X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fenc.c;h=aef8978a9a52c0883530cf4c07711bd13ff420e5;hp=c28d8b19480f2f9605a44a42f5eaa312715b270f;hb=3a98f9cf20c6af604799ee079bec496b296bb5cc;hpb=c8bbd98a2b0c2a5164c42f951cd2866512839b5a diff --git a/apps/enc.c b/apps/enc.c index c28d8b1948..aef8978a9a 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -129,6 +129,7 @@ int MAIN(int argc, char **argv) char *engine = NULL; #endif const EVP_MD *dgst=NULL; + int non_fips_allow = 0; apps_startup(); @@ -281,6 +282,8 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; md= *(++argv); } + else if (strcmp(*argv,"-non-fips-allow") == 0) + non_fips_allow = 1; else if ((argv[0][0] == '-') && ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) { @@ -393,8 +396,10 @@ bad: if (inf == NULL) { +#ifndef OPENSSL_NO_SETVBUF_IONBF if (bufsize != NULL) setvbuf(stdin, (char *)NULL, _IONBF, 0); +#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ BIO_set_fp(in,stdin,BIO_NOCLOSE); } else @@ -447,8 +452,10 @@ bad: if (outf == NULL) { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifndef OPENSSL_NO_SETVBUF_IONBF if (bufsize != NULL) setvbuf(stdout, (char *)NULL, _IONBF, 0); +#endif /* ndef OPENSSL_NO_SETVBUF_IONBF */ #ifdef OPENSSL_SYS_VMS { BIO *tmpbio = BIO_new(BIO_f_linebuffer()); @@ -545,9 +552,13 @@ bad: sptr = salt; } - EVP_BytesToKey(cipher,dgst,sptr, - (unsigned char *)str, - strlen(str),1,key,iv); + if (!EVP_BytesToKey(cipher,dgst,sptr, + (unsigned char *)str, + strlen(str),1,key,iv)) + { + BIO_printf(bio_err, "EVP_BytesToKey failed\n"); + goto end; + } /* zero the complete buffer or the string * passed from the command line * bug picked up by @@ -585,6 +596,11 @@ bad: */ BIO_get_cipher_ctx(benc, &ctx); + + if (non_fips_allow) + EVP_CIPHER_CTX_set_flags(ctx, + EVP_CIPH_FLAG_NON_FIPS_ALLOW); + if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) { BIO_printf(bio_err, "Error setting cipher %s\n",