From owner-svn-src-user@FreeBSD.ORG Mon Nov 4 02:58:17 2013 Return-Path: Delivered-To: svn-src-user@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 982ECDF1; Mon, 4 Nov 2013 02:58:17 +0000 (UTC) (envelope-from cperciva@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 7619C2246; Mon, 4 Nov 2013 02:58:17 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id rA42wHSA063977; Mon, 4 Nov 2013 02:58:17 GMT (envelope-from cperciva@svn.freebsd.org) Received: (from cperciva@localhost) by svn.freebsd.org (8.14.7/8.14.5/Submit) id rA42wHRL063976; Mon, 4 Nov 2013 02:58:17 GMT (envelope-from cperciva@svn.freebsd.org) Message-Id: <201311040258.rA42wHRL063976@svn.freebsd.org> From: Colin Percival Date: Mon, 4 Nov 2013 02:58:17 +0000 (UTC) To: src-committers@freebsd.org, svn-src-user@freebsd.org Subject: svn commit: r257601 - user/cperciva/pkesh X-SVN-Group: user MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-user@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the experimental " user" src tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Nov 2013 02:58:17 -0000 Author: cperciva Date: Mon Nov 4 02:58:16 2013 New Revision: 257601 URL: http://svnweb.freebsd.org/changeset/base/257601 Log: Add paranoid quoting of strings containing variables. Use $TMPDIR instead of $TMP for temporary files. Submitted by: jilles Modified: user/cperciva/pkesh/pkesh.sh Modified: user/cperciva/pkesh/pkesh.sh ============================================================================== --- user/cperciva/pkesh/pkesh.sh Mon Nov 4 02:50:43 2013 (r257600) +++ user/cperciva/pkesh/pkesh.sh Mon Nov 4 02:58:16 2013 (r257601) @@ -10,90 +10,90 @@ usage () { # gen priv.key pub.key gen () { # Generate the key - openssl genrsa -out $D/rsakey -f4 2048 2>/dev/null + openssl genrsa -out "$D/rsakey" -f4 2048 2>/dev/null # Write out private and public parts - cat $D/rsakey > $1 - openssl rsa -in $D/rsakey -pubout > $2 2>/dev/null + cat "$D/rsakey" > "$1" + openssl rsa -in "$D/rsakey" -pubout > "$2" 2>/dev/null } # enc pub.key in out enc () { # Generate a random 256-bit AES key - openssl rand 32 > $D/aeskey + openssl rand 32 > "$D/aeskey" # Generate a random 128-bit IV - openssl rand 16 > $D/aesIV + openssl rand 16 > "$D/aesIV" # Generate the encrypted data - KEY=`od -An -v -t x1 < $D/aeskey | tr -Cd '0-9a-fA-F'` - IV=`od -An -v -t x1 < $D/aesIV | tr -Cd '0-9a-fA-F'` - openssl enc -aes-256-cbc -K $KEY -iv $IV < $2 > $D/encdata + KEY=`od -An -v -t x1 < "$D/aeskey" | tr -Cd '0-9a-fA-F'` + IV=`od -An -v -t x1 < "$D/aesIV" | tr -Cd '0-9a-fA-F'` + openssl enc -aes-256-cbc -K $KEY -iv $IV < "$2" > "$D/encdata" # Compute the SHA256 hash of the encrypted data - openssl dgst -sha256 -binary $D/encdata > $D/hash + openssl dgst -sha256 -binary "$D/encdata" > "$D/hash" # Generate the header - cat $D/aeskey $D/aesIV $D/hash > $D/header + cat "$D/aeskey" "$D/aesIV" "$D/hash" > "$D/header" # Generate the encrypted header - openssl rsautl -inkey $1 -pubin -encrypt -oaep \ - < $D/header > $D/encheader + openssl rsautl -inkey "$1" -pubin -encrypt -oaep \ + < "$D/header" > "$D/encheader" # Generate the entire encrypted message - cat $D/encheader $D/encdata | openssl enc -base64 > $3 + cat "$D/encheader" "$D/encdata" | openssl enc -base64 > "$3" } # dec priv.key in out dec () { # Base-64 decode the encrypted message - openssl enc -d -base64 < $2 > $D/encmessage + openssl enc -d -base64 < "$2" > "$D/encmessage" # Make sure the message is long enough - if [ `wc -c < $D/encmessage` -lt 256 ]; then + if [ `wc -c < "$D/encmessage"` -lt 256 ]; then echo "Message is corrupt or truncated" >/dev/stderr exit 1 fi # Decrypt the header - dd if=$D/encmessage bs=256 count=1 of=$D/encheader 2>/dev/null - openssl rsautl -inkey $1 -decrypt -oaep < $D/encheader > $D/header + dd if="$D/encmessage" bs=256 count=1 of="$D/encheader" 2>/dev/null + openssl rsautl -inkey "$1" -decrypt -oaep < "$D/encheader" > "$D/header" # Make sure the header is the right size - if [ `wc -c < $D/header` -ne 80 ]; then + if [ `wc -c < "$D/header"` -ne 80 ]; then echo "Message is corrupt" >/dev/stderr exit 1 fi # Split header into components - dd if=$D/header bs=1 count=32 of=$D/aeskey 2>/dev/null - dd if=$D/header bs=1 skip=32 count=16 of=$D/aesIV 2>/dev/null - dd if=$D/header bs=1 skip=48 count=32 of=$D/hash 2>/dev/null + dd if="$D/header" bs=1 count=32 of="$D/aeskey" 2>/dev/null + dd if="$D/header" bs=1 skip=32 count=16 of="$D/aesIV" 2>/dev/null + dd if="$D/header" bs=1 skip=48 count=32 of="$D/hash" 2>/dev/null # Verify the encrypted data hash - dd if=$D/encmessage bs=256 skip=1 2>/dev/null | - openssl dgst -sha256 -binary > $D/encmessage.hash - if ! cmp -s $D/hash $D/encmessage.hash; then + dd if="$D/encmessage" bs=256 skip=1 2>/dev/null | + openssl dgst -sha256 -binary > "$D/encmessage.hash" + if ! cmp -s "$D/hash" "$D/encmessage.hash"; then echo "Message is corrupt or truncated" >/dev/stderr exit 1 fi # Decrypt the message - KEY=`od -An -v -t x1 < $D/aeskey | tr -Cd '0-9a-fA-F'` - IV=`od -An -v -t x1 < $D/aesIV | tr -Cd '0-9a-fA-F'` - dd if=$D/encmessage bs=256 skip=1 2>/dev/null | - openssl enc -d -aes-256-cbc -K $KEY -iv $IV > $3 + KEY=`od -An -v -t x1 < "$D/aeskey" | tr -Cd '0-9a-fA-F'` + IV=`od -An -v -t x1 < "$D/aesIV" | tr -Cd '0-9a-fA-F'` + dd if="$D/encmessage" bs=256 skip=1 2>/dev/null | + openssl enc -d -aes-256-cbc -K $KEY -iv $IV > "$3" } # Get operation type if [ $# -lt 1 ]; then usage fi -OP=$1 +OP="$1" shift # Check operation type and number of operands -case $OP in +case "$OP" in gen) if [ $# -ne 2 ]; then usage @@ -109,7 +109,7 @@ enc|dec) esac # Create temporary working directory -D=`mktemp -d "${TMP:-/tmp}/pkesh.XXXXXX"` +D=`mktemp -d "${TMPDIR:-/tmp}/pkesh.XXXXXX"` trap 'rm -r "$D"' EXIT # Perform the operation