2
0

enc.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631
  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  2. * All rights reserved.
  3. *
  4. * This package is an SSL implementation written
  5. * by Eric Young (eay@cryptsoft.com).
  6. * The implementation was written so as to conform with Netscapes SSL.
  7. *
  8. * This library is free for commercial and non-commercial use as long as
  9. * the following conditions are aheared to. The following conditions
  10. * apply to all code found in this distribution, be it the RC4, RSA,
  11. * lhash, DES, etc., code; not just the SSL code. The SSL documentation
  12. * included with this distribution is covered by the same copyright terms
  13. * except that the holder is Tim Hudson (tjh@cryptsoft.com).
  14. *
  15. * Copyright remains Eric Young's, and as such any Copyright notices in
  16. * the code are not to be removed.
  17. * If this package is used in a product, Eric Young should be given attribution
  18. * as the author of the parts of the library used.
  19. * This can be in the form of a textual message at program startup or
  20. * in documentation (online or textual) provided with the package.
  21. *
  22. * Redistribution and use in source and binary forms, with or without
  23. * modification, are permitted provided that the following conditions
  24. * are met:
  25. * 1. Redistributions of source code must retain the copyright
  26. * notice, this list of conditions and the following disclaimer.
  27. * 2. Redistributions in binary form must reproduce the above copyright
  28. * notice, this list of conditions and the following disclaimer in the
  29. * documentation and/or other materials provided with the distribution.
  30. * 3. All advertising materials mentioning features or use of this software
  31. * must display the following acknowledgement:
  32. * "This product includes cryptographic software written by
  33. * Eric Young (eay@cryptsoft.com)"
  34. * The word 'cryptographic' can be left out if the rouines from the library
  35. * being used are not cryptographic related :-).
  36. * 4. If you include any Windows specific code (or a derivative thereof) from
  37. * the apps directory (application code) you must include an acknowledgement:
  38. * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
  39. *
  40. * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
  41. * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  42. * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  43. * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  44. * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  45. * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  46. * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  48. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  49. * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  50. * SUCH DAMAGE.
  51. *
  52. * The licence and distribution terms for any publically available version or
  53. * derivative of this code cannot be changed. i.e. this code cannot simply be
  54. * copied and put under another distribution licence
  55. * [including the GNU Public Licence.]
  56. */
  57. #include <stdio.h>
  58. #include <stdlib.h>
  59. #include <string.h>
  60. #include <limits.h>
  61. #include "apps.h"
  62. #include <openssl/bio.h>
  63. #include <openssl/err.h>
  64. #include <openssl/evp.h>
  65. #include <openssl/objects.h>
  66. #include <openssl/x509.h>
  67. #include <openssl/rand.h>
  68. #include <openssl/pem.h>
  69. #ifndef OPENSSL_NO_COMP
  70. # include <openssl/comp.h>
  71. #endif
  72. #include <ctype.h>
  73. #undef SIZE
  74. #undef BSIZE
  75. #define SIZE (512)
  76. #define BSIZE (8*1024)
  77. static int set_hex(char *in, unsigned char *out, int size);
  78. static void show_ciphers(const OBJ_NAME *name, void *bio_);
  79. typedef enum OPTION_choice {
  80. OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
