summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2015-01-01 13:55:03 +0000
committerjsing <>2015-01-01 13:55:03 +0000
commit7da9451b87ad5988fad8ca566773060eb979ac38 (patch)
treed5580c0eb487bedbee889414506525d31c979433 /src
parentb3264083c46685e20fe50e2dee18665ef64c47b9 (diff)
downloadopenbsd-7da9451b87ad5988fad8ca566773060eb979ac38.tar.gz
openbsd-7da9451b87ad5988fad8ca566773060eb979ac38.tar.bz2
openbsd-7da9451b87ad5988fad8ca566773060eb979ac38.zip
Convert the openssl(1) enc command to the new option parsing and usage.
With input from doug@
Diffstat (limited to 'src')
-rw-r--r--src/usr.bin/openssl/enc.c632
1 files changed, 382 insertions, 250 deletions
diff --git a/src/usr.bin/openssl/enc.c b/src/usr.bin/openssl/enc.c
index b5aaab9842..e449ac8cc7 100644
--- a/src/usr.bin/openssl/enc.c
+++ b/src/usr.bin/openssl/enc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: enc.c,v 1.3 2014/10/22 13:54:03 jsing Exp $ */ 1/* $OpenBSD: enc.c,v 1.4 2015/01/01 13:55:03 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -75,23 +75,257 @@ int set_hex(char *in, unsigned char *out, int size);
75 75
76#define SIZE (512) 76#define SIZE (512)
77#define BSIZE (8*1024) 77#define BSIZE (8*1024)
78#define PROG enc_main 78
79static struct {
80 int base64;
81 char *bufsize;
82 const EVP_CIPHER *cipher;
83 int debug;
84#ifdef ZLIB
85 int do_zlib;
86#endif
87 int enc;
88#ifndef OPENSSL_NO_ENGINE
89 char *engine;
90#endif
91 char *hiv;
92 char *hkey;
93 char *hsalt;
94 char *inf;
95 char *keyfile;
96 char *keystr;
97 char *md;
98 int nopad;
99 int nosalt;
100 int olb64;
101 char *outf;
102 char *passarg;
103 int printkey;
104 int verbose;
105} enc_config;
106
107static int
108enc_opt_cipher(int argc, char **argv, int *argsused)
109{
110 char *name = argv[0];
111
112 if (*name++ != '-')
113 return (1);
114
115 if (strcmp(name, "none") == 0) {
116 enc_config.cipher = NULL;
117 *argsused = 1;
118 return (0);
119 }
120
121 if ((enc_config.cipher = EVP_get_cipherbyname(name)) != NULL) {
122 *argsused = 1;
123 return (0);
124 }
125
126 return (1);
127}
128
129static struct option enc_options[] = {
130 {
131 .name = "A",
132 .desc = "Process base64 data on one line (requires -a)",
133 .type = OPTION_FLAG,
134 .opt.flag = &enc_config.olb64,
135 },
136 {
137 .name = "a",
138 .desc = "Perform base64 encoding/decoding (alias -base64)",
139 .type = OPTION_FLAG,
140 .opt.flag = &enc_config.base64,
141 },
142 {
143 .name = "base64",
144 .type = OPTION_FLAG,
145 .opt.flag = &enc_config.base64,
146 },
147 {
148 .name = "bufsize",
149 .argname = "size",
150 .desc = "Specify the buffer size to use for I/O",
151 .type = OPTION_ARG,
152 .opt.arg = &enc_config.bufsize,
153 },
154 {
155 .name = "d",
156 .desc = "Decrypt the input data",
157 .type = OPTION_VALUE,
158 .opt.value = &enc_config.enc,
159 .value = 0,
160 },
161 {
162 .name = "debug",
163 .desc = "Print debugging information",
164 .type = OPTION_FLAG,
165 .opt.flag = &enc_config.debug,
166 },
167 {
168 .name = "e",
169 .desc = "Encrypt the input data (default)",
170 .type = OPTION_VALUE,
171 .opt.value = &enc_config.enc,
172 .value = 1,
173 },
174#ifndef OPENSSL_NO_ENGINE
175 {
176 .name = "engine",
177 .argname = "id",
178 .desc = "Use the engine specified by the given identifier",
179 .type = OPTION_ARG,
180 .opt.arg = &enc_config.engine,
181 },
182#endif
183 {
184 .name = "in",
185 .argname = "file",
186 .desc = "Input file to read from (default stdin)",
187 .type = OPTION_ARG,
188 .opt.arg = &enc_config.inf,
189 },
190 {
191 .name = "iv",
192 .argname = "IV",
193 .desc = "IV to use, specified as a hexidecimal string",
194 .type = OPTION_ARG,
195 .opt.arg = &enc_config.hiv,
196 },
197 {
198 .name = "K",
199 .argname = "key",
200 .desc = "Key to use, specified as a hexidecimal string",
201 .type = OPTION_ARG,
202 .opt.arg = &enc_config.hkey,
203 },
204 {
205 .name = "k", /* Superseded by -pass. */
206 .type = OPTION_ARG,
207 .opt.arg = &enc_config.keystr,
208 },
209 {
210 .name = "kfile", /* Superseded by -pass. */
211 .type = OPTION_ARG,
212 .opt.arg = &enc_config.keyfile,
213 },
214 {
215 .name = "md",
216 .argname = "digest",
217 .desc = "Digest to use to create a key from the passphrase",
218 .type = OPTION_ARG,
219 .opt.arg = &enc_config.md,
220 },
221 {
222 .name = "none",
223 .desc = "Use NULL cipher (no encryption or decryption)",
224 .type = OPTION_ARGV_FUNC,
225 .opt.argvfunc = enc_opt_cipher,
226 },
227 {
228 .name = "nopad",
229 .desc = "Disable standard block padding",
230 .type = OPTION_FLAG,
231 .opt.flag = &enc_config.nopad,
232 },
233 {
234 .name = "nosalt",
235 .type = OPTION_VALUE,
236 .opt.value = &enc_config.nosalt,
237 .value = 1,
238 },
239 {
240 .name = "out",
241 .argname = "file",
242 .desc = "Output file to write to (default stdout)",
243 .type = OPTION_ARG,
244 .opt.arg = &enc_config.outf,
245 },
246 {
247 .name = "P",
248 .desc = "Print out the salt, key and IV used, then exit\n"
249 " (no encryption or decryption is performed)",
250 .type = OPTION_VALUE,
251 .opt.value = &enc_config.printkey,
252 .value = 2,
253 },
254 {
255 .name = "p",
256 .desc = "Print out the salt, key and IV used",
257 .type = OPTION_VALUE,
258 .opt.value = &enc_config.printkey,
259 .value = 1,
260 },
261 {
262 .name = "pass",
263 .argname = "source",
264 .desc = "Password source",
265 .type = OPTION_ARG,
266 .opt.arg = &enc_config.passarg,
267 },
268 {
269 .name = "S",
270 .argname = "salt",
271 .desc = "Salt to use, specified as a hexidecimal string",
272 .type = OPTION_ARG,
273 .opt.arg = &enc_config.hsalt,
274 },
275 {
276 .name = "salt",
277 .desc = "Use a salt in the key derivation routines (default)",
278 .type = OPTION_VALUE,
279 .opt.value = &enc_config.nosalt,
280 .value = 0,
281 },
282 {
283 .name = "v",
284 .desc = "Verbose",
285 .type = OPTION_FLAG,
286 .opt.flag = &enc_config.verbose,
287 },
288#ifdef ZLIB
289 {
290 .name = "z",
291 .desc = "Perform zlib compression/decompression",
292 .type = OPTION_FLAG,
293 .opt.flag = &enc_config.do_zlib,
294 },
295#endif
296 {
297 .name = NULL,
298 .type = OPTION_ARGV_FUNC,
299 .opt.argvfunc = enc_opt_cipher,
300 },
301 { NULL },
302};
79 303
80static void 304static void
81show_ciphers(const OBJ_NAME * name, void *bio_) 305show_ciphers(const OBJ_NAME *name, void *arg)
82{ 306{
83 BIO *bio = bio_;
84 static int n; 307 static int n;
85 308
86 if (!islower((unsigned char) *name->name)) 309 if (!islower((unsigned char)*name->name))
87 return; 310 return;
88 311
89 BIO_printf(bio, "-%-25s", name->name); 312 fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
90 if (++n == 3) { 313}
91 BIO_printf(bio, "\n"); 314
92 n = 0; 315static void
93 } else 316enc_usage(void)
94 BIO_printf(bio, " "); 317{
318 fprintf(stderr, "usage: enc -ciphername [-AadePp] [-base64] "
319 "[-bufsize number] [-debug]\n"
320 " [-engine id] [-in file] [-iv IV] [-K key] [-k password]\n"
321 " [-kfile file] [-md digest] [-none] [-nopad] [-nosalt]\n"
322 " [-out file] [-pass arg] [-S salt] [-salt]\n\n");
323 options_usage(enc_options);
324 fprintf(stderr, "\n");
325
326 fprintf(stderr, "Valid ciphername values:\n\n");
327 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
328 fprintf(stderr, "\n");
95} 329}
96 330
97int enc_main(int, char **); 331int enc_main(int, char **);
@@ -101,237 +335,126 @@ enc_main(int argc, char **argv)
101{ 335{
102 static const char magic[] = "Salted__"; 336 static const char magic[] = "Salted__";
