Update CHANGES for GeneralizedTime info.
[openssl.git] / apps / enc.c
1 /* apps/enc.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  * 
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  * 
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  * 
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from 
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  * 
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  * 
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58
59 #include <stdio.h>
60 #include <stdlib.h>
61 #include <string.h>
62 #include "apps.h"
63 #include "bio.h"
64 #include "err.h"
65 #include "evp.h"
66 #include "objects.h"
67 #include "x509.h"
68 #ifdef NO_MD5
69 #include "md5.h"
70 #endif
71 #include "pem.h"
72
73 #ifndef NOPROTO
74 int set_hex(char *in,unsigned char *out,int size);
75 #else
76 int set_hex();
77 #endif
78
79 #undef SIZE
80 #undef BSIZE
81 #undef PROG
82
83 #define SIZE    (512)
84 #define BSIZE   (8*1024)
85 #define PROG    enc_main
86
87 int MAIN(argc,argv)
88 int argc;
89 char **argv;
90         {
91         char *strbuf=NULL;
92         unsigned char *buff=NULL,*bufsize=NULL;
93         int bsize=BSIZE,verbose=0;
94         int ret=1,inl;
95         unsigned char key[24],iv[MD5_DIGEST_LENGTH];
96         char *str=NULL;
97         char *hkey=NULL,*hiv=NULL;
98         int enc=1,printkey=0,i,base64=0;
99         int debug=0,olb64=0;
100         EVP_CIPHER *cipher=NULL,*c;
101         char *inf=NULL,*outf=NULL;
102         BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
103 #define PROG_NAME_SIZE  16
104         char pname[PROG_NAME_SIZE];
105
106         apps_startup();
107
108         if (bio_err == NULL)
109                 if ((bio_err=BIO_new(BIO_s_file())) != NULL)
110                         BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
111
112         /* first check the program name */
113         program_name(argv[0],pname,PROG_NAME_SIZE);
114         if (strcmp(pname,"base64") == 0)
115                 base64=1;
116
117         cipher=EVP_get_cipherbyname(pname);
118         if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0))
119                 {
120                 BIO_printf(bio_err,"%s is an unknown cipher\n",pname);
121                 goto bad;
122                 }
123
124         argc--;
125         argv++;
126         while (argc >= 1)
127                 {
128                 if      (strcmp(*argv,"-e") == 0)
129                         enc=1;
130                 else if (strcmp(*argv,"-in") == 0)
131                         {
132                         if (--argc < 1) goto bad;
133                         inf= *(++argv);
134                         }
135                 else if (strcmp(*argv,"-out") == 0)
136                         {
137                         if (--argc < 1) goto bad;
138                         outf= *(++argv);
139                         }
140                 else if (strcmp(*argv,"-d") == 0)
141                         enc=0;
142                 else if (strcmp(*argv,"-p") == 0)
143                         printkey=1;
144                 else if (strcmp(*argv,"-v") == 0)
145                         verbose=1;
146                 else if ((strcmp(*argv,"-debug") == 0) ||
147                          (strcmp(*argv,"-d") == 0))
148                         debug=1;
149                 else if (strcmp(*argv,"-P") == 0)
150                         printkey=2;
151                 else if (strcmp(*argv,"-A") == 0)
152                         olb64=1;
153                 else if (strcmp(*argv,"-a") == 0)
154                         base64=1;
155                 else if (strcmp(*argv,"-base64") == 0)
156                         base64=1;
157                 else if (strcmp(*argv,"-bufsize") == 0)
158                         {
159                         if (--argc < 1) goto bad;
160                         bufsize=(unsigned char *)*(++argv);
161                         }
162                 else if (strcmp(*argv,"-k") == 0)
163                         {
164                         if (--argc < 1) goto bad;
165                         str= *(++argv);
166                         }
167                 else if (strcmp(*argv,"-kfile") == 0)
168                         {
169                         static char buf[128];
170                         FILE *infile;
171                         char *file;
172
173                         if (--argc < 1) goto bad;
174                         file= *(++argv);
175                         infile=fopen(file,"r");
176                         if (infile == NULL)
177                                 {
178                                 BIO_printf(bio_err,"unable to read key from '%s'\n",
179                                         file);
180                                 goto bad;
181                                 }
182                         buf[0]='\0';
183                         fgets(buf,128,infile);
184                         fclose(infile);
185                         i=strlen(buf);
186                         if ((i > 0) &&
187                                 ((buf[i-1] == '\n') || (buf[i-1] == '\r')))
188                                 buf[--i]='\0';
189                         if ((i > 0) &&
