summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorinoguchi <>2019-07-29 10:06:55 +0000
committerinoguchi <>2019-07-29 10:06:55 +0000
commitec5e42f16d114320124e5c4b7965c48a58428be6 (patch)
tree5c110d0684f0dd138afd81e005ed26b17dc63c95
parentd0e924a6eec618b0200a621bb8d1e3e5c61c4628 (diff)
downloadopenbsd-ec5e42f16d114320124e5c4b7965c48a58428be6.tar.gz
openbsd-ec5e42f16d114320124e5c4b7965c48a58428be6.tar.bz2
openbsd-ec5e42f16d114320124e5c4b7965c48a58428be6.zip
Moving variables into struct in openssl(1) dgst
First step to adapt openssl(1) dgst command to new option handling. There is no functional changes by this diff, and just moving variables into dgst_config struct. ok bcook@
Diffstat
-rw-r--r--src/usr.bin/openssl/dgst.c185
1 files changed, 99 insertions, 86 deletions
diff --git a/src/usr.bin/openssl/dgst.c b/src/usr.bin/openssl/dgst.c
index 5456a6c701..3ec19cc04e 100644
--- a/src/usr.bin/openssl/dgst.c
+++ b/src/usr.bin/openssl/dgst.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: dgst.c,v 1.13 2019/01/18 23:33:57 naddy Exp $ */ 1/* $OpenBSD: dgst.c,v 1.14 2019/07/29 10:06:55 inoguchi Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -78,6 +78,26 @@ do_fp(BIO * out, unsigned char *buf, BIO * bp, int sep, int binout,
78 const char *sig_name, const char *md_name, 78 const char *sig_name, const char *md_name,
79 const char *file, BIO * bmd); 79 const char *file, BIO * bmd);
80 80
81static struct {
82 int argsused;
83 int debug;
84 int do_verify;
85 char *hmac_key;
86 char *keyfile;
87 int keyform;
88 const EVP_MD *m;
89 char *mac_name;
90 STACK_OF(OPENSSL_STRING) *macopts;
91 const EVP_MD *md;
92 int out_bin;
93 char *outfile;
94 char *passargin;
95 int separator;
96 char *sigfile;
97 STACK_OF(OPENSSL_STRING) *sigopts;
98 int want_pub;
99} dgst_config;
100
81static void 101static void
82list_md_fn(const EVP_MD * m, const char *from, const char *to, void *arg) 102list_md_fn(const EVP_MD * m, const char *from, const char *to, void *arg)
83{ 103{
@@ -103,25 +123,15 @@ dgst_main(int argc, char **argv)
103{ 123{
104 unsigned char *buf = NULL; 124 unsigned char *buf = NULL;
105 int i, err = 1; 125 int i, err = 1;
106 const EVP_MD *md = NULL, *m;
107 BIO *in = NULL, *inp; 126 BIO *in = NULL, *inp;
108 BIO *bmd = NULL; 127 BIO *bmd = NULL;
109 BIO *out = NULL; 128 BIO *out = NULL;
110#define PROG_NAME_SIZE 39 129#define PROG_NAME_SIZE 39
111 char pname[PROG_NAME_SIZE + 1]; 130 char pname[PROG_NAME_SIZE + 1];
112 int separator = 0;
113 int debug = 0;
114 int keyform = FORMAT_PEM;
115 const char *outfile = NULL, *keyfile = NULL;
116 const char *sigfile = NULL;
117 int out_bin = -1, want_pub = 0, do_verify = 0;
118 EVP_PKEY *sigkey = NULL; 131 EVP_PKEY *sigkey = NULL;
119 unsigned char *sigbuf = NULL; 132 unsigned char *sigbuf = NULL;
120 int siglen = 0; 133 int siglen = 0;
121 char *passargin = NULL, *passin = NULL; 134 char *passin = NULL;
122 char *hmac_key = NULL;
