1 /* 2 * Copyright 1995-2025 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the Apache License 2.0 (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include <stdlib.h> 12 #include <string.h> 13 #include <limits.h> 14 #include "apps.h" 15 #include "progs.h" 16 #include <openssl/bio.h> 17 #include <openssl/err.h> 18 #include <openssl/evp.h> 19 #include <openssl/objects.h> 20 #include <openssl/x509.h> 21 #include <openssl/rand.h> 22 #include <openssl/pem.h> 23 #ifndef OPENSSL_NO_COMP 24 #include <openssl/comp.h> 25 #endif 26 #include <ctype.h> 27 28 #undef SIZE 29 #undef BSIZE 30 #define SIZE (512) 31 #define BSIZE (8 * 1024) 32 33 #define PBKDF2_ITER_DEFAULT 10000 34 #define STR(a) XSTR(a) 35 #define XSTR(a) #a 36 37 static int set_hex(const char *in, unsigned char *out, int size); 38 static void show_ciphers(const OBJ_NAME *name, void *bio_); 39 40 struct doall_enc_ciphers { 41 BIO *bio; 42 int n; 43 }; 44 45 typedef enum OPTION_choice { 46 OPT_COMMON, 47 OPT_LIST, 48 OPT_E, 49 OPT_IN, 50 OPT_OUT, 51 OPT_PASS, 52 OPT_ENGINE, 53 OPT_D, 54 OPT_P, 55 OPT_V, 56 OPT_NOPAD, 57 OPT_SALT, 58 OPT_NOSALT, 59 OPT_DEBUG, 60 OPT_UPPER_P, 61 OPT_UPPER_A, 62 OPT_A, 63 OPT_Z, 64 OPT_BUFSIZE, 65 OPT_K, 66 OPT_KFILE, 67 OPT_UPPER_K, 68 OPT_NONE, 69 OPT_UPPER_S, 70 OPT_IV, 71 OPT_MD, 72 OPT_ITER, 73 OPT_PBKDF2, 74 OPT_CIPHER, 75 OPT_SALTLEN, 76 OPT_R_ENUM, 77 OPT_PROV_ENUM, 78 OPT_SKEYOPT, 79 OPT_SKEYMGMT 80 } OPTION_CHOICE; 81 82 const OPTIONS enc_options[] = { 83 OPT_SECTION("General"), 84 { "help", OPT_HELP, '-', "Display this summary" }, 85 { "list", OPT_LIST, '-', "List ciphers" }, 86 #ifndef OPENSSL_NO_DEPRECATED_3_0 87 { "ciphers", OPT_LIST, '-', "Alias for -list" }, 88 #endif 89 { "e", OPT_E, '-', "Encrypt" }, 90 { "d", OPT_D, '-', "Decrypt" }, 91 { "p", OPT_P, '-', "Print the iv/key" }, 92 { "P", OPT_UPPER_P, '-', "Print the iv/key and exit" }, 93 #ifndef OPENSSL_NO_ENGINE 94 { "engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device" }, 95 #endif 96 97 OPT_SECTION("Input"), 98 { "in", OPT_IN, '<', "Input file" }, 99 { "k", OPT_K, 's', "Passphrase" }, 100 { "kfile", OPT_KFILE, '<', "Read passphrase from file" }, 101 102 OPT_SECTION("Output"), 103 { "out", OPT_OUT, '>', "Output file" }, 104 { "pass", OPT_PASS, 's', "Passphrase source" }, 105 { "v", OPT_V, '-', "Verbose output" }, 106 { "a", OPT_A, '-', "Base64 encode/decode, depending on encryption flag" }, 107 { "base64", OPT_A, '-', "Same as option -a" }, 108 { "A", OPT_UPPER_A, '-', 109 "Used with -[base64|a] to specify base64 buffer as a single line" }, 110 111 OPT_SECTION("Encryption"), 112 { "nopad", OPT_NOPAD, '-', "Disable standard block padding" }, 113 { "salt", OPT_SALT, '-', "Use salt in the KDF (default)" }, 114 { "nosalt", OPT_NOSALT, '-', "Do not use salt in the KDF" }, 115 { "debug", OPT_DEBUG, '-', "Print debug info" }, 116 