| version 1.3, 2014/10/22 13:54:03 |
version 1.4, 2015/01/01 13:55:03 |
|
|
| |
|
| #define SIZE (512) |
#define SIZE (512) |
| #define BSIZE (8*1024) |
#define BSIZE (8*1024) |
| #define PROG enc_main |
|
| |
|
| |
static struct { |
| |
int base64; |
| |
char *bufsize; |
| |
const EVP_CIPHER *cipher; |
| |
int debug; |
| |
#ifdef ZLIB |
| |
int do_zlib; |
| |
#endif |
| |
int enc; |
| |
#ifndef OPENSSL_NO_ENGINE |
| |
char *engine; |
| |
#endif |
| |
char *hiv; |
| |
char *hkey; |
| |
char *hsalt; |
| |
char *inf; |
| |
char *keyfile; |
| |
char *keystr; |
| |
char *md; |
| |
int nopad; |
| |
int nosalt; |
| |
int olb64; |
| |
char *outf; |
| |
char *passarg; |
| |
int printkey; |
| |
int verbose; |
| |
} enc_config; |
| |
|
| |
static int |
| |
enc_opt_cipher(int argc, char **argv, int *argsused) |
| |
{ |
| |
char *name = argv[0]; |
| |
|
| |
if (*name++ != '-') |
| |
return (1); |
| |
|
| |
if (strcmp(name, "none") == 0) { |
| |
enc_config.cipher = NULL; |
| |
*argsused = 1; |
| |
return (0); |
| |
} |
| |
|
| |
if ((enc_config.cipher = EVP_get_cipherbyname(name)) != NULL) { |
| |
*argsused = 1; |
| |
return (0); |
| |
} |
| |
|
| |
return (1); |
| |
} |
| |
|
| |
static struct option enc_options[] = { |
| |
{ |
| |
.name = "A", |
| |
.desc = "Process base64 data on one line (requires -a)", |
| |
.type = OPTION_FLAG, |
| |
.opt.flag = &enc_config.olb64, |
| |
}, |
| |
{ |
| |
.name = "a", |
| |
.desc = "Perform base64 encoding/decoding (alias -base64)", |
| |
.type = OPTION_FLAG, |
| |
.opt.flag = &enc_config.base64, |
| |
}, |
| |
{ |
| |
.name = "base64", |
| |
.type = OPTION_FLAG, |
| |
.opt.flag = &enc_config.base64, |
| |
}, |
| |
{ |
| |
.name = "bufsize", |
| |
.argname = "size", |
| |
.desc = "Specify the buffer size to use for I/O", |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.bufsize, |
| |
}, |
| |
{ |
| |
.name = "d", |
| |
.desc = "Decrypt the input data", |
| |
.type = OPTION_VALUE, |
| |
.opt.value = &enc_config.enc, |
| |
.value = 0, |
| |
}, |
| |
{ |
| |
.name = "debug", |
| |
.desc = "Print debugging information", |
| |
.type = OPTION_FLAG, |
| |
.opt.flag = &enc_config.debug, |
| |
}, |
| |
{ |
| |
.name = "e", |
| |
.desc = "Encrypt the input data (default)", |
| |
.type = OPTION_VALUE, |
| |
.opt.value = &enc_config.enc, |
| |
.value = 1, |
| |
}, |
| |
#ifndef OPENSSL_NO_ENGINE |
| |
{ |
| |
.name = "engine", |
| |
.argname = "id", |
| |
.desc = "Use the engine specified by the given identifier", |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.engine, |
| |
}, |
| |
#endif |
| |
{ |
| |
.name = "in", |
| |
.argname = "file", |
| |
.desc = "Input file to read from (default stdin)", |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.inf, |
| |
}, |
| |
{ |
| |
.name = "iv", |
| |
.argname = "IV", |
| |
.desc = "IV to use, specified as a hexidecimal string", |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.hiv, |
| |
}, |
| |
{ |
| |
.name = "K", |
| |
.argname = "key", |
| |
.desc = "Key to use, specified as a hexidecimal string", |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.hkey, |
| |
}, |
| |
{ |
| |
.name = "k", /* Superseded by -pass. */ |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.keystr, |
| |
}, |
| |
{ |
| |
.name = "kfile", /* Superseded by -pass. */ |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.keyfile, |
| |
}, |
| |
{ |
| |
.name = "md", |
| |
.argname = "digest", |
| |
