int main(int argc, char** argv) { int ret = 0, option = 0, long_index = 0; int i; if (argc == 1) { printf("Main Help.\n"); wolfCLU_help(); } /* flexibility: allow users to input any CAPS or lower case, * we will do all processing on lower case only. */ for (i = 0; i < argc; i++) { convert_to_lower(argv[i], (int) XSTRLEN(argv[i])); } while ((option = getopt_long_only(argc, argv,"", long_options, &long_index )) != -1) { switch (option) { /* Encrypt */ case ENCRYPT: ret = wolfCLU_setup(argc, argv, 'e'); break; /* Decrypt */ case DECRYPT: ret = wolfCLU_setup(argc, argv, 'd');; break; /* Benchmark */ case BENCHMARK:ret = wolfCLU_benchSetup(argc, argv); break; /* Hash */ case HASH: ret = wolfCLU_hashSetup(argc, argv); break; /* x509 Certificate processing */ case X509: ret = wolfCLU_certSetup(argc, argv); break; /* x509 Certificate request */ case REQUEST: ret = wolfCLU_requestSetup(argc, argv); break; /* Ignore the following arguments for now. Will be handled by their respective * setups IE Crypto setup, Benchmark setup, or Hash Setup */ /* File passed in by user */ case INFILE: break; /* Output file */ case OUTFILE: break; /* Password */ case PASSWORD: break; /* Key if used must be in hex */ case KEY: break; /* IV if used must be in hex */ case IV: break; /* Opt to benchmark all available algorithms */ case ALL: break; /* size for hash to output */ case SIZE: break; /* Time to benchmark for 1-10 seconds optional default: 3s */ case TIME: break; /* Verify results, used with -iv and -key */ case VERIFY: break; /* Certificate Stuff*/ case INFORM: break; case OUTFORM: break; case NOOUT: break; case TEXT_OUT: break; case SILENT: break; case HELP1: if (argc == 2) { printf("Main help menu:\n"); wolfCLU_help(); return 0; } break; case HELP2: if (argc == 2) { printf("Main help menu:\n"); wolfCLU_help(); return 0; } break; /* which version of clu am I using */ case VERBOSE: wolfCLU_verboseHelp(); return 0; /*End of ignored arguments */ case 'v': wolfCLU_version(); return 0; default: printf("Main help default.\n"); wolfCLU_help(); return 0; } } if (ret != 0) printf("Error returned: %d.\n", ret); return ret; }
int wolfCLU_setup(int argc, char** argv, char action) { char outNameE[256]; /* default outFile for encrypt */ char outNameD[256]; /* default outfile for decrypt */ char inName[256]; /* name of the in File if not provided */ char* name = NULL; /* string of algorithm, mode, keysize */ char* alg = NULL; /* algorithm from name */ char* mode = NULL; /* mode from name */ char* out = outNameE; /* default output file name */ char* in = inName; /* default in data */ byte* pwdKey = NULL; /* password for generating pwdKey */ byte* key = NULL; /* user set key NOT PWDBASED */ byte* iv = NULL; /* iv for initial encryption */ int size = 0; /* keysize from name */ int ret = 0; /* return variable */ int block = 0; /* block size based on algorithm */ int pwdKeyChk = 0; /* if a pwdKey has been provided */ int ivCheck = 0; /* if the user sets the IV explicitly */ int keyCheck = 0; /* if ivCheck is 1 this should be set also */ int inCheck = 0; /* if input has been provided */ int outCheck = 0; /* if output has been provided */ int i = 0; /* loop counter */ int eCheck = 0; /* if user is encrypting data */ int dCheck = 0; /* if user is decrypting data */ int inputHex = 0; /* if user is encrypting hexidecimal stuff */ int keyType = 0; /* tells Decrypt which key it will be using * 1 = password based key, 2 = user set key */ word32 ivSize = 0; /* IV if provided should be 2*block */ word32 numBits = 0; /* number of bits in argument from the user */ if (action == 'e') eCheck = 1; if (action == 'd') dCheck = 1; for (i = 2; i < argc; i++) { if (XSTRNCMP(argv[i], "-help", 5) == 0 || XSTRNCMP(argv[i], "-h", 2) == 0) { if (eCheck == 1) { /*wolfCLU_encryptHelp*/ wolfCLU_encryptHelp(); return 0; } else { /*wolfCLU_decryptHelp*/ wolfCLU_decryptHelp(); return 0; } } } name = argv[2]; /* gets blocksize, algorithm, mode, and key size from name argument */ block = wolfCLU_getAlgo(name, &alg, &mode, &size); if (block != FATAL_ERROR) { pwdKey = (byte*) XMALLOC(size, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (pwdKey == NULL) return MEMORY_E; iv = (byte*) XMALLOC(block, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (iv == NULL) { wolfCLU_freeBins(pwdKey, NULL, NULL, NULL, NULL); return MEMORY_E; } key = (byte*) XMALLOC(size, HEAP_HINT, DYNAMIC_TYPE_TMP_BUFFER); if (key == NULL) { wolfCLU_freeBins(pwdKey, iv, NULL, NULL, NULL); return MEMORY_E; } /* Start at the third flag entered */ i = 3; do { if (argv[i] == NULL){ break; } else if (XSTRNCMP(argv[i], "-out", 4) == 0 && argv[i+1] != NULL) { /* output file */ out = argv[i+1]; outCheck = 1; i+=2; /* it is mandatory that this be set last */ continue; } else if (XSTRNCMP(argv[i], "-in", 3) == 0 && argv[i+1] != NULL) { /* input file/text */ in = argv[i+1]; inCheck = 1; /* continue while out check not equal 1 */ i+=2; continue; } else if (XSTRNCMP(argv[i], "-pwd", 4) == 0 && argv[i+1] != NULL) { /* password pwdKey */ XMEMCPY(pwdKey, argv[i+1], size); pwdKeyChk = 1; keyType = 1; i+=2; continue; } else if (XSTRNCMP(argv[i], "-verify", 7) == 0) { /* using hexidecimal format */ inputHex = 1; i++; continue; } else if (XSTRNCMP(argv[i], "-iv", 3) == 0 && argv[i+1] != NULL) { /* iv for encryption */ if (pwdKeyChk == 1) { printf("Invalid option, attempting to use IV with password" " based key."); wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); return FATAL_ERROR; } ivSize = block*2; if (XSTRLEN(argv[i+1]) != ivSize) { printf("Invalid IV. Must match algorithm block size.\n"); printf("Invalid IV size was: %d.\n", (int) strlen(argv[i+1])); printf("size of IV expected was: %d.\n", ivSize); wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); return FATAL_ERROR; } else { char ivString[XSTRLEN(argv[i+1])]; XSTRNCPY(ivString, argv[i+1], XSTRLEN(argv[i+1])); ret = wolfCLU_hexToBin(ivString, &iv, &ivSize, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL); if (ret != 0) { printf("failed during conversion of IV, ret = %d\n", ret); wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); return -1; } ivCheck = 1; i+=2; continue; } } else if (XSTRNCMP(argv[i], "-key", 4) == 0 && argv[i+1] != NULL) { /* 2 characters = 1 byte. 1 byte = 8 bits * number of characters / 2 = bytes * bytes * 8 = bits */ numBits = (int) (XSTRLEN(argv[i+1]) / 2 ) * 8; /* Key for encryption */ if ((int)numBits != size) { printf("Length of key provided was: %d.\n", numBits); printf("Length of key expected was: %d.\n", size); printf("Invalid Key. Must match algorithm key size.\n"); wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); return FATAL_ERROR; } else { char keyString[strlen(argv[i+1])]; XSTRNCPY(keyString, argv[i+1], XSTRLEN(argv[i+1])); ret = wolfCLU_hexToBin(keyString, &key, &numBits, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL); if (ret != 0) { printf("failed during conversion of Key, ret = %d\n", ret); wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); return -1; } keyCheck = 1; keyType = 2; i+=2; continue; } } else { i++; continue; } }while(i < 15); if (pwdKeyChk == 0 && keyCheck == 0) { if (dCheck == 1) { printf("\nDECRYPT ERROR:\n"); printf("Please type \"wolfssl -decrypt -help\" for decryption" " usage \n\n"); return 0; } /* if no pwdKey is provided */ else { printf("No -pwd flag set, please enter a password to use for" " encrypting.\n"); printf("Write your password down so you don't forget it.\n"); ret = wolfCLU_noEcho((char*)pwdKey, size); pwdKeyChk = 1; } } if (inCheck == 0 && eCheck == 1) { ret = 0; while (ret == 0) { printf("-in flag was not set, please enter a string or\n" "file name to be encrypted: "); ret = (int) scanf("%s", inName); } in = inName; /* if no input is provided */ printf("Ok, We will encrypt:\"%s\" for you.\n", inName); inCheck = 1; } if (eCheck == 1 && dCheck == 1) { printf("You want to encrypt and decrypt simultaneously? That is" "not possible...\n"); wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); return FATAL_ERROR; } if (inCheck == 0 && dCheck == 1) { printf("We are so sorry but you must specify what it is you are " "trying to decrypt.\n"); wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); return FATAL_ERROR; } if (ivCheck == 1) { if (keyCheck == 0) { printf("-iv was explicitly set, but no -key was set. User\n" " needs to provide a non-password based key when setting" " the -iv flag.\n"); wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); return FATAL_ERROR; } } if (pwdKeyChk == 1 && keyCheck == 1) { XMEMSET(pwdKey, 0, size); } /* encryption function call */ if (eCheck == 1) { printf("\n"); if (outCheck == 0) { ret = 0; while (ret == 0) { printf("Please enter a name for the output file: "); ret = (int) scanf("%s", outNameE); out = (ret > 0) ? outNameE : '\0'; } } ret = wolfCLU_encrypt(alg, mode, pwdKey, key, size, in, out, iv, block, ivCheck, inputHex); } /* decryption function call */ else if (dCheck == 1) { if (outCheck == 0) { ret = 0; while (ret == 0) { printf("Please enter a name for the output file: "); ret = (int) scanf("%s", outNameD); out = (ret > 0) ? outNameD : '\0'; } } ret = wolfCLU_decrypt(alg, mode, pwdKey, key, size, in, out, iv, block, keyType); } else { wolfCLU_help(); } /* clear and free data */ XMEMSET(key, 0, size); XMEMSET(pwdKey, 0, size); XMEMSET(iv, 0, block); wolfCLU_freeBins(pwdKey, iv, key, NULL, NULL); } else ret = FATAL_ERROR; return ret; }
/* * verbose help function */ void wolfCLU_verboseHelp() { printf("\nwolfssl Command Line Utility version %3.1f\n\n", VERSION); /* hash options */ const char* algsenc[] = { /* list of acceptable algorithms */ "Algorithms:" #ifndef NO_MD5 ,"md5" #endif #ifndef NO_SHA ,"sha" #endif #ifndef NO_SHA256 ,"sha256" #endif #ifdef WOLFSSL_SHA384 ,"sha384" #endif #ifdef WOLFSSL_SHA512 ,"sha512" #endif #ifdef HAVE_BLAKE2 ,"blake2b" #endif #ifndef NO_CODING #ifdef WOLFSSL_BASE64_ENCODE ,"base64enc" #endif ,"base64dec" #endif }; /* benchmark options */ const char* algsother[] = { /* list of acceptable algorithms */ "ALGS: " #ifndef NO_AES , "aes-cbc" #endif #ifdef WOLFSSL_AES_COUNTER , "aes-ctr" #endif #ifndef NO_DES3 , "3des" #endif #ifdef HAVE_CAMELLIA , "camellia" #endif #ifndef NO_MD5 , "md5" #endif #ifndef NO_SHA , "sha" #endif #ifndef NO_SHA256 , "sha256" #endif #ifdef WOLFSSL_SHA384 , "sha384" #endif #ifdef WOLFSSL_SHA512 , "sha512" #endif #ifdef HAVE_BLAKE2 , "blake2b" #endif }; wolfCLU_help(); printf("Available En/De crypt Algorithms with current configure " "settings.\n\n"); #ifndef NO_AES printf("aes-cbc-128\t\taes-cbc-192\t\taes-cbc-256\n"); #endif #ifdef WOLFSSL_AES_COUNTER printf("aes-ctr-128\t\taes-ctr-192\t\taes-ctr-256\n"); #endif #ifndef NO_DES3 printf("3des-cbc-56\t\t3des-cbc-112\t\t3des-cbc-168\n"); #endif #ifdef HAVE_CAMELLIA printf("camellia-cbc-128\tcamellia-cbc-192\t" "camellia-cbc-256\n"); #endif printf("\n"); printf("Available hashing algorithms with current configure settings:\n\n"); for (i = 0; i < (int) sizeof(algsenc)/(int) sizeof(algsenc[0]); i++) { printf("%s\n", algsenc[i]); } printf("Available benchmark tests with current configure settings:\n"); printf("(-a to test all)\n\n"); for(i = 0; i < (int) sizeof(algsother)/(int) sizeof(algsother[0]); i++) { printf("%s\n", algsother[i]); } }
int wolfCLU_benchSetup(int argc, char** argv) { int ret = 0; /* return variable */ int time = 3; /* timer variable */ int i, j = 0; /* second loop variable */ char* algs[] = { /* list of acceptable algorithms */ #ifndef NO_AES "aes-cbc", #endif #ifdef WOLFSSL_AES_COUNTER "aes-ctr", #endif #ifndef NO_DES3 "3des", #endif #ifdef HAVE_CAMELLIA "camellia", #endif #ifndef NO_MD5 "md5", #endif #ifndef NO_SHA "sha", #endif #ifndef NO_SHA256 "sha256", #endif #ifdef WOLFSSL_SHA384 "sha384", #endif #ifdef WOLFSSL_SHA512 "sha512", #endif #ifdef HAVE_BLAKE2 "blake2b", #endif NULL /* terminal argument (also stops us from having an empty list) */ }; size_t algsSz = sizeof(algs) / sizeof(algs[0]) - 1; /* -1 to ignore NULL */ /* acceptable options */ int option[sizeof(algs) / sizeof(algs[0])] = {0}; /* acceptable option check */ int optionCheck = 0; ret = wolfCLU_checkForArg("-help", 5, argc, argv); if (ret > 0) { wolfCLU_benchHelp(); return 0; } ret = wolfCLU_checkForArg("-time", 5, argc, argv); if (ret > 0) { /* time for each test in seconds */ time = atoi(argv[ret+1]); if (time < 1 || time > 10) { printf("Invalid time, must be between 1-10. Using default" " of three seconds.\n"); time = 3; } } ret = wolfCLU_checkForArg("-all", 4, argc, argv); if (ret > 0) { /* perform all available tests */ for (j = 0; j < (int)algsSz; j++) { option[j] = 1; optionCheck = 1; } } /* pull as many of the algorithms out of the argv as posible */ for (i = 0; i < (int)algsSz; ++i) { ret = wolfCLU_checkForArg(algs[i], XSTRLEN(algs[i]), argc, argv); if (ret > 0) { option[i] = 1; optionCheck = 1; } } if (optionCheck != 1) { wolfCLU_help(); ret = 0; } else { /* benchmarking function */ printf("\nTesting for %d second(s)\n", time); ret = wolfCLU_benchmark(time, option); } return ret; }