projects/sencrypt: sencrypt.c annotate

annotate sencrypt.c @ 10:8e9dd5328b5a

Print a warning message when using an insecure algorithm

author	Guido Berhoerster <guido+sencrypt@berhoerster.name>
date	Sat, 03 Sep 2016 14:02:42 +0200
parents	cc930aa0f3c2
children	14e58decdf87

rev	line source
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	1 /*
9 cc930aa0f3c2 Perform 50000 iterations with the PBKDF2 hash function when creating new files Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 4 diff changeset	2 * Copyright (C) 2016 Guido Berhoerster <guido+sencrypt@berhoerster.name>
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	3 *
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	4 * Permission is hereby granted, free of charge, to any person obtaining
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	5 * a copy of this software and associated documentation files (the
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	6 * "Software"), to deal in the Software without restriction, including
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	7 * without limitation the rights to use, copy, modify, merge, publish,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	8 * distribute, sublicense, and/or sell copies of the Software, and to
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	9 * permit persons to whom the Software is furnished to do so, subject to
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	10 * the following conditions:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	11 *
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	12 * The above copyright notice and this permission notice shall be included
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	13 * in all copies or substantial portions of the Software.
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	14 *
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	18 * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	19 * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	20 * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	21 * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	22 */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	23
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	24 #define _XOPEN_SOURCE 600
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	25
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	26 #include <stdio.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	27 #include <string.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	28 #include <stdint.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	29 #include <stdbool.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	30 #include <unistd.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	31 #include <limits.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	32 #include <libgen.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	33 #include <arpa/inet.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	34 #include <sys/stat.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	35 #include <openssl/conf.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	36 #include <openssl/rand.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	37 #include <openssl/evp.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	38 #include <openssl/err.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	39
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	40 #ifdef HAVE_ERR_H
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	41 #include <err.h>
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	42 #else
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	43 #include "err.h"
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	44 #endif /* HAVE_ERR_H */
4 abb770754967 Use C99-compatible version of snprintf on UnixWare 7 Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 3 diff changeset	45 #include "compat.h"
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	46
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	47 #define MAX(a, b) (((a) > (b)) ? (a) : (b))
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	48
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	49 #define EXIT_USAGE 2
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	50
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	51 #define SENCRYPT_FORMAT_VERSION 1
9 cc930aa0f3c2 Perform 50000 iterations with the PBKDF2 hash function when creating new files Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 4 diff changeset	52 #define PBKDF2_ITERATIONS 50000
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	53 #define SALT_LEN 16
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	54 #define BUFFER_SIZE (16 * 1024)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	55 #define MAX_PASSWORD_LEN 256
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	56
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	57 enum {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	58 CMD_SENCRYPT,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	59 CMD_SDECRYPT
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	60 };
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	61
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	62 static void
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	63 openssl_warn(void) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	64 unsigned long errcode;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	65
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	66 while ((errcode = ERR_get_error()) != 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	67 warnx("%s", ERR_error_string(errcode, NULL));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	68 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	69 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	70
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	71 static size_t
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	72 read_keyfile(const char filename, unsigned char key, size_t key_size_max)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	73 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	74 size_t keyfile_size = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	75 FILE *fp = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	76 struct stat statbuf;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	77
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	78 fp = fopen(filename, "r");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	79 if (fp == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	80 warn("could not open key file \"%s\"", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	81 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	82 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	83
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	84 if (fstat(fileno(fp), &statbuf) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	85 warn("could not stat key file \"%s\"", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	86 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	87 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	88
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	89 if (!S_ISREG(statbuf.st_mode)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	90 warnx("key file \"%s\" is not a regular file", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	91 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	92 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	93
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	94 if ((uintmax_t)statbuf.st_size > SIZE_MAX) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	95 warnx("key file \"%s\" is too large", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	96 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	97 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	98 keyfile_size = (size_t)statbuf.st_size;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	99 if ((keyfile_size > key_size_max) \|\|
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	100 (keyfile_size == 0)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	101 warnx("invalid key size");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	102 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	103 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	104
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	105 if (fread(key, 1, keyfile_size, fp) != keyfile_size) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	106 warnx("could not read key file \"%s\"", filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	107 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	108 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	109
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	110 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	111 if (fp != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	112 fclose(fp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	113 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	114
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	115 return (keyfile_size);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	116 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	117
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	118 static int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	119 find_algorithm(const char algo_name, const EVP_CIPHER *cipher_ptr,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	120 size_t *key_len_ptr)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	121 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	122 int retval = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	123 const EVP_CIPHER *cipher = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	124 size_t key_len = *key_len_ptr;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	125
