mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-12-26 11:37:34 +00:00
Add check for password lens
This commit is contained in:
parent
5c419b3117
commit
510c8f6430
@ -84,7 +84,7 @@ int main(int argc, char *argv[])
|
||||
int ic=0; // iterative count
|
||||
int result_len;
|
||||
unsigned char *result; // result (binary - 32+16 chars)
|
||||
int i;
|
||||
int i, j;
|
||||
|
||||
if ( argc != 4 ) {
|
||||
fprintf(stderr, "usage: %s salt count len <passwd >binary_key_iv\n", argv[0]);
|
||||
@ -111,19 +111,24 @@ int main(int argc, char *argv[])
|
||||
/* Read password char by char.
|
||||
*
|
||||
* Doing in this way we make sure that blanks (even null bytes) end up
|
||||
* in the password
|
||||
* in the password.
|
||||
*
|
||||
* passwords containing just a bunch of spaces are valid
|
||||
*/
|
||||
int j = 0;
|
||||
while (j < (BUFFER_SIZE + 1)) {
|
||||
char c = getchar();
|
||||
if (c == EOF) break;
|
||||
pass[j] = c;
|
||||
j++;
|
||||
}
|
||||
if (j == BUFFER_SIZE + 1) {
|
||||
if (j >= BUFFER_SIZE + 1) {
|
||||
fprintf(stderr, "Error: password is too long\n");
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
if (j <= 1) {
|
||||
fprintf(stderr, "Error: password is empty\n");
|
||||
exit(1);
|
||||
}
|
||||
pass[j-1] = '\0';
|
||||
|
||||
// PBKDF 2
|
||||
|
@ -42,8 +42,34 @@ check_white_spaces() {
|
||||
done
|
||||
}
|
||||
|
||||
check_password_len() {
|
||||
hexsalt="73616c74"
|
||||
iter=4096
|
||||
keylen=20
|
||||
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen 2>/dev/null <<<"" && {
|
||||
echo "Empty passwords are accepted"
|
||||
error=$((error + 1))
|
||||
}
|
||||
boundpassword=`perl -e 'print "a"x1023'`
|
||||
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen &>/dev/null <<<"$boundpassword" || {
|
||||
echo "Passwords bound to limit are not accepted"
|
||||
error=$((error + 1))
|
||||
}
|
||||
bigpassword=`perl -e 'print "a"x1024'`
|
||||
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen &>/dev/null <<<"$bigpassword" && {
|
||||
echo "Passwords overriding buffer are accepted"
|
||||
error=$((error + 1))
|
||||
}
|
||||
bigpassword=`perl -e 'print "a"x1025'`
|
||||
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen &>/dev/null <<<"$bigpassword" && {
|
||||
echo "Passwords overriding buffer are accepted"
|
||||
error=$((error + 1))
|
||||
}
|
||||
}
|
||||
|
||||
check_kdf
|
||||
check_white_spaces
|
||||
check_password_len
|
||||
|
||||
if [[ $error == 1 ]]; then
|
||||
exit $error
|
||||
|
Loading…
Reference in New Issue
Block a user