1
0
Fork 0
mirror of https://github.com/HACKERALERT/Picocrypt.git synced 2024-12-27 18:04:21 +00:00

Rename -fix to -f

This commit is contained in:
Evan Su 2024-04-25 23:22:14 -04:00 committed by GitHub
parent 1b4998d4e2
commit bbe5ee979a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

604
src/main.go Normal file
View file

@ -0,0 +1,604 @@
package main
import (
"archive/zip"
"bytes"
"crypto/cipher"
"crypto/hmac"
"crypto/rand"
"crypto/subtle"
"flag"
"fmt"
"hash"
"io"
"math"
"os"
"path/filepath"
"strconv"
"strings"
"github.com/HACKERALERT/infectious"
"github.com/HACKERALERT/serpent"
"github.com/schollz/progressbar/v3"
"golang.org/x/crypto/argon2"
"golang.org/x/crypto/blake2b"
"golang.org/x/crypto/chacha20"
"golang.org/x/crypto/hkdf"
"golang.org/x/crypto/sha3"
"golang.org/x/term"
)
var KiB = 1 << 10
var MiB = 1 << 20
var GiB = 1 << 30
var TiB = 1 << 40
var rs5, _ = infectious.NewFEC(5, 15)
var rs16, _ = infectious.NewFEC(16, 48)
var rs24, _ = infectious.NewFEC(24, 72)
var rs32, _ = infectious.NewFEC(32, 96)
var rs64, _ = infectious.NewFEC(64, 192)
var rs128, _ = infectious.NewFEC(128, 136)
func rsEncode(rs *infectious.FEC, data []byte) []byte {
res := make([]byte, rs.Total())
rs.Encode(data, func(s infectious.Share) {
res[s.Number] = s.Data[0]
})
return res
}
func rsDecode(rs *infectious.FEC, data []byte, fast bool) ([]byte, error) {
if rs.Total() == 136 && fast {
return data[:128], nil
}
tmp := make([]infectious.Share, rs.Total())
for i := 0; i < rs.Total(); i++ {
tmp[i].Number = i
tmp[i].Data = append(tmp[i].Data, data[i])
}
res, err := rs.Decode(nil, tmp)
if err != nil {
if rs.Total() == 136 {
return data[:128], err
}
return data[:rs.Total()/3], err
}
return res, nil
}
func pad(data []byte) []byte {
padLen := 128 - len(data)%128
padding := bytes.Repeat([]byte{byte(padLen)}, padLen)
return append(data, padding...)
}
func unpad(data []byte) []byte {
padLen := int(data[127])
return data[:128-padLen]
}
func work() int {
flag.Usage = func() {
fmt.Println("Usage: picocrypt [-p]aranoid [-r]eedsolo <item1> [<item2> ...]")
fmt.Println("Items: can be a file (cat.png), folder (./src), or glob (*.txt)")
}
paranoid := flag.Bool("p", false, "")
reedsolo := flag.Bool("r", false, "")
fix := flag.Bool("f", false, "")
flag.Parse()
mode := ""
if flag.NArg() == 0 {
flag.Usage()
return 0
}
if flag.NArg() == 1 {
if strings.HasSuffix(flag.Arg(0), ".pcv") {
mode = "decrypt"
} else {
mode = "encrypt"
}
} else {
mode = "encrypt"
for _, v := range flag.Args() {
if strings.HasSuffix(v, ".pcv") {
fmt.Println("Multiple items cannot contain volumes.")
return 1
}
}
}
for _, v := range flag.Args() {
if v == "-p" || v == "-r" || v == "-f" {
fmt.Println("Flags are only accepted before arguments!")
return 1
}
}
var password, cpassword []byte
var err error
if mode == "encrypt" {
fmt.Print("Password: ")
password, err = term.ReadPassword(int(os.Stdin.Fd()))
if err != nil {
fmt.Println("Error reading password.")
return 1
}
fmt.Print(strings.Repeat("*", len(password)), " | Confirm: ")
cpassword, err = term.ReadPassword(int(os.Stdin.Fd()))
if err != nil {
fmt.Println("Error reading password.")
return 1
}
fmt.Println(strings.Repeat("*", len(cpassword)))
if !bytes.Equal(password, cpassword) {
fmt.Println("Passwords don't match.")
return 1
}
} else {
fmt.Print("Password: ")
password, err = term.ReadPassword(int(os.Stdin.Fd()))
if err != nil {
fmt.Println("Error reading password.")
