Google Git
Sign in
flutter / third_party / openssl / 2adc929367129a845ae2aa8358e645d4dbb9c624 / . / apps / apps.c
blob: 4aeabdfa38189f5e5c62cb2858269a851a9ca2cf [file] [log] [blame]
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]1/* apps/apps.c */
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62#include <sys/types.h>
63#include <sys/stat.h>
64#define NON_MAIN
65#include "apps.h"
66#undef NON_MAIN
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]67#include <openssl/err.h>
68#include <openssl/x509.h>
Dr. Stephen Henson535d79d2001-03-15 19:13:40 +0000[diff] [blame]69#include <openssl/x509v3.h>
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]70#include <openssl/pem.h>
71#include <openssl/pkcs12.h>
72#include <openssl/safestack.h>
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]73
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]74#ifdef OPENSSL_SYS_WINDOWS
Richard Levitte19f21922001-02-22 14:21:06 +0000[diff] [blame]75#define strcasecmp _stricmp
76#else
77#include <strings.h>
78#endif
79
80#ifdef OPENSSL_SYS_WINDOWS
Ralf S. Engelschall58964a41998-12-21 10:56:39 +0000[diff] [blame]81# include "bss_file.c"
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]82#endif
83
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]84typedef struct {
85 char *name;
86 unsigned long flag;
87 unsigned long mask;
88} NAME_EX_TBL;
89
90static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl);
Dr. Stephen Henson535d79d2001-03-15 19:13:40 +0000[diff] [blame]91static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl);
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]92
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]93int app_init(long mesgwin);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]94#ifdef undef /* never finished - probably never will be :-) */
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]95int args_from_file(char *file, int *argc, char **argv[])
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]96 {
97 FILE *fp;
98 int num,i;
99 unsigned int len;
100 static char *buf=NULL;
101 static char **arg=NULL;
102 char *p;
103 struct stat stbuf;
104
105 if (stat(file,&stbuf) < 0) return(0);
106
107 fp=fopen(file,"r");
108 if (fp == NULL)
109 return(0);
110
111 *argc=0;
112 *argv=NULL;
113
114 len=(unsigned int)stbuf.st_size;
Richard Levitte26a3a482000-06-01 22:19:21 +0000[diff] [blame]115 if (buf != NULL) OPENSSL_free(buf);
116 buf=(char *)OPENSSL_malloc(len+1);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]117 if (buf == NULL) return(0);
118
119 len=fread(buf,1,len,fp);
120 if (len <= 1) return(0);
121 buf[len]='\0';
122
123 i=0;
124 for (p=buf; *p; p++)
125 if (*p == '\n') i++;
Richard Levitte26a3a482000-06-01 22:19:21 +0000[diff] [blame]126 if (arg != NULL) OPENSSL_free(arg);
127 arg=(char **)OPENSSL_malloc(sizeof(char *)*(i*2));
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]128
129 *argv=arg;
130 num=0;
131 p=buf;
132 for (;;)
133 {
134 if (!*p) break;
135 if (*p == '#') /* comment line */
136 {
137 while (*p && (*p != '\n')) p++;
138 continue;
139 }
140 /* else we have a line */
141 *(arg++)=p;
142 num++;
143 while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
144 p++;
145 if (!*p) break;
146 if (*p == '\n')
147 {
148 *(p++)='\0';
149 continue;
150 }
151 /* else it is a tab or space */
152 p++;
153 while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
154 p++;
155 if (!*p) break;
156 if (*p == '\n')
157 {
158 p++;
159 continue;
160 }
161 *(arg++)=p++;
162 num++;
163 while (*p && (*p != '\n')) p++;
164 if (!*p) break;
165 /* else *p == '\n' */
166 *(p++)='\0';
167 }
168 *argc=num;
169 return(1);
170 }
171#endif
172
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]173int str2fmt(char *s)
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]174 {
175 if ((*s == 'D') || (*s == 'd'))
176 return(FORMAT_ASN1);
177 else if ((*s == 'T') || (*s == 't'))
178 return(FORMAT_TEXT);
179 else if ((*s == 'P') || (*s == 'p'))
180 return(FORMAT_PEM);
181 else if ((*s == 'N') || (*s == 'n'))
182 return(FORMAT_NETSCAPE);
Dr. Stephen Henson094fe662000-07-10 18:33:05 +0000[diff] [blame]183 else if ((*s == 'S') || (*s == 's'))
184 return(FORMAT_SMIME);
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]185 else if ((*s == '1')
186 || (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0)
187 || (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0))
188 return(FORMAT_PKCS12);
Richard Levitte5270e702000-10-26 21:07:28 +0000[diff] [blame]189 else if ((*s == 'E') || (*s == 'e'))
190 return(FORMAT_ENGINE);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]191 else
192 return(FORMAT_UNDEF);
193 }
194
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]195#if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN16)
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]196void program_name(char *in, char *out, int size)
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]197 {
198 int i,n;
199 char *p=NULL;
200
201 n=strlen(in);
202 /* find the last '/', '\' or ':' */
203 for (i=n-1; i>0; i--)
204 {
205 if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':'))
206 {
207 p= &(in[i+1]);
208 break;
209 }
210 }
211 if (p == NULL)
212 p=in;
213 n=strlen(p);
214 /* strip off trailing .exe if present. */
215 if ((n > 4) && (p[n-4] == '.') &&
216 ((p[n-3] == 'e') || (p[n-3] == 'E')) &&
217 ((p[n-2] == 'x') || (p[n-2] == 'X')) &&
218 ((p[n-1] == 'e') || (p[n-1] == 'E')))
219 n-=4;
220 if (n > size-1)
221 n=size-1;
222
223 for (i=0; i<n; i++)
224 {
225 if ((p[i] >= 'A') && (p[i] <= 'Z'))
226 out[i]=p[i]-'A'+'a';
227 else
228 out[i]=p[i];
229 }
230 out[n]='\0';
231 }
232#else
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]233#ifdef OPENSSL_SYS_VMS
Ulf Möller7d7d2cb1999-05-13 11:37:32 +0000[diff] [blame]234void program_name(char *in, char *out, int size)
235 {
236 char *p=in, *q;
237 char *chars=":]>";
238
239 while(*chars != '\0')
240 {
241 q=strrchr(p,*chars);
242 if (q > p)
243 p = q + 1;
244 chars++;
245 }
246
247 q=strrchr(p,'.');
248 if (q == NULL)
249 q = in+size;
250 strncpy(out,p,q-p);
251 out[q-p]='\0';
252 }
253#else
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]254void program_name(char *in, char *out, int size)
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]255 {
256 char *p;
257
258 p=strrchr(in,'/');
259 if (p != NULL)
260 p++;
261 else
262 p=in;
263 strncpy(out,p,size-1);
264 out[size-1]='\0';
265 }
266#endif
Ulf Möller7d7d2cb1999-05-13 11:37:32 +0000[diff] [blame]267#endif
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]268
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]269#ifdef OPENSSL_SYS_WIN32
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]270int WIN32_rename(char *from, char *to)
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]271 {
Richard Levittebc36ee62001-02-20 08:13:47 +0000[diff] [blame]272#ifdef OPENSSL_SYS_WINNT
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]273 int ret;
Dr. Stephen Hensona5ab0531999-05-08 22:46:51 +0000[diff] [blame]274/* Note: MoveFileEx() doesn't work under Win95, Win98 */
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]275
276 ret=MoveFileEx(from,to,MOVEFILE_REPLACE_EXISTING|MOVEFILE_COPY_ALLOWED);
277 return(ret?0:-1);
Dr. Stephen Hensona5ab0531999-05-08 22:46:51 +0000[diff] [blame]278#else
Bodo Möllerb1c4fe31999-06-07 20:26:51 +0000[diff] [blame]279 unlink(to);
