Add the possibility to build without the ENGINE framework.
PR: 287
diff --git a/apps/apps.c b/apps/apps.c
index 4a8c926..ec3e391 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -122,7 +122,9 @@
#include <openssl/pkcs12.h>
#include <openssl/ui.h>
#include <openssl/safestack.h>
+#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
+#endif
#ifdef OPENSSL_SYS_WINDOWS
#define strcasecmp _stricmp
@@ -859,6 +861,7 @@
BIO_printf(err,"no keyfile specified\n");
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
if (format == FORMAT_ENGINE)
{
if (!e)
@@ -868,6 +871,7 @@
ui_method, &cb_data);
goto end;
}
+#endif
key=BIO_new(BIO_s_file());
if (key == NULL)
{
@@ -935,6 +939,7 @@
BIO_printf(err,"no keyfile specified\n");
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
if (format == FORMAT_ENGINE)
{
if (!e)
@@ -944,6 +949,7 @@
ui_method, &cb_data);
goto end;
}
+#endif
key=BIO_new(BIO_s_file());
if (key == NULL)
{
@@ -1329,6 +1335,7 @@
return NULL;
}
+#ifndef OPENSSL_NO_ENGINE
/* Try to load an engine in a shareable library */
static ENGINE *try_load_engine(BIO *err, const char *engine, int debug)
{
@@ -1385,6 +1392,7 @@
}
return e;
}
+#endif
int load_config(BIO *err, CONF *cnf)
{
diff --git a/apps/apps.h b/apps/apps.h
index 7b1f8de..c36b9d2 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -121,7 +121,9 @@
#include <openssl/lhash.h>
#include <openssl/conf.h>
#include <openssl/txt_db.h>
+#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
+#endif
#include <openssl/ossl_typ.h>
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
@@ -179,30 +181,57 @@
do_pipe_sig()
# define apps_shutdown()
#else
-# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
- defined(OPENSSL_SYS_WIN32)
-# ifdef _O_BINARY
-# define apps_startup() \
- do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
- ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
- ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
+# ifndef OPENSSL_NO_ENGINE
+# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
+ defined(OPENSSL_SYS_WIN32)
+# ifdef _O_BINARY
+# define apps_startup() \
+ do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
+ ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
+# else
+# define apps_startup() \
+ do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
+ ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
+# endif
# else
# define apps_startup() \
- do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
- ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
- ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
+ do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
+ ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
+ setup_ui_method(); } while(0)
# endif
+# define apps_shutdown() \
+ do { CONF_modules_unload(1); destroy_ui_method(); \
+ EVP_cleanup(); ENGINE_cleanup(); \
+ CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
+ ERR_free_strings(); } while(0)
# else
-# define apps_startup() \
- do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
- ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
- setup_ui_method(); } while(0)
+# if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
+ defined(OPENSSL_SYS_WIN32)
+# ifdef _O_BINARY
+# define apps_startup() \
+ do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
+ setup_ui_method(); } while(0)
+# else
+# define apps_startup() \
+ do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
+ setup_ui_method(); } while(0)
+# endif
+# else
+# define apps_startup() \
+ do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
+ ERR_load_crypto_strings(); \
+ setup_ui_method(); } while(0)
+# endif
+# define apps_shutdown() \
+ do { CONF_modules_unload(1); destroy_ui_method(); \
+ EVP_cleanup(); \
+ CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
+ ERR_free_strings(); } while(0)
# endif
-# define apps_shutdown() \
- do { CONF_modules_unload(1); destroy_ui_method(); \
- EVP_cleanup(); ENGINE_cleanup(); \
- CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
- ERR_free_strings(); } while(0)
#endif
typedef struct args_st
@@ -248,7 +277,9 @@
STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
const char *pass, ENGINE *e, const char *cert_descrip);
X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
+#ifndef OPENSSL_NO_ENGINE
ENGINE *setup_engine(BIO *err, const char *engine, int debug);
+#endif
int load_config(BIO *err, CONF *cnf);
char *make_config_name(void);
diff --git a/apps/ca.c b/apps/ca.c
index 2a56e55..6722c5d 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -196,7 +196,9 @@
" -extensions .. - Extension section (override value in config file)\n",
" -extfile file - Configuration file with X509v3 extentions to add\n",
" -crlexts .. - CRL extension section (override value in config file)\n",
+#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
+#endif
" -status serial - Shows certificate status given the serial number\n",
" -updatedb - Updates db for expired certificates\n",
NULL
@@ -333,7 +335,9 @@
#define BSIZE 256
MS_STATIC char buf[3][BSIZE];
char *randfile=NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
+#endif
char *tofree=NULL;
#ifdef EFENCE
@@ -537,11 +541,13 @@
rev_arg = *(++argv);
rev_type = REV_CA_COMPROMISE;
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else
{
bad:
@@ -562,7 +568,9 @@
ERR_load_crypto_strings();
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
/*****************************************************************/
tofree=NULL;
diff --git a/apps/dgst.c b/apps/dgst.c
index 280f79b..47d1309 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -100,7 +100,9 @@
EVP_PKEY *sigkey = NULL;
unsigned char *sigbuf = NULL;
int siglen = 0;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
apps_startup();
@@ -166,11 +168,13 @@
if (--argc < 1) break;
keyform=str2fmt(*(++argv));
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) break;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-hex") == 0)
out_bin = 0;
else if (strcmp(*argv,"-binary") == 0)
@@ -208,7 +212,9 @@
BIO_printf(bio_err,"-keyform arg key file format (PEM or ENGINE)\n");
BIO_printf(bio_err,"-signature file signature to verify\n");
BIO_printf(bio_err,"-binary output in binary form\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err,"-%3s to use the %s message digest algorithm (default)\n",
LN_md5,LN_md5);
@@ -228,7 +234,9 @@
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
in=BIO_new(BIO_s_file());
bmd=BIO_new(BIO_f_md());
diff --git a/apps/dh.c b/apps/dh.c
index c10ea96..cd01fed 100644
--- a/apps/dh.c
+++ b/apps/dh.c
@@ -87,12 +87,17 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
DH *dh=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
- char *infile,*outfile,*prog,*engine;
+ char *infile,*outfile,*prog;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine;
+#endif
apps_startup();
@@ -103,7 +108,9 @@
if (!load_config(bio_err, NULL))
goto end;
+#ifndef OPENSSL_NO_ENGINE
engine=NULL;
+#endif
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
@@ -134,11 +141,13 @@
if (--argc < 1) goto bad;
outfile= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-check") == 0)
check=1;
else if (strcmp(*argv,"-text") == 0)
@@ -170,13 +179,17 @@
BIO_printf(bio_err," -text print a text form of the DH parameters\n");
BIO_printf(bio_err," -C Output C code\n");
BIO_printf(bio_err," -noout no output\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
goto end;
}
ERR_load_crypto_strings();
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
diff --git a/apps/dhparam.c b/apps/dhparam.c
index cbc65bc..dc00355 100644
--- a/apps/dhparam.c
+++ b/apps/dhparam.c
@@ -148,7 +148,9 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
DH *dh=NULL;
int i,badops=0,text=0;
#ifndef OPENSSL_NO_DSA
@@ -157,7 +159,10 @@
BIO *in=NULL,*out=NULL;
int informat,outformat,check=0,noout=0,C=0,ret=1;
