Loading CHANGES +8 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,14 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 2000] *) Reorganise password command line arguments: now passwords can be obtained from various sources. Delete the PEM_cb function and make it the default behaviour: i.e. if the callback is NULL and the usrdata argument is not NULL interpret it as a null terminated pass phrase. If usrdata and the callback are NULL then the pass phrase is prompted for as usual. [Steve Henson] *) Add support for the Compaq Atalla crypto accelerator. If it is installed, the support is automatically enabled. The resulting binaries will autodetect the card and use it if present. Loading apps/apps.c +76 −0 Original line number Diff line number Diff line Loading @@ -325,6 +325,7 @@ int app_init(long mesgwin) } #endif int dump_cert_text (BIO *out, X509 *x) { char buf[256]; Loading @@ -338,3 +339,78 @@ int dump_cert_text (BIO *out, X509 *x) BIO_puts(out,"\n"); return 0; } static char *app_get_pass(BIO *err, char *arg, int keepbio); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2) { int same; if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0; else same = 1; if(arg1) { *pass1 = app_get_pass(err, arg1, same); if(!*pass1) return 0; } else if(pass1) *pass1 = NULL; if(arg2) { *pass2 = app_get_pass(err, arg2, same ? 2 : 0); if(!*pass2) return 0; } else if(pass2) *pass2 = NULL; return 1; } static char *app_get_pass(BIO *err, char *arg, int keepbio) { char *tmp, tpass[APP_PASS_LEN]; static BIO *pwdbio = NULL; int i; if(!strncmp(arg, "pass:", 5)) return BUF_strdup(arg + 5); if(!strncmp(arg, "env:", 4)) { tmp = getenv(arg + 4); if(!tmp) { BIO_printf(err, "Can't read environment variable %s\n", arg + 4); return NULL; } return BUF_strdup(tmp); } if(!keepbio || !pwdbio) { if(!strncmp(arg, "file:", 5)) { pwdbio = BIO_new_file(arg + 5, "r"); if(!pwdbio) { BIO_printf(err, "Can't open file %s\n", arg + 5); return NULL; } } else if(!strncmp(arg, "fd:", 3)) { BIO *btmp; i = atoi(arg + 3); if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE); if((i < 0) || !pwdbio) { BIO_printf(err, "Can't access file descriptor %s\n", arg + 3); return NULL; } /* Can't do BIO_gets on an fd BIO so add a buffering BIO */ btmp = BIO_new(BIO_f_buffer()); pwdbio = BIO_push(btmp, pwdbio); } else if(!strcmp(arg, "stdin")) { pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE); if(!pwdbio) { BIO_printf(err, "Can't open BIO for stdin\n"); return NULL; } } else { BIO_printf(err, "Invalid password argument \"%s\"\n", arg); return NULL; } } i = BIO_gets(pwdbio, tpass, APP_PASS_LEN); if(keepbio != 1) { BIO_free_all(pwdbio); pwdbio = NULL; } if(i <= 0) { BIO_printf(err, "Error reading password from BIO\n"); return NULL; } tmp = strchr(tpass, '\n'); if(tmp) *tmp = 0; return BUF_strdup(tpass); } apps/apps.h +3 −0 Original line number Diff line number Diff line Loading @@ -145,10 +145,13 @@ int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]); #ifdef HEADER_X509_H int dump_cert_text(BIO *out, X509 *x); #endif int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); #define FORMAT_UNDEF 0 #define FORMAT_ASN1 1 #define FORMAT_TEXT 2 #define FORMAT_PEM 3 #define FORMAT_NETSCAPE 4 #define APP_PASS_LEN 1024 #endif apps/ca.c +1 −1 Original line number Diff line number Diff line Loading @@ -533,7 +533,7 @@ bad: BIO_printf(bio_err,"trying to load CA private key\n"); goto err; } pkey=PEM_read_bio_PrivateKey(in,NULL,PEM_cb,key); pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key); if(key) memset(key,0,strlen(key)); if (pkey == NULL) { Loading apps/dsa.c +17 −33 Original line number Diff line number Diff line Loading @@ -95,6 +95,7 @@ int MAIN(int argc, char **argv) int informat,outformat,text=0,noout=0; int pubin = 0, pubout = 0; char *infile,*outfile,*prog; char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; int modulus=0; Loading Loading @@ -137,34 +138,12 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-passin") == 0) { if (--argc < 1) goto bad; passin= *(++argv); } else if (strcmp(*argv,"-envpassin") == 0) { if (--argc < 1) goto bad; if(!(passin= getenv(*(++argv)))) { BIO_printf(bio_err, "Can't read environment variable %s\n", *argv); badops = 1; } } else if (strcmp(*argv,"-envpassout") == 0) { if (--argc < 1) goto bad; if(!(passout= getenv(*(++argv)))) { BIO_printf(bio_err, "Can't read environment variable %s\n", *argv); badops = 1; } passargin= *(++argv); } else if (strcmp(*argv,"-passout") == 0) { if (--argc < 1) goto bad; passout= *(++argv); passargout= *(++argv); } else if (strcmp(*argv,"-noout") == 0) noout=1; Loading Loading @@ -194,11 +173,9 @@ bad: BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -passin arg input file pass phrase\n"); BIO_printf(bio_err," -envpassin arg environment variable containing input file pass phrase\n"); BIO_printf(bio_err," -passin arg input file pass phrase source\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -passout arg output file pass phrase\n"); BIO_printf(bio_err," -envpassout arg environment variable containing output file pass phrase\n"); BIO_printf(bio_err," -passout arg output file pass phrase source\n"); BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); #ifndef NO_IDEA Loading @@ -212,6 +189,11 @@ bad: ERR_load_crypto_strings(); if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); goto end; } in=BIO_new(BIO_s_file()); out=BIO_new(BIO_s_file()); if ((in == NULL) || (out == NULL)) Loading @@ -237,7 +219,7 @@ bad: else dsa=d2i_DSAPrivateKey_bio(in,NULL); } else if (informat == FORMAT_PEM) { if(pubin) dsa=PEM_read_bio_DSA_PUBKEY(in,NULL, NULL, NULL); else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,PEM_cb,passin); else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL,passin); } else { BIO_printf(bio_err,"bad input format specified for key\n"); Loading Loading @@ -285,7 +267,7 @@ bad: if(pubin || pubout) i=PEM_write_bio_DSA_PUBKEY(out,dsa); else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc, NULL,0,PEM_cb, passout); NULL,0,NULL, passout); } else { BIO_printf(bio_err,"bad output format specified for outfile\n"); goto end; Loading @@ -301,6 +283,8 @@ end: if(in != NULL) BIO_free(in); if(out != NULL) BIO_free(out); if(dsa != NULL) DSA_free(dsa); if(passin) Free(passin); if(passout) Free(passout); EXIT(ret); } #endif Loading
CHANGES +8 −0 Original line number Diff line number Diff line Loading @@ -4,6 +4,14 @@ Changes between 0.9.4 and 0.9.5 [xx XXX 2000] *) Reorganise password command line arguments: now passwords can be obtained from various sources. Delete the PEM_cb function and make it the default behaviour: i.e. if the callback is NULL and the usrdata argument is not NULL interpret it as a null terminated pass phrase. If usrdata and the callback are NULL then the pass phrase is prompted for as usual. [Steve Henson] *) Add support for the Compaq Atalla crypto accelerator. If it is installed, the support is automatically enabled. The resulting binaries will autodetect the card and use it if present. Loading
apps/apps.c +76 −0 Original line number Diff line number Diff line Loading @@ -325,6 +325,7 @@ int app_init(long mesgwin) } #endif int dump_cert_text (BIO *out, X509 *x) { char buf[256]; Loading @@ -338,3 +339,78 @@ int dump_cert_text (BIO *out, X509 *x) BIO_puts(out,"\n"); return 0; } static char *app_get_pass(BIO *err, char *arg, int keepbio); int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2) { int same; if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0; else same = 1; if(arg1) { *pass1 = app_get_pass(err, arg1, same); if(!*pass1) return 0; } else if(pass1) *pass1 = NULL; if(arg2) { *pass2 = app_get_pass(err, arg2, same ? 2 : 0); if(!*pass2) return 0; } else if(pass2) *pass2 = NULL; return 1; } static char *app_get_pass(BIO *err, char *arg, int keepbio) { char *tmp, tpass[APP_PASS_LEN]; static BIO *pwdbio = NULL; int i; if(!strncmp(arg, "pass:", 5)) return BUF_strdup(arg + 5); if(!strncmp(arg, "env:", 4)) { tmp = getenv(arg + 4); if(!tmp) { BIO_printf(err, "Can't read environment variable %s\n", arg + 4); return NULL; } return BUF_strdup(tmp); } if(!keepbio || !pwdbio) { if(!strncmp(arg, "file:", 5)) { pwdbio = BIO_new_file(arg + 5, "r"); if(!pwdbio) { BIO_printf(err, "Can't open file %s\n", arg + 5); return NULL; } } else if(!strncmp(arg, "fd:", 3)) { BIO *btmp; i = atoi(arg + 3); if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE); if((i < 0) || !pwdbio) { BIO_printf(err, "Can't access file descriptor %s\n", arg + 3); return NULL; } /* Can't do BIO_gets on an fd BIO so add a buffering BIO */ btmp = BIO_new(BIO_f_buffer()); pwdbio = BIO_push(btmp, pwdbio); } else if(!strcmp(arg, "stdin")) { pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE); if(!pwdbio) { BIO_printf(err, "Can't open BIO for stdin\n"); return NULL; } } else { BIO_printf(err, "Invalid password argument \"%s\"\n", arg); return NULL; } } i = BIO_gets(pwdbio, tpass, APP_PASS_LEN); if(keepbio != 1) { BIO_free_all(pwdbio); pwdbio = NULL; } if(i <= 0) { BIO_printf(err, "Error reading password from BIO\n"); return NULL; } tmp = strchr(tpass, '\n'); if(tmp) *tmp = 0; return BUF_strdup(tpass); }
apps/apps.h +3 −0 Original line number Diff line number Diff line Loading @@ -145,10 +145,13 @@ int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]); #ifdef HEADER_X509_H int dump_cert_text(BIO *out, X509 *x); #endif int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2); #define FORMAT_UNDEF 0 #define FORMAT_ASN1 1 #define FORMAT_TEXT 2 #define FORMAT_PEM 3 #define FORMAT_NETSCAPE 4 #define APP_PASS_LEN 1024 #endif
apps/ca.c +1 −1 Original line number Diff line number Diff line Loading @@ -533,7 +533,7 @@ bad: BIO_printf(bio_err,"trying to load CA private key\n"); goto err; } pkey=PEM_read_bio_PrivateKey(in,NULL,PEM_cb,key); pkey=PEM_read_bio_PrivateKey(in,NULL,NULL,key); if(key) memset(key,0,strlen(key)); if (pkey == NULL) { Loading
apps/dsa.c +17 −33 Original line number Diff line number Diff line Loading @@ -95,6 +95,7 @@ int MAIN(int argc, char **argv) int informat,outformat,text=0,noout=0; int pubin = 0, pubout = 0; char *infile,*outfile,*prog; char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; int modulus=0; Loading Loading @@ -137,34 +138,12 @@ int MAIN(int argc, char **argv) else if (strcmp(*argv,"-passin") == 0) { if (--argc < 1) goto bad; passin= *(++argv); } else if (strcmp(*argv,"-envpassin") == 0) { if (--argc < 1) goto bad; if(!(passin= getenv(*(++argv)))) { BIO_printf(bio_err, "Can't read environment variable %s\n", *argv); badops = 1; } } else if (strcmp(*argv,"-envpassout") == 0) { if (--argc < 1) goto bad; if(!(passout= getenv(*(++argv)))) { BIO_printf(bio_err, "Can't read environment variable %s\n", *argv); badops = 1; } passargin= *(++argv); } else if (strcmp(*argv,"-passout") == 0) { if (--argc < 1) goto bad; passout= *(++argv); passargout= *(++argv); } else if (strcmp(*argv,"-noout") == 0) noout=1; Loading Loading @@ -194,11 +173,9 @@ bad: BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); BIO_printf(bio_err," -in arg input file\n"); BIO_printf(bio_err," -passin arg input file pass phrase\n"); BIO_printf(bio_err," -envpassin arg environment variable containing input file pass phrase\n"); BIO_printf(bio_err," -passin arg input file pass phrase source\n"); BIO_printf(bio_err," -out arg output file\n"); BIO_printf(bio_err," -passout arg output file pass phrase\n"); BIO_printf(bio_err," -envpassout arg environment variable containing output file pass phrase\n"); BIO_printf(bio_err," -passout arg output file pass phrase source\n"); BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); #ifndef NO_IDEA Loading @@ -212,6 +189,11 @@ bad: ERR_load_crypto_strings(); if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); goto end; } in=BIO_new(BIO_s_file()); out=BIO_new(BIO_s_file()); if ((in == NULL) || (out == NULL)) Loading @@ -237,7 +219,7 @@ bad: else dsa=d2i_DSAPrivateKey_bio(in,NULL); } else if (informat == FORMAT_PEM) { if(pubin) dsa=PEM_read_bio_DSA_PUBKEY(in,NULL, NULL, NULL); else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,PEM_cb,passin); else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL,passin); } else { BIO_printf(bio_err,"bad input format specified for key\n"); Loading Loading @@ -285,7 +267,7 @@ bad: if(pubin || pubout) i=PEM_write_bio_DSA_PUBKEY(out,dsa); else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc, NULL,0,PEM_cb, passout); NULL,0,NULL, passout); } else { BIO_printf(bio_err,"bad output format specified for outfile\n"); goto end; Loading @@ -301,6 +283,8 @@ end: if(in != NULL) BIO_free(in); if(out != NULL) BIO_free(out); if(dsa != NULL) DSA_free(dsa); if(passin) Free(passin); if(passout) Free(passout); EXIT(ret); } #endif
