The underlying API will be removed, so these commands have to go.
ok beck
-/* $OpenBSD: apps.c,v 1.68 2024/08/18 20:24:11 tb Exp $ */
+/* $OpenBSD: apps.c,v 1.69 2024/08/29 17:01:02 tb Exp $ */
/*
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
*
fprintf(stderr, " -%-24s%s", name->name, (++*n % 3 != 0 ? "" : "\n"));
}
-
-int
-pkey_check(BIO *out, EVP_PKEY *pkey, int (check_fn)(EVP_PKEY_CTX *),
- const char *desc)
-{
- EVP_PKEY_CTX *ctx;
-
- if ((ctx = EVP_PKEY_CTX_new(pkey, NULL)) == NULL) {
- ERR_print_errors(bio_err);
- return 0;
- }
-
- if (check_fn(ctx) == 1) {
- BIO_printf(out, "%s valid\n", desc);
- } else {
- unsigned long err;
-
- BIO_printf(out, "%s invalid\n", desc);
-
- while ((err = ERR_get_error()) != 0)
- BIO_printf(out, "Detailed error: %s\n",
- ERR_reason_error_string(err));
- }
-
- EVP_PKEY_CTX_free(ctx);
-
- return 1;
-}
-/* $OpenBSD: apps.h,v 1.37 2024/05/21 05:00:48 jsg Exp $ */
+/* $OpenBSD: apps.h,v 1.38 2024/08/29 17:01:02 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
char **unnamed, int *argsused);
void show_cipher(const OBJ_NAME *name, void *arg);
-
-int pkey_check(BIO *out, EVP_PKEY *pkey, int (check_fn)(EVP_PKEY_CTX *),
- const char *desc);
#endif
-/* $OpenBSD: pkey.c,v 1.20 2023/07/23 11:39:29 tb Exp $ */
+/* $OpenBSD: pkey.c,v 1.21 2024/08/29 17:01:02 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006
*/
#include <openssl/pem.h>
static struct {
- int check;
const EVP_CIPHER *cipher;
char *infile;
int informat;
int outformat;
char *passargin;
char *passargout;
- int pubcheck;
int pubin;
int pubout;
int pubtext;
}
static const struct option pkey_options[] = {
- {
- .name = "check",
- .desc = "Check validity of key",
- .type = OPTION_FLAG,
- .opt.flag = &cfg.check,
- },
{
.name = "in",
.argname = "file",
.type = OPTION_ARG,
.opt.arg = &cfg.passargout,
},
- {
- .name = "pubcheck",
- .desc = "Check validity of public key",
- .type = OPTION_FLAG,
- .opt.flag = &cfg.pubcheck,
- },
{
.name = "pubin",
.desc = "Expect a public key (default private key)",
int n = 0;
fprintf(stderr,
- "usage: pkey [-check] [-ciphername] [-in file] [-inform fmt] "
+ "usage: pkey [-ciphername] [-in file] [-inform fmt] "
"[-noout] [-out file]\n"
- " [-outform fmt] [-passin src] [-passout src] [-pubcheck] "
+ " [-outform fmt] [-passin src] [-passout src] "
"[-pubin] [-pubout]\n"
" [-text] [-text_pub]\n\n");
options_usage(pkey_options);
if (!pkey)
goto end;
- if (cfg.check) {
- if (!pkey_check(out, pkey, EVP_PKEY_check, "Key pair"))
- goto end;
- } else if (cfg.pubcheck) {
- if (!pkey_check(out, pkey, EVP_PKEY_public_check, "Public key"))
- goto end;
- }
-
if (!cfg.noout) {
if (cfg.outformat == FORMAT_PEM) {
if (cfg.pubout)
-/* $OpenBSD: pkeyparam.c,v 1.18 2023/07/23 11:39:29 tb Exp $ */
+/* $OpenBSD: pkeyparam.c,v 1.19 2024/08/29 17:01:02 tb Exp $ */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
* project 2006
*/
#include <openssl/pem.h>
static struct {
- int check;
char *infile;
int noout;
char *outfile;
} cfg;
static const struct option pkeyparam_options[] = {
- {
- .name = "check",
- .desc = "Check validity of key parameters",
- .type = OPTION_FLAG,
- .opt.flag = &cfg.check,
- },
{
.name = "in",
.argname = "file",
pkeyparam_usage(void)
{
fprintf(stderr,
- "usage: pkeyparam [-check] [-in file] [-noout] [-out file] "
- "[-text]\n");
+ "usage: pkeyparam [-in file] [-noout] [-out file] [-text]\n");
options_usage(pkeyparam_options);
}
goto end;
}
- if (cfg.check) {
- if (!pkey_check(out, pkey, EVP_PKEY_param_check, "Parameters"))
- goto end;
- }
-
if (!cfg.noout)
PEM_write_bio_Parameters(out, pkey);