char *infile,*outfile,*prog;
- char *inrand=NULL,*engine=NULL;
+ char *inrand=NULL;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine=NULL;
+#endif
int num = 0, g = 0;
apps_startup();
@@ -199,11 +204,13 @@
if (--argc < 1) goto bad;
outfile= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-check") == 0)
check=1;
else if (strcmp(*argv,"-text") == 0)
@@ -249,7 +256,9 @@
BIO_printf(bio_err," -2 generate parameters using 2 as the generator value\n");
BIO_printf(bio_err," -5 generate parameters using 5 as the generator value\n");
BIO_printf(bio_err," numbits number of bits in to generate (default 512)\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@@ -259,7 +268,9 @@
ERR_load_crypto_strings();
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if (g && !num)
num = DEFBITS;
diff --git a/apps/dsa.c b/apps/dsa.c
index 6598871..e9de3a3 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -90,7 +90,9 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
int ret=1;
DSA *dsa=NULL;
int i,badops=0;
@@ -98,7 +100,10 @@
BIO *in=NULL,*out=NULL;
int informat,outformat,text=0,noout=0;
int pubin = 0, pubout = 0;
- char *infile,*outfile,*prog,*engine;
+ char *infile,*outfile,*prog;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine;
+#endif
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
int modulus=0;
@@ -112,7 +117,9 @@
if (!load_config(bio_err, NULL))
goto end;
+#ifndef OPENSSL_NO_ENGINE
engine=NULL;
+#endif
infile=NULL;
outfile=NULL;
informat=FORMAT_PEM;
@@ -153,11 +160,13 @@
if (--argc < 1) goto bad;
passargout= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-text") == 0)
@@ -189,7 +198,9 @@
BIO_printf(bio_err," -passin arg input file pass phrase source\n");
BIO_printf(bio_err," -out arg output file\n");
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
#ifndef OPENSSL_NO_IDEA
@@ -207,7 +218,9 @@
ERR_load_crypto_strings();
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
index b6abe78..14e79f9 100644
--- a/apps/dsaparam.c
+++ b/apps/dsaparam.c
@@ -110,7 +110,9 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
DSA *dsa=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@@ -118,7 +120,9 @@
char *infile,*outfile,*prog,*inrand=NULL;
int numbits= -1,num,genkey=0;
int need_rand=0;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
#ifdef GENCB_TEST
int timebomb=0;
#endif
@@ -162,11 +166,13 @@
if (--argc < 1) goto bad;
outfile= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if(strcmp(*argv, "-engine") == 0)
{
if (--argc < 1) goto bad;
engine = *(++argv);
}
+#endif
#ifdef GENCB_TEST
else if(strcmp(*argv, "-timebomb") == 0)
{
@@ -221,7 +227,9 @@
BIO_printf(bio_err," -noout no output\n");
BIO_printf(bio_err," -genkey generate a DSA key\n");
BIO_printf(bio_err," -rand files to use for random number input\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
#ifdef GENCB_TEST
BIO_printf(bio_err," -timebomb n interrupt keygen after <n> seconds\n");
#endif
@@ -268,7 +276,9 @@
}
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if (need_rand)
{
diff --git a/apps/enc.c b/apps/enc.c
index 42ddfd2..0a9f731 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -100,7 +100,9 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
static const char magic[]="Salted__";
char mbuf[sizeof magic-1];
char *strbuf=NULL;
@@ -119,7 +121,9 @@
BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
#define PROG_NAME_SIZE 39
char pname[PROG_NAME_SIZE+1];
+#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
+#endif
apps_startup();
@@ -163,11 +167,13 @@
if (--argc < 1) goto bad;
passarg= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-d") == 0)
enc=0;
else if (strcmp(*argv,"-p") == 0)
@@ -270,7 +276,9 @@
BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"%-14s use engine e, possibly a hardware device.\n","-engine e");
+#endif
BIO_printf(bio_err,"Cipher Types\n");
