When only the key is given to "enc", the IV is undefined

[openssl.git] / apps / enc.c

diff --git a/apps/enc.c b/apps/enc.c
index e53cf3b415cb156e204d46b0c73f7079376f6b14..3c72d05c6ca43a77bc1dc8d42292e9ee96e72c05 100644 (file)
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -66,9 +66,6 @@
 #include <openssl/objects.h>
 #include <openssl/x509.h>
 #include <openssl/rand.h>
-#ifndef NO_MD5
-#include <openssl/md5.h>
-#endif
 #include <openssl/pem.h>
 #include <openssl/engine.h>
 #include <ctype.h>
@@ -111,6 +108,7 @@ int MAIN(int argc, char **argv)
        unsigned char *buff=NULL,*bufsize=NULL;
        int bsize=BSIZE,verbose=0;
        int ret=1,inl;
+       int nopad = 0;
        unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH];
        unsigned char salt[PKCS5_SALT_LEN];
        char *str=NULL, *passarg = NULL, *pass = NULL;
@@ -174,6 +172,8 @@ int MAIN(int argc, char **argv)
                        printkey=1;
                else if (strcmp(*argv,"-v") == 0)
                        verbose=1;
+               else if (strcmp(*argv,"-nopad") == 0)
+                       nopad=1;
                else if (strcmp(*argv,"-salt") == 0)
                        nosalt=0;
                else if (strcmp(*argv,"-nosalt") == 0)
@@ -282,23 +282,7 @@ bad:
                argv++;
                }
 
-       if (engine != NULL)
-               {
-               if((e = ENGINE_by_id(engine)) == NULL)
-                       {
-                       BIO_printf(bio_err,"invalid engine \"%s\"\n",
-                               engine);
-                       goto end;
-                       }
-               if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
-                       {
-                       BIO_printf(bio_err,"can't use that engine\n");
-                       goto end;
-                       }
-               BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
-               /* Free our "structural" reference. */
-               ENGINE_free(e);
-               }
+        e = setup_engine(bio_err, engine, 0);
 
        if (bufsize != NULL)
                {
@@ -404,7 +388,7 @@ bad:
        if (outf == NULL)
                {
                BIO_set_fp(out,stdout,BIO_NOCLOSE);
-#ifdef VMS
+#ifdef OPENSSL_SYS_VMS
                {
                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
                out = BIO_push(tmpbio, out);
@@ -504,6 +488,14 @@ bad:
                        BIO_printf(bio_err,"invalid hex iv value\n");
                        goto end;
                        }
+               if ((hiv == NULL) && (str == NULL))
+                       {
+                       /* No IV was explicitly set and no IV was generated
+                        * during EVP_BytesToKey. Hence the IV is undefined,
+                        * making correct decryption impossible. */
+                       BIO_printf(bio_err, "iv undefined\n");
+                       goto end;
+                       }
                if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
                        {
                        BIO_printf(bio_err,"invalid hex key value\n");
@@ -513,6 +505,12 @@ bad:
                if ((benc=BIO_new(BIO_f_cipher())) == NULL)
                        goto end;
                BIO_set_cipher(benc,cipher,key,iv,enc);
+               if (nopad)
+                       {
+                       EVP_CIPHER_CTX *ctx;
+                       BIO_get_cipher_ctx(benc, &ctx);
+                       EVP_CIPHER_CTX_set_padding(ctx, 0);
+                       }
                if (debug)
                        {
                        BIO_set_callback(benc,BIO_debug_callback);
@@ -585,6 +583,7 @@ end:
        if (benc != NULL) BIO_free(benc);
        if (b64 != NULL) BIO_free(b64);
        if(pass) OPENSSL_free(pass);
+       apps_shutdown();
        EXIT(ret);
        }