enc.c 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763
  1. /*
  2. * Copyright 1995-2022 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <stdlib.h>
  11. #include <string.h>
  12. #include <limits.h>
  13. #include "apps.h"
  14. #include "progs.h"
  15. #include <openssl/bio.h>
  16. #include <openssl/err.h>
  17. #include <openssl/evp.h>
  18. #include <openssl/objects.h>
  19. #include <openssl/x509.h>
  20. #include <openssl/rand.h>
  21. #include <openssl/pem.h>
  22. #ifndef OPENSSL_NO_COMP
  23. # include <openssl/comp.h>
  24. #endif
  25. #include <ctype.h>
  26. #undef SIZE
  27. #undef BSIZE
  28. #define SIZE (512)
  29. #define BSIZE (8*1024)
  30. static int set_hex(const char *in, unsigned char *out, int size);
  31. static void show_ciphers(const OBJ_NAME *name, void *bio_);
  32. struct doall_enc_ciphers {
  33. BIO *bio;
  34. int n;
  35. };
  36. typedef enum OPTION_choice {
  37. OPT_COMMON,
  38. OPT_LIST,
  39. OPT_E, OPT_IN, OPT_OUT, OPT_PASS, OPT_ENGINE, OPT_D, OPT_P, OPT_V,
  40. OPT_NOPAD, OPT_SALT, OPT_NOSALT, OPT_DEBUG, OPT_UPPER_P, OPT_UPPER_A,
  41. OPT_A, OPT_Z, OPT_BUFSIZE, OPT_K, OPT_KFILE, OPT_UPPER_K, OPT_NONE,
  42. OPT_UPPER_S, OPT_IV, OPT_MD, OPT_ITER, OPT_PBKDF2, OPT_CIPHER,
  43. OPT_R_ENUM, OPT_PROV_ENUM
  44. } OPTION_CHOICE;
  45. const OPTIONS enc_options[] = {
  46. OPT_SECTION("General"),
  47. {"help", OPT_HELP, '-', "Display this summary"},
  48. {"list", OPT_LIST, '-', "List ciphers"},
  49. #ifndef OPENSSL_NO_DEPRECATED_3_0
  50. {"ciphers", OPT_LIST, '-', "Alias for -list"},
  51. #endif
  52. {"e", OPT_E, '-', "Encrypt"},
  53. {"d", OPT_D, '-', "Decrypt"},
  54. {"p", OPT_P, '-', "Print the iv/key"},
  55. {"P", OPT_UPPER_P, '-', "Print the iv/key and exit"},
  56. #ifndef OPENSSL_NO_ENGINE
  57. {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
  58. #endif
  59. OPT_SECTION("Input"),
  60. {"in", OPT_IN, '<', "Input file"},
  61. {"k", OPT_K, 's', "Passphrase"},
  62. {"kfile", OPT_KFILE, '<', "Read passphrase from file"},
  63. OPT_SECTION("Output"),
  64. {"out", OPT_OUT, '>', "Output file"},
  65. {"pass", OPT_PASS, 's', "Passphrase source"},
  66. {"v", OPT_V, '-', "Verbose output"},
  67. {"a", OPT_A, '-', "Base64 encode/decode, depending on encryption flag"},
  68. {"base64", OPT_A, '-', "Same as option -a"},
  69. {"A", OPT_UPPER_A, '-',
  70. "Used with -[base64|a] to specify base64 buffer as a single line"},
  71. OPT_SECTION("Encryption"),
  72. {"nopad", OPT_NOPAD, '-', "Disable standard block padding"},
  73. {"salt", OPT_SALT, '-', "Use salt in the KDF (default)"},
  74. {"nosalt", OPT_NOSALT, '-', "Do not use salt in the KDF"},
  75. {"debug", OPT_DEBUG, '-', "Print debug info"},
  76. {"bufsize", OPT_BUFSIZE, 's', "Buffer size"},
  77. {"K", OPT_UPPER_K, 's', "Raw key, in hex"},
  78. {"S", OPT_UPPER_S, 's', "Salt, in hex"},
  79. {"iv", OPT_IV, 's', "IV in hex"},
  80. {"md", OPT_MD, 's', "Use specified digest to create a key from the passphrase"},
  81. {"iter", OPT_ITER, 'p', "Specify the iteration count and force use of PBKDF2"},
  82. {"pbkdf2", OPT_PBKDF2, '-', "Use password-based key derivation function 2"},
  83. {"none", OPT_NONE, '-', "Don't encrypt"},
  84. #ifndef OPENSSL_NO_ZLIB
  85. {"z", OPT_Z, '-', "Compress or decompress encrypted data using zlib"},
  86. #endif
  87. {"", OPT_CIPHER, '-', "Any supported cipher"},
  88. OPT_R_OPTIONS,
  89. OPT_PROV_OPTIONS,
  90. {NULL}
  91. };
  92. int enc_main(int argc, char **argv)
  93. {
  94. static char buf[128];
  95. static const char magic[] = "Salted__";
  96. ENGINE *e = NULL;
  97. BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio =
  98. NULL, *wbio = NULL;
  99. EVP_CIPHER_CTX *ctx = NULL;
  100. EVP_CIPHER *cipher = NULL;
  101. EVP_MD *dgst = NULL;
  102. const char *digestname = NULL;
  103. char *hkey = NULL, *hiv = NULL, *hsalt = NULL, *p;
  104. char *infile = NULL, *outfile = NULL, *prog;
  105. char *str = NULL, *passarg = NULL, *pass = NULL, *strbuf = NULL;
  106. const char *ciphername = NULL;
  107. char mbuf[sizeof(magic) - 1];
  108. OPTION_CHOICE o;
  109. int bsize = BSIZE, verbose = 0, debug = 0, olb64 = 0, nosalt = 0;
  110. int enc = 1, printkey = 0, i, k;
  111. int base64 = 0, informat = FORMAT_BINARY, outformat = FORMAT_BINARY;
  112. int ret = 1, inl, nopad = 0;
  113. unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
  114. unsigned char *buff = NULL, salt[PKCS5_SALT_LEN];
  115. int pbkdf2 = 0;
  116. int iter = 0;
  117. long n;
  118. int streamable = 1;
  119. int wrap = 0;
  120. struct doall_enc_ciphers dec;
  121. #ifndef OPENSSL_NO_ZLIB
  122. int do_zlib = 0;
  123. BIO *bzl = NULL;
  124. #endif
  125. int do_brotli = 0;
  126. BIO *bbrot = NULL;
  127. int do_zstd = 0;
  128. BIO *bzstd = NULL;
  129. /* first check the command name */
  130. if (strcmp(argv[0], "base64") == 0)
  131. base64 = 1;
  132. #ifndef OPENSSL_NO_ZLIB
  133. else if (strcmp(argv[0], "zlib") == 0)
  134. do_zlib = 1;
  135. #endif
  136. #ifndef OPENSSL_NO_BROTLI
  137. else if (strcmp(argv[0], "brotli") == 0)
  138. do_brotli = 1;
  139. #endif
  140. #ifndef OPENSSL_NO_ZSTD
  141. else if (strcmp(argv[0], "zstd") == 0)
  142. do_zstd = 1;
  143. #endif
  144. else if (strcmp(argv[0], "enc") != 0)
  145. ciphername = argv[0];
  146. opt_set_unknown_name("cipher");
  147. prog = opt_init(argc, argv, enc_options);
  148. while ((o = opt_next()) != OPT_EOF) {
  149. switch (o) {
  150. case OPT_EOF:
  151. case OPT_ERR:
  152. opthelp:
  153. BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
  154. goto end;
  155. case OPT_HELP:
  156. opt_help(enc_options);
  157. ret = 0;
  158. goto end;
  159. case OPT_LIST:
  160. BIO_printf(bio_out, "Supported ciphers:\n");
  161. dec.bio = bio_out;
  162. dec.n = 0;
  163. OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
  164. show_ciphers, &dec);
  165. BIO_printf(bio_out, "\n");
  166. ret = 0;
  167. goto end;
  168. case OPT_E:
  169. enc = 1;
  170. break;
  171. case OPT_IN:
  172. infile = opt_arg();
  173. break;
  174. case OPT_OUT:
  175. outfile = opt_arg();
  176. break;
  177. case OPT_PASS:
  178. passarg = opt_arg();
  179. break;
  180. case OPT_ENGINE:
  181. e = setup_engine(opt_arg(), 0);
  182. break;
  183. case OPT_D:
  184. enc = 0;
  185. break;
  186. case OPT_P:
  187. printkey = 1;
  188. break;
  189. case OPT_V:
  190. verbose = 1;