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
@@ -284,7 +292,9 @@
argv++;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if (bufsize != NULL)
{
diff --git a/apps/engine.c b/apps/engine.c
index 1a22d5d..3b3464a 100644
--- a/apps/engine.c
+++ b/apps/engine.c
@@ -56,6 +56,8 @@
*
*/
+#ifndef OPENSSL_NO_ENGINE
+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -526,3 +528,4 @@
apps_shutdown();
OPENSSL_EXIT(ret);
}
+#endif
diff --git a/apps/gendh.c b/apps/gendh.c
index 574a13a..b900874 100644
--- a/apps/gendh.c
+++ b/apps/gendh.c
@@ -87,13 +87,17 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
char *outfile=NULL;
char *inrand=NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
BIO *out=NULL;
apps_startup();
@@ -121,11 +125,13 @@
g=3; */
else if (strcmp(*argv,"-5") == 0)
g=5;
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@@ -144,14 +150,18 @@
BIO_printf(bio_err," -2 - use 2 as the generator value\n");
/* BIO_printf(bio_err," -3 - use 3 as the generator value\n"); */
BIO_printf(bio_err," -5 - use 5 as the generator value\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
out=BIO_new(BIO_s_file());
if (out == NULL)
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 4600711..6d2ed06 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -77,7 +77,9 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
@@ -85,7 +87,9 @@
char *passargout = NULL, *passout = NULL;
BIO *out=NULL,*in=NULL;
const EVP_CIPHER *enc=NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
apps_startup();
@@ -111,11 +115,13 @@
if (--argc < 1) goto bad;
passargout= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@@ -167,7 +173,9 @@
BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
#endif
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@@ -176,7 +184,9 @@
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
BIO_printf(bio_err, "Error getting password\n");
diff --git a/apps/genrsa.c b/apps/genrsa.c
index 6079688..0ce2394 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -87,7 +87,9 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
int ret=1;
RSA *rsa=NULL;
int i,num=DEFBITS;
@@ -96,7 +98,9 @@
unsigned long f4=RSA_F4;
char *outfile=NULL;
char *passargout = NULL, *passout = NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
char *inrand=NULL;
BIO *out=NULL;
@@ -128,11 +132,13 @@
f4=3;
else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
f4=RSA_F4;
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@@ -183,7 +189,9 @@
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");
BIO_printf(bio_err," -3 use 3 for the E value\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," load the file (or the files in the directory) into\n");
BIO_printf(bio_err," the random number generator\n");
@@ -197,7 +205,9 @@
goto err;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if (outfile == NULL)
{
diff --git a/apps/openssl.c b/apps/openssl.c
index 4789647..45af2ba 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -122,7 +122,9 @@
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/ssl.h>
+#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
+#endif
#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
#include "progs.h"
#include "s_apps.h"
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index e445c24..dd56a2b 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -120,7 +120,9 @@
char *passin = NULL, *passout = NULL;
char *inrand = NULL;
char *CApath = NULL, *CAfile = NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
apps_startup();
@@ -259,11 +261,13 @@
args++;
CAfile = *args;
} else badarg = 1;
+#ifndef OPENSSL_NO_ENGINE
} else if (!strcmp(*args,"-engine")) {
if (args[1]) {
args++;
engine = *args;
} else badarg = 1;
+#endif
} else badarg = 1;
} else badarg = 1;
@@ -311,14 +315,18 @@
BIO_printf (bio_err, "-password p set import/export password source\n");
BIO_printf (bio_err, "-passin p input file pass phrase source\n");
BIO_printf (bio_err, "-passout p output file pass phrase source\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
BIO_printf(bio_err, " the random number generator\n");
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if(passarg) {
if(export_cert) passargout = passarg;
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
index 738dd85..6c58c67 100644
--- a/apps/pkcs7.c
+++ b/apps/pkcs7.c
@@ -82,7 +82,9 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
PKCS7 *p7=NULL;
int i,badops=0;
BIO *in=NULL,*out=NULL;
@@ -90,7 +92,9 @@
char *infile,*outfile,*prog;
int print_certs=0,text=0,noout=0;
int ret=1;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
apps_startup();
@@ -134,11 +138,13 @@
text=1;
else if (strcmp(*argv,"-print_certs") == 0)
print_certs=1;
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
@@ -161,14 +167,18 @@
BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
BIO_printf(bio_err," -text print full details of certificates\n");
BIO_printf(bio_err," -noout don't output encoded data\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
ret = 1;
goto end;
}
ERR_load_crypto_strings();
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
in=BIO_new(BIO_s_file());
out=BIO_new(BIO_s_file());
diff --git a/apps/pkcs8.c b/apps/pkcs8.c
index 1debccb..6be27e7 100644
--- a/apps/pkcs8.c
+++ b/apps/pkcs8.c
@@ -85,7 +85,9 @@
EVP_PKEY *pkey=NULL;
char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL;
int badarg = 0;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
if (bio_err == NULL) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
@@ -145,11 +147,13 @@
if (!args[1]) goto bad;
passargout= *(++args);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*args,"-engine") == 0)
{
if (!args[1]) goto bad;
engine= *(++args);
}
+#endif
else if (!strcmp (*args, "-in")) {
if (args[1]) {
args++;
@@ -182,11 +186,15 @@
BIO_printf(bio_err, "-nocrypt use or expect unencrypted private key\n");
BIO_printf(bio_err, "-v2 alg use PKCS#5 v2.0 and cipher \"alg\"\n");
BIO_printf(bio_err, "-v1 obj use PKCS#5 v1.5 and cipher \"alg\"\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
return (1);
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
diff --git a/apps/progs.h b/apps/progs.h
index 999de31..b551e1d 100644
--- a/apps/progs.h
+++ b/apps/progs.h
@@ -37,7 +37,9 @@
extern int spkac_main(int argc,char *argv[]);
extern int smime_main(int argc,char *argv[]);
extern int rand_main(int argc,char *argv[]);
+#ifndef OPENSSL_NO_ENGINE
extern int engine_main(int argc,char *argv[]);
+#endif
extern int ocsp_main(int argc,char *argv[]);
#define FUNC_TYPE_GENERAL 1
@@ -119,7 +121,9 @@
{FUNC_TYPE_GENERAL,"spkac",spkac_main},
{FUNC_TYPE_GENERAL,"smime",smime_main},
{FUNC_TYPE_GENERAL,"rand",rand_main},
+#ifndef OPENSSL_NO_ENGINE
{FUNC_TYPE_GENERAL,"engine",engine_main},
+#endif
{FUNC_TYPE_GENERAL,"ocsp",ocsp_main},
#ifndef OPENSSL_NO_MD2
{FUNC_TYPE_MD,"md2",dgst_main},
diff --git a/apps/rand.c b/apps/rand.c
index eaaa6e3..63724bc 100644
--- a/apps/rand.c
+++ b/apps/rand.c
@@ -76,7 +76,9 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
@@ -84,7 +86,9 @@
int base64 = 0;
BIO *out = NULL;
int num = -1;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
apps_startup();
@@ -106,6 +110,7 @@
else
badopt = 1;
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(argv[i], "-engine") == 0)
{
if ((argv[i+1] != NULL) && (engine == NULL))
@@ -113,6 +118,7 @@
else
badopt = 1;
}
+#endif
else if (strcmp(argv[i], "-rand") == 0)
{
if ((argv[i+1] != NULL) && (inrand == NULL))
@@ -150,13 +156,17 @@
BIO_printf(bio_err, "Usage: rand [options] num\n");
BIO_printf(bio_err, "where options are\n");
BIO_printf(bio_err, "-out file - write to file\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e - use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err, "-rand file%cfile%c... - seed PRNG from files\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, "-base64 - encode output\n");
