Re: [9fans] Hmm, где secstore на KFS?

[Eric Grosse <ehg@research.bell-labs.com>]

Здесь!    sources /sys/src/cmd/auth/secstore/aescbc.c

Dan,

I recommend against a local encrypted file as a substitute
for secstore, because then the thief can perform an offline
dictionary attack.

But you're the second person today to ask for this, so I bow
to the desires of my users and offer a revised aescbc on
sources that prompts for a password.  It's only about a five
line change.  Add to your lib/profile
  auth/aescbc -d < factotum.aes | read -m > /mnt/factotum/ctl

Be sure to choose a password with plenty of entropy.  Since
distributed.net just cracked another 64-bit challenge, you
might take the advice of experts and use 90 bits, i.e. seven
diceware words.

In this version, getpasswd() is called directly.  The idea
in your post of using auth_getkey() is slick, but leaves the
password in factotum.  With proto=pass, any other process
could come along later and read the password.

If people are going to start using this for encrypting such
sensitive material, likely subject to attack, I would
welcome more eyes looking over aescbc.c for cryptographic
flaws.  As far as I know it is reasonably state of the art,
avoiding some mistakes of other encrypted file formats, but
crypto is subtle and anything new is justifiably suspect.

Eric