Add AES support in the applications that support -des and -des3.

diff --git a/STATUS b/STATUS
index 9cb462759156adef1d4901e61c2a16c2ba9131fd..7929c0223177da7bfd9241e8e332ea81a9691087 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -1,6 +1,6 @@
 
   OpenSSL STATUS                           Last modified at
-  ______________                           $Date: 2002/02/20 14:07:07 $
+  ______________                           $Date: 2002/02/20 18:03:00 $
 
   DEVELOPMENT STATE
 
@@ -61,9 +61,6 @@
        weakness in SSL/TLS should be added; see
        http://www.openssl.org/~bodo/tls-cbc.txt
 
-    o  All 'openssl' subprograms taking '-des' and '-des3' options should
-       include AES support (0.9.7-dev)
-
     o  'openssl speed' should include AES support (0.9.7-dev)
 
     o  apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file

diff --git a/apps/dsa.c b/apps/dsa.c
index 59aa0ea106e6086c45b95a589a5774d352d0566f..9d10a7c8608bf4868fc066a6539d0ee15ffcf98b 100644 (file)
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -79,6 +79,9 @@
  * -des                - encrypt output if PEM format with DES in cbc mode
  * -des3       - encrypt output if PEM format
  * -idea       - encrypt output if PEM format
+ * -aes128     - encrypt output if PEM format
+ * -aes192     - encrypt output if PEM format
+ * -aes256     - encrypt output if PEM format
  * -text       - print a text version
  * -modulus    - print the DSA public key
  */
@@ -188,6 +191,10 @@ bad:
                BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
 #ifndef OPENSSL_NO_IDEA
                BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
+#endif
+#ifndef OPENSSL_NO_AES
+               BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
+               BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
                BIO_printf(bio_err," -text           print the key in text\n");
                BIO_printf(bio_err," -noout          don't print key out\n");

diff --git a/apps/ecdsa.c b/apps/ecdsa.c
index e8aa7461b4900c0717be6f5a00cd2d0311d0a2e8..80cbdb2e4a9824415d6ca8592e88642110a8fc4a 100644 (file)
--- a/apps/ecdsa.c
+++ b/apps/ecdsa.c
@@ -132,6 +132,9 @@
  * -des                - encrypt output if PEM format with DES in cbc mode
  * -des3       - encrypt output if PEM format
  * -idea       - encrypt output if PEM format
+ * -aes128     - encrypt output if PEM format
+ * -aes192     - encrypt output if PEM format
+ * -aes256     - encrypt output if PEM format
  * -text       - print a text version
  * -pub                - print the ECDSA public key
  * -compressed  - print the public key in compressed form ( default )   
@@ -227,12 +230,12 @@ int MAIN(int argc, char **argv)
                else if (strcmp(*argv, "-pub") == 0)
                {
                        pub = 1;
-                       buffer = (*(argv+1));
-                       if (strcmp(buffer, "compressed") == 0)
+                       buffer = (unsigned char *)(*(argv+1));
+                       if (strcmp((char *)buffer, "compressed") == 0)
                                point_form = POINT_CONVERSION_COMPRESSED;
-                       else if (strcmp(buffer, "hybrid") == 0)
+                       else if (strcmp((char *)buffer, "hybrid") == 0)
                                point_form = POINT_CONVERSION_HYBRID;
-                       else if (strcmp(buffer, "uncompressed") == 0)
+                       else if (strcmp((char *)buffer, "uncompressed") == 0)
                                point_form = POINT_CONVERSION_UNCOMPRESSED;
                        if (point_form)
                        {
@@ -270,6 +273,10 @@ bad:
                BIO_printf(bio_err, " -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
 #ifndef OPENSSL_NO_IDEA
                BIO_printf(bio_err, " -idea           encrypt PEM output with cbc idea\n");
+#endif
+#ifndef OPENSSL_NO_AES
+               BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+               BIO_printf(bio_err, "                 encrypt PEM output with cbc aes\n");
 #endif
                BIO_printf(bio_err, " -text           print the key in text\n");
                BIO_printf(bio_err, " -noout          don't print key out\n");

diff --git a/apps/gendsa.c b/apps/gendsa.c
index 6b741429911c2b34ad1f3d3a6349eef6b9d44385..ebee7f0269550df5f055a14b417c5bbd4b4b6f5d 100644 (file)
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -129,6 +129,14 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
                else if (strcmp(*argv,"-idea") == 0)
                        enc=EVP_idea_cbc();
+#endif
+#ifndef OPENSSL_NO_AES
+               else if (strcmp(*argv,"-aes128") == 0)
+                       enc=EVP_aes_128_cbc();
+               else if (strcmp(*argv,"-aes192") == 0)
+                       enc=EVP_aes_192_cbc();
+               else if (strcmp(*argv,"-aes256") == 0)
+                       enc=EVP_aes_256_cbc();
 #endif
                else if (**argv != '-' && dsaparams == NULL)
                        {
@@ -151,6 +159,10 @@ bad:
 #endif
 #ifndef OPENSSL_NO_IDEA
                BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
+#endif
+#ifndef OPENSSL_NO_AES
+               BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
+               BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
                BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
                BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);

diff --git a/apps/genrsa.c b/apps/genrsa.c
index b5ae1beacf1fee70fdeaf42b6460a51080656df2..5a58235e0c6b97d2e349f2a6619bd1c62a8c3976 100644 (file)
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -138,6 +138,14 @@ int MAIN(int argc, char **argv)
 #ifndef OPENSSL_NO_IDEA
                else if (strcmp(*argv,"-idea") == 0)
                        enc=EVP_idea_cbc();
+#endif
+#ifndef OPENSSL_NO_AES
+               else if (strcmp(*argv,"-aes128") == 0)
+                       enc=EVP_aes_128_cbc();
+               else if (strcmp(*argv,"-aes192") == 0)
+                       enc=EVP_aes_192_cbc();
+               else if (strcmp(*argv,"-aes256") == 0)
+                       enc=EVP_aes_256_cbc();
 #endif
                else if (strcmp(*argv,"-passout") == 0)
                        {
@@ -157,6 +165,10 @@ bad:
                BIO_printf(bio_err," -des3           encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
 #ifndef OPENSSL_NO_IDEA
                BIO_printf(bio_err," -idea           encrypt the generated key with IDEA in cbc mode\n");
+#endif
+#ifndef OPENSSL_NO_AES
+               BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
+               BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
                BIO_printf(bio_err," -out file       output the key to 'file\n");
                BIO_printf(bio_err," -passout arg    output file pass phrase source\n");

diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 0e2bd6dbcd18e6ff63b34d8104da2cc807af4491..a42421803412261963a954820b6db6f7a1b23448 100644 (file)
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -151,6 +151,11 @@ int MAIN(int argc, char **argv)
                else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();
 #endif
                else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
+#ifndef OPENSSL_NO_AES
+               else if (!strcmp(*argv,"-aes128")) enc=EVP_aes_128_cbc();
+               else if (!strcmp(*argv,"-aes192")) enc=EVP_aes_192_cbc();
+               else if (!strcmp(*argv,"-aes256")) enc=EVP_aes_256_cbc();
+#endif
                else if (!strcmp (*args, "-noiter")) iter = 1;
                else if (!strcmp (*args, "-maciter"))
                                         maciter = PKCS12_DEFAULT_ITER;
@@ -279,6 +284,10 @@ int MAIN(int argc, char **argv)
        BIO_printf (bio_err, "-des3         encrypt private keys with triple DES (default)\n");
 #ifndef OPENSSL_NO_IDEA
        BIO_printf (bio_err, "-idea         encrypt private keys with idea\n");
+#endif
+#ifndef OPENSSL_NO_AES
+       BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
+       BIO_printf (bio_err, "              encrypt PEM output with cbc aes\n");
 #endif
        BIO_printf (bio_err, "-nodes        don't encrypt private keys\n");
        BIO_printf (bio_err, "-noiter       don't use encryption iteration\n");

diff --git a/apps/rsa.c b/apps/rsa.c
index 863159d83a255d4ffa42b3df00c2ab57d1bed16b..6cadcb21747ad5a899bb024eeb231cc1bf08a30b 100644 (file)
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -79,6 +79,9 @@
  * -des                - encrypt output if PEM format with DES in cbc mode
  * -des3       - encrypt output if PEM format
  * -idea       - encrypt output if PEM format
+ * -aes128     - encrypt output if PEM format
+ * -aes192     - encrypt output if PEM format
+ * -aes256     - encrypt output if PEM format
  * -text       - print a text version
  * -modulus    - print the RSA key modulus
  * -check      - verify key consistency
@@ -195,6 +198,10 @@ bad:
                BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
 #ifndef OPENSSL_NO_IDEA
                BIO_printf(bio_err," -idea           encrypt PEM output with cbc idea\n");
+#endif
+#ifndef OPENSSL_NO_AES
+               BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
+               BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
                BIO_printf(bio_err," -text           print the key in text\n");
                BIO_printf(bio_err," -noout          don't print key out\n");

diff --git a/apps/smime.c b/apps/smime.c
index 7c4aac1ef2c5d16f8404ba5867c42eaaea0d3714..731f9dd5d043cf392fa984d35d438bc840ec70f4 100644 (file)
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -128,6 +128,14 @@ int MAIN(int argc, char **argv)
                                cipher = EVP_rc2_cbc();
                else if (!strcmp (*args, "-rc2-64")) 
                                cipher = EVP_rc2_64_cbc();
+#endif
+#ifndef OPENSSL_NO_AES
+               else if (!strcmp(*argv,"-aes128") == 0)
+                               cipher = EVP_aes_128_cbc();
+               else if (!strcmp(*argv,"-aes192") == 0)
+                               cipher = EVP_aes_192_cbc();
+               else if (!strcmp(*argv,"-aes256") == 0)
+                               cipher = EVP_aes_256_cbc();
 #endif
                else if (!strcmp (*args, "-text")) 
                                flags |= PKCS7_TEXT;
@@ -283,6 +291,10 @@ int MAIN(int argc, char **argv)
                BIO_printf (bio_err, "-rc2-40        encrypt with RC2-40 (default)\n");
                BIO_printf (bio_err, "-rc2-64        encrypt with RC2-64\n");
                BIO_printf (bio_err, "-rc2-128       encrypt with RC2-128\n");
+#endif
+#ifndef OPENSSL_NO_AES
+               BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
+               BIO_printf (bio_err, "               encrypt PEM output with cbc aes\n");
 #endif
                BIO_printf (bio_err, "-nointern      don't search certificates in message for signer\n");
                BIO_printf (bio_err, "-nosigs        don't verify message signature\n");