goto err;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
if (inrand != NULL)
diff --git a/apps/req.c b/apps/req.c
index 3612114..8304df8 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -172,7 +172,9 @@
int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0;
char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
char *extensions = NULL;
char *req_exts = NULL;
const EVP_CIPHER *cipher=NULL;
@@ -220,11 +222,13 @@
if (--argc < 1) goto bad;
outformat=str2fmt(*(++argv));
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-key") == 0)
{
if (--argc < 1) goto bad;
@@ -488,7 +492,9 @@
BIO_printf(bio_err," -verify verify signature on REQ\n");
BIO_printf(bio_err," -modulus RSA modulus\n");
BIO_printf(bio_err," -nodes don't encrypt the output key\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device\n");
+#endif
BIO_printf(bio_err," -subject output the request's subject\n");
BIO_printf(bio_err," -passin private key password source\n");
BIO_printf(bio_err," -key file use the private key contained in file\n");
@@ -516,7 +522,7 @@
BIO_printf(bio_err," -extensions .. specify certificate extension section (override value in config file)\n");
BIO_printf(bio_err," -reqexts .. specify request extension section (override value in config file)\n");
BIO_printf(bio_err," -utf8 input characters are UTF8 (default ASCII)\n");
- BIO_printf(bio_err," -nameopt arg - various certificate name options\n");
+ BIO_printf(bio_err," -nameopt arg - various certificate name options\n");
BIO_printf(bio_err," -reqopt arg - various request text options\n\n");
goto end;
}
@@ -680,7 +686,9 @@
if ((in == NULL) || (out == NULL))
goto end;
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if (keyfile != NULL)
{
diff --git a/apps/rsa.c b/apps/rsa.c
index aebec74..0acdb08 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -104,7 +104,9 @@
char *infile,*outfile,*prog;
char *passargin = NULL, *passargout = NULL;
char *passin = NULL, *passout = NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
int modulus=0;
apps_startup();
@@ -156,11 +158,13 @@
if (--argc < 1) goto bad;
passargout= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-sgckey") == 0)
sgckey=1;
else if (strcmp(*argv,"-pubin") == 0)
@@ -212,13 +216,17 @@
BIO_printf(bio_err," -check verify key consistency\n");
BIO_printf(bio_err," -pubin expect a public key in input file\n");
BIO_printf(bio_err," -pubout output a public key\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
goto end;
}
ERR_load_crypto_strings();
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
diff --git a/apps/rsautl.c b/apps/rsautl.c
index 36957e5..5a6fd11 100644
--- a/apps/rsautl.c
+++ b/apps/rsautl.c
@@ -85,7 +85,9 @@
ENGINE *e = NULL;
BIO *in = NULL, *out = NULL;
char *infile = NULL, *outfile = NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine = NULL;
+#endif
char *keyfile = NULL;
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM;
@@ -125,9 +127,11 @@
} else if (strcmp(*argv,"-keyform") == 0) {
if (--argc < 1) badarg = 1;
keyform=str2fmt(*(++argv));
+#ifndef OPENSSL_NO_ENGINE
} else if(!strcmp(*argv, "-engine")) {
if (--argc < 1) badarg = 1;
engine = *(++argv);
+#endif
} else if(!strcmp(*argv, "-pubin")) {
key_type = KEY_PUBKEY;
} else if(!strcmp(*argv, "-certin")) {
@@ -162,7 +166,9 @@
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, bio_err, 0);
@@ -305,7 +311,9 @@
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
BIO_printf(bio_err, "-decrypt decrypt with private key\n");
BIO_printf(bio_err, "-hexdump hex dump output\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
+#endif
}
diff --git a/apps/s_client.c b/apps/s_client.c
index 738588c..2e73f34 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -222,7 +222,9 @@
BIO_printf(bio_err," for those protocols that support it, where\n");
BIO_printf(bio_err," 'prot' defines which one to assume. Currently,\n");