return 1
}
fmt.Println(strings.Repeat("*", len(password)))
}
fin_, fout_ := "", ""
if mode == "decrypt" {
fin_ = flag.Arg(0)
fout_ = strings.TrimSuffix(fin_, ".pcv")
} else {
stat, err := os.Stat(flag.Arg(0))
if flag.NArg() == 1 && err == nil && !stat.IsDir() {
fin_ = flag.Arg(0)
fout_ = fin_ + ".pcv"
} else {
items := []string{}
for _, v := range flag.Args() {
if strings.Contains(v, "../") || strings.HasPrefix(v, "/") {
fmt.Println("Cannot encrypt outside of current directory.")
return 1
}
matches, err := filepath.Glob(v)
if err != nil {
fmt.Println("Invalid glob pattern(s).")
return 1
}
items = append(items, matches...)
}
files := []string{}
for _, v := range items {
stat, err := os.Stat(v)
if err != nil {
fmt.Println("Cannot access input(s).")
return 1
}
if !stat.IsDir() {
files = append(files, v)
} else {
filepath.Walk(v, func(path string, _ os.FileInfo, _ error) error {
stat, err := os.Stat(path)
if err == nil && !stat.IsDir() {
files = append(files, path)
}
return nil
})
}
}
if len(files) == 0 {
fmt.Println("Nothing to encrypt.")
return 1
}
dir, err := os.Getwd()
if err != nil {
fmt.Println("Cannot get current working directory.")
return 1
}
file, err := os.CreateTemp("", "")
if err != nil {
fmt.Println("Cannot create temporary file.")
return 1
}
writer := zip.NewWriter(file)
for i, path := range files {
stat, err := os.Stat(path)
if err != nil {
continue
}
header, err := zip.FileInfoHeader(stat)
if err != nil {
continue
}
abs, err := filepath.Abs(path)
if err != nil {
continue
}
abs = filepath.ToSlash(abs)
header.Name = strings.TrimPrefix(abs, filepath.ToSlash(dir))
header.Name = strings.TrimPrefix(header.Name, "/")
header.Method = zip.Deflate
entry, err := writer.CreateHeader(header)
if err != nil {
continue
}
fin, err := os.Open(path)
if err != nil {
writer.Close()
file.Close()
os.Remove(file.Name())
fmt.Println("Read access to input(s) denied.")
return 1
}
bar := progressbar.NewOptions(
int(stat.Size()),
progressbar.OptionClearOnFinish(),
progressbar.OptionFullWidth(),
progressbar.OptionShowBytes(true),
progressbar.OptionUseIECUnits(true),
progressbar.OptionSetDescription(
fmt.Sprintf("Compressing [%d/%d]:", i+1, len(files)),
),
)
_, err = io.Copy(io.MultiWriter(entry, bar), fin)
fin.Close()
if err != nil {
writer.Close()
file.Close()
os.Remove(file.Name())
fmt.Println("Insufficient disk space.")
return 1
}
}
writer.Close()
file.Close()
fin_ = file.Name()
fout_ = "encrypted.zip.pcv"
defer os.Remove(file.Name())
}
}
var padded bool
var salt []byte // Argon2 salt, 16 bytes
var hkdfSalt []byte // HKDF-SHA3 salt, 32 bytes
var serpentIV []byte // Serpent IV, 16 bytes
var nonce []byte // 24-byte XChaCha20 nonce
var keyHash []byte // SHA3-512 hash of encryption key
var keyHashRef []byte // Same as 'keyHash', but used for comparison
var authTag []byte // 64-byte authentication tag (BLAKE2b or HMAC-SHA3)
fin, err := os.Open(fin_)
if err != nil {
fmt.Println("Error accessing input file.")
return 1
}
_, err = os.Stat(fout_)
if err == nil {
fmt.Println("Output file already exists.")
return 1
}
fout, err := os.Create(fout_)
if err != nil {
fmt.Println("Error creating output file.")
return 1
}
stat, err := os.Stat(fin_)
if err != nil {
fmt.Println("Error accessing input file.")
