mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-11-11 07:30:56 +00:00
Add check for password lens
This commit is contained in:
parent
5c419b3117
commit
510c8f6430
@ -84,7 +84,7 @@ int main(int argc, char *argv[])
|
|||||||
int ic=0; // iterative count
|
int ic=0; // iterative count
|
||||||
int result_len;
|
int result_len;
|
||||||
unsigned char *result; // result (binary - 32+16 chars)
|
unsigned char *result; // result (binary - 32+16 chars)
|
||||||
int i;
|
int i, j;
|
||||||
|
|
||||||
if ( argc != 4 ) {
|
if ( argc != 4 ) {
|
||||||
fprintf(stderr, "usage: %s salt count len <passwd >binary_key_iv\n", argv[0]);
|
fprintf(stderr, "usage: %s salt count len <passwd >binary_key_iv\n", argv[0]);
|
||||||
@ -111,19 +111,24 @@ int main(int argc, char *argv[])
|
|||||||
/* Read password char by char.
|
/* Read password char by char.
|
||||||
*
|
*
|
||||||
* Doing in this way we make sure that blanks (even null bytes) end up
|
* Doing in this way we make sure that blanks (even null bytes) end up
|
||||||
* in the password
|
* in the password.
|
||||||
|
*
|
||||||
|
* passwords containing just a bunch of spaces are valid
|
||||||
*/
|
*/
|
||||||
int j = 0;
|
|
||||||
while (j < (BUFFER_SIZE + 1)) {
|
while (j < (BUFFER_SIZE + 1)) {
|
||||||
char c = getchar();
|
char c = getchar();
|
||||||
if (c == EOF) break;
|
if (c == EOF) break;
|
||||||
pass[j] = c;
|
pass[j] = c;
|
||||||
j++;
|
j++;
|
||||||
}
|
}
|
||||||
if (j == BUFFER_SIZE + 1) {
|
if (j >= BUFFER_SIZE + 1) {
|
||||||
fprintf(stderr, "Error: password is too long\n");
|
fprintf(stderr, "Error: password is too long\n");
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
if (j <= 1) {
|
||||||
|
fprintf(stderr, "Error: password is empty\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
pass[j-1] = '\0';
|
pass[j-1] = '\0';
|
||||||
|
|
||||||
// PBKDF 2
|
// PBKDF 2
|
||||||
|
@ -42,8 +42,34 @@ check_white_spaces() {
|
|||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
check_password_len() {
|
||||||
|
hexsalt="73616c74"
|
||||||
|
iter=4096
|
||||||
|
keylen=20
|
||||||
|
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen 2>/dev/null <<<"" && {
|
||||||
|
echo "Empty passwords are accepted"
|
||||||
|
error=$((error + 1))
|
||||||
|
}
|
||||||
|
boundpassword=`perl -e 'print "a"x1023'`
|
||||||
|
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen &>/dev/null <<<"$boundpassword" || {
|
||||||
|
echo "Passwords bound to limit are not accepted"
|
||||||
|
error=$((error + 1))
|
||||||
|
}
|
||||||
|
bigpassword=`perl -e 'print "a"x1024'`
|
||||||
|
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen &>/dev/null <<<"$bigpassword" && {
|
||||||
|
echo "Passwords overriding buffer are accepted"
|
||||||
|
error=$((error + 1))
|
||||||
|
}
|
||||||
|
bigpassword=`perl -e 'print "a"x1025'`
|
||||||
|
./tomb-kdb-pbkdf2 $hexsalt $iter $keylen &>/dev/null <<<"$bigpassword" && {
|
||||||
|
echo "Passwords overriding buffer are accepted"
|
||||||
|
error=$((error + 1))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
check_kdf
|
check_kdf
|
||||||
check_white_spaces
|
check_white_spaces
|
||||||
|
check_password_len
|
||||||
|
|
||||||
if [[ $error == 1 ]]; then
|
if [[ $error == 1 ]]; then
|
||||||
exit $error
|
exit $error
|
||||||
|
Loading…
Reference in New Issue
Block a user