.desc = "Digest to use to create a key from the passphrase", |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.md, |
| |
}, |
| |
{ |
| |
.name = "none", |
| |
.desc = "Use NULL cipher (no encryption or decryption)", |
| |
.type = OPTION_ARGV_FUNC, |
| |
.opt.argvfunc = enc_opt_cipher, |
| |
}, |
| |
{ |
| |
.name = "nopad", |
| |
.desc = "Disable standard block padding", |
| |
.type = OPTION_FLAG, |
| |
.opt.flag = &enc_config.nopad, |
| |
}, |
| |
{ |
| |
.name = "nosalt", |
| |
.type = OPTION_VALUE, |
| |
.opt.value = &enc_config.nosalt, |
| |
.value = 1, |
| |
}, |
| |
{ |
| |
.name = "out", |
| |
.argname = "file", |
| |
.desc = "Output file to write to (default stdout)", |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.outf, |
| |
}, |
| |
{ |
| |
.name = "P", |
| |
.desc = "Print out the salt, key and IV used, then exit\n" |
| |
" (no encryption or decryption is performed)", |
| |
.type = OPTION_VALUE, |
| |
.opt.value = &enc_config.printkey, |
| |
.value = 2, |
| |
}, |
| |
{ |
| |
.name = "p", |
| |
.desc = "Print out the salt, key and IV used", |
| |
.type = OPTION_VALUE, |
| |
.opt.value = &enc_config.printkey, |
| |
.value = 1, |
| |
}, |
| |
{ |
| |
.name = "pass", |
| |
.argname = "source", |
| |
.desc = "Password source", |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.passarg, |
| |
}, |
| |
{ |
| |
.name = "S", |
| |
.argname = "salt", |
| |
.desc = "Salt to use, specified as a hexidecimal string", |
| |
.type = OPTION_ARG, |
| |
.opt.arg = &enc_config.hsalt, |
| |
}, |
| |
{ |
| |
.name = "salt", |
| |
.desc = "Use a salt in the key derivation routines (default)", |
| |
.type = OPTION_VALUE, |
| |
.opt.value = &enc_config.nosalt, |
| |
.value = 0, |
| |
}, |
| |
{ |
| |
.name = "v", |
| |
.desc = "Verbose", |
| |
.type = OPTION_FLAG, |
| |
.opt.flag = &enc_config.verbose, |
| |
}, |
| |
#ifdef ZLIB |
| |
{ |
| |
.name = "z", |
| |
.desc = "Perform zlib compression/decompression", |
| |
.type = OPTION_FLAG, |
| |
.opt.flag = &enc_config.do_zlib, |
| |
}, |
| |
#endif |
| |
{ |
| |
.name = NULL, |
| |
.type = OPTION_ARGV_FUNC, |
| |
.opt.argvfunc = enc_opt_cipher, |
| |
}, |
| |
{ NULL }, |
| |
}; |
| |
|
| static void |
static void |
| show_ciphers(const OBJ_NAME * name, void *bio_) |
show_ciphers(const OBJ_NAME *name, void *arg) |
| { |
{ |
| BIO *bio = bio_; |
|
| static int n; |
static int n; |
| |
|
| if (!islower((unsigned char) *name->name)) |
if (!islower((unsigned char)*name->name)) |
| return; |
return; |
| |
|
| BIO_printf(bio, "-%-25s", name->name); |
fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n")); |
| if (++n == 3) { |
|
| BIO_printf(bio, "\n"); |
|
| n = 0; |
|
| } else |
|
| BIO_printf(bio, " "); |
|
| } |
} |
| |
|
| |
static void |
| |
enc_usage(void) |
| |
{ |
| |
fprintf(stderr, "usage: enc -ciphername [-AadePp] [-base64] " |
| |
"[-bufsize number] [-debug]\n" |
| |
" [-engine id] [-in file] [-iv IV] [-K key] [-k password]\n" |
| |
" [-kfile file] [-md digest] [-none] [-nopad] [-nosalt]\n" |
| |
" [-out file] [-pass arg] [-S salt] [-salt]\n\n"); |
| |
options_usage(enc_options); |
| |
fprintf(stderr, "\n"); |
| |
|
| |
fprintf(stderr, "Valid ciphername values:\n\n"); |
| |
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL); |
| |
fprintf(stderr, "\n"); |
| |
} |
| |
|
| int enc_main(int, char **); |
int enc_main(int, char **); |
| |
|
| int |
int |
|
|
| { |
{ |
| static const char magic[] = "Salted__"; |
