308 lines
12 KiB
C
308 lines
12 KiB
C
/* clu_crypto_setup.c
|
|
*
|
|
* Copyright (C) 2006-2017 wolfSSL Inc.
|
|
*
|
|
* This file is part of wolfSSL. (formerly known as CyaSSL)
|
|
*
|
|
* wolfSSL is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* wolfSSL is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
|
*/
|
|
|
|
#include "clu_include/clu_header_main.h"
|
|
|
|
int wolfCLU_setup(int argc, char** argv, char action)
|
|
{
|
|
char outNameE[256]; /* default outFile for encrypt */
|
|
char outNameD[256]; /* default outfile for decrypt */
|
|
char inName[256]; /* name of the in File if not provided */
|
|
|
|
char* name = NULL; /* string of algorithm, mode, keysize */
|
|
char* alg = NULL; /* algorithm from name */
|
|
char* mode = NULL; /* mode from name */
|
|
char* out = outNameE; /* default output file name */
|
|
char* in = inName; /* default in data */
|
|
byte* pwdKey = NULL; /* password for generating pwdKey */
|
|
byte* key = NULL; /* user set key NOT PWDBASED */
|
|
byte* iv = NULL; /* iv for initial encryption */
|
|
|
|
|
|
int size = 0; /* keysize from name */
|
|
int ret = 0; /* return variable */
|
|
int block = 0; /* block size based on algorithm */
|
|
int pwdKeyChk = 0; /* if a pwdKey has been provided */
|
|
int ivCheck = 0; /* if the user sets the IV explicitly */
|
|
int keyCheck = 0; /* if ivCheck is 1 this should be set also */
|
|
int inCheck = 0; /* if input has been provided */
|
|
int outCheck = 0; /* if output has been provided */
|
|
int i = 0; /* loop counter */
|
|
int eCheck = 0; /* if user is encrypting data */
|
|
int dCheck = 0; /* if user is decrypting data */
|
|
int inputHex = 0; /* if user is encrypting hexidecimal stuff */
|
|
int keyType = 0; /* tells Decrypt which key it will be using
|
|
* 1 = password based key, 2 = user set key
|
|
*/
|
|
word32 ivSize = 0; /* IV if provided should be 2*block */
|
|
word32 numBits = 0; /* number of bits in argument from the user */
|
|
|
|
if (action == 'e')
|
|
eCheck = 1;
|
|
if (action == 'd')
|
|
dCheck = 1;
|
|
|
|
for (i = 2; i < argc; i++) {
|
|
if (XSTRNCMP(argv[i], "-help", 5) == 0 || XSTRNCMP(argv[i], "-h", 2)
|
|
== 0) {
|
|
if (eCheck == 1) {
|
|
/*wolfCLU_encryptHelp*/
|
|
wolfCLU_encryptHelp();
|
|
return 0;
|
|
} else {
|
|
/*wolfCLU_decryptHelp*/
|
|
wolfCLU_decryptHelp();
|
|
return 0;
|
|
}
|
|
}
|
|
}
|
|
|
|
name = argv[2];
|
|
/* gets blocksize, algorithm, mode, and key size from name argument */
|
|
block = wolfCLU_getAlgo(name, &alg, &mode, &size);
|
|
|
|
if (block != FATAL_ERROR) {
|
|
pwdKey = (byte*) XMALLOC(size, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
|
if (pwdKey == NULL)
|
|
return MEMORY_E;
|
|
iv = (byte*) XMALLOC(block, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
|
if (iv == NULL) {
|
|
wolfCLU_freeBins(pwdKey, NULL, NULL, NULL, NULL);
|
|
return MEMORY_E;
|
|
}
|
|
key = (byte*) XMALLOC(size, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER);
|
|
if (key == NULL) {
|
|
wolfCLU_freeBins(pwdKey, iv, NULL, NULL, NULL);
|
|
return MEMORY_E;
|
|
}
|
|
|
|
/* Start at the third flag entered */
|
|
i = 3;
|
|
do {
|
|
if (argv[i] == NULL){
|
|
break;
|
|
}
|
|
else if (XSTRNCMP(argv[i], "-out", 4) == 0 && argv[i+1] != NULL) {
|
|
/* output file */
|
|
out = argv[i+1];
|
|
outCheck = 1;
|
|
i+=2;
|
|
/* it is mandatory that this be set last */
|
|
continue;
|
|
}
|
|
|
|
else if (XSTRNCMP(argv[i], "-in", 3) == 0 && argv[i+1] != NULL) {
|
|
/* input file/text */
|
|
in = argv[i+1];
|
|
inCheck = 1;
|
|
/* continue while out check not equal 1 */
|
|
i+=2;
|
|
continue;
|
|
}
|
|
|
|
else if (XSTRNCMP(argv[i], "-pwd", 4) == 0 && argv[i+1] != NULL) {
|
|
/* password pwdKey */
|
|
XMEMCPY(pwdKey, argv[i+1], size);
|
|
pwdKeyChk = 1;
|
|
keyType = 1;
|
|
i+=2;
|
|
continue;
|
|
}
|
|
else if (XSTRNCMP(argv[i], "-verify", 7) == 0) {
|
|
/* using hexidecimal format */
|
|
inputHex = 1;
|
|
i++;
|
|
continue;
|
|
}
|
|
else if (XSTRNCMP(argv[i], "-iv", 3) == 0 && argv[i+1] != NULL) {
|
|
/* iv for encryption */
|
|
if (pwdKeyChk == 1) {
|
|
printf("Invalid option, attempting to use IV with password"
|
|
" based key.");
|
|
wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL);
|
|
return FATAL_ERROR;
|
|
}
|
|
ivSize = block*2;
|
|
if (XSTRLEN(argv[i+1]) != ivSize) {
|
|
printf("Invalid IV. Must match algorithm block size.\n");
|
|
printf("Invalid IV size was: %d.\n",
|
|
(int) strlen(argv[i+1]));
|
|
printf("size of IV expected was: %d.\n", ivSize);
|
|
wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL);
|
|
return FATAL_ERROR;
|
|
}
|
|
else {
|
|
char ivString[XSTRLEN(argv[i+1])];
|
|
XSTRNCPY(ivString, argv[i+1], XSTRLEN(argv[i+1]));
|
|
ret = wolfCLU_hexToBin(ivString, &iv, &ivSize,
|
|
NULL, NULL, NULL,
|
|
NULL, NULL, NULL,
|
|
NULL, NULL, NULL);
|
|
if (ret != 0) {
|
|
printf("failed during conversion of IV, ret = %d\n",
|
|
ret);
|
|
wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL);
|
|
return -1;
|
|
}
|
|
ivCheck = 1;
|
|
i+=2;
|
|
continue;
|
|
}
|
|
}
|
|
else if (XSTRNCMP(argv[i], "-key", 4) == 0 && argv[i+1] != NULL) {
|
|
/* 2 characters = 1 byte. 1 byte = 8 bits
|
|
* number of characters / 2 = bytes
|
|
* bytes * 8 = bits
|
|
*/
|
|
numBits = (int) (XSTRLEN(argv[i+1]) / 2 ) * 8;
|
|
/* Key for encryption */
|
|
if ((int)numBits != size) {
|
|
printf("Length of key provided was: %d.\n", numBits);
|
|
printf("Length of key expected was: %d.\n", size);
|
|
printf("Invalid Key. Must match algorithm key size.\n");
|
|
wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL);
|
|
return FATAL_ERROR;
|
|
}
|
|
else {
|
|
char keyString[strlen(argv[i+1])];
|
|
XSTRNCPY(keyString, argv[i+1], XSTRLEN(argv[i+1]));
|
|
ret = wolfCLU_hexToBin(keyString, &key, &numBits,
|
|
NULL, NULL, NULL,
|
|
NULL, NULL, NULL,
|
|
NULL, NULL, NULL);
|
|
if (ret != 0) {
|
|
printf("failed during conversion of Key, ret = %d\n",
|
|
ret);
|
