projects/sencrypt: sencrypt.c annotate

annotate sencrypt.c @ 18:07f525330bc7

Mark fallthrough case

author	Guido Berhoerster <guido+sencrypt@berhoerster.name>
date	Wed, 31 Jul 2019 09:58:53 +0200
parents	d9c4bdc004d2
children	c45f17f58de1

rev	line source
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	1 /*
9 cc930aa0f3c2 Perform 50000 iterations with the PBKDF2 hash function when creating new files Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 4 diff changeset	2 * Copyright (C) 2016 Guido Berhoerster <guido+sencrypt@berhoerster.name>
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	3 *
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	4 * Permission is hereby granted, free of charge, to any person obtaining
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	5 * a copy of this software and associated documentation files (the
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	6 * "Software"), to deal in the Software without restriction, including
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	7 * without limitation the rights to use, copy, modify, merge, publish,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	8 * distribute, sublicense, and/or sell copies of the Software, and to
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	9 * permit persons to whom the Software is furnished to do so, subject to
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	10 * the following conditions:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	11 *
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	12 * The above copyright notice and this permission notice shall be included
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	13 * in all copies or substantial portions of the Software.
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	14 *
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	18 * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	19 * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	20 * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	21 * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	22 */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	23
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	24 #include <stdio.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	25 #include <string.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	26 #include <stdint.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	27 #include <stdbool.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	28 #include <unistd.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	29 #include <limits.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	30 #include <libgen.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	31 #include <arpa/inet.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	32 #include <sys/stat.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	33 #include <openssl/conf.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	34 #include <openssl/rand.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	35 #include <openssl/evp.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	36 #include <openssl/err.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	37
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	38 #ifdef HAVE_ERR_H
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	39 #include <err.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	40 #endif /* HAVE_ERR_H */
4 abb770754967 Use C99-compatible version of snprintf on UnixWare 7 Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 3 diff changeset	41 #include "compat.h"
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	42
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	43 #define MAX(a, b) (((a) > (b)) ? (a) : (b))
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	44
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	45 #define EXIT_USAGE 2
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	46
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	47 #define SENCRYPT_FORMAT_VERSION 1
15 00ca3ee8e310 Perform 500000 iterations with the PBKDF2 hash function when creating new files Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 12 diff changeset	48 #define PBKDF2_ITERATIONS 500000
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	49 #define SALT_LEN 16
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	50 #define BUFFER_SIZE (16 * 1024)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	51 #define MAX_PASSWORD_LEN 256
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	52
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	53 enum {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	54 CMD_SENCRYPT,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	55 CMD_SDECRYPT
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	56 };
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	57
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	58 static void
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	59 openssl_warn(void) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	60 unsigned long errcode;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	61
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	62 while ((errcode = ERR_get_error()) != 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	63 warnx("%s", ERR_error_string(errcode, NULL));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	64 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	65 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	66
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	67 static size_t
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	68 read_keyfile(const char filename, unsigned char key, size_t key_size_max)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	69 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	70 size_t keyfile_size = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	71 FILE *fp = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	72 struct stat statbuf;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	73
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	74 fp = fopen(filename, "r");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	75 if (fp == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	76 warn("could not open key file \"%s\"", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	77 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	78 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	79
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	80 if (fstat(fileno(fp), &statbuf) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	81 warn("could not stat key file \"%s\"", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	82 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	83 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	84
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	85 if (!S_ISREG(statbuf.st_mode)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	86 warnx("key file \"%s\" is not a regular file", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	87 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	88 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	89
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	90 if ((uintmax_t)statbuf.st_size > SIZE_MAX) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	91 warnx("key file \"%s\" is too large", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	92 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	93 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	94 keyfile_size = (size_t)statbuf.st_size;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	95 if ((keyfile_size > key_size_max) \|\|
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	96 (keyfile_size == 0)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	97 warnx("invalid key size");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	98 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	99 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	100
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	101 if (fread(key, 1, keyfile_size, fp) != keyfile_size) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	102 warnx("could not read key file \"%s\"", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	103 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	104 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	105
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	106 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	107 if (fp != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	108 fclose(fp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	109 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	110
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	111 return (keyfile_size);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	112 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	113
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	114 static int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	115 find_algorithm(const char algo_name, const EVP_CIPHER *cipher_ptr,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	116 size_t *key_len_ptr)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	117 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	118 int retval = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	119 const EVP_CIPHER *cipher = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	120 size_t key_len = *key_len_ptr;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	121
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	122 if (strcmp(algo_name, "aes") == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	123 switch (key_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	124 case 0:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	125 key_len = 16;
18 07f525330bc7 Mark fallthrough case Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 16 diff changeset	126 /* FALLTHROUGH */
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	127 case 16:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	128 cipher = EVP_aes_128_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	129 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	130 case 24:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	131 cipher = EVP_aes_192_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	132 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	133 case 32:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	134 cipher = EVP_aes_256_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	135 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	136 default:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	137 warnx("invalid key length %zu", key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	138 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	139 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	140 } else if (strcmp(algo_name, "arcfour") == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	141 if (key_len == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	142 key_len = 16;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	143 cipher = EVP_rc4();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	144 } else if (key_len <= EVP_MAX_KEY_LENGTH) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	145 /*
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	146 * for RC4 keys are not used verbatim but dervied using
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	147 * PBKDF2 with a hardcoded key length of 128 bit
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	148 */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	149 key_len = 16;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	150 cipher = EVP_rc4();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	151 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	152 warnx("invalid key length %zu", key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	153 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	154 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	155 } else if (strcmp(algo_name, "des") == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	156 if (key_len == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	157 key_len = 8;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	158 cipher = EVP_des_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	159 } else if (key_len == 8) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	160 cipher = EVP_des_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	161 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	162 warnx("invalid key length %zu", key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	163 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	164 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	165 } else if (strcmp(algo_name, "3des") == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	166 if (key_len == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	167 key_len = 24;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	168 cipher = EVP_des_ede3_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	169 } else if (key_len == 24) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	170 cipher = EVP_des_ede3_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	171 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	172 warnx("invalid key length %zu", key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	173 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	174 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	175 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	176 warnx("unknown algorithm \"%s\"", algo_name);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	177 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	178 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	179
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	180 *cipher_ptr = cipher;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	181 *key_len_ptr = key_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	182
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	183 return (retval);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	184 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	185
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	186 static int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	187 read_header(BIO bio_in, uint32_t iterations, unsigned char *iv, int iv_len,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	188 unsigned char *salt, int salt_len)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	189 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	190 int read_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	191 uint32_t version;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	192 int retval = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	193
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	194 read_len = BIO_read(bio_in, &version, sizeof (version));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	195 if (read_len != sizeof (version)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	196 warnx("failed to read version from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	197 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	198 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	199 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	200 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	201 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	202 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	203 version = htonl(version);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	204 if (version != SENCRYPT_FORMAT_VERSION) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	205 warnx("unknown format version %d", version);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	206 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	207 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	208 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	209
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	210 read_len = BIO_read(bio_in, iterations, sizeof (*iterations));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	211 if (read_len != sizeof (*iterations)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	212 warnx("failed to read iterations from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	213 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	214 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	215 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	216 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	217 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	218 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	219 iterations = htonl(iterations);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	220 if ((*iterations == 0) \|\| ((sizeof (int) <= sizeof (uint32_t)) &&
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	221 (*iterations > INT_MAX))) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	222 warnx("invalid number of iterations");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	223 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	224 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	225 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	226
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	227 if (iv_len > 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	228 read_len = BIO_read(bio_in, iv, iv_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	229 if (read_len != iv_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	230 warnx("failed to read IV from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	231 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	232 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	233 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	234 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	235 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	236 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	237 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	238
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	239 read_len = BIO_read(bio_in, salt, salt_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	240 if (read_len != salt_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	241 warnx("failed to read salt from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	242 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	243 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	244 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	245 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	246 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	247 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	248
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	249 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	250 return (retval);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	251 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	252
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	253 static int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	254 sencrypt(const EVP_CIPHER cipher, BIO bio_in, BIO *bio_out,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	255 const unsigned char key, size_t key_len, const unsigned char iv,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	256 const unsigned char *salt)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	257 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	258 int retval = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	259 uint32_t version;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	260 uint32_t iterations;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	261 int iv_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	262 int write_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	263 int read_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	264 BIO *bio_cipher = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	265 char *buf = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	266 EVP_CIPHER_CTX *cipher_ctx;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	267
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	268 /* set up cipher filter */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	269 bio_cipher = BIO_new(BIO_f_cipher());
