1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/ossrv/ssl/tsrc/topenssl/src/enc.c Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,686 @@
1.4 +/* apps/enc.c */
1.5 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
1.6 + * All rights reserved.
1.7 + *
1.8 + * This package is an SSL implementation written
1.9 + * by Eric Young (eay@cryptsoft.com).
1.10 + * The implementation was written so as to conform with Netscapes SSL.
1.11 + *
1.12 + * This library is free for commercial and non-commercial use as long as
1.13 + * the following conditions are aheared to. The following conditions
1.14 + * apply to all code found in this distribution, be it the RC4, RSA,
1.15 + * lhash, DES, etc., code; not just the SSL code. The SSL documentation
1.16 + * included with this distribution is covered by the same copyright terms
1.17 + * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1.18 + *
1.19 + * Copyright remains Eric Young's, and as such any Copyright notices in
1.20 + * the code are not to be removed.
1.21 + * If this package is used in a product, Eric Young should be given attribution
1.22 + * as the author of the parts of the library used.
1.23 + * This can be in the form of a textual message at program startup or
1.24 + * in documentation (online or textual) provided with the package.
1.25 + *
1.26 + * Redistribution and use in source and binary forms, with or without
1.27 + * modification, are permitted provided that the following conditions
1.28 + * are met:
1.29 + * 1. Redistributions of source code must retain the copyright
1.30 + * notice, this list of conditions and the following disclaimer.
1.31 + * 2. Redistributions in binary form must reproduce the above copyright
1.32 + * notice, this list of conditions and the following disclaimer in the
1.33 + * documentation and/or other materials provided with the distribution.
1.34 + * 3. All advertising materials mentioning features or use of this software
1.35 + * must display the following acknowledgement:
1.36 + * "This product includes cryptographic software written by
1.37 + * Eric Young (eay@cryptsoft.com)"
1.38 + * The word 'cryptographic' can be left out if the rouines from the library
1.39 + * being used are not cryptographic related :-).
1.40 + * 4. If you include any Windows specific code (or a derivative thereof) from
1.41 + * the apps directory (application code) you must include an acknowledgement:
1.42 + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
1.43 + *
1.44 + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
1.45 + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1.46 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1.47 + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1.48 + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1.49 + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1.50 + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.51 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1.52 + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1.53 + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.54 + * SUCH DAMAGE.
1.55 + *
1.56 + * The licence and distribution terms for any publically available version or
1.57 + * derivative of this code cannot be changed. i.e. this code cannot simply be
1.58 + * copied and put under another distribution licence
1.59 + * [including the GNU Public Licence.]
1.60 + */
1.61 +
1.62 +#include <stdio.h>
1.63 +#include <stdlib.h>
1.64 +#include <string.h>
1.65 +#include "apps.h"
1.66 +#include <openssl/bio.h>
1.67 +#include <openssl/err.h>
1.68 +#include <openssl/evp.h>
1.69 +#include <openssl/objects.h>
1.70 +#include <openssl/x509.h>
1.71 +#include <openssl/rand.h>