103 char mbuf[sizeof magic - 1]; 337 char mbuf[sizeof magic - 1];
104 char *strbuf = NULL; 338 char *strbuf = NULL, *pass = NULL;
105 unsigned char *buff = NULL, *bufsize = NULL; 339 unsigned char *buff = NULL;
106 int bsize = BSIZE, verbose = 0; 340 int bsize = BSIZE;
107 int ret = 1, inl; 341 int ret = 1, inl;
108 int nopad = 0;
109 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; 342 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
110 unsigned char salt[PKCS5_SALT_LEN]; 343 unsigned char salt[PKCS5_SALT_LEN];
111 char *str = NULL, *passarg = NULL, *pass = NULL;
112 char *hkey = NULL, *hiv = NULL, *hsalt = NULL;
113 char *md = NULL;
114 int enc = 1, printkey = 0, i, base64 = 0;
115#ifdef ZLIB 344#ifdef ZLIB
116 int do_zlib = 0;
117 BIO *bzl = NULL; 345 BIO *bzl = NULL;
118#endif 346#endif
119 int debug = 0, olb64 = 0, nosalt = 0;
120 const EVP_CIPHER *cipher = NULL, *c;
121 EVP_CIPHER_CTX *ctx = NULL; 347 EVP_CIPHER_CTX *ctx = NULL;
122 char *inf = NULL, *outf = NULL; 348 const EVP_MD *dgst = NULL;
123 BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio = NULL, 349 BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL;
124 *wbio = NULL; 350 BIO *rbio = NULL, *wbio = NULL;
125#define PROG_NAME_SIZE 39 351#define PROG_NAME_SIZE 39
126 char pname[PROG_NAME_SIZE + 1]; 352 char pname[PROG_NAME_SIZE + 1];
127#ifndef OPENSSL_NO_ENGINE 353 int i;
128 char *engine = NULL; 354
129#endif 355 memset(&enc_config, 0, sizeof(enc_config));
130 const EVP_MD *dgst = NULL; 356 enc_config.enc = 1;
131 357
132 /* first check the program name */ 358 /* first check the program name */
133 program_name(argv[0], pname, sizeof pname); 359 program_name(argv[0], pname, sizeof(pname));
360
134 if (strcmp(pname, "base64") == 0) 361 if (strcmp(pname, "base64") == 0)
135 base64 = 1; 362 enc_config.base64 = 1;
363
136#ifdef ZLIB 364#ifdef ZLIB
137 if (strcmp(pname, "zlib") == 0) 365 if (strcmp(pname, "zlib") == 0)
138 do_zlib = 1; 366 enc_config.do_zlib = 1;
139#endif 367#endif
140 368
141 cipher = EVP_get_cipherbyname(pname); 369 enc_config.cipher = EVP_get_cipherbyname(pname);
370
142#ifdef ZLIB 371#ifdef ZLIB
143 if (!do_zlib && !base64 && (cipher == NULL) 372 if (!enc_config.do_zlib && !enc_config.base64 &&
144 && (strcmp(pname, "enc") != 0)) 373 enc_config.cipher == NULL && strcmp(pname, "enc") != 0)
145#else 374#else
146 if (!base64 && (cipher == NULL) && (strcmp(pname, "enc") != 0)) 375 if (!enc_config.base64 && enc_config.cipher == NULL &&
376 strcmp(pname, "enc") != 0)
147#endif 377#endif
148 { 378 {
149 BIO_printf(bio_err, "%s is an unknown cipher\n", pname); 379 BIO_printf(bio_err, "%s is an unknown cipher\n", pname);
150 goto bad; 380 goto end;
151 } 381 }
152 argc--;
153 argv++;
154 while (argc >= 1) {
155 if (strcmp(*argv, "-e") == 0)
156 enc = 1;
157 else if (strcmp(*argv, "-in") == 0) {
158 if (--argc < 1)
159 goto bad;
160 inf = *(++argv);
161 } else if (strcmp(*argv, "-out") == 0) {
162 if (--argc < 1)
163 goto bad;
164 outf = *(++argv);
165 } else if (strcmp(*argv, "-pass") == 0) {
166 if (--argc < 1)
167 goto bad;
168 passarg = *(++argv);
169 }
170#ifndef OPENSSL_NO_ENGINE
171 else if (strcmp(*argv, "-engine") == 0) {
172 if (--argc < 1)
173 goto bad;
174 engine = *(++argv);
175 }
176#endif
177 else if (strcmp(*argv, "-d") == 0)
178 enc = 0;
179 else if (strcmp(*argv, "-p") == 0)
180 printkey = 1;
181 else if (strcmp(*argv, "-v") == 0)
182 verbose = 1;
183 else if (strcmp(*argv, "-nopad") == 0)
184 nopad = 1;
185 else if (strcmp(*argv, "-salt") == 0)
186 nosalt = 0;
187 else if (strcmp(*argv, "-nosalt") == 0)
188 nosalt = 1;
189 else if (strcmp(*argv, "-debug") == 0)
190 debug = 1;
191 else if (strcmp(*argv, "-P") == 0)
192 printkey = 2;
193 else if (strcmp(*argv, "-A") == 0)
