summaryrefslogtreecommitdiff
path: root/usr.bin
diff options
context:
space:
mode:
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/openssl/enc.c632
1 files changed, 382 insertions, 250 deletions
diff --git a/usr.bin/openssl/enc.c b/usr.bin/openssl/enc.c
index b5aaab9842d..e449ac8cc78 100644
--- a/usr.bin/openssl/enc.c
+++ b/usr.bin/openssl/enc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: enc.c,v 1.3 2014/10/22 13:54:03 jsing Exp $ */
+/* $OpenBSD: enc.c,v 1.4 2015/01/01 13:55:03 jsing Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -75,23 +75,257 @@ int set_hex(char *in, unsigned char *out, int size);
#define SIZE (512)
#define BSIZE (8*1024)
-#define PROG enc_main
+
+static struct {
+ int base64;
+ char *bufsize;
+ const EVP_CIPHER *cipher;
+ int debug;
+#ifdef ZLIB
+ int do_zlib;
+#endif
+ int enc;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine;
+#endif
+ char *hiv;
+ char *hkey;
+ char *hsalt;
+ char *inf;
+ char *keyfile;
+ char *keystr;
+ char *md;
+ int nopad;
+ int nosalt;
+ int olb64;
+ char *outf;
+ char *passarg;
+ int printkey;
+ int verbose;
+} enc_config;
+
+static int
+enc_opt_cipher(int argc, char **argv, int *argsused)
+{
+ char *name = argv[0];
+
+ if (*name++ != '-')
+ return (1);
+
+ if (strcmp(name, "none") == 0) {
+ enc_config.cipher = NULL;
+ *argsused = 1;
+ return (0);
+ }
+
+ if ((enc_config.cipher = EVP_get_cipherbyname(name)) != NULL) {
+ *argsused = 1;
+ return (0);
+ }
+
+ return (1);
+}
+
+static struct option enc_options[] = {
+ {
+ .name = "A",
+ .desc = "Process base64 data on one line (requires -a)",
+ .type = OPTION_FLAG,
+ .opt.flag = &enc_config.olb64,
+ },
+ {
+ .name = "a",
+ .desc = "Perform base64 encoding/decoding (alias -base64)",
+ .type = OPTION_FLAG,
+ .opt.flag = &enc_config.base64,
+ },
+ {
+ .name = "base64",
+ .type = OPTION_FLAG,
+ .opt.flag = &enc_config.base64,
+ },
+ {
+ .name = "bufsize",
+ .argname = "size",
+ .desc = "Specify the buffer size to use for I/O",
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.bufsize,
+ },
+ {
+ .name = "d",
+ .desc = "Decrypt the input data",
+ .type = OPTION_VALUE,
+ .opt.value = &enc_config.enc,
+ .value = 0,
+ },
+ {
+ .name = "debug",
+ .desc = "Print debugging information",
+ .type = OPTION_FLAG,
+ .opt.flag = &enc_config.debug,
+ },
+ {
+ .name = "e",
+ .desc = "Encrypt the input data (default)",
+ .type = OPTION_VALUE,
+ .opt.value = &enc_config.enc,
+ .value = 1,
+ },
+#ifndef OPENSSL_NO_ENGINE
+ {
+ .name = "engine",
+ .argname = "id",
+ .desc = "Use the engine specified by the given identifier",
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.engine,
+ },
+#endif
+ {
+ .name = "in",
+ .argname = "file",
+ .desc = "Input file to read from (default stdin)",
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.inf,
+ },
+ {
+ .name = "iv",
+ .argname = "IV",
+ .desc = "IV to use, specified as a hexidecimal string",
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.hiv,
+ },
+ {
+ .name = "K",
+ .argname = "key",
+ .desc = "Key to use, specified as a hexidecimal string",
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.hkey,
