[From nobody Sun Mar 22 08:21:06 2026 Received: (at submit) by bugs.debian.org; 26 Apr 2017 23:53:19 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.0-bugs.debian.org_2005_01_02 (2014-02-07) on buxtehude.debian.org X-Spam-Level: X-Spam-Status: No, score=-9.7 required=4.0 tests=BAYES_00, FOURLA, HAS_PACKAGE, RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0-bugs.debian.org_2005_01_02 X-Spam-Bayes: score:0.0000 Tokens: new, 15; hammy, 147; neutral, 156; spammy, 3. spammytokens:0.987-1--H*MI:8ace, 0.987-1--H*M:8d8f, 0.987-1--H*MI:8d8f hammytokens:0.000-+--H*UA:45.0, 0.000-+--H*u:45.0, 0.000-+--systemd, 0.000-+--2.24-9, 0.000-+--Maintainer Return-path: <ishikawa@yk.rim.or.jp> Received: from mail03.siriuscloud.jp ([219.118.72.3]) by buxtehude.debian.org with esmtp (Exim 4.84_2) (envelope-from <ishikawa@yk.rim.or.jp>) id 1d3WkJ-00028l-3V for submit@bugs.debian.org; Wed, 26 Apr 2017 23:53:19 +0000 Received: from [192.168.0.111] (ntkngw435233.kngw.nt.ngn2.ppp.infoweb.ne.jp [61.121.54.233]) (Authenticated sender: ishikawa@yk.rim.or.jp) by access03.SiriusCloud.jp (Postfix) with ESMTPA id 3wCxYf0V1Cz2K2qlZ for <submit@bugs.debian.org>; Thu, 27 Apr 2017 08:46:29 +0900 (JST) Authentication-Results: access03.SiriusCloud.jp; dkim=none reason="no signature"; dkim-adsp=none (unprotected policy); dkim-atps=neutral X-Mozilla-News-Host: news://news.mozilla.org:119 To: Debian Bug Tracking System <submit@bugs.debian.org> From: "ISHIKAWA,chiaki" <ishikawa@yk.rim.or.jp> Subject: openssl enc -k path-for-keyphrase-file ...c does not fail if the keyphrase-file is missing. Message-ID: <48557c6b-4894-8ace-8d8f-9a30cf3d125a@yk.rim.or.jp> Date: Thu, 27 Apr 2017 08:46:10 +0900 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=iso-2022-jp; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.99.2 at si-mail03 X-Virus-Status: Clean X-Greylist: delayed 405 seconds by postgrey-1.35 at buxtehude; Wed, 26 Apr 2017 23:53:18 UTC Delivered-To: submit@bugs.debian.org Package: openssl Version: 1.1.0e-1 Severity: major Tags: upstream Dear Maintainer, *** Reporter, please consider answering these questions, where appropriate *** * What led up to the situation? I ran the following command after setting up the environment variables appropriately. E.g.: KFILE=path-for-passphrase-file (say, ~/mypass) BNAME=file-to-be-encrypted openssl enc -k ${KFILE} -in ${BNAME} -out ${BNAME}.enc -aes-256-cbc To my surprise if ${KFILE} is missing, openssl does not complain and seems to encrypt the input file anyway: but with what passphrase?! * What exactly did you do (or not do) that was effective (or ineffective)? * What was the outcome of this action? We may end up with an encrypted file that noo ne can possibly decrypt !? If, the intent is to remove the original file AFTER the encryption takes place, then we lose the original file forever! Possible DATA LOSS. BAD! * What outcome did you expect instead? I would rather see openssl complain that the passphrase file is missing LOUD and CLEAR (and returns an error code. I checked that the following does not print "fail". openssl enc -k ${KFILE} -in ${BNAME} -out ${BNAME}.enc -aes-256-cbc || echo fail ) *** End of the template - remove these template lines *** -- System Information: Debian Release: 9.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 3.19.5 (SMP w/4 CPU cores) Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages openssl depends on: ii libc6 2.24-9 ii libssl1.1 1.1.0e-1 ii perl 5.24.1-2 openssl recommends no packages. Versions of packages openssl suggests: ii ca-certificates 20161130 -- no debconf information ]