117 { "bufsize", OPT_BUFSIZE, 's', "Buffer size" }, 118 { "K", OPT_UPPER_K, 's', "Raw key, in hex" }, 119 { "S", OPT_UPPER_S, 's', "Salt, in hex" }, 120 { "iv", OPT_IV, 's', "IV in hex" }, 121 { "md", OPT_MD, 's', "Use specified digest to create a key from the passphrase" }, 122 { "iter", OPT_ITER, 'p', 123 "Specify the iteration count and force the use of PBKDF2" }, 124 { OPT_MORE_STR, 0, 0, "Default: " STR(PBKDF2_ITER_DEFAULT) }, 125 { "pbkdf2", OPT_PBKDF2, '-', 126 "Use password-based key derivation function 2 (PBKDF2)" }, 127 { OPT_MORE_STR, 0, 0, 128 "Use -iter to change the iteration count from " STR(PBKDF2_ITER_DEFAULT) }, 129 { "none", OPT_NONE, '-', "Don't encrypt" }, 130 { "saltlen", OPT_SALTLEN, 'p', "Specify the PBKDF2 salt length (in bytes)" }, 131 { OPT_MORE_STR, 0, 0, "Default: 16" }, 132 #ifndef OPENSSL_NO_ZLIB 133 { "z", OPT_Z, '-', "Compress or decompress encrypted data using zlib" }, 134 #endif 135 { "skeyopt", OPT_SKEYOPT, 's', "Key options as opt:value for opaque symmetric key handling" }, 136 { "skeymgmt", OPT_SKEYMGMT, 's', "Symmetric key management name for opaque symmetric key handling" }, 137 { "", OPT_CIPHER, '-', "Any supported cipher" }, 138 139 OPT_R_OPTIONS, 140 OPT_PROV_OPTIONS, 141 { NULL } 142 }; 143 144 int enc_main(int argc, char **argv) 145 { 146 static char buf[128]; 147 static const char magic[] = "Salted__"; 148 ENGINE *e = NULL; 149 BIO *in = NULL, *out = NULL, *b64 = NULL, *benc = NULL, *rbio = NULL, *wbio = NULL; 150 EVP_CIPHER_CTX *ctx = NULL; 151 EVP_CIPHER *cipher = NULL; 152 EVP_MD *dgst = NULL; 153 const char *digestname = NULL; 154 char *hkey = NULL, *hiv = NULL, *hsalt = NULL, *p; 155 char *infile = NULL, *outfile = NULL, *prog; 156 char *str = NULL, *passarg = NULL, *pass = NULL, *strbuf = NULL; 157 const char *ciphername = NULL; 158 char mbuf[sizeof(magic) - 1]; 159 OPTION_CHOICE o; 160 int bsize = BSIZE, verbose = 0, debug = 0, olb64 = 0, nosalt = 0; 161 int enc = 1, printkey = 0, i, k; 162 int base64 = 0, informat = FORMAT_BINARY, outformat = FORMAT_BINARY; 163 int ret = 1, inl, nopad = 0; 164 unsigned char key[EVP_MAX_KEY_LENGTH], iv[EVP_MAX_IV_LENGTH]; 165 int rawkey_set = 0; 166 unsigned char *buff = NULL, salt[EVP_MAX_IV_LENGTH]; 167 int saltlen = 0; 168 int pbkdf2 = 0; 169 int iter = 0; 170 long n; 171 int streamable = 1; 172 int wrap = 0; 173 struct doall_enc_ciphers dec; 174 #ifndef OPENSSL_NO_ZLIB 175 int do_zlib = 0; 176 BIO *bzl = NULL; 177 #endif 178 int do_brotli = 0; 179 BIO *bbrot = NULL; 180 int do_zstd = 0; 181 BIO *bzstd = NULL; 182 STACK_OF(OPENSSL_STRING) *skeyopts = NULL; 183 const char *skeymgmt = NULL; 184 EVP_SKEY *skey = NULL; 185 EVP_SKEYMGMT *mgmt = NULL; 186 187 /* first check the command name */ 188 if (strcmp(argv[0], "base64") == 0) 189 base64 = 1; 190 #ifndef OPENSSL_NO_ZLIB 191 else if (strcmp(argv[0], "zlib") == 