addressed copilot comments

miyazakh · miyazakh · commit afa1d89f2560 · 2026-04-08T06:02:26.000+09:00
diff --git a/src/crypto/clu_crypto_setup.c b/src/crypto/clu_crypto_setup.c
@@ -346,11 +346,25 @@ int wolfCLU_setup(int argc, char** argv, char action)
         while (ret == 0) {
             WOLFCLU_LOG(WOLFCLU_L0,
                     "-in flag was not set, please enter a string or"
-                   "file name to be encrypted: ");
-            ret = (fgets(inName, sizeof(inName), stdin) != NULL) ? 1 : 0;
-            if (ret > 0) {
+                   " file name to be encrypted: ");
+            if (fgets(inName, sizeof(inName), stdin) == NULL) {
+                /* Failed to read input, continue */
+                continue;
+            }
+            /* If no newline is present, the line was too long. */
+            if (strchr(inName, '\n') == NULL) {
+                int ch;
+                do {
+                    ch = getchar();
+                } while (ch != '\n' && ch != EOF);
+            } else {
                 inName[strcspn(inName, "\n")] = '\0';
             }
+            /* Do not accept an empty string as valid input */
+            if (inName[0] == '\0') {
+                continue;
+            }
+            ret = 1;
         }
         in = inName;
         WOLFCLU_LOG(WOLFCLU_L0, "Encrypting :\"%s\"", inName);
@@ -400,12 +414,22 @@ int wolfCLU_setup(int argc, char** argv, char action)
                 while (ret == 0) {
                     WOLFCLU_LOG(WOLFCLU_L0,
                             "Please enter a name for the output file: ");
-                    ret = (fgets(outNameEnc, sizeof(outNameEnc), stdin) != NULL)
-                                     ? 1 : 0;
-                    if (ret > 0) {
+                    if (fgets(outNameEnc, sizeof(outNameEnc), stdin) == NULL) {
+                        continue;
+                    }
+                    if (strchr(outNameEnc, '\n') == NULL) {
+                        int ch;
+                        do {
+                            ch = getchar();
+                        } while (ch != '\n' && ch != EOF);
+                    } else {
                         outNameEnc[strcspn(outNameEnc, "\n")] = '\0';
                     }
-                    out = (ret > 0) ? outNameEnc : '\0';
+                    if (outNameEnc[0] == '\0') {
+                        continue;
+                    }
+                    out = outNameEnc;
+                    ret = 1;
                 }
             }
             ret = wolfCLU_encrypt(alg, mode, pwdKey, key, keySize, in, out,
@@ -426,12 +450,22 @@ int wolfCLU_setup(int argc, char** argv, char action)
                 while (ret == 0) {
                     WOLFCLU_LOG(WOLFCLU_L0,
                             "Please enter a name for the output file: ");
-                    ret = (fgets(outNameDec, sizeof(outNameDec), stdin) != NULL)
-                                                                     ? 1 : 0;
-                    if (ret > 0) {
+                    if (fgets(outNameDec, sizeof(outNameDec), stdin) == NULL) {
+                        continue;
+                    }
+                    if (strchr(outNameDec, '\n') == NULL) {
+                        int ch;
+                        do {
+                            ch = getchar();
+                        } while (ch != '\n' && ch != EOF);
+                    } else {
                         outNameDec[strcspn(outNameDec, "\n")] = '\0';
                     }
-                    out = (ret > 0) ? outNameDec : '\0';
+                    if (outNameDec[0] == '\0') {
+                        continue;
+                    }
+                    out = outNameDec;
+                    ret = 1;
                 }
             }
             ret = wolfCLU_decrypt(alg, mode, pwdKey, key, keySize, in, out,
diff --git a/tests/encrypt/enc-test.sh b/tests/encrypt/enc-test.sh
@@ -227,5 +227,45 @@ if [ $? -eq 0 ]; then
     rm -f test-cam-probe.enc test-cam-stdin.enc test-cam-stdin.dec
 fi
 
+# Test: inName empty line is rejected, re-prompt accepts valid filename
+printf "\ncerts/crl.der\n" | ./wolfssl enc -aes-128-cbc -out test-empty-in.enc -k "testpass" > /dev/null 2>&1
+if [ $? != 0 ]; then
+    echo "Failed: enc should accept filename after empty line on stdin (-in path)"
+    exit 99
+fi
+./wolfssl enc -d -aes-128-cbc -in test-empty-in.enc -out test-empty-in.dec -k "testpass" > /dev/null 2>&1
+diff certs/crl.der test-empty-in.dec > /dev/null 2>&1
+if [ $? != 0 ]; then
+    echo "Failed: enc/dec roundtrip mismatch after empty-line re-prompt (-in path)"
+    exit 99
+fi
+rm -f test-empty-in.enc test-empty-in.dec
+
+# Test: outNameEnc/outNameDec empty line is rejected (non-EVP path, Camellia)
+./wolfssl enc -camellia-128-cbc -in certs/crl.der -out test-cam-probe2.enc -k "testpass" > /dev/null 2>&1
+if [ $? -eq 0 ]; then
+    rm -f test-cam-probe2.enc
+
+    # outNameEnc: empty line rejected, then valid output name accepted
+    printf "\ntest-cam-empty.enc\n" | ./wolfssl enc -camellia-128-cbc -in certs/crl.der -k "testpass" > /dev/null 2>&1
+    if [ $? != 0 ]; then
+        echo "Failed: Camellia enc should accept output name after empty line (outNameEnc)"
+        exit 99
+    fi
+
+    # outNameDec: empty line rejected, then valid output name accepted
+    printf "\ntest-cam-empty.dec\n" | ./wolfssl enc -d -camellia-128-cbc -in test-cam-empty.enc -k "testpass" > /dev/null 2>&1
+    if [ $? != 0 ]; then
+        echo "Failed: Camellia dec should accept output name after empty line (outNameDec)"
+        exit 99
+    fi
+    diff certs/crl.der test-cam-empty.dec > /dev/null 2>&1
+    if [ $? != 0 ]; then
+        echo "Failed: enc/dec roundtrip mismatch after empty-line re-prompt (outNameEnc/Dec)"
+        exit 99
+    fi
+    rm -f test-cam-empty.enc test-cam-empty.dec
+fi
+
 echo "Done"
 exit 0
