On Sun, 1 Jun 2014, Brent Cook wrote:
> Since the random number generator no longer allows being seeded, remove
> support for parsing the unused -rand option and the unused random buffer
> variables. Better to fail than to be surprised when the RNG seed does not
> function as expected.
>
> This fixes compiler warnings about unused random seed variables.
Commited, thanks.
> ---
> src/apps/cms.c | 9 ---------
> src/apps/dgst.c | 8 ++------
> src/apps/dhparam.c | 10 +---------
> src/apps/dsaparam.c | 7 +------
> src/apps/ecparam.c | 9 +--------
> src/apps/gendh.c | 10 +---------
> src/apps/gendsa.c | 11 ++---------
> src/apps/genrsa.c | 9 ---------
> src/apps/pkcs12.c | 10 ----------
> src/apps/rand.c | 10 +---------
> src/apps/req.c | 9 ---------
> src/apps/s_client.c | 8 +-------
> src/apps/s_server.c | 7 -------
> src/apps/smime.c | 10 ----------
> src/apps/ts.c | 7 +------
> 15 files changed, 11 insertions(+), 123 deletions(-)
>
> diff --git a/src/apps/cms.c b/src/apps/cms.c
> index 56a7c95..76178b4 100644
> --- a/src/apps/cms.c
> +++ b/src/apps/cms.c
> @@ -127,7 +127,6 @@ cms_main(int argc, char **argv)
> char *to = NULL, *from = NULL, *subject = NULL;
> char *CAfile = NULL, *CApath = NULL;
> char *passargin = NULL, *passin = NULL;
> - char *inrand = NULL;
> const EVP_MD *sign_md = NULL;
> int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
> int rctformat = FORMAT_SMIME, keyform = FORMAT_PEM;
> @@ -315,11 +314,6 @@ cms_main(int argc, char **argv)
> BIO_printf(bio_err, "Invalid OID %s\n", *args);
> goto argerr;
> }
> - } else if (!strcmp(*args, "-rand")) {
> - if (!args[1])
> - goto argerr;
> - args++;
> - inrand = *args;
> }
> #ifndef OPENSSL_NO_ENGINE
> else if (!strcmp(*args, "-engine")) {
> @@ -553,9 +547,6 @@ argerr:
> BIO_printf(bio_err, "-engine e use engine e, possibly a
> hardware
> device.\n"); #endif
> BIO_printf(bio_err, "-passin arg input file pass phrase
> source\n");
> - BIO_printf(bio_err, "-rand file:file:...\n");
> - BIO_printf(bio_err, " load the file (or the files
> in the
> directory) into\n"); - BIO_printf(bio_err, " the
> random
> number generator\n"); BIO_printf(bio_err, "cert.pem recipient
> certificate(s) for encryption\n"); goto end;
> }
> diff --git a/src/apps/dgst.c b/src/apps/dgst.c
> index 23b7d40..a862da9 100644
> --- a/src/apps/dgst.c
> +++ b/src/apps/dgst.c
> @@ -116,7 +116,7 @@ dgst_main(int argc, char **argv)
> int debug = 0;
> int keyform = FORMAT_PEM;
> const char *outfile = NULL, *keyfile = NULL;
> - const char *sigfile = NULL, *randfile = NULL;
> + const char *sigfile = NULL;
> int out_bin = -1, want_pub = 0, do_verify = 0;
> EVP_PKEY *sigkey = NULL;
> unsigned char *sigbuf = NULL;
> @@ -151,11 +151,7 @@ dgst_main(int argc, char **argv)
> separator = 1;
> else if (strcmp(*argv, "-r") == 0)
> separator = 2;
> - else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - break;
> - randfile = *(++argv);
> - } else if (strcmp(*argv, "-out") == 0) {
> + else if (strcmp(*argv, "-out") == 0) {
> if (--argc < 1)
> break;
> outfile = *(++argv);
> diff --git a/src/apps/dhparam.c b/src/apps/dhparam.c
> index 3245e69..c35f902 100644
> --- a/src/apps/dhparam.c
> +++ b/src/apps/dhparam.c
> @@ -159,7 +159,6 @@ dhparam_main(int argc, char **argv)
> BIO *in = NULL, *out = NULL;
> int informat, outformat, check = 0, noout = 0, C = 0, ret = 1;
> char *infile, *outfile, *prog;
> - char *inrand = NULL;
> #ifndef OPENSSL_NO_ENGINE
> char *engine = NULL;
> #endif
> @@ -217,11 +216,7 @@ dhparam_main(int argc, char **argv)
> g = 2;
> else if (strcmp(*argv, "-5") == 0)
> g = 5;
> - else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - goto bad;
> - inrand = *(++argv);
> - } else if (((sscanf(*argv, "%d", &num) == 0) || (num <= 0)))
> + else if (((sscanf(*argv, "%d", &num) == 0) || (num <= 0)))
> goto bad;
> argv++;
> argc--;
> @@ -247,9 +242,6 @@ bad:
> #ifndef OPENSSL_NO_ENGINE
> BIO_printf(bio_err, " -engine e use engine e, possibly a
> hardware
> device.\n"); #endif
> - BIO_printf(bio_err, " -rand file:file:...\n");
> - BIO_printf(bio_err, " - load the file (or the
> files in the
> directory) into\n"); - BIO_printf(bio_err, " the
> random
> number generator\n"); BIO_printf(bio_err, " -noout no output\n");
> goto end;
> }
> diff --git a/src/apps/dsaparam.c b/src/apps/dsaparam.c
> index a4eb5b5..15f022d 100644
> --- a/src/apps/dsaparam.c
> +++ b/src/apps/dsaparam.c
> @@ -117,7 +117,7 @@ dsaparam_main(int argc, char **argv)
> int i, badops = 0, text = 0;
> BIO *in = NULL, *out = NULL;
> int informat, outformat, noout = 0, C = 0, ret = 1;
> - char *infile, *outfile, *prog, *inrand = NULL;
> + char *infile, *outfile, *prog;
> int numbits = -1, num, genkey = 0;
> #ifndef OPENSSL_NO_ENGINE
> char *engine = NULL;
> @@ -175,10 +175,6 @@ dsaparam_main(int argc, char **argv)
> C = 1;
> else if (strcmp(*argv, "-genkey") == 0) {
> genkey = 1;
> - } else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - goto bad;
> - inrand = *(++argv);
> } else if (strcmp(*argv, "-noout") == 0)
> noout = 1;
> else if (sscanf(*argv, "%d", &num) == 1) {
> @@ -205,7 +201,6 @@ bad:
> BIO_printf(bio_err, " -C Output C code\n");
> BIO_printf(bio_err, " -noout no output\n");
> BIO_printf(bio_err, " -genkey generate a DSA key\n");
> - BIO_printf(bio_err, " -rand files to use for random
> number
> input\n"); #ifndef OPENSSL_NO_ENGINE
> BIO_printf(bio_err, " -engine e use engine e, possibly a
> hardware
> device.\n"); #endif
> diff --git a/src/apps/ecparam.c b/src/apps/ecparam.c
> index e5c26c3..70824e5 100644
> --- a/src/apps/ecparam.c
> +++ b/src/apps/ecparam.c
> @@ -107,7 +107,6 @@
> * explicit
> * -no_seed - if 'explicit' parameters are chosen do not use the
> seed * -genkey - generate ec key
> - * -rand file - files to use for random number input
> * -engine e - use engine e, possibly a hardware device
> */
>
> @@ -124,7 +123,7 @@ ecparam_main(int argc, char **argv)
> int new_form = 0;
> int asn1_flag = OPENSSL_EC_NAMED_CURVE;
> int new_asn1_flag = 0;
> - char *curve_name = NULL, *inrand = NULL;
> + char *curve_name = NULL;
> int list_curves = 0, no_seed = 0, check = 0, badops = 0, text = 0,
> i, genkey = 0;
> char *infile = NULL, *outfile = NULL, *prog;
> @@ -204,10 +203,6 @@ ecparam_main(int argc, char **argv)
> noout = 1;
> else if (strcmp(*argv, "-genkey") == 0) {
> genkey = 1;
> - } else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - goto bad;
> - inrand = *(++argv);
> } else if (strcmp(*argv, "-engine") == 0) {
> if (--argc < 1)
> goto bad;
> @@ -266,8 +261,6 @@ bad:
> " use the seed\n");
> BIO_printf(bio_err, " -genkey generate ec"
> " key\n");
> - BIO_printf(bio_err, " -rand file files to use for"
> - " random number input\n");
> BIO_printf(bio_err, " -engine e use engine e, "
> "possibly a hardware device\n");
> goto end;
> diff --git a/src/apps/gendh.c b/src/apps/gendh.c
> index 53b0998..337529d 100644
> --- a/src/apps/gendh.c
> +++ b/src/apps/gendh.c
> @@ -97,7 +97,6 @@ gendh_main(int argc, char **argv)
> int ret = 1, num = DEFBITS;
> int g = 2;
> char *outfile = NULL;
> - char *inrand = NULL;
> #ifndef OPENSSL_NO_ENGINE
> char *engine = NULL;
> #endif
> @@ -131,11 +130,7 @@ gendh_main(int argc, char **argv)
> engine = *(++argv);
> }
> #endif
> - else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - goto bad;
> - inrand = *(++argv);
> - } else
> + else
> break;
> argv++;
> argc--;
> @@ -153,9 +148,6 @@ bad:
> #ifndef OPENSSL_NO_ENGINE
> BIO_printf(bio_err, " -engine e - use engine e, possibly a
> hardware
> device.\n"); #endif
> - BIO_printf(bio_err, " -rand file:file:...\n");
> - BIO_printf(bio_err, " - load the file (or the files
> in the
> directory) into\n"); - BIO_printf(bio_err, " the
> random number
> generator\n"); goto end;
> }
> #ifndef OPENSSL_NO_ENGINE
> diff --git a/src/apps/gendsa.c b/src/apps/gendsa.c
> index 86e03ed..14576c7 100644
> --- a/src/apps/gendsa.c
> +++ b/src/apps/gendsa.c
> @@ -85,7 +85,7 @@ gendsa_main(int argc, char **argv)
> DSA *dsa = NULL;
> int ret = 1;
> char *outfile = NULL;
> - char *inrand = NULL, *dsaparams = NULL;
> + char *dsaparams = NULL;
> char *passargout = NULL, *passout = NULL;
> BIO *out = NULL, *in = NULL;
> const EVP_CIPHER *enc = NULL;
> @@ -117,11 +117,7 @@ gendsa_main(int argc, char **argv)
> engine = *(++argv);
> }
> #endif
> - else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - goto bad;
> - inrand = *(++argv);
> - } else if (strcmp(*argv, "-") == 0)
> + else if (strcmp(*argv, "-") == 0)
> goto bad;
> #ifndef OPENSSL_NO_DES
> else if (strcmp(*argv, "-des") == 0)
> @@ -179,9 +175,6 @@ bad:
> #ifndef OPENSSL_NO_ENGINE
> BIO_printf(bio_err, " -engine e - use engine e, possibly a
> hardware
> device.\n"); #endif
> - BIO_printf(bio_err, " -rand file:file:...\n");
> - BIO_printf(bio_err, " - load the file (or the files
> in the
> directory) into\n"); - BIO_printf(bio_err, " the
> random number
> generator\n"); BIO_printf(bio_err, " dsaparam-file\n");
> BIO_printf(bio_err, " - a DSA parameter file as
> generated by
> the dsaparam command\n"); goto end;
> diff --git a/src/apps/genrsa.c b/src/apps/genrsa.c
> index 300b4b0..9481dc4 100644
> --- a/src/apps/genrsa.c
> +++ b/src/apps/genrsa.c
> @@ -106,7 +106,6 @@ genrsa_main(int argc, char **argv)
> #ifndef OPENSSL_NO_ENGINE
> char *engine = NULL;
> #endif
> - char *inrand = NULL;
> BIO *out = NULL;
> BIGNUM *bn = BN_new();
> RSA *rsa = NULL;
> @@ -143,11 +142,6 @@ genrsa_main(int argc, char **argv)
> engine = *(++argv);
> }
> #endif
> - else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - goto bad;
> - inrand = *(++argv);
> - }
> #ifndef OPENSSL_NO_DES
> else if (strcmp(*argv, "-des") == 0)
> enc = EVP_des_cbc();
> @@ -206,9 +200,6 @@ bad:
> #ifndef OPENSSL_NO_ENGINE
> BIO_printf(bio_err, " -engine e use engine e, possibly a
> hardware
> device.\n"); #endif
> - BIO_printf(bio_err, " -rand file:file:...\n");
> - BIO_printf(bio_err, " load the file (or the
> files in the
> directory) into\n"); - BIO_printf(bio_err, "
> the random
> number generator\n"); goto err;
> }
> ERR_load_crypto_strings();
> diff --git a/src/apps/pkcs12.c b/src/apps/pkcs12.c
> index f2f1e05..45cf59c 100644
> --- a/src/apps/pkcs12.c
> +++ b/src/apps/pkcs12.c
> @@ -124,7 +124,6 @@ pkcs12_main(int argc, char **argv)
> char *cpass = NULL, *mpass = NULL;
> char *passargin = NULL, *passargout = NULL, *passarg = NULL;
> char *passin = NULL, *passout = NULL;
> - char *inrand = NULL;
> char *macalg = NULL;
> char *CApath = NULL, *CAfile = NULL;
> #ifndef OPENSSL_NO_ENGINE
> @@ -214,12 +213,6 @@ pkcs12_main(int argc, char **argv)
> } else if (!strcmp(*args, "-keypbe")) {
> if (!set_pbe(bio_err, &key_pbe, *++args))
> badarg = 1;
> - } else if (!strcmp(*args, "-rand")) {
> - if (args[1]) {
> - args++;
> - inrand = *args;
> - } else
> - badarg = 1;
> } else if (!strcmp(*args, "-inkey")) {
> if (args[1]) {
> args++;
> @@ -364,9 +357,6 @@ pkcs12_main(int argc, char **argv)
> #ifndef OPENSSL_NO_ENGINE
> BIO_printf(bio_err, "-engine e use engine e, possibly a
> hardware
> device.\n"); #endif
> - BIO_printf(bio_err, "-rand file:file:...\n");
> - BIO_printf(bio_err, " load the file (or the files
> in the
> directory) into\n"); - BIO_printf(bio_err, " the
> random
> number generator\n"); BIO_printf(bio_err, "-CSP name Microsoft CSP
> name\n");
> BIO_printf(bio_err, "-LMK Add local machine keyset
> attribute to
> private key\n"); goto end;
> diff --git a/src/apps/rand.c b/src/apps/rand.c
> index 8606e0a..422dcef 100644
> --- a/src/apps/rand.c
> +++ b/src/apps/rand.c
> @@ -64,7 +64,6 @@
> #include <openssl/rand.h>
>
> /* -out file - write to file
> - * -rand file:file - PRNG seed files
> * -base64 - base64 encode output
> * -hex - hex encode output
> * num - write 'num' bytes
> @@ -78,7 +77,6 @@ rand_main(int argc, char **argv)
> int i, r, ret = 1;
> int badopt;
> char *outfile = NULL;
> - char *inrand = NULL;
> int base64 = 0;
> int hex = 0;
> BIO *out = NULL;
> @@ -107,12 +105,7 @@ rand_main(int argc, char **argv)
> badopt = 1;
> }
> #endif
> - else if (strcmp(argv[i], "-rand") == 0) {
> - if ((argv[i + 1] != NULL) && (inrand == NULL))
> - inrand = argv[++i];
> - else
> - badopt = 1;
> - } else if (strcmp(argv[i], "-base64") == 0) {
> + else if (strcmp(argv[i], "-base64") == 0) {
> if (!base64)
> base64 = 1;
> else
> @@ -146,7 +139,6 @@ rand_main(int argc, char **argv)
> #ifndef OPENSSL_NO_ENGINE
> BIO_printf(bio_err, "-engine e - use engine e,
> possibly a
> hardware device.\n"); #endif
> - BIO_printf(bio_err, "-rand file:file:... - seed PRNG from
> files\n");
> BIO_printf(bio_err, "-base64 - base64 encode
> output\n");
> BIO_printf(bio_err, "-hex - hex encode
> output\n");
> goto err;
> diff --git a/src/apps/req.c b/src/apps/req.c
> index 855f112..2e9154b 100644
> --- a/src/apps/req.c
> +++ b/src/apps/req.c
> @@ -115,7 +115,6 @@
> * -config file - Load configuration file.
> * -key file - make a request using key in file (or use it for
> verification). * -keyform arg - key file format.
> - * -rand file(s) - load the file(s) into the PRNG.
> * -newkey - make a key and a request.
> * -modulus - print RSA modulus.
> * -pubkey - output Public Key.
> @@ -179,7 +178,6 @@ req_main(int argc, char **argv)
> const EVP_CIPHER *cipher = NULL;
> ASN1_INTEGER *serial = NULL;
> int modulus = 0;
> - char *inrand = NULL;
> char *passargin = NULL, *passargout = NULL;
> char *passin = NULL, *passout = NULL;
> char *p;
> @@ -262,10 +260,6 @@ req_main(int argc, char **argv)
> if (--argc < 1)
> goto bad;
> passargout = *(++argv);
> - } else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - goto bad;
> - inrand = *(++argv);
> } else if (strcmp(*argv, "-newkey") == 0) {
> if (--argc < 1)
> goto bad;
> @@ -381,9 +375,6 @@ bad:
> BIO_printf(bio_err, " -key file use the private key
> contained in
> file\n"); BIO_printf(bio_err, " -keyform arg key file format\n");
> BIO_printf(bio_err, " -keyout arg file to send the key
> to\n");
> - BIO_printf(bio_err, " -rand file:file:...\n");
> - BIO_printf(bio_err, " load the file (or the
> files in the
> directory) into\n"); - BIO_printf(bio_err, "
> the random
> number generator\n"); BIO_printf(bio_err, " -newkey rsa:bits generate a new
> RSA key of 'bits' in size\n"); BIO_printf(bio_err, " -newkey dsa:file
> generate a new DSA key, parameters taken from CA in 'file'\n"); #ifndef
> OPENSSL_NO_ECDSA
> diff --git a/src/apps/s_client.c b/src/apps/s_client.c
> index 0720dc9..33e4d2a 100644
> --- a/src/apps/s_client.c
> +++ b/src/apps/s_client.c
> @@ -316,7 +316,6 @@ sc_usage(void)
> #ifndef OPENSSL_NO_ENGINE
> BIO_printf(bio_err, " -engine id - Initialise and use the specified
> engine\n"); #endif
> - BIO_printf(bio_err, " -rand file:file:...\n");
> BIO_printf(bio_err, " -sess_out arg - file to write SSL session to\n");
> BIO_printf(bio_err, " -sess_in arg - file to read SSL session from\n");
> #ifndef OPENSSL_NO_TLSEXT
> @@ -437,7 +436,6 @@ s_client_main(int argc, char **argv)
> const SSL_METHOD *meth = NULL;
> int socket_type = SOCK_STREAM;
> BIO *sbio;
> - char *inrand = NULL;
> int mbuf_len = 0;
> struct timeval timeout, *timeoutp;
> #ifndef OPENSSL_NO_ENGINE
> @@ -692,11 +690,7 @@ s_client_main(int argc, char **argv)
> ssl_client_engine_id = *(++argv);
> }
> #endif
> - else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - goto bad;
> - inrand = *(++argv);
> - } else if (strcmp(*argv, "-4") == 0) {
> + else if (strcmp(*argv, "-4") == 0) {
> af = AF_INET;
> } else if (strcmp(*argv, "-6") == 0) {
> af = AF_INET6;
> diff --git a/src/apps/s_server.c b/src/apps/s_server.c
> index fb28489..c81a69b 100644
> --- a/src/apps/s_server.c
> +++ b/src/apps/s_server.c
> @@ -455,7 +455,6 @@ sv_usage(void)
> BIO_printf(bio_err, " -engine id - Initialise and use the specified
> engine\n"); #endif
> BIO_printf(bio_err, " -id_prefix arg - Generate SSL/TLS session IDs
> prefixed by 'arg'\n"); - BIO_printf(bio_err, " -rand file:file:...\n");
> #ifndef OPENSSL_NO_TLSEXT
> BIO_printf(bio_err, " -servername host - servername for HostName TLS
