[openssl] OpenSSL_1_1_1-stable update
matthias.st.pierre at ncp-e.com
matthias.st.pierre at ncp-e.com
Tue Oct 22 21:30:36 UTC 2019
The branch OpenSSL_1_1_1-stable has been updated
via c22987ce97c9ab8e5abb83388771208ac716cf22 (commit)
from 24c23e1f3cd807dbf7e6a057dc01b435703d05b4 (commit)
- Log -----------------------------------------------------------------
commit c22987ce97c9ab8e5abb83388771208ac716cf22
Author: agnosticdev <agnosticdev at gmail.com>
Date: Mon Sep 16 07:09:01 2019 -0500
Update dgst.c to show a list of message digests
Fixes #9893
Reviewed-by: Paul Dale <paul.dale at oracle.com>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre at ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/10219)
-----------------------------------------------------------------------
Summary of changes:
apps/dgst.c | 46 +++++++++++++++++++++++++++++++++++++++++++++-
apps/enc.c | 3 ++-
doc/man1/dgst.pod | 5 +++++
doc/man1/enc.pod | 9 ++++++++-
4 files changed, 60 insertions(+), 3 deletions(-)
diff --git a/apps/dgst.c b/apps/dgst.c
index 9223133eb2..82b8d02cee 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -19,6 +19,7 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/hmac.h>
+#include <ctype.h>
#undef BUFSIZE
#define BUFSIZE 1024*8
@@ -27,9 +28,15 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,
EVP_PKEY *key, unsigned char *sigin, int siglen,
const char *sig_name, const char *md_name,
const char *file);
+static void show_digests(const OBJ_NAME *name, void *bio_);
+
+struct doall_dgst_digests {
+ BIO *bio;
+ int n;
+};
typedef enum OPTION_choice {
- OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
+ OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_LIST,
OPT_C, OPT_R, OPT_OUT, OPT_SIGN, OPT_PASSIN, OPT_VERIFY,
OPT_PRVERIFY, OPT_SIGNATURE, OPT_KEYFORM, OPT_ENGINE, OPT_ENGINE_IMPL,
OPT_HEX, OPT_BINARY, OPT_DEBUG, OPT_FIPS_FINGERPRINT,
@@ -43,6 +50,7 @@ const OPTIONS dgst_options[] = {
{OPT_HELP_STR, 1, '-',
" file... files to digest (default is stdin)\n"},
{"help", OPT_HELP, '-', "Display this summary"},
+ {"list", OPT_LIST, '-', "List digests"},
{"c", OPT_C, '-', "Print the digest with separating colons"},
{"r", OPT_R, '-', "Print the digest in coreutils format"},
{"out", OPT_OUT, '>', "Output to filename rather than stdout"},
@@ -91,6 +99,7 @@ int dgst_main(int argc, char **argv)
int i, ret = 1, out_bin = -1, want_pub = 0, do_verify = 0;
unsigned char *buf = NULL, *sigbuf = NULL;
int engine_impl = 0;
+ struct doall_dgst_digests dec;
prog = opt_progname(argv[0]);
buf = app_malloc(BUFSIZE, "I/O buffer");
@@ -108,6 +117,15 @@ int dgst_main(int argc, char **argv)
opt_help(dgst_options);
ret = 0;
goto end;
+ case OPT_LIST:
+ BIO_printf(bio_out, "Supported digests:\n");
+ dec.bio = bio_out;
+ dec.n = 0;
+ OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_MD_METH,
+ show_digests, &dec);
+ BIO_printf(bio_out, "\n");
+ ret = 0;
+ goto end;
case OPT_C:
separator = 1;
break;
@@ -413,6 +431,32 @@ int dgst_main(int argc, char **argv)
return ret;
}
+static void show_digests(const OBJ_NAME *name, void *arg)
+{
+ struct doall_dgst_digests *dec = (struct doall_dgst_digests *)arg;
+ const EVP_MD *md = NULL;
+
+ /* Filter out signed digests (a.k.a signature algorithms) */
+ if (strstr(name->name, "rsa") != NULL || strstr(name->name, "RSA") != NULL)
+ return;
+
+ if (!islower((unsigned char)*name->name))
+ return;
+
+ /* Filter out message digests that we cannot use */
+ md = EVP_get_digestbyname(name->name);
+ if (md == NULL)
+ return;
+
+ BIO_printf(dec->bio, "-%-25s", name->name);
+ if (++dec->n == 3) {
+ BIO_printf(dec->bio, "\n");
+ dec->n = 0;
+ } else {
+ BIO_printf(dec->bio, " ");
+ }
+}
+
/*
* The newline_escape_filename function performs newline escaping for any
* filename that contains a newline. This function also takes a pointer
diff --git a/apps/enc.c b/apps/enc.c
index d1772f3eb9..ddf51e0dba 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -50,7 +50,8 @@ typedef enum OPTION_choice {
const OPTIONS enc_options[] = {
{"help", OPT_HELP, '-', "Display this summary"},
- {"ciphers", OPT_LIST, '-', "List ciphers"},
+ {"list", OPT_LIST, '-', "List ciphers"},
+ {"ciphers", OPT_LIST, '-', "Alias for -list"},
{"in", OPT_IN, '<', "Input file"},
{"out", OPT_OUT, '>', "Output file"},
{"pass", OPT_PASS, 's', "Passphrase source"},
diff --git a/doc/man1/dgst.pod b/doc/man1/dgst.pod
index 6d48523c99..ea2c4e3e15 100644
--- a/doc/man1/dgst.pod
+++ b/doc/man1/dgst.pod
@@ -12,6 +12,7 @@ B<openssl dgst>
[B<-help>]
[B<-c>]
[B<-d>]
+[B<-list>]
[B<-hex>]
[B<-binary>]
[B<-r>]
@@ -67,6 +68,10 @@ B<hex> format output is used.
Print out BIO debugging information.
+=item B<-list>
+
+Prints out a list of supported message digests.
+
=item B<-hex>
Digest is to be output as a hex dump. This is the default case for a "normal"
diff --git a/doc/man1/enc.pod b/doc/man1/enc.pod
index a3e0b03b20..6f20ac1fc7 100644
--- a/doc/man1/enc.pod
+++ b/doc/man1/enc.pod
@@ -9,6 +9,7 @@ enc - symmetric cipher routines
B<openssl enc -I<cipher>>
[B<-help>]
+[B<-list>]
[B<-ciphers>]
[B<-in filename>]
[B<-out filename>]
@@ -56,10 +57,14 @@ either by itself or in addition to the encryption or decryption.
Print out a usage message.
-=item B<-ciphers>
+=item B<-list>
List all supported ciphers.
+=item B<-ciphers>
+
+Alias of -list to display all supported ciphers.
+
=item B<-in filename>
The input filename, standard input by default.
@@ -419,6 +424,8 @@ certain parameters. So if, for example, you want to use RC2 with a
The default digest was changed from MD5 to SHA256 in OpenSSL 1.1.0.
+The B<-list> option was added in OpenSSL 1.1.1e.
+
=head1 COPYRIGHT
Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
More information about the openssl-commits
mailing list