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	126 if (strcmp(algo_name, "aes") == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	127 switch (key_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	128 case 0:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	129 key_len = 16;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	130 case 16:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	131 cipher = EVP_aes_128_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	132 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	133 case 24:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	134 cipher = EVP_aes_192_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	135 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	136 case 32:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	137 cipher = EVP_aes_256_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	138 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	139 default:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	140 warnx("invalid key length %zu", key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	141 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	142 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	143 } else if (strcmp(algo_name, "arcfour") == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	144 if (key_len == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	145 key_len = 16;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	146 cipher = EVP_rc4();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	147 } else if (key_len <= EVP_MAX_KEY_LENGTH) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	148 /*
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	149 * for RC4 keys are not used verbatim but dervied using
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	150 * PBKDF2 with a hardcoded key length of 128 bit
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	151 */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	152 key_len = 16;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	153 cipher = EVP_rc4();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	154 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	155 warnx("invalid key length %zu", key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	156 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	157 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	158 } else if (strcmp(algo_name, "des") == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	159 if (key_len == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	160 key_len = 8;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	161 cipher = EVP_des_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	162 } else if (key_len == 8) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	163 cipher = EVP_des_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	164 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	165 warnx("invalid key length %zu", key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	166 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	167 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	168 } else if (strcmp(algo_name, "3des") == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	169 if (key_len == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	170 key_len = 24;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	171 cipher = EVP_des_ede3_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	172 } else if (key_len == 24) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	173 cipher = EVP_des_ede3_cbc();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	174 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	175 warnx("invalid key length %zu", key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	176 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	177 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	178 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	179 warnx("unknown algorithm \"%s\"", algo_name);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	180 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	181 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	182
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	183 *cipher_ptr = cipher;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	184 *key_len_ptr = key_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	185
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	186 return (retval);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	187 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	188
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	189 static int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	190 read_header(BIO bio_in, uint32_t iterations, unsigned char *iv, int iv_len,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	191 unsigned char *salt, int salt_len)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	192 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	193 int read_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	194 uint32_t version;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	195 int retval = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	196
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	197 read_len = BIO_read(bio_in, &version, sizeof (version));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	198 if (read_len != sizeof (version)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	199 warnx("failed to read version from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	200 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	201 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	202 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	203 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	204 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	205 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	206 version = htonl(version);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	207 if (version != SENCRYPT_FORMAT_VERSION) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	208 warnx("unknown format version %d", version);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	209 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	210 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	211 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	212
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	213 read_len = BIO_read(bio_in, iterations, sizeof (*iterations));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	214 if (read_len != sizeof (*iterations)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	215 warnx("failed to read iterations from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	216 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	217 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	218 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	219 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	220 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	221 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	222 iterations = htonl(iterations);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	223 if ((*iterations == 0) \|\| ((sizeof (int) <= sizeof (uint32_t)) &&
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	224 (*iterations > INT_MAX))) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	225 warnx("invalid number of iterations");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	226 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	227 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	228 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	229
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	230 if (iv_len > 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	231 read_len = BIO_read(bio_in, iv, iv_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	232 if (read_len != iv_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	233 warnx("failed to read IV from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	234 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	235 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	236 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	237 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	238 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	239 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	240 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	241
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	242 read_len = BIO_read(bio_in, salt, salt_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	243 if (read_len != salt_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	244 warnx("failed to read salt from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	245 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	246 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	247 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	248 retval = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	249 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	250 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	251
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	252 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	253 return (retval);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	254 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	255
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	256 static int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	257 sencrypt(const EVP_CIPHER cipher, BIO bio_in, BIO *bio_out,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	258 const unsigned char key, size_t key_len, const unsigned char iv,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	259 const unsigned char *salt)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	260 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	261 int retval = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	262 uint32_t version;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	263 uint32_t iterations;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	264 int iv_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	265 int write_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	266 int read_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	267 BIO *bio_cipher = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	268 char *buf = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	269 EVP_CIPHER_CTX *cipher_ctx;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	270
