Add AES support in the applications that support -des and -des3.
diff --git a/STATUS b/STATUS
index 9cb4627..7929c02 100644
--- a/STATUS
+++ b/STATUS
@@ -1,6 +1,6 @@
OpenSSL STATUS Last modified at
- ______________ $Date: 2002/02/20 14:07:07 $
+ ______________ $Date: 2002/02/20 18:03:00 $
DEVELOPMENT STATE
@@ -61,9 +61,6 @@
weakness in SSL/TLS should be added; see
http://www.openssl.org/~bodo/tls-cbc.txt
- o All 'openssl' subprograms taking '-des' and '-des3' options should
- include AES support (0.9.7-dev)
-
o 'openssl speed' should include AES support (0.9.7-dev)
o apps/ca.c: "Sign the certificate?" - "n" creates empty certificate file
diff --git a/apps/dsa.c b/apps/dsa.c
index 59aa0ea..9d10a7c 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -79,6 +79,9 @@
* -des - encrypt output if PEM format with DES in cbc mode
* -des3 - encrypt output if PEM format
* -idea - encrypt output if PEM format
+ * -aes128 - encrypt output if PEM format
+ * -aes192 - encrypt output if PEM format
+ * -aes256 - encrypt output if PEM format
* -text - print a text version
* -modulus - print the DSA public key
*/
@@ -189,6 +192,10 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
#endif
+#ifndef OPENSSL_NO_AES
+ BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
+ BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
+#endif
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -noout don't print key out\n");
BIO_printf(bio_err," -modulus print the DSA public value\n");
diff --git a/apps/ecdsa.c b/apps/ecdsa.c
index e8aa746..80cbdb2 100644
--- a/apps/ecdsa.c
+++ b/apps/ecdsa.c
@@ -132,6 +132,9 @@
* -des - encrypt output if PEM format with DES in cbc mode
* -des3 - encrypt output if PEM format
* -idea - encrypt output if PEM format
+ * -aes128 - encrypt output if PEM format
+ * -aes192 - encrypt output if PEM format
+ * -aes256 - encrypt output if PEM format
* -text - print a text version
* -pub - print the ECDSA public key
* -compressed - print the public key in compressed form ( default )
@@ -227,12 +230,12 @@
else if (strcmp(*argv, "-pub") == 0)
{
pub = 1;
- buffer = (*(argv+1));
- if (strcmp(buffer, "compressed") == 0)
+ buffer = (unsigned char *)(*(argv+1));
+ if (strcmp((char *)buffer, "compressed") == 0)
point_form = POINT_CONVERSION_COMPRESSED;
- else if (strcmp(buffer, "hybrid") == 0)
+ else if (strcmp((char *)buffer, "hybrid") == 0)
point_form = POINT_CONVERSION_HYBRID;
- else if (strcmp(buffer, "uncompressed") == 0)
+ else if (strcmp((char *)buffer, "uncompressed") == 0)
point_form = POINT_CONVERSION_UNCOMPRESSED;
if (point_form)
{
@@ -271,6 +274,10 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err, " -idea encrypt PEM output with cbc idea\n");
#endif
+#ifndef OPENSSL_NO_AES
+ BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
+ BIO_printf(bio_err, " encrypt PEM output with cbc aes\n");
+#endif
BIO_printf(bio_err, " -text print the key in text\n");
BIO_printf(bio_err, " -noout don't print key out\n");
BIO_printf(bio_err, " -pub [compressed | hybrid | uncompressed] \n");
diff --git a/apps/gendsa.c b/apps/gendsa.c
index 6b74142..ebee7f0 100644
--- a/apps/gendsa.c
+++ b/apps/gendsa.c
@@ -130,6 +130,14 @@
else if (strcmp(*argv,"-idea") == 0)
enc=EVP_idea_cbc();
#endif
+#ifndef OPENSSL_NO_AES
+ else if (strcmp(*argv,"-aes128") == 0)
+ enc=EVP_aes_128_cbc();
+ else if (strcmp(*argv,"-aes192") == 0)
+ enc=EVP_aes_192_cbc();
+ else if (strcmp(*argv,"-aes256") == 0)
+ enc=EVP_aes_256_cbc();
+#endif
else if (**argv != '-' && dsaparams == NULL)
{
dsaparams = *argv;
@@ -152,6 +160,10 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
#endif
+#ifndef OPENSSL_NO_AES
+ BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
+ BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
+#endif
BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
diff --git a/apps/genrsa.c b/apps/genrsa.c