194 olb64 = 1;
195 else if (strcmp(*argv, "-a") == 0)
196 base64 = 1;
197 else if (strcmp(*argv, "-base64") == 0)
198 base64 = 1;
199#ifdef ZLIB
200 else if (strcmp(*argv, "-z") == 0)
201 do_zlib = 1;
202#endif
203 else if (strcmp(*argv, "-bufsize") == 0) {
204 if (--argc < 1)
205 goto bad;
206 bufsize = (unsigned char *) *(++argv);
207 } else if (strcmp(*argv, "-k") == 0) {
208 if (--argc < 1)
209 goto bad;
210 str = *(++argv);
211 } else if (strcmp(*argv, "-kfile") == 0) {
212 static char buf[128];
213 FILE *infile;
214 char *file;
215
216 if (--argc < 1)
217 goto bad;
218 file = *(++argv);
219 infile = fopen(file, "r");
220 if (infile == NULL) {
221 BIO_printf(bio_err, "unable to read key from '%s'\n",
222 file);
223 goto bad;
224 }
225 buf[0] = '\0';
226 if (!fgets(buf, sizeof buf, infile)) {
227 BIO_printf(bio_err, "unable to read key from '%s'\n",
228 file);
229 fclose(infile);
230 goto bad;
231 }
232 fclose(infile);
233 i = strlen(buf);
234 if ((i > 0) &&
235 ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
236 buf[--i] = '\0';
237 if ((i > 0) &&
238 ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
239 buf[--i] = '\0';
240 if (i < 1) {
241 BIO_printf(bio_err, "zero length password\n");
242 goto bad;
243 }
244 str = buf;
245 } else if (strcmp(*argv, "-K") == 0) {
246 if (--argc < 1)
247 goto bad;
248 hkey = *(++argv);
249 } else if (strcmp(*argv, "-S") == 0) {
250 if (--argc < 1)
251 goto bad;
252 hsalt = *(++argv);
253 } else if (strcmp(*argv, "-iv") == 0) {
254 if (--argc < 1)
255 goto bad;
256 hiv = *(++argv);
257 } else if (strcmp(*argv, "-md") == 0) {
258 if (--argc < 1)
259 goto bad;
260 md = *(++argv);
261 } else if ((argv[0][0] == '-') &&
262 ((c = EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) {
263 cipher = c;
264 } else if (strcmp(*argv, "-none") == 0)
265 cipher = NULL;
266 else {
267 BIO_printf(bio_err, "unknown option '%s'\n", *argv);
268 bad:
269 BIO_printf(bio_err, "options are\n");
270 BIO_printf(bio_err, "%-14s input file\n", "-in <file>");
271 BIO_printf(bio_err, "%-14s output file\n", "-out <file>");
272 BIO_printf(bio_err, "%-14s pass phrase source\n", "-pass <arg>");
273 BIO_printf(bio_err, "%-14s encrypt\n", "-e");
274 BIO_printf(bio_err, "%-14s decrypt\n", "-d");
275 BIO_printf(bio_err, "%-14s base64 encode/decode, depending on encryption flag\n", "-a/-base64");
276 BIO_printf(bio_err, "%-14s passphrase is the next argument\n", "-k");
277 BIO_printf(bio_err, "%-14s passphrase is the first line of the file argument\n", "-kfile");
278 BIO_printf(bio_err, "%-14s the next argument is the md to use to create a key\n", "-md");
279 BIO_printf(bio_err, "%-14s from a passphrase. One of md2, md5, sha or sha1\n", "");
280 BIO_printf(bio_err, "%-14s salt in hex is the next argument\n", "-S");
281 BIO_printf(bio_err, "%-14s key/iv in hex is the next argument\n", "-K/-iv");
282 BIO_printf(bio_err, "%-14s print the iv/key (then exit if -P)\n", "-[pP]");
283 BIO_printf(bio_err, "%-14s buffer size\n", "-bufsize <n>");
284 BIO_printf(bio_err, "%-14s disable standard block padding\n", "-nopad");
285#ifndef OPENSSL_NO_ENGINE
286 BIO_printf(bio_err, "%-14s use engine e, possibly a hardware device.\n", "-engine e");
287#endif
288 382
289 BIO_printf(bio_err, "Cipher Types\n"); 383 if (options_parse(argc, argv, enc_options, NULL, NULL) != 0) {
290 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, 384 enc_usage();
291 show_ciphers, 385 goto end;
292 bio_err); 386 }
293 BIO_printf(bio_err, "\n"); 387
388 if (enc_config.keyfile != NULL) {
389 static char buf[128];
390 FILE *infile;
294 391
392 infile = fopen(enc_config.keyfile, "r");
393 if (infile == NULL) {
394 BIO_printf(bio_err, "unable to read key from '%s'\n",