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	271 /* set up cipher filter */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	272 bio_cipher = BIO_new(BIO_f_cipher());
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	273 BIO_set_cipher(bio_cipher, cipher, NULL, NULL, 1);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	274 BIO_get_cipher_ctx(bio_cipher, &cipher_ctx);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	275 if (EVP_CIPHER_CTX_set_key_length(cipher_ctx, (int)key_len) != 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	276 warnx("failed to set key length");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	277 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	278 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	279 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	280 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	281 if (EVP_CipherInit_ex(cipher_ctx, NULL, NULL, key, iv, 1) != 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	282 warnx("failed to initialize cipher");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	283 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	284 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	285 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	286 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	287 BIO_push(bio_cipher, bio_out);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	288
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	289 /* write header */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	290 version = htonl(SENCRYPT_FORMAT_VERSION);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	291 write_len = BIO_write(bio_out, &version, sizeof (version));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	292 if (write_len != sizeof (version)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	293 warnx("failed to write version to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	294 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	295 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	296 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	297 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	298 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	299 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	300
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	301 iterations = htonl(PBKDF2_ITERATIONS);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	302 write_len = BIO_write(bio_out, &iterations, sizeof (iterations));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	303 if (write_len != sizeof (iterations)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	304 warnx("failed to write iterations to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	305 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	306 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	307 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	308 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	309 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	310 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	311
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	312 iv_len = EVP_CIPHER_iv_length(cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	313 if (iv_len > 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	314 write_len = BIO_write(bio_out, iv, iv_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	315 if (write_len != iv_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	316 warnx("failed to write IV to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	317 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	318 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	319 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	320 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	321 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	322 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	323 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	324
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	325 write_len = BIO_write(bio_out, salt, SALT_LEN);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	326 if (write_len != SALT_LEN) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	327 warnx("failed to write salt to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	328 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	329 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	330 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	331 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	332 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	333 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	334
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	335 if (BIO_flush(bio_out) < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	336 warnx("failed to flush output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	337 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	338 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	339 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	340 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	341
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	342 buf = malloc(BUFFER_SIZE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	343 if (buf == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	344 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	345 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	346 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	347 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	348
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	349 /* encrypt data */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	350 while ((read_len = BIO_read(bio_in, buf, BUFFER_SIZE)) > 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	351 if ((write_len = BIO_write(bio_cipher, buf, read_len)) !=
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	352 read_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	353 warnx("failed to write to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	354 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	355 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	356 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	357 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	358 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	359 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	360 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	361 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	362 warnx("failed to read from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	363 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	364 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	365 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	366 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	367
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	368 if (BIO_flush(bio_cipher) < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	369 warnx("failed to flush output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	370 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	371 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	372 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	373 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	374
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	375 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	376 free(buf);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	377
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	378 if (bio_cipher != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	379 BIO_pop(bio_cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	380 BIO_free(bio_cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	381 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	382
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	383 return (retval);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	384 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	385
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	386 static int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	387 sdecrypt(const EVP_CIPHER cipher, BIO bio_in, BIO *bio_out,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	388 const unsigned char key, size_t key_len, const unsigned char iv)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	389 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	390 int read_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	391 BIO *bio_cipher = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	392 int write_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	393 char *buf = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	394 EVP_CIPHER_CTX *cipher_ctx;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	395 int retval = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	396
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	397 buf = malloc(BUFFER_SIZE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	398 if (buf == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	399 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	400 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	401 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	402 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	403
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	404 /* set up cipher filter */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	405 bio_cipher = BIO_new(BIO_f_cipher());