280 return MoveFile(from, to);
Dr. Stephen Hensona5ab0531999-05-08 22:46:51 +0000[diff] [blame]281#endif
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]282 }
283#endif
284
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]285int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]286 {
287 int num,len,i;
288 char *p;
289
290 *argc=0;
291 *argv=NULL;
292
293 len=strlen(buf);
294 i=0;
295 if (arg->count == 0)
296 {
297 arg->count=20;
Richard Levitte26a3a482000-06-01 22:19:21 +0000[diff] [blame]298 arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count);
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]299 }
300 for (i=0; i<arg->count; i++)
301 arg->data[i]=NULL;
302
303 num=0;
304 p=buf;
305 for (;;)
306 {
307 /* first scan over white space */
308 if (!*p) break;
309 while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
310 p++;
311 if (!*p) break;
312
313 /* The start of something good :-) */
314 if (num >= arg->count)
315 {
316 arg->count+=20;
Richard Levitte26a3a482000-06-01 22:19:21 +0000[diff] [blame]317 arg->data=(char **)OPENSSL_realloc(arg->data,
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]318 sizeof(char *)*arg->count);
319 if (argc == 0) return(0);
320 }
321 arg->data[num++]=p;
322
323 /* now look for the end of this */
324 if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */
325 {
326 i= *(p++);
327 arg->data[num-1]++; /* jump over quote */
328 while (*p && (*p != i))
329 p++;
330 *p='\0';
331 }
332 else
333 {
334 while (*p && ((*p != ' ') &&
335 (*p != '\t') && (*p != '\n')))
336 p++;
337
338 if (*p == '\0')
339 p--;
340 else
341 *p='\0';
342 }
343 p++;
344 }
345 *argc=num;
346 *argv=arg->data;
347 return(1);
348 }
349
350#ifndef APP_INIT
Ulf Möller6b691a51999-04-19 21:31:43 +0000[diff] [blame]351int app_init(long mesgwin)
Ralf S. Engelschalld02b48c1998-12-21 10:52:47 +0000[diff] [blame]352 {
353 return(1);
354 }
355#endif
Dr. Stephen Henson53b18991999-11-11 13:58:41 +0000[diff] [blame]356
Dr. Stephen Hensona3fe3822000-02-16 23:16:01 +0000[diff] [blame]357
Dr. Stephen Henson954ef7e1999-11-12 01:42:25 +0000[diff] [blame]358int dump_cert_text (BIO *out, X509 *x)
359{
360 char buf[256];
361 X509_NAME_oneline(X509_get_subject_name(x),buf,256);
362 BIO_puts(out,"subject=");
363 BIO_puts(out,buf);
364
365 X509_NAME_oneline(X509_get_issuer_name(x),buf,256);
366 BIO_puts(out,"\nissuer= ");
367 BIO_puts(out,buf);
368 BIO_puts(out,"\n");
369 return 0;
370}
Dr. Stephen Hensona3fe3822000-02-16 23:16:01 +0000[diff] [blame]371
372static char *app_get_pass(BIO *err, char *arg, int keepbio);
373
374int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2)
375{
376 int same;
377 if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0;
378 else same = 1;
379 if(arg1) {
380 *pass1 = app_get_pass(err, arg1, same);
381 if(!*pass1) return 0;
382 } else if(pass1) *pass1 = NULL;
383 if(arg2) {
384 *pass2 = app_get_pass(err, arg2, same ? 2 : 0);
385 if(!*pass2) return 0;
386 } else if(pass2) *pass2 = NULL;
387 return 1;
388}
389
390static char *app_get_pass(BIO *err, char *arg, int keepbio)
391{
392 char *tmp, tpass[APP_PASS_LEN];
393 static BIO *pwdbio = NULL;
394 int i;
395 if(!strncmp(arg, "pass:", 5)) return BUF_strdup(arg + 5);
396 if(!strncmp(arg, "env:", 4)) {
397 tmp = getenv(arg + 4);
398 if(!tmp) {
399 BIO_printf(err, "Can't read environment variable %s\n", arg + 4);
400 return NULL;
401 }
402 return BUF_strdup(tmp);
403 }
404 if(!keepbio || !pwdbio) {
405 if(!strncmp(arg, "file:", 5)) {
406 pwdbio = BIO_new_file(arg + 5, "r");
407 if(!pwdbio) {
408 BIO_printf(err, "Can't open file %s\n", arg + 5);
409 return NULL;
410 }
411 } else if(!strncmp(arg, "fd:", 3)) {
412 BIO *btmp;
413 i = atoi(arg + 3);
414 if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
415 if((i < 0) || !pwdbio) {
416 BIO_printf(err, "Can't access file descriptor %s\n", arg + 3);
417 return NULL;
418 }
419 /* Can't do BIO_gets on an fd BIO so add a buffering BIO */
420 btmp = BIO_new(BIO_f_buffer());
421 pwdbio = BIO_push(btmp, pwdbio);
422 } else if(!strcmp(arg, "stdin")) {
423 pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
424 if(!pwdbio) {
425 BIO_printf(err, "Can't open BIO for stdin\n");
426 return NULL;
427 }
428 } else {
429 BIO_printf(err, "Invalid password argument \"%s\"\n", arg);
430 return NULL;
431 }
432 }
433 i = BIO_gets(pwdbio, tpass, APP_PASS_LEN);
434 if(keepbio != 1) {
435 BIO_free_all(pwdbio);
436 pwdbio = NULL;
437 }
438 if(i <= 0) {
439 BIO_printf(err, "Error reading password from BIO\n");
440 return NULL;
441 }
442 tmp = strchr(tpass, '\n');
443 if(tmp) *tmp = 0;
444 return BUF_strdup(tpass);
445}
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]446
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]447int add_oid_section(BIO *err, LHASH *conf)
448{
449 char *p;
450 STACK_OF(CONF_VALUE) *sktmp;
451 CONF_VALUE *cnf;
452 int i;
Bodo Möller2c0d1012000-12-15 16:59:49 +0000[diff] [blame]453 if(!(p=CONF_get_string(conf,NULL,"oid_section")))
454 {
455 ERR_clear_error();
456 return 1;
457 }
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]458 if(!(sktmp = CONF_get_section(conf, p))) {
459 BIO_printf(err, "problem loading oid section %s\n", p);
460 return 0;
461 }
462 for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
463 cnf = sk_CONF_VALUE_value(sktmp, i);
464 if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
465 BIO_printf(err, "problem creating object %s=%s\n",
466 cnf->name, cnf->value);
467 return 0;
468 }
469 }
470 return 1;
471}
472
473X509 *load_cert(BIO *err, char *file, int format)
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]474 {
475 ASN1_HEADER *ah=NULL;
476 BUF_MEM *buf=NULL;
477 X509 *x=NULL;
478 BIO *cert;
479
480 if ((cert=BIO_new(BIO_s_file())) == NULL)
481 {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]482 ERR_print_errors(err);
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]483 goto end;
484 }
485
486 if (file == NULL)
Bodo Möller620cea32001-02-10 13:12:35 +0000[diff] [blame]487 {
488 setvbuf(stdin, NULL, _IONBF, 0);
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]489 BIO_set_fp(cert,stdin,BIO_NOCLOSE);
Bodo Möller620cea32001-02-10 13:12:35 +0000[diff] [blame]490 }
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]491 else
492 {
493 if (BIO_read_filename(cert,file) <= 0)
494 {
495 perror(file);
496 goto end;
497 }
498 }
499
500 if (format == FORMAT_ASN1)
501 x=d2i_X509_bio(cert,NULL);
502 else if (format == FORMAT_NETSCAPE)
503 {
504 unsigned char *p,*op;
505 int size=0,i;
506
507 /* We sort of have to do it this way because it is sort of nice
508 * to read the header first and check it, then
509 * try to read the certificate */
510 buf=BUF_MEM_new();
511 for (;;)
512 {
513 if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
514 goto end;
515 i=BIO_read(cert,&(buf->data[size]),1024*10);
516 size+=i;
517 if (i == 0) break;
518 if (i < 0)
519 {
520 perror("reading certificate");
521 goto end;
522 }
523 }
524 p=(unsigned char *)buf->data;
525 op=p;
526
527 /* First load the header */
528 if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL)
529 goto end;
530 if ((ah->header == NULL) || (ah->header->data == NULL) ||
531 (strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data,
532 ah->header->length) != 0))
533 {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]534 BIO_printf(err,"Error reading header on certificate\n");
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]535 goto end;
536 }
537 /* header is ok, so now read the object */
538 p=op;
539 ah->meth=X509_asn1_meth();
540 if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL)
541 goto end;
542 x=(X509 *)ah->data;
543 ah->data=NULL;
544 }
545 else if (format == FORMAT_PEM)
546 x=PEM_read_bio_X509_AUX(cert,NULL,NULL,NULL);
547 else if (format == FORMAT_PKCS12)
548 {
549 PKCS12 *p12 = d2i_PKCS12_bio(cert, NULL);
550
551 PKCS12_parse(p12, NULL, NULL, &x, NULL);
552 PKCS12_free(p12);
553 p12 = NULL;
554 }
555 else {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]556 BIO_printf(err,"bad input format specified for input cert\n");
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]557 goto end;
558 }
559end:
560 if (x == NULL)
561 {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]562 BIO_printf(err,"unable to load certificate\n");
563 ERR_print_errors(err);
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]564 }
565 if (ah != NULL) ASN1_HEADER_free(ah);
566 if (cert != NULL) BIO_free(cert);
567 if (buf != NULL) BUF_MEM_free(buf);
568 return(x);
569 }
570
Richard Levitte32d862e2000-10-28 22:40:40 +0000[diff] [blame]571EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass, ENGINE *e)
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]572 {
573 BIO *key=NULL;
574 EVP_PKEY *pkey=NULL;
575
576 if (file == NULL)
577 {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]578 BIO_printf(err,"no keyfile specified\n");
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]579 goto end;
580 }
Richard Levitte32d862e2000-10-28 22:40:40 +0000[diff] [blame]581 if (format == FORMAT_ENGINE)
582 {
583 if (!e)
584 BIO_printf(bio_err,"no engine specified\n");
585 else
586 pkey = ENGINE_load_private_key(e, file, pass);
587 goto end;
588 }
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]589 key=BIO_new(BIO_s_file());
590 if (key == NULL)
591 {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]592 ERR_print_errors(err);
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]593 goto end;
594 }
595 if (BIO_read_filename(key,file) <= 0)
596 {
597 perror(file);
598 goto end;
599 }
600 if (format == FORMAT_ASN1)
601 {
602 pkey=d2i_PrivateKey_bio(key, NULL);
603 }
604 else if (format == FORMAT_PEM)
605 {
606 pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass);
607 }
608 else if (format == FORMAT_PKCS12)
609 {
610 PKCS12 *p12 = d2i_PKCS12_bio(key, NULL);
611
612 PKCS12_parse(p12, pass, &pkey, NULL, NULL);
613 PKCS12_free(p12);
614 p12 = NULL;
615 }
616 else
617 {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]618 BIO_printf(err,"bad input format specified for key\n");
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]619 goto end;
620 }
621 end:
622 if (key != NULL) BIO_free(key);
623 if (pkey == NULL)
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]624 BIO_printf(err,"unable to load Private Key\n");
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]625 return(pkey);
626 }
627
Richard Levitte32d862e2000-10-28 22:40:40 +0000[diff] [blame]628EVP_PKEY *load_pubkey(BIO *err, char *file, int format, ENGINE *e)
Dr. Stephen Hensonbd08a2b2000-09-03 23:13:48 +0000[diff] [blame]629 {
630 BIO *key=NULL;
631 EVP_PKEY *pkey=NULL;
632
633 if (file == NULL)
634 {
635 BIO_printf(err,"no keyfile specified\n");
636 goto end;
637 }
Richard Levitte32d862e2000-10-28 22:40:40 +0000[diff] [blame]638 if (format == FORMAT_ENGINE)
639 {
640 if (!e)
641 BIO_printf(bio_err,"no engine specified\n");
642 else
643 pkey = ENGINE_load_public_key(e, file, NULL);
644 goto end;
645 }
Dr. Stephen Hensonbd08a2b2000-09-03 23:13:48 +0000[diff] [blame]646 key=BIO_new(BIO_s_file());
647 if (key == NULL)
648 {
649 ERR_print_errors(err);
650 goto end;
651 }
652 if (BIO_read_filename(key,file) <= 0)
653 {
654 perror(file);
655 goto end;
656 }
657 if (format == FORMAT_ASN1)
658 {
659 pkey=d2i_PUBKEY_bio(key, NULL);
660 }
661 else if (format == FORMAT_PEM)
662 {
663 pkey=PEM_read_bio_PUBKEY(key,NULL,NULL,NULL);
664 }
665 else
666 {
667 BIO_printf(err,"bad input format specified for key\n");
668 goto end;
669 }
670 end:
671 if (key != NULL) BIO_free(key);
672 if (pkey == NULL)
673 BIO_printf(err,"unable to load Public Key\n");
674 return(pkey);
675 }
676
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]677STACK_OF(X509) *load_certs(BIO *err, char *file, int format)
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]678 {
679 BIO *certs;
680 int i;
681 STACK_OF(X509) *othercerts = NULL;
682 STACK_OF(X509_INFO) *allcerts = NULL;
683 X509_INFO *xi;
684
685 if((certs = BIO_new(BIO_s_file())) == NULL)
686 {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]687 ERR_print_errors(err);
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]688 goto end;
689 }
690
691 if (file == NULL)
692 BIO_set_fp(certs,stdin,BIO_NOCLOSE);
693 else
694 {
695 if (BIO_read_filename(certs,file) <= 0)
696 {
697 perror(file);
698 goto end;
699 }
700 }
701
702 if (format == FORMAT_PEM)
703 {
Richard Levitte62324622000-09-17 18:21:27 +0000[diff] [blame]704 othercerts = sk_X509_new_null();
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]705 if(!othercerts)
706 {
707 sk_X509_free(othercerts);
708 othercerts = NULL;
709 goto end;
710 }
711 allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
712 for(i = 0; i < sk_X509_INFO_num(allcerts); i++)
713 {
714 xi = sk_X509_INFO_value (allcerts, i);
715 if (xi->x509)
716 {
717 sk_X509_push(othercerts, xi->x509);
718 xi->x509 = NULL;
719 }
720 }
721 goto end;
722 }
723 else {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]724 BIO_printf(err,"bad input format specified for input cert\n");
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]725 goto end;
726 }
727end:
728 if (othercerts == NULL)
729 {
Richard Levitte431b0cc2000-06-22 22:07:27 +0000[diff] [blame]730 BIO_printf(err,"unable to load certificates\n");
731 ERR_print_errors(err);
Richard Levitte90ae4672000-06-22 17:42:50 +0000[diff] [blame]732 }
733 if (allcerts) sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
734 if (certs != NULL) BIO_free(certs);
735 return(othercerts);
736 }
737
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]738
739#define X509V3_EXT_UNKNOWN_MASK (0xfL << 16)
740/* Return error for unknown extensions */
741#define X509V3_EXT_DEFAULT 0
742/* Print error for unknown extensions */
743#define X509V3_EXT_ERROR_UNKNOWN (1L << 16)
744/* ASN1 parse unknown extensions */
745#define X509V3_EXT_PARSE_UNKNOWN (2L << 16)
746/* BIO_dump unknown extensions */
747#define X509V3_EXT_DUMP_UNKNOWN (3L << 16)
748
Dr. Stephen Henson535d79d2001-03-15 19:13:40 +0000[diff] [blame]749#define X509_FLAG_CA (X509_FLAG_NO_ISSUER | X509_FLAG_NO_PUBKEY | \
750 X509_FLAG_NO_HEADER | X509_FLAG_NO_VERSION)
751
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]752int set_cert_ex(unsigned long *flags, const char *arg)
753{
754 static const NAME_EX_TBL cert_tbl[] = {
755 { "compatible", X509_FLAG_COMPAT, 0xffffffffl},
Dr. Stephen Henson535d79d2001-03-15 19:13:40 +0000[diff] [blame]756 { "ca_default", X509_FLAG_CA, 0xffffffffl},
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]757 { "no_header", X509_FLAG_NO_HEADER, 0},
758 { "no_version", X509_FLAG_NO_VERSION, 0},
759 { "no_serial", X509_FLAG_NO_SERIAL, 0},
760 { "no_signame", X509_FLAG_NO_SIGNAME, 0},
761 { "no_validity", X509_FLAG_NO_VALIDITY, 0},
762 { "no_subject", X509_FLAG_NO_SUBJECT, 0},
Dr. Stephen Henson0a3ea5d2001-03-15 01:15:54 +0000[diff] [blame]763 { "no_issuer", X509_FLAG_NO_ISSUER, 0},
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]764 { "no_pubkey", X509_FLAG_NO_PUBKEY, 0},
765 { "no_extensions", X509_FLAG_NO_EXTENSIONS, 0},
766 { "no_sigdump", X509_FLAG_NO_SIGDUMP, 0},
767 { "no_aux", X509_FLAG_NO_AUX, 0},
768 { "ext_default", X509V3_EXT_DEFAULT, X509V3_EXT_UNKNOWN_MASK},
769 { "ext_error", X509V3_EXT_ERROR_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
770 { "ext_parse", X509V3_EXT_PARSE_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
771 { "ext_dump", X509V3_EXT_DUMP_UNKNOWN, X509V3_EXT_UNKNOWN_MASK},
772 { NULL, 0, 0}
773 };
Dr. Stephen Henson535d79d2001-03-15 19:13:40 +0000[diff] [blame]774 return set_multi_opts(flags, arg, cert_tbl);
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]775}
Dr. Stephen Hensona6575462000-07-28 01:58:15 +0000[diff] [blame]776
777int set_name_ex(unsigned long *flags, const char *arg)
778{
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]779 static const NAME_EX_TBL ex_tbl[] = {
Dr. Stephen Hensona6575462000-07-28 01:58:15 +0000[diff] [blame]780 { "esc_2253", ASN1_STRFLGS_ESC_2253, 0},
781 { "esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0},
782 { "esc_msb", ASN1_STRFLGS_ESC_MSB, 0},
783 { "use_quote", ASN1_STRFLGS_ESC_QUOTE, 0},
784 { "utf8", ASN1_STRFLGS_UTF8_CONVERT, 0},
Dr. Stephen Hensonbd4e1522000-07-30 01:27:59 +0000[diff] [blame]785 { "ignore_type", ASN1_STRFLGS_IGNORE_TYPE, 0},
786 { "show_type", ASN1_STRFLGS_SHOW_TYPE, 0},
Dr. Stephen Hensona6575462000-07-28 01:58:15 +0000[diff] [blame]787 { "dump_all", ASN1_STRFLGS_DUMP_ALL, 0},
788 { "dump_nostr", ASN1_STRFLGS_DUMP_UNKNOWN, 0},
789 { "dump_der", ASN1_STRFLGS_DUMP_DER, 0},
790 { "compat", XN_FLAG_COMPAT, 0xffffffffL},
791 { "sep_comma_plus", XN_FLAG_SEP_COMMA_PLUS, XN_FLAG_SEP_MASK},
792 { "sep_comma_plus_space", XN_FLAG_SEP_CPLUS_SPC, XN_FLAG_SEP_MASK},
793 { "sep_semi_plus_space", XN_FLAG_SEP_SPLUS_SPC, XN_FLAG_SEP_MASK},
794 { "sep_multiline", XN_FLAG_SEP_MULTILINE, XN_FLAG_SEP_MASK},
795 { "dn_rev", XN_FLAG_DN_REV, 0},
796 { "nofname", XN_FLAG_FN_NONE, XN_FLAG_FN_MASK},
797 { "sname", XN_FLAG_FN_SN, XN_FLAG_FN_MASK},
798 { "lname", XN_FLAG_FN_LN, XN_FLAG_FN_MASK},
Dr. Stephen Hensone890dcd2001-03-15 22:45:20 +0000[diff] [blame]799 { "align", XN_FLAG_FN_ALIGN, 0},
Dr. Stephen Hensona6575462000-07-28 01:58:15 +0000[diff] [blame]800 { "oid", XN_FLAG_FN_OID, XN_FLAG_FN_MASK},
801 { "space_eq", XN_FLAG_SPC_EQ, 0},
802 { "dump_unknown", XN_FLAG_DUMP_UNKNOWN_FIELDS, 0},
803 { "RFC2253", XN_FLAG_RFC2253, 0xffffffffL},
804 { "oneline", XN_FLAG_ONELINE, 0xffffffffL},
805 { "multiline", XN_FLAG_MULTILINE, 0xffffffffL},
Dr. Stephen Henson535d79d2001-03-15 19:13:40 +0000[diff] [blame]806 { "ca_default", XN_FLAG_MULTILINE, 0xffffffffL},
Dr. Stephen Hensona6575462000-07-28 01:58:15 +0000[diff] [blame]807 { NULL, 0, 0}
808 };
Dr. Stephen Henson535d79d2001-03-15 19:13:40 +0000[diff] [blame]809 return set_multi_opts(flags, arg, ex_tbl);
810}
811
Dr. Stephen Henson791bd0c2001-03-16 02:04:17 +0000[diff] [blame]812int set_ext_copy(int *copy_type, const char *arg)
813{
814 if (!strcasecmp(arg, "none"))
815 *copy_type = EXT_COPY_NONE;
816 else if (!strcasecmp(arg, "copy"))
817 *copy_type = EXT_COPY_ADD;
818 else if (!strcasecmp(arg, "copyall"))
819 *copy_type = EXT_COPY_ALL;
820 else
821 return 0;
822 return 1;
823}
824
825int copy_extensions(X509 *x, X509_REQ *req, int copy_type)
826{
827 STACK_OF(X509_EXTENSION) *exts = NULL;
828 X509_EXTENSION *ext, *tmpext;
829 ASN1_OBJECT *obj;
830 int i, idx, ret = 0;
831 if (!x || !req || (copy_type == EXT_COPY_NONE))
832 return 1;