  81. OPT_E, OPT_IN, OPT_OUT, OPT_PASS, OPT_ENGINE, OPT_D, OPT_P, OPT_V,
  82. OPT_NOPAD, OPT_SALT, OPT_NOSALT, OPT_DEBUG, OPT_UPPER_P, OPT_UPPER_A,
  83. OPT_A, OPT_Z, OPT_BUFSIZE, OPT_K, OPT_KFILE, OPT_UPPER_K, OPT_NONE,
  84. OPT_UPPER_S, OPT_IV, OPT_MD, OPT_CIPHER
  85. } OPTION_CHOICE;
  86. OPTIONS enc_options[] = {
  87. {"help", OPT_HELP, '-', "Display this summary"},
  88. {"in", OPT_IN, '<', "Input file"},
  89. {"out", OPT_OUT, '>', "Output file"},
  90. {"pass", OPT_PASS, 's', "Passphrase source"},
  91. {"e", OPT_E, '-', "Encrypt"},
  92. {"d", OPT_D, '-', "Decrypt"},
  93. {"p", OPT_P, '-', "Print the iv/key"},
  94. {"P", OPT_UPPER_P, '-', "Print the iv/key and exit"},
  95. {"v", OPT_V, '-'},
  96. {"nopad", OPT_NOPAD, '-', "Disable standard block padding"},
  97. {"salt", OPT_SALT, '-'},
  98. {"nosalt", OPT_NOSALT, '-'},
  99. {"debug", OPT_DEBUG, '-'},
  100. {"A", OPT_UPPER_A, '-'},
  101. {"a", OPT_A, '-', "base64 encode/decode, depending on encryption flag"},
  102. {"base64", OPT_A, '-', "Base64 output as a single line"},
  103. {"bufsize", OPT_BUFSIZE, 's', "Buffer size"},
  104. {"k", OPT_K, 's', "Passphrase"},
  105. {"kfile", OPT_KFILE, '<', "Fead passphrase from file"},
  106. {"K", OPT_UPPER_K, 's', "Raw key, in hex"},
  107. {"S", OPT_UPPER_S, 's', "Salt, in hex"},
  108. {"iv", OPT_IV, 's', "IV in hex"},
  109. {"md", OPT_MD, 's', "Use specified digest to create key from passphrase"},
  110. {"none", OPT_NONE, '-', "Don't encrypt"},
  111. {"", OPT_CIPHER, '-', "Any supported cipher"},
  112. #ifdef ZLIB
  113. {"z", OPT_Z, '-', "Use zlib as the 'encryption'"},
  114. #endif
  115. #ifndef OPENSSL_NO_ENGINE
  116. {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
  117. #endif
  118. {NULL}
  119. };
  120. int enc_main(int argc, char **argv)
  121. {
  122. static char buf[128];
  123. static const char magic[] = "Salted__";
  124. BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio =
  125. NULL, *wbio = NULL;
  126. EVP_CIPHER_CTX *ctx = NULL;
  127. const EVP_CIPHER *cipher = NULL, *c;
  128. const EVP_MD *dgst = NULL;
  129. char *hkey = NULL, *hiv = NULL, *hsalt = NULL, *p;
  130. char *infile = NULL, *outfile = NULL, *prog;
  131. char *str = NULL, *passarg = NULL, *pass = NULL, *strbuf = NULL;
  132. char mbuf[sizeof magic - 1];
  133. OPTION_CHOICE o;
  134. int bsize = BSIZE, verbose = 0, debug = 0, olb64 = 0, nosalt = 0;
  135. int enc = 1, printkey = 0, i, k;
  136. int base64 = 0, informat = FORMAT_BINARY, outformat = FORMAT_BINARY;
  137. int ret = 1, inl, nopad = 0;
  138. unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH];
  139. unsigned char *buff = NULL, salt[PKCS5_SALT_LEN];
  140. long n;
  141. #ifdef ZLIB
  142. int do_zlib = 0;
  143. BIO *bzl = NULL;
  144. #endif
  145. /* first check the program name */
  146. prog = opt_progname(argv[0]);
  147. if (strcmp(prog, "base64") == 0)
  148. base64 = 1;
  149. #ifdef ZLIB
  150. else if (strcmp(prog, "zlib") == 0)
  151. do_zlib = 1;
  152. #endif
  153. else {
  154. cipher = EVP_get_cipherbyname(prog);
  155. if (cipher == NULL && strcmp(prog, "enc") != 0) {
  156. BIO_printf(bio_err, "%s is not a known cipher\n", prog);
  157. goto end;
  158. }
  159. }
  160. prog = opt_init(argc, argv, enc_options);
  161. while ((o = opt_next()) != OPT_EOF) {
  162. switch (o) {
  163. case OPT_EOF:
  164. case OPT_ERR:
  165. opthelp:
  166. BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
  167. goto end;
  168. case OPT_HELP:
  169. opt_help(enc_options);
  170. ret = 0;
  171. BIO_printf(bio_err, "Cipher Types\n");
  172. OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
  173. show_ciphers, bio_err);
  174. BIO_printf(bio_err, "\n");
  175. goto end;
  176. case OPT_E:
  177. enc = 1;
  178. break;
  179. case OPT_IN:
  180. infile = opt_arg();
  181. break;
  182. case OPT_OUT:
  183. outfile = opt_arg();
  184. break;
  185. case OPT_PASS:
  186. passarg = opt_arg();
  187. break;