index b5ae1be..5a58235 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -139,6 +139,14 @@
else if (strcmp(*argv,"-idea") == 0)
enc=EVP_idea_cbc();
#endif
+#ifndef OPENSSL_NO_AES
+ else if (strcmp(*argv,"-aes128") == 0)
+ enc=EVP_aes_128_cbc();
+ else if (strcmp(*argv,"-aes192") == 0)
+ enc=EVP_aes_192_cbc();
+ else if (strcmp(*argv,"-aes256") == 0)
+ enc=EVP_aes_256_cbc();
+#endif
else if (strcmp(*argv,"-passout") == 0)
{
if (--argc < 1) goto bad;
@@ -158,6 +166,10 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n");
#endif
+#ifndef OPENSSL_NO_AES
+ BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
+ BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
+#endif
BIO_printf(bio_err," -out file output the key to 'file\n");
BIO_printf(bio_err," -passout arg output file pass phrase source\n");
BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");
diff --git a/apps/pkcs12.c b/apps/pkcs12.c
index 0e2bd6d..a424218 100644
--- a/apps/pkcs12.c
+++ b/apps/pkcs12.c
@@ -151,6 +151,11 @@
else if (!strcmp (*args, "-idea")) enc=EVP_idea_cbc();
#endif
else if (!strcmp (*args, "-des3")) enc = EVP_des_ede3_cbc();
+#ifndef OPENSSL_NO_AES
+ else if (!strcmp(*argv,"-aes128")) enc=EVP_aes_128_cbc();
+ else if (!strcmp(*argv,"-aes192")) enc=EVP_aes_192_cbc();
+ else if (!strcmp(*argv,"-aes256")) enc=EVP_aes_256_cbc();
+#endif
else if (!strcmp (*args, "-noiter")) iter = 1;
else if (!strcmp (*args, "-maciter"))
maciter = PKCS12_DEFAULT_ITER;
@@ -280,6 +285,10 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf (bio_err, "-idea encrypt private keys with idea\n");
#endif
+#ifndef OPENSSL_NO_AES
+ BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
+ BIO_printf (bio_err, " encrypt PEM output with cbc aes\n");
+#endif
BIO_printf (bio_err, "-nodes don't encrypt private keys\n");
BIO_printf (bio_err, "-noiter don't use encryption iteration\n");
BIO_printf (bio_err, "-maciter use MAC iteration\n");
diff --git a/apps/rsa.c b/apps/rsa.c
index 863159d..6cadcb2 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -79,6 +79,9 @@
* -des - encrypt output if PEM format with DES in cbc mode
* -des3 - encrypt output if PEM format
* -idea - encrypt output if PEM format
+ * -aes128 - encrypt output if PEM format
+ * -aes192 - encrypt output if PEM format
+ * -aes256 - encrypt output if PEM format
* -text - print a text version
* -modulus - print the RSA key modulus
* -check - verify key consistency
@@ -196,6 +199,10 @@
#ifndef OPENSSL_NO_IDEA
BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
#endif
+#ifndef OPENSSL_NO_AES
+ BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
+ BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
+#endif
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -noout don't print key out\n");
BIO_printf(bio_err," -modulus print the RSA key modulus\n");
diff --git a/apps/smime.c b/apps/smime.c
index 7c4aac1..731f9dd 100644
--- a/apps/smime.c
+++ b/apps/smime.c
@@ -129,6 +129,14 @@
else if (!strcmp (*args, "-rc2-64"))
cipher = EVP_rc2_64_cbc();
#endif
+#ifndef OPENSSL_NO_AES
+ else if (!strcmp(*argv,"-aes128") == 0)
+ cipher = EVP_aes_128_cbc();
+ else if (!strcmp(*argv,"-aes192") == 0)
+ cipher = EVP_aes_192_cbc();
+ else if (!strcmp(*argv,"-aes256") == 0)
+ cipher = EVP_aes_256_cbc();
+#endif
else if (!strcmp (*args, "-text"))
flags |= PKCS7_TEXT;
else if (!strcmp (*args, "-nointern"))
@@ -284,6 +292,10 @@
BIO_printf (bio_err, "-rc2-64 encrypt with RC2-64\n");
BIO_printf (bio_err, "-rc2-128 encrypt with RC2-128\n");
#endif
+#ifndef OPENSSL_NO_AES
+ BIO_printf (bio_err, "-aes128, -aes192, -aes256\n");
+ BIO_printf (bio_err, " encrypt PEM output with cbc aes\n");
+#endif
BIO_printf (bio_err, "-nointern don't search certificates in message for signer\n");
BIO_printf (bio_err, "-nosigs don't verify message signature\n");
BIO_printf (bio_err, "-noverify don't verify signers certificate\n");