  191. break;
  192. case OPT_NOPAD:
  193. nopad = 1;
  194. break;
  195. case OPT_SALT:
  196. nosalt = 0;
  197. break;
  198. case OPT_NOSALT:
  199. nosalt = 1;
  200. break;
  201. case OPT_DEBUG:
  202. debug = 1;
  203. break;
  204. case OPT_UPPER_P:
  205. printkey = 2;
  206. break;
  207. case OPT_UPPER_A:
  208. olb64 = 1;
  209. break;
  210. case OPT_A:
  211. base64 = 1;
  212. break;
  213. case OPT_Z:
  214. #ifndef OPENSSL_NO_ZLIB
  215. do_zlib = 1;
  216. #endif
  217. break;
  218. case OPT_BUFSIZE:
  219. p = opt_arg();
  220. i = (int)strlen(p) - 1;
  221. k = i >= 1 && p[i] == 'k';
  222. if (k)
  223. p[i] = '\0';
  224. if (!opt_long(opt_arg(), &n)
  225. || n < 0 || (k && n >= LONG_MAX / 1024))
  226. goto opthelp;
  227. if (k)
  228. n *= 1024;
  229. bsize = (int)n;
  230. break;
  231. case OPT_K:
  232. str = opt_arg();
  233. break;
  234. case OPT_KFILE:
  235. in = bio_open_default(opt_arg(), 'r', FORMAT_TEXT);
  236. if (in == NULL)
  237. goto opthelp;
  238. i = BIO_gets(in, buf, sizeof(buf));
  239. BIO_free(in);
  240. in = NULL;
  241. if (i <= 0) {
  242. BIO_printf(bio_err,
  243. "%s Can't read key from %s\n", prog, opt_arg());
  244. goto opthelp;
  245. }
  246. while (--i > 0 && (buf[i] == '\r' || buf[i] == '\n'))
  247. buf[i] = '\0';
  248. if (i <= 0) {
  249. BIO_printf(bio_err, "%s: zero length password\n", prog);
  250. goto opthelp;
  251. }
  252. str = buf;
  253. break;
  254. case OPT_UPPER_K:
  255. hkey = opt_arg();
  256. break;
  257. case OPT_UPPER_S:
  258. hsalt = opt_arg();
  259. break;
  260. case OPT_IV:
  261. hiv = opt_arg();
  262. break;
  263. case OPT_MD:
  264. digestname = opt_arg();
  265. break;
  266. case OPT_CIPHER:
  267. ciphername = opt_unknown();
  268. break;
  269. case OPT_ITER:
  270. iter = opt_int_arg();
  271. pbkdf2 = 1;
  272. break;
  273. case OPT_PBKDF2:
  274. pbkdf2 = 1;
  275. if (iter == 0) /* do not overwrite a chosen value */
  276. iter = 10000;
  277. break;
  278. case OPT_NONE:
  279. cipher = NULL;
  280. break;
  281. case OPT_R_CASES:
  282. if (!opt_rand(o))
  283. goto end;
  284. break;
  285. case OPT_PROV_CASES:
  286. if (!opt_provider(o))
  287. goto end;
  288. break;
  289. }
  290. }
  291. /* No extra arguments. */
  292. if (!opt_check_rest_arg(NULL))
  293. goto opthelp;
  294. if (!app_RAND_load())
  295. goto end;
  296. /* Get the cipher name, either from progname (if set) or flag. */
  297. if (!opt_cipher(ciphername, &cipher))
  298. goto opthelp;
  299. if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_WRAP_MODE)) {
  300. wrap = 1;
  301. streamable = 0;
  302. }
  303. if (digestname != NULL) {
  304. if (!opt_md(digestname, &dgst))
  305. goto opthelp;
  306. }
  307. if (dgst == NULL)
  308. dgst = (EVP_MD *)EVP_sha256();
  309. if (iter == 0)
  310. iter = 1;
  311. /* It must be large enough for a base64 encoded line */
  312. if (base64 && bsize < 80)
  313. bsize = 80;
  314. if (verbose)
  315. BIO_printf(bio_err, "bufsize=%d\n", bsize);
  316. #ifndef OPENSSL_NO_ZLIB
  317. if (do_zlib)
  318. base64 = 0;
  319. #endif
  320. if (do_brotli)
  321. base64 = 0;
  322. if (do_zstd)
  323. base64 = 0;