static const char magic[] = "Salted__"; |
| char mbuf[sizeof magic - 1]; |
char mbuf[sizeof magic - 1]; |
| char *strbuf = NULL; |
char *strbuf = NULL, *pass = NULL; |
| unsigned char *buff = NULL, *bufsize = NULL; |
unsigned char *buff = NULL; |
| int bsize = BSIZE, verbose = 0; |
int bsize = BSIZE; |
| int ret = 1, inl; |
int ret = 1, inl; |
| int nopad = 0; |
|
| unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; |
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; |
| unsigned char salt[PKCS5_SALT_LEN]; |
unsigned char salt[PKCS5_SALT_LEN]; |
| char *str = NULL, *passarg = NULL, *pass = NULL; |
|
| char *hkey = NULL, *hiv = NULL, *hsalt = NULL; |
|
| char *md = NULL; |
|
| int enc = 1, printkey = 0, i, base64 = 0; |
|
| #ifdef ZLIB |
#ifdef ZLIB |
| int do_zlib = 0; |
|
| BIO *bzl = NULL; |
BIO *bzl = NULL; |
| #endif |
#endif |
| int debug = 0, olb64 = 0, nosalt = 0; |
|
| const EVP_CIPHER *cipher = NULL, *c; |
|
| EVP_CIPHER_CTX *ctx = NULL; |
EVP_CIPHER_CTX *ctx = NULL; |
| char *inf = NULL, *outf = NULL; |
const EVP_MD *dgst = NULL; |
| BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio = NULL, |
BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL; |
| *wbio = NULL; |
BIO *rbio = NULL, *wbio = NULL; |
| #define PROG_NAME_SIZE 39 |
#define PROG_NAME_SIZE 39 |
| char pname[PROG_NAME_SIZE + 1]; |
char pname[PROG_NAME_SIZE + 1]; |
| #ifndef OPENSSL_NO_ENGINE |
int i; |
| char *engine = NULL; |
|
| #endif |
|
| const EVP_MD *dgst = NULL; |
|
| |
|
| |
memset(&enc_config, 0, sizeof(enc_config)); |
| |
enc_config.enc = 1; |
| |
|
| /* first check the program name */ |
/* first check the program name */ |
| program_name(argv[0], pname, sizeof pname); |
program_name(argv[0], pname, sizeof(pname)); |
| |
|
| if (strcmp(pname, "base64") == 0) |
if (strcmp(pname, "base64") == 0) |
| base64 = 1; |
enc_config.base64 = 1; |
| |
|
| #ifdef ZLIB |
#ifdef ZLIB |
| if (strcmp(pname, "zlib") == 0) |
if (strcmp(pname, "zlib") == 0) |
| do_zlib = 1; |
enc_config.do_zlib = 1; |
| #endif |
#endif |
| |
|
| cipher = EVP_get_cipherbyname(pname); |
enc_config.cipher = EVP_get_cipherbyname(pname); |
| |
|
| #ifdef ZLIB |
#ifdef ZLIB |
| if (!do_zlib && !base64 && (cipher == NULL) |
if (!enc_config.do_zlib && !enc_config.base64 && |
| && (strcmp(pname, "enc") != 0)) |
enc_config.cipher == NULL && strcmp(pname, "enc") != 0) |
| #else |
#else |
| if (!base64 && (cipher == NULL) && (strcmp(pname, "enc") != 0)) |
if (!enc_config.base64 && enc_config.cipher == NULL && |
| |
strcmp(pname, "enc") != 0) |
| #endif |
#endif |
| { |
{ |
| BIO_printf(bio_err, "%s is an unknown cipher\n", pname); |
BIO_printf(bio_err, "%s is an unknown cipher\n", pname); |
| goto bad; |
goto end; |
| } |
} |
| argc--; |
|
| argv++; |
|
| while (argc >= 1) { |
|
| if (strcmp(*argv, "-e") == 0) |
|
| enc = 1; |
|
| else if (strcmp(*argv, "-in") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| inf = *(++argv); |
|
| } else if (strcmp(*argv, "-out") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| outf = *(++argv); |
|
| } else if (strcmp(*argv, "-pass") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| passarg = *(++argv); |
|
| } |
|
| #ifndef OPENSSL_NO_ENGINE |
|
| else if (strcmp(*argv, "-engine") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| engine = *(++argv); |
|
| } |
|
| #endif |
|
| else if (strcmp(*argv, "-d") == 0) |
|
| enc = 0; |
|
| else if (strcmp(*argv, "-p") == 0) |
