#define NON_MAIN
#include "apps.h"
#undef NON_MAIN
+#include <openssl/err.h>
+#include <openssl/x509.h>
+#include <openssl/pem.h>
+#include <openssl/pkcs12.h>
+#include <openssl/safestack.h>
#ifdef WINDOWS
# include "bss_file.c"
*argv=NULL;
len=(unsigned int)stbuf.st_size;
- if (buf != NULL) Free(buf);
- buf=(char *)Malloc(len+1);
+ if (buf != NULL) OPENSSL_free(buf);
+ buf=(char *)OPENSSL_malloc(len+1);
if (buf == NULL) return(0);
len=fread(buf,1,len,fp);
i=0;
for (p=buf; *p; p++)
if (*p == '\n') i++;
- if (arg != NULL) Free(arg);
- arg=(char **)Malloc(sizeof(char *)*(i*2));
+ if (arg != NULL) OPENSSL_free(arg);
+ arg=(char **)OPENSSL_malloc(sizeof(char *)*(i*2));
*argv=arg;
num=0;
return(FORMAT_PEM);
else if ((*s == 'N') || (*s == 'n'))
return(FORMAT_NETSCAPE);
+ else if ((*s == '1')
+ || (strcmp(s,"PKCS12") == 0) || (strcmp(s,"pkcs12") == 0)
+ || (strcmp(s,"P12") == 0) || (strcmp(s,"p12") == 0))
+ return(FORMAT_PKCS12);
else
return(FORMAT_UNDEF);
}
if (arg->count == 0)
{
arg->count=20;
- arg->data=(char **)Malloc(sizeof(char *)*arg->count);
+ arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count);
}
for (i=0; i<arg->count; i++)
arg->data[i]=NULL;
if (num >= arg->count)
{
arg->count+=20;
- arg->data=(char **)Realloc(arg->data,
+ arg->data=(char **)OPENSSL_realloc(arg->data,
sizeof(char *)*arg->count);
if (argc == 0) return(0);
}
}
#endif
-int MS_CALLBACK key_cb(char *buf, int len, int verify, void *key)
- {
- int i;
-
- if (key == NULL) return(0);
- i=strlen(key);
- i=(i > len)?len:i;
- memcpy(buf,key,i);
- return(i);
- }
int dump_cert_text (BIO *out, X509 *x)
{
BIO_puts(out,"\n");
return 0;
}
+
+static char *app_get_pass(BIO *err, char *arg, int keepbio);
+
+int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2)
+{
+ int same;
+ if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0;
+ else same = 1;
+ if(arg1) {
+ *pass1 = app_get_pass(err, arg1, same);
+ if(!*pass1) return 0;
+ } else if(pass1) *pass1 = NULL;
+ if(arg2) {
+ *pass2 = app_get_pass(err, arg2, same ? 2 : 0);
+ if(!*pass2) return 0;
+ } else if(pass2) *pass2 = NULL;
+ return 1;
+}
+
+static char *app_get_pass(BIO *err, char *arg, int keepbio)
+{
+ char *tmp, tpass[APP_PASS_LEN];
+ static BIO *pwdbio = NULL;
+ int i;
+ if(!strncmp(arg, "pass:", 5)) return BUF_strdup(arg + 5);
+ if(!strncmp(arg, "env:", 4)) {
+ tmp = getenv(arg + 4);
+ if(!tmp) {
+ BIO_printf(err, "Can't read environment variable %s\n", arg + 4);
+ return NULL;
+ }
+ return BUF_strdup(tmp);
+ }
+ if(!keepbio || !pwdbio) {
+ if(!strncmp(arg, "file:", 5)) {
+ pwdbio = BIO_new_file(arg + 5, "r");
+ if(!pwdbio) {
+ BIO_printf(err, "Can't open file %s\n", arg + 5);
+ return NULL;
+ }
+ } else if(!strncmp(arg, "fd:", 3)) {
+ BIO *btmp;
+ i = atoi(arg + 3);
+ if(i >= 0) pwdbio = BIO_new_fd(i, BIO_NOCLOSE);
+ if((i < 0) || !pwdbio) {
+ BIO_printf(err, "Can't access file descriptor %s\n", arg + 3);
+ return NULL;
+ }
+ /* Can't do BIO_gets on an fd BIO so add a buffering BIO */
+ btmp = BIO_new(BIO_f_buffer());
+ pwdbio = BIO_push(btmp, pwdbio);
+ } else if(!strcmp(arg, "stdin")) {
+ pwdbio = BIO_new_fp(stdin, BIO_NOCLOSE);
+ if(!pwdbio) {
+ BIO_printf(err, "Can't open BIO for stdin\n");
+ return NULL;
+ }
+ } else {
+ BIO_printf(err, "Invalid password argument \"%s\"\n", arg);
+ return NULL;
+ }
+ }
+ i = BIO_gets(pwdbio, tpass, APP_PASS_LEN);
+ if(keepbio != 1) {
+ BIO_free_all(pwdbio);
+ pwdbio = NULL;
+ }
+ if(i <= 0) {
+ BIO_printf(err, "Error reading password from BIO\n");
+ return NULL;
+ }
+ tmp = strchr(tpass, '\n');
+ if(tmp) *tmp = 0;
+ return BUF_strdup(tpass);
+}
+
+X509 *load_cert(char *file, int format)
+ {
+ ASN1_HEADER *ah=NULL;
+ BUF_MEM *buf=NULL;
+ X509 *x=NULL;
+ BIO *cert;
+
+ if ((cert=BIO_new(BIO_s_file())) == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (file == NULL)
+ BIO_set_fp(cert,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(cert,file) <= 0)
+ {
+ perror(file);
+ goto end;
+ }
+ }
+
+ if (format == FORMAT_ASN1)
+ x=d2i_X509_bio(cert,NULL);
+ else if (format == FORMAT_NETSCAPE)
+ {
+ unsigned char *p,*op;
+ int size=0,i;
+
+ /* We sort of have to do it this way because it is sort of nice
+ * to read the header first and check it, then
+ * try to read the certificate */
+ buf=BUF_MEM_new();
+ for (;;)
+ {
+ if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
+ goto end;
+ i=BIO_read(cert,&(buf->data[size]),1024*10);
+ size+=i;
+ if (i == 0) break;
+ if (i < 0)
+ {
+ perror("reading certificate");
+ goto end;
+ }
+ }
+ p=(unsigned char *)buf->data;
+ op=p;
+
+ /* First load the header */
+ if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL)
+ goto end;
+ if ((ah->header == NULL) || (ah->header->data == NULL) ||
+ (strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data,
+ ah->header->length) != 0))
+ {
+ BIO_printf(bio_err,"Error reading header on certificate\n");
+ goto end;
+ }
+ /* header is ok, so now read the object */
+ p=op;
+ ah->meth=X509_asn1_meth();
+ if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL)
+ goto end;
+ x=(X509 *)ah->data;
+ ah->data=NULL;
+ }
+ else if (format == FORMAT_PEM)
+ x=PEM_read_bio_X509_AUX(cert,NULL,NULL,NULL);
+ else if (format == FORMAT_PKCS12)
+ {
+ PKCS12 *p12 = d2i_PKCS12_bio(cert, NULL);
+
+ PKCS12_parse(p12, NULL, NULL, &x, NULL);
+ PKCS12_free(p12);
+ p12 = NULL;
+ }
+ else {
+ BIO_printf(bio_err,"bad input format specified for input cert\n");
+ goto end;
+ }
+end:
+ if (x == NULL)
+ {
+ BIO_printf(bio_err,"unable to load certificate\n");
+ ERR_print_errors(bio_err);
+ }
+ if (ah != NULL) ASN1_HEADER_free(ah);
+ if (cert != NULL) BIO_free(cert);
+ if (buf != NULL) BUF_MEM_free(buf);
+ return(x);
+ }
+
+EVP_PKEY *load_key(char *file, int format, char *pass)
+ {
+ BIO *key=NULL;
+ EVP_PKEY *pkey=NULL;
+
+ if (file == NULL)
+ {
+ BIO_printf(bio_err,"no keyfile specified\n");
+ goto end;
+ }
+ key=BIO_new(BIO_s_file());
+ if (key == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (BIO_read_filename(key,file) <= 0)
+ {
+ perror(file);
+ goto end;
+ }
+ if (format == FORMAT_ASN1)
+ {
+ pkey=d2i_PrivateKey_bio(key, NULL);
+ }
+ else if (format == FORMAT_PEM)
+ {
+ pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass);
+ }
+ else if (format == FORMAT_PKCS12)
+ {
+ PKCS12 *p12 = d2i_PKCS12_bio(key, NULL);
+
+ PKCS12_parse(p12, pass, &pkey, NULL, NULL);
+ PKCS12_free(p12);
+ p12 = NULL;
+ }
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for key\n");
+ goto end;
+ }
+ end:
+ if (key != NULL) BIO_free(key);
+ if (pkey == NULL)
+ BIO_printf(bio_err,"unable to load Private Key\n");
+ return(pkey);
+ }
+
+STACK_OF(X509) *load_certs(char *file, int format)
+ {
+ BIO *certs;
+ int i;
+ STACK_OF(X509) *othercerts = NULL;
+ STACK_OF(X509_INFO) *allcerts = NULL;
+ X509_INFO *xi;
+
+ if((certs = BIO_new(BIO_s_file())) == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (file == NULL)
+ BIO_set_fp(certs,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(certs,file) <= 0)
+ {
+ perror(file);
+ goto end;
+ }
+ }
+
+ if (format == FORMAT_PEM)
+ {
+ othercerts = sk_X509_new(NULL);
+ if(!othercerts)
+ {
+ sk_X509_free(othercerts);
+ othercerts = NULL;
+ goto end;
+ }
+ allcerts = PEM_X509_INFO_read_bio(certs, NULL, NULL, NULL);
+ for(i = 0; i < sk_X509_INFO_num(allcerts); i++)
+ {
+ xi = sk_X509_INFO_value (allcerts, i);
+ if (xi->x509)
+ {
+ sk_X509_push(othercerts, xi->x509);
+ xi->x509 = NULL;
+ }
+ }
+ goto end;
+ }
+ else {
+ BIO_printf(bio_err,"bad input format specified for input cert\n");
+ goto end;
+ }
+end:
+ if (othercerts == NULL)
+ {
+ BIO_printf(bio_err,"unable to load certificates\n");
+ ERR_print_errors(bio_err);
+ }
+ if (allcerts) sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
+ if (certs != NULL) BIO_free(certs);
+ return(othercerts);
+ }
+
projects / openssl.git / blobdiff