diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2000-02-12 03:03:04 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2000-02-12 03:03:04 +0000 |
commit | d13e4eb0b5d307177ed9c791cf3fa5da77ff088b (patch) | |
tree | 04aab40adb766bcbf221de99b9672013b6ee1047 /apps | |
parent | 07fc35519eb6e63ccc6c9336b021b90b27a84cd9 (diff) |
Make pkcs12 and smime applications seed random number
generator (otherwise they don't work) and add -rand
option. Update docs.
Diffstat (limited to 'apps')
-rw-r--r-- | apps/pkcs12.c | 20 | ||||
-rw-r--r-- | apps/smime.c | 47 |
2 files changed, 54 insertions, 13 deletions
diff --git a/apps/pkcs12.c b/apps/pkcs12.c index a54555b467..7b12902948 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -114,6 +114,7 @@ int MAIN(int argc, char **argv) STACK *canames = NULL; char *cpass = NULL, *mpass = NULL; char *passin = NULL, *passout = NULL; + char *inrand = NULL; apps_startup(); @@ -170,6 +171,11 @@ int MAIN(int argc, char **argv) badarg = 1; } } else badarg = 1; + } else if (!strcmp (*args, "-rand")) { + if (args[1]) { + args++; + inrand = *args; + } else badarg = 1; } else if (!strcmp (*args, "-inkey")) { if (args[1]) { args++; @@ -212,7 +218,7 @@ int MAIN(int argc, char **argv) if(!(passin= getenv(*args))) { BIO_printf(bio_err, "Can't read environment variable %s\n", - *argv); + *args); badarg = 1; } } else badarg = 1; @@ -222,7 +228,7 @@ int MAIN(int argc, char **argv) if(!(passout= getenv(*args))) { BIO_printf(bio_err, "Can't read environment variable %s\n", - *argv); + *args); badarg = 1; } } else badarg = 1; @@ -290,6 +296,9 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-envpassin p environment variable containing input file pass phrase\n"); BIO_printf (bio_err, "-passout p output file pass phrase\n"); BIO_printf (bio_err, "-envpassout p environment variable containing output file pass phrase\n"); + BIO_printf(bio_err, "-rand file:file:...\n"); + BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); + BIO_printf(bio_err, " the random number generator\n"); goto end; } @@ -306,6 +315,12 @@ int MAIN(int argc, char **argv) mpass = macpass; } + if(export_cert || inrand) { + app_RAND_load_file(NULL, bio_err, (inrand != NULL)); + if (inrand != NULL) + BIO_printf(bio_err,"%ld semi-random bytes loaded\n", + app_RAND_load_files(inrand)); + } ERR_load_crypto_strings(); #ifdef CRYPTO_MDEBUG @@ -558,6 +573,7 @@ int MAIN(int argc, char **argv) PKCS12_free(p12); ret = 0; end: + if(export_cert || inrand) app_RAND_write_file(NULL, bio_err); #ifdef CRYPTO_MDEBUG CRYPTO_remove_all_info(); #endif diff --git a/apps/smime.c b/apps/smime.c index 9c84841168..0d87960d69 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -102,7 +102,8 @@ int MAIN(int argc, char **argv) int flags = PKCS7_DETACHED; char *to = NULL, *from = NULL, *subject = NULL; char *CAfile = NULL, *CApath = NULL, *passin = NULL; - + char *inrand = NULL; + int need_rand = 0; args = argv + 1; ret = 1; @@ -145,17 +146,27 @@ int MAIN(int argc, char **argv) flags |= PKCS7_BINARY; else if (!strcmp (*args, "-nosigs")) flags |= PKCS7_NOSIGS; - else if (!strcmp(*argv,"-passin")) { - if (--argc < 1) badarg = 1; - else passin= *(++argv); + else if (!strcmp(*args,"-rand")) { + if (args[1]) { + args++; + inrand = *args; + } else badarg = 1; + need_rand = 1; + } else if (!strcmp(*args,"-passin")) { + if (args[1]) { + args++; + passin = *args; + } else badarg = 1; } else if (!strcmp(*argv,"-envpassin")) { - if (--argc < 1) badarg = 1; - else if(!(passin= getenv(*(++argv)))) { - BIO_printf(bio_err, - "Can't read environment variable %s\n", - *argv); - badarg = 1; - } + if (args[1]) { + args++; + if(!(passin= getenv(*args))) { + BIO_printf(bio_err, + "Can't read environment variable %s\n", + *args); + badarg = 1; + } + } else badarg = 1; } else if (!strcmp (*args, "-to")) { if (args[1]) { args++; @@ -220,6 +231,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "No signer certificate specified\n"); badarg = 1; } + need_rand = 1; } else if(operation == SMIME_DECRYPT) { if(!recipfile) { BIO_printf(bio_err, "No recipient certificate and key specified\n"); @@ -230,6 +242,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "No recipient(s) certificate(s) specified\n"); badarg = 1; } + need_rand = 1; } else if(!operation) badarg = 1; if (badarg) { @@ -268,10 +281,20 @@ int MAIN(int argc, char **argv) BIO_printf (bio_err, "-text include or delete text MIME headers\n"); BIO_printf (bio_err, "-CApath dir trusted certificates directory\n"); BIO_printf (bio_err, "-CAfile file trusted certificates file\n"); + BIO_printf(bio_err, "-rand file:file:...\n"); + BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); + BIO_printf(bio_err, " the random number generator\n"); BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n"); goto end; } + if (need_rand) { + app_RAND_load_file(NULL, bio_err, (inrand != NULL)); + if (inrand != NULL) + BIO_printf(bio_err,"%ld semi-random bytes loaded\n", + app_RAND_load_files(inrand)); + } + ret = 2; if(operation != SMIME_SIGN) flags &= ~PKCS7_DETACHED; @@ -499,6 +522,8 @@ end: #ifdef CRYPTO_MDEBUG CRYPTO_remove_all_info(); #endif + if (need_rand) + app_RAND_write_file(NULL, bio_err); if(ret) ERR_print_errors(bio_err); sk_X509_pop_free(encerts, X509_free); sk_X509_pop_free(other, X509_free); |