Convert openssl(1) pkey to the newer style of option handling.

ok jsing@
author: inoguchi <> 2019-02-05 11:26:21 +0000
committer: inoguchi <> 2019-02-05 11:26:21 +0000
commit: efb27b60ee524c6da93693f208dc26799d23398a (patch)
tree: b189239fc504ebe2d90f3c5855a7c2ff4a2f2a1f
parent: 2e211d11139fe5a3b4b9e84b539811139562edfc (diff)
download: openbsd-efb27b60ee524c6da93693f208dc26799d23398a.tar.gz
openbsd-efb27b60ee524c6da93693f208dc26799d23398a.tar.bz2
openbsd-efb27b60ee524c6da93693f208dc26799d23398a.zip
1 files changed, 171 insertions, 96 deletions
diff --git a/src/usr.bin/openssl/pkey.c b/src/usr.bin/openssl/pkey.c
index 49782317ee..aab0b87032 100644
--- a/src/usr.bin/openssl/pkey.c
+++ b/src/usr.bin/openssl/pkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkey.c,v 1.10 2018/02/07 05:47:55 jsing Exp $ */
+/* $OpenBSD: pkey.c,v 1.11 2019/02/05 11:26:21 inoguchi Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project 2006
 */
@@ -65,18 +65,152 @@
 #include <openssl/evp.h>
 #include <openssl/pem.h>
+static struct {
+        const EVP_CIPHER *cipher;
+        char *infile;
+        int informat;
+        int noout;
+        char *outfile;
+        int outformat;
+        char *passargin;
+        char *passargout;
+        int pubin;
+        int pubout;
+        int pubtext;
+        int text;
+} pkey_config;
+static int
+pkey_opt_cipher(int argc, char **argv, int *argsused)
+{
+        char *name = argv[0];
+        if (*name++ != '-')
+                return (1);
+        if ((pkey_config.cipher = EVP_get_cipherbyname(name)) == NULL) {
+                BIO_printf(bio_err, "Unknown cipher %s\n", name);
+                return (1);
+        }
+        *argsused = 1;
+        return (0);
+}
+static struct option pkey_options[] = {
+        {
+                .name = "in",
+                .argname = "file",
+                .desc = "Input file (default stdin)",
+                .type = OPTION_ARG,
+                .opt.arg = &pkey_config.infile,
+        },
+        {
+                .name = "inform",
+                .argname = "format",
+                .desc = "Input format (DER or PEM (default))",
+                .type = OPTION_ARG_FORMAT,
+                .opt.value = &pkey_config.informat,
+        },
+        {
+                .name = "noout",
+                .desc = "Do not print encoded version of the key",
+                .type = OPTION_FLAG,
+                .opt.flag = &pkey_config.noout,
+        },
+        {
+                .name = "out",
+                .argname = "file",
+                .desc = "Output file (default stdout)",
+                .type = OPTION_ARG,
+                .opt.arg = &pkey_config.outfile,
+        },
+        {
+                .name = "outform",
+                .argname = "format",
+                .desc = "Output format (DER or PEM (default))",
+                .type = OPTION_ARG_FORMAT,
+                .opt.value = &pkey_config.outformat,
+        },
+        {
+                .name = "passin",
+                .argname = "src",
+                .desc = "Input file passphrase source",
+                .type = OPTION_ARG,
+                .opt.arg = &pkey_config.passargin,
+        },
+        {
+                .name = "passout",
+                .argname = "src",
+                .desc = "Output file passphrase source",
+                .type = OPTION_ARG,
+                .opt.arg = &pkey_config.passargout,
+        },
+        {
+                .name = "pubin",
+                .desc = "Expect a public key (default private key)",
+                .type = OPTION_VALUE,
+                .value = 1,
+                .opt.value = &pkey_config.pubin,
+        },
+        {
+                .name = "pubout",
+                .desc = "Output a public key (default private key)",
+                .type = OPTION_VALUE,
+                .value = 1,
+                .opt.value = &pkey_config.pubout,
+        },
+        {
+                .name = "text",
+                .desc = "Print the public/private key in plain text",
+                .type = OPTION_FLAG,
+                .opt.flag = &pkey_config.text,
+        },
+        {
+                .name = "text_pub",
+                .desc = "Print out only public key in plain text",
+                .type = OPTION_FLAG,
+                .opt.flag = &pkey_config.pubtext,
+        },
+        {
+                .name = NULL,
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = pkey_opt_cipher,
+        },
+        { NULL }
+};
+static void
+show_ciphers(const OBJ_NAME *name, void *arg)
+{
+        static int n;
+        fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
+}
+static void
+pkey_usage()
+{
+        fprintf(stderr,
+            "usage: pkey [-ciphername] [-in file] [-inform fmt] [-noout] "
+            "[-out file]\n"
+            "    [-outform fmt] [-passin src] [-passout src] [-pubin] "
+            "[-pubout] [-text]\n"
+            "    [-text_pub]\n\n");
+        options_usage(pkey_options);
+        fprintf(stderr, "\n");
+        fprintf(stderr, "Valid ciphername values:\n\n");
+        OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
+        fprintf(stderr, "\n");
+}
 int
 pkey_main(int argc, char **argv)
 {
-        char **args, *infile = NULL, *outfile = NULL;
-        char *passargin = NULL, *passargout = NULL;
        BIO *in = NULL, *out = NULL;
-        const EVP_CIPHER *cipher = NULL;
-        int informat, outformat;
-        int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
        EVP_PKEY *pkey = NULL;
        char *passin = NULL, *passout = NULL;
-        int badarg = 0;
        int ret = 1;
        if (single_execution) {
@@ -86,112 +220,53 @@ pkey_main(int argc, char **argv)
                }
        }
-        informat = FORMAT_PEM;
+        memset(&pkey_config, 0, sizeof(pkey_config));
-        outformat = FORMAT_PEM;
+        pkey_config.informat = FORMAT_PEM;
+        pkey_config.outformat = FORMAT_PEM;
-        args = argv + 1;
-        while (!badarg && *args && *args[0] == '-') {
-                if (!strcmp(*args, "-inform")) {
-                        if (args[1]) {
-                                args++;
