X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fenc.c;h=6531c58c542e70aa04a243a101afeddb55b5b822;hp=d033e380c4febf2e8acf3123ed2264d118500227;hb=cd3c54e50f0f0b3839bb70fabbe222e389732146;hpb=fd699ac55f736e5b39b5fe3c244115e6b776eafa diff --git a/apps/enc.c b/apps/enc.c index d033e380c4..6531c58c54 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -80,18 +80,22 @@ int set_hex(char *in,unsigned char *out,int size); #define BSIZE (8*1024) #define PROG enc_main +int MAIN(int, char **); + int MAIN(int argc, char **argv) { + static const char magic[]="Salted__"; + char mbuf[8]; /* should be 1 smaller than magic */ char *strbuf=NULL; unsigned char *buff=NULL,*bufsize=NULL; int bsize=BSIZE,verbose=0; int ret=1,inl; unsigned char key[24],iv[MD5_DIGEST_LENGTH]; unsigned char salt[PKCS5_SALT_LEN]; - char *str=NULL; + char *str=NULL, *passarg = NULL, *pass = NULL; char *hkey=NULL,*hiv=NULL,*hsalt = NULL; int enc=1,printkey=0,i,base64=0; - int debug=0,olb64=0,nosalt=1; + int debug=0,olb64=0,nosalt=0; const EVP_CIPHER *cipher=NULL,*c; char *inf=NULL,*outf=NULL; BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL; @@ -132,6 +136,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; outf= *(++argv); } + else if (strcmp(*argv,"-pass") == 0) + { + if (--argc < 1) goto bad; + passarg= *(++argv); + } else if (strcmp(*argv,"-d") == 0) enc=0; else if (strcmp(*argv,"-p") == 0) @@ -222,7 +231,8 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"options are\n"); BIO_printf(bio_err,"%-14s input file\n","-in "); - BIO_printf(bio_err,"%-14s output fileencrypt\n","-out "); + BIO_printf(bio_err,"%-14s output file\n","-out "); + BIO_printf(bio_err,"%-14s pass phrase source\n","-pass "); BIO_printf(bio_err,"%-14s encrypt\n","-e"); BIO_printf(bio_err,"%-14s decrypt\n","-d"); BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64"); @@ -243,7 +253,7 @@ bad: BIO_printf(bio_err,"rc2 :128 bit key RC2 encryption\n"); #endif #ifndef NO_BF - BIO_printf(bio_err,"bf :128 bit key BlowFish encryption\n"); + BIO_printf(bio_err,"bf :128 bit key Blowfish encryption\n"); #endif #ifndef NO_RC4 BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n", @@ -367,6 +377,14 @@ bad: } } + if(!str && passarg) { + if(!app_passwd(bio_err, passarg, NULL, &pass, NULL)) { + BIO_printf(bio_err, "Error getting password\n"); + goto end; + } + str = pass; + } + if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) { for (;;) @@ -446,19 +464,29 @@ bad: "invalid hex salt value\n"); goto end; } - } else RAND_bytes(salt, PKCS5_SALT_LEN); + } else if (RAND_pseudo_bytes(salt, PKCS5_SALT_LEN) < 0) + goto end; /* If -P option then don't bother writing */ - if((printkey != 2) && (BIO_write(wbio, - (unsigned char *) salt, - PKCS5_SALT_LEN) != PKCS5_SALT_LEN)) { + if((printkey != 2) + && (BIO_write(wbio,magic, + sizeof magic-1) != sizeof magic-1 + || BIO_write(wbio, + (char *)salt, + PKCS5_SALT_LEN) != PKCS5_SALT_LEN)) { BIO_printf(bio_err,"error writing output file\n"); goto end; } - } else if(BIO_read(rbio, (unsigned char *)salt, + } else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf + || BIO_read(rbio, + (unsigned char *)salt, PKCS5_SALT_LEN) != PKCS5_SALT_LEN) { BIO_printf(bio_err,"error reading input file\n"); goto end; + } else if(memcmp(mbuf,magic,sizeof magic-1)) { + BIO_printf(bio_err,"bad magic number\n"); + goto end; } + sptr = salt; } @@ -552,12 +580,14 @@ bad: BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out)); } end: + ERR_print_errors(bio_err); if (strbuf != NULL) Free(strbuf); if (buff != NULL) Free(buff); if (in != NULL) BIO_free(in); if (out != NULL) BIO_free(out); if (benc != NULL) BIO_free(benc); if (b64 != NULL) BIO_free(b64); + if(pass) Free(pass); EXIT(ret); }