  324. if (base64) {
  325. if (enc)
  326. outformat = FORMAT_BASE64;
  327. else
  328. informat = FORMAT_BASE64;
  329. }
  330. strbuf = app_malloc(SIZE, "strbuf");
  331. buff = app_malloc(EVP_ENCODE_LENGTH(bsize), "evp buffer");
  332. if (infile == NULL) {
  333. if (!streamable && printkey != 2) { /* if just print key and exit, it's ok */
  334. BIO_printf(bio_err, "Unstreamable cipher mode\n");
  335. goto end;
  336. }
  337. in = dup_bio_in(informat);
  338. } else {
  339. in = bio_open_default(infile, 'r', informat);
  340. }
  341. if (in == NULL)
  342. goto end;
  343. if (str == NULL && passarg != NULL) {
  344. if (!app_passwd(passarg, NULL, &pass, NULL)) {
  345. BIO_printf(bio_err, "Error getting password\n");
  346. goto end;
  347. }
  348. str = pass;
  349. }
  350. if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
  351. if (1) {
  352. #ifndef OPENSSL_NO_UI_CONSOLE
  353. for (;;) {
  354. char prompt[200];
  355. BIO_snprintf(prompt, sizeof(prompt), "enter %s %s password:",
  356. EVP_CIPHER_get0_name(cipher),
  357. (enc) ? "encryption" : "decryption");
  358. strbuf[0] = '\0';
  359. i = EVP_read_pw_string((char *)strbuf, SIZE, prompt, enc);
  360. if (i == 0) {
  361. if (strbuf[0] == '\0') {
  362. ret = 1;
  363. goto end;
  364. }
  365. str = strbuf;
  366. break;
  367. }
  368. if (i < 0) {
  369. BIO_printf(bio_err, "bad password read\n");
  370. goto end;
  371. }
  372. }
  373. } else {
  374. #endif
  375. BIO_printf(bio_err, "password required\n");
  376. goto end;
  377. }
  378. }
  379. out = bio_open_default(outfile, 'w', outformat);
  380. if (out == NULL)
  381. goto end;
  382. if (debug) {
  383. BIO_set_callback_ex(in, BIO_debug_callback_ex);
  384. BIO_set_callback_ex(out, BIO_debug_callback_ex);
  385. BIO_set_callback_arg(in, (char *)bio_err);
  386. BIO_set_callback_arg(out, (char *)bio_err);
  387. }
  388. rbio = in;
  389. wbio = out;
  390. #ifndef OPENSSL_NO_COMP
  391. # ifndef OPENSSL_NO_ZLIB
  392. if (do_zlib) {
  393. if ((bzl = BIO_new(BIO_f_zlib())) == NULL)
  394. goto end;
  395. if (debug) {
  396. BIO_set_callback_ex(bzl, BIO_debug_callback_ex);
  397. BIO_set_callback_arg(bzl, (char *)bio_err);
  398. }
  399. if (enc)
  400. wbio = BIO_push(bzl, wbio);
  401. else
  402. rbio = BIO_push(bzl, rbio);
  403. }
  404. # endif
  405. if (do_brotli) {
  406. if ((bbrot = BIO_new(BIO_f_brotli())) == NULL)
  407. goto end;
  408. if (debug) {
  409. BIO_set_callback_ex(bbrot, BIO_debug_callback_ex);
  410. BIO_set_callback_arg(bbrot, (char *)bio_err);
  411. }
  412. if (enc)
  413. wbio = BIO_push(bbrot, wbio);
  414. else
  415. rbio = BIO_push(bbrot, rbio);
  416. }
  417. if (do_zstd) {
  418. if ((bzstd = BIO_new(BIO_f_zstd())) == NULL)
  419. goto end;
  420. if (debug) {
  421. BIO_set_callback_ex(bzstd, BIO_debug_callback_ex);
  422. BIO_set_callback_arg(bzstd, (char *)bio_err);
  423. }
  424. if (enc)
  425. wbio = BIO_push(bzstd, wbio);
  426. else
  427. rbio = BIO_push(bzstd, rbio);
  428. }
  429. #endif
  430. if (base64) {
  431. if ((b64 = BIO_new(BIO_f_base64())) == NULL)
  432. goto end;
  433. if (debug) {
  434. BIO_set_callback_ex(b64, BIO_debug_callback_ex);