123 char *mac_name = NULL;
124 STACK_OF(OPENSSL_STRING) * sigopts = NULL, *macopts = NULL;
125 135
126 if (single_execution) { 136 if (single_execution) {
127 if (pledge("stdio cpath wpath rpath tty", NULL) == -1) { 137 if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
@@ -135,10 +145,14 @@ dgst_main(int argc, char **argv)
135 goto end; 145 goto end;
136 } 146 }
137 147
148 memset(&dgst_config, 0, sizeof(dgst_config));
149 dgst_config.keyform = FORMAT_PEM;
150 dgst_config.out_bin = -1;
151
138 /* first check the program name */ 152 /* first check the program name */
139 program_name(argv[0], pname, sizeof pname); 153 program_name(argv[0], pname, sizeof pname);
140 154
141 md = EVP_get_digestbyname(pname); 155 dgst_config.md = EVP_get_digestbyname(pname);
142 156
143 argc--; 157 argc--;
144 argv++; 158 argv++;
@@ -146,79 +160,78 @@ dgst_main(int argc, char **argv)
146 if ((*argv)[0] != '-') 160 if ((*argv)[0] != '-')
147 break; 161 break;
148 if (strcmp(*argv, "-c") == 0) 162 if (strcmp(*argv, "-c") == 0)
149 separator = 1; 163 dgst_config.separator = 1;
150 else if (strcmp(*argv, "-r") == 0) 164 else if (strcmp(*argv, "-r") == 0)
151 separator = 2; 165 dgst_config.separator = 2;
152 else if (strcmp(*argv, "-out") == 0) { 166 else if (strcmp(*argv, "-out") == 0) {
153 if (--argc < 1) 167 if (--argc < 1)
154 break; 168 break;
155 outfile = *(++argv); 169 dgst_config.outfile = *(++argv);
156 } else if (strcmp(*argv, "-sign") == 0) { 170 } else if (strcmp(*argv, "-sign") == 0) {
157 if (--argc < 1) 171 if (--argc < 1)
158 break; 172 break;
159 keyfile = *(++argv); 173 dgst_config.keyfile = *(++argv);
160 } else if (!strcmp(*argv, "-passin")) { 174 } else if (!strcmp(*argv, "-passin")) {
161 if (--argc < 1) 175 if (--argc < 1)
162 break; 176 break;
163 passargin = *++argv; 177 dgst_config.passargin = *++argv;
164 } else if (strcmp(*argv, "-verify") == 0) { 178 } else if (strcmp(*argv, "-verify") == 0) {
165 if (--argc < 1) 179 if (--argc < 1)
166 break; 180 break;
167 keyfile = *(++argv); 181 dgst_config.keyfile = *(++argv);
168 want_pub = 1; 182 dgst_config.want_pub = 1;
169 do_verify = 1; 183 dgst_config.do_verify = 1;
170 } else if (strcmp(*argv, "-prverify") == 0) { 184 } else if (strcmp(*argv, "-prverify") == 0) {
171 if (--argc < 1) 185 if (--argc < 1)
172 break; 186 break;
173 keyfile = *(++argv); 187 dgst_config.keyfile = *(++argv);
174 do_verify = 1; 188 dgst_config.do_verify = 1;
175 } else if (strcmp(*argv, "-signature") == 0) { 189 } else if (strcmp(*argv, "-signature") == 0) {
176 if (--argc < 1) 190 if (--argc < 1)
177 break; 191 break;
178 sigfile = *(++argv); 192 dgst_config.sigfile = *(++argv);
179 } else if (strcmp(*argv, "-keyform") == 0) { 193 } else if (strcmp(*argv, "-keyform") == 0) {
180 if (--argc < 1) 194 if (--argc < 1)
181 break; 195 break;
182 keyform = str2fmt(*(++argv)); 196 dgst_config.keyform = str2fmt(*(++argv));
183 } 197 }