return 1
}
total := stat.Size()
if mode == "decrypt" {
total -= 789
}
if mode == "encrypt" {
errs := make([]error, 11)
salt = make([]byte, 16)
hkdfSalt = make([]byte, 32)
serpentIV = make([]byte, 16)
nonce = make([]byte, 24)
_, errs[0] = fout.Write(rsEncode(rs5, []byte("v1.34")))
commentsLength := []byte(fmt.Sprintf("%05d", 0))
_, errs[1] = fout.Write(rsEncode(rs5, commentsLength))
flags := make([]byte, 5)
if *paranoid {
flags[0] = 1
}
if *reedsolo {
flags[3] = 1
}
if total%int64(MiB) >= int64(MiB)-128 {
flags[4] = 1
}
_, errs[3] = fout.Write(rsEncode(rs5, flags))
rand.Read(salt)
rand.Read(hkdfSalt)
rand.Read(serpentIV)
rand.Read(nonce)
_, errs[4] = fout.Write(rsEncode(rs16, salt))
_, errs[5] = fout.Write(rsEncode(rs32, hkdfSalt))
_, errs[6] = fout.Write(rsEncode(rs16, serpentIV))
_, errs[7] = fout.Write(rsEncode(rs24, nonce))
_, errs[8] = fout.Write(make([]byte, 192))
_, errs[9] = fout.Write(make([]byte, 96))
_, errs[10] = fout.Write(make([]byte, 192))
for _, err := range errs {
if err != nil {
fin.Close()
fout.Close()
os.Remove(fout_)
fmt.Println("Insufficient disk space.")
return 1
}
}
} else {
errs := make([]error, 10)
version := make([]byte, 15)
fin.Read(version)
_, errs[0] = rsDecode(rs5, version, !(*fix))
tmp := make([]byte, 15)
fin.Read(tmp)
tmp, errs[1] = rsDecode(rs5, tmp, !(*fix))
commentsLength, _ := strconv.Atoi(string(tmp))
fin.Read(make([]byte, commentsLength*3))
total -= int64(commentsLength) * 3
flags := make([]byte, 15)
fin.Read(flags)
flags, errs[2] = rsDecode(rs5, flags, !(*fix))
*paranoid = flags[0] == 1
*reedsolo = flags[3] == 1
padded = flags[4] == 1
if flags[1] == 1 {
fin.Close()
fout.Close()
os.Remove(fout_)
fmt.Println("Keyfiles are not supported.")
return 1
}
salt = make([]byte, 48)
fin.Read(salt)
salt, errs[3] = rsDecode(rs16, salt, !(*fix))
hkdfSalt = make([]byte, 96)
fin.Read(hkdfSalt)
hkdfSalt, errs[4] = rsDecode(rs32, hkdfSalt, !(*fix))
serpentIV = make([]byte, 48)
fin.Read(serpentIV)
serpentIV, errs[5] = rsDecode(rs16, serpentIV, !(*fix))
nonce = make([]byte, 72)
fin.Read(nonce)
nonce, errs[6] = rsDecode(rs24, nonce, !(*fix))
keyHashRef = make([]byte, 192)
fin.Read(keyHashRef)
keyHashRef, errs[7] = rsDecode(rs64, keyHashRef, !(*fix))
keyfileHashRef := make([]byte, 96)
fin.Read(keyfileHashRef)
_, errs[8] = rsDecode(rs32, keyfileHashRef, !(*fix))
authTag = make([]byte, 192)
fin.Read(authTag)
authTag, errs[9] = rsDecode(rs64, authTag, !(*fix))
for _, err := range errs {
if err != nil {
fin.Close()
fout.Close()
os.Remove(fout_)
fmt.Println("The volume header is damaged.")
return 1
}
}
}
var key []byte
if *paranoid {
key = argon2.IDKey(
password,
salt,
8,
1<<20,
8,
32,
)
} else {
key = argon2.IDKey(
password,
salt,
4,
1<<20,
4,
32,
)
}
tmp := sha3.New512()
tmp.Write(key)
keyHash = tmp.Sum(nil)
if mode == "decrypt" {
if subtle.ConstantTimeCompare(keyHash, keyHashRef) != 1 {
fin.Close()
fout.Close()
os.Remove(fout_)
fmt.Println("Incorrect password.")
