rpms
/
perl-Crypt-CBC
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix manually-specified key not being used in some circumstances (GH#4)

This commit is contained in:
Paul Howarth 2022-03-02 09:19:00 +00:00
parent 134ebfd68e
commit be19e3258b
2 changed files with 83 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
Crypt-CBC-3.04-3.05.patch Normal file
View File

@ -0,0 +1,72 @@
From 524db900a5b2d2b260ba83526b4f152653743d83 Mon Sep 17 00:00:00 2001
From: Lincoln Stein <lincoln.stein@gmail.com>
Date: Thu, 20 May 2021 12:02:24 -0400
Subject: [PATCH] Fixed bug in which manually-specified key and -pkdf=>"none"
was not having effect
---
Changes | 3 +++
lib/Crypt/CBC.pm | 12 ++++++------
2 files changed, 9 insertions(+), 6 deletions(-)
diff --git a/Changes b/Changes
index 524b74e..0919bb5 100644
--- a/Changes
+++ b/Changes
@@ -1,4 +1,7 @@
Revision history for Perl extension Crypt::CBC.
+3.05 Thu 20 May 2021 12:00:18 PM EDT
+ - Fixed bug involving manually-specified key not being used in some circumstances.
+
3.04 Mon 17 May 2021 10:58:37 AM EDT
- Fixed bug involving manually-specified IV not being used in some circumstances.
diff --git a/lib/Crypt/CBC.pm b/lib/Crypt/CBC.pm
index f935bbc..327fc4c 100644
--- a/lib/Crypt/CBC.pm
+++ b/lib/Crypt/CBC.pm
@@ -72,11 +72,11 @@ sub new {
# HEADER consistency
if ($header_mode eq 'salt') {
- croak "Cannot use salt-based key generation if literal key is specified"
+ croak "Cannot use -header mode of 'salt' if a literal key is specified or key derivation function is none"
if $literal_key;
}
elsif ($header_mode eq 'randomiv') {
- croak "Cannot encrypt using a non-8 byte blocksize cipher when using randomiv header mode"
+ croak "Cannot use -header mode of 'randomiv' in conjunction with a cipher whose blocksize greater than 8"
unless $bs == 8
}
@@ -618,16 +618,15 @@ sub pbkdf_obj {
}
############################# generating key, iv and salt ########################
-# hopefully a replacement for mess below
sub set_key_and_iv {
my $self = shift;
- if (!$self->{literal_key}) {
+ if ($self->pbkdf eq 'none' || $self->{literal_key}) {
+ $self->{iv} = $self->_get_random_bytes($self->blocksize) if $self->{make_random_iv};
+ } else {
my ($key,$iv) = $self->pbkdf_obj->key_and_iv($self->{salt},$self->{passphrase});
$self->{key} = $key;
$self->{iv} = $iv if $self->{make_random_iv};
- } else {
- $self->{iv} = $self->_get_random_bytes($self->blocksize) if $self->{make_random_iv};
}
length $self->{salt} == 8 or croak "Salt must be exactly 8 bytes long";
@@ -929,6 +928,7 @@ Crypt::CBC - Encrypt Data with Cipher Block Chaining Mode
$key = Crypt::CBC->random_bytes(8); # assuming a 8-byte block cipher
$iv = Crypt::CBC->random_bytes(8);
$cipher = Crypt::CBC->new(-pbkdf => 'none',
+ -header => 'none',
-key => $key,
-iv => $iv);
--
2.35.1

12
perl-Crypt-CBC.spec
View File

@ -1,12 +1,13 @@
Summary: Encrypt Data with Cipher Block Chaining Mode
Name: perl-Crypt-CBC
Version: 3.04
Release: 5%{?dist}
Release: 6%{?dist}
# Upstream confirms that they're under the same license as perl.
# Wording in CBC.pm is less than clear, but still.
License: GPL+ or Artistic
URL: https://metacpan.org/release/Crypt-CBC
Source0: https://cpan.metacpan.org/modules/by-module/Crypt/Crypt-CBC-%{version}.tar.gz
Patch0: Crypt-CBC-3.04-3.05.patch
BuildArch: noarch
# Build:
BuildRequires: coreutils
@ -62,6 +63,12 @@ compatible with the encryption format used by SSLeay.
%prep
%setup -q -n Crypt-CBC-%{version}
# Upstream tagged a 3.05 release but didn't upload it to PAUSE
# This fixes an issue around the -literal_key option
# https://github.com/lstein/Lib-Crypt-CBC/issues/4
%patch0 -p1
chmod -c 644 eg/*.pl
%build
@ -82,6 +89,9 @@ make test
%{_mandir}/man3/Crypt::CBC.3*
%changelog
* Wed Mar 2 2022 Paul Howarth <paul@city-fan.org> - 3.04-6
- Fix an issue around the -literal_key option (GH#4)
* Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.04-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild