diff options
| -rw-r--r-- | CHANGES | 9 | ||||
| -rw-r--r-- | apps/dhparam.c | 17 | ||||
| -rw-r--r-- | apps/dsaparam.c | 20 | ||||
| -rw-r--r-- | apps/gendh.c | 19 | ||||
| -rw-r--r-- | apps/gendsa.c | 14 | ||||
| -rw-r--r-- | apps/genrsa.c | 14 | ||||
| -rw-r--r-- | apps/pkcs12.c | 14 | ||||
| -rw-r--r-- | apps/rand.c | 16 | ||||
| -rw-r--r-- | apps/req.c | 13 | ||||
| -rw-r--r-- | apps/smime.c | 15 | ||||
| -rw-r--r-- | crypto/rand/rand_egd.c | 11 |
11 files changed, 23 insertions, 139 deletions
@@ -4,15 +4,6 @@ Changes between 0.9.5a and 0.9.6 [xx XXX 2000] - *) Add the possibility, through the -egd parameter, to tell the openssl - applications that EGD should be used as seeding source, and where - the EGD named socket is. - [Richard Levitte] - - *) Add the possibility to tell RAND_egd() and RAND_egd_bytes() where - the EGD named socket is through the environment variable RANDEGD. - [Richard Levitte] - *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1'). [Bodo Moeller] diff --git a/apps/dhparam.c b/apps/dhparam.c index a92863373c..a738c5af67 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -121,7 +121,6 @@ #include <openssl/dh.h> #include <openssl/x509.h> #include <openssl/pem.h> -#include <openssl/rand.h> #ifndef NO_DSA #include <openssl/dsa.h> @@ -157,7 +156,7 @@ int MAIN(int argc, char **argv) BIO *in=NULL,*out=NULL; int informat,outformat,check=0,noout=0,C=0,ret=1; char *infile,*outfile,*prog; - char *inrand=NULL, *inegd=NULL; + char *inrand=NULL; int num = 0, g = 0; apps_startup(); @@ -217,11 +216,6 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } - else if (strcmp(*argv,"-egd") == 0) - { - if (--argc < 1) goto bad; - inegd= *(++argv); - } else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0))) goto bad; argv++; @@ -247,9 +241,8 @@ bad: BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n"); BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n"); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," load the file (or the files in the directory) into\n"); + BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," -egd file load random seed from EGD socket\n"); BIO_printf(bio_err," -noout no output\n"); goto end; } @@ -278,17 +271,13 @@ bad: if(num) { - if (!app_RAND_load_file(NULL, bio_err, 1) - && inrand == NULL && inegd == NULL) + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - if (inegd != NULL) - BIO_printf(bio_err,"%ld egd bytes loaded\n", - RAND_egd(inegd)); #ifndef NO_DSA if (dsaparam) diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 7e3b12ebe3..a15d6ea309 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -69,7 +69,6 @@ #include <openssl/dsa.h> #include <openssl/x509.h> #include <openssl/pem.h> -#include <openssl/rand.h> #undef PROG #define PROG dsaparam_main @@ -95,7 +94,7 @@ int MAIN(int argc, char **argv) int i,badops=0,text=0; BIO *in=NULL,*out=NULL; int informat,outformat,noout=0,C=0,ret=1; - char *infile,*outfile,*prog,*inrand=NULL,*inegd=NULL; + char *infile,*outfile,*prog,*inrand=NULL; int numbits= -1,num,genkey=0; int need_rand=0; @@ -150,12 +149,6 @@ int MAIN(int argc, char **argv) inrand= *(++argv); need_rand=1; } - else if (strcmp(*argv,"-egd") == 0) - { - if (--argc < 1) goto bad; - inegd= *(++argv); - need_rand=1; - } else if (strcmp(*argv,"-noout") == 0) noout=1; else if (sscanf(*argv,"%d",&num) == 1) @@ -186,10 +179,7 @@ bad: BIO_printf(bio_err," -text print the key in text\n"); BIO_printf(bio_err," -C Output C code\n"); BIO_printf(bio_err," -noout no output\n"); - BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err," load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," -egd file load random seed from EGD socket\n"); + BIO_printf(bio_err," -rand files to use for random number input\n"); BIO_printf(bio_err," number