395 enc_config.keyfile);
396 goto end;
397 }
398 buf[0] = '\0';
399 if (!fgets(buf, sizeof buf, infile)) {
400 BIO_printf(bio_err, "unable to read key from '%s'\n",
401 enc_config.keyfile);
402 fclose(infile);
295 goto end; 403 goto end;
296 } 404 }
297 argc--; 405 fclose(infile);
298 argv++; 406 i = strlen(buf);
407 if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
408 buf[--i] = '\0';
409 if ((i > 0) && ((buf[i - 1] == '\n') || (buf[i - 1] == '\r')))
410 buf[--i] = '\0';
411 if (i < 1) {
412 BIO_printf(bio_err, "zero length password\n");
413 goto end;
414 }
415 enc_config.keystr = buf;
299 } 416 }
300 417
301#ifndef OPENSSL_NO_ENGINE 418#ifndef OPENSSL_NO_ENGINE
302 setup_engine(bio_err, engine, 0); 419 setup_engine(bio_err, enc_config.engine, 0);
303#endif 420#endif
304 421
305 if (md && (dgst = EVP_get_digestbyname(md)) == NULL) { 422 if (enc_config.md != NULL &&
306 BIO_printf(bio_err, "%s is an unsupported message digest type\n", md); 423 (dgst = EVP_get_digestbyname(enc_config.md)) == NULL) {
424 BIO_printf(bio_err,
425 "%s is an unsupported message digest type\n",
426 enc_config.md);
307 goto end; 427 goto end;
308 } 428 }
309 if (dgst == NULL) { 429 if (dgst == NULL) {
310 dgst = EVP_md5(); 430 dgst = EVP_md5(); /* XXX */
311 } 431 }
312 if (bufsize != NULL) { 432
433 if (enc_config.bufsize != NULL) {
434 char *p = enc_config.bufsize;
313 unsigned long n; 435 unsigned long n;
314 436
315 for (n = 0; *bufsize; bufsize++) { 437 /* XXX - provide an OPTION_ARG_DISKUNIT. */
316 i = *bufsize; 438 for (n = 0; *p != '\0'; p++) {
439 i = *p;
317 if ((i <= '9') && (i >= '0')) 440 if ((i <= '9') && (i >= '0'))
318 n = n * 10 + i - '0'; 441 n = n * 10 + i - '0';
319 else if (i == 'k') { 442 else if (i == 'k') {
320 n *= 1024; 443 n *= 1024;
321 bufsize++; 444 p++;
322 break; 445 break;
323 } 446 }
324 } 447 }
325 if (*bufsize != '\0') { 448 if (*p != '\0') {
326 BIO_printf(bio_err, "invalid 'bufsize' specified.\n"); 449 BIO_printf(bio_err, "invalid 'bufsize' specified.\n");
327 goto end; 450 goto end;
328 } 451 }
329 /* It must be large enough for a base64 encoded line */ 452 /* It must be large enough for a base64 encoded line. */
330 if (base64 && n < 80) 453 if (enc_config.base64 && n < 80)
331 n = 80; 454 n = 80;
332 455
333 bsize = (int) n; 456 bsize = (int)n;
334 if (verbose) 457 if (enc_config.verbose)
335 BIO_printf(bio_err, "bufsize=%d\n", bsize); 458 BIO_printf(bio_err, "bufsize=%d\n", bsize);
336 } 459 }
337 strbuf = malloc(SIZE); 460 strbuf = malloc(SIZE);
@@ -346,50 +469,55 @@ enc_main(int argc, char **argv)
346 ERR_print_errors(bio_err); 469 ERR_print_errors(bio_err);
347 goto end; 470 goto end;
348 } 471 }
349 if (debug) { 472 if (enc_config.debug) {
350 BIO_set_callback(in, BIO_debug_callback); 473 BIO_set_callback(in, BIO_debug_callback);
351 BIO_set_callback(out, BIO_debug_callback); 474 BIO_set_callback(out, BIO_debug_callback);
352 BIO_set_callback_arg(in, (char *) bio_err); 475 BIO_set_callback_arg(in, (char *) bio_err);
353 BIO_set_callback_arg(out, (char *) bio_err); 476 BIO_set_callback_arg(out, (char *) bio_err);
354 } 477 }
355 if (inf == NULL) { 478 if (enc_config.inf == NULL) {
356 if (bufsize != NULL) 479 if (enc_config.bufsize != NULL)
357 setvbuf(stdin, (char *) NULL, _IONBF, 0); 480 setvbuf(stdin, (char *) NULL, _IONBF, 0);
358 BIO_set_fp(in, stdin, BIO_NOCLOSE); 481 BIO_set_fp(in, stdin, BIO_NOCLOSE);
359 } else { 482 } else {
360 if (BIO_read_filename(in, inf) <= 0) { 483 if (BIO_read_filename(in, enc_config.inf) <= 0) {
361 perror(inf); 484 perror(enc_config.inf);
362 goto end; 485 goto end;
363 } 486 }
364 } 487 }
365 488
366 if (!str && passarg) { 489 if (!enc_config.keystr && enc_config.passarg) {