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	270 BIO_set_cipher(bio_cipher, cipher, NULL, NULL, 1);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	271 BIO_get_cipher_ctx(bio_cipher, &cipher_ctx);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	272 if (EVP_CIPHER_CTX_set_key_length(cipher_ctx, (int)key_len) != 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	273 warnx("failed to set key length");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	274 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	275 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	276 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	277 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	278 if (EVP_CipherInit_ex(cipher_ctx, NULL, NULL, key, iv, 1) != 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	279 warnx("failed to initialize cipher");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	280 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	281 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	282 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	283 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	284 BIO_push(bio_cipher, bio_out);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	285
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	286 /* write header */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	287 version = htonl(SENCRYPT_FORMAT_VERSION);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	288 write_len = BIO_write(bio_out, &version, sizeof (version));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	289 if (write_len != sizeof (version)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	290 warnx("failed to write version to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	291 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	292 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	293 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	294 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	295 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	296 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	297
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	298 iterations = htonl(PBKDF2_ITERATIONS);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	299 write_len = BIO_write(bio_out, &iterations, sizeof (iterations));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	300 if (write_len != sizeof (iterations)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	301 warnx("failed to write iterations to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	302 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	303 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	304 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	305 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	306 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	307 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	308
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	309 iv_len = EVP_CIPHER_iv_length(cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	310 if (iv_len > 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	311 write_len = BIO_write(bio_out, iv, iv_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	312 if (write_len != iv_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	313 warnx("failed to write IV to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	314 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	315 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	316 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	317 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	318 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	319 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	320 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	321
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	322 write_len = BIO_write(bio_out, salt, SALT_LEN);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	323 if (write_len != SALT_LEN) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	324 warnx("failed to write salt to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	325 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	326 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	327 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	328 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	329 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	330 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	331
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	332 if (BIO_flush(bio_out) < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	333 warnx("failed to flush output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	334 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	335 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	336 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	337 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	338
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	339 buf = malloc(BUFFER_SIZE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	340 if (buf == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	341 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	342 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	343 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	344 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	345
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	346 /* encrypt data */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	347 while ((read_len = BIO_read(bio_in, buf, BUFFER_SIZE)) > 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	348 if ((write_len = BIO_write(bio_cipher, buf, read_len)) !=
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	349 read_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	350 warnx("failed to write to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	351 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	352 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	353 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	354 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	355 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	356 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	357 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	358 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	359 warnx("failed to read from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	360 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	361 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	362 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	363 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	364
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	365 if (BIO_flush(bio_cipher) < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	366 warnx("failed to flush output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	367 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	368 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	369 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	370 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	371
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	372 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	373 free(buf);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	374
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	375 if (bio_cipher != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	376 BIO_pop(bio_cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	377 BIO_free(bio_cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	378 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	379
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	380 return (retval);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	381 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	382
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	383 static int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	384 sdecrypt(const EVP_CIPHER cipher, BIO bio_in, BIO *bio_out,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	385 const unsigned char key, size_t key_len, const unsigned char iv)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	386 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	387 int read_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	388 BIO *bio_cipher = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	389 int write_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	390 char *buf = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	391 EVP_CIPHER_CTX *cipher_ctx;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	392 int retval = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	393
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	394 buf = malloc(BUFFER_SIZE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	395 if (buf == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	396 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	397 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	398 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	399 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	400
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	401 /* set up cipher filter */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	402 bio_cipher = BIO_new(BIO_f_cipher());
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	403 BIO_set_cipher(bio_cipher, cipher, NULL, NULL, 0);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	404 BIO_get_cipher_ctx(bio_cipher, &cipher_ctx);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	405 if (EVP_CIPHER_CTX_set_key_length(cipher_ctx, (int)key_len) != 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	406 warnx("failed to set key length");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	407 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	408 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	409 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	410 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	411 if (EVP_CipherInit_ex(cipher_ctx, NULL, NULL, key, iv, 0) != 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	412 warnx("failed to initialize cipher");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	413 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	414 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	415 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	416 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	417 BIO_push(bio_cipher, bio_in);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	418
