derivepassphrase.git

@@ -548,28 +548,8 @@ class VaultNativeV02ConfigParser(VaultNativeConfigParser):

         """

         return base64.standard_b64encode(self._message)

-    def _make_decryptor(self) -> ciphers.CipherContext:

-        """Return the cipher context object used for decryption.

-

-        This is a standard AES256-CBC cipher context. The encryption key

-        and the IV are derived via the OpenSSL `EVP_BytesToKey` function

-        (using MD5, no salt, and one iteration).  This is what the

-        Node.js `crypto` library (v21 series and older) used in its

-        implementation of `crypto.createCipher("aes256", password)`.

-

-        Danger: Insecure use of cryptography

-            This function makes use of (an implementation of) the

-            OpenSSL function `EVP_BytesToKey`, which generates

-            cryptographically weak keys, without any attempts at

-            mitigating its insecurity.  We provide this function for the

-            purpose of interoperability with existing vault

-            installations.  Do not rely on this system to keep your

-            vault configuration secure against access by even moderately

-            determined attackers!

-

-        """

-

-        def evp_bytestokey_md5_one_iteration_no_salt(

+    @staticmethod

+    def _evp_bytestokey_md5_one_iteration_no_salt(

         data: bytes, key_size: int, iv_size: int

     ) -> tuple[bytes, bytes]:

         """Reimplement OpenSSL's `EVP_BytesToKey` with fixed parameters.

@@ -619,6 +600,15 @@ class VaultNativeV02ConfigParser(VaultNativeConfigParser):

             A 2-tuple containing the derived encryption key and the

             derived initialization vector.

+        Danger: Insecure use of cryptography

+            This function reimplements the OpenSSL function

+            `EVP_BytesToKey`, which generates cryptographically weak

+            keys, without any attempts at mitigating its insecurity.  We

+            provide this function for the purpose of interoperability

+            with existing vault installations.  Do not rely on this

+            system to keep your vault configuration secure against

+            access by even moderately determined attackers!

+

         """

         total_size = key_size + iv_size

         buffer = bytearray()

@@ -662,8 +652,28 @@ class VaultNativeV02ConfigParser(VaultNativeConfigParser):

         )

         return bytes(buffer[:key_size]), bytes(buffer[key_size:total_size])

+    def _make_decryptor(self) -> ciphers.CipherContext:

+        """Return the cipher context object used for decryption.

+

+        This is a standard AES256-CBC cipher context. The encryption key

+        and the IV are derived via the OpenSSL `EVP_BytesToKey` function

+        (using MD5, no salt, and one iteration).  This is what the

+        Node.js `crypto` library (v21 series and older) used in its

+        implementation of `crypto.createCipher("aes256", password)`.

+

+        Danger: Insecure use of cryptography

+            This function makes use of (an implementation of) the

+            OpenSSL function `EVP_BytesToKey`, which generates

+            cryptographically weak keys, without any attempts at

+            mitigating its insecurity.  We provide this function for the

+            purpose of interoperability with existing vault

+            installations.  Do not rely on this system to keep your

+            vault configuration secure against access by even moderately

+            determined attackers!

+

+        """

         data = base64.standard_b64encode(self._iv + self._encryption_key)

-        encryption_key, iv = evp_bytestokey_md5_one_iteration_no_salt(

+        encryption_key, iv = self._evp_bytestokey_md5_one_iteration_no_salt(

             data, key_size=32, iv_size=16

         )

         return ciphers.Cipher(