+ },
+ {
+ .name = "k", /* Superseded by -pass. */
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.keystr,
+ },
+ {
+ .name = "kfile", /* Superseded by -pass. */
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.keyfile,
+ },
+ {
+ .name = "md",
+ .argname = "digest",
+ .desc = "Digest to use to create a key from the passphrase",
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.md,
+ },
+ {
+ .name = "none",
+ .desc = "Use NULL cipher (no encryption or decryption)",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = enc_opt_cipher,
+ },
+ {
+ .name = "nopad",
+ .desc = "Disable standard block padding",
+ .type = OPTION_FLAG,
+ .opt.flag = &enc_config.nopad,
+ },
+ {
+ .name = "nosalt",
+ .type = OPTION_VALUE,
+ .opt.value = &enc_config.nosalt,
+ .value = 1,
+ },
+ {
+ .name = "out",
+ .argname = "file",
+ .desc = "Output file to write to (default stdout)",
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.outf,
+ },
+ {
+ .name = "P",
+ .desc = "Print out the salt, key and IV used, then exit\n"
+ " (no encryption or decryption is performed)",
+ .type = OPTION_VALUE,
+ .opt.value = &enc_config.printkey,
+ .value = 2,
+ },
+ {
+ .name = "p",
+ .desc = "Print out the salt, key and IV used",
+ .type = OPTION_VALUE,
+ .opt.value = &enc_config.printkey,
+ .value = 1,
+ },
+ {
+ .name = "pass",
+ .argname = "source",
+ .desc = "Password source",
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.passarg,
+ },
+ {
+ .name = "S",
+ .argname = "salt",
+ .desc = "Salt to use, specified as a hexidecimal string",
+ .type = OPTION_ARG,
+ .opt.arg = &enc_config.hsalt,
+ },
+ {
+ .name = "salt",
+ .desc = "Use a salt in the key derivation routines (default)",
+ .type = OPTION_VALUE,
+ .opt.value = &enc_config.nosalt,
+ .value = 0,
+ },
+ {
+ .name = "v",
+ .desc = "Verbose",
+ .type = OPTION_FLAG,
+ .opt.flag = &enc_config.verbose,
+ },
+#ifdef ZLIB
+ {
+ .name = "z",
+ .desc = "Perform zlib compression/decompression",
+ .type = OPTION_FLAG,
+ .opt.flag = &enc_config.do_zlib,
+ },
+#endif
+ {
+ .name = NULL,
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = enc_opt_cipher,
+ },
+ { NULL },
+};
static void
-show_ciphers(const OBJ_NAME * name, void *bio_)
+show_ciphers(const OBJ_NAME *name, void *arg)
{
- BIO *bio = bio_;
static int n;
- if (!islower((unsigned char) *name->name))
+ if (!islower((unsigned char)*name->name))
return;
- BIO_printf(bio, "-%-25s", name->name);
- if (++n == 3) {
- BIO_printf(bio, "\n");
- n = 0;
- } else
- BIO_printf(bio, " ");
+ fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
+}
+
+static void
+enc_usage(void)
+{
+ fprintf(stderr, "usage: enc -ciphername [-AadePp] [-base64] "
+ "[-bufsize number] [-debug]\n"
+ " [-engine id] [-in file] [-iv IV] [-K key] [-k password]\n"
+ " [-kfile file] [-md digest] [-none] [-nopad] [-nosalt]\n"
+ " [-out file] [-pass arg] [-S salt] [-salt]\n\n");
+ options_usage(enc_options);
+ fprintf(stderr, "\n");
+
+ fprintf(stderr, "Valid ciphername values:\n\n");
+ OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
+ fprintf(stderr, "\n");
}
int enc_main(int, char **);
