p, --pass use \n" - " -P, --passfile read password from \n" - " -i, --in read input from \n" - " -o, --out write output to \n" - " -h, --help print this message\n", - stream); - exit(2); -} - -static int -file_open(const char *file, int create) -{ - int fd; - - if (file == NULL || (file[0] == '-' && file[1] == 0)) { - return create ? STDOUT_FILENO : STDIN_FILENO; - } - fd = create ? open(file, O_CREAT | O_WRONLY | O_TRUNC, 0644) : open(file, O_RDONLY); - if (fd == -1) { - die(1, "Unable to access [%s]", file); - } - return fd; -} - -static void -derive_key(Context *ctx, char *password, size_t password_len) -{ - static uint8_t master_key[crypto_pwhash_SALTBYTES] = { 0 }; - - if (ctx->has_key) { - die(0, "A single key is enough"); - } - if (crypto_pwhash(ctx->key, sizeof ctx->key, (unsigned char *) password, password_len, master_key, PWHASH_OPSLIMIT) != 0) { - die(0, "Password hashing failed"); - } - memzero(password, password_len); - ctx->has_key = 1; -} - -static int -stream_encrypt(Context *ctx) -{ - unsigned char *const chunk_size_p = ctx->buf; - unsigned char *const chunk_nonce = chunk_size_p + 4; - unsigned char *const chunk_base = chunk_size_p + 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES; - unsigned char *const chunk_msg = chunk_size_p + 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES; - unsigned char nonce[crypto_secretbox_NONCEBYTES]; - uint64_t chunk_id; - ssize_t max_chunk_size; - ssize_t chunk_size; - - assert(ctx->sizeof_buf >= 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES); - max_chunk_size = ctx->sizeof_buf - 4 - crypto_secretbox_NONCEBYTES + crypto_secretbox_BOXZEROBYTES - crypto_secretbox_ZEROBYTES; - assert(max_chunk_size <= 0x7fffffff); - chunk_id = 0; - while ((chunk_size = safe_read_partial(ctx->fd_in, chunk_msg, max_chunk_size)) >= 0) { - STORE32_LE(chunk_size_p, (uint32_t) chunk_size); - memzero(chunk_nonce, crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES); - randombytes(nonce, crypto_secretbox_NONCEBYTES); - if (crypto_secretbox(chunk_base, chunk_base, chunk_size + crypto_secretbox_ZEROBYTES, nonce, ctx->key) != - 0) { - die(0, "Encryption error"); - } - memcpy(chunk_nonce, nonce, crypto_secretbox_NONCEBYTES); - if (safe_write(ctx->fd_out, chunk_size_p, 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES + chunk_size, - -1) < 0) { - die(1, "write()"); - } - if (chunk_size == 0) { - break; - } - chunk_id++; - } - if (chunk_size < 0) { - die(1, "read()"); - } - return 0; -} - -static int -stream_decrypt(Context *ctx) -{ - unsigned char *const chunk_size_p = ctx->buf; - unsigned char *const chunk_nonce = chunk_size_p + 4; - unsigned char *const chunk_base = chunk_size_p + 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES; - unsigned char *const chunk_msg = chunk_size_p + 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES; - unsigned char nonce[crypto_secretbox_NONCEBYTES]; - uint64_t chunk_id; - ssize_t readnb; - ssize_t max_chunk_size; - ssize_t chunk_size; - - assert(ctx->sizeof_buf >= 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES); - max_chunk_size = ctx->sizeof_buf - 4 - crypto_secretbox_NONCEBYTES + crypto_secretbox_BOXZEROBYTES - crypto_secretbox_ZEROBYTES; - assert(max_chunk_size <= 0x7fffffff); - chunk_id = 0; - while ((readnb = safe_read(ctx->fd_in, chunk_size_p, 4)) == 4) { - chunk_size = LOAD32_LE(chunk_size_p); - if (chunk_size > max_chunk_size) { - die(0, "Chunk size too large ([%zd] > [%zd])", chunk_size, max_chunk_size); - } - if (safe_read(ctx->fd_in, chunk_nonce, crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES + chunk_size) != - crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES + chunk_size) { - die(0, "Chunk too short ([%zd] bytes expected)", chunk_size); - } - memcpy(nonce, chunk_nonce, crypto_secretbox_NONCEBYTES); - memzero(chunk_nonce, crypto_secretbox_NONCEBYTES); - if (crypto_secretbox_open(chunk_base, chunk_base, chunk_size + crypto_secretbox_ZEROBYTES, nonce, ctx->key) != 0) { - printf("Unable to decrypt chunk #%" PRIu64 " - ", chunk_id); - if (chunk_id == 0) { - die(0, "Wrong password or key?"); - } else { - die(0, "Corrupted or incomplete file?"); - } - } - if (chunk_size == 0) { - break; - } - if (safe_write(ctx->fd_out, chunk_msg, chunk_size, -1) < 0) { - die(1, "write()"); - } - chunk_id++; - } - if (readnb < 0) { - die(1, "read()"); - } - if (chunk_size != 0) { - die(0, "Premature end of file"); - } - return 0; -} - -static int -read_password_file(Context *ctx, const char *file) -{ - char password_[512], *password = password_; - ssize_t password_len; - int fd; - - fd = file_open(file, 0); - if ((password_len = safe_read(fd, password, sizeof password_)) < 0) { - die(1, "Unable to read the password"); - } - while (password_len > 0 && - (password[password_len - 1] == ' ' || password[password_len - 1] == '\r' || - password[password_len - 1] == '\n')) { - password_len--; - } - while (password_len > 0 && (*password == ' ' || *password == '\r' || *password == '\n')) { - password++; - password_len--; - } - if (password_len <= 0) { - die(0, "Empty password"); - } - close(fd); - derive_key(ctx, password, password_len); - - return 0; -} - -static void -read_password_from_terminal(Context *ctx) -{ - char password[512]; - char *p; - - printf("Password: "); - fflush(stdout); - if (fgets(password, sizeof password, stdin) == NULL) { - die(1, "fgets()"); - } - if ((p = strchr(password, '\r')) != NULL) { - *p = 0; - } - if ((p = strchr(password, '\n')) != NULL) { - *p = 0; - } - derive_key(ctx, password, strlen(password)); -} - -static void -passgen(void) -{ - unsigned char password[32]; - char hex[32 * 2 + 1]; - - randombytes(password, sizeof password); - bin2hex(hex, sizeof hex, password, sizeof password); - puts(hex); - memzero(password, sizeof password); - memzero(hex, sizeof hex); - exit(0); -} - -static void -options_parse(Context *ctx, int argc, char *argv[]) -{ - int opt_flag; - int option_index = 0; - - ctx->encrypt = -1; - ctx->in = NULL; - ctx->out = NULL; - optind = 0; -#ifdef _OPTRESET - optreset = 1; -#endif - while ((opt_flag = getopt_long(argc, argv, getopt_options, getopt_long_options, - &option_index)) != -1) { - switch (opt_flag) { - case 'd': - ctx->encrypt = 0; - break; - case 'e': - ctx->encrypt = 1; - break; - case 'G': - passgen(); - break; /* NOTREACHED */ - case 'h': - usage(stdout); - break; /* NOTREACHED */ - case 'i': - ctx->in = optarg; - break; - case 'o': - ctx->out = optarg; - break; - case 'p': - derive_key(ctx, optarg, strlen(optarg)); - break; - case 'P': - read_password_file(ctx, optarg); - break; - default: - usage(stderr); - } - } - if (ctx->encrypt == -1) { - usage(stderr); - } - if (ctx->has_key == 0) { - read_password_from_terminal(ctx); - } -} - -int -main(int argc, char *argv[]) -{ - Context ctx; - - memset(&ctx, 0, sizeof