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	406 BIO_set_cipher(bio_cipher, cipher, NULL, NULL, 0);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	407 BIO_get_cipher_ctx(bio_cipher, &cipher_ctx);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	408 if (EVP_CIPHER_CTX_set_key_length(cipher_ctx, (int)key_len) != 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	409 warnx("failed to set key length");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	410 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	411 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	412 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	413 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	414 if (EVP_CipherInit_ex(cipher_ctx, NULL, NULL, key, iv, 0) != 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	415 warnx("failed to initialize cipher");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	416 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	417 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	418 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	419 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	420 BIO_push(bio_cipher, bio_in);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	421
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	422 /* decrypt data */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	423 while ((read_len = BIO_read(bio_cipher, buf, BUFFER_SIZE)) > 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	424 if ((write_len = BIO_write(bio_out, buf, read_len)) !=
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	425 read_len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	426 warnx("failed to write to to output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	427 if (write_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	428 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	429 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	430 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	431 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	432 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	433 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	434 if (read_len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	435 warnx("failed to read from input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	436 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	437 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	438 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	439 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	440
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	441 if (BIO_flush(bio_out) < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	442 warnx("failed to flush output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	443 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	444 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	445 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	446 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	447
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	448 if (BIO_get_cipher_status(bio_cipher) == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	449 warnx("decryption failed");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	450 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	451 retval = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	452 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	453 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	454
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	455 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	456 free(buf);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	457
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	458 if (bio_cipher != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	459 BIO_pop(bio_cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	460 BIO_free(bio_cipher);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	461 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	462
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	463 return (retval);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	464 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	465
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	466 static void
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	467 list_algorithms(void)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	468 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	469 printf("Algorithm Keysize: Min Max (bits)\n"
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	470 "------------------------------------------\n");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	471 printf("%-15s %5u %5u\n", "aes", 128, 256);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	472 printf("%-15s %5u %5u\n", "arcfour", 8,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	473 EVP_MAX_KEY_LENGTH * 8);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	474 printf("%-15s %5u %5u\n", "des", 64, 64);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	475 printf("%-15s %5u %5u\n", "3des", 192, 192);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	476 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	477
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	478 static void
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	479 usage(int cmd)
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	480 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	481 if (cmd == CMD_SENCRYPT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	482 fprintf(stderr, "usage: sencrypt -l \| [-v] -a algorithm "
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	483 "[-k key_file] [-i input_file] [-o output_file]\n");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	484 } else if (cmd == CMD_SDECRYPT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	485 fprintf(stderr, "usage: sdecrypt -l \| [-v] -a algorithm "
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	486 "[-k key_file] [-i input_file] [-o output_file]\n");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	487 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	488 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	489
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	490 int
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	491 main(int argc, char *argv[])
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	492 {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	493 char *progname;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	494 int cmd;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	495 int c;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	496 bool aflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	497 char *algo_name = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	498 bool is_algo_rc4 = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	499 bool iflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	500 char *in_filename = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	501 bool kflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	502 char *key_filename = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	503 bool lflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	504 bool oflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	505 char *out_filename = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	506 bool vflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	507 bool errflag = false;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	508 unsigned char key[EVP_MAX_KEY_LENGTH];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	509 size_t key_len = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	510 size_t key_file_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	511 const EVP_CIPHER *cipher;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	512 BIO *bio_in = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	513 uint32_t iterations = PBKDF2_ITERATIONS;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	514 unsigned char iv[EVP_MAX_IV_LENGTH];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	515 unsigned char salt[SALT_LEN];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	516 BIO *bio_out = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	517 int need_tmpfile = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	518 FILE *fp_in;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	519 struct stat statbuf_in;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	520 struct stat statbuf_out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	521 int fd_tmp = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	522 FILE *fp_tmp = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	523 char *out_filename_tmp = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	524 char *out_dir = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	525 char *tmp_filename = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	526 int len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	527 mode_t old_mode;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	528 char pwdata[MAX(MAX_PASSWORD_LEN, EVP_MAX_KEY_LENGTH)];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	529 size_t pwdata_len = 0;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	530 int status = EXIT_SUCCESS;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	531
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	532 /* initialize OpenSSL */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	533 OpenSSL_add_all_algorithms();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	534 ERR_load_crypto_strings();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	535 OPENSSL_config(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	536
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	537 progname = strrchr(argv[0], '/');
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	538 progname = (progname != NULL) ? progname + 1 : argv[0];
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	539 if ((strcmp(progname, "sencrypt") == 0) \|\|
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	540 (strcmp(progname, "encrypt") == 0)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	541 cmd = CMD_SENCRYPT;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	542 } else if ((strcmp(progname, "sdecrypt") == 0) \|\|