> extension\n"); BIO_printf(bio_err, " -servername_fatal - on mismatch send
> fatal alert (default warning alert)\n"); @@ -696,7 +695,6 @@
> s_server_main(int argc, char *argv[])
> const SSL_METHOD *meth = NULL;
> int socket_type = SOCK_STREAM;
> ENGINE *e = NULL;
> - char *inrand = NULL;
> int s_cert_format = FORMAT_PEM, s_key_format = FORMAT_PEM;
> char *passarg = NULL, *pass = NULL;
> char *dpassarg = NULL, *dpass = NULL;
> @@ -969,11 +967,6 @@ s_server_main(int argc, char *argv[])
> engine_id = *(++argv);
> }
> #endif
> - else if (strcmp(*argv, "-rand") == 0) {
> - if (--argc < 1)
> - goto bad;
> - inrand = *(++argv);
> - }
> #ifndef OPENSSL_NO_TLSEXT
> else if (strcmp(*argv, "-servername") == 0) {
> if (--argc < 1)
> diff --git a/src/apps/smime.c b/src/apps/smime.c
> index fe5d0f5..3c3fa9d 100644
> --- a/src/apps/smime.c
> +++ b/src/apps/smime.c
> @@ -108,7 +108,6 @@ smime_main(int argc, char **argv)
> char *to = NULL, *from = NULL, *subject = NULL;
> char *CAfile = NULL, *CApath = NULL;
> char *passargin = NULL, *passin = NULL;
> - char *inrand = NULL;
> int indef = 0;
> const EVP_MD *sign_md = NULL;
> int informat = FORMAT_SMIME, outformat = FORMAT_SMIME;
> @@ -198,12 +197,6 @@ smime_main(int argc, char **argv)
> flags |= PKCS7_NOOLDMIMETYPE;
> else if (!strcmp(*args, "-crlfeol"))
> flags |= PKCS7_CRLFEOL;
> - else if (!strcmp(*args, "-rand")) {
> - if (!args[1])
> - goto argerr;
> - args++;
> - inrand = *args;
> - }
> #ifndef OPENSSL_NO_ENGINE
> else if (!strcmp(*args, "-engine")) {
> if (!args[1])
> @@ -412,9 +405,6 @@ argerr:
> BIO_printf(bio_err, "-engine e use engine e, possibly a
> hardware
> device.\n"); #endif
> BIO_printf(bio_err, "-passin arg input file pass phrase
> source\n");
> - BIO_printf(bio_err, "-rand file:file:...\n");
> - BIO_printf(bio_err, " load the file (or the files
> in the
> directory) into\n"); - BIO_printf(bio_err, " the
> random
> number generator\n"); BIO_printf(bio_err, "cert.pem recipient
> certificate(s) for encryption\n"); goto end;
> }
> diff --git a/src/apps/ts.c b/src/apps/ts.c
> index df2e179..403e99b 100644
> --- a/src/apps/ts.c
> +++ b/src/apps/ts.c
> @@ -133,7 +133,6 @@ ts_main(int argc, char **argv)
> char *data = NULL;
> char *digest = NULL;
> const EVP_MD *md = NULL;
> - char *rnd = NULL;
> char *policy = NULL;
> int no_nonce = 0;
> int cert = 0;
> @@ -181,10 +180,6 @@ ts_main(int argc, char **argv)
> if (argc-- < 1)
> goto usage;
> digest = *++argv;
> - } else if (strcmp(*argv, "-rand") == 0) {
> - if (argc-- < 1)
> - goto usage;
> - rnd = *++argv;
> } else if (strcmp(*argv, "-policy") == 0) {
> if (argc-- < 1)
> goto usage;
> @@ -315,7 +310,7 @@ ts_main(int argc, char **argv)
>
> usage:
> BIO_printf(bio_err, "usage:\n"
> - "ts -query [-rand file:file:...] [-config configfile] "
> + "ts -query [-config configfile] "
> "[-data file_to_hash] [-digest digest_bytes]"
> "[-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] "
> "[-policy object_id] [-no_nonce] [-cert] "
--
"Action without study is fatal. Study without action is futile."
-- Mary Ritter Beard
