Re: [dm-crypt] cryptsetup Yubikey challenge-response support

From: Dan Farrell <djfarrell@gmail.com>
To: Milan Broz <gmazyland@gmail.com>
Cc: JT Moree <moreejt@yahoo.com>, dm-crypt <dm-crypt@saout.de>
Subject: Re: [dm-crypt] cryptsetup Yubikey challenge-response support
Date: Tue, 14 Apr 2020 23:37:12 -0700	[thread overview]
Message-ID: <CAKO8emYr9z7Yk8A09H7YKFaLqG+=BgGCdBbnzOMmT+8bLqvRMg@mail.gmail.com> (raw)
In-Reply-To: <6114e747-a8cd-c0c6-ccc8-7f666f04d32b@gmail.com>

[-- Attachment #1: Type: text/plain, Size: 606 bytes --]

Hi Milan,

I can code ugly just watch!

On Sat, 11 Apr 2020 at 09:12, Milan Broz <gmazyland@gmail.com> wrote:
> For the upstream cryptsetup, I will strictly reject all contributions that
> are distro-specific or introduces direct binding to any hw libraries into
> cryptsetup core (either open-source or proprietary).

Please take a look at the attached, feel to poke fun at it, it is
terrible for all of the reasons.

But, if something that did what is achieved in this patch was done
properly, would it be even possible to get it merged?

Hopefully the attachment comes through...

Regards,

Dan Farrell

[-- Attachment #2: 0001-utils_password-add-external-password-helper.patch --]
[-- Type: text/x-patch, Size: 4660 bytes --]

From d02cac64caae1b1bd5e7b0d4e8841d525a0dda61 Mon Sep 17 00:00:00 2001
From: djfarrell <djfarrell@gmail.com>
Date: Tue, 14 Apr 2020 23:29:11 -0700
Subject: [PATCH] utils_password: add external password helper

This change is hacky and horrible, used only for science of the
bad kind.

Adds method for gathering password from external helper program.

Tested with basic helper.

Signed-off-by: djfarrell <djfarrell@gmail.com>
---
 src/cryptsetup.c     |  1 +
 src/cryptsetup.h     |  1 +
 src/utils_password.c | 59 ++++++++++++++++++++++++++++++++++++++++++--
 3 files changed, 59 insertions(+), 2 deletions(-)

diff --git a/src/cryptsetup.c b/src/cryptsetup.c
index 6a0d8ef9..3a78864d 100644
--- a/src/cryptsetup.c
+++ b/src/cryptsetup.c
@@ -3448,6 +3448,7 @@ int main(int argc, const char **argv)
 		{ "veracrypt-query-pim", '\0', POPT_ARG_NONE, &opt_veracrypt_query_pim, 0, N_("Query Personal Iteration Multiplier for VeraCrypt compatible device"), NULL },
 		{ "type",               'M', POPT_ARG_STRING, &opt_type,                0, N_("Type of device metadata: luks, luks1, luks2, plain, loopaes, tcrypt, bitlk"), NULL },
 		{ "force-password",    '\0', POPT_ARG_NONE, &opt_force_password,        0, N_("Disable password quality check (if enabled)"), NULL },
+		{ "password-helper",   '\0', POPT_ARG_STRING, &opt_password_helper,     0, N_("Launch passowrd helper to get password"), NULL },
 		{ "perf-same_cpu_crypt",'\0', POPT_ARG_NONE, &opt_perf_same_cpu_crypt,  0, N_("Use dm-crypt same_cpu_crypt performance compatibility option"), NULL },
 		{ "perf-submit_from_crypt_cpus",'\0', POPT_ARG_NONE, &opt_perf_submit_from_crypt_cpus,0,N_("Use dm-crypt submit_from_crypt_cpus performance compatibility option"), NULL },
 		{ "deferred",          '\0', POPT_ARG_NONE, &opt_deferred_remove,       0, N_("Device removal is deferred until the last user closes it"), NULL },
diff --git a/src/cryptsetup.h b/src/cryptsetup.h
index 1afcf433..e799855f 100644
--- a/src/cryptsetup.h
+++ b/src/cryptsetup.h
@@ -62,6 +62,7 @@ extern int opt_verbose;
 extern int opt_batch_mode;
 extern int opt_force_password;
 extern int opt_progress_frequency;
+extern char *opt_password_helper;
 
