Obfuscate auth-source memory contents even more

* lisp/auth-source.el (auth-source--deobfuscate): Use more obfuscated obfuscation (bug#37196). (auth-source--pad, auth-source--obfuscate) (auth-source-netrc-normalize): Use it. (auth-source-netrc-parse): Ditto.
author: Lars Ingebrigtsen 2019-09-20 22:10:47 +0200
committer: Lars Ingebrigtsen 2019-09-20 22:10:52 +0200
commit: 46b49d9ece4ef6a14d661abd261d9cbeff1f237b (patch)
tree: 3e0bdc9e949808e5f58c454d0d7be810397b4ebf
parent: a420f13155b71b68b964a51ff326ccdf441c2811 (diff)
download: emacs-46b49d9ece4ef6a14d661abd261d9cbeff1f237b.tar.gz
emacs-46b49d9ece4ef6a14d661abd261d9cbeff1f237b.zip
1 files changed, 48 insertions, 8 deletions
diff --git a/lisp/auth-source.el b/lisp/auth-source.el
index 83ed90a87f2..a049e05e4d8 100644
--- a/lisp/auth-source.el
+++ b/lisp/auth-source.el
@@ -956,14 +956,13 @@ Note that the MAX parameter is used so we can exit the parse early."
                (insert (funcall cached-secrets)))
            (insert-file-contents file)
            ;; cache all netrc files (used to be just .gpg files)
-            ;; Store the contents of the file heavily encrypted in memory.
+            ;; Store the contents of the file obfuscated in memory.
-            ;; (note for the irony-impaired: they are just obfuscated)
            (auth-source--aput
             auth-source-netrc-cache file
             (list :mtime (file-attribute-modification-time
                           (file-attributes file))
-                   :secret (let ((v (mapcar #'1+ (buffer-string))))
+                   :secret (let ((v (auth-source--obfuscate (buffer-string))))
-                             (lambda () (apply #'string (mapcar #'1- v)))))))
+                             (lambda () (auth-source--deobfuscate v))))))
          (goto-char (point-min))
          (let ((entries (auth-source-netrc-parse-entries check max))
                alist)
@@ -1138,7 +1137,7 @@ FILE is the file from which we obtained this token."
                  ;; showing the passwords in clear text in backtraces
                  ;; and the like.
                  (when (equal k "secret")
-                    (setq v (let ((lexv (mapcar #'1+ v))
+                    (setq v (let ((lexv (auth-source--obfuscate v))
                                  (token-decoder nil))
                              (when (string-match "^gpg:" v)
                                ;; it's a GPG token: create a token decoder
@@ -1153,15 +1152,56 @@ FILE is the file from which we obtained this token."
                              (lambda ()
                                (if token-decoder
                                    (funcall token-decoder
-                                             (apply #'string
+                                             (auth-source--deobfuscate lexv))
-                                                    (mapcar #'1- lexv)))
+                                  (auth-source--deobfuscate lexv))))))
-                                  (apply #'string (mapcar #'1- lexv)))))))
                  (setq ret (plist-put ret
                                       (auth-source--symbol-keyword k)
                                       v))))
              ret))
          alist))
+;; Never change this variable.
+(defvar auth-source--session-nonce nil)
+(defun auth-source--obfuscate (string)
+  (unless auth-source--session-nonce
+    (setq auth-source--session-nonce
+          (apply #'string (cl-loop repeat 10
+                                   collect (random 128)))))
+  (if (fboundp 'gnutls-symmetric-encrypt)
+      (let ((cdata (car (last (gnutls-ciphers)))))
+        (mapconcat
+         #'base64-encode-string
+         (append
+          (list (format "%d" (length string)))
+          (gnutls-symmetric-encrypt
+           (pop cdata)
+           (auth-source--pad auth-source--session-nonce
+                             (plist-get cdata :cipher-keysize))
+           (list 'iv-auto (plist-get cdata :cipher-ivsize))
+           (auth-source--pad string (plist-get cdata :cipher-blocksize))))
+         "-"))
+    (mapcar #'1- string)))
+(defun auth-source--pad (s length)
+  "Pad string S to a modulo of LENGTH."
+  (concat s (make-string (- length (mod (length s) length)) ?\0)))
+(defun auth-source--deobfuscate (data)
+  (if (fboundp 'gnutls-symmetric-encrypt)
+      (let ((cdata (car (last (gnutls-ciphers))))
+            (bits (split-string data "-")))
+        (substring
+         (car
+          (gnutls-symmetric-decrypt
+           (pop cdata)
+           (auth-source--pad auth-source--session-nonce
+                             (plist-get cdata :cipher-keysize))
+           (base64-decode-string (caddr bits))
+           (base64-decode-string (cadr bits))))
+         0 (string-to-number (base64-decode-string (car bits)))))
+    (apply #'string (mapcar #'1+ data))))
 (cl-defun auth-source-netrc-search (&rest spec
                                    &key backend require create
                                    type max host user port
author	Lars Ingebrigtsen	2019-09-20 22:10:47 +0200
committer	Lars Ingebrigtsen	2019-09-20 22:10:52 +0200
commit	46b49d9ece4ef6a14d661abd261d9cbeff1f237b (patch)
tree	3e0bdc9e949808e5f58c454d0d7be810397b4ebf
parent	a420f13155b71b68b964a51ff326ccdf441c2811 (diff)
download	emacs-46b49d9ece4ef6a14d661abd261d9cbeff1f237b.tar.gz emacs-46b49d9ece4ef6a14d661abd261d9cbeff1f237b.zip

diff --git a/lisp/auth-source.el b/lisp/auth-source.el index 83ed90a87f2..a049e05e4d8 100644 --- a/lisp/auth-source.el +++ b/lisp/auth-source.el
@@ -956,14 +956,13 @@ Note that the MAX parameter is used so we can exit the parse early."