ctx); - options_parse(&ctx, argc, argv); - ctx.sizeof_buf = DEFAULT_BUFFER_SIZE; - if (ctx.sizeof_buf < MIN_BUFFER_SIZE) { - ctx.sizeof_buf = MIN_BUFFER_SIZE; - } else if (ctx.sizeof_buf > MAX_BUFFER_SIZE) { - ctx.sizeof_buf = MAX_BUFFER_SIZE; - } - if ((ctx.buf = (unsigned char *) malloc(ctx.sizeof_buf)) == NULL) { - die(1, "malloc()"); - } - - ctx.fd_in = file_open(ctx.in, 0); - ctx.fd_out = file_open(ctx.out, 1); - if (ctx.encrypt) { - stream_encrypt(&ctx); - } else { - stream_decrypt(&ctx); - } - free(ctx.buf); - close(ctx.fd_out); - close(ctx.fd_in); - memzero(&ctx, sizeof ctx); - - return 0; -} diff --git a/src/encpipe_p.h b/src/encpipe_p.h deleted file mode 100644 index 06fc523..0000000 --- a/src/encpipe_p.h +++ /dev/null @@ -1,41 +0,0 @@ -#ifndef encpipe_p_H -#define encpipe_p_H 1 - -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - -#include "common.h" -#include "safe_rw.h" - -#define MIN_BUFFER_SIZE 512 -#define MAX_BUFFER_SIZE 0x7fffffff -#define DEFAULT_BUFFER_SIZE (1 * 1024 * 1024) -#define PWHASH_OPSLIMIT 1000000 - -typedef struct Context_ { - char * in; - char * out; - unsigned char key[crypto_secretbox_KEYBYTES]; - unsigned char *buf; - size_t sizeof_buf; - int fd_in; - int fd_out; - int encrypt; - int has_key; -} Context; - -#endif diff --git a/src/tweetpipe.c b/src/tweetpipe.c new file mode 100644 index 0000000..9dd5676 --- /dev/null +++ b/src/tweetpipe.c @@ -0,0 +1,301 @@ +#include "tweetpipe_p.h" +#include "tweetpwhash.h" +#include "util.h" + +static struct option getopt_long_options[] = { + { "help", 0, NULL, 'h' }, { "decrypt", 0, NULL, 'd' }, { "encrypt", 0, NULL, 'e' }, + { "in", 1, NULL, 'i' }, { "out", 1, NULL, 'o' }, { "pass", 1, NULL, 'p' }, + { "passfile", 1, NULL, 'P' }, { "passgen", 0, NULL, 'G' }, { NULL, 0, NULL, 0 } +}; +static const char *getopt_options = "hdeGi:o:p:P:"; + +static void +usage(FILE *stream) +{ + fputs( + "Usage:\n" + " tweetpipe -G\n" + " tweetpipe {-e | -d} {-p | -P } [-i ] [-o ]\n" + "\n" + "Options:\n" + " -G, --passgen generate a random password\n" + " -e, --encrypt encryption mode\n" + " -d, --decrypt decryption mode\n" + " -p, --pass use \n" + " -P, --passfile read password from \n" + " -i, --in read input from \n" + " -o, --out write output to \n" + " -h, --help print this message\n", + stream); + exit(2); +} + +static int +file_open(const char *file, int create) +{ + int fd; + + if (file == NULL || (file[0] == '-' && file[1] == 0)) { + return create ? STDOUT_FILENO : STDIN_FILENO; + } + fd = create ? open(file, O_CREAT | O_WRONLY | O_TRUNC, 0644) : open(file, O_RDONLY); + if (fd == -1) { + die(1, "Unable to access [%s]", file); + } + return fd; +} + +static void +derive_key(Context *ctx, char *password, size_t password_len) +{ + static uint8_t master_key[crypto_pwhash_SALTBYTES] = { 0 }; + + if (ctx->has_key) { + die(0, "A single key is enough"); + } + if (crypto_pwhash(ctx->key, sizeof ctx->key, (unsigned char *) password, password_len, master_key, PWHASH_OPSLIMIT) != 0) { + die(0, "Password hashing failed"); + } + memzero(password, password_len); + ctx->has_key = 1; +} + +static int +stream_encrypt(Context *ctx) +{ + unsigned char *const chunk_size_p = ctx->buf; + unsigned char *const chunk_nonce = chunk_size_p + 4; + unsigned char *const chunk_base = chunk_size_p + 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES; + unsigned char *const chunk_msg = chunk_size_p + 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES; + unsigned