| version 1.14, 2018/02/07 05:47:55 |
version 1.15, 2019/01/18 03:45:47 |
|
|
| char *passarg; |
char *passarg; |
| int printkey; |
int printkey; |
| int verbose; |
int verbose; |
| |
int iter; |
| |
int pbkdf2; |
| } enc_config; |
} enc_config; |
| |
|
| static int |
static int |
|
|
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &enc_config.verbose, |
.opt.flag = &enc_config.verbose, |
| }, |
}, |
| |
{ |
| |
.name = "iter", |
| |
.desc = "Specify iteration count and force use of PBKDF2", |
| |
.type = OPTION_VALUE, |
| |
.opt.value = &enc_config.iter, |
| |
}, |
| |
{ |
| |
.name = "pbkdf2", |
| |
.desc = "Use the pbkdf2 key derivation function", |
| |
.type = OPTION_FLAG, |
| |
.opt.flag = &enc_config.pbkdf2, |
| |
}, |
| #ifdef ZLIB |
#ifdef ZLIB |
| { |
{ |
| .name = "z", |
.name = "z", |
|
|
| goto end; |
goto end; |
| } |
} |
| if (dgst == NULL) { |
if (dgst == NULL) { |
| dgst = EVP_md5(); /* XXX */ |
dgst = EVP_sha256(); |
| } |
} |
| |
|
| if (enc_config.bufsize != NULL) { |
if (enc_config.bufsize != NULL) { |
|
|
| } |
} |
| sptr = salt; |
sptr = salt; |
| } |
} |
| |
if (enc_config.pbkdf2 == 1 || enc_config.iter > 0) { |
| |
/* |
| |
* derive key and default iv |
| |
* concatenated into a temporary buffer |
| |
*/ |
| |
unsigned char tmpkeyiv[EVP_MAX_KEY_LENGTH + EVP_MAX_IV_LENGTH]; |
| |
int iklen = EVP_CIPHER_key_length(enc_config.cipher); |
| |
int ivlen = EVP_CIPHER_iv_length(enc_config.cipher); |
| |
/* not needed if HASH_UPDATE() is fixed : */ |
| |
int islen = (sptr != NULL ? sizeof(salt) : 0); |
| |
|
| EVP_BytesToKey(enc_config.cipher, dgst, sptr, |
if (enc_config.iter == 0) |
| (unsigned char *)enc_config.keystr, |
enc_config.iter = 10000; |
| strlen(enc_config.keystr), 1, key, iv); |
|
| |
if (!PKCS5_PBKDF2_HMAC(enc_config.keystr, |
| |
strlen(enc_config.keystr), sptr, islen, |
| |
enc_config.iter, dgst, iklen+ivlen, tmpkeyiv)) { |
| |
BIO_printf(bio_err, "PKCS5_PBKDF2_HMAC failed\n"); |
| |
goto end; |
| |
} |
| |
/* split and move data back to global buffer */ |
| |
memcpy(key, tmpkeyiv, iklen); |
| |
memcpy(iv, tmpkeyiv+iklen, ivlen); |
| |
} else { |
| |
EVP_BytesToKey(enc_config.cipher, dgst, sptr, |
| |
(unsigned char *)enc_config.keystr, |
| |
strlen(enc_config.keystr), 1, key, iv); |
| |
} |
| |
|
| /* |
/* |
| * zero the complete buffer or the string passed from |
* zero the complete buffer or the string passed from |
| * the command line bug picked up by Larry J. Hughes |
* the command line bug picked up by Larry J. Hughes |
![[BACK]](/icons/back.gif){kind=icon}
Return to enc.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl