1 files changed, 76 insertions, 76 deletions
diff --git a/src/usr.bin/openssl/pkeyutl.c b/src/usr.bin/openssl/pkeyutl.c
index 8c0fd28b29..efd0896c02 100644
--- a/src/usr.bin/openssl/pkeyutl.c
+++ b/src/usr.bin/openssl/pkeyutl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkeyutl.c,v 1.18 2023/03/05 13:12:53 tb Exp $ */
+/* $OpenBSD: pkeyutl.c,v 1.19 2023/03/06 14:32:06 tb Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006.
 */
@@ -82,7 +82,7 @@ static struct {
        int pkey_op;
        int rev;
        char *sigfile;
-} pkeyutl_config;
+} cfg;
 static void pkeyutl_usage(void);
@@ -101,48 +101,48 @@ static const struct option pkeyutl_options[] = {
                .name = "asn1parse",
                .desc = "ASN.1 parse the output data",
                .type = OPTION_FLAG,
-                .opt.flag = &pkeyutl_config.asn1parse,
+                .opt.flag = &cfg.asn1parse,
        },
        {
                .name = "certin",
                .desc = "Input is a certificate containing a public key",
                .type = OPTION_VALUE,
                .value = KEY_CERT,
-                .opt.value = &pkeyutl_config.key_type,
+                .opt.value = &cfg.key_type,
        },
        {
                .name = "decrypt",
                .desc = "Decrypt the input data using a private key",
                .type = OPTION_VALUE,
                .value = EVP_PKEY_OP_DECRYPT,
-                .opt.value = &pkeyutl_config.pkey_op,
+                .opt.value = &cfg.pkey_op,
        },
        {
                .name = "derive",
                .desc = "Derive a shared secret using the peer key",
                .type = OPTION_VALUE,
                .value = EVP_PKEY_OP_DERIVE,
-                .opt.value = &pkeyutl_config.pkey_op,
+                .opt.value = &cfg.pkey_op,
        },
        {
                .name = "encrypt",
                .desc = "Encrypt the input data using a public key",
                .type = OPTION_VALUE,
                .value = EVP_PKEY_OP_ENCRYPT,
-                .opt.value = &pkeyutl_config.pkey_op,
+                .opt.value = &cfg.pkey_op,
        },
        {
                .name = "hexdump",
                .desc = "Hex dump the output data",
                .type = OPTION_FLAG,
-                .opt.flag = &pkeyutl_config.hexdump,
+                .opt.flag = &cfg.hexdump,
        },
        {
                .name = "in",
                .argname = "file",
                .desc = "Input file (default stdin)",
                .type = OPTION_ARG,
-                .opt.arg = &pkeyutl_config.infile,
+                .opt.arg = &cfg.infile,
        },
        {
                .name = "inkey",
@@ -156,28 +156,28 @@ static const struct option pkeyutl_options[] = {
                .argname = "fmt",
                .desc = "Input key format (DER or PEM (default))",
                .type = OPTION_ARG_FORMAT,
-                .opt.value = &pkeyutl_config.keyform,
+                .opt.value = &cfg.keyform,
        },
        {
                .name = "out",
                .argname = "file",
                .desc = "Output file (default stdout)",
                .type = OPTION_ARG,
-                .opt.arg = &pkeyutl_config.outfile,
+                .opt.arg = &cfg.outfile,
        },
        {
                .name = "passin",
                .argname = "arg",
                .desc = "Key password source",
                .type = OPTION_ARG,
-                .opt.arg = &pkeyutl_config.passargin,
+                .opt.arg = &cfg.passargin,
        },
        {
                .name = "peerform",
                .argname = "fmt",
                .desc = "Input key format (DER or PEM (default))",
                .type = OPTION_ARG_FORMAT,
-                .opt.value = &pkeyutl_config.peerform,
+                .opt.value = &cfg.peerform,
        },
        {
                .name = "peerkey",
@@ -198,41 +198,41 @@ static const struct option pkeyutl_options[] = {
                .desc = "Input is a public key",
                .type = OPTION_VALUE,
                .value = KEY_PUBKEY,
-                .opt.value = &pkeyutl_config.key_type,
+                .opt.value = &cfg.key_type,
        },
        {
                .name = "rev",
                .desc = "Reverse the input data",
                .type = OPTION_FLAG,
-                .opt.flag = &pkeyutl_config.rev,
+                .opt.flag = &cfg.rev,
        },
        {
                .name = "sigfile",
                .argname = "file",
                .desc = "Signature file (verify operation only)",
                .type = OPTION_ARG,
-                .opt.arg = &pkeyutl_config.sigfile,
+                .opt.arg = &cfg.sigfile,
        },
        {
                .name = "sign",
                .desc = "Sign the input data using private key",
                .type = OPTION_VALUE,
                .value = EVP_PKEY_OP_SIGN,
-                .opt.value = &pkeyutl_config.pkey_op,
+                .opt.value = &cfg.pkey_op,
        },
        {
                .name = "verify",
                .desc = "Verify the input data using public key",
                .type = OPTION_VALUE,
                .value = EVP_PKEY_OP_VERIFY,
-                .opt.value = &pkeyutl_config.pkey_op,
+                .opt.value = &cfg.pkey_op,
        },
        {
                .name = "verifyrecover",
                .desc = "Verify with public key, recover original data",
                .type = OPTION_VALUE,
                .value = EVP_PKEY_OP_VERIFYRECOVER,
-                .opt.value = &pkeyutl_config.pkey_op,
+                .opt.value = &cfg.pkey_op,
        },
        {NULL},
@@ -268,36 +268,36 @@ pkeyutl_main(int argc, char **argv)
                exit(1);
        }
-        memset(&pkeyutl_config, 0, sizeof(pkeyutl_config));
+        memset(&cfg, 0, sizeof(cfg));
-        pkeyutl_config.pkey_op = EVP_PKEY_OP_SIGN;
+        cfg.pkey_op = EVP_PKEY_OP_SIGN;
-        pkeyutl_config.key_type = KEY_PRIVKEY;
+        cfg.key_type = KEY_PRIVKEY;
-        pkeyutl_config.keyform = FORMAT_PEM;
+        cfg.keyform = FORMAT_PEM;
-        pkeyutl_config.peerform = FORMAT_PEM;
+        cfg.peerform = FORMAT_PEM;
-        pkeyutl_config.keysize = -1;
+        cfg.keysize = -1;
        if (options_parse(argc, argv, pkeyutl_options, NULL, NULL) != 0) {
                pkeyutl_usage();
                goto end;
        }
-        if (!pkeyutl_config.ctx) {
+        if (!cfg.ctx) {
                pkeyutl_usage();
                goto end;
        }
-        if (pkeyutl_config.sigfile &&
+        if (cfg.sigfile &&
-            (pkeyutl_config.pkey_op != EVP_PKEY_OP_VERIFY)) {
+            (cfg.pkey_op != EVP_PKEY_OP_VERIFY)) {
                BIO_puts(bio_err, "Signature file specified for non verify\n");
                goto end;
        }
-        if (!pkeyutl_config.sigfile &&
+        if (!cfg.sigfile &&
-            (pkeyutl_config.pkey_op == EVP_PKEY_OP_VERIFY)) {
+            (cfg.pkey_op == EVP_PKEY_OP_VERIFY)) {
                BIO_puts(bio_err, "No signature file specified for verify\n");
                goto end;
        }
-        if (pkeyutl_config.pkey_op != EVP_PKEY_OP_DERIVE) {
+        if (cfg.pkey_op != EVP_PKEY_OP_DERIVE) {
-                if (pkeyutl_config.infile) {
+                if (cfg.infile) {
-                        if (!(in = BIO_new_file(pkeyutl_config.infile, "rb"))) {
+                        if (!(in = BIO_new_file(cfg.infile, "rb"))) {
                                BIO_puts(bio_err,
                                    "Error Opening Input File\n");
                                ERR_print_errors(bio_err);
@@ -306,8 +306,8 @@ pkeyutl_main(int argc, char **argv)
                } else
                        in = BIO_new_fp(stdin, BIO_NOCLOSE);
        }
-        if (pkeyutl_config.outfile) {
+        if (cfg.outfile) {
-                if (!(out = BIO_new_file(pkeyutl_config.outfile, "wb"))) {
+                if (!(out = BIO_new_file(cfg.outfile, "wb"))) {
                        BIO_printf(bio_err, "Error Creating Output File\n");
                        ERR_print_errors(bio_err);
                        goto end;
@@ -316,14 +316,14 @@ pkeyutl_main(int argc, char **argv)
                out = BIO_new_fp(stdout, BIO_NOCLOSE);
        }
-        if (pkeyutl_config.sigfile) {
+        if (cfg.sigfile) {
-                BIO *sigbio = BIO_new_file(pkeyutl_config.sigfile, "rb");
+                BIO *sigbio = BIO_new_file(cfg.sigfile, "rb");
                if (!sigbio) {
                        BIO_printf(bio_err, "Can't open signature file %s\n",
-                            pkeyutl_config.sigfile);
+                            cfg.sigfile);
                        goto end;
                }
-                siglen = bio_to_mem(&sig, pkeyutl_config.keysize * 10, sigbio);
+                siglen = bio_to_mem(&sig, cfg.keysize * 10, sigbio);
                BIO_free(sigbio);
                if (siglen <= 0) {
                        BIO_printf(bio_err, "Error reading signature data\n");
@@ -332,12 +332,12 @@ pkeyutl_main(int argc, char **argv)
        }
        if (in) {
                /* Read the input data */
-                buf_inlen = bio_to_mem(&buf_in, pkeyutl_config.keysize * 10, in);
+                buf_inlen = bio_to_mem(&buf_in, cfg.keysize * 10, in);
                if (buf_inlen <= 0) {
                        BIO_printf(bio_err, "Error reading input Data\n");
                        exit(1);
                }
-                if (pkeyutl_config.rev) {
+                if (cfg.rev) {
                        size_t i;
                        unsigned char ctmp;
                        size_t l = (size_t) buf_inlen;
@@ -348,8 +348,8 @@ pkeyutl_main(int argc, char **argv)
                        }
                }
        }
-        if (pkeyutl_config.pkey_op == EVP_PKEY_OP_VERIFY) {
+        if (cfg.pkey_op == EVP_PKEY_OP_VERIFY) {
-                rv = EVP_PKEY_verify(pkeyutl_config.ctx, sig, (size_t) siglen,
+                rv = EVP_PKEY_verify(cfg.ctx, sig, (size_t) siglen,
                    buf_in, (size_t) buf_inlen);
                if (rv == 1) {
                        BIO_puts(out, "Signature Verified Successfully\n");
@@ -359,15 +359,15 @@ pkeyutl_main(int argc, char **argv)
                if (rv >= 0)
                        goto end;
        } else {
-                rv = do_keyop(pkeyutl_config.ctx, pkeyutl_config.pkey_op, NULL,
+                rv = do_keyop(cfg.ctx, cfg.pkey_op, NULL,
                    (size_t *)&buf_outlen, buf_in, (size_t) buf_inlen);
                if (rv > 0) {
                        buf_out = malloc(buf_outlen);
                        if (!buf_out)
                                rv = -1;
                        else
-                                rv = do_keyop(pkeyutl_config.ctx,
+                                rv = do_keyop(cfg.ctx,
-                                    pkeyutl_config.pkey_op,
+                                    cfg.pkey_op,
                                    buf_out, (size_t *) & buf_outlen,
                                    buf_in, (size_t) buf_inlen);
                }
@@ -379,16 +379,16 @@ pkeyutl_main(int argc, char **argv)
                goto end;
        }
        ret = 0;
-        if (pkeyutl_config.asn1parse) {
+        if (cfg.asn1parse) {
                if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
                        ERR_print_errors(bio_err);
-        } else if (pkeyutl_config.hexdump)
+        } else if (cfg.hexdump)
                BIO_dump(out, (char *) buf_out, buf_outlen);
        else
                BIO_write(out, buf_out, buf_outlen);
 end:
-        EVP_PKEY_CTX_free(pkeyutl_config.ctx);
+        EVP_PKEY_CTX_free(cfg.ctx);
        BIO_free(in);
        BIO_free_all(out);
        free(buf_in);
@@ -406,32 +406,32 @@ init_ctx(char *keyfile)
        int rv = -1;
        X509 *x;
-        if (((pkeyutl_config.pkey_op == EVP_PKEY_OP_SIGN)
+        if (((cfg.pkey_op == EVP_PKEY_OP_SIGN)
-                || (pkeyutl_config.pkey_op == EVP_PKEY_OP_DECRYPT)
+                || (cfg.pkey_op == EVP_PKEY_OP_DECRYPT)
-                || (pkeyutl_config.pkey_op == EVP_PKEY_OP_DERIVE))
+                || (cfg.pkey_op == EVP_PKEY_OP_DERIVE))
-            && (pkeyutl_config.key_type != KEY_PRIVKEY)) {
+            && (cfg.key_type != KEY_PRIVKEY)) {
                BIO_printf(bio_err,
                    "A private key is needed for this operation\n");
                goto end;
        }
-        if (!app_passwd(bio_err, pkeyutl_config.passargin, NULL, &passin,
+        if (!app_passwd(bio_err, cfg.passargin, NULL, &passin,
            NULL)) {
                BIO_printf(bio_err, "Error getting password\n");
                goto end;
        }
-        switch (pkeyutl_config.key_type) {
+        switch (cfg.key_type) {
        case KEY_PRIVKEY:
-                pkey = load_key(bio_err, keyfile, pkeyutl_config.keyform, 0,
+                pkey = load_key(bio_err, keyfile, cfg.keyform, 0,
                    passin, "Private Key");
                break;
        case KEY_PUBKEY:
-                pkey = load_pubkey(bio_err, keyfile, pkeyutl_config.keyform, 0,
+                pkey = load_pubkey(bio_err, keyfile, cfg.keyform, 0,
                    NULL, "Public Key");
                break;
        case KEY_CERT:
-                x = load_cert(bio_err, keyfile, pkeyutl_config.keyform,
+                x = load_cert(bio_err, keyfile, cfg.keyform,
                    NULL, "Certificate");
                if (x) {
                        pkey = X509_get_pubkey(x);
@@ -440,53 +440,53 @@ init_ctx(char *keyfile)
                break;
        }
-        pkeyutl_config.keysize = EVP_PKEY_size(pkey);
+        cfg.keysize = EVP_PKEY_size(pkey);
        if (!pkey)
                goto end;
-        pkeyutl_config.ctx = EVP_PKEY_CTX_new(pkey, NULL);
+        cfg.ctx = EVP_PKEY_CTX_new(pkey, NULL);
        EVP_PKEY_free(pkey);
-        if (!pkeyutl_config.ctx)
+        if (!cfg.ctx)
                goto end;
-        switch (pkeyutl_config.pkey_op) {
+        switch (cfg.pkey_op) {
        case EVP_PKEY_OP_SIGN:
-                rv = EVP_PKEY_sign_init(pkeyutl_config.ctx);
+                rv = EVP_PKEY_sign_init(cfg.ctx);
                break;
        case EVP_PKEY_OP_VERIFY:
-                rv = EVP_PKEY_verify_init(pkeyutl_config.ctx);
+                rv = EVP_PKEY_verify_init(cfg.ctx);
                break;
        case EVP_PKEY_OP_VERIFYRECOVER:
-                rv = EVP_PKEY_verify_recover_init(pkeyutl_config.ctx);
+                rv = EVP_PKEY_verify_recover_init(cfg.ctx);
                break;
        case EVP_PKEY_OP_ENCRYPT:
-                rv = EVP_PKEY_encrypt_init(pkeyutl_config.ctx);
+                rv = EVP_PKEY_encrypt_init(cfg.ctx);
                break;
        case EVP_PKEY_OP_DECRYPT:
-                rv = EVP_PKEY_decrypt_init(pkeyutl_config.ctx);
+                rv = EVP_PKEY_decrypt_init(cfg.ctx);
                break;
        case EVP_PKEY_OP_DERIVE:
-                rv = EVP_PKEY_derive_init(pkeyutl_config.ctx);
+                rv = EVP_PKEY_derive_init(cfg.ctx);
                break;
        }
        if (rv <= 0) {
-                EVP_PKEY_CTX_free(pkeyutl_config.ctx);
+                EVP_PKEY_CTX_free(cfg.ctx);
-                pkeyutl_config.ctx = NULL;
+                cfg.ctx = NULL;
        }
 end:
        free(passin);
-        if (!pkeyutl_config.ctx) {
+        if (!cfg.ctx) {
                BIO_puts(bio_err, "Error initializing context\n");
                ERR_print_errors(bio_err);
                return (1);
@@ -501,11 +501,11 @@ setup_peer(char *file)
        EVP_PKEY *peer = NULL;
        int ret;
-        if (!pkeyutl_config.ctx) {
+        if (!cfg.ctx) {
                BIO_puts(bio_err, "-peerkey command before -inkey\n");
                return (1);
        }
-        peer = load_pubkey(bio_err, file, pkeyutl_config.peerform, 0, NULL,
+        peer = load_pubkey(bio_err, file, cfg.peerform, 0, NULL,
            "Peer Key");
        if (!peer) {
@@ -513,7 +513,7 @@ setup_peer(char *file)
                ERR_print_errors(bio_err);
                return (1);
        }
-        ret = EVP_PKEY_derive_set_peer(pkeyutl_config.ctx, peer);
+        ret = EVP_PKEY_derive_set_peer(cfg.ctx, peer);
        EVP_PKEY_free(peer);
        if (ret <= 0) {
@@ -527,10 +527,10 @@ setup_peer(char *file)
 static int
 pkeyutl_pkeyopt(char *pkeyopt)
 {
-        if (!pkeyutl_config.ctx) {
+        if (!cfg.ctx) {
                BIO_puts(bio_err, "-pkeyopt command before -inkey\n");
                return (1);
-        } else if (pkey_ctrl_string(pkeyutl_config.ctx, pkeyopt) <= 0) {
+        } else if (pkey_ctrl_string(cfg.ctx, pkeyopt) <= 0) {
                BIO_puts(bio_err, "parameter setting error\n");
                ERR_print_errors(bio_err);
                return (1);

diff --git a/src/usr.bin/openssl/pkeyutl.c b/src/usr.bin/openssl/pkeyutl.c index 8c0fd28b29..efd0896c02 100644 --- a/src/usr.bin/openssl/pkeyutl.c +++ b/src/usr.bin/openssl/pkeyutl.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: pkeyutl.c,v 1.18 2023/03/05 13:12:53 tb Exp $ */	1	/* $OpenBSD: pkeyutl.c,v 1.19 2023/03/06 14:32:06 tb Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006.	3	* project 2006.
4	*/	4	*/
@@ -82,7 +82,7 @@ static struct {
82	int pkey_op;	82	int pkey_op;
83	int rev;	83	int rev;
84	char *sigfile;	84	char *sigfile;
85	} pkeyutl_config;	85	} cfg;
86		86
87	static void pkeyutl_usage(void);	87	static void pkeyutl_usage(void);
88		88
@@ -101,48 +101,48 @@ static const struct option pkeyutl_options[] = {
101	.name = "asn1parse",	101	.name = "asn1parse",
102	.desc = "ASN.1 parse the output data",	102	.desc = "ASN.1 parse the output data",
103	.type = OPTION_FLAG,	103	.type = OPTION_FLAG,
104	.opt.flag = &pkeyutl_config.asn1parse,	104	.opt.flag = &cfg.asn1parse,
105	},	105	},
106	{	106	{
107	.name = "certin",	107	.name = "certin",
108	.desc = "Input is a certificate containing a public key",	108	.desc = "Input is a certificate containing a public key",
109	.type = OPTION_VALUE,	109	.type = OPTION_VALUE,
110	.value = KEY_CERT,	110	.value = KEY_CERT,
111	.opt.value = &pkeyutl_config.key_type,	111	.opt.value = &cfg.key_type,
112	},	112	},
113	{	113	{
114	.name = "decrypt",	114	.name = "decrypt",
115	.desc = "Decrypt the input data using a private key",	115	.desc = "Decrypt the input data using a private key",
116	.type = OPTION_VALUE,	116	.type = OPTION_VALUE,
117	.value = EVP_PKEY_OP_DECRYPT,	117	.value = EVP_PKEY_OP_DECRYPT,
118	.opt.value = &pkeyutl_config.pkey_op,	118	.opt.value = &cfg.pkey_op,
119	},	119	},
120	{	120	{
121	.name = "derive",	121	.name = "derive",
122	.desc = "Derive a shared secret using the peer key",	122	.desc = "Derive a shared secret using the peer key",
123	.type = OPTION_VALUE,	123	.type = OPTION_VALUE,
124	.value = EVP_PKEY_OP_DERIVE,	124	.value = EVP_PKEY_OP_DERIVE,
125	.opt.value = &pkeyutl_config.pkey_op,	125	.opt.value = &cfg.pkey_op,
126	},	126	},
127	{	127	{
128	.name = "encrypt",	128	.name = "encrypt",
129	.desc = "Encrypt the input data using a public key",	129	.desc = "Encrypt the input data using a public key",
130	.type = OPTION_VALUE,	130	.type = OPTION_VALUE,
131	.value = EVP_PKEY_OP_ENCRYPT,	131	.value = EVP_PKEY_OP_ENCRYPT,
132	.opt.value = &pkeyutl_config.pkey_op,	132	.opt.value = &cfg.pkey_op,
133	},	133	},
134	{	134	{
135	.name = "hexdump",	135	.name = "hexdump",
136	.desc = "Hex dump the output data",	136	.desc = "Hex dump the output data",
137	.type = OPTION_FLAG,	137	.type = OPTION_FLAG,
138	.opt.flag = &pkeyutl_config.hexdump,	138	.opt.flag = &cfg.hexdump,
139	},	139	},
140	{	140	{
141	.name = "in",	141	.name = "in",
142	.argname = "file",	142	.argname = "file",
143	.desc = "Input file (default stdin)",	143	.desc = "Input file (default stdin)",
144	.type = OPTION_ARG,	144	.type = OPTION_ARG,
145	.opt.arg = &pkeyutl_config.infile,	145	.opt.arg = &cfg.infile,
146	},	146	},
147	{	147	{
148	.name = "inkey",	148	.name = "inkey",
@@ -156,28 +156,28 @@ static const struct option pkeyutl_options[] = {
156	.argname = "fmt",	156	.argname = "fmt",
157	.desc = "Input key format (DER or PEM (default))",	157	.desc = "Input key format (DER or PEM (default))",
158	.type = OPTION_ARG_FORMAT,	158	.type = OPTION_ARG_FORMAT,
159	.opt.value = &pkeyutl_config.keyform,	159	.opt.value = &cfg.keyform,
160	},	160	},
161	{	161	{
162	.name = "out",	162	.name = "out",
163	.argname = "file",	163	.argname = "file",
164	.desc = "Output file (default stdout)",	164	.desc = "Output file (default stdout)",
165	.type = OPTION_ARG,	165	.type = OPTION_ARG,
166	.opt.arg = &pkeyutl_config.outfile,	166	.opt.arg = &cfg.outfile,
167	},	167	},
168	{	168	{
169	.name = "passin",	169	.name = "passin",
170	.argname = "arg",	170	.argname = "arg",
171	.desc = "Key password source",	171	.desc = "Key password source",
172	.type = OPTION_ARG,	172	.type = OPTION_ARG,
173	.opt.arg = &pkeyutl_config.passargin,	173	.opt.arg = &cfg.passargin,
174	},	174	},
175	{	175	{
176	.name = "peerform",	176	.name = "peerform",
177	.argname = "fmt",	177	.argname = "fmt",
178	.desc = "Input key format (DER or PEM (default))",	178	.desc = "Input key format (DER or PEM (default))",
179	.type = OPTION_ARG_FORMAT,	179	.type = OPTION_ARG_FORMAT,
180	.opt.value = &pkeyutl_config.peerform,	180	.opt.value = &cfg.peerform,
181	},	181	},
182	{	182	{
183	.name = "peerkey",	183	.name = "peerkey",
@@ -198,41 +198,41 @@ static const struct option pkeyutl_options[] = {
198	.desc = "Input is a public key",	198	.desc = "Input is a public key",
199	.type = OPTION_VALUE,	199	.type = OPTION_VALUE,
200	.value = KEY_PUBKEY,	200	.value = KEY_PUBKEY,
201	.opt.value = &pkeyutl_config.key_type,	201	.opt.value = &cfg.key_type,
202	},	202	},
203	{	203	{
204	.name = "rev",	204	.name = "rev",
205	.desc = "Reverse the input data",	205	.desc = "Reverse the input data",
206	.type = OPTION_FLAG,	206	.type = OPTION_FLAG,
207	.opt.flag = &pkeyutl_config.rev,	207	.opt.flag = &cfg.rev,
208	},	208	},
209	{	209	{
210	.name = "sigfile",	210	.name = "sigfile",
211	.argname = "file",	211	.argname = "file",
212	.desc = "Signature file (verify operation only)",	212	.desc = "Signature file (verify operation only)",