  435. BIO_set_callback_arg(b64, (char *)bio_err);
  436. }
  437. if (olb64)
  438. BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
  439. if (enc)
  440. wbio = BIO_push(b64, wbio);
  441. else
  442. rbio = BIO_push(b64, rbio);
  443. }
  444. if (cipher != NULL) {
  445. if (str != NULL) { /* a passphrase is available */
  446. /*
  447. * Salt handling: if encrypting generate a salt if not supplied,
  448. * and write to output BIO. If decrypting use salt from input BIO
  449. * if not given with args
  450. */
  451. unsigned char *sptr;
  452. size_t str_len = strlen(str);
  453. if (nosalt) {
  454. sptr = NULL;
  455. } else {
  456. if (hsalt != NULL && !set_hex(hsalt, salt, sizeof(salt))) {
  457. BIO_printf(bio_err, "invalid hex salt value\n");
  458. goto end;
  459. }
  460. if (enc) { /* encryption */
  461. if (hsalt == NULL) {
  462. if (RAND_bytes(salt, sizeof(salt)) <= 0) {
  463. BIO_printf(bio_err, "RAND_bytes failed\n");
  464. goto end;
  465. }
  466. /*
  467. * If -P option then don't bother writing.
  468. * If salt is given, shouldn't either ?
  469. */
  470. if ((printkey != 2)
  471. && (BIO_write(wbio, magic,
  472. sizeof(magic) - 1) != sizeof(magic) - 1
  473. || BIO_write(wbio,
  474. (char *)salt,
  475. sizeof(salt)) != sizeof(salt))) {
  476. BIO_printf(bio_err, "error writing output file\n");
  477. goto end;
  478. }
  479. }
  480. } else { /* decryption */
  481. if (hsalt == NULL) {
  482. if (BIO_read(rbio, mbuf, sizeof(mbuf)) != sizeof(mbuf)) {
  483. BIO_printf(bio_err, "error reading input file\n");
  484. goto end;
  485. }
  486. if (memcmp(mbuf, magic, sizeof(mbuf)) == 0) { /* file IS salted */
  487. if (BIO_read(rbio, salt,
  488. sizeof(salt)) != sizeof(salt)) {
  489. BIO_printf(bio_err, "error reading input file\n");
  490. goto end;
  491. }
  492. } else { /* file is NOT salted, NO salt available */
  493. BIO_printf(bio_err, "bad magic number\n");
  494. goto end;
  495. }
  496. }
  497. }
  498. sptr = salt;
  499. }
  500. if (pbkdf2 == 1) {
  501. /*
  502. * derive key and default iv
  503. * concatenated into a temporary buffer
  504. */
  505. unsigned char tmpkeyiv[EVP_MAX_KEY_LENGTH + EVP_MAX_IV_LENGTH];
  506. int iklen = EVP_CIPHER_get_key_length(cipher);
  507. int ivlen = EVP_CIPHER_get_iv_length(cipher);
  508. /* not needed if HASH_UPDATE() is fixed : */
  509. int islen = (sptr != NULL ? sizeof(salt) : 0);
  510. if (!PKCS5_PBKDF2_HMAC(str, str_len, sptr, islen,
  511. iter, dgst, iklen+ivlen, tmpkeyiv)) {
  512. BIO_printf(bio_err, "PKCS5_PBKDF2_HMAC failed\n");
  513. goto end;
  514. }
  515. /* split and move data back to global buffer */
  516. memcpy(key, tmpkeyiv, iklen);
  517. memcpy(iv, tmpkeyiv+iklen, ivlen);
  518. } else {
  519. BIO_printf(bio_err, "*** WARNING : "
  520. "deprecated key derivation used.\n"
  521. "Using -iter or -pbkdf2 would be better.\n");
  522. if (!EVP_BytesToKey(cipher, dgst, sptr,
  523. (unsigned char *)str, str_len,
  524. 1, key, iv)) {
  525. BIO_printf(bio_err, "EVP_BytesToKey failed\n");
  526. goto end;
  527. }
  528. }
  529. /*
  530. * zero the complete buffer or the string passed from the command
  531. * line.