@@ -101,237 +335,126 @@ enc_main(int argc, char **argv)
{
static const char magic[] = "Salted__";
char mbuf[sizeof magic - 1];
- char *strbuf = NULL;
- unsigned char *buff = NULL, *bufsize = NULL;
- int bsize = BSIZE, verbose = 0;
+ char *strbuf = NULL, *pass = NULL;
+ unsigned char *buff = NULL;
+ int bsize = BSIZE;
int ret = 1, inl;
- int nopad = 0;
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
unsigned char salt[PKCS5_SALT_LEN];
- char *str = NULL, *passarg = NULL, *pass = NULL;
- char *hkey = NULL, *hiv = NULL, *hsalt = NULL;
- char *md = NULL;
- int enc = 1, printkey = 0, i, base64 = 0;
#ifdef ZLIB
- int do_zlib = 0;
BIO *bzl = NULL;
#endif
- int debug = 0, olb64 = 0, nosalt = 0;
- const EVP_CIPHER *cipher = NULL, *c;
EVP_CIPHER_CTX *ctx = NULL;
- char *inf = NULL, *outf = NULL;
- BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio = NULL,
- *wbio = NULL;
+ const EVP_MD *dgst = NULL;
+ BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL;
+ BIO *rbio = NULL, *wbio = NULL;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE + 1];
-#ifndef OPENSSL_NO_ENGINE
- char *engine = NULL;
-#endif
- const EVP_MD *dgst = NULL;
+ int i;
+
+ memset(&enc_config, 0, sizeof(enc_config));
+ enc_config.enc = 1;
/* first check the program name */
- program_name(argv[0], pname, sizeof pname);
+ program_name(argv[0], pname, sizeof(pname));
+
if (strcmp(pname, "base64") == 0)
- base64 = 1;
+ enc_config.base64 = 1;
+
#ifdef ZLIB
if (strcmp(pname, "zlib") == 0)
- do_zlib = 1;
+ enc_config.do_zlib = 1;
#endif
- cipher = EVP_get_cipherbyname(pname);
+ enc_config.cipher = EVP_get_cipherbyname(pname);
+
#ifdef ZLIB
- if (!do_zlib && !base64 && (cipher == NULL)
- && (strcmp(pname, "enc") != 0))
+ if (!enc_config.do_zlib && !enc_config.base64 &&
+ enc_config.cipher == NULL && strcmp(pname, "enc") != 0)
#else
- if (!base64 && (cipher == NULL) && (strcmp(pname, "enc") != 0))
+ if (!enc_config.base64 && enc_config.cipher == NULL &&
+ strcmp(pname, "enc") != 0)
#endif
{
BIO_printf(bio_err, "%s is an unknown cipher\n", pname);
- goto bad;
+ goto end;
}
- argc--;
- argv++;
- while (argc >= 1) {
- if (strcmp(*argv, "-e") == 0)
- enc = 1;
- else if (strcmp(*argv, "-in") == 0) {
- if (--argc < 1)
- goto bad;
- inf = *(++argv);
- } else if (strcmp(*argv, "-out") == 0) {
- if (--argc < 1)
- goto bad;
- outf = *(++argv);
- } else if (strcmp(*argv, "-pass") == 0) {
- if (--argc < 1)
- goto bad;
- passarg = *(++argv);
- }
-#ifndef OPENSSL_NO_ENGINE
- else if (strcmp(*argv, "-engine") == 0) {
- if (--argc < 1)
- goto bad;
- engine = *(++argv);
- }
-#endif
- else if (strcmp(*argv, "-d") == 0)
- enc = 0;
- else if (strcmp(*argv, "-p") == 0)
- printkey = 1;
- else if (strcmp(*argv, "-v") == 0)
- verbose = 1;
- else if (strcmp(*argv, "-nopad") == 0)
- nopad = 1;
- else if (strcmp(*argv, "-salt") == 0)
- nosalt = 0;
- else if (strcmp(*argv, "-nosalt") == 0)
- nosalt = 1;
- else if (strcmp(*argv, "-debug") == 0)
- debug = 1;
- else if (strcmp(*argv, "-P") == 0)
- printkey = 2;
- else if (strcmp(*argv, "-A") == 0)
- olb64 = 1;
- else if (strcmp(*argv, "-a") == 0)
- base64 = 1;
- else if (strcmp(*argv, "-base64") == 0)
