Mercurial > projects > sencrypt
changeset 10:8e9dd5328b5a
Print a warning message when using an insecure algorithm
| author | Guido Berhoerster <guido+sencrypt@berhoerster.name> |
|---|---|
| date | Sat, 03 Sep 2016 14:02:42 +0200 |
| parents | cc930aa0f3c2 |
| children | 27bc2d4947da |
| files | sencrypt.1.xml sencrypt.c |
| diffstat | 2 files changed, 23 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/sencrypt.1.xml Sat Sep 03 11:43:37 2016 +0200 +++ b/sencrypt.1.xml Sat Sep 03 14:02:42 2016 +0200 @@ -1,7 +1,7 @@ <?xml version="1.0"?> <!-- -Copyright (C) 2014 Guido Berhoerster <guido+sencrypt@berhoerster.name> +Copyright (C) 2016 Guido Berhoerster <guido+sencrypt@berhoerster.name> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -33,7 +33,7 @@ <email>guido+sencrypt@berhoerster.name</email> <personblurb/> </author> - <date>21 January, 2014</date> + <date>3 September, 2016</date> </info> <refmeta> <refentrytitle>sencrypt</refentrytitle> @@ -144,7 +144,9 @@ <replaceable>algorithm</replaceable> </term> <listitem> - <para>Use the specified algorithm.</para> + <para>Use the specified algorithm. See + <xref linkend="algorithms"/> for a list of supported + algorithms.</para> </listitem> </varlistentry> <varlistentry> @@ -186,6 +188,19 @@ </varlistentry> </variablelist> </refsect1> + <refsect1 xml:id="algorithms"> + <title>Algorithms</title> + <para>The following algorithms and key lengths are supported: + <simplelist type="vert" columns="2"> + <member>aes</member> + <member>arcfour</member> + <member>des</member> + <member>3des</member> + </simplelist></para> + <para>The arcfour, des, and 3des algorithms are considered insecure and should + not longer be used to encrypt new files. Using them will print a warning + message.</para> + </refsect1> <refsect1> <title>Examples</title> <example>
--- a/sencrypt.c Sat Sep 03 11:43:37 2016 +0200 +++ b/sencrypt.c Sat Sep 03 14:02:42 2016 +0200 @@ -618,6 +618,11 @@ status = EXIT_FAILURE; goto out; } + if ((cmd == CMD_SENCRYPT) && ((cipher != EVP_aes_128_cbc()) && + (cipher != EVP_aes_192_cbc()) && (cipher != EVP_aes_256_cbc()))) { + fprintf(stderr, "warning: the %s algorithm is no longer " + "considered secure", algo_name); + } if (iflag) { bio_in = BIO_new_file(in_filename, "r");