0) 192 do_zlib = 1; 193 #endif 194 #ifndef OPENSSL_NO_BROTLI 195 else if (strcmp(argv[0], "brotli") == 0) 196 do_brotli = 1; 197 #endif 198 #ifndef OPENSSL_NO_ZSTD 199 else if (strcmp(argv[0], "zstd") == 0) 200 do_zstd = 1; 201 #endif 202 else if (strcmp(argv[0], "enc") != 0) 203 ciphername = argv[0]; 204 205 opt_set_unknown_name("cipher"); 206 prog = opt_init(argc, argv, enc_options); 207 while ((o = opt_next()) != OPT_EOF) { 208 switch (o) { 209 case OPT_EOF: 210 case OPT_ERR: 211 opthelp: 212 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); 213 goto end; 214 case OPT_HELP: 215 opt_help(enc_options); 216 ret = 0; 217 goto end; 218 case OPT_LIST: 219 BIO_printf(bio_out, "Supported ciphers:\n"); 220 dec.bio = bio_out; 221 dec.n = 0; 222 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, 223 show_ciphers, &dec); 224 BIO_printf(bio_out, "\n"); 225 ret = 0; 226 goto end; 227 case OPT_E: 228 enc = 1; 229 break; 230 case OPT_IN: 231 infile = opt_arg(); 232 break; 233 case OPT_OUT: 234 outfile = opt_arg(); 235 break; 236 case OPT_PASS: 237 passarg = opt_arg(); 238 break; 239 case OPT_ENGINE: 240 e = setup_engine(opt_arg(), 0); 241 break; 242 case OPT_D: 243 enc = 0; 244 break; 245 case OPT_P: 246 printkey = 1; 247 break; 248 case OPT_V: 249 verbose = 1; 250 break; 251 case OPT_NOPAD: 252 nopad = 1; 253 break; 254 case OPT_SALT: 255 nosalt = 0; 256 break; 257 case OPT_NOSALT: 258 nosalt = 1; 259 break; 260 case OPT_DEBUG: 261 debug = 1; 262 break; 263 case OPT_UPPER_P: 264 printkey = 2; 265 break; 266 case OPT_UPPER_A: 267 olb64 = 1; 268 break; 269 case OPT_A: 270 base64 = 1; 271 break; 272 case OPT_Z: 273 #ifndef OPENSSL_NO_ZLIB 274 do_zlib = 1; 275 #endif 276 break; 277 case OPT_BUFSIZE: 278 p = opt_arg(); 279 i = (int)strlen(p) - 1; 280 k = i >= 1 && p[i] == 'k'; 281 if (k) 282 p[i] = '\0'; 283 if (!opt_long(opt_arg(), &n) 284 || n < 0 || (k && n >= LONG_MAX / 1024)) 285 goto opthelp; 286 if (k) 287 n *= 1024; 288 if (n > INT_MAX) 289 goto opthelp; 290 bsize = (int)n; 291 break; 292 case OPT_K: 293 str = opt_arg(); 294 break; 295 case OPT_KFILE: 296 in = bio_open_default(opt_arg(), 'r', FORMAT_TEXT); 297 if (in == NULL) 298 goto opthelp; 299 i = BIO_gets(in, buf, sizeof(buf)); 300 BIO_free(in); 301 in = NULL; 302 if (i <= 0) { 303 BIO_printf(bio_err, 304 "%s Can't read key from %s\n", prog, opt_arg()); 305 goto opthelp; 306 } 307 while (--i > 0 && (buf[i] == '\r' || buf[i] == '\n')) 308 buf[i] = '\0'; 309 if (i <= 0) { 310 BIO_printf(bio_err, "%s: zero length password\n", prog); 311 goto opthelp; 312 } 313 str = buf; 314 break; 315 case OPT_UPPER_K: 316 hkey = opt_arg(); 317 break; 318 case OPT_UPPER_S: 319 hsalt = opt_arg(); 320 break; 321 case OPT_IV: 322 hiv = opt_arg(); 323 break; 324 case OPT_MD: 325 digestname = opt_arg(); 326 break; 327 case OPT_CIPHER: 328 ciphername = opt_unknown(); 