diff options
| author | Pauli <pauli@openssl.org> | 2021-06-15 06:07:51 +0200 |
|---|---|---|
| committer | Pauli <pauli@openssl.org> | 2021-06-16 10:32:30 +0200 |
| commit | f7d2427ac3404ce1ed555bf61885eeb0432b5789 (patch) | |
| tree | 697a4bbeab682a6cad038f2dce3aa4ba9da214e5 | |
| parent | apps: use get_cipher_any() instead of get_cipher() for commands that support ... (diff) | |
| download | openssl-f7d2427ac3404ce1ed555bf61885eeb0432b5789.tar.xz openssl-f7d2427ac3404ce1ed555bf61885eeb0432b5789.zip | |
apps: remove AEAD/mode checks that are now redundant
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15747)
| -rw-r--r-- | apps/enc.c | 14 | ||||
| -rw-r--r-- | apps/genpkey.c | 11 |
2 files changed, 5 insertions, 20 deletions
diff --git a/apps/enc.c b/apps/enc.c index f136c3f8df..3dd6098563 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -300,14 +300,6 @@ int enc_main(int argc, char **argv) if (!opt_cipher(ciphername, &cipher)) goto opthelp; } - if (cipher && EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) { - BIO_printf(bio_err, "%s: AEAD ciphers not supported\n", prog); - goto end; - } - if (cipher && (EVP_CIPHER_get_mode(cipher) == EVP_CIPH_XTS_MODE)) { - BIO_printf(bio_err, "%s XTS ciphers not supported\n", prog); - goto end; - } if (digestname != NULL) { if (!opt_md(digestname, &dgst)) goto opthelp; @@ -660,9 +652,9 @@ static void show_ciphers(const OBJ_NAME *name, void *arg) /* Filter out ciphers that we cannot use */ cipher = EVP_get_cipherbyname(name->name); - if (cipher == NULL || - (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0 || - EVP_CIPHER_get_mode(cipher) == EVP_CIPH_XTS_MODE) + if (cipher == NULL + || (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0 + || EVP_CIPHER_get_mode(cipher) == EVP_CIPH_XTS_MODE) return; BIO_printf(dec->bio, "-%-25s", name->name); diff --git a/apps/genpkey.c b/apps/genpkey.c index 5cde41b98b..d327bcab07 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -70,7 +70,7 @@ int genpkey_main(int argc, char **argv) EVP_CIPHER *cipher = NULL; OPTION_CHOICE o; int outformat = FORMAT_PEM, text = 0, ret = 1, rv, do_param = 0; - int private = 0, i, m; + int private = 0, i; OSSL_LIB_CTX *libctx = app_get0_libctx(); STACK_OF(OPENSSL_STRING) *keyopt = NULL; @@ -163,16 +163,9 @@ int genpkey_main(int argc, char **argv) goto end; } } - if (ciphername != NULL) { + if (ciphername != NULL) if (!opt_cipher(ciphername, &cipher) || do_param == 1) goto opthelp; - m = EVP_CIPHER_get_mode(cipher); - if (m == EVP_CIPH_GCM_MODE || m == EVP_CIPH_CCM_MODE - || m == EVP_CIPH_XTS_MODE || m == EVP_CIPH_OCB_MODE) { - BIO_printf(bio_err, "%s: cipher mode not supported\n", prog); - goto end; - } - } private = do_param ? 0 : 1; |