diff options
| author | Rich Salz <rsalz@akamai.com> | 2021-02-14 20:34:22 +0100 |
|---|---|---|
| committer | Tomas Mraz <tomas@openssl.org> | 2021-05-05 09:46:56 +0200 |
| commit | a485561b2efd17e3ff9a4df2013b636467dee59f (patch) | |
| tree | 3ad0920e650cd72868d52ccec1f98b447dfbc98c /apps/cms.c | |
| parent | Fix KMAC bounds checks. (diff) | |
| download | openssl-a485561b2efd17e3ff9a4df2013b636467dee59f.tar.xz openssl-a485561b2efd17e3ff9a4df2013b636467dee59f.zip | |
Fetch cipher-wrap after loading providers.
Use official (first) names for wrapping algorithms.
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14182)
Diffstat (limited to 'apps/cms.c')
| -rw-r--r-- | apps/cms.c | 21 |
1 files changed, 7 insertions, 14 deletions
diff --git a/apps/cms.c b/apps/cms.c index ed349bda2d..88b70fc67f 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -215,9 +215,7 @@ const OPTIONS cms_options[] = { {"aes128-wrap", OPT_AES128_WRAP, '-', "Use AES128 to wrap key"}, {"aes192-wrap", OPT_AES192_WRAP, '-', "Use AES192 to wrap key"}, {"aes256-wrap", OPT_AES256_WRAP, '-', "Use AES256 to wrap key"}, -# ifndef OPENSSL_NO_DES {"des3-wrap", OPT_3DES_WRAP, '-', "Use 3DES-EDE to wrap key"}, -# endif {"wrap", OPT_WRAP, 's', "Any wrap cipher to wrap key"}, OPT_R_OPTIONS, @@ -284,7 +282,7 @@ int cms_main(int argc, char **argv) X509_VERIFY_PARAM *vpm = NULL; char *certfile = NULL, *keyfile = NULL, *contfile = NULL; const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL; - char *certsoutfile = NULL, *digestname = NULL; + char *certsoutfile = NULL, *digestname = NULL, *wrapname = NULL; int noCAfile = 0, noCApath = 0, noCAstore = 0; char *infile = NULL, *outfile = NULL, *rctfile = NULL; char *passinarg = NULL, *passin = NULL, *signerfile = NULL; @@ -676,22 +674,13 @@ int cms_main(int argc, char **argv) goto end; break; case OPT_3DES_WRAP: -# ifndef OPENSSL_NO_DES - wrap_cipher = (EVP_CIPHER *)EVP_des_ede3_wrap(); -# endif - break; case OPT_AES128_WRAP: - wrap_cipher = (EVP_CIPHER *)EVP_aes_128_wrap(); - break; case OPT_AES192_WRAP: - wrap_cipher = (EVP_CIPHER *)EVP_aes_192_wrap(); - break; case OPT_AES256_WRAP: - wrap_cipher = (EVP_CIPHER *)EVP_aes_256_wrap(); + wrapname = opt_flag() + 1; break; case OPT_WRAP: - if (!opt_cipher(opt_unknown(), &wrap_cipher)) - goto end; + wrapname = opt_unknown(); break; } } @@ -706,6 +695,10 @@ int cms_main(int argc, char **argv) if (!opt_cipher(ciphername, &cipher)) goto end; } + if (wrapname != NULL) { + if (!opt_cipher(wrapname, &wrap_cipher)) + goto end; + } /* Remaining args are files to process. */ argc = opt_num_rest(); |