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	419 /* decrypt data */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	420 while ((read_len = BIO_read(bio_cipher, buf, BUFFER_SIZE)) > 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	421 if ((write_len = BIO_write(bio_out, buf, read_len)) !=
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	422 read_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	423 warnx("failed to write to to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	424 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	425 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	426 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	427 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	428 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	429 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	430 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	431 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	432 warnx("failed to read from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	433 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	434 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	435 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	436 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	437
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	438 if (BIO_flush(bio_out) < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	439 warnx("failed to flush output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	440 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	441 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	442 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	443 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	444
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	445 if (BIO_get_cipher_status(bio_cipher) == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	446 warnx("decryption failed");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	447 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	448 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	449 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	450 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	451
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	452 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	453 free(buf);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	454
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	455 if (bio_cipher != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	456 BIO_pop(bio_cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	457 BIO_free(bio_cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	458 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	459
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	460 return (retval);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	461 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	462
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	463 static void
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	464 list_algorithms(void)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	465 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	466 printf("Algorithm Keysize: Min Max (bits)\n"
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	467 "------------------------------------------\n");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	468 printf("%-15s %5u %5u\n", "aes", 128, 256);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	469 printf("%-15s %5u %5u\n", "arcfour", 8,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	470 EVP_MAX_KEY_LENGTH * 8);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	471 printf("%-15s %5u %5u\n", "des", 64, 64);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	472 printf("%-15s %5u %5u\n", "3des", 192, 192);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	473 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	474
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	475 static void
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	476 usage(int cmd)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	477 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	478 if (cmd == CMD_SENCRYPT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	479 fprintf(stderr, "usage: sencrypt -l \| [-v] -a algorithm "
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	480 "[-k key_file] [-i input_file] [-o output_file]\n");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	481 } else if (cmd == CMD_SDECRYPT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	482 fprintf(stderr, "usage: sdecrypt -l \| [-v] -a algorithm "
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	483 "[-k key_file] [-i input_file] [-o output_file]\n");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	484 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	485 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	486
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	487 int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	488 main(int argc, char *argv[])
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	489 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	490 char *progname;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	491 int cmd;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	492 int c;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	493 bool aflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	494 char *algo_name = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	495 bool is_algo_rc4 = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	496 bool iflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	497 char *in_filename = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	498 bool kflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	499 char *key_filename = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	500 bool lflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	501 bool oflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	502 char *out_filename = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	503 bool vflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	504 bool errflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	505 unsigned char key[EVP_MAX_KEY_LENGTH];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	506 size_t key_len = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	507 size_t key_file_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	508 const EVP_CIPHER *cipher;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	509 BIO *bio_in = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	510 uint32_t iterations = PBKDF2_ITERATIONS;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	511 unsigned char iv[EVP_MAX_IV_LENGTH];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	512 unsigned char salt[SALT_LEN];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	513 BIO *bio_out = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	514 int need_tmpfile = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	515 FILE *fp_in;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	516 struct stat statbuf_in;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	517 struct stat statbuf_out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	518 int fd_tmp = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	519 FILE *fp_tmp = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	520 char *out_filename_tmp = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	521 char *out_dir = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	522 char *tmp_filename = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	523 int len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	524 mode_t old_mode;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	525 char pwdata[MAX(MAX_PASSWORD_LEN, EVP_MAX_KEY_LENGTH)];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	526 size_t pwdata_len = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	527 int status = EXIT_SUCCESS;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	528
16 d9c4bdc004d2 Add support for OpenSSL 1.1 Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 15 diff changeset	529 #if OPENSSL_VERSION_NUMBER < 0x10100000L
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	530 /* initialize OpenSSL */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	531 OpenSSL_add_all_algorithms();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	532 ERR_load_crypto_strings();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	533 OPENSSL_config(NULL);
16 d9c4bdc004d2 Add support for OpenSSL 1.1 Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 15 diff changeset	534 #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	535
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	536 progname = strrchr(argv[0], '/');
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	537 progname = (progname != NULL) ? progname + 1 : argv[0];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	538 if ((strcmp(progname, "sencrypt") == 0) \|\|
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	539 (strcmp(progname, "encrypt") == 0)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	540 cmd = CMD_SENCRYPT;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	541 } else if ((strcmp(progname, "sdecrypt") == 0) \|\|