|
| printkey = 1; |
|
| else if (strcmp(*argv, "-v") == 0) |
|
| verbose = 1; |
|
| else if (strcmp(*argv, "-nopad") == 0) |
|
| nopad = 1; |
|
| else if (strcmp(*argv, "-salt") == 0) |
|
| nosalt = 0; |
|
| else if (strcmp(*argv, "-nosalt") == 0) |
|
| nosalt = 1; |
|
| else if (strcmp(*argv, "-debug") == 0) |
|
| debug = 1; |
|
| else if (strcmp(*argv, "-P") == 0) |
|
| printkey = 2; |
|
| else if (strcmp(*argv, "-A") == 0) |
|
| olb64 = 1; |
|
| else if (strcmp(*argv, "-a") == 0) |
|
| base64 = 1; |
|
| else if (strcmp(*argv, "-base64") == 0) |
|
| base64 = 1; |
|
| #ifdef ZLIB |
|
| else if (strcmp(*argv, "-z") == 0) |
|
| do_zlib = 1; |
|
| #endif |
|
| else if (strcmp(*argv, "-bufsize") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| bufsize = (unsigned char *) *(++argv); |
|
| } else if (strcmp(*argv, "-k") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| str = *(++argv); |
|
| } else if (strcmp(*argv, "-kfile") == 0) { |
|
| static char buf[128]; |
|
| FILE *infile; |
|
| char *file; |
|
| |
|
| if (--argc < 1) |
if (options_parse(argc, argv, enc_options, NULL, NULL) != 0) { |
| goto bad; |
enc_usage(); |
| file = *(++argv); |
goto end; |
| infile = fopen(file, "r"); |
} |
| if (infile == NULL) { |
|
| BIO_printf(bio_err, "unable to read key from '%s'\n", |
|
| file); |
|
| goto bad; |
|
| } |
|
| buf[0] = '\0'; |
|
| if (!fgets(buf, sizeof buf, infile)) { |
|
| BIO_printf(bio_err, "unable to read key from '%s'\n", |
|
| file); |
|
| fclose(infile); |
|
| goto bad; |
|
| } |
|
| fclose(infile); |
|
| i = strlen(buf); |
|
| if ((i > 0) && |
|
| ((buf[i - 1] == '\n') || (buf[i - 1] == '\r'))) |
|
| buf[--i] = '\0'; |
|
| if ((i > 0) && |
|
| ((buf[i - 1] == '\n') || (buf[i - 1] == '\r'))) |
|
| buf[--i] = '\0'; |
|
| if (i < 1) { |
|
| BIO_printf(bio_err, "zero length password\n"); |
|
| goto bad; |
|
| } |
|
| str = buf; |
|
| } else if (strcmp(*argv, "-K") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| hkey = *(++argv); |
|
| } else if (strcmp(*argv, "-S") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| hsalt = *(++argv); |
|
| } else if (strcmp(*argv, "-iv") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| hiv = *(++argv); |
|
| } else if (strcmp(*argv, "-md") == 0) { |
|
| if (--argc < 1) |
|
| goto bad; |
|
| md = *(++argv); |
|
| } else if ((argv[0][0] == '-') && |
|
| ((c = EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) { |
|
| cipher = c; |
|
| } else if (strcmp(*argv, "-none") == 0) |
|
| cipher = NULL; |
|
| else { |
|
| BIO_printf(bio_err, "unknown option '%s'\n", *argv); |
|
| bad: |
|
| BIO_printf(bio_err, "options are\n"); |
|
| BIO_printf(bio_err, "%-14s input file\n", "-in <file>"); |
|
| BIO_printf(bio_err, "%-14s output file\n", "-out <file>"); |
|
| BIO_printf(bio_err, "%-14s pass phrase source\n", "-pass <arg>"); |
|
| BIO_printf(bio_err, "%-14s encrypt\n", "-e"); |
|
| BIO_printf(bio_err, "%-14s decrypt\n", "-d"); |
|
| BIO_printf(bio_err, "%-14s base64 encode/decode, depending on encryption flag\n", "-a/-base64"); |
|
| BIO_printf(bio_err, "%-14s passphrase is the next argument\n", "-k"); |
|
| BIO_printf(bio_err, "%-14s passphrase is the first line of the file argument\n", "-kfile"); |
|
| BIO_printf(bio_err, "%-14s the next argument is the md to use to create a key\n", "-md"); |
|
| BIO_printf(bio_err, "%-14s from a passphrase. One of md2, md5, sha or sha1\n", ""); |
|
