From 14d584e3302a4b4984a9e051dd403e3896058aba Mon Sep 17 00:00:00 2001 From: trivernis Date: Sat, 15 Feb 2020 13:25:05 +0100 Subject: [PATCH] Add masked password input and hash - Add password input that doesn't print the password - Change the password to be hashed with sha512_256 to a 32 byte slice --- cryptpng.go | 31 ++++++++++++++++++++----------- go.mod | 2 ++ go.sum | 8 ++++++++ 3 files changed, 30 insertions(+), 11 deletions(-) create mode 100644 go.sum diff --git a/cryptpng.go b/cryptpng.go index 4376bc8..20efd3f 100644 --- a/cryptpng.go +++ b/cryptpng.go @@ -1,10 +1,10 @@ package main import ( - "bufio" "crypto/aes" "crypto/cipher" "crypto/rand" + "crypto/sha512" "encoding/base64" "errors" "flag" @@ -13,6 +13,9 @@ import ( "io/ioutil" "log" "os" + "syscall" + + "golang.org/x/crypto/ssh/terminal" ) func check(err error) { @@ -79,6 +82,9 @@ func DecryptDataPng(f *os.File, fout *os.File) { cryptChunk := png.GetChunk(chunkName) if cryptChunk != nil { data, err := decryptData(cryptChunk.data) + if err != nil { + log.Println("\nThe provided password is probably incorrect.") + } check(err) _, err = fout.Write(data) check(err) @@ -89,23 +95,26 @@ func DecryptDataPng(f *os.File, fout *os.File) { // creates an encrypted png chunk func encryptData(data []byte) ([]byte, error) { - reader := bufio.NewReader(os.Stdin) - fmt.Print("Password: ") - pw, _ := reader.ReadString('\n') - key := make([]byte, 32 - len(pw)) - key = append(key, []byte(pw)...) + key := readPassword() return encrypt(key, data) } func decryptData(data []byte) ([]byte, error) { - reader := bufio.NewReader(os.Stdin) - fmt.Print("Password: ") - pw, _ := reader.ReadString('\n') - key := make([]byte, 32 - len(pw)) - key = append(key, []byte(pw)...) + key := readPassword() return decrypt(key, data) } +// reads a password from the terminal +// turns off the input for the typing of the password +func readPassword() []byte { + fmt.Print("Password: ") + bytePw, err := terminal.ReadPassword(int(syscall.Stdin)) + check(err) + hash := sha512.New512_256() + hash.Write(bytePw) + return hash.Sum(nil) +} + // encrypt and decrypt functions taken from // https://stackoverflow.com/questions/18817336/golang-encrypting-a-string-with-aes-and-base64 diff --git a/go.mod b/go.mod index 6e84974..63a5d47 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,5 @@ module github.com/trivernis/cryptpng go 1.13 + +require golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6 diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..d5514fc --- /dev/null +++ b/go.sum @@ -0,0 +1,8 @@ +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6 h1:Sy5bstxEqwwbYs6n0/pBuxKENqOeZUgD45Gp3Q3pqLg= +golang.org/x/crypto v0.0.0-20200214034016-1d94cc7ab1c6/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d h1:+R4KGOnez64A81RvjARKc4UT5/tI9ujCIVX+P5KiHuI= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=