1.72 +#include <openssl/pem.h>
1.73 +#include <ctype.h>
1.74 +
1.75 +int set_hex(char *in,unsigned char *out,int size);
1.76 +#undef SIZE
1.77 +#undef BSIZE
1.78 +#undef PROG
1.79 +
1.80 +#define SIZE (512)
1.81 +#define BSIZE (8*1024)
1.82 +#define PROG enc_main
1.83 +
1.84 +
1.85 +
1.86 +static void show_ciphers(const OBJ_NAME *name,void *bio_)
1.87 + {
1.88 + BIO *bio=bio_;
1.89 + static int n;
1.90 +
1.91 + if(!islower((unsigned char)*name->name))
1.92 + return;
1.93 +
1.94 + BIO_printf(bio,"-%-25s",name->name);
1.95 + if(++n == 3)
1.96 + {
1.97 + BIO_printf(bio,"\n");
1.98 + n=0;
1.99 + }
1.100 + else
1.101 + BIO_printf(bio," ");
1.102 + }
1.103 +
1.104 +int MAIN(int, char **);
1.105 +
1.106 +int MAIN(int argc, char **argv)
1.107 + {
1.108 +#ifndef OPENSSL_NO_ENGINE
1.109 + ENGINE *e = NULL;
1.110 +#endif
1.111 + static const char magic[]="Salted__";
1.112 + char mbuf[sizeof magic-1];
1.113 + char *strbuf=NULL;
1.114 + unsigned char *buff=NULL,*bufsize=NULL;
1.115 + int bsize=BSIZE,verbose=0;
1.116 + int ret=1,inl;
1.117 + int nopad = 0;
1.118 + unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH];
1.119 + unsigned char salt[PKCS5_SALT_LEN];
1.120 + char *str=NULL, *passarg = NULL, *pass = NULL;
1.121 + char *hkey=NULL,*hiv=NULL,*hsalt = NULL;
1.122 + char *md=NULL;
1.123 + int enc=1,printkey=0,i,base64=0;
1.124 + int debug=0,olb64=0,nosalt=0;
1.125 + const EVP_CIPHER *cipher=NULL,*c;
1.126 + EVP_CIPHER_CTX *ctx = NULL;
1.127 + char *inf=NULL,*outf=NULL;
1.128 + BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
1.129 +#define PROG_NAME_SIZE 39
1.130 + char pname[PROG_NAME_SIZE+1];
1.131 +#ifndef OPENSSL_NO_ENGINE
1.132 + char *engine = NULL;
1.133 +#endif
1.134 + const EVP_MD *dgst=NULL;
1.135 +
1.136 + apps_startup();
1.137 +
1.138 + if (bio_err == NULL)
1.139 + if ((bio_err=BIO_new(BIO_s_file())) != NULL)
1.140 + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
1.141 +
1.142 +
1.143 + if (!load_config(bio_err, NULL))
1.144 + goto end;
1.145 +
1.146 + /* first check the program name */
1.147 + program_name(argv[0],pname,sizeof pname);
1.148 + if (strcmp(pname,"base64") == 0)
1.149 + base64=1;
1.150 +
1.151 + cipher=EVP_get_cipherbyname(pname);
1.152 + if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0))
1.153 + {
1.154 + BIO_printf(bio_err,"%s is an unknown cipher\n",pname);
1.155 + goto bad;
1.156 + }
1.157 +
1.158 + argc--;
1.159 + argv++;
1.160 + while (argc >= 1)
1.161 + {
1.162 + if (strcmp(*argv,"-e") == 0)
1.163 + enc=1;
1.164 + else if (strcmp(*argv,"-in") == 0)
1.165 + {
1.166 + if (--argc < 1) goto bad;
1.167 + inf= *(++argv);
1.168 + }
1.169 + else if (strcmp(*argv,"-out") == 0)
1.170 + {
1.171 + if (--argc < 1) goto bad;
1.172 + outf= *(++argv);
1.173 + }
1.174 + else if (strcmp(*argv,"-pass") == 0)
1.175 + {
1.176 + if (--argc < 1) goto bad;
1.177 + passarg= *(++argv);
1.178 + }
1.179 +#ifndef OPENSSL_NO_ENGINE
1.180 + else if (strcmp(*argv,"-engine") == 0)
1.181 + {
1.182 + if (--argc < 1) goto bad;
1.183 + engine= *(++argv);
1.184 + }
1.185 +#endif
1.186 + else if (strcmp(*argv,"-d") == 0)
1.187 + enc=0;
1.188 + else if (strcmp(*argv,"-p") == 0)
1.189 + printkey=1;
1.190 + else if (strcmp(*argv,"-v") == 0)
1.191 + verbose=1;
1.192 + else if (strcmp(*argv,"-nopad") == 0)
1.193 + nopad=1;
1.194 + else if (strcmp(*argv,"-salt") == 0)
1.195 + nosalt=0;
1.196 + else if (strcmp(*argv,"-nosalt") == 0)
1.197 + nosalt=1;
1.198 + else if (strcmp(*argv,"-debug") == 0)
1.199 + debug=1;
1.200 + else if (strcmp(*argv,"-P") == 0)
1.201 + printkey=2;
1.202 + else if (strcmp(*argv,"-A") == 0)
1.203 + olb64=1;
1.204 + else if (strcmp(*argv,"-a") == 0)
1.205 + base64=1;