190                                 ((buf[i-1] == '\n') || (buf[i-1] == '\r')))
191                                 buf[--i]='\0';
192                         if (i < 1)
193                                 {
194                                 BIO_printf(bio_err,"zero length password\n");
195                                 goto bad;
196                                 }
197                         str=buf;
198                         }
199                 else if (strcmp(*argv,"-K") == 0)
200                         {
201                         if (--argc < 1) goto bad;
202                         hkey= *(++argv);
203                         }
204                 else if (strcmp(*argv,"-iv") == 0)
205                         {
206                         if (--argc < 1) goto bad;
207                         hiv= *(++argv);
208                         }
209                 else if ((argv[0][0] == '-') &&
210                         ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
211                         {
212                         cipher=c;
213                         }
214                 else if (strcmp(*argv,"-none") == 0)
215                         cipher=NULL;
216                 else
217                         {
218                         BIO_printf(bio_err,"unknown option '%s'\n",*argv);
219 bad:
220                         BIO_printf(bio_err,"options are\n");
221                         BIO_printf(bio_err,"%-14s input file\n","-in <file>");
222                         BIO_printf(bio_err,"%-14s output fileencrypt\n","-out <file>");
223                         BIO_printf(bio_err,"%-14s encrypt\n","-e");
224                         BIO_printf(bio_err,"%-14s decrypt\n","-d");
225                         BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64");
226                         BIO_printf(bio_err,"%-14s key is the next argument\n","-k");
227                         BIO_printf(bio_err,"%-14s key is the first line of the file argument\n","-kfile");
228                         BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
229                         BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
230                         BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
231
232                         BIO_printf(bio_err,"Cipher Types\n");
233                         BIO_printf(bio_err,"des     : 56 bit key DES encryption\n");
234                         BIO_printf(bio_err,"des_ede :112 bit key ede DES encryption\n");
235                         BIO_printf(bio_err,"des_ede3:168 bit key ede DES encryption\n");
236 #ifndef NO_IDEA
237                         BIO_printf(bio_err,"idea    :128 bit key IDEA encryption\n");
238 #endif
239 #ifndef NO_RC4
240                         BIO_printf(bio_err,"rc2     :128 bit key RC2 encryption\n");
241 #endif
242 #ifndef NO_BLOWFISH
243                         BIO_printf(bio_err,"bf      :128 bit key BlowFish encryption\n");
244 #endif
245 #ifndef NO_RC4
246                         BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n",
247                                 LN_rc4);
248 #endif
249
250                         BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
251                                 LN_des_ecb,LN_des_cbc,
252                                 LN_des_cfb64,LN_des_ofb64);
253                         BIO_printf(bio_err," -%-4s (%s)\n",
254                                 "des", LN_des_cbc);
255
256                         BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
257                                 LN_des_ede,LN_des_ede_cbc,
258                                 LN_des_ede_cfb64,LN_des_ede_ofb64);
259                         BIO_printf(bio_err," -desx -none\n");
260
261
262                         BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
263                                 LN_des_ede3,LN_des_ede3_cbc,
264                                 LN_des_ede3_cfb64,LN_des_ede3_ofb64);
265                         BIO_printf(bio_err," -%-4s (%s)\n",
266                                 "des3", LN_des_ede3_cbc);
267
268 #ifndef NO_IDEA
269                         BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
270                                 LN_idea_ecb, LN_idea_cbc,
271                                 LN_idea_cfb64, LN_idea_ofb64);
272                         BIO_printf(bio_err," -%-4s (%s)\n","idea",LN_idea_cbc);
273 #endif
274 #ifndef NO_RC2
275                         BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
276                                 LN_rc2_ecb, LN_rc2_cbc,
277                                 LN_rc2_cfb64, LN_rc2_ofb64);
278                         BIO_printf(bio_err," -%-4s (%s)\n","rc2", LN_rc2_cbc);
279 #endif
280 #ifndef NO_BLOWFISH
281                         BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
282                                 LN_bf_ecb, LN_bf_cbc,
283                                 LN_bf_cfb64, LN_bf_ofb64);
284                         BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc);
285 #endif
286 #ifndef NO_BLOWFISH
287                         BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
288                                 LN_cast5_ecb, LN_cast5_cbc,