| BIO_printf(bio_err, "%-14s salt in hex is the next argument\n", "-S"); |
|
| BIO_printf(bio_err, "%-14s key/iv in hex is the next argument\n", "-K/-iv"); |
|
| BIO_printf(bio_err, "%-14s print the iv/key (then exit if -P)\n", "-[pP]"); |
|
| BIO_printf(bio_err, "%-14s buffer size\n", "-bufsize <n>"); |
|
| BIO_printf(bio_err, "%-14s disable standard block padding\n", "-nopad"); |
|
| #ifndef OPENSSL_NO_ENGINE |
|
| BIO_printf(bio_err, "%-14s use engine e, possibly a hardware device.\n", "-engine e"); |
|
| #endif |
|
| |
|
| BIO_printf(bio_err, "Cipher Types\n"); |
if (enc_config.keyfile != NULL) { |
| OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, |
static char buf[128]; |
| show_ciphers, |
FILE *infile; |
| bio_err); |
|
| BIO_printf(bio_err, "\n"); |
|
| |
|
| |
infile = fopen(enc_config.keyfile, "r"); |
| |
if (infile == NULL) { |
| |
BIO_printf(bio_err, "unable to read key from '%s'\n", |
| |
enc_config.keyfile); |
| goto end; |
goto end; |
| } |
} |
| argc--; |
buf[0] = '\0'; |
| argv++; |
if (!fgets(buf, sizeof buf, infile)) { |
| |
BIO_printf(bio_err, "unable to read key from '%s'\n", |
| |
enc_config.keyfile); |
| |
fclose(infile); |
| |
goto end; |
| |
} |
| |
fclose(infile); |
| |
i = strlen(buf); |
| |
if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r'))) |
| |
buf[--i] = '\0'; |
| |
if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r'))) |
| |
buf[--i] = '\0'; |
| |
if (i < 1) { |
| |
BIO_printf(bio_err, "zero length password\n"); |
| |
goto end; |
| |
} |
| |
enc_config.keystr = buf; |
| } |
} |
| |
|
| #ifndef OPENSSL_NO_ENGINE |
#ifndef OPENSSL_NO_ENGINE |
| setup_engine(bio_err, engine, 0); |
setup_engine(bio_err, enc_config.engine, 0); |
| #endif |
#endif |
| |
|
| if (md && (dgst = EVP_get_digestbyname(md)) == NULL) { |
if (enc_config.md != NULL && |
| BIO_printf(bio_err, "%s is an unsupported message digest type\n", md); |
(dgst = EVP_get_digestbyname(enc_config.md)) == NULL) { |
| |
BIO_printf(bio_err, |
| |
"%s is an unsupported message digest type\n", |
| |
enc_config.md); |
| goto end; |
goto end; |
| } |
} |
| if (dgst == NULL) { |
if (dgst == NULL) { |
| dgst = EVP_md5(); |
dgst = EVP_md5(); /* XXX */ |
| } |
} |
| if (bufsize != NULL) { |
|
| |
if (enc_config.bufsize != NULL) { |
| |
char *p = enc_config.bufsize; |
| unsigned long n; |
unsigned long n; |
| |
|
| for (n = 0; *bufsize; bufsize++) { |
/* XXX - provide an OPTION_ARG_DISKUNIT. */ |
| i = *bufsize; |
for (n = 0; *p != '\0'; p++) { |
| |
i = *p; |
| if ((i <= '9') && (i >= '0')) |
if ((i <= '9') && (i >= '0')) |
| n = n * 10 + i - '0'; |
n = n * 10 + i - '0'; |
| else if (i == 'k') { |
else if (i == 'k') { |
| n *= 1024; |
n *= 1024; |
| bufsize++; |
p++; |
| break; |
break; |
| } |
} |
| } |
} |
| if (*bufsize != '\0') { |
if (*p != '\0') { |
| BIO_printf(bio_err, "invalid 'bufsize' specified.\n"); |
BIO_printf(bio_err, "invalid 'bufsize' specified.\n"); |
| goto end; |
goto end; |
| } |
} |
| /* It must be large enough for a base64 encoded line */ |
/* It must be large enough for a base64 encoded line. */ |
| if (base64 && n < 80) |
if (enc_config.base64 && n < 80) |
| n = 80; |
n = 80; |
| |
|
| bsize = (int) n; |
bsize = (int)n; |
| if (verbose) |
if (enc_config.verbose) |
| BIO_printf(bio_err, "bufsize=%d\n", bsize); |
BIO_printf(bio_err, "bufsize=%d\n", bsize); |
| } |
} |
| strbuf = malloc(SIZE); |
strbuf = malloc(SIZE); |
|
|
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (debug) { |