1.206 + else if (strcmp(*argv,"-base64") == 0)
1.207 + base64=1;
1.208 + else if (strcmp(*argv,"-bufsize") == 0)
1.209 + {
1.210 + if (--argc < 1) goto bad;
1.211 + bufsize=(unsigned char *)*(++argv);
1.212 + }
1.213 + else if (strcmp(*argv,"-k") == 0)
1.214 + {
1.215 + if (--argc < 1) goto bad;
1.216 + str= *(++argv);
1.217 + }
1.218 + else if (strcmp(*argv,"-kfile") == 0)
1.219 + {
1.220 + static char buf[128];
1.221 + FILE *infile;
1.222 + char *file;
1.223 +
1.224 + if (--argc < 1) goto bad;
1.225 + file= *(++argv);
1.226 + infile=fopen(file,"r");
1.227 + if (infile == NULL)
1.228 + {
1.229 + BIO_printf(bio_err,"unable to read key from '%s'\n",
1.230 + file);
1.231 + goto bad;
1.232 + }
1.233 + buf[0]='\0';
1.234 + fgets(buf,sizeof buf,infile);
1.235 + fclose(infile);
1.236 + i=strlen(buf);
1.237 + if ((i > 0) &&
1.238 + ((buf[i-1] == '\n') || (buf[i-1] == '\r')))
1.239 + buf[--i]='\0';
1.240 + if ((i > 0) &&
1.241 + ((buf[i-1] == '\n') || (buf[i-1] == '\r')))
1.242 + buf[--i]='\0';
1.243 + if (i < 1)
1.244 + {
1.245 + BIO_printf(bio_err,"zero length password\n");
1.246 + goto bad;
1.247 + }
1.248 + str=buf;
1.249 + }
1.250 + else if (strcmp(*argv,"-K") == 0)
1.251 + {
1.252 + if (--argc < 1) goto bad;
1.253 + hkey= *(++argv);
1.254 + }
1.255 + else if (strcmp(*argv,"-S") == 0)
1.256 + {
1.257 + if (--argc < 1) goto bad;
1.258 + hsalt= *(++argv);
1.259 + }
1.260 + else if (strcmp(*argv,"-iv") == 0)
1.261 + {
1.262 + if (--argc < 1) goto bad;
1.263 + hiv= *(++argv);
1.264 + }
1.265 + else if (strcmp(*argv,"-md") == 0)
1.266 + {
1.267 + if (--argc < 1) goto bad;
1.268 + md= *(++argv);
1.269 + }
1.270 + else if ((argv[0][0] == '-') &&
1.271 + ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
1.272 + {
1.273 + cipher=c;
1.274 + }
1.275 + else if (strcmp(*argv,"-none") == 0)
1.276 + cipher=NULL;
1.277 + else
1.278 + {
1.279 + BIO_printf(bio_err,"unknown option '%s'\n",*argv);
1.280 +bad:
1.281 + BIO_printf(bio_err,"options are\n");
1.282 + BIO_printf(bio_err,"%-14s input file\n","-in <file>");
1.283 + BIO_printf(bio_err,"%-14s output file\n","-out <file>");
1.284 + BIO_printf(bio_err,"%-14s pass phrase source\n","-pass <arg>");
1.285 + BIO_printf(bio_err,"%-14s encrypt\n","-e");
1.286 + BIO_printf(bio_err,"%-14s decrypt\n","-d");
1.287 + BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64");
1.288 + BIO_printf(bio_err,"%-14s passphrase is the next argument\n","-k");
1.289 + BIO_printf(bio_err,"%-14s passphrase is the first line of the file argument\n","-kfile");
1.290 + BIO_printf(bio_err,"%-14s the next argument is the md to use to create a key\n","-md");
1.291 + BIO_printf(bio_err,"%-14s from a passphrase. One of md2, md5, sha or sha1\n","");
1.292 + BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
1.293 + BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
1.294 + BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
1.295 +#ifndef OPENSSL_NO_ENGINE
1.296 + BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");
1.297 +#endif
1.298 +
1.299 + BIO_printf(bio_err,"Cipher Types\n");
1.300 + OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
1.301 + show_ciphers,
1.302 + bio_err);
1.303 + BIO_printf(bio_err,"\n");
1.304 +
1.305 + goto end;
1.306 + }
1.307 + argc--;
1.308 + argv++;
1.309 + }
1.310 +
1.311 +#ifndef OPENSSL_NO_ENGINE
1.312 + e = setup_engine(bio_err, engine, 0);
1.313 +#endif
1.314 +
1.315 + if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
1.316 + {
1.317 + BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
1.318 + goto end;
1.319 + }
1.320 +
1.321 + if (dgst == NULL)
1.322 + {
1.323 + dgst = EVP_md5();
1.324 + }
1.325 +
1.326 + if (bufsize != NULL)
1.327 + {