- base64 = 1;
-#ifdef ZLIB
- else if (strcmp(*argv, "-z") == 0)
- do_zlib = 1;
-#endif
- else if (strcmp(*argv, "-bufsize") == 0) {
- if (--argc < 1)
- goto bad;
- bufsize = (unsigned char *) *(++argv);
- } else if (strcmp(*argv, "-k") == 0) {
- if (--argc < 1)
- goto bad;
- str = *(++argv);
- } else if (strcmp(*argv, "-kfile") == 0) {
- static char buf[128];
- FILE *infile;
- char *file;
-
- if (--argc < 1)
- goto bad;
- file = *(++argv);
- infile = fopen(file, "r");
- if (infile == NULL) {
- BIO_printf(bio_err, "unable to read key from '%s'\n",
- file);
- goto bad;
- }
- buf[0] = '\0';
- if (!fgets(buf, sizeof buf, infile)) {
- BIO_printf(bio_err, "unable to read key from '%s'\n",
- file);
- fclose(infile);
- goto bad;
- }
- fclose(infile);
- i = strlen(buf);
- if ((i > 0) &&
- ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
- buf[--i] = '\0';
- if ((i > 0) &&
- ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
- buf[--i] = '\0';
- if (i < 1) {
- BIO_printf(bio_err, "zero length password\n");
- goto bad;
- }
- str = buf;
- } else if (strcmp(*argv, "-K") == 0) {
- if (--argc < 1)
- goto bad;
- hkey = *(++argv);
- } else if (strcmp(*argv, "-S") == 0) {
- if (--argc < 1)
- goto bad;
- hsalt = *(++argv);
- } else if (strcmp(*argv, "-iv") == 0) {
- if (--argc < 1)
- goto bad;
- hiv = *(++argv);
- } else if (strcmp(*argv, "-md") == 0) {
- if (--argc < 1)
- goto bad;
- md = *(++argv);
- } else if ((argv[0][0] == '-') &&
- ((c = EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) {
- cipher = c;
- } else if (strcmp(*argv, "-none") == 0)
- cipher = NULL;
- else {
- BIO_printf(bio_err, "unknown option '%s'\n", *argv);
- bad:
- BIO_printf(bio_err, "options are\n");
- BIO_printf(bio_err, "%-14s input file\n", "-in <file>");
- BIO_printf(bio_err, "%-14s output file\n", "-out <file>");
- BIO_printf(bio_err, "%-14s pass phrase source\n", "-pass <arg>");
- BIO_printf(bio_err, "%-14s encrypt\n", "-e");
- BIO_printf(bio_err, "%-14s decrypt\n", "-d");
- BIO_printf(bio_err, "%-14s base64 encode/decode, depending on encryption flag\n", "-a/-base64");
- BIO_printf(bio_err, "%-14s passphrase is the next argument\n", "-k");
- BIO_printf(bio_err, "%-14s passphrase is the first line of the file argument\n", "-kfile");
- BIO_printf(bio_err, "%-14s the next argument is the md to use to create a key\n", "-md");
- BIO_printf(bio_err, "%-14s from a passphrase. One of md2, md5, sha or sha1\n", "");
- BIO_printf(bio_err, "%-14s salt in hex is the next argument\n", "-S");
- BIO_printf(bio_err, "%-14s key/iv in hex is the next argument\n", "-K/-iv");
- BIO_printf(bio_err, "%-14s print the iv/key (then exit if -P)\n", "-[pP]");
- BIO_printf(bio_err, "%-14s buffer size\n", "-bufsize <n>");
- BIO_printf(bio_err, "%-14s disable standard block padding\n", "-nopad");
-#ifndef OPENSSL_NO_ENGINE
- BIO_printf(bio_err, "%-14s use engine e, possibly a hardware device.\n", "-engine e");
-#endif
- BIO_printf(bio_err, "Cipher Types\n");
- OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
- show_ciphers,
- bio_err);
- BIO_printf(bio_err, "\n");