329 break; 330 case OPT_ITER: 331 iter = opt_int_arg(); 332 pbkdf2 = 1; 333 break; 334 case OPT_SALTLEN: 335 if (!opt_int(opt_arg(), &saltlen)) 336 goto opthelp; 337 if (saltlen > (int)sizeof(salt)) 338 saltlen = (int)sizeof(salt); 339 break; 340 case OPT_PBKDF2: 341 pbkdf2 = 1; 342 if (iter == 0) /* do not overwrite a chosen value */ 343 iter = PBKDF2_ITER_DEFAULT; 344 break; 345 case OPT_NONE: 346 cipher = NULL; 347 break; 348 case OPT_SKEYOPT: 349 if ((skeyopts == NULL && (skeyopts = sk_OPENSSL_STRING_new_null()) == NULL) || sk_OPENSSL_STRING_push(skeyopts, opt_arg()) == 0) { 350 BIO_printf(bio_err, "%s: out of memory\n", prog); 351 goto end; 352 } 353 break; 354 case OPT_SKEYMGMT: 355 skeymgmt = opt_arg(); 356 break; 357 case OPT_R_CASES: 358 if (!opt_rand(o)) 359 goto end; 360 break; 361 case OPT_PROV_CASES: 362 if (!opt_provider(o)) 363 goto end; 364 break; 365 } 366 } 367 368 /* No extra arguments. */ 369 if (!opt_check_rest_arg(NULL)) 370 goto opthelp; 371 if (!app_RAND_load()) 372 goto end; 373 if (saltlen == 0 || pbkdf2 == 0) 374 saltlen = PKCS5_SALT_LEN; 375 376 /* Get the cipher name, either from progname (if set) or flag. */ 377 if (!opt_cipher(ciphername, &cipher)) 378 goto opthelp; 379 if (cipher && (EVP_CIPHER_mode(cipher) == EVP_CIPH_WRAP_MODE)) { 380 wrap = 1; 381 streamable = 0; 382 } 383 if (digestname != NULL) { 384 if (!opt_md(digestname, &dgst)) 385 goto opthelp; 386 } 387 if (dgst == NULL) 388 dgst = (EVP_MD *)EVP_sha256(); 389 390 if (iter == 0) 391 iter = 1; 392 393 /* It must be large enough for a base64 encoded line */ 394 if (base64 && bsize < 80) 395 bsize = 80; 396 if (verbose) 397 BIO_printf(bio_err, "bufsize=%d\n", bsize); 398 399 #ifndef OPENSSL_NO_ZLIB 400 if (do_zlib) 401 base64 = 0; 402 #endif 403 if (do_brotli) 404 base64 = 0; 405 if (do_zstd) 406 base64 = 0; 407 408 if (base64) { 409 if (enc) 410 outformat = FORMAT_BASE64; 411 else 412 informat = FORMAT_BASE64; 413 } 414 415 strbuf = app_malloc(SIZE, "strbuf"); 416 buff = app_malloc(EVP_ENCODE_LENGTH(bsize), "evp buffer"); 417 418 if (infile == NULL) { 419 if (!streamable && printkey != 2) { /* if just print key and exit, it's ok */ 420 BIO_printf(bio_err, "Unstreamable cipher mode\n"); 421 goto end; 422 } 423 in = dup_bio_in(informat); 424 } else { 425 in = bio_open_default(infile, 'r', informat); 426 } 427 if (in == NULL) 428 goto end; 429 430 if (str == NULL && passarg != NULL) { 431 if (!app_passwd(passarg, NULL, &pass, NULL)) { 432 BIO_printf(bio_err, "Error getting password\n"); 433 goto end; 434 } 435 str = pass; 436 } 437 438 if ((str == NULL) && (cipher != NULL) && (hkey == NULL) && (skeyopts == NULL)) { 439 if (1) { 440 #ifndef OPENSSL_NO_UI_CONSOLE 441 for (;;) { 442 char prompt[200]; 443 444 BIO_snprintf(prompt, sizeof(prompt), "enter %s %s password:", 445 EVP_CIPHER_get0_name(cipher), 446 (enc) ? "encryption" : "decryption"); 447 strbuf[0] = '\0'; 448 i = EVP_read_pw_string((char *)strbuf, SIZE, prompt, enc); 449 if (i == 0) { 450 if (strbuf[0] == '\0') { 451 ret = 1; 452 goto end; 453 } 454 str = strbuf; 455 break; 456 } 457 if (i < 0) { 458 BIO_printf(bio_err, "bad password read\n"); 459 goto end; 460 } 461 } 462 } else { 463 #endif 464 BIO_printf(bio_err, "password required\n"); 465 goto end; 466 } 467 } 468 469 out = bio_open_default(outfile, 'w', outformat); 470 if (out == NULL) 471 goto end; 472 473 if (debug) { 474 BIO_set_callback_ex(in, BIO_debug_callback_ex); 475 BIO_set_callback_ex(out, BIO_debug_callback_ex); 476 BIO_set_callback_arg(in, (char *)bio_err); 477 BIO_set_callback_arg(out, (char *)bio_err); 478 } 479 480 rbio = in; 481 wbio = out; 482 483 #ifndef OPENSSL_NO_COMP 484 #ifndef OPENSSL_NO_ZLIB 485 if (do_zlib) { 486 if ((bzl = BIO_new(BIO_f_zlib())) == NULL) 487 goto end; 488 if (debug) { 489 BIO_set_callback_ex(bzl, BIO_debug_callback_ex); 490 BIO_set_callback_arg(bzl, (char *)bio_err); 491 } 492 if (enc) 493 wbio = BIO_push(bzl, wbio); 494 else 495 rbio = BIO_push(bzl, rbio); 496 } 497 #endif 498 499 if (do_brotli) { 500 if ((bbrot = BIO_new(BIO_f_brotli())) == NULL) 501 goto end; 502 if (debug) { 503 BIO_set_callback_ex(bbrot, BIO_debug_callback_ex); 504 BIO_set_callback_arg(bbrot, (char *)bio_err); 505 } 506 if (enc) 507 wbio = BIO_push(bbrot, wbio); 508 else 509 rbio = BIO_push(bbrot, rbio); 510 } 511 512 if (do_zstd) { 513 if ((bzstd = BIO_new(BIO_f_zstd())) == NULL) 514 goto end; 515 if (debug) { 516 BIO_set_callback_ex(bzstd, BIO_debug_callback_ex); 517 BIO_set_callback_arg(bzstd, (char *)bio_err); 518 } 519 if (enc) 520 wbio = BIO_push(bzstd, wbio); 521 else 522 rbio = BIO_push(bzstd, rbio); 523 } 524 #endif 525 526 if (base64) { 527 if ((b64 = BIO_new(BIO_f_base64())) == NULL) 528 goto end; 529 if (debug) { 530 BIO_set_callback_ex(b64, BIO_debug_callback_ex); 531 BIO_set_callback_arg(b64, (char *)bio_err); 532 } 533 if (olb64) 534 BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL); 535 if (enc) 536 wbio = BIO_push(b64, wbio); 537 else 538 rbio = BIO_push(b64, rbio); 539 } 540 541 if (cipher != NULL) { 542 if (str != NULL) { /* a passphrase is available */ 543 /* 544 * Salt handling: if encrypting generate a salt if not supplied, 545 * and write to output BIO. If decrypting use salt from input BIO 546 * if not given with args 547 */ 548 unsigned char *sptr; 549 size_t str_len = strlen(str); 550 551 if (nosalt) { 552 sptr = NULL; 553 } else { 554 if (hsalt != NULL && !set_hex(hsalt, salt, saltlen)) { 555 BIO_printf(bio_err, "invalid hex salt value\n"); 556 goto end; 557 } 558 if (enc) { /* encryption */ 559 if (hsalt == NULL) { 560 if (RAND_bytes(salt, saltlen) <= 0) { 561 BIO_printf(bio_err, "RAND_bytes failed\n"); 562 goto end; 563 } 564 /* 565 * If -P option then don't bother writing. 