1.328 + unsigned long n;
1.329 +
1.330 + for (n=0; *bufsize; bufsize++)
1.331 + {
1.332 + i= *bufsize;
1.333 + if ((i <= '9') && (i >= '0'))
1.334 + n=n*10+i-'0';
1.335 + else if (i == 'k')
1.336 + {
1.337 + n*=1024;
1.338 + bufsize++;
1.339 + break;
1.340 + }
1.341 + }
1.342 + if (*bufsize != '\0')
1.343 + {
1.344 + BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
1.345 + goto end;
1.346 + }
1.347 +
1.348 + /* It must be large enough for a base64 encoded line */
1.349 + if (base64 && n < 80) n=80;
1.350 +
1.351 + bsize=(int)n;
1.352 + if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
1.353 + }
1.354 +
1.355 + strbuf=OPENSSL_malloc(SIZE);
1.356 + buff=(unsigned char *)OPENSSL_malloc(EVP_ENCODE_LENGTH(bsize));
1.357 + if ((buff == NULL) || (strbuf == NULL))
1.358 + {
1.359 + BIO_printf(bio_err,"OPENSSL_malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize));
1.360 + goto end;
1.361 + }
1.362 +
1.363 + in=BIO_new(BIO_s_file());
1.364 + out=BIO_new(BIO_s_file());
1.365 + if ((in == NULL) || (out == NULL))
1.366 + {
1.367 + ERR_print_errors(bio_err);
1.368 + goto end;
1.369 + }
1.370 + if (debug)
1.371 + {
1.372 + BIO_set_callback(in,BIO_debug_callback);
1.373 + BIO_set_callback(out,BIO_debug_callback);
1.374 + BIO_set_callback_arg(in,(char *)bio_err);
1.375 + BIO_set_callback_arg(out,(char *)bio_err);
1.376 + }
1.377 +
1.378 + if (inf == NULL)
1.379 + {
1.380 + if (bufsize != NULL)
1.381 + setvbuf(stdin, (char *)NULL, _IONBF, 0);
1.382 + BIO_set_fp(in,stdin,BIO_NOCLOSE);
1.383 + }
1.384 + else
1.385 + {
1.386 + if (BIO_read_filename(in,inf) <= 0)
1.387 + {
1.388 + perror(inf);
1.389 + goto end;
1.390 + }
1.391 + }
1.392 +
1.393 + if(!str && passarg) {
1.394 + if(!app_passwd(bio_err, passarg, NULL, &pass, NULL)) {
1.395 + BIO_printf(bio_err, "Error getting password\n");
1.396 + goto end;
1.397 + }
1.398 + str = pass;
1.399 + }
1.400 +
1.401 + if ((str == NULL) && (cipher != NULL) && (hkey == NULL))
1.402 + {
1.403 + for (;;)
1.404 + {
1.405 + char buf[200];
1.406 +
1.407 + BIO_snprintf(buf,sizeof buf,"enter %s %s password:",
1.408 + OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
1.409 + (enc)?"encryption":"decryption");
1.410 + strbuf[0]='\0';
1.411 + i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
1.412 + if (i == 0)
1.413 + {
1.414 + if (strbuf[0] == '\0')
1.415 + {
1.416 + ret=1;
1.417 + goto end;
1.418 + }
1.419 + str=strbuf;
1.420 + break;
1.421 + }
1.422 + if (i < 0)
1.423 + {
1.424 + BIO_printf(bio_err,"bad password read\n");
1.425 + goto end;
1.426 + }
1.427 + }
1.428 + }
1.429 +
1.430 +
1.431 + if (outf == NULL)
1.432 + {
1.433 + BIO_set_fp(out,stdout,BIO_NOCLOSE);
1.434 + if (bufsize != NULL)
1.435 + setvbuf(stdout, (char *)NULL, _IONBF, 0);
1.436 +#ifdef OPENSSL_SYS_VMS
1.437 + {
1.438 + BIO *tmpbio = BIO_new(BIO_f_linebuffer());
1.439 + out = BIO_push(tmpbio, out);
1.440 + }
1.441 +#endif
1.442 + }
1.443 + else
1.444 + {
1.445 + if (BIO_write_filename(out,outf) <= 0)
1.446 + {
1.447 + perror(outf);
1.448 + goto end;
1.449 + }
1.450 + }
1.451 +
1.452 + rbio=in;
1.453 + wbio=out;
1.454 +
1.455 + if (base64)
1.456 + {
1.457 + if ((b64=BIO_new(BIO_f_base64())) == NULL)
1.458 + goto end;
1.459 + if (debug)
1.460 + {
1.461 + BIO_set_callback(b64,BIO_debug_callback);
1.462 + BIO_set_callback_arg(b64,(char *)bio_err);
1.463 + }
1.464 + if (olb64)
1.465 + BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL);
1.466 + if (enc)
1.467 + wbio=BIO_push(b64,wbio);
1.468 + else
1.469 + rbio=BIO_push(b64,rbio);
1.470 + }
1.471 +
1.472 + if (cipher != NULL)
1.473 + {
1.474 + /* Note that str is NULL if a key was passed on the command
1.475 + * line, so we get no salt in that case. Is this a bug?