  532. */
  533. if (str == strbuf)
  534. OPENSSL_cleanse(str, SIZE);
  535. else
  536. OPENSSL_cleanse(str, str_len);
  537. }
  538. if (hiv != NULL) {
  539. int siz = EVP_CIPHER_get_iv_length(cipher);
  540. if (siz == 0) {
  541. BIO_printf(bio_err, "warning: iv not used by this cipher\n");
  542. } else if (!set_hex(hiv, iv, siz)) {
  543. BIO_printf(bio_err, "invalid hex iv value\n");
  544. goto end;
  545. }
  546. }
  547. if ((hiv == NULL) && (str == NULL)
  548. && EVP_CIPHER_get_iv_length(cipher) != 0
  549. && wrap == 0) {
  550. /*
  551. * No IV was explicitly set and no IV was generated.
  552. * Hence the IV is undefined, making correct decryption impossible.
  553. */
  554. BIO_printf(bio_err, "iv undefined\n");
  555. goto end;
  556. }
  557. if (hkey != NULL) {
  558. if (!set_hex(hkey, key, EVP_CIPHER_get_key_length(cipher))) {
  559. BIO_printf(bio_err, "invalid hex key value\n");
  560. goto end;
  561. }
  562. /* wiping secret data as we no longer need it */
  563. cleanse(hkey);
  564. }
  565. if ((benc = BIO_new(BIO_f_cipher())) == NULL)
  566. goto end;
  567. /*
  568. * Since we may be changing parameters work on the encryption context
  569. * rather than calling BIO_set_cipher().
  570. */
  571. BIO_get_cipher_ctx(benc, &ctx);
  572. if (wrap == 1)
  573. EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
  574. if (!EVP_CipherInit_ex(ctx, cipher, e, NULL, NULL, enc)) {
  575. BIO_printf(bio_err, "Error setting cipher %s\n",
  576. EVP_CIPHER_get0_name(cipher));
  577. ERR_print_errors(bio_err);
  578. goto end;
  579. }
  580. if (nopad)
  581. EVP_CIPHER_CTX_set_padding(ctx, 0);
  582. if (!EVP_CipherInit_ex(ctx, NULL, NULL, key,
  583. (hiv == NULL && wrap == 1 ? NULL : iv), enc)) {
  584. BIO_printf(bio_err, "Error setting cipher %s\n",
  585. EVP_CIPHER_get0_name(cipher));
  586. ERR_print_errors(bio_err);
  587. goto end;
  588. }
  589. if (debug) {
  590. BIO_set_callback_ex(benc, BIO_debug_callback_ex);
  591. BIO_set_callback_arg(benc, (char *)bio_err);
  592. }
  593. if (printkey) {
  594. if (!nosalt) {
  595. printf("salt=");
  596. for (i = 0; i < (int)sizeof(salt); i++)
  597. printf("%02X", salt[i]);
  598. printf("\n");
  599. }
  600. if (EVP_CIPHER_get_key_length(cipher) > 0) {
  601. printf("key=");
  602. for (i = 0; i < EVP_CIPHER_get_key_length(cipher); i++)
  603. printf("%02X", key[i]);
  604. printf("\n");
  605. }
  606. if (EVP_CIPHER_get_iv_length(cipher) > 0) {
  607. printf("iv =");
  608. for (i = 0; i < EVP_CIPHER_get_iv_length(cipher); i++)
  609. printf("%02X", iv[i]);
  610. printf("\n");
  611. }
  612. if (printkey == 2) {
  613. ret = 0;
  614. goto end;
  615. }
  616. }
  617. }
  618. /* Only encrypt/decrypt as we write the file */