BIO_printf(bio_err," only \"smtp\" is supported.\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
+#endif
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
}
@@ -254,8 +256,10 @@
SSL_METHOD *meth=NULL;
BIO *sbio;
char *inrand=NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine_id=NULL;
ENGINE *e=NULL;
+#endif
#ifdef OPENSSL_SYS_WINDOWS
struct timeval tv;
#endif
@@ -415,11 +419,13 @@
else
goto bad;
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine_id = *(++argv);
}
+#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@@ -444,7 +450,9 @@
OpenSSL_add_ssl_algorithms();
SSL_load_error_strings();
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
+#endif
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())
diff --git a/apps/s_server.c b/apps/s_server.c
index 39013c2..814f3b9 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -255,7 +255,9 @@
static int s_quiet=0;
static int hack=0;
+#ifndef OPENSSL_NO_ENGINE
static char *engine_id=NULL;
+#endif
static const char *session_id_prefix=NULL;
#ifdef MONOLITH
@@ -280,7 +282,9 @@
s_msg=0;
s_quiet=0;
hack=0;
+#ifndef OPENSSL_NO_ENGINE
engine_id=NULL;
+#endif
}
#endif
@@ -337,7 +341,9 @@
BIO_printf(bio_err," -WWW - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
BIO_printf(bio_err," -HTTP - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>\n");
BIO_printf(bio_err," with the assumption it contains a complete HTTP response.\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine id - Initialise and use the specified engine\n");
+#endif
BIO_printf(bio_err," -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'\n");
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
}
@@ -512,7 +518,9 @@
int no_tmp_rsa=0,no_dhe=0,no_ecdhe=0,nocert=0;
int state=0;
SSL_METHOD *meth=NULL;
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e=NULL;
+#endif
char *inrand=NULL;
#if !defined(OPENSSL_NO_SSL2) && !defined(OPENSSL_NO_SSL3)
@@ -696,11 +704,13 @@
if (--argc < 1) goto bad;
session_id_prefix = *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine_id= *(++argv);
}
+#endif
else if (strcmp(*argv,"-rand") == 0)
{
if (--argc < 1) goto bad;
@@ -725,7 +735,9 @@
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine_id, 1);
+#endif
if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status())
diff --git a/apps/smime.c b/apps/smime.c
index ef0e477..cc248d3 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -104,7 +104,9 @@
int need_rand = 0;
int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
int keyform = FORMAT_PEM;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
args = argv + 1;
ret = 1;
@@ -176,11 +178,13 @@
inrand = *args;
} else badarg = 1;
need_rand = 1;
+#ifndef OPENSSL_NO_ENGINE
} else if (!strcmp(*args,"-engine")) {
if (args[1]) {
args++;
engine = *args;
} else badarg = 1;
+#endif
} else if (!strcmp(*args,"-passin")) {
if (args[1]) {
args++;
@@ -330,7 +334,9 @@
BIO_printf (bio_err, "-CAfile file trusted certificates file\n");
BIO_printf (bio_err, "-crl_check check revocation status of signer's certificate using CRLs\n");
BIO_printf (bio_err, "-crl_check_all check revocation status of signer's certificate chain using CRLs\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf (bio_err, "-engine e use engine e, possibly a hardware device.\n");
+#endif
BIO_printf (bio_err, "-passin arg input file pass phrase source\n");
BIO_printf(bio_err, "-rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err, " load the file (or the files in the directory) into\n");
@@ -339,7 +345,9 @@
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
BIO_printf(bio_err, "Error getting password\n");
diff --git a/apps/speed.c b/apps/speed.c
index ad455e5..758ce25 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -398,7 +398,9 @@
int MAIN(int argc, char **argv)
{
+#ifndef OPENSSL_NO_ENGINE
ENGINE *e = NULL;
+#endif
unsigned char *buf=NULL,*buf2=NULL;