566 * If salt is given, shouldn't either ? 567 */ 568 if ((printkey != 2) 569 && (BIO_write(wbio, magic, 570 sizeof(magic) - 1) 571 != sizeof(magic) - 1 572 || BIO_write(wbio, 573 (char *)salt, 574 saltlen) 575 != saltlen)) { 576 BIO_printf(bio_err, "error writing output file\n"); 577 goto end; 578 } 579 } 580 } else { /* decryption */ 581 if (hsalt == NULL) { 582 if (BIO_read(rbio, mbuf, sizeof(mbuf)) != sizeof(mbuf)) { 583 BIO_printf(bio_err, "error reading input file\n"); 584 goto end; 585 } 586 if (memcmp(mbuf, magic, sizeof(mbuf)) == 0) { /* file IS salted */ 587 if (BIO_read(rbio, salt, 588 saltlen) 589 != saltlen) { 590 BIO_printf(bio_err, "error reading input file\n"); 591 goto end; 592 } 593 } else { /* file is NOT salted, NO salt available */ 594 BIO_printf(bio_err, "bad magic number\n"); 595 goto end; 596 } 597 } 598 } 599 sptr = salt; 600 } 601 602 if (pbkdf2 == 1) { 603 /* 604 * derive key and default iv 605 * concatenated into a temporary buffer 606 */ 607 unsigned char tmpkeyiv[EVP_MAX_KEY_LENGTH + EVP_MAX_IV_LENGTH]; 608 int iklen = EVP_CIPHER_get_key_length(cipher); 609 int ivlen = EVP_CIPHER_get_iv_length(cipher); 610 /* not needed if HASH_UPDATE() is fixed : */ 611 int islen = (sptr != NULL ? saltlen : 0); 612 613 if (!PKCS5_PBKDF2_HMAC(str, str_len, sptr, islen, 614 iter, dgst, iklen + ivlen, tmpkeyiv)) { 615 BIO_printf(bio_err, "PKCS5_PBKDF2_HMAC failed\n"); 616 goto end; 617 } 618 /* split and move data back to global buffer */ 619 memcpy(key, tmpkeyiv, iklen); 620 memcpy(iv, tmpkeyiv + iklen, ivlen); 621 rawkey_set = 1; 622 } else { 623 BIO_printf(bio_err, "*** WARNING : " 624 "deprecated key derivation used.\n" 625 "Using -iter or -pbkdf2 would be better.\n"); 626 if (!EVP_BytesToKey(cipher, dgst, sptr, 627 (unsigned char *)str, str_len, 628 1, key, iv)) { 629 BIO_printf(bio_err, "EVP_BytesToKey failed\n"); 630 goto end; 631 } 632 rawkey_set = 1; 633 } 634 /* 635 * zero the complete buffer or the string passed from the command 636 * line. 637 */ 638 if (str == strbuf) 639 OPENSSL_cleanse(str, SIZE); 640 else 641 OPENSSL_cleanse(str, str_len); 642 } 643 if (hiv != NULL) { 644 int siz = EVP_CIPHER_get_iv_length(cipher); 645 646 if (siz == 0) { 647 BIO_printf(bio_err, "warning: iv not used by this cipher\n"); 648 } else if (!set_hex(hiv, iv, siz)) { 649 BIO_printf(bio_err, "invalid hex iv value\n"); 650 goto end; 651 } 652 } 653 if ((hiv == NULL) && (str == NULL) 654 && EVP_CIPHER_get_iv_length(cipher) != 0 655 && wrap == 0) { 656 /* 657 * No IV was explicitly set and no IV was generated. 658 * Hence the IV is undefined, making correct decryption impossible. 