number of bits to use for generating private key\n"); goto end; } @@ -227,14 +217,10 @@ bad: if (need_rand) { - app_RAND_load_file(NULL, bio_err, - (inrand != NULL || inegd != NULL)); + app_RAND_load_file(NULL, bio_err, (inrand != NULL)); if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - if (inegd != NULL) - BIO_printf(bio_err,"%ld egd bytes loaded\n", - RAND_egd(inegd)); } if (numbits > 0) diff --git a/apps/gendh.c b/apps/gendh.c index 5ad55dae59..caf5e8d736 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -85,7 +85,7 @@ int MAIN(int argc, char **argv) int ret=1,num=DEFBITS; int g=2; char *outfile=NULL; - char *inrand=NULL,*inegd=NULL; + char *inrand=NULL; BIO *out=NULL; apps_startup(); @@ -115,11 +115,6 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } - else if (strcmp(*argv,"-egd") == 0) - { - if (--argc < 1) goto bad; - inegd= *(++argv); - } else break; argv++; @@ -130,13 +125,12 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"usage: gendh [args] [numbits]\n"); BIO_printf(bio_err," -out file - output the key to 'file\n"); - BIO_printf(bio_err," -2 - use 2 as the generator value\n"); - /* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */ - BIO_printf(bio_err," -5 - use 5 as the generator value\n"); + BIO_printf(bio_err," -2 use 2 as the generator value\n"); + /* BIO_printf(bio_err," -3 use 3 as the generator value\n"); */ + BIO_printf(bio_err," -5 use 5 as the generator value\n"); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," -egd file - load random seed from EGD socket\n"); goto end; } @@ -158,16 +152,13 @@ bad: } } - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL) + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - if (inegd != NULL) - BIO_printf(bio_err,"%ld egd bytes loaded\n", - RAND_egd(inegd)); BIO_printf(bio_err,"Generating DH parameters, %d bit long safe prime, generator %d\n",num,g); BIO_printf(bio_err,"This is going to take a long time\n"); diff --git a/apps/gendsa.c b/apps/gendsa.c index dd83d1bf0f..1937613849 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -68,7 +68,6 @@ #include <openssl/dsa.h> #include <openssl/x509.h> #include <openssl/pem.h> -#include <openssl/rand.h> #define DEFBITS 512 #undef PROG @@ -81,7 +80,7 @@ int MAIN(int argc, char **argv) DSA *dsa=NULL; int ret=1; char *outfile=NULL; - char *inrand=NULL,*inegd=NULL,*dsaparams=NULL; + char *inrand=NULL,*dsaparams=NULL; char *passargout = NULL, *passout = NULL; BIO *out=NULL,*in=NULL; EVP_CIPHER *enc=NULL; @@ -112,11 +111,6 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } - else if (strcmp(*argv,"-egd") == 0) - { - if (--argc < 1) goto bad; - inegd= *(++argv); - } else if (strcmp(*argv,"-") == 0) goto bad; #ifndef NO_DES @@ -154,7 +148,6 @@ bad: BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," -egd file - load random seed from EGD socket\n"); BIO_printf(bio_err," dsaparam-file\n"); BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n"); goto end; @@ -195,16 +188,13 @@ bad: } } - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL) + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - if (inegd != NULL) - BIO_printf(bio_err,"%ld egd bytes loaded\n", - RAND_egd(inegd)); BIO_printf(bio_err,"Generating DSA key, %d bits\n", BN_num_bits(dsa->p)); diff --git a/apps/genrsa.c b/apps/genrsa.c index 3a9995b820..5cf47e6921 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -69,7 +69,6 @@ #include <openssl/evp.h> #include <openssl/x509.h> #include <openssl/pem.h> -#include <openssl/rand.h> #define DEFBITS 512 #undef PROG @@ -89,7 +88,7 @@ int MAIN(int argc, char **argv) unsigned long f4=RSA_F4; char *outfile=NULL; char *passargout = NULL, *passout = NULL; - char *inrand=NULL,*inegd=NULL; + char *inrand=NULL; BIO *out=NULL; apps_startup(); @@ -122,11 +121,6 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } - else if (strcmp(*argv,"-egd") == 0) - { - if (--argc < 1) goto bad; - inegd= *(++argv); - } #ifndef NO_DES else if (strcmp(*argv,"-des") == 0) enc=EVP_des_cbc(); @@ -163,7 +157,6 @@ bad: BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," -egd file load random seed from EGD socket\n"); goto err; } @@ -185,16 +178,13 @@ bad: } } - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL && inegd == NULL) + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - if (inegd != NULL) - BIO_printf(bio_err,"%ld egd bytes loaded\n", - RAND_egd(inegd)); BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n", num); diff --git a/apps/pkcs12.c b/apps/pkcs12.c index 0dab7235e9..3f958943b4 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -65,7 +65,6 @@ #include <openssl/crypto.h> #include <openssl/err.h> #include <openssl/pem.h> -#include <openssl/rand.h> #include <openssl/pkcs12.h> #define PROG pkcs12_main @@ -117,7 +116,7 @@ int MAIN(int argc, char **argv) char *cpass = NULL, *mpass = NULL; char *passargin = NULL, *passargout = NULL, *passarg = NULL; char *passin = NULL, *passout = NULL; - char *inrand = NULL,*inegd=NULL; + char *inrand = NULL; apps_startup(); @@ -179,11 +178,6 @@ int MAIN(int argc, char **argv) args++; inrand = *args; } else badarg = 1; - } else if (!strcmp (*args, "-egd")) { - if (args[1]) { - args++; - inegd = *args; - } else badarg = 1; } else if (!strcmp (*args, "-inkey")) { if (args[1]) { args++; @@ -275,7 +269,6 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); BIO_printf(bio_err, " the random number generator\n"); - BIO_printf(bio_err, "-egd file load random seed from EGD socket\n"); goto end; } @@ -303,13 +296,10 @@ int MAIN(int argc, char **argv) } if(export_cert || inrand) { - app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL)); + app_RAND_load_file(NULL, bio_err, (inrand != NULL)); if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - if (inegd != NULL) - BIO_printf(bio_err,"%ld egd bytes loaded\n", - RAND_egd(inegd)); } ERR_load_crypto_strings(); diff --git a/apps/rand.c b/apps/rand.c index b0c50920a5..fa9bc023f4 100644 --- a/apps/rand.c +++ b/apps/rand.c @@ -15,7 +15,6 @@ /* -out file - write to file * -rand file:file - PRNG seed files - * -egd file - PRNG seed from EGD named socket * -base64 - encode output * num - write 'num' bytes */ @@ -27,7 +26,7 @@ int MAIN(int argc, char **argv) int i, r, ret = 1; int badopt; char *outfile = NULL; - char *inrand = NULL,*inegd=NULL; + char *inrand = NULL; int base64 = 0; BIO *out = NULL; int num = -1; @@ -56,13 +55,6 @@ int MAIN(int argc, char **argv) else badopt = 1; } - else if (strcmp(argv[i], "-egd") == 0) - { - if ((argv[i+1] != NULL) && (inegd == NULL)) - inegd = argv[++i]; - else - badopt = 1; - } else if (strcmp(argv[i], "-base64") == 0) { if (!base64) @@ -94,18 +86,14 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "where options are\n"); BIO_printf(bio_err, "-out file - write to file\n"); BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); - BIO_printf(bio_err, "-egd file - seed PRNG from EGD named socket\n"); BIO_printf(bio_err, "-base64 - encode output\n"); goto err; } - app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL)); + app_RAND_load_file(NULL, bio_err, (inrand != NULL)); if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - if (inegd != NULL) - BIO_printf(bio_err,"%ld egd bytes loaded\n", - RAND_egd(inegd)); out = BIO_new(BIO_s_file()); if (out == NULL) diff --git a/apps/req.c b/apps/req.c index 55e53342cf..fd26ed8343 100644 --- a/apps/req.c +++ b/apps/req.c @@ -103,7 +103,6 @@ * -key file - make a request using key in file (or use it for verification). * -keyform - key file format. * -rand file(s) - load