  188. case OPT_ENGINE:
  189. (void)setup_engine(opt_arg(), 0);
  190. break;
  191. case OPT_D:
  192. enc = 0;
  193. break;
  194. case OPT_P:
  195. printkey = 1;
  196. break;
  197. case OPT_V:
  198. verbose = 1;
  199. break;
  200. case OPT_NOPAD:
  201. nopad = 1;
  202. break;
  203. case OPT_SALT:
  204. nosalt = 0;
  205. break;
  206. case OPT_NOSALT:
  207. nosalt = 1;
  208. break;
  209. case OPT_DEBUG:
  210. debug = 1;
  211. break;
  212. case OPT_UPPER_P:
  213. printkey = 2;
  214. break;
  215. case OPT_UPPER_A:
  216. olb64 = 1;
  217. break;
  218. case OPT_A:
  219. base64 = 1;
  220. break;
  221. case OPT_Z:
  222. #ifdef ZLIB
  223. do_zlib = 1;
  224. #endif
  225. break;
  226. case OPT_BUFSIZE:
  227. p = opt_arg();
  228. i = (int)strlen(p) - 1;
  229. k = i >= 1 && p[i] == 'k';
  230. if (k)
  231. p[i] = '\0';
  232. if (!opt_long(opt_arg(), &n)
  233. || n < 0 || (k && n >= LONG_MAX / 1024))
  234. goto opthelp;
  235. if (k)
  236. n *= 1024;
  237. bsize = (int)n;
  238. break;
  239. case OPT_K:
  240. str = opt_arg();
  241. break;
  242. case OPT_KFILE:
  243. in = bio_open_default(opt_arg(), 'r', FORMAT_TEXT);
  244. if (in == NULL)
  245. goto opthelp;
  246. i = BIO_gets(in, buf, sizeof buf);
  247. BIO_free(in);
  248. in = NULL;
  249. if (i <= 0) {
  250. BIO_printf(bio_err,
  251. "%s Can't read key from %s\n", prog, opt_arg());
  252. goto opthelp;
  253. }
  254. while (--i > 0 && (buf[i] == '\r' || buf[i] == '\n'))
  255. buf[i] = '\0';
  256. if (i <= 0) {
  257. BIO_printf(bio_err, "%s: zero length password\n", prog);
  258. goto opthelp;
  259. }
  260. str = buf;
  261. break;
  262. case OPT_UPPER_K:
  263. hkey = opt_arg();
  264. break;
  265. case OPT_UPPER_S:
  266. hsalt = opt_arg();
  267. break;
  268. case OPT_IV:
  269. hiv = opt_arg();
  270. break;
  271. case OPT_MD:
  272. if (!opt_md(opt_arg(), &dgst))
  273. goto opthelp;
  274. break;
  275. case OPT_CIPHER:
  276. if (!opt_cipher(opt_unknown(), &c))
  277. goto opthelp;
  278. cipher = c;
  279. break;
  280. case OPT_NONE:
  281. cipher = NULL;
  282. break;
  283. }
  284. }
  285. argc = opt_num_rest();
  286. argv = opt_rest();
  287. if (cipher && EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) {
  288. BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog);
  289. goto end;
  290. }
  291. if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)) {
  292. BIO_printf(bio_err, "%s XTS ciphers not supported\n", prog);
  293. goto end;
  294. }
  295. if (dgst == NULL)
  296. dgst = EVP_sha256();
  297. /* It must be large enough for a base64 encoded line */
  298. if (base64 && bsize < 80)
  299. bsize = 80;
  300. if (verbose)
  301. BIO_printf(bio_err, "bufsize=%d\n", bsize);
  302. if (base64) {
  303. if (enc)
  304. outformat = FORMAT_BASE64;
  305. else
  306. informat = FORMAT_BASE64;
  307. }
  308. strbuf = app_malloc(SIZE, "strbuf");
  309. buff = app_malloc(EVP_ENCODE_LENGTH(bsize), "evp buffer");
  310. if (debug) {
  311. BIO_set_callback(in, BIO_debug_callback);
  312. BIO_set_callback(out, BIO_debug_callback);
  313. BIO_set_callback_arg(in, (char *)bio_err);
  314. BIO_set_callback_arg(out, (char *)bio_err);
  315. }
  316. if (infile == NULL) {
  317. unbuffer(stdin);
  318. in = dup_bio_in(informat);
  319. } else
  320. in = bio_open_default(infile, 'r', informat);
  321. if (in == NULL)
  322. goto end;
  323. if (!str && passarg) {
  324. if (!app_passwd(passarg, NULL, &pass, NULL)) {
  325. BIO_printf(bio_err, "Error getting password\n");
  326. goto end;
  327. }
  328. str = pass;
  329. }
  330. if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) {
  331. for (;;) {
  332. char prompt[200];
  333. BIO_snprintf(prompt, sizeof prompt, "enter %s %s password:",
  334. OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
  335. (enc) ? "encryption" : "decryption");
  336. strbuf[0] = '\0';
  337. i = EVP_read_pw_string((char *)strbuf, SIZE, prompt, enc);
