Fix no-des

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1748)

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 82182c29b86d7f2da8764d2b5e633a0b8811dc35..4e7de438a77f8a0154a813b90201d9414f85a9ac 100644 (file)
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -1110,4 +1110,6 @@ static int set_pbe(BIO *err, int *ppbe, const char *str)
     return 1;
 }
 
+#else
+static void *dummy = &dummy;
 #endif

diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c
index 2cfcdb29cd50c8a37384a916dce3c4b5195e0360..ee283172d3d893b6d104c92765984463fc5c4246 100644 (file)
--- a/crypto/cms/cms_kari.c
+++ b/crypto/cms/cms_kari.c
@@ -401,9 +401,12 @@ static int cms_wrap_init(CMS_KeyAgreeRecipientInfo *kari,
      * Pick a cipher based on content encryption cipher. If it is DES3 use
      * DES3 wrap otherwise use AES wrap similar to key size.
      */
+#ifndef OPENSSL_NO_DES
     if (EVP_CIPHER_type(cipher) == NID_des_ede3_cbc)
         kekcipher = EVP_des_ede3_wrap();
-    else if (keylen <= 16)
+    else
+#endif
+    if (keylen <= 16)
         kekcipher = EVP_aes_128_wrap();
     else if (keylen <= 24)
         kekcipher = EVP_aes_192_wrap();