diff options
| author | Rich Salz <rsalz@openssl.org> | 2017-07-05 16:58:48 +0200 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2017-07-17 01:20:45 +0200 |
| commit | 3ee1eac27a2e3120fbdc60e12db091c082b8de21 (patch) | |
| tree | c34ee07aa725e2019dbce1f7621702eb2bb5fd69 /apps/pkeyutl.c | |
| parent | Don't use "version" in "OpenSSL Version 1.1.0" etc (diff) | |
| download | openssl-3ee1eac27a2e3120fbdc60e12db091c082b8de21.tar.xz openssl-3ee1eac27a2e3120fbdc60e12db091c082b8de21.zip | |
Standardize apps use of -rand, etc.
Standardized the -rand flag and added a new one:
-rand file...
Always reads the specified files
-writerand file
Always writes to the file on exit
For apps that use a config file, the RANDFILE config parameter reads
the file at startup (to seed the RNG) and write to it on exit if
the -writerand flag isn't used.
Ensured that every app that took -rand also took -writerand, and
made sure all of that agreed with all the documentation.
Fix error reporting in write_file and -rand
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/3862)
Diffstat (limited to 'apps/pkeyutl.c')
| -rw-r--r-- | apps/pkeyutl.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 90e9ae3b5c..990375b6ae 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -36,7 +36,8 @@ typedef enum OPTION_choice { OPT_PUBIN, OPT_CERTIN, OPT_ASN1PARSE, OPT_HEXDUMP, OPT_SIGN, OPT_VERIFY, OPT_VERIFYRECOVER, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT, OPT_DERIVE, OPT_SIGFILE, OPT_INKEY, OPT_PEERKEY, OPT_PASSIN, - OPT_PEERFORM, OPT_KEYFORM, OPT_PKEYOPT, OPT_KDF, OPT_KDFLEN + OPT_PEERFORM, OPT_KEYFORM, OPT_PKEYOPT, OPT_KDF, OPT_KDFLEN, + OPT_R_ENUM } OPTION_CHOICE; const OPTIONS pkeyutl_options[] = { @@ -64,6 +65,7 @@ const OPTIONS pkeyutl_options[] = { {"peerform", OPT_PEERFORM, 'E', "Peer key format - default PEM"}, {"keyform", OPT_KEYFORM, 'E', "Private key format - default PEM"}, {"pkeyopt", OPT_PKEYOPT, 's', "Public key options as opt:value"}, + OPT_R_OPTIONS, #ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, {"engine_impl", OPT_ENGINE_IMPL, '-', @@ -134,6 +136,10 @@ int pkeyutl_main(int argc, char **argv) if (!opt_format(opt_arg(), OPT_FMT_PDE, &keyform)) goto opthelp; break; + case OPT_R_CASES: + if (!opt_rand(o)) + goto end; + break; case OPT_ENGINE: e = setup_engine(opt_arg(), 0); break; @@ -238,9 +244,6 @@ int pkeyutl_main(int argc, char **argv) goto end; } -/* FIXME: seed PRNG only if needed */ - app_RAND_load_file(NULL, 0); - if (pkey_op != EVP_PKEY_OP_DERIVE) { in = bio_open_default(infile, 'r', FORMAT_BINARY); if (in == NULL) |