367 if (!app_passwd(bio_err, passarg, NULL, &pass, NULL)) { 490 if (!app_passwd(bio_err, enc_config.passarg, NULL,
491 &pass, NULL)) {
368 BIO_printf(bio_err, "Error getting password\n"); 492 BIO_printf(bio_err, "Error getting password\n");
369 goto end; 493 goto end;
370 } 494 }
371 str = pass; 495 enc_config.keystr = pass;
372 } 496 }
373 if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) { 497 if (enc_config.keystr == NULL && enc_config.cipher != NULL &&
498 enc_config.hkey == NULL) {
374 for (;;) { 499 for (;;) {
375 char buf[200]; 500 char buf[200];
376 int retval; 501 int retval;
377 502
378 retval = snprintf(buf, sizeof buf, "enter %s %s password:", 503 retval = snprintf(buf, sizeof buf,
379 OBJ_nid2ln(EVP_CIPHER_nid(cipher)), 504 "enter %s %s password:",
380 (enc) ? "encryption" : "decryption"); 505 OBJ_nid2ln(EVP_CIPHER_nid(enc_config.cipher)),
506 enc_config.enc ? "encryption" : "decryption");
381 if ((size_t)retval >= sizeof buf) { 507 if ((size_t)retval >= sizeof buf) {
382 BIO_printf(bio_err, "Password prompt too long\n"); 508 BIO_printf(bio_err,
509 "Password prompt too long\n");
383 goto end; 510 goto end;
384 } 511 }
385 strbuf[0] = '\0'; 512 strbuf[0] = '\0';
386 i = EVP_read_pw_string((char *) strbuf, SIZE, buf, enc); 513 i = EVP_read_pw_string((char *)strbuf, SIZE, buf,
514 enc_config.enc);
387 if (i == 0) { 515 if (i == 0) {
388 if (strbuf[0] == '\0') { 516 if (strbuf[0] == '\0') {
389 ret = 1; 517 ret = 1;
390 goto end; 518 goto end;
391 } 519 }
392 str = strbuf; 520 enc_config.keystr = strbuf;
393 break; 521 break;
394 } 522 }
395 if (i < 0) { 523 if (i < 0) {
@@ -398,13 +526,13 @@ enc_main(int argc, char **argv)
398 } 526 }
399 } 527 }
400 } 528 }
401 if (outf == NULL) { 529 if (enc_config.outf == NULL) {
402 BIO_set_fp(out, stdout, BIO_NOCLOSE); 530 BIO_set_fp(out, stdout, BIO_NOCLOSE);
403 if (bufsize != NULL) 531 if (enc_config.bufsize != NULL)
404 setvbuf(stdout, (char *) NULL, _IONBF, 0); 532 setvbuf(stdout, (char *)NULL, _IONBF, 0);
405 } else { 533 } else {
406 if (BIO_write_filename(out, outf) <= 0) { 534 if (BIO_write_filename(out, enc_config.outf) <= 0) {
407 perror(outf); 535 perror(enc_config.outf);
408 goto end; 536 goto end;
409 } 537 }
410 } 538 }
@@ -413,7 +541,6 @@ enc_main(int argc, char **argv)
413 wbio = out; 541 wbio = out;
414 542
415#ifdef ZLIB 543#ifdef ZLIB
416
417 if (do_zlib) { 544 if (do_zlib) {
418 if ((bzl = BIO_new(BIO_f_zlib())) == NULL) 545 if ((bzl = BIO_new(BIO_f_zlib())) == NULL)
419 goto end; 546 goto end;
@@ -424,38 +551,38 @@ enc_main(int argc, char **argv)
424 } 551 }
425#endif 552#endif
426 553
427 if (base64) { 554 if (enc_config.base64) {
428 if ((b64 = BIO_new(BIO_f_base64())) == NULL) 555 if ((b64 = BIO_new(BIO_f_base64())) == NULL)
429 goto end; 556 goto end;
430 if (debug) { 557 if (enc_config.debug) {
431 BIO_set_callback(b64, BIO_debug_callback); 558 BIO_set_callback(b64, BIO_debug_callback);
432 BIO_set_callback_arg(b64, (char *) bio_err); 559 BIO_set_callback_arg(b64, (char *) bio_err);
433 } 560 }
434 if (olb64) 561 if (enc_config.olb64)
435 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); 562 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
436 if (enc) 563 if (enc_config.enc)
437 wbio = BIO_push(b64, wbio); 564 wbio = BIO_push(b64, wbio);
438 else 565 else
439 rbio = BIO_push(b64, rbio); 566 rbio = BIO_push(b64, rbio);
440 } 567 }
441 if (cipher != NULL) { 568 if (enc_config.cipher != NULL) {
442 /* 569 /*
443 * Note that str is NULL if a key was passed on the command 570 * Note that keystr is NULL if a key was passed on the command
444 * line, so we get no salt in that case. Is this a bug? 571 * line, so we get no salt in that case. Is this a bug?
