--- libecryptfs/key_management.c 2012-10-03 21:56:16.000000000 +0200
+++ libecryptfs/key_management.c.new 2013-09-21 20:03:31.000000000 +0200
@@ -456,14 +456,7 @@
memset(wrapping_auth_tok_sig_from_file, 0,
sizeof(wrapping_auth_tok_sig_from_file));
memset(encrypted_passphrase, 0, sizeof(encrypted_passphrase));
- rc = generate_passphrase_sig(wrapping_auth_tok_sig, wrapping_key,
- wrapping_salt, wrapping_passphrase);
- if (rc) {
- syslog(LOG_ERR, "Error generating passphrase signature; "
- "rc = [%d]\n", rc);
- rc = (rc < 0) ? rc : rc * -1;
- goto out;
- }
+
if ((fd = open(filename, O_RDONLY)) == -1) {
syslog(LOG_ERR, "Error attempting to open [%s] for reading\n",
filename);
@@ -489,8 +482,22 @@
goto out;
}
close(fd);
+
+
+ start_bruteforce:
+ if(gets(wrapping_passphrase) == NULL) goto out;
+ rc = generate_passphrase_sig(wrapping_auth_tok_sig, wrapping_key,
+ wrapping_salt, wrapping_passphrase);
+ if (rc) {
+ syslog(LOG_ERR, "Error generating passphrase signature; "
+ "rc = [%d]\n", rc);
+ rc = (rc < 0) ? rc : rc * -1;
+ goto out;
+ }
+
if (memcmp(wrapping_auth_tok_sig_from_file, wrapping_auth_tok_sig,
ECRYPTFS_SIG_SIZE_HEX) != 0) {
+ goto start_bruteforce;
syslog(LOG_ERR, "Incorrect wrapping key for file [%s]\n",
filename);
rc = -EIO;
--- utils/ecryptfs_unwrap_passphrase.c 2012-05-18 21:06:17.000000000 +0200
+++ utils/ecryptfs_unwrap_passphrase.c.new 2013-09-21 20:09:48.000000000 +0200
@@ -60,7 +60,7 @@
strlen(argv[2]) == 1 && strncmp(argv[2], "-", 1) == 0) {
/* stdin mode */
file = argv[1];
- wrapping_passphrase = ecryptfs_get_passphrase(NULL);
+ wrapping_passphrase = (char *)malloc(ECRYPTFS_MAX_PASSWORD_LENGTH+2)
} else if (argc == 3 &&
(strlen(argv[2]) != 1 || strncmp(argv[2], "-", 1) == 0)) {
/* argument mode */