+ if (options_parse(argc, argv, enc_options, NULL, NULL) != 0) {
+ enc_usage();
+ goto end;
+ }
+
+ if (enc_config.keyfile != NULL) {
+ static char buf[128];
+ FILE *infile;
+ infile = fopen(enc_config.keyfile, "r");
+ if (infile == NULL) {
+ BIO_printf(bio_err, "unable to read key from '%s'\n",
+ enc_config.keyfile);
+ goto end;
+ }
+ buf[0] = '\0';
+ if (!fgets(buf, sizeof buf, infile)) {
+ BIO_printf(bio_err, "unable to read key from '%s'\n",
+ enc_config.keyfile);
+ fclose(infile);
goto end;
}
- argc--;
- argv++;
+ fclose(infile);
+ i = strlen(buf);
+ if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
+ buf[--i] = '\0';
+ if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
+ buf[--i] = '\0';
+ if (i < 1) {
+ BIO_printf(bio_err, "zero length password\n");
+ goto end;
+ }
+ enc_config.keystr = buf;
}
#ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, enc_config.engine, 0);
#endif
- if (md && (dgst = EVP_get_digestbyname(md)) == NULL) {
- BIO_printf(bio_err, "%s is an unsupported message digest type\n", md);
+ if (enc_config.md != NULL &&
+ (dgst = EVP_get_digestbyname(enc_config.md)) == NULL) {
+ BIO_printf(bio_err,
+ "%s is an unsupported message digest type\n",
+ enc_config.md);
goto end;
}
if (dgst == NULL) {
- dgst = EVP_md5();
+ dgst = EVP_md5(); /* XXX */
}
- if (bufsize != NULL) {
+
+ if (enc_config.bufsize != NULL) {
+ char *p = enc_config.bufsize;
unsigned long n;
- for (n = 0; *bufsize; bufsize++) {
- i = *bufsize;
+ /* XXX - provide an OPTION_ARG_DISKUNIT. */
+ for (n = 0; *p != '\0'; p++) {
+ i = *p;
if ((i <= '9') && (i >= '0'))
n = n * 10 + i - '0';
else if (i == 'k') {
n *= 1024;
- bufsize++;
+ p++;
break;
}
}
- if (*bufsize != '\0') {
+ if (*p != '\0') {
BIO_printf(bio_err, "invalid 'bufsize' specified.\n");
goto end;
}
- /* It must be large enough for a base64 encoded line */
- if (base64 && n < 80)
+ /* It must be large enough for a base64 encoded line. */
+ if (enc_config.base64 && n < 80)
n = 80;
- bsize = (int) n;
- if (verbose)
+ bsize = (int)n;
+ if (enc_config.verbose)
BIO_printf(bio_err, "bufsize=%d\n", bsize);
}
strbuf = malloc(SIZE);
@@ -346,50 +469,55 @@ enc_main(int argc, char **argv)
ERR_print_errors(bio_err);
goto end;
}
- if (debug) {
+ if (enc_config.debug) {
BIO_set_callback(in, BIO_debug_callback);
BIO_set_callback(out, BIO_debug_callback);
BIO_set_callback_arg(in, (char *) bio_err);
BIO_set_callback_arg(out, (char *) bio_err);
}
- if (inf == NULL) {
- if (bufsize != NULL)
+ if (enc_config.inf == NULL) {
+ if (enc_config.bufsize != NULL)
setvbuf(stdin, (char *) NULL, _IONBF, 0);
BIO_set_fp(in, stdin, BIO_NOCLOSE);
} else {
- if (BIO_read_filename(in, inf) <= 0) {
- perror(inf);
+ if (BIO_read_filename(in, enc_config.inf) <= 0) {
+ perror(enc_config.inf);
goto end;
}
}
- if (!str && passarg) {
- if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
+ if (!enc_config.keystr && enc_config.passarg) {
+ if (!app_passwd(bio_err, enc_config.passarg, NULL,
+ &pass, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;
}
- str = pass;
+ enc_config.keystr = pass;
}
- if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
