From: Sergey Matveev Date: Fri, 24 Jan 2025 13:33:17 +0000 (+0300) Subject: Ability to get bind value conveniently X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=af18c920daecdb3db7257a691ffd4dfbfc1592d46adb11cf5bd6b29dea331da3;p=keks.git Ability to get bind value conveniently --- diff --git a/go/pki/cmd/enctool/main.go b/go/pki/cmd/enctool/main.go index 25a2b31..0d6d7da 100644 --- a/go/pki/cmd/enctool/main.go +++ b/go/pki/cmd/enctool/main.go @@ -45,6 +45,8 @@ const ( BalloonSaltLen = 8 BalloonHKDFSalt = "keks/pki/encrypted/balloon-blake2b-hkdf" SNTRUP4591761X25519Salt = "keks/pki/encrypted/sntrup4591761-x25519-hkdf-blake2b" + + BindFdNum = 3 + 1 ) type BalloonCost struct { @@ -181,6 +183,10 @@ func main() { if encrypted.Bind == uuid.Nil { log.Fatalln("unll bind") } + if bindFd := os.NewFile(BindFdNum, "bind"); bindFd != nil { + bindFd.WriteString(encrypted.Bind.String() + "\n") + bindFd.Close() + } if encrypted.DEM.A != pki.ChaCha20Poly1305 { log.Fatalln("unsupported DEM:", encrypted.DEM.A) } @@ -305,6 +311,10 @@ func main() { if err != nil { log.Fatal(err) } + if bindFd := os.NewFile(BindFdNum, "bind"); bindFd != nil { + bindFd.WriteString(binding.String() + "\n") + bindFd.Close() + } var kems []KEM cek = make([]byte, chacha20poly1305.KeySize) _, err = io.ReadFull(rand.Reader, cek) diff --git a/go/pki/cmd/enctool/usage.go b/go/pki/cmd/enctool/usage.go index 360254e..520d899 100644 --- a/go/pki/cmd/enctool/usage.go +++ b/go/pki/cmd/enctool/usage.go @@ -24,12 +24,12 @@ import ( func usage() { fmt.Fprintf(os.Stderr, `Usage: Encrypt to recipient: - enctool -cer CER [-include-to] [-bind UUID] DATA.encrypted + enctool -cer CER [-include-to] [-bind UUID] DATA.encrypted [4>bind.value] Encrypt on passphrase: - enctool -p [-bind UUID] DATA.encrypted + enctool -p [-bind UUID] DATA.encrypted [4>bind.value] [-balloon-s X] [-balloon-t X] [-balloon-p X] Decrypt by providing possible KEMs: - enctool -d [-p] [-prv PRV ...] DATA + enctool -d [-p] [-prv PRV ...] DATA [4>bind.value] `) flag.PrintDefaults()