1.476 + */
1.477 + if (str != NULL)
1.478 + {
1.479 + /* Salt handling: if encrypting generate a salt and
1.480 + * write to output BIO. If decrypting read salt from
1.481 + * input BIO.
1.482 + */
1.483 + unsigned char *sptr;
1.484 + if(nosalt) sptr = NULL;
1.485 + else {
1.486 + if(enc) {
1.487 + if(hsalt) {
1.488 + if(!set_hex(hsalt,salt,sizeof salt)) {
1.489 + BIO_printf(bio_err,
1.490 + "invalid hex salt value\n");
1.491 + goto end;
1.492 + }
1.493 + } else if (RAND_pseudo_bytes(salt, sizeof salt) < 0)
1.494 + goto end;
1.495 + /* If -P option then don't bother writing */
1.496 + if((printkey != 2)
1.497 + && (BIO_write(wbio,magic,
1.498 + sizeof magic-1) != sizeof magic-1
1.499 + || BIO_write(wbio,
1.500 + (char *)salt,
1.501 + sizeof salt) != sizeof salt)) {
1.502 + BIO_printf(bio_err,"error writing output file\n");
1.503 + goto end;
1.504 + }
1.505 + } else if(BIO_read(rbio,mbuf,sizeof mbuf) != sizeof mbuf
1.506 + || BIO_read(rbio,
1.507 + (unsigned char *)salt,
1.508 + sizeof salt) != sizeof salt) {
1.509 + BIO_printf(bio_err,"error reading input file\n");
1.510 + goto end;
1.511 + } else if(memcmp(mbuf,magic,sizeof magic-1)) {
1.512 + BIO_printf(bio_err,"bad magic number\n");
1.513 + goto end;
1.514 + }
1.515 +
1.516 + sptr = salt;
1.517 + }
1.518 +
1.519 + EVP_BytesToKey(cipher,dgst,sptr,
1.520 + (unsigned char *)str,
1.521 + strlen(str),1,key,iv);
1.522 + /* zero the complete buffer or the string
1.523 + * passed from the command line
1.524 + * bug picked up by
1.525 + * Larry J. Hughes Jr. <hughes@indiana.edu> */
1.526 + if (str == strbuf)
1.527 + OPENSSL_cleanse(str,SIZE);
1.528 + else
1.529 + OPENSSL_cleanse(str,strlen(str));
1.530 + }
1.531 + if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv))
1.532 + {
1.533 + BIO_printf(bio_err,"invalid hex iv value\n");
1.534 + goto end;
1.535 + }
1.536 + if ((hiv == NULL) && (str == NULL))
1.537 + {
1.538 + /* No IV was explicitly set and no IV was generated
1.539 + * during EVP_BytesToKey. Hence the IV is undefined,
1.540 + * making correct decryption impossible. */
1.541 + BIO_printf(bio_err, "iv undefined\n");
1.542 + goto end;
1.543 + }
1.544 + if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
1.545 + {
1.546 + BIO_printf(bio_err,"invalid hex key value\n");
1.547 + goto end;
1.548 + }
1.549 +
1.550 + if ((benc=BIO_new(BIO_f_cipher())) == NULL)
1.551 + goto end;
1.552 +
1.553 + /* Since we may be changing parameters work on the encryption
1.554 + * context rather than calling BIO_set_cipher().
