MD5 IA-64 assembler implementation. Original copy for reference purposes.

[openssl.git] / apps / apps.c

diff --git a/apps/apps.c b/apps/apps.c
index 38ad3b07b19c0458c4c34c2e9c8182c8618fda06..613c3ba4955c411bbbc25e7b9fe15442d90d9113 100644 (file)
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -125,7 +125,9 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
+#ifndef OPENSSL_NO_RSA
 #include <openssl/rsa.h>
+#endif
 #include <openssl/bn.h>
 
 #define NON_MAIN
@@ -133,7 +135,7 @@
 #undef NON_MAIN
 
 typedef struct {
-       char *name;
+       const char *name;
        unsigned long flag;
        unsigned long mask;
 } NAME_EX_TBL;
@@ -374,10 +376,17 @@ int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
                /* The start of something good :-) */
                if (num >= arg->count)
                        {
-                       arg->count+=20;
-                       arg->data=(char **)OPENSSL_realloc(arg->data,
-                               sizeof(char *)*arg->count);
-                       if (argc == 0) return(0);
+                       char **tmp_p;
+                       int tlen = arg->count + 20;
+                       tmp_p = (char **)OPENSSL_realloc(arg->data,
+                               sizeof(char *)*tlen);
+                       if (tmp_p == NULL)
+                               return 0;
+                       arg->data  = tmp_p;
+                       arg->count = tlen;
+                       /* initialize newly allocated data */
+                       for (i = num; i < arg->count; i++)
+                               arg->data[i] = NULL;
                        }
                arg->data[num++]=p;
 
@@ -688,6 +697,51 @@ int add_oid_section(BIO *err, CONF *conf)
        return 1;
 }
 
+static int load_pkcs12(BIO *err, BIO *in, const char *desc,
+               pem_password_cb *pem_cb,  void *cb_data,
+               EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca)
+       {
+       const char *pass;
+       char tpass[PEM_BUFSIZE];
+       int len, ret = 0;
+       PKCS12 *p12;
+       p12 = d2i_PKCS12_bio(in, NULL);
+       if (p12 == NULL)
+               {
+               BIO_printf(err, "Error loading PKCS12 file for %s\n", desc);    
+               goto die;
+               }
+       /* See if an empty password will do */
+       if (PKCS12_verify_mac(p12, "", 0) || PKCS12_verify_mac(p12, NULL, 0))
+               pass = "";
+       else
+               {
+               if (!pem_cb)
+                       pem_cb = (pem_password_cb *)password_callback;
+               len = pem_cb(tpass, PEM_BUFSIZE, 0, cb_data);
+               if (len < 0) 
+                       {
+                       BIO_printf(err, "Passpharse callback error for %s\n",
+                                       desc);
+                       goto die;
+                       }
+               if (len < PEM_BUFSIZE)
+                       tpass[len] = 0;
+               if (!PKCS12_verify_mac(p12, tpass, len))
+                       {
+                       BIO_printf(err,
+       "Mac verify error (wrong password?) in PKCS12 file for %s\n", desc);    
+                       goto die;
+                       }
+               pass = tpass;
+               }
+       ret = PKCS12_parse(p12, pass, pkey, cert, ca);
+       die:
+       if (p12)
+               PKCS12_free(p12);
+       return ret;
+       }
+
 X509 *load_cert(BIO *err, const char *file, int format,
        const char *pass, ENGINE *e, const char *cert_descrip)
        {
@@ -768,11 +822,9 @@ X509 *load_cert(BIO *err, const char *file, int format,
                        (pem_password_cb *)password_callback, NULL);
        else if (format == FORMAT_PKCS12)
                {
-               PKCS12 *p12 = d2i_PKCS12_bio(cert, NULL);
-
-               PKCS12_parse(p12, NULL, NULL, &x, NULL);
-               PKCS12_free(p12);
-               p12 = NULL;
+               if (!load_pkcs12(err, cert,cert_descrip, NULL, NULL,
+                                       NULL, &x, NULL))
+                       goto end;
                }
        else    {
                BIO_printf(err,"bad input format specified for %s\n",
@@ -851,11 +903,10 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
 #endif
        else if (format == FORMAT_PKCS12)
                {
-               PKCS12 *p12 = d2i_PKCS12_bio(key, NULL);
-
-               PKCS12_parse(p12, pass, &pkey, NULL, NULL);
-               PKCS12_free(p12);
-               p12 = NULL;
+               if (!load_pkcs12(err, key, key_descrip,
+                               (pem_password_cb *)password_callback, &cb_data,
+                               &pkey, NULL, NULL))
+                       goto end;
                }
        else
                {
@@ -1227,7 +1278,7 @@ static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_T
        return 0;
 }
 
-void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags)
+void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags)
 {
        char *buf;
        char mline = 0;
@@ -1562,8 +1613,9 @@ int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix)
                {
                if (errno != ENOENT 
 #ifdef ENOTDIR
-                       && errno != ENOTDIR)
+                       && errno != ENOTDIR
 #endif
+                  )
                        goto err;
                }
        else
@@ -1732,7 +1784,7 @@ int index_index(CA_DB *db)
        return 1;
        }
 
-int save_index(char *dbfile, char *suffix, CA_DB *db)
+int save_index(const char *dbfile, const char *suffix, CA_DB *db)
        {
        char buf[3][BSIZE];
        BIO *out = BIO_new(BIO_s_file());
@@ -1799,7 +1851,7 @@ int save_index(char *dbfile, char *suffix, CA_DB *db)
        return 0;
        }
 
-int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
+int rotate_index(const char *dbfile, const char *new_suffix, const char *old_suffix)
        {
        char buf[5][BSIZE];
        int i,j;
@@ -1851,8 +1903,9 @@ int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
                {
                if (errno != ENOENT 
 #ifdef ENOTDIR
-                       && errno != ENOTDIR)
+                       && errno != ENOTDIR
 #endif
+                  )
                        goto err;
                }
        else
@@ -1887,8 +1940,9 @@ int rotate_index(char *dbfile, char *new_suffix, char *old_suffix)
                {
                if (errno != ENOENT 
 #ifdef ENOTDIR
-                       && errno != ENOTDIR)
+                       && errno != ENOTDIR
 #endif
+                  )
                        goto err;
                }
        else
@@ -1937,7 +1991,7 @@ void free_index(CA_DB *db)
                }
        }
 
-int parse_yesno(char *str, int def)
+int parse_yesno(const char *str, int def)
        {
        int ret = def;
        if (str)
@@ -2104,7 +2158,7 @@ error:
 
 /* This code MUST COME AFTER anything that uses rename() */
 #ifdef OPENSSL_SYS_WIN32
-int WIN32_rename(char *from, char *to)
+int WIN32_rename(const char *from, const char *to)
        {
 #ifndef OPENSSL_SYS_WINCE
        /* Windows rename gives an error if 'to' exists, so delete it
@@ -2239,7 +2293,8 @@ int args_verify(char ***pargs, int *pargc,
 
        }
 
-static void nodes_print(BIO *out, char *name, STACK_OF(X509_POLICY_NODE) *nodes)
+static void nodes_print(BIO *out, const char *name,
+       STACK_OF(X509_POLICY_NODE) *nodes)
        {
        X509_POLICY_NODE *node;
        int i;