projects / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 49ce003)
APPS: Add passphrase handling in the "rsa" and "dsa" commands
authorRichard Levitte <levitte@openssl.org>
Mon, 3 May 2021 06:48:17 +0000 (08:48 +0200)
committerRichard Levitte <levitte@openssl.org>
Tue, 4 May 2021 09:40:31 +0000 (11:40 +0200)
They completely ignored any passphrase related setting.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15119)

apps/dsa.c patch | blob | history
apps/rsa.c patch | blob | history

diff --git a/apps/dsa.c b/apps/dsa.c
index 9ea109851456e11fb69e4a64308fe414a35fbf93..9a7bf04adb993621478b51e86392de5ca9b0c406 100644 (file)
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -267,6 +267,20 @@ int dsa_main(int argc, char **argv)
         goto end;
     }
 
+    /* Passphrase setup */
+    if (enc != NULL)
+        OSSL_ENCODER_CTX_set_cipher(ectx, EVP_CIPHER_name(enc), NULL);
+
+    /* Default passphrase prompter */
+    if (enc != NULL || outformat == FORMAT_PVK) {
+        OSSL_ENCODER_CTX_set_passphrase_ui(ectx, get_ui_method(), NULL);
+        if (passout != NULL)
+            /* When passout given, override the passphrase prompter */
+            OSSL_ENCODER_CTX_set_passphrase(ectx,
+                                            (const unsigned char *)passout,
+                                            strlen(passout));
+    }
+
     /* PVK requires a bit more */
     if (outformat == FORMAT_PVK) {
         OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
diff --git a/apps/rsa.c b/apps/rsa.c
index fc1db506d74760c49b7bfc47a2a7099317f956e3..47316757d56ad2b4002a537ad34a3eab23f0f006 100644 (file)
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -335,6 +335,20 @@ int rsa_main(int argc, char **argv)
         goto end;
     }
 
+    /* Passphrase setup */
+    if (enc != NULL)
+        OSSL_ENCODER_CTX_set_cipher(ectx, EVP_CIPHER_name(enc), NULL);
+
+    /* Default passphrase prompter */
+    if (enc != NULL || outformat == FORMAT_PVK) {
+        OSSL_ENCODER_CTX_set_passphrase_ui(ectx, get_ui_method(), NULL);
+        if (passout != NULL)
+            /* When passout given, override the passphrase prompter */
+            OSSL_ENCODER_CTX_set_passphrase(ectx,
+                                            (const unsigned char *)passout,
+                                            strlen(passout));
+    }
+
     /* PVK is a bit special... */
     if (outformat == FORMAT_PVK) {
         OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
Unnamed repository; edit this file 'description' to name the repository.