if (enc_config.debug) { |
| BIO_set_callback(in, BIO_debug_callback); |
BIO_set_callback(in, BIO_debug_callback); |
| BIO_set_callback(out, BIO_debug_callback); |
BIO_set_callback(out, BIO_debug_callback); |
| BIO_set_callback_arg(in, (char *) bio_err); |
BIO_set_callback_arg(in, (char *) bio_err); |
| BIO_set_callback_arg(out, (char *) bio_err); |
BIO_set_callback_arg(out, (char *) bio_err); |
| } |
} |
| if (inf == NULL) { |
if (enc_config.inf == NULL) { |
| if (bufsize != NULL) |
if (enc_config.bufsize != NULL) |
| setvbuf(stdin, (char *) NULL, _IONBF, 0); |
setvbuf(stdin, (char *) NULL, _IONBF, 0); |
| BIO_set_fp(in, stdin, BIO_NOCLOSE); |
BIO_set_fp(in, stdin, BIO_NOCLOSE); |
| } else { |
} else { |
| if (BIO_read_filename(in, inf) <= 0) { |
if (BIO_read_filename(in, enc_config.inf) <= 0) { |
| perror(inf); |
perror(enc_config.inf); |
| goto end; |
goto end; |
| } |
} |
| } |
} |
| |
|
| if (!str && passarg) { |
if (!enc_config.keystr && enc_config.passarg) { |
| if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) { |
if (!app_passwd(bio_err, enc_config.passarg, NULL, |
| |
&pass, NULL)) { |
| BIO_printf(bio_err, "Error getting password\n"); |
BIO_printf(bio_err, "Error getting password\n"); |
| goto end; |
goto end; |
| } |
} |
| str = pass; |
enc_config.keystr = pass; |
| } |
} |
| if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) { |
if (enc_config.keystr == NULL && enc_config.cipher != NULL && |
| |
enc_config.hkey == NULL) { |
| for (;;) { |
for (;;) { |
| char buf[200]; |
char buf[200]; |
| int retval; |
int retval; |
| |
|
| retval = snprintf(buf, sizeof buf, "enter %s %s password:", |
retval = snprintf(buf, sizeof buf, |
| OBJ_nid2ln(EVP_CIPHER_nid(cipher)), |
"enter %s %s password:", |
| (enc) ? "encryption" : "decryption"); |
OBJ_nid2ln(EVP_CIPHER_nid(enc_config.cipher)), |
| |
enc_config.enc ? "encryption" : "decryption"); |
| if ((size_t)retval >= sizeof buf) { |
if ((size_t)retval >= sizeof buf) { |
| BIO_printf(bio_err, "Password prompt too long\n"); |
BIO_printf(bio_err, |
| |
"Password prompt too long\n"); |
| goto end; |
goto end; |
| } |
} |
| strbuf[0] = '\0'; |
strbuf[0] = '\0'; |
| i = EVP_read_pw_string((char *) strbuf, SIZE, buf, enc); |
i = EVP_read_pw_string((char *)strbuf, SIZE, buf, |
| |
enc_config.enc); |
| if (i == 0) { |
if (i == 0) { |
| if (strbuf[0] == '\0') { |
if (strbuf[0] == '\0') { |
| ret = 1; |
ret = 1; |
| goto end; |
goto end; |
| } |
} |
| str = strbuf; |
enc_config.keystr = strbuf; |
| break; |
break; |
| } |
} |
| if (i < 0) { |
if (i < 0) { |
|
|
| } |
} |
| } |
} |
| } |
} |
| if (outf == NULL) { |
if (enc_config.outf == NULL) { |
| BIO_set_fp(out, stdout, BIO_NOCLOSE); |
BIO_set_fp(out, stdout, BIO_NOCLOSE); |
| if (bufsize != NULL) |
if (enc_config.bufsize != NULL) |
| setvbuf(stdout, (char *) NULL, _IONBF, 0); |
setvbuf(stdout, (char *)NULL, _IONBF, 0); |
| } else { |
} else { |
| if (BIO_write_filename(out, outf) <= 0) { |
if (BIO_write_filename(out, enc_config.outf) <= 0) { |
| perror(outf); |
perror(enc_config.outf); |
| goto end; |
goto end; |
| } |
} |
| } |
} |
|
|
| wbio = out; |
wbio = out; |
| |
|
| #ifdef ZLIB |
#ifdef ZLIB |
| |
|
| if (do_zlib) { |
if (do_zlib) { |
| if ((bzl = BIO_new(BIO_f_zlib())) == NULL) |
if ((bzl = BIO_new(BIO_f_zlib())) == NULL) |
| goto end; |
goto end; |
|
|
| } |
} |
| #endif |
#endif |
| |
|
| if (base64) { |
if (enc_config.base64) { |
