- }
-
- if(!out) {
- BIO_printf(bio_err, "Error opening output file %s\n",
- outfile ? outfile : "(stdout)");
- ERR_print_errors(bio_err);
- goto end;
- }
-
- if(keyfile)
- {
- if (want_pub)
- sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
- e, "key file");
- else
- sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
- e, "key file");
- if (!sigkey)
- {
- /* load_[pub]key() has already printed an appropriate
- message */
- goto end;
- }
- }
-
- if(sigfile && sigkey) {
- BIO *sigbio;
- sigbio = BIO_new_file(sigfile, "rb");
- siglen = EVP_PKEY_size(sigkey);
- sigbuf = OPENSSL_malloc(siglen);
- if(!sigbio) {
- BIO_printf(bio_err, "Error opening signature file %s\n",
- sigfile);
- ERR_print_errors(bio_err);
- goto end;
- }
- siglen = BIO_read(sigbio, sigbuf, siglen);
- BIO_free(sigbio);
- if(siglen <= 0) {
- BIO_printf(bio_err, "Error reading signature file %s\n",
- sigfile);
- ERR_print_errors(bio_err);
- goto end;
- }
- }
-
- if (non_fips_allow)
- {
- EVP_MD_CTX *md_ctx;
- BIO_get_md_ctx(bmd,&md_ctx);
- EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
- }
-
- if (sig_flags)
- {
- EVP_MD_CTX *md_ctx;
- BIO_get_md_ctx(bmd,&md_ctx);
- EVP_MD_CTX_set_flags(md_ctx, sig_flags);
- }
-
- /* we use md as a filter, reading from 'in' */
- if (!BIO_set_md(bmd,md))
- {
- BIO_printf(bio_err, "Error setting digest %s\n", pname);
- ERR_print_errors(bio_err);
- goto end;
- }
-
- inp=BIO_push(bmd,in);
-
- if (argc == 0)
- {
- BIO_set_fp(in,stdin,BIO_NOCLOSE);
- err=do_fp(out, buf,inp,separator, out_bin, sigkey, sigbuf,
- siglen,"","(stdin)",bmd,hmac_key,non_fips_allow);
- }
- else
- {
- name=OBJ_nid2sn(md->type);
- err = 0;
- for (i=0; i<argc; i++)
- {
- char *tmp,*tofree=NULL;
- int r;
-
- if (BIO_read_filename(in,argv[i]) <= 0)
- {
- perror(argv[i]);
- err++;
- continue;
- }
- if(!out_bin)
- {
- size_t len = strlen(name)+strlen(argv[i])+(hmac_key ? 5 : 0)+5;
- tmp=tofree=OPENSSL_malloc(len);
- BIO_snprintf(tmp,len,"%s%s(%s)= ",
- hmac_key ? "HMAC-" : "",name,argv[i]);
- }
- else
- tmp="";
- r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf,
- siglen,tmp,argv[i],bmd,hmac_key,non_fips_allow);
- if(r)
- err=r;
- if(tofree)
- OPENSSL_free(tofree);
- (void)BIO_reset(bmd);
- }
- }
-end:
- if (buf != NULL)
- {
- OPENSSL_cleanse(buf,BUFSIZE);
- OPENSSL_free(buf);
- }
- if (in != NULL) BIO_free(in);
- if (passin)
- OPENSSL_free(passin);
- BIO_free_all(out);
- EVP_PKEY_free(sigkey);
- if(sigbuf) OPENSSL_free(sigbuf);
- if (bmd != NULL) BIO_free(bmd);
- apps_shutdown();
- OPENSSL_EXIT(err);
- }
+ }
+
+ if (!out) {
+ BIO_printf(bio_err, "Error opening output file %s\n",
+ outfile ? outfile : "(stdout)");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (keyfile) {
+ if (want_pub)
+ sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL,
+ e, "key file");
+ else
+ sigkey = load_key(bio_err, keyfile, keyform, 0, passin,
+ e, "key file");
+ if (!sigkey) {
+ /*
+ * load_[pub]key() has already printed an appropriate message
+ */
+ goto end;
+ }
+ }
+
+ if (sigfile && sigkey) {
+ BIO *sigbio;
+ sigbio = BIO_new_file(sigfile, "rb");
+ siglen = EVP_PKEY_size(sigkey);
+ sigbuf = OPENSSL_malloc(siglen);
+ if (!sigbio) {
+ BIO_printf(bio_err, "Error opening signature file %s\n", sigfile);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ siglen = BIO_read(sigbio, sigbuf, siglen);
+ BIO_free(sigbio);
+ if (siglen <= 0) {
+ BIO_printf(bio_err, "Error reading signature file %s\n", sigfile);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if (non_fips_allow) {
+ EVP_MD_CTX *md_ctx;
+ BIO_get_md_ctx(bmd, &md_ctx);
+ EVP_MD_CTX_set_flags(md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
+ }
+
+ if (sig_flags) {
+ EVP_MD_CTX *md_ctx;
+ BIO_get_md_ctx(bmd, &md_ctx);
+ EVP_MD_CTX_set_flags(md_ctx, sig_flags);
+ }
+
+ /* we use md as a filter, reading from 'in' */
+ if (!BIO_set_md(bmd, md)) {
+ BIO_printf(bio_err, "Error setting digest %s\n", pname);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ inp = BIO_push(bmd, in);
+
+ if (argc == 0) {
+ BIO_set_fp(in, stdin, BIO_NOCLOSE);
+ err = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
+ siglen, "", "(stdin)", bmd, hmac_key, non_fips_allow);
+ } else {
+ name = OBJ_nid2sn(md->type);
+ err = 0;
+ for (i = 0; i < argc; i++) {
+ char *tmp, *tofree = NULL;
+ int r;
+
+ if (BIO_read_filename(in, argv[i]) <= 0) {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ if (!out_bin) {
+ size_t len =
+ strlen(name) + strlen(argv[i]) + (hmac_key ? 5 : 0) + 5;
+ tmp = tofree = OPENSSL_malloc(len);
+ BIO_snprintf(tmp, len, "%s%s(%s)= ",
+ hmac_key ? "HMAC-" : "", name, argv[i]);
+ } else
+ tmp = "";
+ r = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf,
+ siglen, tmp, argv[i], bmd, hmac_key, non_fips_allow);
+ if (r)
+ err = r;
+ if (tofree)
+ OPENSSL_free(tofree);
+ (void)BIO_reset(bmd);
+ }
+ }
+ end:
+ if (buf != NULL) {
+ OPENSSL_cleanse(buf, BUFSIZE);
+ OPENSSL_free(buf);
+ }
+ if (in != NULL)
+ BIO_free(in);
+ if (passin)
+ OPENSSL_free(passin);
+ BIO_free_all(out);
+ EVP_PKEY_free(sigkey);
+ if (sigbuf)
+ OPENSSL_free(sigbuf);
+ if (bmd != NULL)
+ BIO_free(bmd);
+ apps_shutdown();
+ OPENSSL_EXIT(err);
+}