mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-23 18:13:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fetch cipher after loading providers

Browse Source 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14135)
This commit is contained in:
Rich Salz 2021-02-08 14:20:01 -05:00 committed by Pauli
parent d0190e1163
commit 03bbd346f4
12 changed files with 92 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
apps/cms.c
View File

@ -289,7 +289,8 @@ int cms_main(int argc, char **argv)
char *certsoutfile = NULL, *digestname = NULL;
int noCAfile = 0, noCApath = 0, noCAstore = 0;
char *infile = NULL, *outfile = NULL, *rctfile = NULL;
char *passinarg = NULL, *passin = NULL, *signerfile = NULL, *originatorfile = NULL, *recipfile = NULL;
char *passinarg = NULL, *passin = NULL, *signerfile = NULL;
char *originatorfile = NULL, *recipfile = NULL, *ciphername = NULL;
char *to = NULL, *from = NULL, *subject = NULL, *prog;
cms_key_param *key_first = NULL, *key_param = NULL;
int flags = CMS_DETACHED, noout = 0, print = 0, keyidx = -1, vpmtouched = 0;
@ -624,8 +625,7 @@ int cms_main(int argc, char **argv)
}
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &cipher))
goto end;
ciphername = opt_unknown();
break;
case OPT_KEYOPT:
keyidx = -1;
@ -698,8 +698,14 @@ int cms_main(int argc, char **argv)
}
}
app_RAND_load();
if (digestname != NULL && !opt_md(digestname, &sign_md))
goto end;
if (digestname != NULL) {
if (!opt_md(digestname, &sign_md))
goto end;
}
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto end;
}
/* Remaining args are files to process. */
argc = opt_num_rest();

6
apps/crl.c
View File

@ -207,8 +207,10 @@ int crl_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
if (digestname != NULL && !opt_md(digestname, &digest))
goto opthelp;
if (digestname != NULL) {
if (!opt_md(digestname, &digest))
goto opthelp;
}
x = load_crl(infile, "CRL");
if (x == NULL)
goto end;

9
apps/dsa.c
View File

@ -87,7 +87,7 @@ int dsa_main(int argc, char **argv)
int modulus = 0, pubin = 0, pubout = 0, ret = 1;
int pvk_encr = DEFAULT_PVK_ENCR_STRENGTH;
int private = 0;
const char *output_type = NULL;
const char *output_type = NULL, *ciphername = NULL;
const char *output_structure = NULL;
int selection = 0;
OSSL_ENCODER_CTX *ectx = NULL;
@ -151,8 +151,7 @@ int dsa_main(int argc, char **argv)
pubout = 1;
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc))
goto end;
ciphername = opt_unknown();
break;
case OPT_PROV_CASES:
if (!opt_provider(o))
@ -166,6 +165,10 @@ int dsa_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;
}
private = pubin || pubout ? 0 : 1;
if (text && !pubin)
private = 1;

9
apps/ec.c
View File

@ -70,7 +70,7 @@ int ec_main(int argc, char **argv)
BIO *in = NULL, *out = NULL;
ENGINE *e = NULL;
const EVP_CIPHER *enc = NULL;
char *infile = NULL, *outfile = NULL, *prog;
char *infile = NULL, *outfile = NULL, *ciphername = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
OPTION_CHOICE o;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0;
@ -131,8 +131,7 @@ int ec_main(int argc, char **argv)
e = setup_engine(opt_arg(), 0);
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc))
goto opthelp;
ciphername = opt_unknown();
break;
case OPT_CONV_FORM:
point_format = opt_arg();
@ -162,6 +161,10 @@ int ec_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto opthelp;
}
private = param_out || pubin || pubout ? 0 : 1;
if (text && !pubin)
private = 1;

11
apps/gendsa.c
View File

@ -57,7 +57,7 @@ int gendsa_main(int argc, char **argv)
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
const EVP_CIPHER *enc = NULL;
char *dsaparams = NULL;
char *dsaparams = NULL, *ciphername = NULL;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog;
OPTION_CHOICE o;
int ret = 1, private = 0, verbose = 0;
@ -93,8 +93,7 @@ int gendsa_main(int argc, char **argv)
goto end;
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc))
goto end;
ciphername = opt_unknown();
break;
case OPT_VERBOSE:
verbose = 1;
@ -107,9 +106,13 @@ int gendsa_main(int argc, char **argv)
argv = opt_rest();
if (argc != 1)
goto opthelp;
dsaparams = argv[0];
app_RAND_load();
dsaparams = argv[0];
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;
}
private = 1;
if (!app_passwd(NULL, passoutarg, NULL, &passout)) {

9
apps/genrsa.c
View File

@ -86,7 +86,7 @@ int genrsa_main(int argc, char **argv)
int ret = 1, num = DEFBITS, private = 0, primes = DEFPRIMES;
unsigned long f4 = RSA_F4;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL;
char *prog, *hexe, *dece;
char *prog, *hexe, *dece, *ciphername = NULL;
OPTION_CHOICE o;
int traditional = 0;
@ -131,8 +131,7 @@ opthelp:
passoutarg = opt_arg();
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc))
goto end;
ciphername = opt_unknown();
break;
case OPT_PRIMES:
if (!opt_int(opt_arg(), &primes))
@ -166,6 +165,10 @@ opthelp:
app_RAND_load();
private = 1;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;
}
if (!app_passwd(NULL, passoutarg, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");
goto end;

21
apps/lib/app_rand.c
View File

@ -14,7 +14,7 @@
#include <openssl/conf.h>
static char *save_rand_file;
static char *load_rand_file;
static char *files_to_load;
void app_RAND_load_conf(CONF *c, const char *section)
{
@ -34,30 +34,33 @@ void app_RAND_load_conf(CONF *c, const char *section)
int app_RAND_load(void)
{
char *p;
char *p, *save;
int last, ret = 1;
if (load_rand_file == NULL)
if (files_to_load == NULL)
return 1;
save = files_to_load;
for ( ; ; ) {
last = 0;
for (p = load_rand_file; *p != '\0' && *p != LIST_SEPARATOR_CHAR; p++)
for (p = files_to_load; *p != '\0' && *p != LIST_SEPARATOR_CHAR; p++)
continue;
if (*p == '\0')
last = 1;
*p = '\0';
if (RAND_load_file(load_rand_file, -1) < 0) {
BIO_printf(bio_err, "Can't load %s into RNG\n", load_rand_file);
if (RAND_load_file(files_to_load, -1) < 0) {
BIO_printf(bio_err, "Can't load %s into RNG\n", files_to_load);
ERR_print_errors(bio_err);
ret = 0;
}
if (last)
break;
load_rand_file = p + 1;
if (*load_rand_file == '\0')
files_to_load = p + 1;
if (*files_to_load == '\0')
break;
}
files_to_load = NULL;
OPENSSL_free(save);
return ret;
}
@ -86,7 +89,7 @@ int opt_rand(int opt)
case OPT_R__LAST:
break;
case OPT_R_RAND:
load_rand_file = opt_arg();
files_to_load = opt_arg();
break;
case OPT_R_WRITERAND:
OPENSSL_free(save_rand_file);

25
apps/pkcs12.c
View File

@ -145,7 +145,7 @@ const OPTIONS pkcs12_options[] = {
int pkcs12_main(int argc, char **argv)
{
char *infile = NULL, *outfile = NULL, *keyname = NULL, *certfile = NULL;
char *untrusted = NULL;
char *untrusted = NULL, *ciphername = NULL, *enc_flag = NULL;
char *passcertsarg = NULL, *passcerts = NULL;
char *name = NULL, *csp_name = NULL;
char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = "";
@ -164,7 +164,6 @@ int pkcs12_main(int argc, char **argv)
BIO *in = NULL, *out = NULL;
PKCS12 *p12 = NULL;
STACK_OF(OPENSSL_STRING) *canames = NULL;
const char *enc_flag = NULL;
const EVP_CIPHER *const default_enc = EVP_aes_256_cbc();
const EVP_CIPHER *enc = default_enc;
OPTION_CHOICE o;
@ -220,10 +219,19 @@ int pkcs12_main(int argc, char **argv)
case OPT_EXPORT:
export_pkcs12 = 1;
break;
case OPT_NODES:
case OPT_NOENC:
/*
* |enc_flag| stores the name of the option used so it
* can be printed if an error message is output.
*/
enc_flag = opt_flag() + 1;
enc = NULL;
ciphername = NULL;
break;
case OPT_CIPHER:
ciphername = opt_unknown();
enc_flag = opt_unknown();
if (!opt_cipher(enc_flag, &enc))
goto opthelp;
break;
case OPT_ITER:
if (!opt_int(opt_arg(), &iter))
@ -246,11 +254,6 @@ int pkcs12_main(int argc, char **argv)
case OPT_MACALG:
macalg = opt_arg();
break;
case OPT_NODES:
case OPT_NOENC:
enc_flag = opt_flag() + 1;
enc = NULL;
break;
case OPT_CERTPBE:
if (!set_pbe(&cert_pbe, opt_arg()))
goto opthelp;
@ -342,6 +345,10 @@ int pkcs12_main(int argc, char **argv)
goto opthelp;
app_RAND_load();
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto opthelp;
}
if (export_pkcs12) {
if ((options & INFO) != 0)
WARN_EXPORT("info");

9
apps/pkcs8.c
View File

@ -75,7 +75,7 @@ int pkcs8_main(int argc, char **argv)
PKCS8_PRIV_KEY_INFO *p8inf = NULL;
X509_SIG *p8 = NULL;
const EVP_CIPHER *cipher = NULL;
char *infile = NULL, *outfile = NULL;
char *infile = NULL, *outfile = NULL, *ciphername = NULL;
char *passinarg = NULL, *passoutarg = NULL, *prog;
#ifndef OPENSSL_NO_UI_CONSOLE
char pass[APP_PASS_LEN];
@ -136,8 +136,7 @@ int pkcs8_main(int argc, char **argv)
traditional = 1;
break;
case OPT_V2:
if (!opt_cipher(opt_arg(), &cipher))
goto opthelp;
ciphername = opt_arg();
break;
case OPT_V1:
pbe_nid = OBJ_txt2nid(opt_arg());
@ -201,6 +200,10 @@ int pkcs8_main(int argc, char **argv)
private = 1;
app_RAND_load();
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
}
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");

9
apps/pkey.c
View File

@ -73,7 +73,7 @@ int pkey_main(int argc, char **argv)
EVP_PKEY_CTX *ctx = NULL;
const EVP_CIPHER *cipher = NULL;
char *infile = NULL, *outfile = NULL, *passin = NULL, *passout = NULL;
char *passinarg = NULL, *passoutarg = NULL, *prog;
char *passinarg = NULL, *passoutarg = NULL, *ciphername = NULL, *prog;
OPTION_CHOICE o;
int informat = FORMAT_PEM, outformat = FORMAT_PEM;
int pubin = 0, pubout = 0, text_pub = 0, text = 0, noout = 0, ret = 1;
@ -143,8 +143,7 @@ int pkey_main(int argc, char **argv)
pub_check = 1;
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &cipher))
goto opthelp;
ciphername = opt_unknown();
break;
case OPT_EC_CONV_FORM:
#ifdef OPENSSL_NO_EC
@ -187,6 +186,10 @@ int pkey_main(int argc, char **argv)
"Warning: The -traditional is ignored since there is no PEM output\n");
private = (!noout && !pubout) || (text && !text_pub);
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
}
if (cipher == NULL) {
if (passoutarg != NULL)
BIO_printf(bio_err,

9
apps/rsa.c
View File

@ -93,7 +93,7 @@ int rsa_main(int argc, char **argv)
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx;
const EVP_CIPHER *enc = NULL;
char *infile = NULL, *outfile = NULL, *prog;
char *infile = NULL, *outfile = NULL, *ciphername = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
int private = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0;
@ -171,8 +171,7 @@ int rsa_main(int argc, char **argv)
check = 1;
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc))
goto opthelp;
ciphername = opt_unknown();
break;
case OPT_PROV_CASES:
if (!opt_provider(o))
@ -189,6 +188,10 @@ int rsa_main(int argc, char **argv)
if (argc != 0)
goto opthelp;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto opthelp;
}
private = (text && !pubin) || (!pubout && !noout) ? 1 : 0;
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {

9
apps/smime.c
View File

@ -146,7 +146,7 @@ int smime_main(int argc, char **argv)
char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
char *infile = NULL, *outfile = NULL, *signerfile = NULL, *recipfile = NULL;
char *passinarg = NULL, *passin = NULL, *to = NULL, *from = NULL;
char *subject = NULL, *digestname = NULL;
char *subject = NULL, *digestname = NULL, *ciphername = NULL;
OPTION_CHOICE o;
int noCApath = 0, noCAfile = 0, noCAstore = 0;
int flags = PKCS7_DETACHED, operation = 0, ret = 0, indef = 0;
@ -297,8 +297,7 @@ int smime_main(int argc, char **argv)
digestname = opt_arg();
break;
case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &cipher))
goto opthelp;
ciphername = opt_unknown();
break;
case OPT_INKEY:
/* If previous -inkey argument add signer to list */
@ -365,6 +364,10 @@ int smime_main(int argc, char **argv)
if (!opt_md(digestname, &sign_md))
goto opthelp;
}
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
}
if (!(operation & SMIME_SIGNERS) && (skkeys != NULL || sksigners != NULL)) {
BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
goto opthelp;