184 else if (strcmp(*argv, "-hex") == 0) 198 else if (strcmp(*argv, "-hex") == 0)
185 out_bin = 0; 199 dgst_config.out_bin = 0;
186 else if (strcmp(*argv, "-binary") == 0) 200 else if (strcmp(*argv, "-binary") == 0)
187 out_bin = 1; 201 dgst_config.out_bin = 1;
188 else if (strcmp(*argv, "-d") == 0) 202 else if (strcmp(*argv, "-d") == 0)
189 debug = 1; 203 dgst_config.debug = 1;
190 else if (!strcmp(*argv, "-hmac")) { 204 else if (!strcmp(*argv, "-hmac")) {
191 if (--argc < 1) 205 if (--argc < 1)
192 break; 206 break;
193 hmac_key = *++argv; 207 dgst_config.hmac_key = *++argv;
194 } else if (!strcmp(*argv, "-mac")) { 208 } else if (!strcmp(*argv, "-mac")) {
195 if (--argc < 1) 209 if (--argc < 1)
196 break; 210 break;
197 mac_name = *++argv; 211 dgst_config.mac_name = *++argv;
198 } else if (strcmp(*argv, "-sigopt") == 0) { 212 } else if (strcmp(*argv, "-sigopt") == 0) {
199 if (--argc < 1) 213 if (--argc < 1)
200 break; 214 break;
201 if (!sigopts) 215 if (!dgst_config.sigopts)
202 sigopts = sk_OPENSSL_STRING_new_null(); 216 dgst_config.sigopts = sk_OPENSSL_STRING_new_null();
203 if (!sigopts || !sk_OPENSSL_STRING_push(sigopts, *(++argv))) 217 if (!dgst_config.sigopts || !sk_OPENSSL_STRING_push(dgst_config.sigopts, *(++argv)))
204 break; 218 break;
205 } else if (strcmp(*argv, "-macopt") == 0) { 219 } else if (strcmp(*argv, "-macopt") == 0) {
206 if (--argc < 1) 220 if (--argc < 1)
207 break; 221 break;
208 if (!macopts) 222 if (!dgst_config.macopts)
209 macopts = sk_OPENSSL_STRING_new_null(); 223 dgst_config.macopts = sk_OPENSSL_STRING_new_null();
210 if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv))) 224 if (!dgst_config.macopts || !sk_OPENSSL_STRING_push(dgst_config.macopts, *(++argv)))
211 break; 225 break;
212 } else if ((m = EVP_get_digestbyname(&((*argv)[1]))) != NULL) 226 } else if ((dgst_config.m = EVP_get_digestbyname(&((*argv)[1]))) != NULL)
213 md = m; 227 dgst_config.md = dgst_config.m;
214 else 228 else
215 break; 229 break;
216 argc--; 230 argc--;
217 argv++; 231 argv++;
218 } 232 }
219 233
220 234 if (dgst_config.do_verify && !dgst_config.sigfile) {
221 if (do_verify && !sigfile) {
222 BIO_printf(bio_err, "No signature to verify: use the -signature option\n"); 235 BIO_printf(bio_err, "No signature to verify: use the -signature option\n");
223 goto end; 236 goto end;
224 } 237 }
@@ -252,47 +265,47 @@ dgst_main(int argc, char **argv)
252 goto end; 265 goto end;
253 } 266 }
254 267
255 if (debug) { 268 if (dgst_config.debug) {
256 BIO_set_callback(in, BIO_debug_callback); 269 BIO_set_callback(in, BIO_debug_callback);
257 /* needed for windows 3.1 */ 270 /* needed for windows 3.1 */
258 BIO_set_callback_arg(in, (char *) bio_err); 271 BIO_set_callback_arg(in, (char *) bio_err);
259 } 272 }
260 if (!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { 273 if (!app_passwd(bio_err, dgst_config.passargin, NULL, &passin, NULL)) {
261 BIO_printf(bio_err, "Error getting password\n"); 274 BIO_printf(bio_err, "Error getting password\n");
262 goto end; 275 goto end;
263 } 276 }
264 if (out_bin == -1) { 277 if (dgst_config.out_bin == -1) {
265 if (keyfile) 278 if (dgst_config.keyfile)
266 out_bin = 1; 279 dgst_config.out_bin = 1;
267 else 280 else
268 out_bin = 0; 281 dgst_config.out_bin = 0;
269 } 282 }
270 283
271 if (outfile) { 284 if (dgst_config.outfile) {
272 if (out_bin) 285 if (dgst_config.out_bin)
273 out = BIO_new_file(outfile, "wb"); 286 out = BIO_new_file(dgst_config.outfile, "wb");
274 else 287 else
275 out = BIO_new_file(outfile, "w"); 288 out = BIO_new_file(dgst_config.outfile, "w");
276 } else { 289 } else {
277 out = BIO_new_fp(stdout, BIO_NOCLOSE); 290 out = BIO_new_fp(stdout, BIO_NOCLOSE);
278 } 291 }
279 292
280 if (!out) { 293 if (!out) {
281 BIO_printf(bio_err, "Error opening output file %s\n", 294 BIO_printf(bio_err, "Error opening output file %s\n",
282 outfile ? outfile : "(stdout)"); 295 dgst_config.outfile ? dgst_config.outfile : "(stdout)");
283 ERR_print_errors(bio_err); 296 ERR_print_errors(bio_err);
284 goto end; 297 goto end;
285 } 298 }
286 if ((!!mac_name + !!keyfile + !!hmac_key) > 1) { 299 if ((!!dgst_config.mac_name + !!dgst_config.keyfile + !!dgst_config.hmac_key) > 1) {
287 BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n"); 300 BIO_printf(bio_err, "MAC and Signing key cannot both be specified\n");
288 goto end; 301 goto end;
289 } 302 }
290 if (keyfile) { 303 if (dgst_config.keyfile) {
291 if (want_pub) 304 if (dgst_config.want_pub)
292 sigkey = load_pubkey(bio_err, keyfile, keyform, 0, NULL, 305 sigkey = load_pubkey(bio_err, dgst_config.keyfile, dgst_config.keyform, 0, NULL,
293 "key file"); 306 "key file");
294 else 307 else
295 sigkey = load_key(bio_err, keyfile, keyform, 0, passin, 308 sigkey = load_key(bio_err, dgst_config.keyfile, dgst_config.keyform, 0, passin,
296 "key file"); 309 "key file");
297 if (!sigkey) { 310 if (!sigkey) {
298 /* 311 /*
@@ -302,15 +315,15 @@ dgst_main(int argc, char **argv)
302 goto end; 315 goto end;
303 } 316 }
304 } 317 }
305 if (mac_name) { 318 if (dgst_config.mac_name) {
306 EVP_PKEY_CTX *mac_ctx = NULL; 319 EVP_PKEY_CTX *mac_ctx = NULL;
307 int r = 0; 320 int r = 0;
308 if (!init_gen_str(bio_err, &mac_ctx, mac_name, 0)) 321 if (!init_gen_str(bio_err, &mac_ctx, dgst_config.mac_name, 0))
309 goto mac_end; 322 goto mac_end;
310 if (macopts) { 323 if (dgst_config.macopts) {
311 char *macopt; 324 char *macopt;
312 for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++) { 325 for (i = 0; i < sk_OPENSSL_STRING_num(dgst_config.macopts); i++) {
313 macopt = sk_OPENSSL_STRING_value(macopts, i); 326 macopt = sk_OPENSSL_STRING_value(dgst_config.macopts, i);
314 if (pkey_ctrl_string(mac_ctx, macopt) <= 0) { 327 if (pkey_ctrl_string(mac_ctx, macopt) <= 0) {
315 BIO_printf(bio_err, 328 BIO_printf(bio_err,
316 "MAC parameter error \"%s\"\n", 329 "MAC parameter error \"%s\"\n",
