Commit 405988f2 authored by EasySec's avatar EasySec Committed by Matt Caswell
Browse files

Add support for PBKDF2 for enc command 



Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2083)
parent 59053968

apps/enc.c

+48 −10
Original line number Diff line number Diff line
@@ -44,7 +44,7 @@ typedef enum OPTION_choice { 
    OPT_E, OPT_IN, OPT_OUT, OPT_PASS, OPT_ENGINE, OPT_D, OPT_P, OPT_V,

    OPT_NOPAD, OPT_SALT, OPT_NOSALT, OPT_DEBUG, OPT_UPPER_P, OPT_UPPER_A,

    OPT_A, OPT_Z, OPT_BUFSIZE, OPT_K, OPT_KFILE, OPT_UPPER_K, OPT_NONE,

    OPT_UPPER_S, OPT_IV, OPT_MD, OPT_CIPHER,

    OPT_UPPER_S, OPT_IV, OPT_MD, OPT_ITER, OPT_PBKDF2, OPT_CIPHER,

    OPT_R_ENUM

} OPTION_CHOICE;
@@ -74,6 +74,8 @@ const OPTIONS enc_options[] = { 
    {"S", OPT_UPPER_S, 's', "Salt, in hex"},

    {"iv", OPT_IV, 's', "IV in hex"},

    {"md", OPT_MD, 's', "Use specified digest to create a key from the passphrase"},

    {"iter", OPT_ITER, 'p', "Specify the iteration count and force use of PBKDF2"},

    {"pbkdf2", OPT_PBKDF2, '-', "Use password-based key derivation function 2"},

    {"none", OPT_NONE, '-', "Don't encrypt"},

    {"", OPT_CIPHER, '-', "Any supported cipher"},

    OPT_R_OPTIONS,
@@ -107,6 +109,8 @@ int enc_main(int argc, char **argv) 
    int ret = 1, inl, nopad = 0;

    unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];

    unsigned char *buff = NULL, salt[PKCS5_SALT_LEN];

    int pbkdf2 = 0;

    int iter = 0;

    long n;

    struct doall_enc_ciphers dec;

#ifdef ZLIB
@@ -255,6 +259,16 @@ int enc_main(int argc, char **argv) 
                goto opthelp;

            cipher = c;

            break;

        case OPT_ITER:

            if (!opt_int(opt_arg(), &iter))

                goto opthelp;

            pbkdf2 = 1;

            break;

        case OPT_PBKDF2:

            pbkdf2 = 1;

            if (iter == 0)    /* do not overwrite a chosen value */

                iter = 10000;

            break;

        case OPT_NONE:

            cipher = NULL;

            break;
@@ -282,6 +296,9 @@ int enc_main(int argc, char **argv) 
    if (dgst == NULL)

        dgst = EVP_sha256();



    if (iter == 0)

        iter = 1;



    /* It must be large enough for a base64 encoded line */

    if (base64 && bsize < 80)

        bsize = 80;
@@ -439,16 +456,38 @@ int enc_main(int argc, char **argv) 
                    BIO_printf(bio_err, "bad magic number\n");

                    goto end;

                }



                sptr = salt;

            }



            if (pbkdf2 == 1) {

                /*

                * derive key and default iv

                * concatenated into a temporary buffer

                */

                unsigned char tmpkeyiv[EVP_MAX_KEY_LENGTH + EVP_MAX_IV_LENGTH];

                int iklen = EVP_CIPHER_key_length(cipher);

                int ivlen = EVP_CIPHER_iv_length(cipher);

                /* not needed if HASH_UPDATE() is fixed : */

                int islen = (sptr != NULL ? sizeof(salt) : 0);

                if (!PKCS5_PBKDF2_HMAC(str, str_len, sptr, islen,

                                       iter, dgst, iklen+ivlen, tmpkeyiv)) {

                    BIO_printf(bio_err, "PKCS5_PBKDF2_HMAC failed\n");

                    goto end;

                }

                /* split and move data back to global buffer */

                memcpy(key, tmpkeyiv, iklen);

                memcpy(iv, tmpkeyiv+iklen, ivlen);

            } else {

                BIO_printf(bio_err, "*** WARNING : "

                                    "deprecated key derivation used.\n"

                                    "Using -iter or -pbkdf2 would be better.\n");

                if (!EVP_BytesToKey(cipher, dgst, sptr,

                                (unsigned char *)str,

                                str_len, 1, key, iv)) {

                                    (unsigned char *)str, str_len,

                                    1, key, iv)) {

                    BIO_printf(bio_err, "EVP_BytesToKey failed\n");

                    goto end;

                }

            }

            /*

             * zero the complete buffer or the string passed from the command

             * line.
@@ -470,9 +509,8 @@ int enc_main(int argc, char **argv) 
        if ((hiv == NULL) && (str == NULL)

            && EVP_CIPHER_iv_length(cipher) != 0) {

            /*

             * No IV was explicitly set and no IV was generated during

             * EVP_BytesToKey. Hence the IV is undefined, making correct

             * decryption impossible.

             * No IV was explicitly set and no IV was generated.

             * Hence the IV is undefined, making correct decryption impossible.

             */

            BIO_printf(bio_err, "iv undefined\n");

            goto end;

doc/man1/enc.pod

+12 −2
Original line number Diff line number Diff line
@@ -27,6 +27,8 @@ B<openssl enc -I<cipher>> 
[B<-nosalt>]

[B<-z>]

[B<-md digest>]

[B<-iter count>]

[B<-pbkdf2>]

[B<-p>]

[B<-P>]

[B<-bufsize number>]
@@ -109,6 +111,16 @@ the B<-pass> argument. 
Use the specified digest to create the key from the passphrase.

The default algorithm is sha-256.



=item B<-iter count>



Use a given number of iterations on the password in deriving the encryption key.

High values increase the time required to brute-force the resulting file.

This option enables the use of PBKDF2 algorithm to derive the key.



=item B<-pbkdf2>



Use PBKDF2 algorithm with default iteration count unless otherwise specified.



=item B<-nosalt>



Don't use a salt in the key derivation routines. This option B<SHOULD NOT> be
@@ -375,8 +387,6 @@ Decrypt some data using a supplied 40 bit RC4 key: 


The B<-A> option when used with large files doesn't work properly.



There should be an option to allow an iteration count to be included.



The B<enc> program only supports a fixed number of algorithms with

certain parameters. So if, for example, you want to use RC2 with a

76 bit key or RC4 with an 84 bit key you can't use this program.