char nonce[crypto_secretbox_NONCEBYTES]; + uint64_t chunk_id; + ssize_t max_chunk_size; + ssize_t chunk_size; + + assert(ctx->sizeof_buf >= 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES); + max_chunk_size = ctx->sizeof_buf - 4 - crypto_secretbox_NONCEBYTES + crypto_secretbox_BOXZEROBYTES - crypto_secretbox_ZEROBYTES; + assert(max_chunk_size <= 0x7fffffff); + chunk_id = 0; + while ((chunk_size = safe_read_partial(ctx->fd_in, chunk_msg, max_chunk_size)) >= 0) { + STORE32_LE(chunk_size_p, (uint32_t) chunk_size); + memzero(chunk_nonce, crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES); + randombytes(nonce, crypto_secretbox_NONCEBYTES); + if (crypto_secretbox(chunk_base, chunk_base, chunk_size + crypto_secretbox_ZEROBYTES, nonce, ctx->key) != + 0) { + die(0, "Encryption error"); + } + memcpy(chunk_nonce, nonce, crypto_secretbox_NONCEBYTES); + if (safe_write(ctx->fd_out, chunk_size_p, 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES + chunk_size, + -1) < 0) { + die(1, "write()"); + } + if (chunk_size == 0) { + break; + } + chunk_id++; + } + if (chunk_size < 0) { + die(1, "read()"); + } + return 0; +} + +static int +stream_decrypt(Context *ctx) +{ + unsigned char *const chunk_size_p = ctx->buf; + unsigned char *const chunk_nonce = chunk_size_p + 4; + unsigned char *const chunk_base = chunk_size_p + 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES; + unsigned char *const chunk_msg = chunk_size_p + 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES; + unsigned char nonce[crypto_secretbox_NONCEBYTES]; + uint64_t chunk_id; + ssize_t readnb; + ssize_t max_chunk_size; + ssize_t chunk_size; + + assert(ctx->sizeof_buf >= 4 + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES); + max_chunk_size = ctx->sizeof_buf - 4 - crypto_secretbox_NONCEBYTES + crypto_secretbox_BOXZEROBYTES - crypto_secretbox_ZEROBYTES; + assert(max_chunk_size <= 0x7fffffff); + chunk_id = 0; + while ((readnb = safe_read(ctx->fd_in, chunk_size_p, 4)) == 4) { + chunk_size = LOAD32_LE(chunk_size_p); + if (chunk_size > max_chunk_size) { + die(0, "Chunk size too large ([%zd] > [%zd])", chunk_size, max_chunk_size); + } + if (safe_read(ctx->fd_in, chunk_nonce, crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES + chunk_size) != + crypto_secretbox_NONCEBYTES - crypto_secretbox_BOXZEROBYTES + crypto_secretbox_ZEROBYTES + chunk_size) { + die(0, "Chunk too short ([%zd] bytes expected)", chunk_size); + } + memcpy(nonce, chunk_nonce, crypto_secretbox_NONCEBYTES); + memzero(chunk_nonce, crypto_secretbox_NONCEBYTES); + if (crypto_secretbox_open(chunk_base, chunk_base, chunk_size + crypto_secretbox_ZEROBYTES, nonce, ctx->key) != 0) { + printf("Unable to decrypt chunk #%" PRIu64 " - ", chunk_id); + if (chunk_id == 0) { + die(0, "Wrong password or key?"); + } else { + die(0, "Corrupted or incomplete file?"); + } + } + if (chunk_size == 0) { + break; + } + if (safe_write(ctx->fd_out, chunk_msg, chunk_size, -1) < 0) { + die(1, "write()"); + } + chunk_id++; + } + if (readnb < 0) { + die(1, "read()"); + } + if (chunk_size != 0) { + die(0, "Premature end of file"); + } + return 0; +} + +static int +read_password_file(Context *ctx, const char *file) +{ + char password_[512], *password = password_; + ssize_t password_len; + int fd; + + fd = file_open(file, 0); + if ((password_len = safe_read(fd, password, sizeof password_)) < 0) { + die(1, "Unable