diff options
author | Rob Austein <sra@hactrn.net> | 2016-05-25 21:40:18 -0400 |
---|---|---|
committer | Rob Austein <sra@hactrn.net> | 2016-05-25 21:40:18 -0400 |
commit | 083d01731ffebb348c749ad6ccdb0256571835c7 (patch) | |
tree | f883802139fa0938cfcb6784201dad80fd9e64fa /utils | |
parent | ce4d1c7a8103be09bcee64b055408a901d068c34 (diff) |
Start cleaning up PIN code.
Diffstat (limited to 'utils')
-rwxr-xr-x | utils/last_gasp_default_pin | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/utils/last_gasp_default_pin b/utils/last_gasp_default_pin new file mode 100755 index 0000000..e0d9839 --- /dev/null +++ b/utils/last_gasp_default_pin @@ -0,0 +1,86 @@ +#!/usr/bin/env python + +""" +Somewhere, the HSM has to have a last-gasp default PIN, even if it's +only the null string, because there has to be **some** way to +initialize the poor thing. Absent a better plan (feel free to +suggest one!), this last-gasp default is compiled in. + +The normal value of this last-gasp PIN is deliberately chosen to be +annoying, so that people will change it, but since the derevation +requires running PBKDF2 and you might want a different default if +you're compiling this for yourself, we provide the script that +generates the default. +""" + +# Author: Rob Austein +# Copyright (c) 2016, NORDUnet A/S +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# - Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# +# - Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# - Neither the name of the NORDUnet nor the names of its contributors may +# be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS +# IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A +# PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED +# TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR +# PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF +# LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING +# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +from argparse import ArgumentParser, ArgumentDefaultsHelpFormatter +from os import urandom +from Crypto.Protocol.KDF import PBKDF2 +from Crypto.Hash import SHA256, HMAC + +parser = ArgumentParser(description = __doc__, formatter_class = ArgumentDefaultsHelpFormatter) +parser.add_argument("-p", "--pin", + default = "YouReallyNeedToChangeThisPINRightNowWeAreNotKidding", + help = "PIN plaintext before PBKDF2 processing") +parser.add_argument("-i", "--iterations", + type = int, + default = 100000, + help = "PBKDF2 iteration count") +args = parser.parse_args() + +def HMAC_SHA256(pin, salt): + return HMAC.new(pin, salt, SHA256).digest() + +def hexify(value): + return ", ".join("0x%02x" % ord(v) for v in value) + +salt = urandom(16) + +pin = PBKDF2(password = args.pin, + salt = salt, + dkLen = 32, + count = args.iterations, + prf = HMAC_SHA256) + +print '''\ +/* + * Automatically generated by a script, do not edit. + */ + +static const hal_ks_pin_t hal_last_gasp_pin = {{ + {iterations}, + {{{pin}}}, + {{{salt}}} +}};'''.format(iterations = args.iterations, + pin = hexify(pin), + salt = hexify(salt)) |