659 */ 660 BIO_printf(bio_err, "iv undefined\n"); 661 goto end; 662 } 663 if (hkey != NULL) { 664 if (!set_hex(hkey, key, EVP_CIPHER_get_key_length(cipher))) { 665 BIO_printf(bio_err, "invalid hex key value\n"); 666 goto end; 667 } 668 /* wiping secret data as we no longer need it */ 669 cleanse(hkey); 670 rawkey_set = 1; 671 } 672 673 /* 674 * At this moment we know whether we trying to use raw bytes as the key 675 * or an opaque symmetric key. We do not allow both options simultaneously. 676 */ 677 if (rawkey_set > 0 && skeyopts != NULL) { 678 BIO_printf(bio_err, "Either a raw key or the 'skeyopt' args must be used.\n"); 679 goto end; 680 } 681 682 if ((benc = BIO_new(BIO_f_cipher())) == NULL) 683 goto end; 684 685 /* 686 * Since we may be changing parameters work on the encryption context 687 * rather than calling BIO_set_cipher(). 688 */ 689 690 BIO_get_cipher_ctx(benc, &ctx); 691 692 if (wrap == 1) 693 EVP_CIPHER_CTX_set_flags(ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW); 694 695 if (rawkey_set) { 696 if (!EVP_CipherInit_ex(ctx, cipher, e, key, 697 (hiv == NULL && wrap == 1 ? NULL : iv), enc)) { 698 BIO_printf(bio_err, "Error setting cipher %s\n", 699 EVP_CIPHER_get0_name(cipher)); 700 ERR_print_errors(bio_err); 701 goto end; 702 } 703 } else { 704 OSSL_PARAM *params = NULL; 705 706 mgmt = EVP_SKEYMGMT_fetch(app_get0_libctx(), 707 skeymgmt != NULL ? skeymgmt : EVP_CIPHER_name(cipher), 708 app_get0_propq()); 709 if (mgmt == NULL) 710 goto end; 711 712 params = app_params_new_from_opts(skeyopts, 713 EVP_SKEYMGMT_get0_imp_settable_params(mgmt)); 714 if (params == NULL) 715 goto end; 716 717 skey = EVP_SKEY_import(app_get0_libctx(), EVP_SKEYMGMT_get0_name(mgmt), 718 app_get0_propq(), OSSL_SKEYMGMT_SELECT_ALL, params); 719 OSSL_PARAM_free(params); 720 if (skey == NULL) { 721 BIO_printf(bio_err, "Error creating opaque key object for skeymgmt %s\n", 722 skeymgmt ? skeymgmt : EVP_CIPHER_name(cipher)); 723 ERR_print_errors(bio_err); 724 goto end; 725 } 726 727 if (!EVP_CipherInit_SKEY(ctx, cipher, skey, 728 (hiv == NULL && wrap == 1 ? NULL : iv), 729 EVP_CIPHER_get_iv_length(cipher), enc, NULL)) { 730 BIO_printf(bio_err, "Error setting an opaque key for cipher %s\n", 731 EVP_CIPHER_get0_name(cipher)); 732 ERR_print_errors(bio_err); 733 goto end; 734 } 735 } 736 737 if (nopad) 738 EVP_CIPHER_CTX_set_padding(ctx, 0); 739 740 if (debug) { 741 BIO_set_callback_ex(benc, BIO_debug_callback_ex); 742 BIO_set_callback_arg(benc, (char *)bio_err); 743 } 744 745 if (printkey) { 746 if (!nosalt) { 747 printf("salt="); 748 for (i = 0; i < (int)saltlen; i++) 749 printf("%02X", salt[i]); 750 printf("\n"); 751 } 752 if (EVP_CIPHER_get_key_length(cipher) > 0) { 753 printf("key="); 754 for (i = 0; i < EVP_CIPHER_get_key_length(cipher); i++) 755 printf("%02X", key[i]); 756 printf("\n"); 757 } 758 if (EVP_CIPHER_get_iv_length(cipher) > 0) { 759 printf("iv ="); 760 for (i = 0; i < EVP_CIPHER_get_iv_length(cipher); i++) 761 printf("%02X", iv[i]); 762 printf("\n"); 763 } 764 if (printkey == 2) { 