833 exts = X509_REQ_get_extensions(req);
834
835 for(i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
836 ext = sk_X509_EXTENSION_value(exts, i);
837 obj = X509_EXTENSION_get_object(ext);
838 idx = X509_get_ext_by_OBJ(x, obj, -1);
839 /* Does extension exist? */
840 if (idx != -1) {
841 /* If normal copy don't override existing extension */
842 if (copy_type == EXT_COPY_ADD)
843 continue;
844 /* Delete all extensions of same type */
845 do {
846 tmpext = X509_get_ext(x, idx);
847 X509_delete_ext(x, idx);
848 X509_EXTENSION_free(tmpext);
849 idx = X509_get_ext_by_OBJ(x, obj, -1);
850 } while (idx != -1);
851 }
852 if (!X509_add_ext(x, ext, -1))
853 goto end;
854 }
855
856 ret = 1;
857
858 end:
859
860 sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
861
862 return ret;
863}
864
865
866
867
Dr. Stephen Henson535d79d2001-03-15 19:13:40 +0000[diff] [blame]868static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
869{
870 STACK_OF(CONF_VALUE) *vals;
871 CONF_VALUE *val;
872 int i, ret = 1;
873 if(!arg) return 0;
874 vals = X509V3_parse_list(arg);
875 for (i = 0; i < sk_CONF_VALUE_num(vals); i++) {
876 val = sk_CONF_VALUE_value(vals, i);
877 if (!set_table_opts(flags, val->name, in_tbl))
878 ret = 0;
879 }
880 sk_CONF_VALUE_pop_free(vals, X509V3_conf_free);
881 return ret;
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]882}
Dr. Stephen Hensona6575462000-07-28 01:58:15 +0000[diff] [blame]883
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]884static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl)
885{
886 char c;
887 const NAME_EX_TBL *ptbl;
Dr. Stephen Hensona6575462000-07-28 01:58:15 +0000[diff] [blame]888 c = arg[0];
889
890 if(c == '-') {
891 c = 0;
892 arg++;
893 } else if (c == '+') {
894 c = 1;
895 arg++;
896 } else c = 1;
897
Dr. Stephen Henson8ca533e2000-10-06 11:51:47 +0000[diff] [blame]898 for(ptbl = in_tbl; ptbl->name; ptbl++) {
Bodo Möllerc15e0362001-02-10 11:21:29 +0000[diff] [blame]899 if(!strcasecmp(arg, ptbl->name)) {
Dr. Stephen Hensona6575462000-07-28 01:58:15 +0000[diff] [blame]900 *flags &= ~ptbl->mask;
901 if(c) *flags |= ptbl->flag;
902 else *flags &= ~ptbl->flag;
903 return 1;
904 }
905 }
906 return 0;
907}
908
909void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
910{
911 char buf[256];
912 char mline = 0;
913 int indent = 0;
914 if(title) BIO_puts(out, title);
915 if((lflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
916 mline = 1;
917 indent = 4;
918 }
919 if(lflags == XN_FLAG_COMPAT) {
920 X509_NAME_oneline(nm,buf,256);
921 BIO_puts(out,buf);
922 BIO_puts(out, "\n");
923 } else {
924 if(mline) BIO_puts(out, "\n");
925 X509_NAME_print_ex(out, nm, indent, lflags);
926 BIO_puts(out, "\n");
927 }
928}
929
Dr. Stephen Henson81f169e2001-01-17 01:31:34 +0000[diff] [blame]930X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath)
931{
932 X509_STORE *store;
933 X509_LOOKUP *lookup;
934 if(!(store = X509_STORE_new())) goto end;
935 lookup=X509_STORE_add_lookup(store,X509_LOOKUP_file());
936 if (lookup == NULL) goto end;
937 if (CAfile) {
938 if(!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM)) {
939 BIO_printf(bp, "Error loading file %s\n", CAfile);
940 goto end;
941 }
942 } else X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
943
944 lookup=X509_STORE_add_lookup(store,X509_LOOKUP_hash_dir());
945 if (lookup == NULL) goto end;
946 if (CApath) {
947 if(!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM)) {
948 BIO_printf(bp, "Error loading directory %s\n", CApath);
949 goto end;
950 }
951 } else X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
952
953 ERR_clear_error();
954 return store;
955 end:
956 X509_STORE_free(store);
957 return NULL;
958}