generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Make salting the default. Fail gracefully if the input is not salted.

Browse Source
This commit is contained in:
Ben Laurie 1999-11-30 20:15:19 +00:00
parent 5f2f0b5596
commit fea9afbfc7
2 changed files with 22 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -4,6 +4,12 @@
Changes between 0.9.4 and 0.9.5 [xx XXX 1999] Changes between 0.9.4 and 0.9.5 [xx XXX 1999]
*) Modify enc utility's salting as follows: make salting the default. Add a
magic header, so unsalted files fail gracefully instead of just decrypting
to garbage. This is because not salting is a big security hole, so people
should be discouraged from doing it.
[Ben Laurie]
*) Fixes and enhancements to the 'x509' utility. It allowed a message *) Fixes and enhancements to the 'x509' utility. It allowed a message
digest to be passed on the command line but it only used this digest to be passed on the command line but it only used this
parameter when signing a certificate. Modified so all relevant parameter when signing a certificate. Modified so all relevant

17
apps/enc.c
View File

@ -82,6 +82,8 @@ int set_hex(char *in,unsigned char *out,int size);
int MAIN(int argc, char **argv) int MAIN(int argc, char **argv)
{ {
static const char magic[]="Salted__";
char mbuf[8]; /* should be 1 smaller than magic */
char *strbuf=NULL; char *strbuf=NULL;
unsigned char *buff=NULL,*bufsize=NULL; unsigned char *buff=NULL,*bufsize=NULL;
int bsize=BSIZE,verbose=0; int bsize=BSIZE,verbose=0;
@ -91,7 +93,7 @@ int MAIN(int argc, char **argv)
char *str=NULL; char *str=NULL;
char *hkey=NULL,*hiv=NULL,*hsalt = NULL; char *hkey=NULL,*hiv=NULL,*hsalt = NULL;
int enc=1,printkey=0,i,base64=0; int enc=1,printkey=0,i,base64=0;
int debug=0,olb64=0,nosalt=1; int debug=0,olb64=0,nosalt=0;
const EVP_CIPHER *cipher=NULL,*c; const EVP_CIPHER *cipher=NULL,*c;
char *inf=NULL,*outf=NULL; char *inf=NULL,*outf=NULL;
BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
@ -448,17 +450,26 @@ bad:
} }
} else RAND_bytes(salt, PKCS5_SALT_LEN); } else RAND_bytes(salt, PKCS5_SALT_LEN);
/* If -P option then don't bother writing */ /* If -P option then don't bother writing */
if((printkey != 2) && (BIO_write(wbio, if((printkey != 2)
&& (BIO_write(wbio,magic,
sizeof magic-1) != sizeof magic-1
|| BIO_write(wbio,
(char *)salt, (char *)salt,
PKCS5_SALT_LEN) != PKCS5_SALT_LEN)) { PKCS5_SALT_LEN) != PKCS5_SALT_LEN)) {
BIO_printf(bio_err,"error writing output file\n"); BIO_printf(bio_err,"error writing output file\n");
goto end; goto end;
} }
} else if(BIO_read(rbio, (unsigned char *)salt, } else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf
|| BIO_read(rbio,
(unsigned char *)salt,
PKCS5_SALT_LEN) != PKCS5_SALT_LEN) { PKCS5_SALT_LEN) != PKCS5_SALT_LEN) {
BIO_printf(bio_err,"error reading input file\n"); BIO_printf(bio_err,"error reading input file\n");
goto end; goto end;
} else if(memcmp(mbuf,magic,sizeof magic-1)) {
BIO_printf(bio_err,"bad magic number\n");
goto end;
} }
sptr = salt; sptr = salt;
} }