  619. if (benc != NULL)
  620. wbio = BIO_push(benc, wbio);
  621. while (BIO_pending(rbio) || !BIO_eof(rbio)) {
  622. inl = BIO_read(rbio, (char *)buff, bsize);
  623. if (inl <= 0)
  624. break;
  625. if (!streamable && !BIO_eof(rbio)) { /* do not output data */
  626. BIO_printf(bio_err, "Unstreamable cipher mode\n");
  627. goto end;
  628. }
  629. if (BIO_write(wbio, (char *)buff, inl) != inl) {
  630. BIO_printf(bio_err, "error writing output file\n");
  631. goto end;
  632. }
  633. if (!streamable)
  634. break;
  635. }
  636. if (!BIO_flush(wbio)) {
  637. BIO_printf(bio_err, "bad decrypt\n");
  638. goto end;
  639. }
  640. ret = 0;
  641. if (verbose) {
  642. BIO_printf(bio_err, "bytes read : %8ju\n", BIO_number_read(in));
  643. BIO_printf(bio_err, "bytes written: %8ju\n", BIO_number_written(out));
  644. }
  645. end:
  646. ERR_print_errors(bio_err);
  647. OPENSSL_free(strbuf);
  648. OPENSSL_free(buff);
  649. BIO_free(in);
  650. BIO_free_all(out);
  651. BIO_free(benc);
  652. BIO_free(b64);
  653. EVP_MD_free(dgst);
  654. EVP_CIPHER_free(cipher);
  655. #ifndef OPENSSL_NO_ZLIB
  656. BIO_free(bzl);
  657. #endif
  658. BIO_free(bbrot);
  659. BIO_free(bzstd);
  660. release_engine(e);
  661. OPENSSL_free(pass);
  662. return ret;
  663. }
  664. static void show_ciphers(const OBJ_NAME *name, void *arg)
  665. {
  666. struct doall_enc_ciphers *dec = (struct doall_enc_ciphers *)arg;
  667. const EVP_CIPHER *cipher;
  668. if (!islower((unsigned char)*name->name))
  669. return;
  670. /* Filter out ciphers that we cannot use */
  671. cipher = EVP_get_cipherbyname(name->name);
  672. if (cipher == NULL
  673. || (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0
  674. || EVP_CIPHER_get_mode(cipher) == EVP_CIPH_XTS_MODE)
  675. return;
  676. BIO_printf(dec->bio, "-%-25s", name->name);
  677. if (++dec->n == 3) {
  678. BIO_printf(dec->bio, "\n");
  679. dec->n = 0;
  680. } else
  681. BIO_printf(dec->bio, " ");
  682. }
  683. static int set_hex(const char *in, unsigned char *out, int size)
  684. {
  685. int i, n;
  686. unsigned char j;
  687. i = size * 2;
  688. n = strlen(in);
  689. if (n > i) {
  690. BIO_printf(bio_err, "hex string is too long, ignoring excess\n");
  691. n = i; /* ignore exceeding part */
  692. } else if (n < i) {
  693. BIO_printf(bio_err, "hex string is too short, padding with zero bytes to length\n");
  694. }
  695. memset(out, 0, size);
  696. for (i = 0; i < n; i++) {
  697. j = (unsigned char)*in++;
  698. if (!isxdigit(j)) {
  699. BIO_printf(bio_err, "non-hex digit\n");
  700. return 0;
  701. }
  702. j = (unsigned char)OPENSSL_hexchar2int(j);
  703. if (i & 1)
  704. out[i / 2] |= j;
  705. else
  706. out[i / 2] = (j << 4);
  707. }
  708. return 1;
  709. }