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	542 (strcmp(progname, "decrypt") == 0)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	543 cmd = CMD_SDECRYPT;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	544 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	545 fprintf(stderr, "invalid command name");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	546 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	547 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	548 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	549
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	550 while (!errflag && (c = getopt(argc, argv, "a:i:k:lo:v")) != -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	551 switch (c) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	552 case 'a':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	553 aflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	554 algo_name = optarg;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	555 is_algo_rc4 = (strcmp(algo_name, "arcfour") == 0);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	556 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	557 case 'i':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	558 iflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	559 in_filename = optarg;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	560 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	561 case 'k':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	562 kflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	563 key_filename = optarg;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	564 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	565 case 'l':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	566 lflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	567 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	568 case 'o':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	569 oflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	570 out_filename = optarg;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	571 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	572 case 'v':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	573 vflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	574 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	575 default:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	576 errflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	577 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	578 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	579 if (errflag \|\| (!lflag && !aflag) \|\| (lflag && aflag) \|\|
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	580 (argc > optind)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	581 usage(cmd);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	582 status = EXIT_USAGE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	583 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	584 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	585
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	586 if (lflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	587 list_algorithms();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	588 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	589 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	590
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	591 if (kflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	592 key_file_len = read_keyfile(key_filename, key,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	593 (off_t)sizeof (key));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	594 if (key_file_len < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	595 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	596 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	597 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	598 key_len = key_file_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	599 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	600 if (EVP_read_pw_string(pwdata, sizeof (pwdata), "Enter key:",
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	601 (cmd == CMD_SENCRYPT) ? 1 : 0) != 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	602 warnx("could not read passphrase");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	603 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	604 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	605 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	606 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	607 pwdata_len = strlen(pwdata);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	608 if (pwdata_len < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	609 warnx("invalid passphrase");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	610 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	611 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	612 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	613 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	614
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	615 /* the cipher is determined based on name and length of the key file */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	616 if (find_algorithm(algo_name, &cipher, &key_len) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	617 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	618 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	619 }
10 8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	620 if ((cmd == CMD_SENCRYPT) && ((cipher != EVP_aes_128_cbc()) &&
8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	621 (cipher != EVP_aes_192_cbc()) && (cipher != EVP_aes_256_cbc()))) {
8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	622 fprintf(stderr, "warning: the %s algorithm is no longer "
8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	623 "considered secure", algo_name);
8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	624 }
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	625
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	626 if (iflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	627 bio_in = BIO_new_file(in_filename, "r");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	628 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	629 bio_in = BIO_new_fp(stdin, BIO_NOCLOSE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	630 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	631 if (bio_in == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	632 warnx("could not open input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	633 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	634 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	635 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	636 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	637
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	638 if (cmd == CMD_SENCRYPT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	639 /* generate random salt and IV */
3 f230c550e261 Correct check for errors from RAND_bytes() Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 0 diff changeset	640 if ((RAND_bytes(salt, sizeof (salt)) != 1) \|\|
f230c550e261 Correct check for errors from RAND_bytes() Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 0 diff changeset	641 (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) != 1)) {
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	642 /* not enough entropy or unknown error */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	643 warnx("failed to generate random data");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	644 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	645 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	646 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	647 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	648 read_header(bio_in, &iterations, iv,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	649 EVP_CIPHER_iv_length(cipher), salt, (int)sizeof (salt));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	650 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	651
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	652 /*
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	653 * if no keyfile was given or the RC4 cipher is used, derive the key
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	654 * from the password and salt
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	655 */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	656 if (kflag && is_algo_rc4) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	657 memcpy(pwdata, key, key_file_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	658 pwdata_len = key_file_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	659 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	660 if (!kflag \|\| is_algo_rc4) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	661 if (PKCS5_PBKDF2_HMAC_SHA1(pwdata, (int)pwdata_len, salt,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	662 sizeof (salt), (int)iterations, (int)key_len, key) == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	663 warnx("failed to generate key");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	664 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	665 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	666 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	667 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	668
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	669 if (oflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	670 /*
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	671 * if input and output files are identical, create and write the
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	672 * output to a temporary file for the output which is then
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	673 * renamed to out_filename