the file(s) into the PRNG. - * -egd file - load PRNG seed from EGD named socket. * -newkey - make a key and a request. * -modulus - print RSA modulus. * -x509 - output a self signed X509 structure instead. @@ -157,7 +156,7 @@ int MAIN(int argc, char **argv) char *req_exts = NULL; EVP_CIPHER *cipher=NULL; int modulus=0; - char *inrand=NULL,*inegd=NULL; + char *inrand=NULL; char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; char *p; @@ -246,11 +245,6 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; inrand= *(++argv); } - else if (strcmp(*argv,"-egd") == 0) - { - if (--argc < 1) goto bad; - inegd= *(++argv); - } else if (strcmp(*argv,"-newkey") == 0) { int is_numeric; @@ -387,7 +381,6 @@ bad: BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); - BIO_printf(bio_err," -egd file load random seed from EGD socket\n"); BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n"); BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n"); @@ -562,9 +555,7 @@ bad: app_RAND_load_file(randfile, bio_err, 0); if (inrand) app_RAND_load_files(inrand); - if (inegd) - RAND_egd(inegd); - + if (newkey <= 0) { newkey=(int)CONF_get_number(req_conf,SECTION,BITS); diff --git a/apps/smime.c b/apps/smime.c index f3a1ad56b8..bb8ecd7cf0 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -63,7 +63,6 @@ #include "apps.h" #include <openssl/crypto.h> #include <openssl/pem.h> -#include <openssl/rand.h> #include <openssl/err.h> #undef PROG @@ -101,7 +100,7 @@ int MAIN(int argc, char **argv) char *to = NULL, *from = NULL, *subject = NULL; char *CAfile = NULL, *CApath = NULL; char *passargin = NULL, *passin = NULL; - char *inrand = NULL,*inegd=NULL; + char *inrand = NULL; int need_rand = 0; args = argv + 1; @@ -151,12 +150,6 @@ int MAIN(int argc, char **argv) inrand = *args; } else badarg = 1; need_rand = 1; - } else if (!strcmp(*args,"-egd")) { - if (args[1]) { - args++; - inegd = *args; - } else badarg = 1; - need_rand = 1; } else if (!strcmp(*args,"-passin")) { if (args[1]) { args++; @@ -279,7 +272,6 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err, " load the file (or the files in the directory) into\n"); BIO_printf(bio_err, " the random number generator\n"); - BIO_printf(bio_err, "-egd file load random seed from EGD socket\n"); BIO_printf (bio_err, "cert.pem recipient certificate(s) for encryption\n"); goto end; } @@ -290,13 +282,10 @@ int MAIN(int argc, char **argv) } if (need_rand) { - app_RAND_load_file(NULL, bio_err, (inrand != NULL || inegd != NULL)); + app_RAND_load_file(NULL, bio_err, (inrand != NULL)); if (inrand != NULL) BIO_printf(bio_err,"%ld semi-random bytes loaded\n", app_RAND_load_files(inrand)); - if (inegd != NULL) - BIO_printf(bio_err,"%ld egd bytes loaded\n", - RAND_egd(inegd)); } ret = 2; diff --git a/crypto/rand/rand_egd.c b/crypto/rand/rand_egd.c index ad5385acaa..02a0d86fa3 100644 --- a/crypto/rand/rand_egd.c +++ b/crypto/rand/rand_egd.c @@ -54,7 +54,6 @@ * */ -#include <stdlib.h> #include <openssl/rand.h> /* Query the EGD <URL: http://www.lothar.com/tech/crypto/>. @@ -84,17 +83,12 @@ int RAND_egd_bytes(const char *path,int bytes) int RAND_egd(const char *path) { - const char *s; int ret = -1; struct sockaddr_un addr; int len, num; int fd = -1; unsigned char buf[256]; - s=getenv("RANDEGD"); - if (s != NULL) - path = s; - memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; if (strlen(path) > sizeof(addr.sun_path)) @@ -121,17 +115,12 @@ int RAND_egd(const char *path) int RAND_egd_bytes(const char *path,int bytes) { - const char *s; int ret = 0; struct sockaddr_un addr; int len, num; int fd = -1; unsigned char buf[255]; - s=getenv("RANDEGD"); - if (s != NULL) - path = s; - memset(&addr, 0, sizeof(addr)); addr.sun_family = AF_UNIX; if (strlen(path) > sizeof(addr.sun_path)) |