+ if (enc_config.keystr == NULL && enc_config.cipher != NULL &&
+ enc_config.hkey == NULL) {
for (;;) {
char buf[200];
int retval;
- retval = snprintf(buf, sizeof buf, "enter %s %s password:",
- OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
- (enc) ? "encryption" : "decryption");
+ retval = snprintf(buf, sizeof buf,
+ "enter %s %s password:",
+ OBJ_nid2ln(EVP_CIPHER_nid(enc_config.cipher)),
+ enc_config.enc ? "encryption" : "decryption");
if ((size_t)retval >= sizeof buf) {
- BIO_printf(bio_err, "Password prompt too long\n");
+ BIO_printf(bio_err,
+ "Password prompt too long\n");
goto end;
}
strbuf[0] = '\0';
- i = EVP_read_pw_string((char *) strbuf, SIZE, buf, enc);
+ i = EVP_read_pw_string((char *)strbuf, SIZE, buf,
+ enc_config.enc);
if (i == 0) {
if (strbuf[0] == '\0') {
ret = 1;
goto end;
}
- str = strbuf;
+ enc_config.keystr = strbuf;
break;
}
if (i < 0) {
@@ -398,13 +526,13 @@ enc_main(int argc, char **argv)
}
}
}
- if (outf == NULL) {
+ if (enc_config.outf == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
- if (bufsize != NULL)
- setvbuf(stdout, (char *) NULL, _IONBF, 0);
+ if (enc_config.bufsize != NULL)
+ setvbuf(stdout, (char *)NULL, _IONBF, 0);
} else {
- if (BIO_write_filename(out, outf) <= 0) {
- perror(outf);
+ if (BIO_write_filename(out, enc_config.outf) <= 0) {
+ perror(enc_config.outf);
goto end;
}
}
@@ -413,7 +541,6 @@ enc_main(int argc, char **argv)
wbio = out;
#ifdef ZLIB
-
if (do_zlib) {
if ((bzl = BIO_new(BIO_f_zlib())) == NULL)
goto end;
@@ -424,38 +551,38 @@ enc_main(int argc, char **argv)
}
#endif
- if (base64) {
+ if (enc_config.base64) {
if ((b64 = BIO_new(BIO_f_base64())) == NULL)
goto end;
- if (debug) {
+ if (enc_config.debug) {
BIO_set_callback(b64, BIO_debug_callback);
BIO_set_callback_arg(b64, (char *) bio_err);
}
- if (olb64)
+ if (enc_config.olb64)
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
- if (enc)
+ if (enc_config.enc)
wbio = BIO_push(b64, wbio);
else
rbio = BIO_push(b64, rbio);
}
- if (cipher != NULL) {
+ if (enc_config.cipher != NULL) {
/*
- * Note that str is NULL if a key was passed on the command
+ * Note that keystr is NULL if a key was passed on the command
* line, so we get no salt in that case. Is this a bug?
*/
- if (str != NULL) {
+ if (enc_config.keystr != NULL) {
/*
* Salt handling: if encrypting generate a salt and
* write to output BIO. If decrypting read salt from
* input BIO.
*/
unsigned char *sptr;
- if (nosalt)
+ if (enc_config.nosalt)
sptr = NULL;
else {
- if (enc) {
- if (hsalt) {
- if (!set_hex(hsalt, salt, sizeof salt)) {
+ if (enc_config.enc) {
+ if (enc_config.hsalt) {
+ if (!set_hex(enc_config.hsalt, salt, sizeof salt)) {
BIO_printf(bio_err,
"invalid hex salt value\n");
goto end;
@@ -467,7 +594,7 @@ enc_main(int argc, char **argv)
* If -P option then don't bother
* writing
*/
- if ((printkey != 2)
+ if ((enc_config.printkey != 2)
&& (BIO_write(wbio, magic,
sizeof magic - 1) != sizeof magic - 1
|| BIO_write(wbio,
@@ -489,25 +616,27 @@ enc_main(int argc, char **argv)
sptr = salt;
}
- EVP_BytesToKey(cipher, dgst, sptr,
- (unsigned char *) str,
- strlen(str), 1, key, iv);
