From e7917e38bee4a0dcaa9b9968b6a4e48959dd4a3d Mon Sep 17 00:00:00 2001 From: FdaSilvaYY Date: Fri, 5 Aug 2016 00:19:36 +0200 Subject: [PATCH] Simplify and add help about OPT_PVK* options Reviewed-by: Rich Salz Reviewed-by: Matt Caswell --- apps/dsa.c | 32 ++++++++++++-------------------- apps/rsa.c | 31 ++++++++++++------------------- 2 files changed, 24 insertions(+), 39 deletions(-) diff --git a/apps/dsa.c b/apps/dsa.c index 6ac9a40282..6aef5026e3 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -27,9 +27,10 @@ NON_EMPTY_TRANSLATION_UNIT typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, - OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, - OPT_ENGINE, OPT_PVK_STRONG, OPT_PVK_WEAK, - OPT_PVK_NONE, OPT_NOOUT, OPT_TEXT, OPT_MODULUS, OPT_PUBIN, + OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_ENGINE, + /* Do not change the order here; see case statements below */ + OPT_PVK_NONE, OPT_PVK_WEAK, OPT_PVK_STRONG, + OPT_NOOUT, OPT_TEXT, OPT_MODULUS, OPT_PUBIN, OPT_PUBOUT, OPT_CIPHER, OPT_PASSIN, OPT_PASSOUT } OPTION_CHOICE; @@ -48,9 +49,9 @@ OPTIONS dsa_options[] = { {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"}, {"", OPT_CIPHER, '-', "Any supported cipher"}, # ifndef OPENSSL_NO_RC4 - {"pvk-strong", OPT_PVK_STRONG, '-'}, - {"pvk-weak", OPT_PVK_WEAK, '-'}, - {"pvk-none", OPT_PVK_NONE, '-'}, + {"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"}, + {"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"}, + {"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"}, # endif # ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, @@ -111,22 +112,13 @@ int dsa_main(int argc, char **argv) case OPT_PASSOUT: passoutarg = opt_arg(); break; + case OPT_PVK_STRONG: /* pvk_encr:= 2 */ + case OPT_PVK_WEAK: /* pvk_encr:= 1 */ + case OPT_PVK_NONE: /* pvk_encr:= 0 */ #ifndef OPENSSL_NO_RC4 - case OPT_PVK_STRONG: - pvk_encr = 2; - break; - case OPT_PVK_WEAK: - pvk_encr = 1; - break; - case OPT_PVK_NONE: - pvk_encr = 0; - break; -#else - case OPT_PVK_STRONG: - case OPT_PVK_WEAK: - case OPT_PVK_NONE: - break; + pvk_encr = (o - OPT_PVK_NONE); #endif + break; case OPT_NOOUT: noout = 1; break; diff --git a/apps/rsa.c b/apps/rsa.c index 203e6b96e4..f67387e27f 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -29,8 +29,10 @@ typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT, OPT_PUBIN, OPT_PUBOUT, OPT_PASSOUT, OPT_PASSIN, - OPT_RSAPUBKEY_IN, OPT_RSAPUBKEY_OUT, OPT_PVK_STRONG, OPT_PVK_WEAK, - OPT_PVK_NONE, OPT_NOOUT, OPT_TEXT, OPT_MODULUS, OPT_CHECK, OPT_CIPHER + OPT_RSAPUBKEY_IN, OPT_RSAPUBKEY_OUT, + /* Do not change the order here; see case statements below */ + OPT_PVK_NONE, OPT_PVK_WEAK, OPT_PVK_STRONG, + OPT_NOOUT, OPT_TEXT, OPT_MODULUS, OPT_CHECK, OPT_CIPHER } OPTION_CHOICE; OPTIONS rsa_options[] = { @@ -51,9 +53,9 @@ OPTIONS rsa_options[] = { {"check", OPT_CHECK, '-', "Verify key consistency"}, {"", OPT_CIPHER, '-', "Any supported cipher"}, # if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) - {"pvk-strong", OPT_PVK_STRONG, '-'}, - {"pvk-weak", OPT_PVK_WEAK, '-'}, - {"pvk-none", OPT_PVK_NONE, '-'}, + {"pvk-strong", OPT_PVK_STRONG, '-', "Enable 'Strong' PVK encoding level (default)"}, + {"pvk-weak", OPT_PVK_WEAK, '-', "Enable 'Weak' PVK encoding level"}, + {"pvk-none", OPT_PVK_NONE, '-', "Don't enforce PVK encoding"}, # endif # ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, @@ -124,22 +126,13 @@ int rsa_main(int argc, char **argv) case OPT_RSAPUBKEY_OUT: pubout = 2; break; + case OPT_PVK_STRONG: /* pvk_encr:= 2 */ + case OPT_PVK_WEAK: /* pvk_encr:= 1 */ + case OPT_PVK_NONE: /* pvk_encr:= 0 */ # if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) - case OPT_PVK_STRONG: - pvk_encr = 2; - break; - case OPT_PVK_WEAK: - pvk_encr = 1; - break; - case OPT_PVK_NONE: - pvk_encr = 0; - break; -# else - case OPT_PVK_STRONG: - case OPT_PVK_WEAK: - case OPT_PVK_NONE: - break; + pvk_encr = (o - OPT_PVK_NONE); # endif + break; case OPT_NOOUT: noout = 1; break; -- 2.25.1