445 */ 572 */
446 if (str != NULL) { 573 if (enc_config.keystr != NULL) {
447 /* 574 /*
448 * Salt handling: if encrypting generate a salt and 575 * Salt handling: if encrypting generate a salt and
449 * write to output BIO. If decrypting read salt from 576 * write to output BIO. If decrypting read salt from
450 * input BIO. 577 * input BIO.
451 */ 578 */
452 unsigned char *sptr; 579 unsigned char *sptr;
453 if (nosalt) 580 if (enc_config.nosalt)
454 sptr = NULL; 581 sptr = NULL;
455 else { 582 else {
456 if (enc) { 583 if (enc_config.enc) {
457 if (hsalt) { 584 if (enc_config.hsalt) {
458 if (!set_hex(hsalt, salt, sizeof salt)) { 585 if (!set_hex(enc_config.hsalt, salt, sizeof salt)) {
459 BIO_printf(bio_err, 586 BIO_printf(bio_err,
460 "invalid hex salt value\n"); 587 "invalid hex salt value\n");
461 goto end; 588 goto end;
@@ -467,7 +594,7 @@ enc_main(int argc, char **argv)
467 * If -P option then don't bother 594 * If -P option then don't bother
468 * writing 595 * writing
469 */ 596 */
470 if ((printkey != 2) 597 if ((enc_config.printkey != 2)
471 && (BIO_write(wbio, magic, 598 && (BIO_write(wbio, magic,
472 sizeof magic - 1) != sizeof magic - 1 599 sizeof magic - 1) != sizeof magic - 1
473 || BIO_write(wbio, 600 || BIO_write(wbio,
@@ -489,25 +616,27 @@ enc_main(int argc, char **argv)
489 sptr = salt; 616 sptr = salt;
490 } 617 }
491 618
492 EVP_BytesToKey(cipher, dgst, sptr, 619 EVP_BytesToKey(enc_config.cipher, dgst, sptr,
493 (unsigned char *) str, 620 (unsigned char *)enc_config.keystr,
494 strlen(str), 1, key, iv); 621 strlen(enc_config.keystr), 1, key, iv);
495 /* 622 /*
496 * zero the complete buffer or the string passed from 623 * zero the complete buffer or the string passed from
497 * the command line bug picked up by Larry J. Hughes 624 * the command line bug picked up by Larry J. Hughes
498 * Jr. <hughes@indiana.edu> 625 * Jr. <hughes@indiana.edu>
499 */ 626 */
500 if (str == strbuf) 627 if (enc_config.keystr == strbuf)
501 OPENSSL_cleanse(str, SIZE); 628 OPENSSL_cleanse(enc_config.keystr, SIZE);
502 else 629 else
503 OPENSSL_cleanse(str, strlen(str)); 630 OPENSSL_cleanse(enc_config.keystr,
631 strlen(enc_config.keystr));
504 } 632 }
505 if ((hiv != NULL) && !set_hex(hiv, iv, sizeof iv)) { 633 if (enc_config.hiv != NULL &&
634 !set_hex(enc_config.hiv, iv, sizeof iv)) {
506 BIO_printf(bio_err, "invalid hex iv value\n"); 635 BIO_printf(bio_err, "invalid hex iv value\n");
507 goto end; 636 goto end;
508 } 637 }
509 if ((hiv == NULL) && (str == NULL) 638 if (enc_config.hiv == NULL && enc_config.keystr == NULL &&
510 && EVP_CIPHER_iv_length(cipher) != 0) { 639 EVP_CIPHER_iv_length(enc_config.cipher) != 0) {
511 /* 640 /*
512 * No IV was explicitly set and no IV was generated 641 * No IV was explicitly set and no IV was generated
513 * during EVP_BytesToKey. Hence the IV is undefined, 642 * during EVP_BytesToKey. Hence the IV is undefined,
@@ -516,7 +645,8 @@ enc_main(int argc, char **argv)
516 BIO_printf(bio_err, "iv undefined\n"); 645 BIO_printf(bio_err, "iv undefined\n");
517 goto end; 646 goto end;
518 } 647 }
519 if ((hkey != NULL) && !set_hex(hkey, key, sizeof key)) { 648 if (enc_config.hkey != NULL &&
