diff options
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/Makefile.ssl | 3 | ||||
-rw-r--r-- | crypto/evp/evp_key.c | 11 | ||||
-rw-r--r-- | crypto/pkcs7/enc.c | 9 | ||||
-rw-r--r-- | crypto/pkcs7/pk7_doit.c | 20 | ||||
-rw-r--r-- | crypto/pkcs7/sign.c | 8 | ||||
-rw-r--r-- | crypto/pkcs7/verify.c | 8 |
6 files changed, 49 insertions, 10 deletions
diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl index d450ab77c3..ae4c45ee0c 100644 --- a/crypto/Makefile.ssl +++ b/crypto/Makefile.ssl @@ -58,7 +58,8 @@ buildinf.h: ../Makefile.ssl echo "#endif" ) >buildinf.h testapps: - cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des + if echo ${SDIRS} | fgrep ' des '; \ + then cd des && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' des; fi cd pkcs7 && $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}' MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}' BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}' RC5_ENC='${RC5_ENC}' AR='${AR}' PROCESSOR='${PROCESSOR}' PERL='${PERL}' RANLIB='${RANLIB}' testapps subdirs: diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c index 21eda418bc..667c21cca8 100644 --- a/crypto/evp/evp_key.c +++ b/crypto/evp/evp_key.c @@ -81,15 +81,18 @@ char *EVP_get_pw_prompt(void) return(prompt_string); } -#ifdef NO_DES -int des_read_pw_string(char *buf,int len,const char *prompt,int verify); -#endif - +/* For historical reasons, the standard function for reading passwords is + * in the DES library -- if someone ever wants to disable DES, + * this function will fail */ int EVP_read_pw_string(char *buf, int len, const char *prompt, int verify) { +#ifndef NO_DES if ((prompt == NULL) && (prompt_string[0] != '\0')) prompt=prompt_string; return(des_read_pw_string(buf,len,prompt,verify)); +#else + return -1; +#endif } int EVP_BytesToKey(const EVP_CIPHER *type, EVP_MD *md, unsigned char *salt, diff --git a/crypto/pkcs7/enc.c b/crypto/pkcs7/enc.c index 66a300aee7..31845fc5e4 100644 --- a/crypto/pkcs7/enc.c +++ b/crypto/pkcs7/enc.c @@ -127,7 +127,14 @@ char *argv[]; #else PKCS7_set_type(p7,NID_pkcs7_enveloped); #endif - if(!cipher) cipher = EVP_des_ede3_cbc(); + if(!cipher) { +#ifndef NO_DES + cipher = EVP_des_ede3_cbc(); +#else + fprintf(stderr, "No cipher selected\n"); + goto err; +#endif + } if (!PKCS7_set_cipher(p7,cipher)) goto err; for(i = 0; i < sk_X509_num(recips); i++) { diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index acc9cc4a47..fa0159ee1d 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -264,7 +264,9 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) STACK_OF(PKCS7_RECIP_INFO) *rsk=NULL; X509_ALGOR *xalg=NULL; PKCS7_RECIP_INFO *ri=NULL; +#ifndef NO_RC2 char is_rc2 = 0; +#endif /* EVP_PKEY *pkey; */ #if 0 X509_STORE_CTX s_ctx; @@ -309,7 +311,15 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) goto err; } - if(EVP_CIPHER_nid(evp_cipher) == NID_rc2_cbc) is_rc2 = 1; + if(EVP_CIPHER_nid(evp_cipher) == NID_rc2_cbc) + { +#ifndef NO_RC2 + is_rc2 = 1; +#else + PKCS7err(PKCS7_F_PKCS7_DATADECODE,PKCS7_R_UNSUPPORTED_CIPHER_TYPE); + goto err; +#endif + } /* We will be checking the signature */ if (md_sk != NULL) @@ -409,14 +419,16 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) * because we currently can't do this with the EVP * interface. */ +#ifndef NO_RC2 if(is_rc2) RC2_set_key(&(evp_ctx->c.rc2_ks),jj, tmp, EVP_CIPHER_CTX_key_length(evp_ctx)*8); - else { - + else +#endif + { PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_DECRYPTED_KEY_IS_WRONG_LENGTH); goto err; - } + } } else EVP_CipherInit(evp_ctx,NULL,tmp,NULL,0); memset(tmp,0,jj); diff --git a/crypto/pkcs7/sign.c b/crypto/pkcs7/sign.c index 367c00e0fa..22290e192c 100644 --- a/crypto/pkcs7/sign.c +++ b/crypto/pkcs7/sign.c @@ -76,10 +76,18 @@ char *argv[]; int i; int nodetach=0; +#ifndef NO_MD2 EVP_add_digest(EVP_md2()); +#endif +#ifndef NO_MD5 EVP_add_digest(EVP_md5()); +#endif +#ifndef NO_SHA1 EVP_add_digest(EVP_sha1()); +#endif +#ifndef NO_MDC2 EVP_add_digest(EVP_mdc2()); +#endif data=BIO_new(BIO_s_file()); again: diff --git a/crypto/pkcs7/verify.c b/crypto/pkcs7/verify.c index 8ae903cc8a..49fc8d8bed 100644 --- a/crypto/pkcs7/verify.c +++ b/crypto/pkcs7/verify.c @@ -85,10 +85,18 @@ char *argv[]; bio_err=BIO_new_fp(stderr,BIO_NOCLOSE); bio_out=BIO_new_fp(stdout,BIO_NOCLOSE); +#ifndef NO_MD2 EVP_add_digest(EVP_md2()); +#endif +#ifndef NO_MD5 EVP_add_digest(EVP_md5()); +#endif +#ifndef NO_SHA1 EVP_add_digest(EVP_sha1()); +#endif +#ifndef NO_MDC2 EVP_add_digest(EVP_mdc2()); +#endif data=BIO_new(BIO_s_file()); |