289                                 LN_cast5_cfb64, LN_cast5_ofb64);
290                         BIO_printf(bio_err," -%-4s (%s)\n","cast", LN_cast5_cbc);
291 #endif
292 #ifndef NO_BLOWFISH
293                         BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
294                                 LN_rc5_ecb, LN_rc5_cbc,
295                                 LN_rc5_cfb64, LN_rc5_ofb64);
296                         BIO_printf(bio_err," -%-4s (%s)\n","rc5", LN_rc5_cbc);
297 #endif
298                         goto end;
299                         }
300                 argc--;
301                 argv++;
302                 }
303
304         if (bufsize != NULL)
305                 {
306                 unsigned long n;
307
308                 for (n=0; *bufsize; bufsize++)
309                         {
310                         i= *bufsize;
311                         if ((i <= '9') && (i >= '0'))
312                                 n=n*10+i-'0';
313                         else if (i == 'k')
314                                 {
315                                 n*=1024;
316                                 bufsize++;
317                                 break;
318                                 }
319                         }
320                 if (*bufsize != '\0')
321                         {
322                         BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
323                         goto end;
324                         }
325
326                 /* It must be large enough for a base64 encoded line */
327                 if (n < 80) n=80;
328
329                 bsize=(int)n;
330                 if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
331                 }
332
333         strbuf=Malloc(SIZE);
334         buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize));
335         if ((buff == NULL) || (strbuf == NULL))
336                 {
337                 BIO_printf(bio_err,"Malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize));
338                 goto end;
339                 }
340
341         in=BIO_new(BIO_s_file());
342         out=BIO_new(BIO_s_file());
343         if ((in == NULL) || (out == NULL))
344                 {
345                 ERR_print_errors(bio_err);
346                 goto end;
347                 }
348         if (debug)
349                 {
350                 BIO_set_callback(in,BIO_debug_callback);
351                 BIO_set_callback(out,BIO_debug_callback);
352                 BIO_set_callback_arg(in,bio_err);
353                 BIO_set_callback_arg(out,bio_err);
354                 }
355
356         if (inf == NULL)
357                 BIO_set_fp(in,stdin,BIO_NOCLOSE);
358         else
359                 {
360                 if (BIO_read_filename(in,inf) <= 0)
361                         {
362                         perror(inf);
363                         goto end;
364                         }
365                 }
366
367         if ((str == NULL) && (cipher != NULL) && (hkey == NULL))
368                 {
369                 for (;;)
370                         {
371                         char buf[200];
372
373                         sprintf(buf,"enter %s %s password:",
374                                 OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
375                                 (enc)?"encryption":"decryption");
376                         strbuf[0]='\0';
377                         i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
378                         if (i == 0)
379                                 {
380                                 if (strbuf[0] == '\0')
381                                         {
382                                         ret=1;
383                                         goto end;
384                                         }
385                                 str=strbuf;
386                                 break;
387                                 }
388                         if (i < 0)
389                                 {
390                                 BIO_printf(bio_err,"bad password read\n");
391                                 goto end;
392                                 }
393                         }
394                 }
395
396         if (cipher != NULL)
397                 {
398                 if (str != NULL)
399                         {
400                         EVP_BytesToKey(cipher,EVP_md5(),NULL,
401                                 (unsigned char *)str,
402                                 strlen(str),1,key,iv);
403                         /* zero the complete buffer or the string
404                          * passed from the command line
405                          * bug picked up by
406                          * Larry J. Hughes Jr. <hughes@indiana.edu> */
407                         if (str == strbuf)
408                                 memset(str,0,SIZE);
409                         else
410                                 memset(str,0,strlen(str));
411                         }
412                 if ((hiv != NULL) && !set_hex(hiv,iv,8))
413                         {
414                         BIO_printf(bio_err,"invalid hex iv value\n");
415                         goto end;
416                         }