 /* Common tools */
 void clogger(struct crypt_device *cd, int level, const char *file, int line,
diff --git a/src/utils_password.c b/src/utils_password.c
index 55c1343f..fbbf9563 100644
--- a/src/utils_password.c
+++ b/src/utils_password.c
@@ -23,6 +23,7 @@
 #include <termios.h>
 
 int opt_force_password = 0;
+char *opt_password_helper = NULL;
 
 #if defined ENABLE_PWQUALITY
 #include <pwquality.h>
@@ -102,6 +103,7 @@ static int untimed_read(int fd, char *pass, size_t maxlen)
 	i = read(fd, pass, maxlen);
 	if (i > 0) {
 		pass[i-1] = '\0';
+		printf("%s\n", pass);
 		i = 0;
 	} else if (i == 0) { /* EOF */
 		*pass = 0;
@@ -127,6 +129,53 @@ static int timed_read(int fd, char *pass, size_t maxlen, long timeout)
 	return failed;
 }
 
+static int timed_read_with_helper(int fd, char *pass, size_t maxlen, long timeout)
+{
+	struct timeval t, *pt;
+	fd_set fds = {}; /* Just to avoid scan-build false report for FD_SET */
+	int failed = -1;
+	FILE *phelper = popen(opt_password_helper, "r");
+	int phelper_fd = -1;
+	int maxfd = fd;
+	int nfds = 0;
+
+	FD_ZERO(&fds);
+	FD_SET(fd, &fds);
+
+	if (timeout > 0) {
+		t.tv_sec = timeout;
+		t.tv_usec = 0;
+		pt = &t;
+	} else {
+		pt = NULL;
+	}
+
+	if (phelper) {
+		printf("have phelper\n");
+		phelper_fd = fileno(phelper);
+		if (phelper_fd > maxfd)
+			maxfd = phelper_fd;
+		FD_SET(phelper_fd, &fds);
+	}
+
+
+	nfds = select(maxfd+1, &fds, NULL, NULL, pt);
+	if (nfds == 2 || FD_ISSET(fd, &fds))
+		failed = untimed_read(fd, pass, maxlen);
+	else if (nfds == 1)
+		failed = untimed_read(phelper_fd, pass, maxlen);
+
+	if (phelper)
+		pclose(phelper);
+
+	return failed;
+}
+
+static int untimed_read_with_helper(int fd, char *pass, size_t maxlen)
+{
+	return timed_read_with_helper(fd, pass, maxlen, -1);
+}
+
 static int interactive_pass(const char *prompt, char *pass, size_t maxlen,
 		long timeout)
 {
@@ -156,9 +205,15 @@ static int interactive_pass(const char *prompt, char *pass, size_t maxlen,
 
 	tcsetattr(infd, TCSAFLUSH, &tmp);
 	if (timeout)
-		failed = timed_read(infd, pass, maxlen, timeout);
+		if (!opt_password_helper)
+			failed = timed_read(infd, pass, maxlen, timeout);
+		else
+			failed = timed_read_with_helper(infd, pass, maxlen, timeout);
 	else
-		failed = untimed_read(infd, pass, maxlen);
+		if (!opt_password_helper)
+			failed = untimed_read(infd, pass, maxlen);
+		else
+			failed = untimed_read_with_helper(infd, pass, maxlen);
 	tcsetattr(infd, TCSAFLUSH, &orig);
 
 out_err:
-- 
2.25.2