int mret=1;
long count=0,save_count=0;
@@ -731,6 +733,7 @@
j--; /* Otherwise, -elapsed gets confused with
an algorithm. */
}
+#ifndef OPENSSL_NO_ENGINE
else if ((argc > 0) && (strcmp(*argv,"-engine") == 0))
{
argc--;
@@ -747,6 +750,7 @@
means all of them should be run) */
j--;
}
+#endif
#ifdef HAVE_FORK
else if ((argc > 0) && (strcmp(*argv,"-multi") == 0))
{
@@ -1064,7 +1068,9 @@
#if defined(TIMES) || defined(USE_TOD)
BIO_printf(bio_err,"-elapsed measure time in real time instead of CPU user time.\n");
#endif
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err,"-engine e use engine e, possibly a hardware device.\n");
+#endif
BIO_printf(bio_err,"-evp e use EVP e.\n");
BIO_printf(bio_err,"-decrypt time decryption instead of encryption (only EVP).\n");
BIO_printf(bio_err,"-mr produce machine readable output.\n");
diff --git a/apps/spkac.c b/apps/spkac.c
index ed370c5..47ee53f 100644
--- a/apps/spkac.c
+++ b/apps/spkac.c
@@ -92,7 +92,9 @@
CONF *conf = NULL;
NETSCAPE_SPKI *spki = NULL;
EVP_PKEY *pkey = NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
apps_startup();
@@ -141,11 +143,13 @@
if (--argc < 1) goto bad;
spksect= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-noout") == 0)
noout=1;
else if (strcmp(*argv,"-pubkey") == 0)
@@ -171,7 +175,9 @@
BIO_printf(bio_err," -noout don't print SPKAC\n");
BIO_printf(bio_err," -pubkey output public key\n");
BIO_printf(bio_err," -verify verify SPKAC signature\n");
+#ifndef OPENSSL_NO_ENGINE
BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
+#endif
goto end;
}
@@ -181,7 +187,9 @@
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if(keyfile) {
pkey = load_key(bio_err,
diff --git a/apps/verify.c b/apps/verify.c
index 9a18213..6a93c01 100644
--- a/apps/verify.c
+++ b/apps/verify.c
@@ -86,7 +86,9 @@
STACK_OF(X509) *untrusted = NULL, *trusted = NULL;
X509_STORE *cert_ctx=NULL;
X509_LOOKUP *lookup=NULL;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
cert_ctx=X509_STORE_new();
if (cert_ctx == NULL) goto end;
@@ -142,11 +144,13 @@
if (argc-- < 1) goto end;
trustfile= *(++argv);
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto end;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-help") == 0)
goto end;
else if (strcmp(*argv,"-ignore_critical") == 0)
@@ -170,7 +174,9 @@
break;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
if (lookup == NULL) abort();
@@ -219,7 +225,11 @@
ret=0;
end:
if (ret == 1) {
- BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check] [-engine e] cert1 cert2 ...\n");
+ BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
+#ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err," [-engine e]");
+#endif
+ BIO_printf(bio_err," cert1 cert2 ...\n");
BIO_printf(bio_err,"recognized usages:\n");
for(i = 0; i < X509_PURPOSE_get_count(); i++) {
X509_PURPOSE *ptmp;
diff --git a/apps/x509.c b/apps/x509.c
index 9709628..cea33f5 100644
--- a/apps/x509.c
+++ b/apps/x509.c
@@ -131,7 +131,9 @@
" -extensions - section from config file with X509V3 extensions to add\n",
" -clrext - delete extensions before signing and input certificate\n",
" -nameopt arg - various certificate name options\n",
+#ifndef OPENSSL_NO_ENGINE
" -engine e - use engine e, possibly a hardware device.\n",
+#endif
" -certopt arg - various certificate text options\n",
NULL
};
@@ -183,7 +185,9 @@
int need_rand = 0;
int checkend=0,checkoffset=0;
unsigned long nmflag = 0, certflag = 0;
+#ifndef OPENSSL_NO_ENGINE
char *engine=NULL;
+#endif
reqfile=0;
@@ -360,11 +364,13 @@
alias= *(++argv);
trustout = 1;
}
+#ifndef OPENSSL_NO_ENGINE
else if (strcmp(*argv,"-engine") == 0)
{
if (--argc < 1) goto bad;
engine= *(++argv);
}
+#endif
else if (strcmp(*argv,"-C") == 0)
C= ++num;
else if (strcmp(*argv,"-email") == 0)
@@ -450,7 +456,9 @@
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
e = setup_engine(bio_err, engine, 0);
+#endif
if (need_rand)
app_RAND_load_file(NULL, bio_err, 0);
