From 19ae090787b7897182a47ae8c38a0c1da9307738 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 10 Apr 2009 10:30:27 +0000 Subject: [PATCH] Print out registered digest names in dgst utility instead of hard coding them. Modify EVP_MD_do_all() to include registered digest name. This is a modified version of part of PR#1887. --- CHANGES | 8 +++++++ apps/dgst.c | 51 ++++++++++++++++++-------------------------- crypto/evp/evp.h | 1 + crypto/evp/evp_lib.c | 5 +++++ crypto/evp/names.c | 4 ++-- 5 files changed, 37 insertions(+), 32 deletions(-) diff --git a/CHANGES b/CHANGES index dff85b2b6e..93282bf639 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,14 @@ Changes between 0.9.8k and 1.0 [xx XXX xxxx] + *) Add "missing" function EVP_MD_flags() (without this the only way to + retrieve a digest flags is by accessing the structure directly. Update + EVP_MD_do_all*() and EVP_CIPHER_do_all*() to include the name a digest + or cipher is registered as in the "from" argument. Print out all + registered digests in the dgst usage message instead of manually + attempting to work them out. + [Steve Henson] + *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello: this allows the use of compression and extensions. Change default cipher string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2 diff --git a/apps/dgst.c b/apps/dgst.c index 6a6e7ba6cf..e2fb728656 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -79,6 +79,26 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int sep, int binout, const char *sig_name, const char *md_name, const char *file,BIO *bmd); +static void list_md_fn(const EVP_MD *m, + const char *from, const char *to, void *arg) + { + const char *mname; + /* Skip aliases */ + if (!m) + return; + mname = OBJ_nid2ln(EVP_MD_type(m)); + /* Skip shortnames */ + if (strcmp(from, mname)) + return; + /* Skip clones */ + if (EVP_MD_flags(m) & EVP_MD_FLAG_PKEY_DIGEST) + return; + if (strchr(mname, ' ')) + mname= EVP_MD_name(m); + BIO_printf(arg, "-%-14s to use the %s message digest algorithm\n", + mname, mname); + } + int MAIN(int, char **); int MAIN(int argc, char **argv) @@ -256,36 +276,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n"); #endif - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm (default)\n", - LN_md5,LN_md5); - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - LN_md4,LN_md4); - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - LN_md2,LN_md2); -#ifndef OPENSSL_NO_SHA - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - LN_sha1,LN_sha1); -#ifndef OPENSSL_NO_SHA256 - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - LN_sha224,LN_sha224); - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - LN_sha256,LN_sha256); -#endif -#ifndef OPENSSL_NO_SHA512 - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - LN_sha384,LN_sha384); - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - LN_sha512,LN_sha512); -#endif -#endif - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - LN_mdc2,LN_mdc2); - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - LN_ripemd160,LN_ripemd160); -#ifndef OPENSSL_NO_WHIRLPOOL - BIO_printf(bio_err,"-%-14s to use the %s message digest algorithm\n", - SN_whirlpool,SN_whirlpool); -#endif + EVP_MD_do_all_sorted(list_md_fn, bio_err); goto end; } diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index a73f7434b8..4eecdbeea7 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -421,6 +421,7 @@ int EVP_MD_type(const EVP_MD *md); int EVP_MD_pkey_type(const EVP_MD *md); int EVP_MD_size(const EVP_MD *md); int EVP_MD_block_size(const EVP_MD *md); +unsigned long EVP_MD_flags(const EVP_MD *md); const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx); #define EVP_MD_CTX_size(e) EVP_MD_size(EVP_MD_CTX_md(e)) diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c index d815bc6d6f..b92a6626fa 100644 --- a/crypto/evp/evp_lib.c +++ b/crypto/evp/evp_lib.c @@ -263,6 +263,11 @@ int EVP_MD_size(const EVP_MD *md) return md->md_size; } +unsigned long EVP_MD_flags(const EVP_MD *md) + { + return md->flags; + } + const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx) { if (!ctx) diff --git a/crypto/evp/names.c b/crypto/evp/names.c index feaf80dfe8..7e4d742a66 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -145,7 +145,7 @@ static void do_all_cipher_fn(const OBJ_NAME *nm, void *arg) if (nm->alias) dc->fn(NULL, nm->name, nm->data, dc->arg); else - dc->fn((const EVP_CIPHER *)nm->data, NULL, NULL, dc->arg); + dc->fn((const EVP_CIPHER *)nm->data, nm->name, NULL, dc->arg); } void EVP_CIPHER_do_all(void (*fn)(const EVP_CIPHER *ciph, @@ -179,7 +179,7 @@ static void do_all_md_fn(const OBJ_NAME *nm, void *arg) if (nm->alias) dc->fn(NULL, nm->name, nm->data, dc->arg); else - dc->fn((const EVP_MD *)nm->data, NULL, NULL, dc->arg); + dc->fn((const EVP_MD *)nm->data, nm->name, NULL, dc->arg); } void EVP_MD_do_all(void (*fn)(const EVP_MD *md, -- 2.34.1