2 * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include <openssl/evp.h>
12 #include <openssl/err.h>
13 #include <openssl/provider.h>
14 #include <openssl/safestack.h>
19 static int verbose = 0;
21 static int describe_param_type(char *buf, size_t bufsz, const OSSL_PARAM *param)
23 const char *type_mod = "";
24 const char *type = NULL;
25 int show_type_number = 0;
28 switch (param->data_type) {
29 case OSSL_PARAM_UNSIGNED_INTEGER:
30 type_mod = "unsigned ";
32 case OSSL_PARAM_INTEGER:
35 case OSSL_PARAM_UTF8_PTR:
36 type_mod = "pointer to a ";
38 case OSSL_PARAM_UTF8_STRING:
39 type = "UTF8 encoded string";
41 case OSSL_PARAM_OCTET_PTR:
42 type_mod = "pointer to an ";
44 case OSSL_PARAM_OCTET_STRING:
45 type = "octet string";
48 type = "unknown type";
53 printed_len = BIO_snprintf(buf, bufsz, "%s: ", param->key);
54 if (printed_len > 0) {
58 printed_len = BIO_snprintf(buf, bufsz, "%s%s", type_mod, type);
59 if (printed_len > 0) {
63 if (show_type_number) {
64 printed_len = BIO_snprintf(buf, bufsz, " [%d]", param->data_type);
65 if (printed_len > 0) {
70 if (param->data_size == 0)
71 printed_len = BIO_snprintf(buf, bufsz, " (arbitrary size)");
73 printed_len = BIO_snprintf(buf, bufsz, " (max %zu bytes large)",
75 if (printed_len > 0) {
83 static int print_param_types(const char *thing, const OSSL_PARAM *pdefs)
86 BIO_printf(bio_out, " No declared %s\n", thing);
87 } else if (pdefs->key == NULL) {
89 * An empty list? This shouldn't happen, but let's just make sure to
90 * say something if there's a badly written provider...
92 BIO_printf(bio_out, " Empty list of %s (!!!)\n", thing);
94 BIO_printf(bio_out, " %s:\n", thing);
95 for (; pdefs->key != NULL; pdefs++) {
96 char buf[200]; /* This should be ample space */
98 describe_param_type(buf, sizeof(buf), pdefs);
99 BIO_printf(bio_out, " %s\n", buf);
105 static void legacy_cipher_fn(const EVP_CIPHER *c,
106 const char *from, const char *to, void *arg)
109 BIO_printf(arg, " %s\n", EVP_CIPHER_name(c));
112 from = "<undefined>";
115 BIO_printf(arg, " %s => %s\n", from, to);
119 DEFINE_STACK_OF(EVP_CIPHER)
120 static int cipher_cmp(const EVP_CIPHER * const *a,
121 const EVP_CIPHER * const *b)
123 int ret = strcasecmp(EVP_CIPHER_name(*a), EVP_CIPHER_name(*b));
126 ret = strcmp(OSSL_PROVIDER_name(EVP_CIPHER_provider(*a)),
127 OSSL_PROVIDER_name(EVP_CIPHER_provider(*b)));
132 static void collect_ciphers(EVP_CIPHER *cipher, void *stack)
134 STACK_OF(EVP_CIPHER) *cipher_stack = stack;
136 if (sk_EVP_CIPHER_push(cipher_stack, cipher) > 0)
137 EVP_CIPHER_up_ref(cipher);
140 static void list_ciphers(void)
142 STACK_OF(EVP_CIPHER) *ciphers = sk_EVP_CIPHER_new(cipher_cmp);
145 BIO_printf(bio_out, "Legacy:\n");
146 EVP_CIPHER_do_all_sorted(legacy_cipher_fn, bio_out);
148 BIO_printf(bio_out, "Provided:\n");
149 EVP_CIPHER_do_all_ex(NULL, collect_ciphers, ciphers);
150 sk_EVP_CIPHER_sort(ciphers);
151 for (i = 0; i < sk_EVP_CIPHER_num(ciphers); i++) {
152 const EVP_CIPHER *c = sk_EVP_CIPHER_value(ciphers, i);
154 BIO_printf(bio_out, " %s", EVP_CIPHER_name(c));
155 BIO_printf(bio_out, " @ %s\n",
156 OSSL_PROVIDER_name(EVP_CIPHER_provider(c)));
158 print_param_types("retrievable algorithm parameters",
159 EVP_CIPHER_gettable_params(c));
160 print_param_types("retrievable operation parameters",
161 EVP_CIPHER_CTX_gettable_params(c));
162 print_param_types("settable operation parameters",
163 EVP_CIPHER_CTX_settable_params(c));
166 sk_EVP_CIPHER_pop_free(ciphers, EVP_CIPHER_meth_free);
169 static void list_md_fn(const EVP_MD *m,
170 const char *from, const char *to, void *arg)
173 BIO_printf(arg, " %s\n", EVP_MD_name(m));
176 from = "<undefined>";
179 BIO_printf((BIO *)arg, " %s => %s\n", from, to);
183 DEFINE_STACK_OF(EVP_MD)
184 static int md_cmp(const EVP_MD * const *a, const EVP_MD * const *b)
186 int ret = strcasecmp(EVP_MD_name(*a), EVP_MD_name(*b));
189 ret = strcmp(OSSL_PROVIDER_name(EVP_MD_provider(*a)),
190 OSSL_PROVIDER_name(EVP_MD_provider(*b)));
195 static void collect_digests(EVP_MD *md, void *stack)
197 STACK_OF(EVP_MD) *digest_stack = stack;
199 if (sk_EVP_MD_push(digest_stack, md) > 0)
203 static void list_digests(void)
205 STACK_OF(EVP_MD) *digests = sk_EVP_MD_new(md_cmp);
208 BIO_printf(bio_out, "Legacy:\n");
209 EVP_MD_do_all_sorted(list_md_fn, bio_out);
211 BIO_printf(bio_out, "Provided:\n");
212 EVP_MD_do_all_ex(NULL, collect_digests, digests);
213 sk_EVP_MD_sort(digests);
214 for (i = 0; i < sk_EVP_MD_num(digests); i++) {
215 const EVP_MD *m = sk_EVP_MD_value(digests, i);
217 BIO_printf(bio_out, " %s", EVP_MD_name(m));
218 BIO_printf(bio_out, " @ %s\n",
219 OSSL_PROVIDER_name(EVP_MD_provider(m)));
221 print_param_types("retrievable algorithm parameters",
222 EVP_MD_gettable_params(m));
223 print_param_types("retrievable operation parameters",
224 EVP_MD_CTX_gettable_params(m));
225 print_param_types("settable operation parameters",
226 EVP_MD_CTX_settable_params(m));
229 sk_EVP_MD_pop_free(digests, EVP_MD_meth_free);
232 DEFINE_STACK_OF(EVP_MAC)
233 static int mac_cmp(const EVP_MAC * const *a, const EVP_MAC * const *b)
235 int ret = strcasecmp(EVP_MAC_name(*a), EVP_MAC_name(*b));
238 ret = strcmp(OSSL_PROVIDER_name(EVP_MAC_provider(*a)),
239 OSSL_PROVIDER_name(EVP_MAC_provider(*b)));
244 static void collect_macs(EVP_MAC *mac, void *stack)
246 STACK_OF(EVP_MAC) *mac_stack = stack;
248 if (sk_EVP_MAC_push(mac_stack, mac) > 0)
252 static void list_macs(void)
254 STACK_OF(EVP_MAC) *macs = sk_EVP_MAC_new(mac_cmp);
257 BIO_printf(bio_out, "Provided MACs:\n");
258 EVP_MAC_do_all_ex(NULL, collect_macs, macs);
259 sk_EVP_MAC_sort(macs);
260 for (i = 0; i < sk_EVP_MAC_num(macs); i++) {
261 const EVP_MAC *m = sk_EVP_MAC_value(macs, i);
263 BIO_printf(bio_out, " %s", EVP_MAC_name(m));
264 BIO_printf(bio_out, " @ %s\n",
265 OSSL_PROVIDER_name(EVP_MAC_provider(m)));
268 print_param_types("retrievable algorithm parameters",
269 EVP_MAC_gettable_params(m));
270 print_param_types("retrievable operation parameters",
271 EVP_MAC_CTX_gettable_params(m));
272 print_param_types("settable operation parameters",
273 EVP_MAC_CTX_settable_params(m));
276 sk_EVP_MAC_pop_free(macs, EVP_MAC_free);
279 static void list_missing_help(void)
284 for (fp = functions; fp->name != NULL; fp++) {
285 if ((o = fp->help) != NULL) {
286 /* If there is help, list what flags are not documented. */
287 for ( ; o->name != NULL; o++) {
288 if (o->helpstr == NULL)
289 BIO_printf(bio_out, "%s %s\n", fp->name, o->name);
291 } else if (fp->func != dgst_main) {
292 /* If not aliased to the dgst command, */
293 BIO_printf(bio_out, "%s *\n", fp->name);
298 static void list_objects(void)
300 int max_nid = OBJ_new_nid(0);
302 char *oid_buf = NULL;
305 /* Skip 0, since that's NID_undef */
306 for (i = 1; i < max_nid; i++) {
307 const ASN1_OBJECT *obj = OBJ_nid2obj(i);
308 const char *sn = OBJ_nid2sn(i);
309 const char *ln = OBJ_nid2ln(i);
313 * If one of the retrieved objects somehow generated an error,
314 * we ignore it. The check for NID_undef below will detect the
315 * error and simply skip to the next NID.
319 if (OBJ_obj2nid(obj) == NID_undef)
322 if ((n = OBJ_obj2txt(NULL, 0, obj, 1)) == 0) {
323 BIO_printf(bio_out, "# None-OID object: %s, %s\n", sn, ln);
330 oid_buf = OPENSSL_realloc(oid_buf, n + 1);
331 if (oid_buf == NULL) {
332 BIO_printf(bio_err, "ERROR: Memory allocation\n");
337 if (OBJ_obj2txt(oid_buf, oid_size, obj, 1) < 0)
339 if (ln == NULL || strcmp(sn, ln) == 0)
340 BIO_printf(bio_out, "%s = %s\n", sn, oid_buf);
342 BIO_printf(bio_out, "%s = %s, %s\n", sn, ln, oid_buf);
345 OPENSSL_free(oid_buf);
348 static void list_options_for_command(const char *command)
353 for (fp = functions; fp->name != NULL; fp++)
354 if (strcmp(fp->name, command) == 0)
356 if (fp->name == NULL) {
357 BIO_printf(bio_err, "Invalid command '%s'; type \"help\" for a list.\n",
362 if ((o = fp->help) == NULL)
365 for ( ; o->name != NULL; o++) {
366 if (o->name == OPT_HELP_STR
367 || o->name == OPT_MORE_STR
368 || o->name[0] == '\0')
370 BIO_printf(bio_out, "%s %c\n", o->name, o->valtype);
374 static void list_type(FUNC_TYPE ft, int one)
380 memset(&dc, 0, sizeof(dc));
382 calculate_columns(functions, &dc);
384 for (fp = functions; fp->name != NULL; fp++) {
388 BIO_printf(bio_out, "%s\n", fp->name);
390 if (i % dc.columns == 0 && i > 0)
391 BIO_printf(bio_out, "\n");
392 BIO_printf(bio_out, "%-*s", dc.width, fp->name);
397 BIO_printf(bio_out, "\n\n");
400 static void list_pkey(void)
404 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
405 const EVP_PKEY_ASN1_METHOD *ameth;
406 int pkey_id, pkey_base_id, pkey_flags;
407 const char *pinfo, *pem_str;
408 ameth = EVP_PKEY_asn1_get0(i);
409 EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags,
410 &pinfo, &pem_str, ameth);
411 if (pkey_flags & ASN1_PKEY_ALIAS) {
412 BIO_printf(bio_out, "Name: %s\n", OBJ_nid2ln(pkey_id));
413 BIO_printf(bio_out, "\tAlias for: %s\n",
414 OBJ_nid2ln(pkey_base_id));
416 BIO_printf(bio_out, "Name: %s\n", pinfo);
417 BIO_printf(bio_out, "\tType: %s Algorithm\n",
418 pkey_flags & ASN1_PKEY_DYNAMIC ?
419 "External" : "Builtin");
420 BIO_printf(bio_out, "\tOID: %s\n", OBJ_nid2ln(pkey_id));
423 BIO_printf(bio_out, "\tPEM string: %s\n", pem_str);
429 static void list_pkey_meth(void)
432 size_t meth_count = EVP_PKEY_meth_get_count();
434 for (i = 0; i < meth_count; i++) {
435 const EVP_PKEY_METHOD *pmeth = EVP_PKEY_meth_get0(i);
436 int pkey_id, pkey_flags;
438 EVP_PKEY_meth_get0_info(&pkey_id, &pkey_flags, pmeth);
439 BIO_printf(bio_out, "%s\n", OBJ_nid2ln(pkey_id));
440 BIO_printf(bio_out, "\tType: %s Algorithm\n",
441 pkey_flags & ASN1_PKEY_DYNAMIC ? "External" : "Builtin");
445 static void list_engines(void)
447 #ifndef OPENSSL_NO_ENGINE
450 BIO_puts(bio_out, "Engines:\n");
451 e = ENGINE_get_first();
453 BIO_printf(bio_out, "%s\n", ENGINE_get_id(e));
454 e = ENGINE_get_next(e);
457 BIO_puts(bio_out, "Engine support is disabled.\n");
461 static void list_disabled(void)
463 BIO_puts(bio_out, "Disabled algorithms:\n");
464 #ifdef OPENSSL_NO_ARIA
465 BIO_puts(bio_out, "ARIA\n");
468 BIO_puts(bio_out, "BF\n");
470 #ifdef OPENSSL_NO_BLAKE2
471 BIO_puts(bio_out, "BLAKE2\n");
473 #ifdef OPENSSL_NO_CAMELLIA
474 BIO_puts(bio_out, "CAMELLIA\n");
476 #ifdef OPENSSL_NO_CAST
477 BIO_puts(bio_out, "CAST\n");
479 #ifdef OPENSSL_NO_CMAC
480 BIO_puts(bio_out, "CMAC\n");
482 #ifdef OPENSSL_NO_CMS
483 BIO_puts(bio_out, "CMS\n");
485 #ifdef OPENSSL_NO_COMP
486 BIO_puts(bio_out, "COMP\n");
488 #ifdef OPENSSL_NO_DES
489 BIO_puts(bio_out, "DES\n");
491 #ifdef OPENSSL_NO_DGRAM
492 BIO_puts(bio_out, "DGRAM\n");
495 BIO_puts(bio_out, "DH\n");
497 #ifdef OPENSSL_NO_DSA
498 BIO_puts(bio_out, "DSA\n");
500 #if defined(OPENSSL_NO_DTLS)
501 BIO_puts(bio_out, "DTLS\n");
503 #if defined(OPENSSL_NO_DTLS1)
504 BIO_puts(bio_out, "DTLS1\n");
506 #if defined(OPENSSL_NO_DTLS1_2)
507 BIO_puts(bio_out, "DTLS1_2\n");
510 BIO_puts(bio_out, "EC\n");
512 #ifdef OPENSSL_NO_EC2M
513 BIO_puts(bio_out, "EC2M\n");
515 #ifdef OPENSSL_NO_ENGINE
516 BIO_puts(bio_out, "ENGINE\n");
518 #ifdef OPENSSL_NO_GOST
519 BIO_puts(bio_out, "GOST\n");
521 #ifdef OPENSSL_NO_IDEA
522 BIO_puts(bio_out, "IDEA\n");
524 #ifdef OPENSSL_NO_MD2
525 BIO_puts(bio_out, "MD2\n");
527 #ifdef OPENSSL_NO_MD4
528 BIO_puts(bio_out, "MD4\n");
530 #ifdef OPENSSL_NO_MD5
531 BIO_puts(bio_out, "MD5\n");
533 #ifdef OPENSSL_NO_MDC2
534 BIO_puts(bio_out, "MDC2\n");
536 #ifdef OPENSSL_NO_OCB
537 BIO_puts(bio_out, "OCB\n");
539 #ifdef OPENSSL_NO_OCSP
540 BIO_puts(bio_out, "OCSP\n");
542 #ifdef OPENSSL_NO_PSK
543 BIO_puts(bio_out, "PSK\n");
545 #ifdef OPENSSL_NO_RC2
546 BIO_puts(bio_out, "RC2\n");
548 #ifdef OPENSSL_NO_RC4
549 BIO_puts(bio_out, "RC4\n");
551 #ifdef OPENSSL_NO_RC5
552 BIO_puts(bio_out, "RC5\n");
554 #ifdef OPENSSL_NO_RMD160
555 BIO_puts(bio_out, "RMD160\n");
557 #ifdef OPENSSL_NO_RSA
558 BIO_puts(bio_out, "RSA\n");
560 #ifdef OPENSSL_NO_SCRYPT
561 BIO_puts(bio_out, "SCRYPT\n");
563 #ifdef OPENSSL_NO_SCTP
564 BIO_puts(bio_out, "SCTP\n");
566 #ifdef OPENSSL_NO_SEED
567 BIO_puts(bio_out, "SEED\n");
569 #ifdef OPENSSL_NO_SM2
570 BIO_puts(bio_out, "SM2\n");
572 #ifdef OPENSSL_NO_SM3
573 BIO_puts(bio_out, "SM3\n");
575 #ifdef OPENSSL_NO_SM4
576 BIO_puts(bio_out, "SM4\n");
578 #ifdef OPENSSL_NO_SOCK
579 BIO_puts(bio_out, "SOCK\n");
581 #ifdef OPENSSL_NO_SRP
582 BIO_puts(bio_out, "SRP\n");
584 #ifdef OPENSSL_NO_SRTP
585 BIO_puts(bio_out, "SRTP\n");
587 #ifdef OPENSSL_NO_SSL3
588 BIO_puts(bio_out, "SSL3\n");
590 #ifdef OPENSSL_NO_TLS1
591 BIO_puts(bio_out, "TLS1\n");
593 #ifdef OPENSSL_NO_TLS1_1
594 BIO_puts(bio_out, "TLS1_1\n");
596 #ifdef OPENSSL_NO_TLS1_2
597 BIO_puts(bio_out, "TLS1_2\n");
599 #ifdef OPENSSL_NO_WHIRLPOOL
600 BIO_puts(bio_out, "WHIRLPOOL\n");
603 BIO_puts(bio_out, "ZLIB\n");
607 /* Unified enum for help and list commands. */
608 typedef enum HELPLIST_CHOICE {
609 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ONE, OPT_VERBOSE,
610 OPT_COMMANDS, OPT_DIGEST_COMMANDS, OPT_MAC_ALGORITHMS, OPT_OPTIONS,
611 OPT_DIGEST_ALGORITHMS, OPT_CIPHER_COMMANDS, OPT_CIPHER_ALGORITHMS,
612 OPT_PK_ALGORITHMS, OPT_PK_METHOD, OPT_ENGINES, OPT_DISABLED,
613 OPT_MISSING_HELP, OPT_OBJECTS
616 const OPTIONS list_options[] = {
617 {"help", OPT_HELP, '-', "Display this summary"},
618 {"1", OPT_ONE, '-', "List in one column"},
619 {"verbose", OPT_VERBOSE, '-', "Verbose listing"},
620 {"commands", OPT_COMMANDS, '-', "List of standard commands"},
621 {"digest-commands", OPT_DIGEST_COMMANDS, '-',
622 "List of message digest commands"},
623 {"digest-algorithms", OPT_DIGEST_ALGORITHMS, '-',
624 "List of message digest algorithms"},
625 {"mac-algorithms", OPT_MAC_ALGORITHMS, '-',
626 "List of message authentication code algorithms"},