|
wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL);
|
|
return -1;
|
|
}
|
|
keyCheck = 1;
|
|
keyType = 2;
|
|
i+=2;
|
|
continue;
|
|
}
|
|
}
|
|
else {
|
|
i++; continue;
|
|
}
|
|
|
|
}while(i < 15);
|
|
|
|
if (pwdKeyChk == 0 && keyCheck == 0) {
|
|
if (dCheck == 1) {
|
|
printf("\nDECRYPT ERROR:\n");
|
|
printf("Please type \"wolfssl -decrypt -help\" for decryption"
|
|
" usage \n\n");
|
|
return 0;
|
|
}
|
|
/* if no pwdKey is provided */
|
|
else {
|
|
printf("No -pwd flag set, please enter a password to use for"
|
|
" encrypting.\n");
|
|
printf("Write your password down so you don't forget it.\n");
|
|
ret = wolfCLU_noEcho((char*)pwdKey, size);
|
|
pwdKeyChk = 1;
|
|
}
|
|
}
|
|
|
|
if (inCheck == 0 && eCheck == 1) {
|
|
ret = 0;
|
|
while (ret == 0) {
|
|
printf("-in flag was not set, please enter a string or\n"
|
|
"file name to be encrypted: ");
|
|
ret = (int) scanf("%s", inName);
|
|
}
|
|
in = inName;
|
|
/* if no input is provided */
|
|
printf("Ok, We will encrypt:\"%s\" for you.\n", inName);
|
|
inCheck = 1;
|
|
}
|
|
|
|
if (eCheck == 1 && dCheck == 1) {
|
|
printf("You want to encrypt and decrypt simultaneously? That is"
|
|
"not possible...\n");
|
|
wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL);
|
|
return FATAL_ERROR;
|
|
}
|
|
|
|
if (inCheck == 0 && dCheck == 1) {
|
|
printf("We are so sorry but you must specify what it is you are "
|
|
"trying to decrypt.\n");
|
|
wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL);
|
|
return FATAL_ERROR;
|
|
}
|
|
|
|
if (ivCheck == 1) {
|
|
if (keyCheck == 0) {
|
|
printf("-iv was explicitly set, but no -key was set. User\n"
|
|
" needs to provide a non-password based key when setting"
|
|
" the -iv flag.\n");
|
|
wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL);
|
|
return FATAL_ERROR;
|
|
}
|
|
}
|
|
|
|
if (pwdKeyChk == 1 && keyCheck == 1) {
|
|
XMEMSET(pwdKey, 0, size);
|
|
}
|
|
|
|
/* encryption function call */
|
|
if (eCheck == 1) {
|
|
|
|
printf("\n");
|
|
if (outCheck == 0) {
|
|
ret = 0;
|
|
while (ret == 0) {
|
|
printf("Please enter a name for the output file: ");
|
|
ret = (int) scanf("%s", outNameE);
|
|
out = (ret > 0) ? outNameE : '\0';
|
|
}
|
|
}
|
|
ret = wolfCLU_encrypt(alg, mode, pwdKey, key, size, in, out,
|
|
iv, block, ivCheck, inputHex);
|
|
}
|
|
/* decryption function call */
|
|
else if (dCheck == 1) {
|
|
if (outCheck == 0) {
|
|
ret = 0;
|
|
while (ret == 0) {
|
|
printf("Please enter a name for the output file: ");
|
|
ret = (int) scanf("%s", outNameD);
|
|
out = (ret > 0) ? outNameD : '\0';
|
|
}
|
|
}
|
|
ret = wolfCLU_decrypt(alg, mode, pwdKey, key, size, in, out,
|
|
iv, block, keyType);
|
|
}
|
|
else {
|
|
wolfCLU_help();
|
|
}
|
|
/* clear and free data */
|
|
XMEMSET(key, 0, size);
|
|
XMEMSET(pwdKey, 0, size);
|
|
XMEMSET(iv, 0, block);
|
|
wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL);
|
|
}
|
|
else
|
|
ret = FATAL_ERROR;
|
|
return ret;
|
|
}
|