@@ -332,9 +345,9 @@ mac_end:
332 if (r == 0) 345 if (r == 0)
333 goto end; 346 goto end;
334 } 347 }
335 if (hmac_key) { 348 if (dgst_config.hmac_key) {
336 sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, 349 sigkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL,
337 (unsigned char *) hmac_key, -1); 350 (unsigned char *) dgst_config.hmac_key, -1);
338 if (!sigkey) 351 if (!sigkey)
339 goto end; 352 goto end;
340 } 353 }
@@ -347,19 +360,19 @@ mac_end:
347 ERR_print_errors(bio_err); 360 ERR_print_errors(bio_err);
348 goto end; 361 goto end;
349 } 362 }
350 if (do_verify) 363 if (dgst_config.do_verify)
351 r = EVP_DigestVerifyInit(mctx, &pctx, md, NULL, sigkey); 364 r = EVP_DigestVerifyInit(mctx, &pctx, dgst_config.md, NULL, sigkey);
352 else 365 else
353 r = EVP_DigestSignInit(mctx, &pctx, md, NULL, sigkey); 366 r = EVP_DigestSignInit(mctx, &pctx, dgst_config.md, NULL, sigkey);
354 if (!r) { 367 if (!r) {
355 BIO_printf(bio_err, "Error setting context\n"); 368 BIO_printf(bio_err, "Error setting context\n");
356 ERR_print_errors(bio_err); 369 ERR_print_errors(bio_err);
357 goto end; 370 goto end;
358 } 371 }
359 if (sigopts) { 372 if (dgst_config.sigopts) {
360 char *sigopt; 373 char *sigopt;
361 for (i = 0; i < sk_OPENSSL_STRING_num(sigopts); i++) { 374 for (i = 0; i < sk_OPENSSL_STRING_num(dgst_config.sigopts); i++) {
362 sigopt = sk_OPENSSL_STRING_value(sigopts, i); 375 sigopt = sk_OPENSSL_STRING_value(dgst_config.sigopts, i);
363 if (pkey_ctrl_string(pctx, sigopt) <= 0) { 376 if (pkey_ctrl_string(pctx, sigopt) <= 0) {
364 BIO_printf(bio_err, 377 BIO_printf(bio_err,
365 "parameter error \"%s\"\n", 378 "parameter error \"%s\"\n",
@@ -372,16 +385,16 @@ mac_end:
372 } 385 }
373 /* we use md as a filter, reading from 'in' */ 386 /* we use md as a filter, reading from 'in' */
374 else { 387 else {
375 if (md == NULL) 388 if (dgst_config.md == NULL)
376 md = EVP_sha256(); 389 dgst_config.md = EVP_sha256();
377 if (!BIO_set_md(bmd, md)) { 390 if (!BIO_set_md(bmd, dgst_config.md)) {
378 BIO_printf(bio_err, "Error setting digest %s\n", pname); 391 BIO_printf(bio_err, "Error setting digest %s\n", pname);
379 ERR_print_errors(bio_err); 392 ERR_print_errors(bio_err);
380 goto end; 393 goto end;
381 } 394 }
382 } 395 }
383 396
384 if (sigfile && sigkey) { 397 if (dgst_config.sigfile && sigkey) {
385 BIO *sigbio; 398 BIO *sigbio;
386 siglen = EVP_PKEY_size(sigkey); 399 siglen = EVP_PKEY_size(sigkey);
387 sigbuf = malloc(siglen); 400 sigbuf = malloc(siglen);
@@ -390,10 +403,10 @@ mac_end:
390 ERR_print_errors(bio_err); 403 ERR_print_errors(bio_err);
391 goto end; 404 goto end;
392 } 405 }
393 sigbio = BIO_new_file(sigfile, "rb"); 406 sigbio = BIO_new_file(dgst_config.sigfile, "rb");
394 if (!sigbio) { 407 if (!sigbio) {
395 BIO_printf(bio_err, "Error opening signature file %s\n", 408 BIO_printf(bio_err, "Error opening signature file %s\n",
396 sigfile); 409 dgst_config.sigfile);
397 ERR_print_errors(bio_err); 410 ERR_print_errors(bio_err);
398 goto end; 411 goto end;
399 } 412 }
@@ -401,25 +414,25 @@ mac_end:
401 BIO_free(sigbio); 414 BIO_free(sigbio);
402 if (siglen <= 0) { 415 if (siglen <= 0) {
403 BIO_printf(bio_err, "Error reading signature file %s\n", 416 BIO_printf(bio_err, "Error reading signature file %s\n",
404 sigfile); 417 dgst_config.sigfile);
405 ERR_print_errors(bio_err); 418 ERR_print_errors(bio_err);
406 goto end; 419 goto end;
407 } 420 }
408 } 421 }
409 inp = BIO_push(bmd, in); 422 inp = BIO_push(bmd, in);
410 423
411 if (md == NULL) { 424 if (dgst_config.md == NULL) {
412 EVP_MD_CTX *tctx; 425 EVP_MD_CTX *tctx;
413 BIO_get_md_ctx(bmd, &tctx); 426 BIO_get_md_ctx(bmd, &tctx);
414 md = EVP_MD_CTX_md(tctx); 427 dgst_config.md = EVP_MD_CTX_md(tctx);
415 } 428 }
416 if (argc == 0) { 429 if (argc == 0) {
417 BIO_set_fp(in, stdin, BIO_NOCLOSE); 430 BIO_set_fp(in, stdin, BIO_NOCLOSE);
418 err = do_fp(out, buf, inp, separator, out_bin, sigkey, sigbuf, 431 err = do_fp(out, buf, inp, dgst_config.separator, dgst_config.out_bin, sigkey, sigbuf,
419 siglen, NULL, NULL, "stdin", bmd); 432 siglen, NULL, NULL, "stdin", bmd);
420 } else { 433 } else {
421 const char *md_name = NULL, *sig_name = NULL; 434 const char *md_name = NULL, *sig_name = NULL;
422 if (!out_bin) { 435 if (!dgst_config.out_bin) {
423 if (sigkey) { 436 if (sigkey) {
424 const EVP_PKEY_ASN1_METHOD *ameth; 437 const EVP_PKEY_ASN1_METHOD *ameth;
425 ameth = EVP_PKEY_get0_asn1(sigkey); 438 ameth = EVP_PKEY_get0_asn1(sigkey);
@@ -427,7 +440,7 @@ mac_end:
427 EVP_PKEY_asn1_get0_info(NULL, NULL, 440 EVP_PKEY_asn1_get0_info(NULL, NULL,
428 NULL, NULL, &sig_name, ameth); 441 NULL, NULL, &sig_name, ameth);
429 } 442 }
430 md_name = EVP_MD_name(md); 443 md_name = EVP_MD_name(dgst_config.md);
431 } 444 }
432 err = 0; 445 err = 0;
433 for (i = 0; i < argc; i++) { 446 for (i = 0; i < argc; i++) {
@@ -437,7 +450,7 @@ mac_end:
437 err++; 450 err++;
438 continue; 451 continue;
439 } else { 452 } else {
440 r = do_fp(out, buf, inp, separator, out_bin, 453 r = do_fp(out, buf, inp, dgst_config.separator, dgst_config.out_bin,
441 sigkey, sigbuf, siglen, sig_name, md_name, 454 sigkey, sigbuf, siglen, sig_name, md_name,
442 argv[i], bmd); 455 argv[i], bmd);
443 } 456 }
@@ -454,10 +467,10 @@ mac_end:
454 free(passin); 467 free(passin);
455 BIO_free_all(out); 468 BIO_free_all(out);
456 EVP_PKEY_free(sigkey); 469 EVP_PKEY_free(sigkey);
457 if (sigopts) 470 if (dgst_config.sigopts)
458 sk_OPENSSL_STRING_free(sigopts); 471 sk_OPENSSL_STRING_free(dgst_config.sigopts);
459 if (macopts) 472 if (dgst_config.macopts)
460 sk_OPENSSL_STRING_free(macopts); 473 sk_OPENSSL_STRING_free(dgst_config.macopts);
461 free(sigbuf); 474 free(sigbuf);
462 if (bmd != NULL) 475 if (bmd != NULL)
463 BIO_free(bmd); 476 BIO_free(bmd);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 08:21:27 +0000