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	543 (strcmp(progname, "decrypt") == 0)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	544 cmd = CMD_SDECRYPT;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	545 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	546 fprintf(stderr, "invalid command name");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	547 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	548 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	549 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	550
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	551 while (!errflag && (c = getopt(argc, argv, "a:i:k:lo:v")) != -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	552 switch (c) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	553 case 'a':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	554 aflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	555 algo_name = optarg;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	556 is_algo_rc4 = (strcmp(algo_name, "arcfour") == 0);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	557 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	558 case 'i':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	559 iflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	560 in_filename = optarg;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	561 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	562 case 'k':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	563 kflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	564 key_filename = optarg;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	565 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	566 case 'l':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	567 lflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	568 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	569 case 'o':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	570 oflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	571 out_filename = optarg;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	572 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	573 case 'v':
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	574 vflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	575 break;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	576 default:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	577 errflag = true;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	578 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	579 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	580 if (errflag \|\| (!lflag && !aflag) \|\| (lflag && aflag) \|\|
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	581 (argc > optind)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	582 usage(cmd);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	583 status = EXIT_USAGE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	584 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	585 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	586
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	587 if (lflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	588 list_algorithms();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	589 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	590 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	591
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	592 if (kflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	593 key_file_len = read_keyfile(key_filename, key,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	594 (off_t)sizeof (key));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	595 if (key_file_len < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	596 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	597 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	598 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	599 key_len = key_file_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	600 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	601 if (EVP_read_pw_string(pwdata, sizeof (pwdata), "Enter key:",
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	602 (cmd == CMD_SENCRYPT) ? 1 : 0) != 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	603 warnx("could not read passphrase");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	604 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	605 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	606 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	607 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	608 pwdata_len = strlen(pwdata);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	609 if (pwdata_len < 1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	610 warnx("invalid passphrase");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	611 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	612 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	613 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	614 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	615
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	616 /* the cipher is determined based on name and length of the key file */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	617 if (find_algorithm(algo_name, &cipher, &key_len) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	618 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	619 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	620 }
10 8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	621 if ((cmd == CMD_SENCRYPT) && ((cipher != EVP_aes_128_cbc()) &&
8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	622 (cipher != EVP_aes_192_cbc()) && (cipher != EVP_aes_256_cbc()))) {
8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	623 fprintf(stderr, "warning: the %s algorithm is no longer "
8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	624 "considered secure", algo_name);
8e9dd5328b5a Print a warning message when using an insecure algorithm Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 9 diff changeset	625 }
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	626
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	627 if (iflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	628 bio_in = BIO_new_file(in_filename, "r");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	629 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	630 bio_in = BIO_new_fp(stdin, BIO_NOCLOSE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	631 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	632 if (bio_in == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	633 warnx("could not open input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	634 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	635 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	636 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	637 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	638
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	639 if (cmd == CMD_SENCRYPT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	640 /* generate random salt and IV */
3 f230c550e261 Correct check for errors from RAND_bytes() Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 0 diff changeset	641 if ((RAND_bytes(salt, sizeof (salt)) != 1) \|\|
f230c550e261 Correct check for errors from RAND_bytes() Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: 0 diff changeset	642 (RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)) != 1)) {
0 73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	643 /* not enough entropy or unknown error */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	644 warnx("failed to generate random data");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	645 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	646 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	647 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	648 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	649 read_header(bio_in, &iterations, iv,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	650 EVP_CIPHER_iv_length(cipher), salt, (int)sizeof (salt));
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	651 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	652
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	653 /*
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	654 * if no keyfile was given or the RC4 cipher is used, derive the key
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	655 * from the password and salt
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	656 */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	657 if (kflag && is_algo_rc4) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	658 memcpy(pwdata, key, key_file_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	659 pwdata_len = key_file_len;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	660 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	661 if (!kflag \|\| is_algo_rc4) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	662 if (PKCS5_PBKDF2_HMAC_SHA1(pwdata, (int)pwdata_len, salt,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	663 sizeof (salt), (int)iterations, (int)key_len, key) == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	664 warnx("failed to generate key");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	665 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	666 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	667 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	668 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	669
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	670 if (oflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	671 /*
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	672 * if input and output files are identical, create and write the
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	673 * output to a temporary file for the output which is then
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	674 * renamed to out_filename
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	675 */
