QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-04-29 19:24:37 +00:00
Code Issues Projects Releases Wiki Activity

Fetch cipher after loading providers

Browse Source 
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14135)
This commit is contained in:
Rich Salz 2021-02-08 14:20:01 -05:00 committed by Pauli
parent d0190e1163
commit 03bbd346f4
12 changed files with 92 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
apps/cms.c
View File

@ -289,7 +289,8 @@ int cms_main(int argc, char **argv)
char *certsoutfile = NULL, *digestname = NULL; char *certsoutfile = NULL, *digestname = NULL;
int noCAfile = 0, noCApath = 0, noCAstore = 0; int noCAfile = 0, noCApath = 0, noCAstore = 0;
char *infile = NULL, *outfile = NULL, *rctfile = NULL; char *infile = NULL, *outfile = NULL, *rctfile = NULL;
char *passinarg = NULL, *passin = NULL, *signerfile = NULL, *originatorfile = NULL, *recipfile = NULL; char *passinarg = NULL, *passin = NULL, *signerfile = NULL;
char *originatorfile = NULL, *recipfile = NULL, *ciphername = NULL;
char *to = NULL, *from = NULL, *subject = NULL, *prog; char *to = NULL, *from = NULL, *subject = NULL, *prog;
cms_key_param *key_first = NULL, *key_param = NULL; cms_key_param *key_first = NULL, *key_param = NULL;
int flags = CMS_DETACHED, noout = 0, print = 0, keyidx = -1, vpmtouched = 0; int flags = CMS_DETACHED, noout = 0, print = 0, keyidx = -1, vpmtouched = 0;
@ -624,8 +625,7 @@ int cms_main(int argc, char **argv)
} }
break; break;
case OPT_CIPHER: case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &cipher)) ciphername = opt_unknown();
goto end;
break; break;
case OPT_KEYOPT: case OPT_KEYOPT:
keyidx = -1; keyidx = -1;
@ -698,8 +698,14 @@ int cms_main(int argc, char **argv)
} }
} }
app_RAND_load(); app_RAND_load();
if (digestname != NULL && !opt_md(digestname, &sign_md)) if (digestname != NULL) {
goto end; if (!opt_md(digestname, &sign_md))
goto end;
}
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto end;
}
/* Remaining args are files to process. */ /* Remaining args are files to process. */
argc = opt_num_rest(); argc = opt_num_rest();

6
apps/crl.c
View File

@ -207,8 +207,10 @@ int crl_main(int argc, char **argv)
if (argc != 0) if (argc != 0)
goto opthelp; goto opthelp;
if (digestname != NULL && !opt_md(digestname, &digest)) if (digestname != NULL) {
goto opthelp; if (!opt_md(digestname, &digest))
goto opthelp;
}
x = load_crl(infile, "CRL"); x = load_crl(infile, "CRL");
if (x == NULL) if (x == NULL)
goto end; goto end;

9
apps/dsa.c
View File

@ -87,7 +87,7 @@ int dsa_main(int argc, char **argv)
int modulus = 0, pubin = 0, pubout = 0, ret = 1; int modulus = 0, pubin = 0, pubout = 0, ret = 1;
int pvk_encr = DEFAULT_PVK_ENCR_STRENGTH; int pvk_encr = DEFAULT_PVK_ENCR_STRENGTH;
int private = 0; int private = 0;
const char *output_type = NULL; const char *output_type = NULL, *ciphername = NULL;
const char *output_structure = NULL; const char *output_structure = NULL;
int selection = 0; int selection = 0;
OSSL_ENCODER_CTX *ectx = NULL; OSSL_ENCODER_CTX *ectx = NULL;
@ -151,8 +151,7 @@ int dsa_main(int argc, char **argv)
pubout = 1; pubout = 1;
break; break;
case OPT_CIPHER: case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc)) ciphername = opt_unknown();
goto end;
break; break;
case OPT_PROV_CASES: case OPT_PROV_CASES:
if (!opt_provider(o)) if (!opt_provider(o))
@ -166,6 +165,10 @@ int dsa_main(int argc, char **argv)
if (argc != 0) if (argc != 0)
goto opthelp; goto opthelp;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;
}
private = pubin || pubout ? 0 : 1; private = pubin || pubout ? 0 : 1;
if (text && !pubin) if (text && !pubin)
private = 1; private = 1;

9
apps/ec.c
View File

@ -70,7 +70,7 @@ int ec_main(int argc, char **argv)
BIO *in = NULL, *out = NULL; BIO *in = NULL, *out = NULL;
ENGINE *e = NULL; ENGINE *e = NULL;
const EVP_CIPHER *enc = NULL; const EVP_CIPHER *enc = NULL;
char *infile = NULL, *outfile = NULL, *prog; char *infile = NULL, *outfile = NULL, *ciphername = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL; char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
OPTION_CHOICE o; OPTION_CHOICE o;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0; int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, noout = 0;
@ -131,8 +131,7 @@ int ec_main(int argc, char **argv)
e = setup_engine(opt_arg(), 0); e = setup_engine(opt_arg(), 0);
break; break;
case OPT_CIPHER: case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc)) ciphername = opt_unknown();
goto opthelp;
break; break;
case OPT_CONV_FORM: case OPT_CONV_FORM:
point_format = opt_arg(); point_format = opt_arg();
@ -162,6 +161,10 @@ int ec_main(int argc, char **argv)
if (argc != 0) if (argc != 0)
goto opthelp; goto opthelp;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto opthelp;
}
private = param_out || pubin || pubout ? 0 : 1; private = param_out || pubin || pubout ? 0 : 1;
if (text && !pubin) if (text && !pubin)
private = 1; private = 1;

11
apps/gendsa.c
View File

@ -57,7 +57,7 @@ int gendsa_main(int argc, char **argv)
EVP_PKEY *pkey = NULL; EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL; EVP_PKEY_CTX *ctx = NULL;
const EVP_CIPHER *enc = NULL; const EVP_CIPHER *enc = NULL;
char *dsaparams = NULL; char *dsaparams = NULL, *ciphername = NULL;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog; char *outfile = NULL, *passoutarg = NULL, *passout = NULL, *prog;
OPTION_CHOICE o; OPTION_CHOICE o;
int ret = 1, private = 0, verbose = 0; int ret = 1, private = 0, verbose = 0;
@ -93,8 +93,7 @@ int gendsa_main(int argc, char **argv)
goto end; goto end;
break; break;
case OPT_CIPHER: case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc)) ciphername = opt_unknown();
goto end;
break; break;
case OPT_VERBOSE: case OPT_VERBOSE:
verbose = 1; verbose = 1;
@ -107,9 +106,13 @@ int gendsa_main(int argc, char **argv)
argv = opt_rest(); argv = opt_rest();
if (argc != 1) if (argc != 1)
goto opthelp; goto opthelp;
dsaparams = argv[0];
app_RAND_load(); app_RAND_load();
dsaparams = argv[0]; if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;
}
private = 1; private = 1;
if (!app_passwd(NULL, passoutarg, NULL, &passout)) { if (!app_passwd(NULL, passoutarg, NULL, &passout)) {

9
apps/genrsa.c
View File

@ -86,7 +86,7 @@ int genrsa_main(int argc, char **argv)
int ret = 1, num = DEFBITS, private = 0, primes = DEFPRIMES; int ret = 1, num = DEFBITS, private = 0, primes = DEFPRIMES;
unsigned long f4 = RSA_F4; unsigned long f4 = RSA_F4;
char *outfile = NULL, *passoutarg = NULL, *passout = NULL; char *outfile = NULL, *passoutarg = NULL, *passout = NULL;
char *prog, *hexe, *dece; char *prog, *hexe, *dece, *ciphername = NULL;
OPTION_CHOICE o; OPTION_CHOICE o;
int traditional = 0; int traditional = 0;
@ -131,8 +131,7 @@ opthelp:
passoutarg = opt_arg(); passoutarg = opt_arg();
break; break;
case OPT_CIPHER: case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc)) ciphername = opt_unknown();
goto end;
break; break;
case OPT_PRIMES: case OPT_PRIMES:
if (!opt_int(opt_arg(), &primes)) if (!opt_int(opt_arg(), &primes))
@ -166,6 +165,10 @@ opthelp:
app_RAND_load(); app_RAND_load();
private = 1; private = 1;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto end;
}
if (!app_passwd(NULL, passoutarg, NULL, &passout)) { if (!app_passwd(NULL, passoutarg, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n"); BIO_printf(bio_err, "Error getting password\n");
goto end; goto end;

21
apps/lib/app_rand.c
View File

@ -14,7 +14,7 @@
#include <openssl/conf.h> #include <openssl/conf.h>
static char *save_rand_file; static char *save_rand_file;
static char *load_rand_file; static char *files_to_load;
void app_RAND_load_conf(CONF *c, const char *section) void app_RAND_load_conf(CONF *c, const char *section)
{ {
@ -34,30 +34,33 @@ void app_RAND_load_conf(CONF *c, const char *section)
int app_RAND_load(void) int app_RAND_load(void)
{ {
char *p; char *p, *save;
int last, ret = 1; int last, ret = 1;
if (load_rand_file == NULL) if (files_to_load == NULL)
return 1; return 1;
save = files_to_load;
for ( ; ; ) { for ( ; ; ) {
last = 0; last = 0;
for (p = load_rand_file; *p != '\0' && *p != LIST_SEPARATOR_CHAR; p++) for (p = files_to_load; *p != '\0' && *p != LIST_SEPARATOR_CHAR; p++)
continue; continue;
if (*p == '\0') if (*p == '\0')
last = 1; last = 1;
*p = '\0'; *p = '\0';
if (RAND_load_file(load_rand_file, -1) < 0) { if (RAND_load_file(files_to_load, -1) < 0) {
BIO_printf(bio_err, "Can't load %s into RNG\n", load_rand_file); BIO_printf(bio_err, "Can't load %s into RNG\n", files_to_load);
ERR_print_errors(bio_err); ERR_print_errors(bio_err);
ret = 0; ret = 0;
} }
if (last) if (last)
break; break;
load_rand_file = p + 1; files_to_load = p + 1;
if (*load_rand_file == '\0') if (*files_to_load == '\0')
break; break;
} }
files_to_load = NULL;
OPENSSL_free(save);
return ret; return ret;
} }
@ -86,7 +89,7 @@ int opt_rand(int opt)
case OPT_R__LAST: case OPT_R__LAST:
break; break;
case OPT_R_RAND: case OPT_R_RAND:
load_rand_file = opt_arg(); files_to_load = opt_arg();
break; break;
case OPT_R_WRITERAND: case OPT_R_WRITERAND:
OPENSSL_free(save_rand_file); OPENSSL_free(save_rand_file);

25
apps/pkcs12.c
View File

@ -145,7 +145,7 @@ const OPTIONS pkcs12_options[] = {
int pkcs12_main(int argc, char **argv) int pkcs12_main(int argc, char **argv)
{ {
char *infile = NULL, *outfile = NULL, *keyname = NULL, *certfile = NULL; char *infile = NULL, *outfile = NULL, *keyname = NULL, *certfile = NULL;
char *untrusted = NULL; char *untrusted = NULL, *ciphername = NULL, *enc_flag = NULL;
char *passcertsarg = NULL, *passcerts = NULL; char *passcertsarg = NULL, *passcerts = NULL;
char *name = NULL, *csp_name = NULL; char *name = NULL, *csp_name = NULL;
char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = ""; char pass[PASSWD_BUF_SIZE] = "", macpass[PASSWD_BUF_SIZE] = "";
@ -164,7 +164,6 @@ int pkcs12_main(int argc, char **argv)
BIO *in = NULL, *out = NULL; BIO *in = NULL, *out = NULL;
PKCS12 *p12 = NULL; PKCS12 *p12 = NULL;
STACK_OF(OPENSSL_STRING) *canames = NULL; STACK_OF(OPENSSL_STRING) *canames = NULL;
const char *enc_flag = NULL;
const EVP_CIPHER *const default_enc = EVP_aes_256_cbc(); const EVP_CIPHER *const default_enc = EVP_aes_256_cbc();
const EVP_CIPHER *enc = default_enc; const EVP_CIPHER *enc = default_enc;
OPTION_CHOICE o; OPTION_CHOICE o;
@ -220,10 +219,19 @@ int pkcs12_main(int argc, char **argv)
case OPT_EXPORT: case OPT_EXPORT:
export_pkcs12 = 1; export_pkcs12 = 1;
break; break;
case OPT_NODES:
case OPT_NOENC:
/*
* |enc_flag| stores the name of the option used so it
* can be printed if an error message is output.
*/
enc_flag = opt_flag() + 1;
enc = NULL;
ciphername = NULL;
break;
case OPT_CIPHER: case OPT_CIPHER:
ciphername = opt_unknown();
enc_flag = opt_unknown(); enc_flag = opt_unknown();
if (!opt_cipher(enc_flag, &enc))
goto opthelp;
break; break;
case OPT_ITER: case OPT_ITER:
if (!opt_int(opt_arg(), &iter)) if (!opt_int(opt_arg(), &iter))
@ -246,11 +254,6 @@ int pkcs12_main(int argc, char **argv)
case OPT_MACALG: case OPT_MACALG:
macalg = opt_arg(); macalg = opt_arg();
break; break;
case OPT_NODES:
case OPT_NOENC:
enc_flag = opt_flag() + 1;
enc = NULL;
break;
case OPT_CERTPBE: case OPT_CERTPBE:
if (!set_pbe(&cert_pbe, opt_arg())) if (!set_pbe(&cert_pbe, opt_arg()))
goto opthelp; goto opthelp;
@ -342,6 +345,10 @@ int pkcs12_main(int argc, char **argv)
goto opthelp; goto opthelp;
app_RAND_load(); app_RAND_load();
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto opthelp;
}
if (export_pkcs12) { if (export_pkcs12) {
if ((options & INFO) != 0) if ((options & INFO) != 0)
WARN_EXPORT("info"); WARN_EXPORT("info");

9
apps/pkcs8.c
View File

@ -75,7 +75,7 @@ int pkcs8_main(int argc, char **argv)
PKCS8_PRIV_KEY_INFO *p8inf = NULL; PKCS8_PRIV_KEY_INFO *p8inf = NULL;
X509_SIG *p8 = NULL; X509_SIG *p8 = NULL;
const EVP_CIPHER *cipher = NULL; const EVP_CIPHER *cipher = NULL;
char *infile = NULL, *outfile = NULL; char *infile = NULL, *outfile = NULL, *ciphername = NULL;
char *passinarg = NULL, *passoutarg = NULL, *prog; char *passinarg = NULL, *passoutarg = NULL, *prog;
#ifndef OPENSSL_NO_UI_CONSOLE #ifndef OPENSSL_NO_UI_CONSOLE
char pass[APP_PASS_LEN]; char pass[APP_PASS_LEN];
@ -136,8 +136,7 @@ int pkcs8_main(int argc, char **argv)
traditional = 1; traditional = 1;
break; break;
case OPT_V2: case OPT_V2:
if (!opt_cipher(opt_arg(), &cipher)) ciphername = opt_arg();
goto opthelp;
break; break;
case OPT_V1: case OPT_V1:
pbe_nid = OBJ_txt2nid(opt_arg()); pbe_nid = OBJ_txt2nid(opt_arg());
@ -201,6 +200,10 @@ int pkcs8_main(int argc, char **argv)
private = 1; private = 1;
app_RAND_load(); app_RAND_load();
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
}
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) { if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n"); BIO_printf(bio_err, "Error getting passwords\n");

9
apps/pkey.c
View File

@ -73,7 +73,7 @@ int pkey_main(int argc, char **argv)
EVP_PKEY_CTX *ctx = NULL; EVP_PKEY_CTX *ctx = NULL;
const EVP_CIPHER *cipher = NULL; const EVP_CIPHER *cipher = NULL;
char *infile = NULL, *outfile = NULL, *passin = NULL, *passout = NULL; char *infile = NULL, *outfile = NULL, *passin = NULL, *passout = NULL;
char *passinarg = NULL, *passoutarg = NULL, *prog; char *passinarg = NULL, *passoutarg = NULL, *ciphername = NULL, *prog;
OPTION_CHOICE o; OPTION_CHOICE o;
int informat = FORMAT_PEM, outformat = FORMAT_PEM; int informat = FORMAT_PEM, outformat = FORMAT_PEM;
int pubin = 0, pubout = 0, text_pub = 0, text = 0, noout = 0, ret = 1; int pubin = 0, pubout = 0, text_pub = 0, text = 0, noout = 0, ret = 1;
@ -143,8 +143,7 @@ int pkey_main(int argc, char **argv)
pub_check = 1; pub_check = 1;
break; break;
case OPT_CIPHER: case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &cipher)) ciphername = opt_unknown();
goto opthelp;
break; break;
case OPT_EC_CONV_FORM: case OPT_EC_CONV_FORM:
#ifdef OPENSSL_NO_EC #ifdef OPENSSL_NO_EC
@ -187,6 +186,10 @@ int pkey_main(int argc, char **argv)
"Warning: The -traditional is ignored since there is no PEM output\n"); "Warning: The -traditional is ignored since there is no PEM output\n");
private = (!noout && !pubout) || (text && !text_pub); private = (!noout && !pubout) || (text && !text_pub);
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
}
if (cipher == NULL) { if (cipher == NULL) {
if (passoutarg != NULL) if (passoutarg != NULL)
BIO_printf(bio_err, BIO_printf(bio_err,

9
apps/rsa.c
View File

@ -93,7 +93,7 @@ int rsa_main(int argc, char **argv)
EVP_PKEY *pkey = NULL; EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx; EVP_PKEY_CTX *pctx;
const EVP_CIPHER *enc = NULL; const EVP_CIPHER *enc = NULL;
char *infile = NULL, *outfile = NULL, *prog; char *infile = NULL, *outfile = NULL, *ciphername = NULL, *prog;
char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL; char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL;
int private = 0; int private = 0;
int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0; int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0;
@ -171,8 +171,7 @@ int rsa_main(int argc, char **argv)
check = 1; check = 1;
break; break;
case OPT_CIPHER: case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &enc)) ciphername = opt_unknown();
goto opthelp;
break; break;
case OPT_PROV_CASES: case OPT_PROV_CASES:
if (!opt_provider(o)) if (!opt_provider(o))
@ -189,6 +188,10 @@ int rsa_main(int argc, char **argv)
if (argc != 0) if (argc != 0)
goto opthelp; goto opthelp;
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &enc))
goto opthelp;
}
private = (text && !pubin) || (!pubout && !noout) ? 1 : 0; private = (text && !pubin) || (!pubout && !noout) ? 1 : 0;
if (!app_passwd(passinarg, passoutarg, &passin, &passout)) { if (!app_passwd(passinarg, passoutarg, &passin, &passout)) {

9
apps/smime.c
View File

@ -146,7 +146,7 @@ int smime_main(int argc, char **argv)
char *certfile = NULL, *keyfile = NULL, *contfile = NULL; char *certfile = NULL, *keyfile = NULL, *contfile = NULL;
char *infile = NULL, *outfile = NULL, *signerfile = NULL, *recipfile = NULL; char *infile = NULL, *outfile = NULL, *signerfile = NULL, *recipfile = NULL;
char *passinarg = NULL, *passin = NULL, *to = NULL, *from = NULL; char *passinarg = NULL, *passin = NULL, *to = NULL, *from = NULL;
char *subject = NULL, *digestname = NULL; char *subject = NULL, *digestname = NULL, *ciphername = NULL;
OPTION_CHOICE o; OPTION_CHOICE o;
int noCApath = 0, noCAfile = 0, noCAstore = 0; int noCApath = 0, noCAfile = 0, noCAstore = 0;
int flags = PKCS7_DETACHED, operation = 0, ret = 0, indef = 0; int flags = PKCS7_DETACHED, operation = 0, ret = 0, indef = 0;
@ -297,8 +297,7 @@ int smime_main(int argc, char **argv)
digestname = opt_arg(); digestname = opt_arg();
break; break;
case OPT_CIPHER: case OPT_CIPHER:
if (!opt_cipher(opt_unknown(), &cipher)) ciphername = opt_unknown();
goto opthelp;
break; break;
case OPT_INKEY: case OPT_INKEY:
/* If previous -inkey argument add signer to list */ /* If previous -inkey argument add signer to list */
@ -365,6 +364,10 @@ int smime_main(int argc, char **argv)
if (!opt_md(digestname, &sign_md)) if (!opt_md(digestname, &sign_md))
goto opthelp; goto opthelp;
} }
if (ciphername != NULL) {
if (!opt_cipher(ciphername, &cipher))
goto opthelp;
}
if (!(operation & SMIME_SIGNERS) && (skkeys != NULL || sksigners != NULL)) { if (!(operation & SMIME_SIGNERS) && (skkeys != NULL || sksigners != NULL)) {
BIO_puts(bio_err, "Multiple signers or keys not allowed\n"); BIO_puts(bio_err, "Multiple signers or keys not allowed\n");
goto opthelp; goto opthelp;