649 !set_hex(enc_config.hkey, key, sizeof key)) {
520 BIO_printf(bio_err, "invalid hex key value\n"); 650 BIO_printf(bio_err, "invalid hex key value\n");
521 goto end; 651 goto end;
522 } 652 }
@@ -530,45 +660,47 @@ enc_main(int argc, char **argv)
530 660
531 BIO_get_cipher_ctx(benc, &ctx); 661 BIO_get_cipher_ctx(benc, &ctx);
532 662
533 if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) { 663 if (!EVP_CipherInit_ex(ctx, enc_config.cipher, NULL, NULL,
664 NULL, enc_config.enc)) {
534 BIO_printf(bio_err, "Error setting cipher %s\n", 665 BIO_printf(bio_err, "Error setting cipher %s\n",
535 EVP_CIPHER_name(cipher)); 666 EVP_CIPHER_name(enc_config.cipher));
536 ERR_print_errors(bio_err); 667 ERR_print_errors(bio_err);
537 goto end; 668 goto end;
538 } 669 }
539 if (nopad) 670 if (enc_config.nopad)
540 EVP_CIPHER_CTX_set_padding(ctx, 0); 671 EVP_CIPHER_CTX_set_padding(ctx, 0);
541 672
542 if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) { 673 if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv,
674 enc_config.enc)) {
543 BIO_printf(bio_err, "Error setting cipher %s\n", 675 BIO_printf(bio_err, "Error setting cipher %s\n",
544 EVP_CIPHER_name(cipher)); 676 EVP_CIPHER_name(enc_config.cipher));
545 ERR_print_errors(bio_err); 677 ERR_print_errors(bio_err);
546 goto end; 678 goto end;
547 } 679 }
548 if (debug) { 680 if (enc_config.debug) {
549 BIO_set_callback(benc, BIO_debug_callback); 681 BIO_set_callback(benc, BIO_debug_callback);
550 BIO_set_callback_arg(benc, (char *) bio_err); 682 BIO_set_callback_arg(benc, (char *) bio_err);
551 } 683 }
552 if (printkey) { 684 if (enc_config.printkey) {
553 if (!nosalt) { 685 if (!enc_config.nosalt) {
554 printf("salt="); 686 printf("salt=");
555 for (i = 0; i < (int) sizeof(salt); i++) 687 for (i = 0; i < (int) sizeof(salt); i++)
556 printf("%02X", salt[i]); 688 printf("%02X", salt[i]);
557 printf("\n"); 689 printf("\n");
558 } 690 }
559 if (cipher->key_len > 0) { 691 if (enc_config.cipher->key_len > 0) {
560 printf("key="); 692 printf("key=");
561 for (i = 0; i < cipher->key_len; i++) 693 for (i = 0; i < enc_config.cipher->key_len; i++)
562 printf("%02X", key[i]); 694 printf("%02X", key[i]);
563 printf("\n"); 695 printf("\n");
564 } 696 }
565 if (cipher->iv_len > 0) { 697 if (enc_config.cipher->iv_len > 0) {
566 printf("iv ="); 698 printf("iv =");
567 for (i = 0; i < cipher->iv_len; i++) 699 for (i = 0; i < enc_config.cipher->iv_len; i++)
568 printf("%02X", iv[i]); 700 printf("%02X", iv[i]);
569 printf("\n"); 701 printf("\n");
570 } 702 }
571 if (printkey == 2) { 703 if (enc_config.printkey == 2) {
572 ret = 0; 704 ret = 0;
573 goto end; 705 goto end;
574 } 706 }
@@ -592,7 +724,7 @@ enc_main(int argc, char **argv)
592 goto end; 724 goto end;
593 } 725 }
594 ret = 0; 726 ret = 0;
595 if (verbose) { 727 if (enc_config.verbose) {
596 BIO_printf(bio_err, "bytes read :%8ld\n", BIO_number_read(in)); 728 BIO_printf(bio_err, "bytes read :%8ld\n", BIO_number_read(in));
597 BIO_printf(bio_err, "bytes written:%8ld\n", BIO_number_written(out)); 729 BIO_printf(bio_err, "bytes written:%8ld\n", BIO_number_written(out));
598 } 730 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-10-24 00:49:13 +0000