213	.type = OPTION_ARG,	213	.type = OPTION_ARG,
214	.opt.arg = &pkeyutl_config.sigfile,	214	.opt.arg = &cfg.sigfile,
215	},	215	},
216	{	216	{
217	.name = "sign",	217	.name = "sign",
218	.desc = "Sign the input data using private key",	218	.desc = "Sign the input data using private key",
219	.type = OPTION_VALUE,	219	.type = OPTION_VALUE,
220	.value = EVP_PKEY_OP_SIGN,	220	.value = EVP_PKEY_OP_SIGN,
221	.opt.value = &pkeyutl_config.pkey_op,	221	.opt.value = &cfg.pkey_op,
222	},	222	},
223	{	223	{
224	.name = "verify",	224	.name = "verify",
225	.desc = "Verify the input data using public key",	225	.desc = "Verify the input data using public key",
226	.type = OPTION_VALUE,	226	.type = OPTION_VALUE,
227	.value = EVP_PKEY_OP_VERIFY,	227	.value = EVP_PKEY_OP_VERIFY,
228	.opt.value = &pkeyutl_config.pkey_op,	228	.opt.value = &cfg.pkey_op,
229	},	229	},
230	{	230	{
231	.name = "verifyrecover",	231	.name = "verifyrecover",
232	.desc = "Verify with public key, recover original data",	232	.desc = "Verify with public key, recover original data",
233	.type = OPTION_VALUE,	233	.type = OPTION_VALUE,
234	.value = EVP_PKEY_OP_VERIFYRECOVER,	234	.value = EVP_PKEY_OP_VERIFYRECOVER,
235	.opt.value = &pkeyutl_config.pkey_op,	235	.opt.value = &cfg.pkey_op,
236	},	236	},
237		237
238	{NULL},	238	{NULL},
@@ -268,36 +268,36 @@ pkeyutl_main(int argc, char **argv)
268	exit(1);	268	exit(1);
269	}	269	}
270		270
271	memset(&pkeyutl_config, 0, sizeof(pkeyutl_config));	271	memset(&cfg, 0, sizeof(cfg));
272	pkeyutl_config.pkey_op = EVP_PKEY_OP_SIGN;	272	cfg.pkey_op = EVP_PKEY_OP_SIGN;
273	pkeyutl_config.key_type = KEY_PRIVKEY;	273	cfg.key_type = KEY_PRIVKEY;
274	pkeyutl_config.keyform = FORMAT_PEM;	274	cfg.keyform = FORMAT_PEM;
275	pkeyutl_config.peerform = FORMAT_PEM;	275	cfg.peerform = FORMAT_PEM;
276	pkeyutl_config.keysize = -1;	276	cfg.keysize = -1;
277		277
278	if (options_parse(argc, argv, pkeyutl_options, NULL, NULL) != 0) {	278	if (options_parse(argc, argv, pkeyutl_options, NULL, NULL) != 0) {
279	pkeyutl_usage();	279	pkeyutl_usage();
280	goto end;	280	goto end;
281	}	281	}
282		282
283	if (!pkeyutl_config.ctx) {	283	if (!cfg.ctx) {
284	pkeyutl_usage();	284	pkeyutl_usage();
285	goto end;	285	goto end;
286	}	286	}
287	if (pkeyutl_config.sigfile &&	287	if (cfg.sigfile &&
288	(pkeyutl_config.pkey_op != EVP_PKEY_OP_VERIFY)) {	288	(cfg.pkey_op != EVP_PKEY_OP_VERIFY)) {
289	BIO_puts(bio_err, "Signature file specified for non verify\n");	289	BIO_puts(bio_err, "Signature file specified for non verify\n");
290	goto end;	290	goto end;
291	}	291	}
292	if (!pkeyutl_config.sigfile &&	292	if (!cfg.sigfile &&
293	(pkeyutl_config.pkey_op == EVP_PKEY_OP_VERIFY)) {	293	(cfg.pkey_op == EVP_PKEY_OP_VERIFY)) {
294	BIO_puts(bio_err, "No signature file specified for verify\n");	294	BIO_puts(bio_err, "No signature file specified for verify\n");
295	goto end;	295	goto end;
296	}	296	}
297		297
298	if (pkeyutl_config.pkey_op != EVP_PKEY_OP_DERIVE) {	298	if (cfg.pkey_op != EVP_PKEY_OP_DERIVE) {
299	if (pkeyutl_config.infile) {	299	if (cfg.infile) {
300	if (!(in = BIO_new_file(pkeyutl_config.infile, "rb"))) {	300	if (!(in = BIO_new_file(cfg.infile, "rb"))) {
301	BIO_puts(bio_err,	301	BIO_puts(bio_err,
302	"Error Opening Input File\n");	302	"Error Opening Input File\n");
303	ERR_print_errors(bio_err);	303	ERR_print_errors(bio_err);
@@ -306,8 +306,8 @@ pkeyutl_main(int argc, char **argv)
306	} else	306	} else
307	in = BIO_new_fp(stdin, BIO_NOCLOSE);	307	in = BIO_new_fp(stdin, BIO_NOCLOSE);
308	}	308	}
309	if (pkeyutl_config.outfile) {	309	if (cfg.outfile) {
310	if (!(out = BIO_new_file(pkeyutl_config.outfile, "wb"))) {	310	if (!(out = BIO_new_file(cfg.outfile, "wb"))) {
311	BIO_printf(bio_err, "Error Creating Output File\n");	311	BIO_printf(bio_err, "Error Creating Output File\n");
312	ERR_print_errors(bio_err);	312	ERR_print_errors(bio_err);
313	goto end;	313	goto end;
@@ -316,14 +316,14 @@ pkeyutl_main(int argc, char **argv)
316	out = BIO_new_fp(stdout, BIO_NOCLOSE);	316	out = BIO_new_fp(stdout, BIO_NOCLOSE);
317	}	317	}
318		318
319	if (pkeyutl_config.sigfile) {	319	if (cfg.sigfile) {
320	BIO *sigbio = BIO_new_file(pkeyutl_config.sigfile, "rb");	320	BIO *sigbio = BIO_new_file(cfg.sigfile, "rb");
321	if (!sigbio) {	321	if (!sigbio) {
322	BIO_printf(bio_err, "Can't open signature file %s\n",	322	BIO_printf(bio_err, "Can't open signature file %s\n",
323	pkeyutl_config.sigfile);	323	cfg.sigfile);
