# This adds the ability to set the iteration count from the command line # An example is setting it to 2 by doing the following: # openssl enc -aes-256-cbc -md sha1 -S 0958305A49D09548 -P -pass pass:randompassword -ic 2
# The patch was based off of OpenSSL_1_0_1e since the latest version wouldn't compile for me I backtracked to the last labeled version. -------------------------------Patch--------------------------------------------------- diff --git a/apps/enc.c b/apps/enc.c index 719acc3..c2b3191 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -114,6 +114,7 @@ int MAIN(int argc, char **argv) char *hkey=NULL,*hiv=NULL,*hsalt = NULL; char *md=NULL; int enc=1,printkey=0,i,base64=0; + int itrcnt=1; #ifdef ZLIB int do_zlib=0; BIO *bzl = NULL; @@ -225,6 +226,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; str= *(++argv); } + else if (strcmp(*argv,"-ic") == 0) + { + if (--argc < 1) goto bad; + itrcnt= atoi(*(++argv)); + } else if (strcmp(*argv,"-kfile") == 0) { static char buf[128]; @@ -303,6 +309,7 @@ bad: BIO_printf(bio_err,"%-14s decrypt\n","-d"); BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64"); BIO_printf(bio_err,"%-14s passphrase is the next argument\n","-k"); + BIO_printf(bio_err,"%-14s iteration count is the next argument\n","-ic"); BIO_printf(bio_err,"%-14s passphrase is the first line of the file argument\n","-kfile"); BIO_printf(bio_err,"%-14s the next argument is the md to use to create a key\n","-md"); BIO_printf(bio_err,"%-14s from a passphrase. One of md2, md5, sha or sha1\n",""); @@ -554,7 +561,7 @@ bad: EVP_BytesToKey(cipher,dgst,sptr, (unsigned char *)str, - strlen(str),1,key,iv); + strlen(str),itrcnt,key,iv); /* zero the complete buffer or the string * passed from the command line * bug picked up by -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- This message is for the named person's use only. This communication is for informational purposes only and has been obtained from sources believed to be reliable, but it is not necessarily complete and its accuracy cannot be guaranteed. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. Moreover, this material should not be construed to contain any recommendation regarding, or opinion concerning, any security. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity. Securities products and services provided to Canadian investors are offered by ITG Canada Corp. (member CIPF and IIROC - Investment Industry Regulatory Organization of Canada), an affiliate of Investment Technology Group, Inc. Investment research products and services are produced and offered by ITG Investment Research, Inc. and not ITG Inc. (a FINRA member firm and SIPC member). ITG Inc. and/or its affiliates reserves the right to monitor and archive all electronic communications through its network. ITG Inc. Member FINRA, SIPC -+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
openssl.patch
Description: Binary data