The apps, the CMS library and the X.509 library are primarly affected.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13589)
s_chain_file = opt_arg();
break;
case OPT_DHPARAM:
-#ifndef OPENSSL_NO_DH
dhfile = opt_arg();
-#endif
break;
case OPT_DCERTFORM:
if (!opt_format(opt_arg(), OPT_FMT_ANY, &s_dcert_format))
bio_s_out = dup_bio_out(FORMAT_TEXT);
}
}
-#if !defined(OPENSSL_NO_RSA) || !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
- if (nocert)
-#endif
- {
+ if (nocert) {
s_cert_file = NULL;
s_key_file = NULL;
s_dcert_file = NULL;
SOURCE[../../libcrypto]= \
cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \
cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \
- cms_pwri.c cms_kari.c cms_rsa.c
-
-IF[{- !$disabled{dh} -}]
- SOURCE[../../libcrypto]=cms_dh.c
-ENDIF
-IF[{- !$disabled{ec} || !$disabled{dsa}-}]
- SOURCE[../../libcrypto]=cms_ec.c
-ENDIF
+ cms_pwri.c cms_kari.c cms_rsa.c cms_dh.c cms_ec.c
if (alg == NULL || pubkey == NULL)
return 0;
if (!dh_cms_set_peerkey(pctx, alg, pubkey)) {
- ERR_raise(ERR_LIB_DH, DH_R_PEER_KEY_ERROR);
+ ERR_raise(ERR_LIB_CMS, CMS_R_PEER_KEY_ERROR);
return 0;
}
}
/* Set DH derivation parameters and initialise unwrap context */
if (!dh_cms_set_shared_info(pctx, ri)) {
- ERR_raise(ERR_LIB_DH, DH_R_SHARED_INFO_ERROR);
+ ERR_raise(ERR_LIB_CMS, CMS_R_SHARED_INFO_ERROR);
return 0;
}
return 1;
#include "cms_local.h"
#include "crypto/evp.h"
-#ifndef OPENSSL_NO_EC
static EVP_PKEY *pkey_type2param(int ptype, const void *pval,
OSSL_LIB_CTX *libctx, const char *propq)
{
ERR_raise(ERR_LIB_CMS, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);
return 0;
}
-#endif
/* ECDSA and DSA implementation is the same */
int cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify)
} else
return 0;
-#ifndef OPENSSL_NO_DH
if (EVP_PKEY_is_a(pkey, "DHX"))
return cms_dh_envelope(ri, cmd);
- else
-#endif
-#ifndef OPENSSL_NO_EC
- if (EVP_PKEY_is_a(pkey, "EC"))
+ else if (EVP_PKEY_is_a(pkey, "EC"))
return cms_ecdh_envelope(ri, cmd);
- else
-#endif
- if (EVP_PKEY_is_a(pkey, "RSA"))
+ else if (EVP_PKEY_is_a(pkey, "RSA"))
return cms_rsa_envelope(ri, cmd);
/* Something else? We'll give engines etc a chance to handle this */
EVP_PKEY *pkey = si->pkey;
int i;
-#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC)
if (EVP_PKEY_is_a(pkey, "DSA") || EVP_PKEY_is_a(pkey, "EC"))
return cms_ecdsa_dsa_sign(si, cmd);
- else
-#endif
- if (EVP_PKEY_is_a(pkey, "RSA") || EVP_PKEY_is_a(pkey, "RSA-PSS"))
+ else if (EVP_PKEY_is_a(pkey, "RSA") || EVP_PKEY_is_a(pkey, "RSA-PSS"))
return cms_rsa_sign(si, cmd);
/* Something else? We'll give engines etc a chance to handle this */
goto err;
}
-# ifndef OPENSSL_NO_EC
- if (id != NULL && EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0) {
- ERR_raise(ERR_LIB_ASN1, ERR_R_MALLOC_FAILURE);
+ if (id != NULL && EVP_PKEY_CTX_set1_id(pctx, id->data, id->length) <= 0)
goto err;
- }
-# endif
EVP_MD_CTX_set_pkey_ctx(ctx, pctx);
return ctx;
/* Could be a legacy key, try and convert to a ctrl */
if (ctx->pmeth != NULL && (nid = OBJ_txt2nid(name)) != NID_undef) {
-# ifndef OPENSSL_NO_DH
if (ctx->pmeth->pkey_id == EVP_PKEY_DH)
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH,
EVP_PKEY_OP_PARAMGEN
| EVP_PKEY_OP_KEYGEN,
EVP_PKEY_CTRL_DH_NID, nid, NULL);
-# endif
-# ifndef OPENSSL_NO_EC
if (ctx->pmeth->pkey_id == EVP_PKEY_EC)
return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_EC,
EVP_PKEY_OP_PARAMGEN|EVP_PKEY_OP_KEYGEN,
EVP_PKEY_CTRL_EC_PARAMGEN_CURVE_NID,
nid, NULL);
-# endif
}
#endif
ERR_raise(ERR_LIB_EVP, EVP_R_COMMAND_NOT_SUPPORTED);
return EVP_PKEY_CTX_set_dh_rfc5114(ctx, p1);
}
}
-# ifndef OPENSSL_NO_DSA
if (keytype == EVP_PKEY_DSA) {
switch (cmd) {
case EVP_PKEY_CTRL_DSA_PARAMGEN_BITS:
return EVP_PKEY_CTX_set_dsa_paramgen_md(ctx, p2);
}
}
-# endif
if (keytype == EVP_PKEY_EC) {
switch (cmd) {
case EVP_PKEY_CTRL_EC_PARAM_ENC:
name = OSSL_PKEY_PARAM_RSA_MGF1_DIGEST;
else if (strcmp(name, "rsa_pss_keygen_saltlen") == 0)
name = OSSL_PKEY_PARAM_RSA_PSS_SALTLEN;
-# ifndef OPENSSL_NO_DSA
else if (strcmp(name, "dsa_paramgen_bits") == 0)
name = OSSL_PKEY_PARAM_FFC_PBITS;
else if (strcmp(name, "dsa_paramgen_q_bits") == 0)
name = OSSL_PKEY_PARAM_FFC_QBITS;
else if (strcmp(name, "dsa_paramgen_md") == 0)
name = OSSL_PKEY_PARAM_FFC_DIGEST;
-# endif
else if (strcmp(name, "dh_paramgen_generator") == 0)
name = OSSL_PKEY_PARAM_DH_GENERATOR;
else if (strcmp(name, "dh_paramgen_prime_len") == 0)
ERR_raise(ERR_LIB_X509, X509_R_KEY_TYPE_MISMATCH);
break;
case -2:
-#ifndef OPENSSL_NO_EC
- if (EVP_PKEY_id(k) == EVP_PKEY_EC) {
- ERR_raise(ERR_LIB_X509, ERR_R_EC_LIB);
- break;
- }
-#endif
-#ifndef OPENSSL_NO_DH
- if (EVP_PKEY_id(k) == EVP_PKEY_DH) {
- /* No idea */
- ERR_raise(ERR_LIB_X509, X509_R_CANT_CHECK_DH_KEY);
- break;
- }
-#endif
ERR_raise(ERR_LIB_X509, X509_R_UNKNOWN_KEY_TYPE);
}
projects / openssl.git / commitdiff