1.555 + */
1.556 +
1.557 + BIO_get_cipher_ctx(benc, &ctx);
1.558 + if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, enc))
1.559 + {
1.560 + BIO_printf(bio_err, "Error setting cipher %s\n",
1.561 + EVP_CIPHER_name(cipher));
1.562 + ERR_print_errors(bio_err);
1.563 + goto end;
1.564 + }
1.565 +
1.566 + if (nopad)
1.567 + EVP_CIPHER_CTX_set_padding(ctx, 0);
1.568 +
1.569 + if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
1.570 + {
1.571 + BIO_printf(bio_err, "Error setting cipher %s\n",
1.572 + EVP_CIPHER_name(cipher));
1.573 + ERR_print_errors(bio_err);
1.574 + goto end;
1.575 + }
1.576 +
1.577 + if (debug)
1.578 + {
1.579 + BIO_set_callback(benc,BIO_debug_callback);
1.580 + BIO_set_callback_arg(benc,(char *)bio_err);
1.581 + }
1.582 +
1.583 + if (printkey)
1.584 + {
1.585 + if (!nosalt)
1.586 + {
1.587 + printf("salt=");
1.588 + for (i=0; i<(int)sizeof(salt); i++)
1.589 + printf("%02X",salt[i]);
1.590 + printf("\n");
1.591 + }
1.592 + if (cipher->key_len > 0)
1.593 + {
1.594 + printf("key=");
1.595 + for (i=0; i<cipher->key_len; i++)
1.596 + printf("%02X",key[i]);
1.597 + printf("\n");
1.598 + }
1.599 + if (cipher->iv_len > 0)
1.600 + {
1.601 + printf("iv =");
1.602 + for (i=0; i<cipher->iv_len; i++)
1.603 + printf("%02X",iv[i]);
1.604 + printf("\n");
1.605 + }
1.606 + if (printkey == 2)
1.607 + {
1.608 + ret=0;
1.609 + goto end;
1.610 + }
1.611 +
1.612 +
1.613 + }
1.614 + }
1.615 +
1.616 + /* Only encrypt/decrypt as we write the file */
1.617 + if (benc != NULL)
1.618 + wbio=BIO_push(benc,wbio);
1.619 +
1.620 + for (;;)
1.621 + {
1.622 + inl=BIO_read(rbio,(char *)buff,bsize);
1.623 + if (inl <= 0) break;
1.624 + if (BIO_write(wbio,(char *)buff,inl) != inl)
1.625 + {
1.626 + BIO_printf(bio_err,"error writing output file\n");
1.627 + goto end;
1.628 + }
1.629 + }
1.630 + if (!BIO_flush(wbio))
1.631 + {
1.632 + BIO_printf(bio_err,"bad decrypt\n");
1.633 + goto end;
1.634 + }
1.635 +
1.636 + ret=0;
1.637 + if (verbose)
1.638 + {
1.639 + BIO_printf(bio_err,"bytes read :%8ld\n",BIO_number_read(in));
1.640 + BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
1.641 + }
1.642 +end:
1.643 + ERR_print_errors(bio_err);
1.644 + if (strbuf != NULL) OPENSSL_free(strbuf);
1.645 + if (buff != NULL) OPENSSL_free(buff);
1.646 + if (in != NULL) BIO_free(in);
1.647 + if (out != NULL) BIO_free_all(out);
1.648 + if (benc != NULL) BIO_free(benc);
1.649 + if (b64 != NULL) BIO_free(b64);
1.650 + if(pass) OPENSSL_free(pass);
1.651 + apps_shutdown();
1.652 + OPENSSL_EXIT(ret);
1.653 + }
1.654 +
1.655 +int set_hex(char *in, unsigned char *out, int size)
1.656 + {
1.657 + int i,n;
1.658 + unsigned char j;
1.659 +
1.660 + n=strlen(in);
1.661 + if (n > (size*2))
1.662 + {
1.663 + BIO_printf(bio_err,"hex string is too long\n");
1.664 + return(0);
1.665 + }
1.666 + memset(out,0,size);
1.667 + for (i=0; i<n; i++)
1.668 + {
1.669 + j=(unsigned char)*in;
1.670 + *(in++)='\0';
1.671 + if (j == 0) break;
1.672 + if ((j >= '0') && (j <= '9'))
1.673 + j-='0';
1.674 + else if ((j >= 'A') && (j <= 'F'))
1.675 + j=j-'A'+10;
1.676 + else if ((j >= 'a') && (j <= 'f'))
1.677 + j=j-'a'+10;
1.678 + else
1.679 + {
1.680 + BIO_printf(bio_err,"non-hex digit\n");
1.681 + return(0);
1.682 + }
1.683 + if (i&1)
1.684 + out[i/2]|=j;
1.685 + else
1.686 + out[i/2]=(j<<4);
1.687 + }
1.688 + return(1);
1.689 + }