  338. if (i == 0) {
  339. if (strbuf[0] == '\0') {
  340. ret = 1;
  341. goto end;
  342. }
  343. str = strbuf;
  344. break;
  345. }
  346. if (i < 0) {
  347. BIO_printf(bio_err, "bad password read\n");
  348. goto end;
  349. }
  350. }
  351. }
  352. out = bio_open_default(outfile, 'w', outformat);
  353. if (out == NULL)
  354. goto end;
  355. rbio = in;
  356. wbio = out;
  357. #ifdef ZLIB
  358. if (do_zlib) {
  359. if ((bzl = BIO_new(BIO_f_zlib())) == NULL)
  360. goto end;
  361. if (enc)
  362. wbio = BIO_push(bzl, wbio);
  363. else
  364. rbio = BIO_push(bzl, rbio);
  365. }
  366. #endif
  367. if (base64) {
  368. if ((b64 = BIO_new(BIO_f_base64())) == NULL)
  369. goto end;
  370. if (debug) {
  371. BIO_set_callback(b64, BIO_debug_callback);
  372. BIO_set_callback_arg(b64, (char *)bio_err);
  373. }
  374. if (olb64)
  375. BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
  376. if (enc)
  377. wbio = BIO_push(b64, wbio);
  378. else
  379. rbio = BIO_push(b64, rbio);
  380. }
  381. if (cipher != NULL) {
  382. /*
  383. * Note that str is NULL if a key was passed on the command line, so
  384. * we get no salt in that case. Is this a bug?
  385. */
  386. if (str != NULL) {
  387. /*
  388. * Salt handling: if encrypting generate a salt and write to
  389. * output BIO. If decrypting read salt from input BIO.
  390. */
  391. unsigned char *sptr;
  392. if (nosalt)
  393. sptr = NULL;
  394. else {
  395. if (enc) {
  396. if (hsalt) {
  397. if (!set_hex(hsalt, salt, sizeof salt)) {
  398. BIO_printf(bio_err, "invalid hex salt value\n");
  399. goto end;
  400. }
  401. } else if (RAND_bytes(salt, sizeof salt) <= 0)
  402. goto end;
  403. /*
  404. * If -P option then don't bother writing
  405. */
  406. if ((printkey != 2)
  407. && (BIO_write(wbio, magic,
  408. sizeof magic - 1) != sizeof magic - 1
  409. || BIO_write(wbio,
  410. (char *)salt,
  411. sizeof salt) != sizeof salt)) {
  412. BIO_printf(bio_err, "error writing output file\n");
  413. goto end;
  414. }
  415. } else if (BIO_read(rbio, mbuf, sizeof mbuf) != sizeof mbuf
  416. || BIO_read(rbio,
  417. (unsigned char *)salt,
  418. sizeof salt) != sizeof salt) {
  419. BIO_printf(bio_err, "error reading input file\n");
  420. goto end;
  421. } else if (memcmp(mbuf, magic, sizeof magic - 1)) {
  422. BIO_printf(bio_err, "bad magic number\n");
  423. goto end;
  424. }
  425. sptr = salt;
  426. }
  427. if (!EVP_BytesToKey(cipher, dgst, sptr,
  428. (unsigned char *)str,
  429. strlen(str), 1, key, iv)) {
  430. BIO_printf(bio_err, "EVP_BytesToKey failed\n");
  431. goto end;
  432. }
  433. /*
  434. * zero the complete buffer or the string passed from the command
  435. * line bug picked up by Larry J. Hughes Jr. <hughes@indiana.edu>
  436. */
  437. if (str == strbuf)
  438. OPENSSL_cleanse(str, SIZE);
  439. else
  440. OPENSSL_cleanse(str, strlen(str));
  441. }
  442. if (hiv != NULL) {
  443. int siz = EVP_CIPHER_iv_length(cipher);
  444. if (siz == 0) {
  445. BIO_printf(bio_err, "warning: iv not use by this cipher\n");
  446. } else if (!set_hex(hiv, iv, sizeof iv)) {
  447. BIO_printf(bio_err, "invalid hex iv value\n");
  448. goto end;
  449. }
  450. }
  451. if ((hiv == NULL) && (str == NULL)
  452. && EVP_CIPHER_iv_length(cipher) != 0) {
  453. /*
  454. * No IV was explicitly set and no IV was generated during
  455. * EVP_BytesToKey. Hence the IV is undefined, making correct
  456. * decryption impossible.
  457. */
  458. BIO_printf(bio_err, "iv undefined\n");
  459. goto end;
  460. }
  461. if ((hkey != NULL) && !set_hex(hkey, key, EVP_CIPHER_key_length(cipher))) {
  462. BIO_printf(bio_err, "invalid hex key value\n");
  463. goto end;
  464. }
  465. if ((benc = BIO_new(BIO_f_cipher())) == NULL)
  466. goto end;
  467. /*
  468. * Since we may be changing parameters work on the encryption context
  469. * rather than calling BIO_set_cipher().