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	676 if (iflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	677 BIO_get_fp(bio_in, &fp_in);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	678 if (fstat(fileno(fp_in), &statbuf_in) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	679 warn("could not stat input file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	680 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	681 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	682 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	683 if (stat(out_filename, &statbuf_out) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	684 if (errno != ENOENT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	685 warn("could not stat output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	686 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	687 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	688 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	689 } else if ((statbuf_in.st_ino == statbuf_out.st_ino) &&
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	690 (statbuf_in.st_dev == statbuf_out.st_dev)) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	691 need_tmpfile = 1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	692 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	693 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	694
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	695 if (need_tmpfile) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	696 out_filename_tmp = strdup(out_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	697 if (out_filename_tmp == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	698 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	699 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	700 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	701 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	702 out_dir = dirname(out_filename_tmp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	703 len = snprintf(NULL, 0, "%s/sencryptXXXXXX", out_dir);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	704 if (len < 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	705 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	706 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	707 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	708 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	709 tmp_filename = malloc((size_t)len + 1);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	710 if (tmp_filename == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	711 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	712 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	713 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	714 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	715 if (snprintf(tmp_filename, (size_t)len + 1,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	716 "%s/sencryptXXXXXX", out_dir) != len) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	717 warn(NULL);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	718 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	719 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	720 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	721 old_mode = umask(077);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	722 fd_tmp = mkstemp(tmp_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	723 umask(old_mode);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	724 if (fd_tmp == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	725 warn("could not create temporary file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	726 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	727 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	728 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	729 fp_tmp = fdopen(fd_tmp, "w");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	730 if (fp_tmp == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	731 warn("could not open temporary file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	732 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	733 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	734 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	735 fd_tmp = -1;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	736 bio_out = BIO_new_fp(fp_tmp, BIO_CLOSE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	737 if (bio_out == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	738 warnx("could not open temporary file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	739 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	740 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	741 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	742 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	743 fp_tmp = NULL;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	744 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	745 old_mode = umask(077);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	746 bio_out = BIO_new_file(out_filename, "w");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	747 umask(old_mode);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	748 if (bio_out == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	749 warnx("could not open output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	750 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	751 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	752 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	753 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	754 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	755 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	756 bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	757 if (bio_out == NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	758 warnx("could not open output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	759 openssl_warn();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	760 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	761 goto out;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	762 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	763 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	764
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	765 if (cmd == CMD_SENCRYPT) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	766 if (sencrypt(cipher, bio_in, bio_out, key, key_len,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	767 iv, salt) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	768 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	769 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	770 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	771 if (sdecrypt(cipher, bio_in, bio_out, key, key_len,
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	772 iv) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	773 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	774 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	775 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	776
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	777 out:
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	778 OPENSSL_cleanse(pwdata, pwdata_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	779 OPENSSL_cleanse(key, key_len);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	780
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	781 if (fd_tmp != -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	782 close(fd_tmp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	783 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	784
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	785 if (fp_tmp != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	786 fclose(fp_tmp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	787 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	788
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	789 if (bio_in != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	790 BIO_free_all(bio_in);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	791 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	792
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	793 if (bio_out != NULL) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	794 BIO_free_all(bio_out);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	795
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	796 if (status == 0) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	797 if (need_tmpfile) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	798 if (rename(tmp_filename, out_filename) == -1) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	799 warn("could not create output file");
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	800 status = EXIT_FAILURE;
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	801 unlink(tmp_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	802 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	803 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	804 } else {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	805 if (need_tmpfile) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	806 unlink(tmp_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	807 } else if (oflag) {
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	808 unlink(out_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	809 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	810 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	811 }
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	812
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	813 free(out_filename_tmp);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	814 free(tmp_filename);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	815
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	816 EVP_cleanup();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	817 ERR_free_strings();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	818 CONF_modules_free();
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	819
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	820 exit(status);
73af139d1a94 Initial revision Guido Berhoerster <guido+sencrypt@berhoerster.name> parents: diff changeset	821 }

Mercurial > projects > sencrypt

annotate sencrypt.c @ 10:8e9dd5328b5a