324	goto end;	324	goto end;
325	}	325	}
326	siglen = bio_to_mem(&sig, pkeyutl_config.keysize * 10, sigbio);	326	siglen = bio_to_mem(&sig, cfg.keysize * 10, sigbio);
327	BIO_free(sigbio);	327	BIO_free(sigbio);
328	if (siglen <= 0) {	328	if (siglen <= 0) {
329	BIO_printf(bio_err, "Error reading signature data\n");	329	BIO_printf(bio_err, "Error reading signature data\n");
@@ -332,12 +332,12 @@ pkeyutl_main(int argc, char **argv)
332	}	332	}
333	if (in) {	333	if (in) {
334	/* Read the input data */	334	/* Read the input data */
335	buf_inlen = bio_to_mem(&buf_in, pkeyutl_config.keysize * 10, in);	335	buf_inlen = bio_to_mem(&buf_in, cfg.keysize * 10, in);
336	if (buf_inlen <= 0) {	336	if (buf_inlen <= 0) {
337	BIO_printf(bio_err, "Error reading input Data\n");	337	BIO_printf(bio_err, "Error reading input Data\n");
338	exit(1);	338	exit(1);
339	}	339	}
340	if (pkeyutl_config.rev) {	340	if (cfg.rev) {
341	size_t i;	341	size_t i;
342	unsigned char ctmp;	342	unsigned char ctmp;
343	size_t l = (size_t) buf_inlen;	343	size_t l = (size_t) buf_inlen;
@@ -348,8 +348,8 @@ pkeyutl_main(int argc, char **argv)
348	}	348	}
349	}	349	}
350	}	350	}
351	if (pkeyutl_config.pkey_op == EVP_PKEY_OP_VERIFY) {	351	if (cfg.pkey_op == EVP_PKEY_OP_VERIFY) {
352	rv = EVP_PKEY_verify(pkeyutl_config.ctx, sig, (size_t) siglen,	352	rv = EVP_PKEY_verify(cfg.ctx, sig, (size_t) siglen,
353	buf_in, (size_t) buf_inlen);	353	buf_in, (size_t) buf_inlen);
354	if (rv == 1) {	354	if (rv == 1) {
355	BIO_puts(out, "Signature Verified Successfully\n");	355	BIO_puts(out, "Signature Verified Successfully\n");
@@ -359,15 +359,15 @@ pkeyutl_main(int argc, char **argv)
359	if (rv >= 0)	359	if (rv >= 0)
360	goto end;	360	goto end;
361	} else {	361	} else {
362	rv = do_keyop(pkeyutl_config.ctx, pkeyutl_config.pkey_op, NULL,	362	rv = do_keyop(cfg.ctx, cfg.pkey_op, NULL,
363	(size_t *)&buf_outlen, buf_in, (size_t) buf_inlen);	363	(size_t *)&buf_outlen, buf_in, (size_t) buf_inlen);
364	if (rv > 0) {	364	if (rv > 0) {
365	buf_out = malloc(buf_outlen);	365	buf_out = malloc(buf_outlen);
366	if (!buf_out)	366	if (!buf_out)
367	rv = -1;	367	rv = -1;
368	else	368	else
369	rv = do_keyop(pkeyutl_config.ctx,	369	rv = do_keyop(cfg.ctx,
370	pkeyutl_config.pkey_op,	370	cfg.pkey_op,
371	buf_out, (size_t *) & buf_outlen,	371	buf_out, (size_t *) & buf_outlen,
372	buf_in, (size_t) buf_inlen);	372	buf_in, (size_t) buf_inlen);
373	}	373	}
@@ -379,16 +379,16 @@ pkeyutl_main(int argc, char **argv)
379	goto end;	379	goto end;
380	}	380	}
381	ret = 0;	381	ret = 0;
382	if (pkeyutl_config.asn1parse) {	382	if (cfg.asn1parse) {
383	if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))	383	if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
384	ERR_print_errors(bio_err);	384	ERR_print_errors(bio_err);
385	} else if (pkeyutl_config.hexdump)	385	} else if (cfg.hexdump)
386	BIO_dump(out, (char *) buf_out, buf_outlen);	386	BIO_dump(out, (char *) buf_out, buf_outlen);
387	else	387	else
388	BIO_write(out, buf_out, buf_outlen);	388	BIO_write(out, buf_out, buf_outlen);
389		389
390	end:	390	end:
391	EVP_PKEY_CTX_free(pkeyutl_config.ctx);	391	EVP_PKEY_CTX_free(cfg.ctx);
392	BIO_free(in);	392	BIO_free(in);
393	BIO_free_all(out);	393	BIO_free_all(out);
394	free(buf_in);	394	free(buf_in);
@@ -406,32 +406,32 @@ init_ctx(char *keyfile)
406	int rv = -1;	406	int rv = -1;
407	X509 *x;	407	X509 *x;
408		408
409	if (((pkeyutl_config.pkey_op == EVP_PKEY_OP_SIGN)	409	if (((cfg.pkey_op == EVP_PKEY_OP_SIGN)
410	\|\| (pkeyutl_config.pkey_op == EVP_PKEY_OP_DECRYPT)	410	\|\| (cfg.pkey_op == EVP_PKEY_OP_DECRYPT)
411	\|\| (pkeyutl_config.pkey_op == EVP_PKEY_OP_DERIVE))	411	\|\| (cfg.pkey_op == EVP_PKEY_OP_DERIVE))
412	&& (pkeyutl_config.key_type != KEY_PRIVKEY)) {	412	&& (cfg.key_type != KEY_PRIVKEY)) {
413	BIO_printf(bio_err,	413	BIO_printf(bio_err,
414	"A private key is needed for this operation\n");	414	"A private key is needed for this operation\n");
415	goto end;	415	goto end;
416	}	416	}
417	if (!app_passwd(bio_err, pkeyutl_config.passargin, NULL, &passin,	417	if (!app_passwd(bio_err, cfg.passargin, NULL, &passin,
418	NULL)) {	418	NULL)) {
419	BIO_printf(bio_err, "Error getting password\n");	419	BIO_printf(bio_err, "Error getting password\n");
420	goto end;	420	goto end;
421	}	421	}
422	switch (pkeyutl_config.key_type) {	422	switch (cfg.key_type) {
423	case KEY_PRIVKEY:	423	case KEY_PRIVKEY:
424	pkey = load_key(bio_err, keyfile, pkeyutl_config.keyform, 0,	424	pkey = load_key(bio_err, keyfile, cfg.keyform, 0,