| if ((b64 = BIO_new(BIO_f_base64())) == NULL) |
if ((b64 = BIO_new(BIO_f_base64())) == NULL) |
| goto end; |
goto end; |
| if (debug) { |
if (enc_config.debug) { |
| BIO_set_callback(b64, BIO_debug_callback); |
BIO_set_callback(b64, BIO_debug_callback); |
| BIO_set_callback_arg(b64, (char *) bio_err); |
BIO_set_callback_arg(b64, (char *) bio_err); |
| } |
} |
| if (olb64) |
if (enc_config.olb64) |
| BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); |
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); |
| if (enc) |
if (enc_config.enc) |
| wbio = BIO_push(b64, wbio); |
wbio = BIO_push(b64, wbio); |
| else |
else |
| rbio = BIO_push(b64, rbio); |
rbio = BIO_push(b64, rbio); |
| } |
} |
| if (cipher != NULL) { |
if (enc_config.cipher != NULL) { |
| /* |
/* |
| * Note that str is NULL if a key was passed on the command |
* Note that keystr is NULL if a key was passed on the command |
| * line, so we get no salt in that case. Is this a bug? |
* line, so we get no salt in that case. Is this a bug? |
| */ |
*/ |
| if (str != NULL) { |
if (enc_config.keystr != NULL) { |
| /* |
/* |
| * Salt handling: if encrypting generate a salt and |
* Salt handling: if encrypting generate a salt and |
| * write to output BIO. If decrypting read salt from |
* write to output BIO. If decrypting read salt from |
| * input BIO. |
* input BIO. |
| */ |
*/ |
| unsigned char *sptr; |
unsigned char *sptr; |
| if (nosalt) |
if (enc_config.nosalt) |
| sptr = NULL; |
sptr = NULL; |
| else { |
else { |
| if (enc) { |
if (enc_config.enc) { |
| if (hsalt) { |
if (enc_config.hsalt) { |
| if (!set_hex(hsalt, salt, sizeof salt)) { |
if (!set_hex(enc_config.hsalt, salt, sizeof salt)) { |
| BIO_printf(bio_err, |
BIO_printf(bio_err, |
| "invalid hex salt value\n"); |
"invalid hex salt value\n"); |
| goto end; |
goto end; |
|
|
| * If -P option then don't bother |
* If -P option then don't bother |
| * writing |
* writing |
| */ |
*/ |
| if ((printkey != 2) |
if ((enc_config.printkey != 2) |
| && (BIO_write(wbio, magic, |
&& (BIO_write(wbio, magic, |
| sizeof magic - 1) != sizeof magic - 1 |
sizeof magic - 1) != sizeof magic - 1 |
| || BIO_write(wbio, |
|| BIO_write(wbio, |
|
|
| sptr = salt; |
sptr = salt; |
| } |
} |
| |
|
| EVP_BytesToKey(cipher, dgst, sptr, |
EVP_BytesToKey(enc_config.cipher, dgst, sptr, |
| (unsigned char *) str, |
(unsigned char *)enc_config.keystr, |
| strlen(str), 1, key, iv); |
strlen(enc_config.keystr), 1, key, iv); |
| /* |
/* |
| * zero the complete buffer or the string passed from |
* zero the complete buffer or the string passed from |
| * the command line bug picked up by Larry J. Hughes |
* the command line bug picked up by Larry J. Hughes |
| * Jr. <hughes@indiana.edu> |
* Jr. <hughes@indiana.edu> |
| */ |
*/ |
| if (str == strbuf) |
if (enc_config.keystr == strbuf) |
| OPENSSL_cleanse(str, SIZE); |
OPENSSL_cleanse(enc_config.keystr, SIZE); |
| else |
else |
| OPENSSL_cleanse(str, strlen(str)); |
OPENSSL_cleanse(enc_config.keystr, |
| |
strlen(enc_config.keystr)); |
| } |
} |
| if ((hiv != NULL) && !set_hex(hiv, iv, sizeof iv)) { |
if (enc_config.hiv != NULL && |
| |
!set_hex(enc_config.hiv, iv, sizeof iv)) { |
| BIO_printf(bio_err, "invalid hex iv value\n"); |
BIO_printf(bio_err, "invalid hex iv value\n"); |
| goto end; |
goto end; |
| } |
} |
| if ((hiv == NULL) && (str == NULL) |
if (enc_config.hiv == NULL && enc_config.keystr == NULL && |
| && EVP_CIPHER_iv_length(cipher) != 0) { |
