diff --git a/apps/enc.c b/apps/enc.c index 387cfe2f1..6531c58c5 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -92,7 +92,7 @@ int MAIN(int argc, char **argv) int ret=1,inl; unsigned char key[24],iv[MD5_DIGEST_LENGTH]; unsigned char salt[PKCS5_SALT_LEN]; - char *str=NULL; + char *str=NULL, *passarg = NULL, *pass = NULL; char *hkey=NULL,*hiv=NULL,*hsalt = NULL; int enc=1,printkey=0,i,base64=0; int debug=0,olb64=0,nosalt=0; @@ -136,6 +136,11 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; outf= *(++argv); } + else if (strcmp(*argv,"-pass") == 0) + { + if (--argc < 1) goto bad; + passarg= *(++argv); + } else if (strcmp(*argv,"-d") == 0) enc=0; else if (strcmp(*argv,"-p") == 0) @@ -226,7 +231,8 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"options are\n"); BIO_printf(bio_err,"%-14s input file\n","-in "); - BIO_printf(bio_err,"%-14s output fileencrypt\n","-out "); + BIO_printf(bio_err,"%-14s output file\n","-out "); + BIO_printf(bio_err,"%-14s pass phrase source\n","-pass "); BIO_printf(bio_err,"%-14s encrypt\n","-e"); BIO_printf(bio_err,"%-14s decrypt\n","-d"); BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64"); @@ -371,6 +377,14 @@ bad: } } + if(!str && passarg) { + if(!app_passwd(bio_err, passarg, NULL, &pass, NULL)) { + BIO_printf(bio_err, "Error getting password\n"); + goto end; + } + str = pass; + } + if ((str == NULL) && (cipher != NULL) && (hkey == NULL)) { for (;;) @@ -573,6 +587,7 @@ end: if (out != NULL) BIO_free(out); if (benc != NULL) BIO_free(benc); if (b64 != NULL) BIO_free(b64); + if(pass) Free(pass); EXIT(ret); } diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod index 349fca00f..e436ccc37 100644 --- a/doc/apps/enc.pod +++ b/doc/apps/enc.pod @@ -9,6 +9,7 @@ enc - symmetric cipher routines B [B<-in filename>] [B<-out filename>] +[B<-pass arg>] [B<-e>] [B<-d>] [B<-a>] @@ -41,6 +42,11 @@ the input filename, standard input by default. the output filename, standard output by default. +=item B<-pass arg> + +the password source. For more information about the format of B +see the B section in L. + =item B<-salt> use a salt in the key derivation routines. This option should B @@ -73,11 +79,14 @@ if the B<-a> option is set then base64 process the data on one line. =item B<-k password> -the password to derive the key from. +the password to derive the key from. This is for compatibility with previous +versions of OpenSSL. Superseded by the B<-pass> argument. =item B<-kfile filename> -read the password to derive the key from the first line of B +read the password to derive the key from the first line of B. +This is for computability with previous versions of OpenSSL. Superseded by +the B<-pass> argument. =item B<-S salt> diff --git a/util/libeay.num b/util/libeay.num index b70f65cd6..90742171f 100755 --- a/util/libeay.num +++ b/util/libeay.num @@ -2221,3 +2221,4 @@ ASN1_STRING_TABLE_add 2245 CRYPTO_dbg_get_options 2246 AUTHORITY_INFO_ACCESS_new 2247 CRYPTO_get_mem_debug_options 2248 +des_crypt 2249 diff --git a/util/mkdef.pl b/util/mkdef.pl index 06b942616..d288b5687 100755 --- a/util/mkdef.pl +++ b/util/mkdef.pl @@ -377,7 +377,6 @@ sub do_defs # Prune the returned functions delete $funcs{"SSL_add_dir_cert_subjects_to_stack"}; - delete $funcs{"des_crypt"}; delete $funcs{"RSA_PKCS1_RSAref"} unless $rsaref; if($W32) {