/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
#include <string.h>
#include <limits.h>
#include "apps.h"
+#include "progs.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/evp.h>
OPT_E, OPT_IN, OPT_OUT, OPT_PASS, OPT_ENGINE, OPT_D, OPT_P, OPT_V,
OPT_NOPAD, OPT_SALT, OPT_NOSALT, OPT_DEBUG, OPT_UPPER_P, OPT_UPPER_A,
OPT_A, OPT_Z, OPT_BUFSIZE, OPT_K, OPT_KFILE, OPT_UPPER_K, OPT_NONE,
- OPT_UPPER_S, OPT_IV, OPT_MD, OPT_CIPHER,
+ OPT_UPPER_S, OPT_IV, OPT_MD, OPT_ITER, OPT_PBKDF2, OPT_CIPHER,
OPT_R_ENUM
} OPTION_CHOICE;
const OPTIONS enc_options[] = {
+ OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
- {"ciphers", OPT_LIST, '-', "List ciphers"},
- {"in", OPT_IN, '<', "Input file"},
- {"out", OPT_OUT, '>', "Output file"},
- {"pass", OPT_PASS, 's', "Passphrase source"},
+ {"list", OPT_LIST, '-', "List ciphers"},
+#ifndef OPENSSL_NO_DEPRECATED_3_0
+ {"ciphers", OPT_LIST, '-', "Alias for -list"},
+#endif
{"e", OPT_E, '-', "Encrypt"},
{"d", OPT_D, '-', "Decrypt"},
{"p", OPT_P, '-', "Print the iv/key"},
{"P", OPT_UPPER_P, '-', "Print the iv/key and exit"},
+#ifndef OPENSSL_NO_ENGINE
+ {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+#endif
+
+ OPT_SECTION("Input"),
+ {"in", OPT_IN, '<', "Input file"},
+ {"k", OPT_K, 's', "Passphrase"},
+ {"kfile", OPT_KFILE, '<', "Read passphrase from file"},
+
+ OPT_SECTION("Output"),
+ {"out", OPT_OUT, '>', "Output file"},
+ {"pass", OPT_PASS, 's', "Passphrase source"},
{"v", OPT_V, '-', "Verbose output"},
- {"nopad", OPT_NOPAD, '-', "Disable standard block padding"},
- {"salt", OPT_SALT, '-', "Use salt in the KDF (default)"},
- {"nosalt", OPT_NOSALT, '-', "Do not use salt in the KDF"},
- {"debug", OPT_DEBUG, '-', "Print debug info"},
{"a", OPT_A, '-', "Base64 encode/decode, depending on encryption flag"},
{"base64", OPT_A, '-', "Same as option -a"},
{"A", OPT_UPPER_A, '-',
"Used with -[base64|a] to specify base64 buffer as a single line"},
+
+ OPT_SECTION("Encryption"),
+ {"nopad", OPT_NOPAD, '-', "Disable standard block padding"},
+ {"salt", OPT_SALT, '-', "Use salt in the KDF (default)"},
+ {"nosalt", OPT_NOSALT, '-', "Do not use salt in the KDF"},
+ {"debug", OPT_DEBUG, '-', "Print debug info"},
+
{"bufsize", OPT_BUFSIZE, 's', "Buffer size"},
- {"k", OPT_K, 's', "Passphrase"},
- {"kfile", OPT_KFILE, '<', "Read passphrase from file"},
{"K", OPT_UPPER_K, 's', "Raw key, in hex"},
{"S", OPT_UPPER_S, 's', "Salt, in hex"},
{"iv", OPT_IV, 's', "IV in hex"},
{"md", OPT_MD, 's', "Use specified digest to create a key from the passphrase"},
+ {"iter", OPT_ITER, 'p', "Specify the iteration count and force use of PBKDF2"},
+ {"pbkdf2", OPT_PBKDF2, '-', "Use password-based key derivation function 2"},
{"none", OPT_NONE, '-', "Don't encrypt"},
- {"", OPT_CIPHER, '-', "Any supported cipher"},
- OPT_R_OPTIONS,
#ifdef ZLIB
{"z", OPT_Z, '-', "Use zlib as the 'encryption'"},
#endif
-#ifndef OPENSSL_NO_ENGINE
