From 63ac438831cb8ffe6d93e64f281ac98931ae1735 Mon Sep 17 00:00:00 2001
From: s2 <s2@31337.it>
Date: Mon, 25 Nov 2019 16:28:35 +0100
Subject: [PATCH] use pbkdf2 since it is available in new versions of openssl

---
 sshenc.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sshenc.sh b/sshenc.sh
index 72e9609..c1a2299 100755
--- a/sshenc.sh
+++ b/sshenc.sh
@@ -66,7 +66,7 @@ if [[ "${#public_key[@]}" > 0 ]]; then
     done
     echo "-- /keys"
 
-    if cat | openssl enc -aes-256-cbc -salt -pass file:"$temp_file_key" > "$temp_file"; then
+    if cat | openssl enc -aes-256-cbc -pbkdf2 -iter 100000 -salt -pass file:"$temp_file_key" > "$temp_file"; then
         openssl base64 -A < "$temp_file"
     fi
 
@@ -91,7 +91,7 @@ elif [[ -e "$private_key" ]]; then
     for key in "${keys[@]}"
     do
         if ((echo "$key" | openssl base64 -d -A | openssl rsautl -decrypt -ssl -inkey "$private_key" > "$temp_file") > /dev/null 2>&1); then
-            if echo "$cypher" | openssl base64 -d -A | openssl aes-256-cbc -d -pass file:"$temp_file"; then
+            if echo "$cypher" | openssl base64 -d -A | openssl aes-256-cbc -pbkdf2 -iter 100000 -d -pass file:"$temp_file"; then
                 decrypted=true
             fi
         fi