[openssl.org #2066] [FEATURE-REQUEST] add -r option to checksum outputs

2009-09-28 Thread Guenter via RT 
Hi,
I did recently some research on available checksum tools on various
platforms, and found its really a mess with all those different checksum
outputs since there is no RFC which describes a standard format.
Anyway, I think the most commonly used tools might be md5sum / sha1sum
from GNU core utilities, and they are also user-friendly because they
provide to validate directly from a checksum file without need for hacks
with external tools (-c option). See also here where I have summarized
what I've found so far:
http://www.gknw.net/phpbb/viewtopic.php?t=570
as you can see there I describe how the format of openssl's output only
slightly differs from the md5 / sha1 tools (two blanks are missing).
In addition I have already knocked at the door from coreutils, and got a
positive reply that they are willing to support openssl's format too in
order to make md5sum / sha1sum even more user-friendly - however before
I proceed to look into that direction I thought I ask here first if
there's willingness to fix the format of openssl (add the 2 blanks) and
/ or add an option -r (like the *BSD md5 / sha1 have) to output the
checksum in the same format as md5sum / sha1sum use; this would make it
*easily* possible to automatically verify openssl-generated checksums
with md5sum / sha1sum.
Please do not reply here with cool sed hacks - read my summarize and you
see that I'm aware of such; think more of the users who are often not
able to hack around with sed, pipes, whatever.
I believe that even changing the existing format to be 100% identical
with md5 / sha1 (which in turn md5sum / sha1sum can deal with) is not an
issue of backward compatibility since openssl has no option to verify
from checksum files AFAIK; and those who use sed hacks are certainly
also able to skip the two additional blanks in future.
current 'openssl md5' output:
MD5(dummy.gz)= 085fb517d4e442564672c6dda5490ab7
md5 output (which can be used by md5sum):
MD5 (dummy.gz) = 085fb517d4e442564672c6dda5490ab7

thanks, Günter.



__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2066] [FEATURE-REQUEST] add -r option to checksum outputs

2009-09-28 Thread Guenter via RT 
Hi,
find below (also attached) a very simple patch which adds a -r option to
the openssl 1.0 branch; the output is like this:

# ./openssl md5 openssl
MD5(openssl)= 4d184b33151ecde62657079a8b4c3e15
# ./openssl md5 -r openssl
4d184b33151ecde62657079a8b4c3e15 *openssl
# ./openssl sha1 openssl
SHA1(openssl)= f385aa365dcb11d6beef54eaef1f717c90b40a90
# ./openssl sha1 -r openssl
f385aa365dcb11d6beef54eaef1f717c90b40a90 *openssl
# ./openssl sha256 -r openssl
a2b3d8af6fc052626f13f740cad7aaadb2700ac6a331a876da2ecbcdeacc18d7 *openssl

and the check with coreutils tools succeeds:

# ./openssl md5 -r openssl | md5sum -c -
openssl: OK
# ./openssl sha1 -r openssl | sha1sum -c -
openssl: OK
# ./openssl sha256 -r openssl | sha256sum -c -
openssl: OK

--- dgst.c.orig 2009-04-26 14:16:12.0 +0200
+++ dgst.c  2009-09-29 01:19:39.0 +0200
@@ -155,6 +155,8 @@
if ((*argv)[0] != '-') break;
if (strcmp(*argv,-c) == 0)
separator=1;
+   if (strcmp(*argv,-r) == 0)
+   separator=2;
else if (strcmp(*argv,-rand) == 0)
{
if (--argc  1) break;
@@ -262,6 +264,7 @@
BIO_printf(bio_err,unknown option '%s'\n,*argv);
BIO_printf(bio_err,options are\n);
BIO_printf(bio_err,-c  to output the digest with
separating colons\n);
+   BIO_printf(bio_err,-r  to output the digest in 
coreutils
format\n);
BIO_printf(bio_err,-d  to output debug info\n);
BIO_printf(bio_err,-hexoutput as hex dump\n);
BIO_printf(bio_err,-binary output in binary form\n);
@@ -602,6 +605,12 @@
}

if(binout) BIO_write(out, buf, len);
+   else if (sep == 2)
+   {
+   for (i=0; i(int)len; i++)
+   BIO_printf(out, %02x,buf[i]);
+   BIO_printf(out,  *%s\n, file);
+   }
else
{
if (sig_name)

as you see I have just re-used the separator / sep variables which
avoids adding another parameter to do_fp(); however if we do it that way
then we should probably rename it to something like optoutput / optout ...

Günter.

--- dgst.c.orig	2009-04-26 14:16:12.0 +0200
+++ dgst.c	2009-09-29 01:19:39.0 +0200
@@ -155,6 +155,8 @@
 		if ((*argv)[0] != '-') break;
 		if (strcmp(*argv,-c) == 0)
 			separator=1;
+		if (strcmp(*argv,-r) == 0)
+			separator=2;
 		else if (strcmp(*argv,-rand) == 0)
 			{
 			if (--argc  1) break;
@@ -262,6 +264,7 @@
 		BIO_printf(bio_err,unknown option '%s'\n,*argv);
 		BIO_printf(bio_err,options are\n);
 		BIO_printf(bio_err,-c  to output the digest with separating colons\n);
+		BIO_printf(bio_err,-r  to output the digest in coreutils format\n);
 		BIO_printf(bio_err,-d  to output debug info\n);
 		BIO_printf(bio_err,-hexoutput as hex dump\n);
 		BIO_printf(bio_err,-binary output in binary form\n);
@@ -602,6 +605,12 @@
 		}
 
 	if(binout) BIO_write(out, buf, len);
+	else if (sep == 2)
+		{
+		for (i=0; i(int)len; i++)
+			BIO_printf(out, %02x,buf[i]);
+		BIO_printf(out,  *%s\n, file);
+		}
 	else 
 		{
 		if (sig_name)