Llewellyn/Tomb
1
0
Fork 0
mirror of https://github.com/Llewellynvdm/Tomb.git synced 2024-11-11 07:30:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add check for password lens

Browse Source
This commit is contained in:
ATuinDev 2018-02-03 21:05:56 +01:00
parent 5c419b3117
commit 510c8f6430
No known key found for this signature in database
GPG Key ID: 30B13E03CCAB58B7
2 changed files with 36 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
extras/kdf-keys/pbkdf2.c
View File

@ -84,7 +84,7 @@ int main(int argc, char *argv[])
int ic=0; // iterative count int ic=0; // iterative count
int result_len; int result_len;
unsigned char *result; // result (binary - 32+16 chars) unsigned char *result; // result (binary - 32+16 chars)
int i; int i, j;
if ( argc != 4 ) { if ( argc != 4 ) {
fprintf(stderr, "usage: %s salt count len <passwd >binary_key_iv\n", argv[0]); fprintf(stderr, "usage: %s salt count len <passwd >binary_key_iv\n", argv[0]);
@ -111,19 +111,24 @@ int main(int argc, char *argv[])
/* Read password char by char. /* Read password char by char.
* *
* Doing in this way we make sure that blanks (even null bytes) end up * Doing in this way we make sure that blanks (even null bytes) end up
* in the password * in the password.
*
* passwords containing just a bunch of spaces are valid
*/ */
int j = 0;
while (j < (BUFFER_SIZE + 1)) { while (j < (BUFFER_SIZE + 1)) {
char c = getchar(); char c = getchar();
if (c == EOF) break; if (c == EOF) break;
pass[j] = c; pass[j] = c;
j++; j++;
} }
if (j == BUFFER_SIZE + 1) { if (j >= BUFFER_SIZE + 1) {
fprintf(stderr, "Error: password is too long\n"); fprintf(stderr, "Error: password is too long\n");
exit(1); exit(1);
} }
if (j <= 1) {
fprintf(stderr, "Error: password is empty\n");
exit(1);
}
pass[j-1] = '\0'; pass[j-1] = '\0';
// PBKDF 2 // PBKDF 2

26
extras/kdf-keys/test.sh
View File

@ -42,8 +42,34 @@ check_white_spaces() {
done done
} }
check_password_len() {
hexsalt="73616c74"
iter=4096
keylen=20
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen 2>/dev/null <<<"" && {
echo "Empty passwords are accepted"
error=$((error + 1))
}
boundpassword=`perl -e 'print "a"x1023'`
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen &>/dev/null <<<"$boundpassword" || {
echo "Passwords bound to limit are not accepted"
error=$((error + 1))
}
bigpassword=`perl -e 'print "a"x1024'`
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen &>/dev/null <<<"$bigpassword" && {
echo "Passwords overriding buffer are accepted"
error=$((error + 1))
}
bigpassword=`perl -e 'print "a"x1025'`
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen &>/dev/null <<<"$bigpassword" && {
echo "Passwords overriding buffer are accepted"
error=$((error + 1))
}
}
check_kdf check_kdf
check_white_spaces check_white_spaces
check_password_len
if [[ $error == 1 ]]; then if [[ $error == 1 ]]; then
exit $error exit $error