EVP_CIPHER_iv_length(enc_config.cipher) != 0) { |
| /* |
/* |
| * No IV was explicitly set and no IV was generated |
* No IV was explicitly set and no IV was generated |
| * during EVP_BytesToKey. Hence the IV is undefined, |
* during EVP_BytesToKey. Hence the IV is undefined, |
|
|
| BIO_printf(bio_err, "iv undefined\n"); |
BIO_printf(bio_err, "iv undefined\n"); |
| goto end; |
goto end; |
| } |
} |
| if ((hkey != NULL) && !set_hex(hkey, key, sizeof key)) { |
if (enc_config.hkey != NULL && |
| |
!set_hex(enc_config.hkey, key, sizeof key)) { |
| BIO_printf(bio_err, "invalid hex key value\n"); |
BIO_printf(bio_err, "invalid hex key value\n"); |
| goto end; |
goto end; |
| } |
} |
|
|
| |
|
| BIO_get_cipher_ctx(benc, &ctx); |
BIO_get_cipher_ctx(benc, &ctx); |
| |
|
| if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) { |
if (!EVP_CipherInit_ex(ctx, enc_config.cipher, NULL, NULL, |
| |
NULL, enc_config.enc)) { |
| BIO_printf(bio_err, "Error setting cipher %s\n", |
BIO_printf(bio_err, "Error setting cipher %s\n", |
| EVP_CIPHER_name(cipher)); |
EVP_CIPHER_name(enc_config.cipher)); |
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (nopad) |
if (enc_config.nopad) |
| EVP_CIPHER_CTX_set_padding(ctx, 0); |
EVP_CIPHER_CTX_set_padding(ctx, 0); |
| |
|
| if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) { |
if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, |
| |
enc_config.enc)) { |
| BIO_printf(bio_err, "Error setting cipher %s\n", |
BIO_printf(bio_err, "Error setting cipher %s\n", |
| EVP_CIPHER_name(cipher)); |
EVP_CIPHER_name(enc_config.cipher)); |
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (debug) { |
if (enc_config.debug) { |
| BIO_set_callback(benc, BIO_debug_callback); |
BIO_set_callback(benc, BIO_debug_callback); |
| BIO_set_callback_arg(benc, (char *) bio_err); |
BIO_set_callback_arg(benc, (char *) bio_err); |
| } |
} |
| if (printkey) { |
if (enc_config.printkey) { |
| if (!nosalt) { |
if (!enc_config.nosalt) { |
| printf("salt="); |
printf("salt="); |
| for (i = 0; i < (int) sizeof(salt); i++) |
for (i = 0; i < (int) sizeof(salt); i++) |
| printf("%02X", salt[i]); |
printf("%02X", salt[i]); |
| printf("\n"); |
printf("\n"); |
| } |
} |
| if (cipher->key_len > 0) { |
if (enc_config.cipher->key_len > 0) { |
| printf("key="); |
printf("key="); |
| for (i = 0; i < cipher->key_len; i++) |
for (i = 0; i < enc_config.cipher->key_len; i++) |
| printf("%02X", key[i]); |
printf("%02X", key[i]); |
| printf("\n"); |
printf("\n"); |
| } |
} |
| if (cipher->iv_len > 0) { |
if (enc_config.cipher->iv_len > 0) { |
| printf("iv ="); |
printf("iv ="); |
| for (i = 0; i < cipher->iv_len; i++) |
for (i = 0; i < enc_config.cipher->iv_len; i++) |
| printf("%02X", iv[i]); |
printf("%02X", iv[i]); |
| printf("\n"); |
printf("\n"); |
| } |
} |
| if (printkey == 2) { |
if (enc_config.printkey == 2) { |
| ret = 0; |
ret = 0; |
| goto end; |
goto end; |
| } |
} |
|
|
| goto end; |
goto end; |
| } |
} |
| ret = 0; |
ret = 0; |
| if (verbose) { |
if (enc_config.verbose) { |
| BIO_printf(bio_err, "bytes read :%8ld\n", BIO_number_read(in)); |
BIO_printf(bio_err, "bytes read :%8ld\n", BIO_number_read(in)); |
| BIO_printf(bio_err, "bytes written:%8ld\n", BIO_number_written(out)); |
BIO_printf(bio_err, "bytes written:%8ld\n", BIO_number_written(out)); |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to enc.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl