QuasarApp/openssl
4
0
Fork 0
mirror of https://github.com/QuasarApp/openssl.git synced 2025-05-01 04:04:39 +00:00
Code Issues Projects Releases Wiki Activity

Fix no-des

Browse Source 
Numerous fixes for no-des.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Matt Caswell 2016-03-18 15:56:06 +00:00
parent 40a8e9c2ef
commit 96bea0002b
5 changed files with 29 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/pkcs12.c
View File

@ -57,7 +57,9 @@
*/ */
#include <openssl/opensslconf.h> #include <openssl/opensslconf.h>
#if !defined(OPENSSL_NO_DES) #if defined(OPENSSL_NO_DES)
NON_EMPTY_TRANSLATION_UNIT
#else
# include <stdio.h> # include <stdio.h>
# include <stdlib.h> # include <stdlib.h>

2
apps/speed.c
View File

@ -1386,7 +1386,9 @@ int speed_main(int argc, char **argv)
memset(results, 0, sizeof(results)); memset(results, 0, sizeof(results));
memset(c, 0, sizeof(c)); memset(c, 0, sizeof(c));
#ifndef OPENSSL_NO_DES
memset(DES_iv, 0, sizeof(DES_iv)); memset(DES_iv, 0, sizeof(DES_iv));
#endif
memset(iv, 0, sizeof(iv)); memset(iv, 0, sizeof(iv));
for (i = 0; i < ALGOR_NUM; i++) for (i = 0; i < ALGOR_NUM; i++)

5
crypto/cms/cms_kari.c
View File

@ -389,9 +389,12 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
* Pick a cipher based on content encryption cipher. If it is DES3 use * Pick a cipher based on content encryption cipher. If it is DES3 use
* DES3 wrap otherwise use AES wrap similar to key size. * DES3 wrap otherwise use AES wrap similar to key size.
*/ */
#ifndef OPENSSL_NO_DES
if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc) if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc)
kekcipher = EVP_des_ede3_wrap(); kekcipher = EVP_des_ede3_wrap();
else if (keylen <= 16) else
#endif
if (keylen <= 16)
kekcipher = EVP_aes_128_wrap(); kekcipher = EVP_aes_128_wrap();
else if (keylen <= 24) else if (keylen <= 24)
kekcipher = EVP_aes_192_wrap(); kekcipher = EVP_aes_192_wrap();

8
test/evp_test.c
View File

@ -1083,6 +1083,14 @@ static int mac_test_run(struct evp_test *t)
unsigned char *mac = NULL; unsigned char *mac = NULL;
size_t mac_len; size_t mac_len;
#ifdef OPENSSL_NO_DES
if (strstr(mdata->alg, "DES") != NULL) {
/* Skip DES */
err = NULL;
goto err;
}
#endif
err = "MAC_PKEY_CTX_ERROR"; err = "MAC_PKEY_CTX_ERROR";
genctx = EVP_PKEY_CTX_new_id(mdata->type, NULL); genctx = EVP_PKEY_CTX_new_id(mdata->type, NULL);
if (!genctx) if (!genctx)

22
test/recipes/80-test_cms.t
View File

@ -13,8 +13,8 @@ setup("test_cms");
my $smdir = srctop_dir("test", "smime-certs"); my $smdir = srctop_dir("test", "smime-certs");
my $smcont = srctop_file("test", "smcont.txt"); my $smcont = srctop_file("test", "smcont.txt");
my ($no_dh, $no_ec, $no_ec2m, $no_rc2, $no_zlib) my ($no_des, $no_dh, $no_ec, $no_ec2m, $no_rc2, $no_zlib)
= disabled qw/dh ec ec2m rc2 zlib/; = disabled qw/des dh ec ec2m rc2 zlib/;
plan tests => 4; plan tests => 4;
@ -119,7 +119,7 @@ my @smime_pkcs7_tests = (
"-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
], ],
[ "enveloped content test streaming S/MIME format, 3 recipients", [ "enveloped content test streaming S/MIME format, DES, 3 recipients",
[ "-encrypt", "-in", $smcont, [ "-encrypt", "-in", $smcont,
"-stream", "-out", "test.cms", "-stream", "-out", "test.cms",
catfile($smdir, "smrsa1.pem"), catfile($smdir, "smrsa1.pem"),
@ -129,7 +129,7 @@ my @smime_pkcs7_tests = (
"-in", "test.cms", "-out", "smtst.txt" ] "-in", "test.cms", "-out", "smtst.txt" ]
], ],
[ "enveloped content test streaming S/MIME format, 3 recipients, 3rd used", [ "enveloped content test streaming S/MIME format, DES, 3 recipients, 3rd used",
[ "-encrypt", "-in", $smcont, [ "-encrypt", "-in", $smcont,
"-stream", "-out", "test.cms", "-stream", "-out", "test.cms",
catfile($smdir, "smrsa1.pem"), catfile($smdir, "smrsa1.pem"),
@ -139,7 +139,7 @@ my @smime_pkcs7_tests = (
"-in", "test.cms", "-out", "smtst.txt" ] "-in", "test.cms", "-out", "smtst.txt" ]
], ],
[ "enveloped content test streaming S/MIME format, 3 recipients, key only used", [ "enveloped content test streaming S/MIME format, DES, 3 recipients, key only used",
[ "-encrypt", "-in", $smcont, [ "-encrypt", "-in", $smcont,
"-stream", "-out", "test.cms", "-stream", "-out", "test.cms",
catfile($smdir, "smrsa1.pem"), catfile($smdir, "smrsa1.pem"),
@ -201,7 +201,7 @@ my @smime_cms_tests = (
"-CAfile", catfile($smdir, "smroot.pem") ] "-CAfile", catfile($smdir, "smroot.pem") ]
], ],
[ "enveloped content test streaming S/MIME format, 3 recipients, keyid", [ "enveloped content test streaming S/MIME format, DES, 3 recipients, keyid",
[ "-encrypt", "-in", $smcont, [ "-encrypt", "-in", $smcont,
"-stream", "-out", "test.cms", "-keyid", "-stream", "-out", "test.cms", "-keyid",
catfile($smdir, "smrsa1.pem"), catfile($smdir, "smrsa1.pem"),
@ -306,7 +306,7 @@ my @smime_cms_param_tests = (
"-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ] "-CAfile", catfile($smdir, "smroot.pem"), "-out", "smtst.txt" ]
], ],
[ "enveloped content test streaming S/MIME format, OAEP default parameters", [ "enveloped content test streaming S/MIME format, DES, OAEP default parameters",
[ "-encrypt", "-in", $smcont, [ "-encrypt", "-in", $smcont,
"-stream", "-out", "test.cms", "-stream", "-out", "test.cms",
"-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep" ], "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep" ],
@ -314,7 +314,7 @@ my @smime_cms_param_tests = (
"-in", "test.cms", "-out", "smtst.txt" ] "-in", "test.cms", "-out", "smtst.txt" ]
], ],
[ "enveloped content test streaming S/MIME format, OAEP SHA256", [ "enveloped content test streaming S/MIME format, DES, OAEP SHA256",
[ "-encrypt", "-in", $smcont, [ "-encrypt", "-in", $smcont,
"-stream", "-out", "test.cms", "-stream", "-out", "test.cms",
"-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep", "-recip", catfile($smdir, "smrsa1.pem"), "-keyopt", "rsa_padding_mode:oaep",
@ -323,7 +323,7 @@ my @smime_cms_param_tests = (
"-in", "test.cms", "-out", "smtst.txt" ] "-in", "test.cms", "-out", "smtst.txt" ]
], ],
[ "enveloped content test streaming S/MIME format, ECDH", [ "enveloped content test streaming S/MIME format, DES, ECDH",
[ "-encrypt", "-in", $smcont, [ "-encrypt", "-in", $smcont,
"-stream", "-out", "test.cms", "-stream", "-out", "test.cms",
"-recip", catfile($smdir, "smec1.pem") ], "-recip", catfile($smdir, "smec1.pem") ],
@ -331,7 +331,7 @@ my @smime_cms_param_tests = (
"-in", "test.cms", "-out", "smtst.txt" ] "-in", "test.cms", "-out", "smtst.txt" ]
], ],
[ "enveloped content test streaming S/MIME format, ECDH, key identifier", [ "enveloped content test streaming S/MIME format, ECDH, DES, key identifier",
[ "-encrypt", "-keyid", "-in", $smcont, [ "-encrypt", "-keyid", "-in", $smcont,
"-stream", "-out", "test.cms", "-stream", "-out", "test.cms",
"-recip", catfile($smdir, "smec1.pem") ], "-recip", catfile($smdir, "smec1.pem") ],
@ -475,6 +475,8 @@ sub check_availability {
if ($no_dh && $tnam =~ /X9\.42/); if ($no_dh && $tnam =~ /X9\.42/);
return "$tnam: skipped, RC2 disabled\n" return "$tnam: skipped, RC2 disabled\n"
if ($no_rc2 && $tnam =~ /RC2/); if ($no_rc2 && $tnam =~ /RC2/);
return "$tnam: skipped, DES disabled\n"
if ($no_des && $tnam =~ /DES/);
return ""; return "";
} }