956	(insert (funcall cached-secrets)))	956	(insert (funcall cached-secrets)))
957	(insert-file-contents file)	957	(insert-file-contents file)
958	;; cache all netrc files (used to be just .gpg files)	958	;; cache all netrc files (used to be just .gpg files)
959	;; Store the contents of the file heavily encrypted in memory.	959	;; Store the contents of the file obfuscated in memory.
960	;; (note for the irony-impaired: they are just obfuscated)
961	(auth-source--aput	960	(auth-source--aput
962	auth-source-netrc-cache file	961	auth-source-netrc-cache file
963	(list :mtime (file-attribute-modification-time	962	(list :mtime (file-attribute-modification-time
964	(file-attributes file))	963	(file-attributes file))
965	:secret (let ((v (mapcar #'1+ (buffer-string))))	964	:secret (let ((v (auth-source--obfuscate (buffer-string))))
966	(lambda () (apply #'string (mapcar #'1- v)))))))	965	(lambda () (auth-source--deobfuscate v))))))
967	(goto-char (point-min))	966	(goto-char (point-min))
968	(let ((entries (auth-source-netrc-parse-entries check max))	967	(let ((entries (auth-source-netrc-parse-entries check max))
969	alist)	968	alist)
@@ -1138,7 +1137,7 @@ FILE is the file from which we obtained this token."
1138	;; showing the passwords in clear text in backtraces	1137	;; showing the passwords in clear text in backtraces
1139	;; and the like.	1138	;; and the like.
1140	(when (equal k "secret")	1139	(when (equal k "secret")
1141	(setq v (let ((lexv (mapcar #'1+ v))	1140	(setq v (let ((lexv (auth-source--obfuscate v))
1142	(token-decoder nil))	1141	(token-decoder nil))
1143	(when (string-match "^gpg:" v)	1142	(when (string-match "^gpg:" v)
1144	;; it's a GPG token: create a token decoder	1143	;; it's a GPG token: create a token decoder
@@ -1153,15 +1152,56 @@ FILE is the file from which we obtained this token."
1153	(lambda ()	1152	(lambda ()
1154	(if token-decoder	1153	(if token-decoder
1155	(funcall token-decoder	1154	(funcall token-decoder
1156	(apply #'string	1155	(auth-source--deobfuscate lexv))
1157	(mapcar #'1- lexv)))	1156	(auth-source--deobfuscate lexv))))))
1158	(apply #'string (mapcar #'1- lexv)))))))
1159	(setq ret (plist-put ret	1157	(setq ret (plist-put ret
1160	(auth-source--symbol-keyword k)	1158	(auth-source--symbol-keyword k)
1161	v))))	1159	v))))
1162	ret))	1160	ret))
1163	alist))	1161	alist))
1164		1162
		1163	;; Never change this variable.
		1164	(defvar auth-source--session-nonce nil)
		1165
		1166	(defun auth-source--obfuscate (string)
		1167	(unless auth-source--session-nonce
		1168	(setq auth-source--session-nonce
		1169	(apply #'string (cl-loop repeat 10
		1170	collect (random 128)))))
		1171	(if (fboundp 'gnutls-symmetric-encrypt)
		1172	(let ((cdata (car (last (gnutls-ciphers)))))
		1173	(mapconcat
		1174	#'base64-encode-string
		1175	(append
		1176	(list (format "%d" (length string)))
		1177	(gnutls-symmetric-encrypt
		1178	(pop cdata)
		1179	(auth-source--pad auth-source--session-nonce
		1180	(plist-get cdata :cipher-keysize))
		1181	(list 'iv-auto (plist-get cdata :cipher-ivsize))
		1182	(auth-source--pad string (plist-get cdata :cipher-blocksize))))
		1183	"-"))
		1184	(mapcar #'1- string)))
		1185
		1186	(defun auth-source--pad (s length)
		1187	"Pad string S to a modulo of LENGTH."
		1188	(concat s (make-string (- length (mod (length s) length)) ?\0)))
		1189
		1190	(defun auth-source--deobfuscate (data)
		1191	(if (fboundp 'gnutls-symmetric-encrypt)
		1192	(let ((cdata (car (last (gnutls-ciphers))))
		1193	(bits (split-string data "-")))
		1194	(substring
		1195	(car
		1196	(gnutls-symmetric-decrypt
		1197	(pop cdata)
		1198	(auth-source--pad auth-source--session-nonce
		1199	(plist-get cdata :cipher-keysize))
		1200	(base64-decode-string (caddr bits))
		1201	(base64-decode-string (cadr bits))))
		1202	0 (string-to-number (base64-decode-string (car bits)))))
		1203	(apply #'string (mapcar #'1+ data))))
		1204
1165	(cl-defun auth-source-netrc-search (&rest spec	1205	(cl-defun auth-source-netrc-search (&rest spec
1166	&key backend require create	1206	&key backend require create
1167	type max host user port	1207	type max host user port