  470. */
  471. BIO_get_cipher_ctx(benc, &ctx);
  472. if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc)) {
  473. BIO_printf(bio_err, "Error setting cipher %s\n",
  474. EVP_CIPHER_name(cipher));
  475. ERR_print_errors(bio_err);
  476. goto end;
  477. }
  478. if (nopad)
  479. EVP_CIPHER_CTX_set_padding(ctx, 0);
  480. if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc)) {
  481. BIO_printf(bio_err, "Error setting cipher %s\n",
  482. EVP_CIPHER_name(cipher));
  483. ERR_print_errors(bio_err);
  484. goto end;
  485. }
  486. if (debug) {
  487. BIO_set_callback(benc, BIO_debug_callback);
  488. BIO_set_callback_arg(benc, (char *)bio_err);
  489. }
  490. if (printkey) {
  491. if (!nosalt) {
  492. printf("salt=");
  493. for (i = 0; i < (int)sizeof(salt); i++)
  494. printf("%02X", salt[i]);
  495. printf("\n");
  496. }
  497. if (EVP_CIPHER_key_length(cipher) > 0) {
  498. printf("key=");
  499. for (i = 0; i < EVP_CIPHER_key_length(cipher); i++)
  500. printf("%02X", key[i]);
  501. printf("\n");
  502. }
  503. if (EVP_CIPHER_iv_length(cipher) > 0) {
  504. printf("iv =");
  505. for (i = 0; i < EVP_CIPHER_iv_length(cipher); i++)
  506. printf("%02X", iv[i]);
  507. printf("\n");
  508. }
  509. if (printkey == 2) {
  510. ret = 0;
  511. goto end;
  512. }
  513. }
  514. }
  515. /* Only encrypt/decrypt as we write the file */
  516. if (benc != NULL)
  517. wbio = BIO_push(benc, wbio);
  518. for (;;) {
  519. inl = BIO_read(rbio, (char *)buff, bsize);
  520. if (inl <= 0)
  521. break;
  522. if (BIO_write(wbio, (char *)buff, inl) != inl) {
  523. BIO_printf(bio_err, "error writing output file\n");
  524. goto end;
  525. }
  526. }
  527. if (!BIO_flush(wbio)) {
  528. BIO_printf(bio_err, "bad decrypt\n");
  529. goto end;
  530. }
  531. ret = 0;
  532. if (verbose) {
  533. BIO_printf(bio_err, "bytes read :%8"PRIu64"\n", BIO_number_read(in));
  534. BIO_printf(bio_err, "bytes written:%8"PRIu64"\n", BIO_number_written(out));
  535. }
  536. end:
  537. ERR_print_errors(bio_err);
  538. OPENSSL_free(strbuf);
  539. OPENSSL_free(buff);
  540. BIO_free(in);
  541. BIO_free_all(out);
  542. BIO_free(benc);
  543. BIO_free(b64);
  544. #ifdef ZLIB
  545. BIO_free(bzl);
  546. #endif
  547. OPENSSL_free(pass);
  548. return (ret);
  549. }
  550. static void show_ciphers(const OBJ_NAME *name, void *bio_)
  551. {
  552. BIO *bio = bio_;
  553. static int n;
  554. if (!islower((unsigned char)*name->name))
  555. return;
  556. BIO_printf(bio, "-%-25s", name->name);
  557. if (++n == 3) {
  558. BIO_printf(bio, "\n");
  559. n = 0;
  560. } else
  561. BIO_printf(bio, " ");
  562. }
  563. static int set_hex(char *in, unsigned char *out, int size)
  564. {
  565. int i, n;
  566. unsigned char j;
  567. n = strlen(in);
  568. if (n > (size * 2)) {
  569. BIO_printf(bio_err, "hex string is too long\n");
  570. return (0);
  571. }
  572. memset(out, 0, size);
  573. for (i = 0; i < n; i++) {
  574. j = (unsigned char)*in;
  575. *(in++) = '\0';
  576. if (j == 0)
  577. break;
  578. if (!isxdigit(j)) {
  579. BIO_printf(bio_err, "non-hex digit\n");
  580. return (0);
  581. }
  582. j = (unsigned char)app_hex(j);
  583. if (i & 1)
  584. out[i / 2] |= j;
  585. else
  586. out[i / 2] = (j << 4);
  587. }
  588. return (1);
  589. }