Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Make encfs2john more robust against bad data

  • Loading branch information...
commit dd493df212a0452d394bdce0c8f5db759d54c396 1 parent 4e8362a
@kholia kholia authored
Showing with 16 additions and 0 deletions.
  1. +16 −0 run/encfs2john.py
View
16 run/encfs2john.py
@@ -22,11 +22,23 @@ def process_folder(folder):
r = tree.getroot()
elements = list(r.iter())
cipher = None
+ keySize = None
+ iterations = None
+ salt = None
+ saltLen = None
+ dataLen = None
+ data = None
for element in elements:
if element.tag == "keySize":
keySize = element.text
+ if not keySize.isdigit():
+ print >> sys.stderr, "%s contains bad keySize" % filename
+ return
if element.tag == "kdfIterations":
iterations = element.text
+ if not iterations.isdigit():
+ print >> sys.stderr, "%s contains bad iterations" % filename
+ return
if element.tag == "name" and not cipher:
cipher = element.text
if element.tag == "saltData":
@@ -38,6 +50,10 @@ def process_folder(folder):
if element.tag == "encodedKeyData":
data = element.text
+ if not cipher or not keySize or not iterations or not salt or not saltLen or not dataLen or not data:
+ print >> sys.stderr, "%s contains bad data, please report this if target contains valid EncFS data" % filename
+ return
+
if cipher.upper().find("AES") > -1:
cipher = 0
print "%s:$encfs$%s*%s*%s*%s*%s*%s*%s" % (folder, keySize, iterations, cipher,
Please sign in to comment.
Something went wrong with that request. Please try again.