make no-des and no-rc2 work.

This commit is contained in:
Bodo Möller 2000-01-07 12:15:54 +00:00
parent b64e735b08
commit 63da21c01b
9 changed files with 74 additions and 13 deletions

View File

@ -378,6 +378,7 @@ foreach (@ARGV)
$depflags .= "-DNO_$algo ";
if ($algo eq "DES")
{
push @skip, "mdc2";
$options .= " no-mdc2";
$flags .= "-DNO_MDC2 ";
$depflags .= "-DNO_MDC2 ";

View File

@ -110,16 +110,20 @@ int MAIN(int argc, char **argv)
else if (!strcmp (*args, "-sign")) operation = SMIME_SIGN;
else if (!strcmp (*args, "-verify")) operation = SMIME_VERIFY;
else if (!strcmp (*args, "-pk7out")) operation = SMIME_PK7OUT;
#ifndef NO_DES
else if (!strcmp (*args, "-des3"))
cipher = EVP_des_ede3_cbc();
else if (!strcmp (*args, "-des"))
cipher = EVP_des_cbc();
#endif
#ifndef NO_RC2
else if (!strcmp (*args, "-rc2-40"))
cipher = EVP_rc2_40_cbc();
else if (!strcmp (*args, "-rc2-128"))
cipher = EVP_rc2_cbc();
else if (!strcmp (*args, "-rc2-64"))
cipher = EVP_rc2_64_cbc();
#endif
else if (!strcmp (*args, "-text"))
flags |= PKCS7_TEXT;
else if (!strcmp (*args, "-nointern"))
@ -233,10 +237,15 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "-sign sign message\n");
BIO_printf (bio_err, "-verify verify signed message\n");
BIO_printf (bio_err, "-pk7out output PKCS#7 structure\n");
#ifndef NO_DES
BIO_printf (bio_err, "-des3 encrypt with triple DES\n");
BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40\n");
BIO_printf (bio_err, "-des encrypt with DES\n");
#endif
#ifndef NO_RC2
BIO_printf (bio_err, "-rc2-40 encrypt with RC2-40 (default)\n");
BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n");
BIO_printf (bio_err, "-rc2-128 encrypt with RC2-128\n");
#endif
BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n");
BIO_printf (bio_err, "-nosigs don't verify message signature\n");
BIO_printf (bio_err, "-noverify don't verify signers certificate\n");
@ -271,7 +280,14 @@ int MAIN(int argc, char **argv)
}
if(operation == SMIME_ENCRYPT) {
if (!cipher) cipher = EVP_rc2_40_cbc();
if (!cipher) {
#ifndef NO_RC2
cipher = EVP_rc2_40_cbc();
#else
BIO_printf(bio_err, "No cipher selected\n");
goto end;
#endif
}
encerts = sk_X509_new_null();
while (*args) {
if(!(cert = load_cert(*args))) {

View File

@ -616,6 +616,7 @@ int MAIN(int argc, char **argv)
memset(rsa_c,0,sizeof(rsa_c));
#endif
#ifndef SIGALRM
#ifndef NO_DES
BIO_printf(bio_err,"First we calculate the approximate speed ...\n");
count=10;
do {
@ -707,10 +708,14 @@ int MAIN(int argc, char **argv)
#define COND(d) (count < (d))
#define COUNT(d) (d)
#else
/* not worth fixing */
# error "You cannot disable DES on systems without SIGALRM."
#endif /* NO_DES */
#else
#define COND(c) (run)
#define COUNT(d) (count)
signal(SIGALRM,sig_done);
#endif
#endif /* SIGALRM */
#ifndef NO_MD2
if (doit[D_MD2])

View File

@ -58,7 +58,8 @@ buildinf.h: ../Makefile.ssl
echo "#endif" ) >buildinf.h
testapps:
cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des
if echo ${SDIRS} | fgrep ' des '; \
then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi
cd pkcs7 && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' testapps
subdirs:

View File

@ -81,15 +81,18 @@ char *EVP_get_pw_prompt(void)
return(prompt_string);
}
#ifdef NO_DES
int des_read_pw_string(char *buf,int len,const char *prompt,int verify);
#endif
/* For historical reasons, the standard function for reading passwords is
* in the DES library -- if someone ever wants to disable DES,
* this function will fail */
int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify)
{
#ifndef NO_DES
if ((prompt == NULL) && (prompt_string[0] != '\0'))
prompt=prompt_string;
return(des_read_pw_string(buf,len,prompt,verify));
#else
return -1;
#endif
}
int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, unsigned char *salt,

View File

@ -127,7 +127,14 @@ char *argv[];
#else
PKCS7_set_type(p7,NID_pkcs7_enveloped);
#endif
if(!cipher) cipher = EVP_des_ede3_cbc();
if(!cipher) {
#ifndef NO_DES
cipher = EVP_des_ede3_cbc();
#else
fprintf(stderr, "No cipher selected\n");
goto err;
#endif
}
if (!PKCS7_set_cipher(p7,cipher)) goto err;
for(i = 0; i < sk_X509_num(recips); i++) {

View File

@ -264,7 +264,9 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL;
X509_ALGOR *xalg=NULL;
PKCS7_RECIP_INFO *ri=NULL;
#ifndef NO_RC2
char is_rc2 = 0;
#endif
/* EVP_PKEY *pkey; */
#if 0
X509_STORE_CTX s_ctx;
@ -309,7 +311,15 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
goto err;
}
if(EVP_CIPHER_nid(evp_cipher) == NID_rc2_cbc) is_rc2 = 1;
if(EVP_CIPHER_nid(evp_cipher) == NID_rc2_cbc)
{
#ifndef NO_RC2
is_rc2 = 1;
#else
PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
goto err;
#endif
}
/* We will be checking the signature */
if (md_sk != NULL)
@ -409,14 +419,16 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert)
* because we currently can't do this with the EVP
* interface.
*/
#ifndef NO_RC2
if(is_rc2) RC2_set_key(&(evp_ctx->c.rc2_ks),jj, tmp,
EVP_CIPHER_CTX_key_length(evp_ctx)*8);
else {
else
#endif
{
PKCS7err(PKCS7_F_PKCS7_DATADECODE,
PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH);
goto err;
}
}
} else EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0);
memset(tmp,0,jj);

View File

@ -76,10 +76,18 @@ char *argv[];
int i;
int nodetach=0;
#ifndef NO_MD2
EVP_add_digest(EVP_md2());
#endif
#ifndef NO_MD5
EVP_add_digest(EVP_md5());
#endif
#ifndef NO_SHA1
EVP_add_digest(EVP_sha1());
#endif
#ifndef NO_MDC2
EVP_add_digest(EVP_mdc2());
#endif
data=BIO_new(BIO_s_file());
again:

View File

@ -85,10 +85,18 @@ char *argv[];
bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
bio_out=BIO_new_fp(stdout,BIO_NOCLOSE);
#ifndef NO_MD2
EVP_add_digest(EVP_md2());
#endif
#ifndef NO_MD5
EVP_add_digest(EVP_md5());
#endif
#ifndef NO_SHA1
EVP_add_digest(EVP_sha1());
#endif
#ifndef NO_MDC2
EVP_add_digest(EVP_mdc2());
#endif
data=BIO_new(BIO_s_file());