[openssl] master update
Matt Caswell
matt at openssl.org
Thu May 6 10:40:27 UTC 2021
The branch master has been updated
via b86fa8c55682169c88e14e616170d6caeb208865 (commit)
via c4c8791e145a7cb2d59e73410505e36e4d57ff78 (commit)
from a35536b52d91d02cbfeef22d1373a92252d19d62 (commit)
- Log -----------------------------------------------------------------
commit b86fa8c55682169c88e14e616170d6caeb208865
Author: EasySec <easy.sec at free.fr>
Date: Tue May 4 00:24:24 2021 +0200
try to document changes in salt handling for the 'enc' command
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4486)
commit c4c8791e145a7cb2d59e73410505e36e4d57ff78
Author: EasySec <easy.sec at free.fr>
Date: Sat Dec 30 16:19:47 2017 +0100
change salt handling, way 1
Reviewed-by: Tomas Mraz <tomas at openssl.org>
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4486)
-----------------------------------------------------------------------
Summary of changes:
apps/enc.c | 74 +++++++++++++++++++++++++--------------------
doc/man1/openssl-enc.pod.in | 10 ++++--
2 files changed, 48 insertions(+), 36 deletions(-)
diff --git a/apps/enc.c b/apps/enc.c
index 4339ba4114..32ed08d943 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -429,14 +429,11 @@ int enc_main(int argc, char **argv)
}
if (cipher != NULL) {
- /*
- * Note that str is NULL if a key was passed on the command line, so
- * we get no salt in that case. Is this a bug?
- */
- if (str != NULL) {
+ if (str != NULL) { /* a passphrase is available */
/*
- * Salt handling: if encrypting generate a salt and write to
- * output BIO. If decrypting read salt from input BIO.
+ * Salt handling: if encrypting generate a salt if not supplied,
+ * and write to output BIO. If decrypting use salt from input BIO
+ * if not given with args
*/
unsigned char *sptr;
size_t str_len = strlen(str);
@@ -444,36 +441,47 @@ int enc_main(int argc, char **argv)
if (nosalt) {
sptr = NULL;
} else {
- if (enc) {
- if (hsalt) {
- if (!set_hex(hsalt, salt, sizeof(salt))) {
- BIO_printf(bio_err, "invalid hex salt value\n");
+ if (hsalt != NULL && !set_hex(hsalt, salt, sizeof(salt))) {
+ BIO_printf(bio_err, "invalid hex salt value\n");
+ goto end;
+ }
+ if (enc) { /* encryption */
+ if (hsalt == NULL) {
+ if (RAND_bytes(salt, sizeof(salt)) <= 0) {
+ BIO_printf(bio_err, "RAND_bytes failed\n");
+ goto end;
+ }
+ /*
+ * If -P option then don't bother writing.
+ * If salt is given, shouldn't either ?
+ */
+ if ((printkey != 2)
+ && (BIO_write(wbio, magic,
+ sizeof(magic) - 1) != sizeof(magic) - 1
+ || BIO_write(wbio,
+ (char *)salt,
+ sizeof(salt)) != sizeof(salt))) {
+ BIO_printf(bio_err, "error writing output file\n");
goto end;
}
- } else if (RAND_bytes(salt, sizeof(salt)) <= 0) {
- goto end;
}
- /*
- * If -P option then don't bother writing
- */
- if ((printkey != 2)
- && (BIO_write(wbio, magic,
- sizeof(magic) - 1) != sizeof(magic) - 1
- || BIO_write(wbio,
- (char *)salt,
- sizeof(salt)) != sizeof(salt))) {
- BIO_printf(bio_err, "error writing output file\n");
- goto end;
+ } else { /* decryption */
+ if (hsalt == NULL) {
+ if (BIO_read(rbio, mbuf, sizeof(mbuf)) != sizeof(mbuf)) {
+ BIO_printf(bio_err, "error reading input file\n");
+ goto end;
+ }
+ if (memcmp(mbuf, magic, sizeof(mbuf)) == 0) { /* file IS salted */
+ if (BIO_read(rbio, salt,
+ sizeof(salt)) != sizeof(salt)) {
+ BIO_printf(bio_err, "error reading input file\n");
+ goto end;
+ }
+ } else { /* file is NOT salted, NO salt available */
+ BIO_printf(bio_err, "bad magic number\n");
+ goto end;
+ }
}
- } else if (BIO_read(rbio, mbuf, sizeof(mbuf)) != sizeof(mbuf)
- || BIO_read(rbio,
- (unsigned char *)salt,
- sizeof(salt)) != sizeof(salt)) {
- BIO_printf(bio_err, "error reading input file\n");
- goto end;
- } else if (memcmp(mbuf, magic, sizeof(magic) - 1)) {
- BIO_printf(bio_err, "bad magic number\n");
- goto end;
}
sptr = salt;
}
diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in
index 8c4812c831..e744c8344b 100644
--- a/doc/man1/openssl-enc.pod.in
+++ b/doc/man1/openssl-enc.pod.in
@@ -143,6 +143,8 @@ encrypting, this is the default.
=item B<-S> I<salt>
The actual salt to use: this must be represented as a string of hex digits.
+If this option is used while encrypting, the same exact value will be needed
+again during decryption.
=item B<-K> I<key>
@@ -230,9 +232,11 @@ OpenSSL.
Without the B<-salt> option it is possible to perform efficient dictionary
attacks on the password and to attack stream cipher encrypted data. The reason
for this is that without the salt the same password always generates the same
-encryption key. When the salt is being used the first eight bytes of the
-encrypted data are reserved for the salt: it is generated at random when
-encrypting a file and read from the encrypted file when it is decrypted.
+encryption key.
+
+When the salt is generated at random (that means when encrypting using a
+passphrase without explicit salt given using B<-S> option), the first bytes
+of the encrypted data are reserved to store the salt for later decrypting.
Some of the ciphers do not have large keys and others have security
implications if not used correctly. A beginner is advised to just use
More information about the openssl-commits
mailing list