627 {"cipher-commands", OPT_CIPHER_COMMANDS, '-', "List of cipher commands"},
628 {"cipher-algorithms", OPT_CIPHER_ALGORITHMS, '-',
629 "List of cipher algorithms"},
630 {"public-key-algorithms", OPT_PK_ALGORITHMS, '-',
631 "List of public key algorithms"},
632 {"public-key-methods", OPT_PK_METHOD, '-',
633 "List of public key methods"},
634 {"engines", OPT_ENGINES, '-',
635 "List of loaded engines"},
636 {"disabled", OPT_DISABLED, '-',
637 "List of disabled features"},
638 {"missing-help", OPT_MISSING_HELP, '-',
639 "List missing detailed help strings"},
640 {"options", OPT_OPTIONS, 's',
641 "List options for specified command"},
642 {"objects", OPT_OBJECTS, '-',
643 "List built in objects (OID<->name mappings)"},
647 int list_main(int argc, char **argv)
651 int one = 0, done = 0;
653 unsigned int commands:1;
654 unsigned int digest_commands:1;
655 unsigned int digest_algorithms:1;
656 unsigned int mac_algorithms:1;
657 unsigned int cipher_commands:1;
658 unsigned int cipher_algorithms:1;
659 unsigned int pk_algorithms:1;
660 unsigned int pk_method:1;
661 unsigned int engines:1;
662 unsigned int disabled:1;
663 unsigned int missing_help:1;
664 unsigned int objects:1;
665 unsigned int options:1;
668 verbose = 0; /* Clear a possible previous call */
670 prog = opt_init(argc, argv, list_options);
671 while ((o = opt_next()) != OPT_EOF) {
673 case OPT_EOF: /* Never hit, but suppresses warning */
676 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
679 opt_help(list_options);
687 case OPT_DIGEST_COMMANDS:
688 todo.digest_commands = 1;
690 case OPT_DIGEST_ALGORITHMS:
691 todo.digest_algorithms = 1;
693 case OPT_MAC_ALGORITHMS:
694 todo.mac_algorithms = 1;
696 case OPT_CIPHER_COMMANDS:
697 todo.cipher_commands = 1;
699 case OPT_CIPHER_ALGORITHMS:
700 todo.cipher_algorithms = 1;
702 case OPT_PK_ALGORITHMS:
703 todo.pk_algorithms = 1;
714 case OPT_MISSING_HELP:
715 todo.missing_help = 1;
721 list_options_for_command(opt_arg());
729 if (opt_num_rest() != 0) {
730 BIO_printf(bio_err, "Extra arguments given.\n");
735 list_type(FT_general, one);
736 if (todo.digest_commands)
737 list_type(FT_md, one);
738 if (todo.digest_algorithms)
740 if (todo.mac_algorithms)
742 if (todo.cipher_commands)
743 list_type(FT_cipher, one);
744 if (todo.cipher_algorithms)
746 if (todo.pk_algorithms)
754 if (todo.missing_help)