X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=apps%2Fdgst.c;h=0c9c351ebc38584d8c5064e20192e98cb714ff96;hb=216e0d5b91b682001a6562838db2a6c95659b903;hp=e21c3d83ac149c4d9a0cfc7cc13e0d8de672f2c7;hpb=d15711efc6c82d5483dcf73ac7fa3ec5deb2c24a;p=oweals%2Fopenssl.git

diff --git a/apps/dgst.c b/apps/dgst.c
index e21c3d83ac..0c9c351ebc 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -100,7 +100,10 @@ int MAIN(int argc, char **argv)
 	EVP_PKEY *sigkey = NULL;
 	unsigned char *sigbuf = NULL;
 	int siglen = 0;
+	char *passargin = NULL, *passin = NULL;
+#ifndef OPENSSL_NO_ENGINE
 	char *engine=NULL;
+#endif
 
 	apps_startup();
 
@@ -117,7 +120,7 @@ int MAIN(int argc, char **argv)
 		goto end;
 
 	/* first check the program name */
-	program_name(argv[0],pname,PROG_NAME_SIZE);
+	program_name(argv[0],pname,sizeof pname);
 
 	md=EVP_get_digestbyname(pname);
 
@@ -143,6 +146,12 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) break;
 			keyfile=*(++argv);
 			}
+		else if (!strcmp(*argv,"-passin"))
+			{
+			if (--argc < 1)
+				break;
+			passargin=*++argv;
+			}
 		else if (strcmp(*argv,"-verify") == 0)
 			{
 			if (--argc < 1) break;
@@ -166,11 +175,14 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) break;
 			keyform=str2fmt(*(++argv));
 			}
+#ifndef OPENSSL_NO_ENGINE
 		else if (strcmp(*argv,"-engine") == 0)
 			{
 			if (--argc < 1) break;
 			engine= *(++argv);
+        		e = setup_engine(bio_err, engine, 0);
 			}
+#endif
 		else if (strcmp(*argv,"-hex") == 0)
 			out_bin = 0;
 		else if (strcmp(*argv,"-binary") == 0)
@@ -208,28 +220,44 @@ int MAIN(int argc, char **argv)
 		BIO_printf(bio_err,"-keyform arg    key file format (PEM or ENGINE)\n");
 		BIO_printf(bio_err,"-signature file signature to verify\n");
 		BIO_printf(bio_err,"-binary         output in binary form\n");
+#ifndef OPENSSL_NO_ENGINE
 		BIO_printf(bio_err,"-engine e       use engine e, possibly a hardware device.\n");
+#endif
 
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm (default)\n",
 			LN_md5,LN_md5);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_md4,LN_md4);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_md2,LN_md2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+#ifndef OPENSSL_NO_SHA
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_sha1,LN_sha1);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
-			LN_sha,LN_sha);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+#ifndef OPENSSL_NO_SHA256
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
+			LN_sha224,LN_sha224);
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
+			LN_sha256,LN_sha256);
+#endif
+#ifndef OPENSSL_NO_SHA512
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
+			LN_sha384,LN_sha384);
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
+			LN_sha512,LN_sha512);
+#endif
+#endif
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_mdc2,LN_mdc2);
-		BIO_printf(bio_err,"-%3s to use the %s message digest algorithm\n",
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
 			LN_ripemd160,LN_ripemd160);
+#ifndef OPENSSL_NO_WHIRLPOOL
+		BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n",
+			SN_whirlpool,SN_whirlpool);
+#endif
 		err=1;
 		goto end;
 		}
 
-        e = setup_engine(bio_err, engine, 0);
-
 	in=BIO_new(BIO_s_file());
 	bmd=BIO_new(BIO_f_md());
 	if (debug)
@@ -239,6 +267,12 @@ int MAIN(int argc, char **argv)
 		BIO_set_callback_arg(in,bio_err);
 		}
 
+	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL))
+		{
+		BIO_printf(bio_err, "Error getting password\n");
+		goto end;
+		}
+
 	if ((in == NULL) || (bmd == NULL))
 		{
 		ERR_print_errors(bio_err);
@@ -277,10 +311,10 @@ int MAIN(int argc, char **argv)
 	if(keyfile)
 		{
 		if (want_pub)
-			sigkey = load_pubkey(bio_err, keyfile, keyform, NULL,
+			sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
 				e, "key file");
 		else
-			sigkey = load_key(bio_err, keyfile, keyform, NULL,
+			sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
 				e, "key file");
 		if (!sigkey)
 			{
@@ -314,7 +348,13 @@ int MAIN(int argc, char **argv)
 
 
 	/* we use md as a filter, reading from 'in' */
-	BIO_set_md(bmd,md);
+	if (!BIO_set_md(bmd,md))
+		{
+		BIO_printf(bio_err, "Error setting digest %s\n", pname);
+		ERR_print_errors(bio_err);
+		goto end;
+		}
+		
 	inp=BIO_push(bmd,in);
 
 	if (argc == 0)
@@ -339,8 +379,9 @@ int MAIN(int argc, char **argv)
 				}
 			if(!out_bin)
 				{
-				tmp=tofree=OPENSSL_malloc(strlen(name)+strlen(argv[i])+5);
-				sprintf(tmp,"%s(%s)= ",name,argv[i]);
+				size_t len = strlen(name)+strlen(argv[i])+5;
+				tmp=tofree=OPENSSL_malloc(len);
+				BIO_snprintf(tmp,len,"%s(%s)= ",name,argv[i]);
 				}
 			else
 				tmp="";
@@ -356,16 +397,18 @@ int MAIN(int argc, char **argv)
 end:
 	if (buf != NULL)
 		{
-		memset(buf,0,BUFSIZE);
+		OPENSSL_cleanse(buf,BUFSIZE);
 		OPENSSL_free(buf);
 		}
 	if (in != NULL) BIO_free(in);
+	if (passin)
+		OPENSSL_free(passin);
 	BIO_free_all(out);
 	EVP_PKEY_free(sigkey);
 	if(sigbuf) OPENSSL_free(sigbuf);
 	if (bmd != NULL) BIO_free(bmd);
 	apps_shutdown();
-	EXIT(err);
+	OPENSSL_EXIT(err);
 	}
 
 int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout,