Change the common application routines to use a UI_METHOD for password
authorRichard Levitte <levitte@openssl.org>
Tue, 19 Jun 2001 16:26:30 +0000 (16:26 +0000)
committerRichard Levitte <levitte@openssl.org>
Tue, 19 Jun 2001 16:26:30 +0000 (16:26 +0000)
prompting, even when done through the callback.

apps/apps.c
apps/apps.h

index 90159d5..0001577 100644 (file)
@@ -69,6 +69,7 @@
 #include <openssl/x509v3.h>
 #include <openssl/pem.h>
 #include <openssl/pkcs12.h>
+#include <openssl/ui.h>
 #include <openssl/safestack.h>
 
 #ifdef OPENSSL_SYS_WINDOWS
@@ -87,6 +88,8 @@ typedef struct {
        unsigned long mask;
 } NAME_EX_TBL;
 
+static UI_METHOD *ui_method = NULL;
+
 static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl);
 static int set_multi_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL *in_tbl);
 
@@ -369,13 +372,76 @@ int dump_cert_text (BIO *out, X509 *x)
         return 0;
 }
 
+static int ui_open(UI *ui)
+       {
+       return UI_method_get_opener(UI_OpenSSL())(ui);
+       }
+static int ui_read(UI *ui, UI_STRING *uis)
+       {
+       if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
+               && UI_get0_user_data(ui))
+               {
+               switch(UI_get_string_type(uis))
+                       {
+               case UIT_PROMPT:
+               case UIT_VERIFY:
+                       {
+                       const char *password =
+                               ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
+                       if (password[0] != '\0')
+                               {
+                               UI_set_result(uis, password);
+                               return 1;
+                               }
+                       }
+               default:
+                       break;
+                       }
+               }
+       return UI_method_get_reader(UI_OpenSSL())(ui, uis);
+       }
+static int ui_write(UI *ui, UI_STRING *uis)
+       {
+       if (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD
+               && UI_get0_user_data(ui))
+               {
+               switch(UI_get_string_type(uis))
+                       {
+               case UIT_PROMPT:
+               case UIT_VERIFY:
+                       {
+                       const char *password =
+                               ((PW_CB_DATA *)UI_get0_user_data(ui))->password;
+                       if (password[0] != '\0')
+                               return 1;
+                       }
+               default:
+                       break;
+                       }
+               }
+       return UI_method_get_writer(UI_OpenSSL())(ui, uis);
+       }
+static int ui_close(UI *ui)
+       {
+       return UI_method_get_closer(UI_OpenSSL())(ui);
+       }
+int setup_ui_method()
+       {
+       ui_method = UI_create_method("OpenSSL application user interface");
+       UI_method_set_opener(ui_method, ui_open);
+       UI_method_set_reader(ui_method, ui_read);
+       UI_method_set_writer(ui_method, ui_write);
+       UI_method_set_closer(ui_method, ui_close);
+       return 0;
+       }
 int password_callback(char *buf, int bufsiz, int verify,
-       PW_CB_DATA *cb_data)
+       PW_CB_DATA *cb_tmp)
        {
-       int i,j;
-       char prompt[80];
+       UI *ui = NULL;
+       int res = 0;
        const char *prompt_info = NULL;
        const char *password = NULL;
+       PW_CB_DATA *cb_data = (PW_CB_DATA *)cb_tmp;
 
        if (cb_data)
                {
@@ -385,39 +451,74 @@ int password_callback(char *buf, int bufsiz, int verify,
                        prompt_info = cb_data->prompt_info;
                }
 
-       if(password) {
-               i=strlen(password);
-               i=(i > bufsiz)?bufsiz:i;
-               memcpy(buf,password,i);
-               return(i);
-       }
+       ui = UI_new_method(ui_method);
+       if (ui)
+               {
+               char errstring[80];
+               int errstring_added = 0;
+               int ok = 0;
+               char *buff = NULL;
+               int ui_flags = 0;
+               char *prompt = NULL;
 
-       if (EVP_get_pw_prompt())
-               BIO_snprintf(prompt, sizeof(prompt)-1, EVP_get_pw_prompt(),
-                       prompt_info ? prompt_info : "");
-       else
-               BIO_snprintf(prompt, sizeof(prompt)-1,
-                       "Enter pass phrase for %s:",
-                       prompt_info ? prompt_info : "");
+               prompt = UI_construct_prompt(ui, "pass phrase",
+                       cb_data->prompt_info);
 
-       for (;;)
-               {
-               i=EVP_read_pw_string(buf,bufsiz,prompt,verify);
-               if (i != 0)
+               ui_flags |= UI_INPUT_FLAG_DEFAULT_PWD;
+
+               if (ok >= 0)
+                       ok = UI_add_input_string(ui,prompt,ui_flags,buf,0,BUFSIZ-1);
+               if (ok >= 0 && verify)
+                       {
+                       buff = (char *)OPENSSL_malloc(bufsiz);
+                       ok = UI_add_verify_string(ui,prompt,ui_flags,buff,0,BUFSIZ-1,
+                               buf);
+                       }
+               if (ok >= 0)
+                       for(;;)
+                               {
+                               res = 0;
+                               ok=UI_process(ui);
+                               if (ok < 0)
+                                       break;
+                               res=strlen(buf);
+                               if (res < PW_MIN_LENGTH)
+                                       {
+                                       if (errstring_added == 0)
+                                               {
+                                               BIO_snprintf(errstring,
+                                                       sizeof(errstring),
+"phrase is too short, needs to be at least %d chars\n", PW_MIN_LENGTH);
+                                               UI_add_error_string(ui,
+                                                       errstring);
+                                               }
+                                       errstring_added = 1;
+                                       }
+                               else
+                                       break;
+                               }
+               if (buff)
                        {
-                       BIO_printf(bio_err,"aborted!\n");
                        memset(buf,0,(unsigned int)bufsiz);
-                       return(-1);
+                       OPENSSL_free(buff);
                        }
-               j=strlen(buf);
-               if (j < PW_MIN_LENGTH)
+
+               if (ok == -1)
                        {
-                       BIO_printf(bio_err,"phrase is too short, needs to be at least %d chars\n",PW_MIN_LENGTH);
+                       BIO_printf(bio_err, "User interface error\n");
+                       ERR_print_errors(bio_err);
+                       memset(buf,0,(unsigned int)bufsiz);
+                       res = 0;
                        }
-               else
-                       break;
+               if (ok == -2)
+                       {
+                       BIO_printf(bio_err,"aborted!\n");
+                       memset(buf,0,(unsigned int)bufsiz);
+                       res = 0;
+                       }
+               UI_free(ui);
                }
-       return(j);
+       return res;
        }
 
 static char *app_get_pass(BIO *err, char *arg, int keepbio);
@@ -645,7 +746,7 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format,
                        BIO_printf(bio_err,"no engine specified\n");
                else
                        pkey = ENGINE_load_private_key(e, file,
-                               (pem_password_cb *)password_callback, &cb_data);
+                               ui_method, &cb_data);
                goto end;
                }
        key=BIO_new(BIO_s_file());
@@ -710,7 +811,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format,
                        BIO_printf(bio_err,"no engine specified\n");
                else
                        pkey = ENGINE_load_public_key(e, file,
-                               (pem_password_cb *)password_callback, &cb_data);
+                               ui_method, &cb_data);
                goto end;
                }
        key=BIO_new(BIO_s_file());
@@ -1054,9 +1155,7 @@ ENGINE *setup_engine(BIO *err, const char *engine, int debug)
                        ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM,
                                0, err, 0);
                        }
-#if 0 /* not yet implemented but on it's way */
-                ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, UI_OpenSSL(), 0, 1);
-#endif
+                ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, ui_method, 0, 1);
                if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
                        {
                        BIO_printf(err,"can't use that engine\n");
index 7fbd417..7cf4bf1 100644 (file)
@@ -123,16 +123,18 @@ extern BIO *bio_err;
 #    ifdef _O_BINARY
 #      define apps_startup() \
                _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-               OpenSSL_add_all_algorithms(); ENGINE_load_builtin_engines()
+               OpenSSL_add_all_algorithms(); ENGINE_load_builtin_engines(); \
+                setup_ui_method();
 #    else
 #      define apps_startup() \
                _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
-               OpenSSL_add_all_algorithms(); ENGINE_load_builtin_engines()
+               OpenSSL_add_all_algorithms(); ENGINE_load_builtin_engines(); \
+                setup_ui_method();
 #    endif
 #  else
 #    define apps_startup() \
                do_pipe_sig(); OpenSSL_add_all_algorithms(); \
-               ENGINE_load_builtin_engines()
+               ENGINE_load_builtin_engines(); setup_ui_method();
 #  endif
 #endif
 
@@ -152,6 +154,8 @@ typedef struct pw_cb_data
 int password_callback(char *buf, int bufsiz, int verify,
        PW_CB_DATA *cb_data);
 
+int setup_ui_method();
+
 int should_retry(int i);
 int args_from_file(char *file, int *argc, char **argv[]);
 int str2fmt(char *s);