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	674 */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	675 if (iflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	676 BIO_get_fp(bio_in, &fp_in);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	677 if (fstat(fileno(fp_in), &statbuf_in) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	678 warn("could not stat input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	679 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	680 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	681 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	682 if (stat(out_filename, &statbuf_out) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	683 if (errno != ENOENT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	684 warn("could not stat output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	685 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	686 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	687 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	688 } else if ((statbuf_in.st_ino == statbuf_out.st_ino) &&
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	689 (statbuf_in.st_dev == statbuf_out.st_dev)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	690 need_tmpfile = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	691 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	692 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	693
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	694 if (need_tmpfile) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	695 out_filename_tmp = strdup(out_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	696 if (out_filename_tmp == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	697 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	698 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	699 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	700 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	701 out_dir = dirname(out_filename_tmp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	702 len = snprintf(NULL, 0, "%s/sencryptXXXXXX", out_dir);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	703 if (len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	704 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	705 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	706 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	707 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	708 tmp_filename = malloc((size_t)len + 1);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	709 if (tmp_filename == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	710 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	711 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	712 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	713 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	714 if (snprintf(tmp_filename, (size_t)len + 1,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	715 "%s/sencryptXXXXXX", out_dir) != len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	716 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	717 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	718 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	719 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	720 old_mode = umask(077);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	721 fd_tmp = mkstemp(tmp_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	722 umask(old_mode);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	723 if (fd_tmp == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	724 warn("could not create temporary file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	725 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	726 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	727 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	728 fp_tmp = fdopen(fd_tmp, "w");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	729 if (fp_tmp == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	730 warn("could not open temporary file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	731 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	732 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	733 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	734 fd_tmp = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	735 bio_out = BIO_new_fp(fp_tmp, BIO_CLOSE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	736 if (bio_out == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	737 warnx("could not open temporary file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	738 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	739 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	740 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	741 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	742 fp_tmp = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	743 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	744 old_mode = umask(077);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	745 bio_out = BIO_new_file(out_filename, "w");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	746 umask(old_mode);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	747 if (bio_out == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	748 warnx("could not open output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	749 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	750 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	751 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	752 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	753 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	754 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	755 bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	756 if (bio_out == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	757 warnx("could not open output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	758 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	759 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	760 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	761 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	762 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	763
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	764 if (cmd == CMD_SENCRYPT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	765 if (sencrypt(cipher, bio_in, bio_out, key, key_len,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	766 iv, salt) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	767 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	768 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	769 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	770 if (sdecrypt(cipher, bio_in, bio_out, key, key_len,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	771 iv) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	772 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	773 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	774 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	775
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	776 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	777 OPENSSL_cleanse(pwdata, pwdata_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	778 OPENSSL_cleanse(key, key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	779
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	780 if (fd_tmp != -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	781 close(fd_tmp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	782 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	783
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	784 if (fp_tmp != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	785 fclose(fp_tmp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	786 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	787
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	788 if (bio_in != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	789 BIO_free_all(bio_in);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	790 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	791
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	792 if (bio_out != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	793 BIO_free_all(bio_out);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	794
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	795 if (status == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	796 if (need_tmpfile) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	797 if (rename(tmp_filename, out_filename) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	798 warn("could not create output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	799 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	800 unlink(tmp_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	801 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	802 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	803 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	804 if (need_tmpfile) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	805 unlink(tmp_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	806 } else if (oflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	807 unlink(out_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	808 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	809 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	810 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	811
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	812 free(out_filename_tmp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	813 free(tmp_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	814
16 d9c4bdc004d2 Add support for OpenSSL 1.1 Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 15 diff changeset	815 #if OPENSSL_VERSION_NUMBER < 0x10100000L
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	816 EVP_cleanup();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	817 ERR_free_strings();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	818 CONF_modules_free();
16 d9c4bdc004d2 Add support for OpenSSL 1.1 Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 15 diff changeset	819 #endif /* OPENSSL_VERSION_NUMBER < 0x10100000L */
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	820
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	821 exit(status);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	822 }

Mercurial > projects > sencrypt

annotate sencrypt.c @ 18:07f525330bc7