- {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-#endif
+ {"", OPT_CIPHER, '-', "Any supported cipher"},
+
+ OPT_R_OPTIONS,
{NULL}
};
int ret = 1, inl, nopad = 0;
unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
unsigned char *buff = NULL, salt[PKCS5_SALT_LEN];
+ int pbkdf2 = 0;
+ int iter = 0;
long n;
struct doall_enc_ciphers dec;
#ifdef ZLIB
goto opthelp;
cipher = c;
break;
+ case OPT_ITER:
+ if (!opt_int(opt_arg(), &iter))
+ goto opthelp;
+ pbkdf2 = 1;
+ break;
+ case OPT_PBKDF2:
+ pbkdf2 = 1;
+ if (iter == 0) /* do not overwrite a chosen value */
+ iter = 10000;
+ break;
case OPT_NONE:
cipher = NULL;
break;
if (dgst == NULL)
dgst = EVP_sha256();
+ if (iter == 0)
+ iter = 1;
+
/* It must be large enough for a base64 encoded line */
if (base64 && bsize < 80)
bsize = 80;
BIO_printf(bio_err, "bad magic number\n");
goto end;
}
-
sptr = salt;
}
- if (!EVP_BytesToKey(cipher, dgst, sptr,
- (unsigned char *)str,
- str_len, 1, key, iv)) {
- BIO_printf(bio_err, "EVP_BytesToKey failed\n");
- goto end;
+ if (pbkdf2 == 1) {
+ /*
+ * derive key and default iv
+ * concatenated into a temporary buffer
+ */
+ unsigned char tmpkeyiv[EVP_MAX_KEY_LENGTH + EVP_MAX_IV_LENGTH];
+ int iklen = EVP_CIPHER_key_length(cipher);
+ int ivlen = EVP_CIPHER_iv_length(cipher);
+ /* not needed if HASH_UPDATE() is fixed : */
+ int islen = (sptr != NULL ? sizeof(salt) : 0);
+ if (!PKCS5_PBKDF2_HMAC(str, str_len, sptr, islen,
+ iter, dgst, iklen+ivlen, tmpkeyiv)) {
+ BIO_printf(bio_err, "PKCS5_PBKDF2_HMAC failed\n");
+ goto end;
+ }
+ /* split and move data back to global buffer */
+ memcpy(key, tmpkeyiv, iklen);
+ memcpy(iv, tmpkeyiv+iklen, ivlen);
+ } else {
+ BIO_printf(bio_err, "*** WARNING : "
+ "deprecated key derivation used.\n"
+ "Using -iter or -pbkdf2 would be better.\n");
+ if (!EVP_BytesToKey(cipher, dgst, sptr,
+ (unsigned char *)str, str_len,
+ 1, key, iv)) {
+ BIO_printf(bio_err, "EVP_BytesToKey failed\n");
+ goto end;
+ }
}
/*
* zero the complete buffer or the string passed from the command
if (hiv != NULL) {
int siz = EVP_CIPHER_iv_length(cipher);
if (siz == 0) {
- BIO_printf(bio_err, "warning: iv not use by this cipher\n");
+ BIO_printf(bio_err, "warning: iv not used by this cipher\n");
} else if (!set_hex(hiv, iv, siz)) {
BIO_printf(bio_err, "invalid hex iv value\n");
goto end;
if ((hiv == NULL) && (str == NULL)
&& EVP_CIPHER_iv_length(cipher) != 0) {
/*
- * No IV was explicitly set and no IV was generated during
- * EVP_BytesToKey. Hence the IV is undefined, making correct
- * decryption impossible.
+ * No IV was explicitly set and no IV was generated.
+ * Hence the IV is undefined, making correct decryption impossible.
*/
BIO_printf(bio_err, "iv undefined\n");
goto end;
if (benc != NULL)
wbio = BIO_push(benc, wbio);
- for (;;) {
+ while (BIO_pending(rbio) || !BIO_eof(rbio)) {
inl = BIO_read(rbio, (char *)buff, bsize);
if (inl <= 0)
break;