diff options
author | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-12-11 03:15:09 +0100 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-12-15 04:39:58 +0100 |
commit | a61fba5da6eec31d7b790602c1e21f06d722cdaa (patch) | |
tree | 58dde14d8daf86c0569988071d40517290aa2375 | |
parent | cb75a155b67942d32b808031199a7c947098e1e6 (diff) |
Skip unavailable digests and ciphers in -*-commands
Fixes #13594
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13669)
-rw-r--r-- | apps/include/apps.h | 2 | ||||
-rw-r--r-- | apps/lib/engine.c | 28 | ||||
-rw-r--r-- | apps/list.c | 44 |
3 files changed, 74 insertions, 0 deletions
diff --git a/apps/include/apps.h b/apps/include/apps.h index ddfa3c8383..0a8d6f4060 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -159,6 +159,8 @@ int finish_engine(ENGINE *e); char *make_engine_uri(ENGINE *e, const char *key_id, const char *desc); int get_legacy_pkey_id(OSSL_LIB_CTX *libctx, const char *algname, ENGINE *e); +const EVP_MD *get_digest_from_engine(const char *name); +const EVP_CIPHER *get_cipher_from_engine(const char *name); # ifndef OPENSSL_NO_OCSP OCSP_RESPONSE *process_responder(OCSP_REQUEST *req, diff --git a/apps/lib/engine.c b/apps/lib/engine.c index e4a65b04e2..209c4b6b03 100644 --- a/apps/lib/engine.c +++ b/apps/lib/engine.c @@ -163,3 +163,31 @@ int get_legacy_pkey_id(OSSL_LIB_CTX *libctx, const char *algname, ENGINE *e) return pkey_id; } + +const EVP_MD *get_digest_from_engine(const char *name) +{ +#ifndef OPENSSL_NO_ENGINE + ENGINE *eng; + + eng = ENGINE_get_digest_engine(OBJ_sn2nid(name)); + if (eng != NULL) { + ENGINE_finish(eng); + return EVP_get_digestbyname(name); + } +#endif + return NULL; +} + +const EVP_CIPHER *get_cipher_from_engine(const char *name) +{ +#ifndef OPENSSL_NO_ENGINE + ENGINE *eng; + + eng = ENGINE_get_cipher_engine(OBJ_sn2nid(name)); + if (eng != NULL) { + ENGINE_finish(eng); + return EVP_get_cipherbyname(name); + } +#endif + return NULL; +} diff --git a/apps/list.c b/apps/list.c index cf63394107..df25e00363 100644 --- a/apps/list.c +++ b/apps/list.c @@ -945,6 +945,38 @@ static void list_options_for_command(const char *command) BIO_printf(bio_out, "- -\n"); } +static int is_md_available(const char *name) +{ + EVP_MD *md; + + /* Look through providers' digests */ + ERR_set_mark(); + md = EVP_MD_fetch(NULL, name, NULL); + ERR_pop_to_mark(); + if (md != NULL) { + EVP_MD_free(md); + return 1; + } + + return (get_digest_from_engine(name) == NULL) ? 0 : 1; +} + +static int is_cipher_available(const char *name) +{ + EVP_CIPHER *cipher; + + /* Look through providers' ciphers */ + ERR_set_mark(); + cipher = EVP_CIPHER_fetch(NULL, name, NULL); + ERR_pop_to_mark(); + if (cipher != NULL) { + EVP_CIPHER_free(cipher); + return 1; + } + + return (get_cipher_from_engine(name) == NULL) ? 0 : 1; +} + static void list_type(FUNC_TYPE ft, int one) { FUNCTION *fp; @@ -958,6 +990,18 @@ static void list_type(FUNC_TYPE ft, int one) for (fp = functions; fp->name != NULL; fp++) { if (fp->type != ft) continue; + switch (ft) { + case FT_cipher: + if (!is_cipher_available(fp->name)) + continue; + break; + case FT_md: + if (!is_md_available(fp->name)) + continue; + break; + default: + break; + } if (one) { BIO_printf(bio_out, "%s\n", fp->name); } else { |