return 1
}
}
done, counter := 0, 0
chacha, _ := chacha20.NewUnauthenticatedCipher(key, nonce)
var mac hash.Hash
subkey := make([]byte, 32)
hkdf := hkdf.New(sha3.New256, key, hkdfSalt, nil)
hkdf.Read(subkey)
if *paranoid {
mac = hmac.New(sha3.New512, subkey)
} else {
mac, _ = blake2b.New512(subkey)
}
serpentKey := make([]byte, 32)
hkdf.Read(serpentKey)
s, _ := serpent.NewCipher(serpentKey)
serpent := cipher.NewCTR(s, serpentIV)
bar := progressbar.NewOptions(
int(total),
progressbar.OptionClearOnFinish(),
progressbar.OptionFullWidth(),
progressbar.OptionShowBytes(true),
progressbar.OptionUseIECUnits(true),
progressbar.OptionSetDescription(
(func() string {
if mode == "encrypt" {
return "Encrypting:"
}
return "Decrypting:"
})(),
),
)
for {
var src []byte
if mode == "decrypt" && *reedsolo {
src = make([]byte, MiB/128*136)
} else {
src = make([]byte, MiB)
}
size, err := fin.Read(src)
if err != nil {
break
}
src = src[:size]
dst := make([]byte, len(src))
if mode == "encrypt" {
if *paranoid {
serpent.XORKeyStream(dst, src)
copy(src, dst)
}
chacha.XORKeyStream(dst, src)
mac.Write(dst)
if *reedsolo {
copy(src, dst)
dst = nil
if len(src) == MiB {
for i := 0; i < MiB; i += 128 {
dst = append(dst, rsEncode(rs128, src[i:i+128])...)
}
} else {
chunks := math.Floor(float64(len(src)) / 128)
for i := 0; float64(i) < chunks; i++ {
dst = append(dst, rsEncode(rs128, src[i*128:(i+1)*128])...)
}
dst = append(dst, rsEncode(rs128, pad(src[int(chunks*128):]))...)
}
}
} else {
if *reedsolo {
copy(dst, src)
src = nil
if len(dst) == MiB/128*136 {
for i := 0; i < MiB/128*136; i += 136 {
tmp, err := rsDecode(rs128, dst[i:i+136], !(*fix))
if err != nil {
fin.Close()
fout.Close()
os.Remove(fout_)
fmt.Println("The input file is irrecoverably damaged.")
return 1
}
if i == MiB/128*136-136 && done+MiB/128*136 >= int(total) && padded {
tmp = unpad(tmp)
}
src = append(src, tmp...)
}
} else {
chunks := len(dst)/136 - 1
for i := 0; i < chunks; i++ {
tmp, err := rsDecode(rs128, dst[i*136:(i+1)*136], !(*fix))
if err != nil {
fin.Close()
fout.Close()
os.Remove(fout_)
fmt.Println("The input file is irrecoverably damaged.")
return 1
}
src = append(src, tmp...)
}
tmp, err := rsDecode(rs128, dst[int(chunks)*136:], !(*fix))
if err != nil {
fin.Close()
fout.Close()
os.Remove(fout_)
fmt.Println("The input file is irrecoverably damaged.")
return 1
}
src = append(src, unpad(tmp)...)
}
dst = make([]byte, len(src))
}
mac.Write(src)
chacha.XORKeyStream(dst, src)
if *paranoid {
copy(src, dst)
serpent.XORKeyStream(dst, src)
}
}
_, err = fout.Write(dst)
if err != nil {
fin.Close()
fout.Close()
os.Remove(fout_)
fmt.Println("Insufficient disk space.")
return 1
}
if mode == "decrypt" && *reedsolo {
done += MiB / 128 * 136
} else {
done += MiB
}
bar.Set(done)
if counter >= 60*GiB {
nonce = make([]byte, 24)
hkdf.Read(nonce)
chacha, _ = chacha20.NewUnauthenticatedCipher(key, nonce)
serpentIV = make([]byte, 16)
hkdf.Read(serpentIV)
serpent = cipher.NewCTR(s, serpentIV)
counter = 0
}
}
bar.Set64(total)
if mode == "encrypt" {
fout.Seek(int64(309+0*3), 0)
fout.Write(rsEncode(rs64, keyHash))
fout.Write(rsEncode(rs32, make([]byte, 32)))
fout.Write(rsEncode(rs64, mac.Sum(nil)))
} else {
if subtle.ConstantTimeCompare(mac.Sum(nil), authTag) != 1 {
fin.Close()
fout.Close()
os.Remove(fout_)
fmt.Println("\nThe input volume is damaged or modified.")
if *reedsolo {
if !(*fix) {
fmt.Println("Fortunately, this volume is encoded with Reed-Solomon.")
fmt.Println("Try again using the '-f' flag to repair the corruption.")
} else {
fmt.Println("The corruption could not be fixed with Reed-Solomon.")
}
}
return 1
}
}
fin.Close()
fout.Close()
fmt.Println("\nCompleted.")
return 0
}
func main() {
os.Exit(work())
}