to read the password"); + } + while (password_len > 0 && + (password[password_len - 1] == ' ' || password[password_len - 1] == '\r' || + password[password_len - 1] == '\n')) { + password_len--; + } + while (password_len > 0 && (*password == ' ' || *password == '\r' || *password == '\n')) { + password++; + password_len--; + } + if (password_len <= 0) { + die(0, "Empty password"); + } + close(fd); + derive_key(ctx, password, password_len); + + return 0; +} + +static void +read_password_from_terminal(Context *ctx) +{ + char password[512]; + char *p; + + printf("Password: "); + fflush(stdout); + if (fgets(password, sizeof password, stdin) == NULL) { + die(1, "fgets()"); + } + if ((p = strchr(password, '\r')) != NULL) { + *p = 0; + } + if ((p = strchr(password, '\n')) != NULL) { + *p = 0; + } + derive_key(ctx, password, strlen(password)); +} + +static void +passgen(void) +{ + unsigned char password[32]; + char hex[32 * 2 + 1]; + + randombytes(password, sizeof password); + bin2hex(hex, sizeof hex, password, sizeof password); + puts(hex); + memzero(password, sizeof password); + memzero(hex, sizeof hex); + exit(0); +} + +static void +options_parse(Context *ctx, int argc, char *argv[]) +{ + int opt_flag; + int option_index = 0; + + ctx->encrypt = -1; + ctx->in = NULL; + ctx->out = NULL; + optind = 0; +#ifdef _OPTRESET + optreset = 1; +#endif + while ((opt_flag = getopt_long(argc, argv, getopt_options, getopt_long_options, + &option_index)) != -1) { + switch (opt_flag) { + case 'd': + ctx->encrypt = 0; + break; + case 'e': + ctx->encrypt = 1; + break; + case 'G': + passgen(); + break; /* NOTREACHED */ + case 'h': + usage(stdout); + break; /* NOTREACHED */ + case 'i': + ctx->in = optarg; + break; + case 'o': + ctx->out = optarg; + break; + case 'p': + derive_key(ctx, optarg, strlen(optarg)); + break; + case 'P': + read_password_file(ctx, optarg); + break; + default: + usage(stderr); + } + } + if (ctx->encrypt == -1) { + usage(stderr); + } + if (ctx->has_key == 0) { + read_password_from_terminal(ctx); + } +} + +int +main(int argc, char *argv[]) +{ + Context ctx; + + memset(&ctx, 0, sizeof ctx); + options_parse(&ctx, argc, argv); + ctx.sizeof_buf = DEFAULT_BUFFER_SIZE; + if (ctx.sizeof_buf < MIN_BUFFER_SIZE) { + ctx.sizeof_buf = MIN_BUFFER_SIZE; + } else if (ctx.sizeof_buf > MAX_BUFFER_SIZE) { + ctx.sizeof_buf = MAX_BUFFER_SIZE; + } + if ((ctx.buf = (unsigned char *) malloc(ctx.sizeof_buf)) == NULL) { + die(1, "malloc()"); + } + + ctx.fd_in = file_open(ctx.in, 0); + ctx.fd_out = file_open(ctx.out, 1); + if (ctx.encrypt) { + stream_encrypt(&ctx); + } else { + stream_decrypt(&ctx); + } + free(ctx.buf); + close(ctx.fd_out); + close(ctx.fd_in); + memzero(&ctx, sizeof ctx); + + return 0; +} diff --git a/src/tweetpipe_p.h b/src/tweetpipe_p.h new file mode 100644 index 0000000..06fc523 --- /dev/null +++ b/src/tweetpipe_p.h @@ -0,0 +1,41 @@ +#ifndef encpipe_p_H +#define encpipe_p_H 1 + +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include "common.h" +#include "safe_rw.h" + +#define MIN_BUFFER_SIZE 512 +#define MAX_BUFFER_SIZE 0x7fffffff +#define DEFAULT_BUFFER_SIZE (1 * 1024 * 1024) +#define PWHASH_OPSLIMIT 1000000 + +typedef struct Context_ { + char * in; + char * out; + unsigned char key[crypto_secretbox_KEYBYTES]; + unsigned char *buf; + size_t sizeof_buf; + int fd_in; + int fd_out; + int encrypt; + int has_key; +} Context; + +#endif -- cgit v1.2.3-70-g09d2