417                 if ((hkey != NULL) && !set_hex(hkey,key,24))
418                         {
419                         BIO_printf(bio_err,"invalid hex key value\n");
420                         goto end;
421                         }
422
423                 if ((benc=BIO_new(BIO_f_cipher())) == NULL)
424                         goto end;
425                 BIO_set_cipher(benc,cipher,key,iv,enc);
426                 if (debug)
427                         {
428                         BIO_set_callback(benc,BIO_debug_callback);
429                         BIO_set_callback_arg(benc,bio_err);
430                         }
431
432                 if (printkey)
433                         {
434                         if (cipher->key_len > 0)
435                                 {
436                                 printf("key=");
437                                 for (i=0; i<cipher->key_len; i++)
438                                         printf("%02X",key[i]);
439                                 printf("\n");
440                                 }
441                         if (cipher->iv_len > 0)
442                                 {
443                                 printf("iv =");
444                                 for (i=0; i<cipher->iv_len; i++)
445                                         printf("%02X",iv[i]);
446                                 printf("\n");
447                                 }
448                         if (printkey == 2)
449                                 {
450                                 ret=0;
451                                 goto end;
452                                 }
453                         }
454                 }
455
456
457         if (outf == NULL)
458                 BIO_set_fp(out,stdout,BIO_NOCLOSE);
459         else
460                 {
461                 if (BIO_write_filename(out,outf) <= 0)
462                         {
463                         perror(outf);
464                         goto end;
465                         }
466                 }
467
468         rbio=in;
469         wbio=out;
470
471         if (base64)
472                 {
473                 if ((b64=BIO_new(BIO_f_base64())) == NULL)
474                         goto end;
475                 if (debug)
476                         {
477                         BIO_set_callback(b64,BIO_debug_callback);
478                         BIO_set_callback_arg(b64,bio_err);
479                         }
480                 if (olb64)
481                         BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
482                 if (enc)
483                         wbio=BIO_push(b64,wbio);
484                 else
485                         rbio=BIO_push(b64,rbio);
486                 }
487
488         /* Only encrypt/decrypt as we write the file */
489         if (benc != NULL)
490                 wbio=BIO_push(benc,wbio);
491
492         for (;;)
493                 {
494                 inl=BIO_read(rbio,(char *)buff,bsize);
495                 if (inl <= 0) break;
496                 if (BIO_write(wbio,(char *)buff,inl) != inl)
497                         {
498                         BIO_printf(bio_err,"error writing output file\n");
499                         goto end;
500                         }
501                 }
502         if (!BIO_flush(wbio))
503                 {
504                 BIO_printf(bio_err,"bad decrypt\n");
505                 goto end;
506                 }
507
508         ret=0;
509         if (verbose)
510                 {
511                 BIO_printf(bio_err,"bytes read   :%8ld\n",BIO_number_read(in));
512                 BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
513                 }
514 end:
515         if (strbuf != NULL) Free(strbuf);
516         if (buff != NULL) Free(buff);
517         if (in != NULL) BIO_free(in);
518         if (out != NULL) BIO_free(out);
519         if (benc != NULL) BIO_free(benc);
520         if (b64 != NULL) BIO_free(b64);
521         EXIT(ret);
522         }
523
524 int set_hex(in,out,size)
525 char *in;
526 unsigned char *out;
527 int size;
528         {
529         int i,n;
530         unsigned char j;
531
532         n=strlen(in);
533         if (n > (size*2))
534                 {
535                 BIO_printf(bio_err,"hex string is too long\n");
536                 return(0);
537                 }
538         memset(out,0,size);
539         for (i=0; i<n; i++)
540                 {
541                 j=(unsigned char)*in;
542                 *(in++)='\0';
543                 if (j == 0) break;
544                 if ((j >= '0') && (j <= '9'))
545                         j-='0';
546                 else if ((j >= 'A') && (j <= 'F'))
547                         j=j-'A'+10;
548                 else if ((j >= 'a') && (j <= 'f'))
549                         j=j-'a'+10;
550                 else
551                         {
552                         BIO_printf(bio_err,"non-hex digit\n");
553                         return(0);
554                         }
555                 if (i&1)
556                         out[i/2]|=j;
557                 else
558                         out[i/2]=(j<<4);
559                 }
560         return(1);
561         }