+ EVP_BytesToKey(enc_config.cipher, dgst, sptr,
+ (unsigned char *)enc_config.keystr,
+ strlen(enc_config.keystr), 1, key, iv);
/*
* zero the complete buffer or the string passed from
* the command line bug picked up by Larry J. Hughes
* Jr. <hughes@indiana.edu>
*/
- if (str == strbuf)
- OPENSSL_cleanse(str, SIZE);
+ if (enc_config.keystr == strbuf)
+ OPENSSL_cleanse(enc_config.keystr, SIZE);
else
- OPENSSL_cleanse(str, strlen(str));
+ OPENSSL_cleanse(enc_config.keystr,
+ strlen(enc_config.keystr));
}
- if ((hiv != NULL) && !set_hex(hiv, iv, sizeof iv)) {
+ if (enc_config.hiv != NULL &&
+ !set_hex(enc_config.hiv, iv, sizeof iv)) {
BIO_printf(bio_err, "invalid hex iv value\n");
goto end;
}
- if ((hiv == NULL) && (str == NULL)
- && EVP_CIPHER_iv_length(cipher) != 0) {
+ if (enc_config.hiv == NULL && enc_config.keystr == NULL &&
+ EVP_CIPHER_iv_length(enc_config.cipher) != 0) {
/*
* No IV was explicitly set and no IV was generated
* during EVP_BytesToKey. Hence the IV is undefined,
@@ -516,7 +645,8 @@ enc_main(int argc, char **argv)
BIO_printf(bio_err, "iv undefined\n");
goto end;
}
- if ((hkey != NULL) && !set_hex(hkey, key, sizeof key)) {
+ if (enc_config.hkey != NULL &&
+ !set_hex(enc_config.hkey, key, sizeof key)) {
BIO_printf(bio_err, "invalid hex key value\n");
goto end;
}
@@ -530,45 +660,47 @@ enc_main(int argc, char **argv)
BIO_get_cipher_ctx(benc, &ctx);
- if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) {
+ if (!EVP_CipherInit_ex(ctx, enc_config.cipher, NULL, NULL,
+ NULL, enc_config.enc)) {
BIO_printf(bio_err, "Error setting cipher %s\n",
- EVP_CIPHER_name(cipher));
+ EVP_CIPHER_name(enc_config.cipher));
ERR_print_errors(bio_err);
goto end;
}
- if (nopad)
+ if (enc_config.nopad)
EVP_CIPHER_CTX_set_padding(ctx, 0);
- if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) {
+ if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv,
+ enc_config.enc)) {
BIO_printf(bio_err, "Error setting cipher %s\n",
- EVP_CIPHER_name(cipher));
+ EVP_CIPHER_name(enc_config.cipher));
ERR_print_errors(bio_err);
goto end;
}
- if (debug) {
+ if (enc_config.debug) {
BIO_set_callback(benc, BIO_debug_callback);
BIO_set_callback_arg(benc, (char *) bio_err);
}
- if (printkey) {
- if (!nosalt) {
+ if (enc_config.printkey) {
+ if (!enc_config.nosalt) {
printf("salt=");
for (i = 0; i < (int) sizeof(salt); i++)
printf("%02X", salt[i]);
printf("\n");
}
- if (cipher->key_len > 0) {
+ if (enc_config.cipher->key_len > 0) {
printf("key=");
- for (i = 0; i < cipher->key_len; i++)
+ for (i = 0; i < enc_config.cipher->key_len; i++)
printf("%02X", key[i]);
printf("\n");
}
- if (cipher->iv_len > 0) {
+ if (enc_config.cipher->iv_len > 0) {
printf("iv =");
- for (i = 0; i < cipher->iv_len; i++)
+ for (i = 0; i < enc_config.cipher->iv_len; i++)
printf("%02X", iv[i]);
printf("\n");
}
- if (printkey == 2) {
+ if (enc_config.printkey == 2) {
ret = 0;
goto end;
}
@@ -592,7 +724,7 @@ enc_main(int argc, char **argv)
goto end;
}
ret = 0;
- if (verbose) {
+ if (enc_config.verbose) {
BIO_printf(bio_err, "bytes read :%8ld\n", BIO_number_read(in));
BIO_printf(bio_err, "bytes written:%8ld\n", BIO_number_written(out));
}