diff options
author | Pauli <pauli@openssl.org> | 2021-05-07 16:58:16 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-05-08 22:13:49 +1000 |
commit | a1230dea4d255a1ea27b18af7a178fe2501e7dad (patch) | |
tree | 769478691cbd7338dce2def853e5e8c5e7bb1aae /apps | |
parent | 839261592ca447aa083403cee7b0ced97cef6159 (diff) | |
download | openssl-a1230dea4d255a1ea27b18af7a178fe2501e7dad.tar.gz |
apps: add mac, cipher and digest arguments to the kdf applet.
This adds -digest, -mac and -cipher which correspond to -kdfopt digest: and
-kdfopt mac: and -kdfopt cipher: respectively.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15190)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/kdf.c | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/apps/kdf.c b/apps/kdf.c index b3865d9e87..7b016051f1 100644 --- a/apps/kdf.c +++ b/apps/kdf.c @@ -20,6 +20,7 @@ typedef enum OPTION_choice { OPT_COMMON, OPT_KDFOPT, OPT_BIN, OPT_KEYLEN, OPT_OUT, + OPT_CIPHER, OPT_DIGEST, OPT_MAC, OPT_PROV_ENUM } OPTION_CHOICE; @@ -29,6 +30,9 @@ const OPTIONS kdf_options[] = { OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, {"kdfopt", OPT_KDFOPT, 's', "KDF algorithm control parameters in n:v form"}, + {"cipher", OPT_CIPHER, 's', "Cipher"}, + {"digest", OPT_DIGEST, 's', "Digest"}, + {"mac", OPT_MAC, 's', "MAC"}, {OPT_MORE_STR, 1, '-', "See 'Supported Controls' in the EVP_KDF_ docs\n"}, {"keylen", OPT_KEYLEN, 's', "The size of the output derived key"}, @@ -44,6 +48,24 @@ const OPTIONS kdf_options[] = { {NULL} }; +static char *alloc_kdf_algorithm_name(STACK_OF(OPENSSL_STRING) **optp, + const char *name, const char *arg) +{ + size_t len = strlen(name) + strlen(arg) + 2; + char *res = app_malloc(len, "algorithm name"); + + if (*optp == NULL) + *optp = sk_OPENSSL_STRING_new_null(); + if (*optp == NULL) + return NULL; + + BIO_snprintf(res, len, "%s:%s", name, arg); + if (sk_OPENSSL_STRING_push(*optp, res)) + return res; + OPENSSL_free(res); + return NULL; +} + int kdf_main(int argc, char **argv) { int ret = 1, out_bin = 0; @@ -56,6 +78,7 @@ int kdf_main(int argc, char **argv) BIO *out = NULL; EVP_KDF *kdf = NULL; EVP_KDF_CTX *ctx = NULL; + char *digest = NULL, *cipher = NULL, *mac = NULL; prog = opt_init(argc, argv, kdf_options); while ((o = opt_next()) != OPT_EOF) { @@ -83,6 +106,24 @@ opthelp: if (opts == NULL || !sk_OPENSSL_STRING_push(opts, opt_arg())) goto opthelp; break; + case OPT_CIPHER: + OPENSSL_free(cipher); + cipher = alloc_kdf_algorithm_name(&opts, "cipher", opt_arg()); + if (cipher == NULL) + goto opthelp; + break; + case OPT_DIGEST: + OPENSSL_free(digest); + digest = alloc_kdf_algorithm_name(&opts, "digest", opt_arg()); + if (digest == NULL) + goto opthelp; + break; + case OPT_MAC: + OPENSSL_free(mac); + mac = alloc_kdf_algorithm_name(&opts, "mac", opt_arg()); + if (mac == NULL) + goto opthelp; + break; case OPT_PROV_CASES: if (!opt_provider(o)) goto err; @@ -161,5 +202,8 @@ err: EVP_KDF_CTX_free(ctx); BIO_free(out); OPENSSL_free(hexout); + OPENSSL_free(cipher); + OPENSSL_free(digest); + OPENSSL_free(mac); return ret; } |