765 ret = 0; 766 goto end; 767 } 768 } 769 } 770 771 /* Only encrypt/decrypt as we write the file */ 772 if (benc != NULL) 773 wbio = BIO_push(benc, wbio); 774 775 while (BIO_pending(rbio) || !BIO_eof(rbio)) { 776 inl = BIO_read(rbio, (char *)buff, bsize); 777 if (inl <= 0) 778 break; 779 if (!streamable && !BIO_eof(rbio)) { /* do not output data */ 780 BIO_printf(bio_err, "Unstreamable cipher mode\n"); 781 goto end; 782 } 783 if (BIO_write(wbio, (char *)buff, inl) != inl) { 784 BIO_printf(bio_err, "error writing output file\n"); 785 goto end; 786 } 787 if (!streamable) 788 break; 789 } 790 if (!BIO_flush(wbio)) { 791 if (enc) 792 BIO_printf(bio_err, "bad encrypt\n"); 793 else 794 BIO_printf(bio_err, "bad decrypt\n"); 795 goto end; 796 } 797 798 ret = 0; 799 if (verbose) { 800 BIO_printf(bio_err, "bytes read : %8ju\n", BIO_number_read(in)); 801 BIO_printf(bio_err, "bytes written: %8ju\n", BIO_number_written(out)); 802 } 803 end: 804 ERR_print_errors(bio_err); 805 sk_OPENSSL_STRING_free(skeyopts); 806 EVP_SKEYMGMT_free(mgmt); 807 EVP_SKEY_free(skey); 808 OPENSSL_free(strbuf); 809 OPENSSL_free(buff); 810 BIO_free(in); 811 BIO_free_all(out); 812 BIO_free(benc); 813 BIO_free(b64); 814 EVP_MD_free(dgst); 815 EVP_CIPHER_free(cipher); 816 #ifndef OPENSSL_NO_ZLIB 817 BIO_free(bzl); 818 #endif 819 BIO_free(bbrot); 820 BIO_free(bzstd); 821 release_engine(e); 822 OPENSSL_free(pass); 823 return ret; 824 } 825 826 static void show_ciphers(const OBJ_NAME *name, void *arg) 827 { 828 struct doall_enc_ciphers *dec = (struct doall_enc_ciphers *)arg; 829 const EVP_CIPHER *cipher; 830 831 if (!islower((unsigned char)*name->name)) 832 return; 833 834 /* Filter out ciphers that we cannot use */ 835 cipher = EVP_get_cipherbyname(name->name); 836 if (cipher == NULL 837 || (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0 838 || EVP_CIPHER_get_mode(cipher) == EVP_CIPH_XTS_MODE) 839 return; 840 841 BIO_printf(dec->bio, "-%-25s", name->name); 842 if (++dec->n == 3) { 843 BIO_printf(dec->bio, "\n"); 844 dec->n = 0; 845 } else 846 BIO_printf(dec->bio, " "); 847 } 848 849 static int set_hex(const char *in, unsigned char *out, int size) 850 { 851 int i, n; 852 unsigned char j; 853 854 i = size * 2; 855 n = strlen(in); 856 if (n > i) { 857 BIO_printf(bio_err, "hex string is too long, ignoring excess\n"); 858 n = i; /* ignore exceeding part */ 859 } else if (n < i) { 860 BIO_printf(bio_err, "hex string is too short, padding with zero bytes to length\n"); 861 } 862 863 memset(out, 0, size); 864 for (i = 0; i < n; i++) { 865 j = (unsigned char)*in++; 866 if (!isxdigit(j)) { 867 BIO_printf(bio_err, "non-hex digit\n"); 868 return 0; 869 } 870 j = (unsigned char)OPENSSL_hexchar2int(j); 871 if (i & 1) 872 out[i / 2] |= j; 873 else 874 out[i / 2] = (j << 4); 875 } 876 return 1; 877 } 878
Indexes created Sat Feb 28 05:31:39 UTC 2026