425	passin, "Private Key");	425	passin, "Private Key");
426	break;	426	break;
427		427
428	case KEY_PUBKEY:	428	case KEY_PUBKEY:
429	pkey = load_pubkey(bio_err, keyfile, pkeyutl_config.keyform, 0,	429	pkey = load_pubkey(bio_err, keyfile, cfg.keyform, 0,
430	NULL, "Public Key");	430	NULL, "Public Key");
431	break;	431	break;
432		432
433	case KEY_CERT:	433	case KEY_CERT:
434	x = load_cert(bio_err, keyfile, pkeyutl_config.keyform,	434	x = load_cert(bio_err, keyfile, cfg.keyform,
435	NULL, "Certificate");	435	NULL, "Certificate");
436	if (x) {	436	if (x) {
437	pkey = X509_get_pubkey(x);	437	pkey = X509_get_pubkey(x);
@@ -440,53 +440,53 @@ init_ctx(char *keyfile)
440	break;	440	break;
441	}	441	}
442		442
443	pkeyutl_config.keysize = EVP_PKEY_size(pkey);	443	cfg.keysize = EVP_PKEY_size(pkey);
444		444
445	if (!pkey)	445	if (!pkey)
446	goto end;	446	goto end;
447		447
448	pkeyutl_config.ctx = EVP_PKEY_CTX_new(pkey, NULL);	448	cfg.ctx = EVP_PKEY_CTX_new(pkey, NULL);
449		449
450	EVP_PKEY_free(pkey);	450	EVP_PKEY_free(pkey);
451		451
452	if (!pkeyutl_config.ctx)	452	if (!cfg.ctx)
453	goto end;	453	goto end;
454		454
455	switch (pkeyutl_config.pkey_op) {	455	switch (cfg.pkey_op) {
456	case EVP_PKEY_OP_SIGN:	456	case EVP_PKEY_OP_SIGN:
457	rv = EVP_PKEY_sign_init(pkeyutl_config.ctx);	457	rv = EVP_PKEY_sign_init(cfg.ctx);
458	break;	458	break;
459		459
460	case EVP_PKEY_OP_VERIFY:	460	case EVP_PKEY_OP_VERIFY:
461	rv = EVP_PKEY_verify_init(pkeyutl_config.ctx);	461	rv = EVP_PKEY_verify_init(cfg.ctx);
462	break;	462	break;
463		463
464	case EVP_PKEY_OP_VERIFYRECOVER:	464	case EVP_PKEY_OP_VERIFYRECOVER:
465	rv = EVP_PKEY_verify_recover_init(pkeyutl_config.ctx);	465	rv = EVP_PKEY_verify_recover_init(cfg.ctx);
466	break;	466	break;
467		467
468	case EVP_PKEY_OP_ENCRYPT:	468	case EVP_PKEY_OP_ENCRYPT:
469	rv = EVP_PKEY_encrypt_init(pkeyutl_config.ctx);	469	rv = EVP_PKEY_encrypt_init(cfg.ctx);
470	break;	470	break;
471		471
472	case EVP_PKEY_OP_DECRYPT:	472	case EVP_PKEY_OP_DECRYPT:
473	rv = EVP_PKEY_decrypt_init(pkeyutl_config.ctx);	473	rv = EVP_PKEY_decrypt_init(cfg.ctx);
474	break;	474	break;
475		475
476	case EVP_PKEY_OP_DERIVE:	476	case EVP_PKEY_OP_DERIVE:
477	rv = EVP_PKEY_derive_init(pkeyutl_config.ctx);	477	rv = EVP_PKEY_derive_init(cfg.ctx);
478	break;	478	break;
479	}	479	}
480		480
481	if (rv <= 0) {	481	if (rv <= 0) {
482	EVP_PKEY_CTX_free(pkeyutl_config.ctx);	482	EVP_PKEY_CTX_free(cfg.ctx);
483	pkeyutl_config.ctx = NULL;	483	cfg.ctx = NULL;
484	}	484	}
485		485
486	end:	486	end:
487	free(passin);	487	free(passin);
488		488
489	if (!pkeyutl_config.ctx) {	489	if (!cfg.ctx) {
490	BIO_puts(bio_err, "Error initializing context\n");	490	BIO_puts(bio_err, "Error initializing context\n");
491	ERR_print_errors(bio_err);	491	ERR_print_errors(bio_err);
492	return (1);	492	return (1);
@@ -501,11 +501,11 @@ setup_peer(char *file)
501	EVP_PKEY *peer = NULL;	501	EVP_PKEY *peer = NULL;
502	int ret;	502	int ret;
503		503
504	if (!pkeyutl_config.ctx) {	504	if (!cfg.ctx) {
505	BIO_puts(bio_err, "-peerkey command before -inkey\n");	505	BIO_puts(bio_err, "-peerkey command before -inkey\n");
506	return (1);	506	return (1);
507	}	507	}
508	peer = load_pubkey(bio_err, file, pkeyutl_config.peerform, 0, NULL,	508	peer = load_pubkey(bio_err, file, cfg.peerform, 0, NULL,
509	"Peer Key");	509	"Peer Key");
510		510
511	if (!peer) {	511	if (!peer) {
@@ -513,7 +513,7 @@ setup_peer(char *file)
513	ERR_print_errors(bio_err);	513	ERR_print_errors(bio_err);
514	return (1);	514	return (1);
515	}	515	}
516	ret = EVP_PKEY_derive_set_peer(pkeyutl_config.ctx, peer);	516	ret = EVP_PKEY_derive_set_peer(cfg.ctx, peer);
517		517
518	EVP_PKEY_free(peer);	518	EVP_PKEY_free(peer);
519	if (ret <= 0) {	519	if (ret <= 0) {
@@ -527,10 +527,10 @@ setup_peer(char *file)
527	static int	527	static int
528	pkeyutl_pkeyopt(char *pkeyopt)	528	pkeyutl_pkeyopt(char *pkeyopt)
529	{	529	{
530	if (!pkeyutl_config.ctx) {	530	if (!cfg.ctx) {
531	BIO_puts(bio_err, "-pkeyopt command before -inkey\n");	531	BIO_puts(bio_err, "-pkeyopt command before -inkey\n");
532	return (1);	532	return (1);
533	} else if (pkey_ctrl_string(pkeyutl_config.ctx, pkeyopt) <= 0) {	533	} else if (pkey_ctrl_string(cfg.ctx, pkeyopt) <= 0) {
534	BIO_puts(bio_err, "parameter setting error\n");	534	BIO_puts(bio_err, "parameter setting error\n");
535	ERR_print_errors(bio_err);	535	ERR_print_errors(bio_err);
536	return (1);	536	return (1);