-                                informat = str2fmt(*args);
-                        } else
-                                badarg = 1;
-                } else if (!strcmp(*args, "-outform")) {
-                        if (args[1]) {
-                                args++;
-                                outformat = str2fmt(*args);
-                        } else
-                                badarg = 1;
-                } else if (!strcmp(*args, "-passin")) {
-                        if (!args[1])
-                                goto bad;
-                        passargin = *(++args);
-                } else if (!strcmp(*args, "-passout")) {
-                        if (!args[1])
-                                goto bad;
-                        passargout = *(++args);
-                }
-                else if (!strcmp(*args, "-in")) {
-                        if (args[1]) {
-                                args++;
-                                infile = *args;
-                        } else
-                                badarg = 1;
-                } else if (!strcmp(*args, "-out")) {
-                        if (args[1]) {
-                                args++;
-                                outfile = *args;
-                        } else
-                                badarg = 1;
-                } else if (strcmp(*args, "-pubin") == 0) {
-                        pubin = 1;
-                        pubout = 1;
-                        pubtext = 1;
-                } else if (strcmp(*args, "-pubout") == 0)
-                        pubout = 1;
-                else if (strcmp(*args, "-text_pub") == 0) {
-                        pubtext = 1;
-                        text = 1;
-                } else if (strcmp(*args, "-text") == 0)
-                        text = 1;
-                else if (strcmp(*args, "-noout") == 0)
-                        noout = 1;
-                else {
-                        cipher = EVP_get_cipherbyname(*args + 1);
-                        if (!cipher) {
-                                BIO_printf(bio_err, "Unknown cipher %s\n",
-                                    *args + 1);
-                                badarg = 1;
-                        }
-                }
-                args++;
-        }
-        if (badarg) {
+        if (options_parse(argc, argv, pkey_options, NULL, NULL) != 0) {
- bad:
+                pkey_usage();
-                BIO_printf(bio_err, "Usage pkey [options]\n");
+                goto end;
-                BIO_printf(bio_err, "where options are\n");
-                BIO_printf(bio_err, "-in file        input file\n");
-                BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
-                BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
-                BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
-                BIO_printf(bio_err, "-out file       output file\n");
-                BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
-                return 1;
        }
-        if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        if (pkey_config.pubtext)
+                pkey_config.text = 1;
+        if (pkey_config.pubin)
+                pkey_config.pubout = pkey_config.pubtext = 1;
+        if (!app_passwd(bio_err, pkey_config.passargin, pkey_config.passargout,
+            &passin, &passout)) {
                BIO_printf(bio_err, "Error getting passwords\n");
                goto end;
        }
-        if (outfile) {
+        if (pkey_config.outfile) {
-                if (!(out = BIO_new_file(outfile, "wb"))) {
+                if (!(out = BIO_new_file(pkey_config.outfile, "wb"))) {
                        BIO_printf(bio_err,
-                            "Can't open output file %s\n", outfile);
+                            "Can't open output file %s\n", pkey_config.outfile);
                        goto end;
                }
        } else {
                out = BIO_new_fp(stdout, BIO_NOCLOSE);
        }
-        if (pubin)
+        if (pkey_config.pubin)
-                pkey = load_pubkey(bio_err, infile, informat, 1,
+                pkey = load_pubkey(bio_err, pkey_config.infile,
-                    passin, "Public Key");
+                    pkey_config.informat, 1, passin, "Public Key");
        else
-                pkey = load_key(bio_err, infile, informat, 1, passin, "key");
+                pkey = load_key(bio_err, pkey_config.infile,
+                    pkey_config.informat, 1, passin, "key");
        if (!pkey)
                goto end;
-        if (!noout) {
+        if (!pkey_config.noout) {
-                if (outformat == FORMAT_PEM) {
+                if (pkey_config.outformat == FORMAT_PEM) {
-                        if (pubout)
+                        if (pkey_config.pubout)
                                PEM_write_bio_PUBKEY(out, pkey);
                        else
-                                PEM_write_bio_PrivateKey(out, pkey, cipher,
+                                PEM_write_bio_PrivateKey(out, pkey,
-                                    NULL, 0, NULL, passout);
+                                    pkey_config.cipher, NULL, 0, NULL, passout);
-                } else if (outformat == FORMAT_ASN1) {
+                } else if (pkey_config.outformat == FORMAT_ASN1) {
-                        if (pubout)
+                        if (pkey_config.pubout)
                                i2d_PUBKEY_bio(out, pkey);
                        else
                                i2d_PrivateKey_bio(out, pkey);
@@ -201,8 +276,8 @@ pkey_main(int argc, char **argv)
                }
        }
-        if (text) {
+        if (pkey_config.text) {
-                if (pubtext)
+                if (pkey_config.pubtext)
                        EVP_PKEY_print_public(out, pkey, 0, NULL);
                else
                        EVP_PKEY_print_private(out, pkey, 0, NULL);
author	inoguchi <>	2019-02-05 11:26:21 +0000
committer	inoguchi <>	2019-02-05 11:26:21 +0000
commit	efb27b60ee524c6da93693f208dc26799d23398a (patch)
tree	b189239fc504ebe2d90f3c5855a7c2ff4a2f2a1f
parent	2e211d11139fe5a3b4b9e84b539811139562edfc (diff)
download	openbsd-efb27b60ee524c6da93693f208dc26799d23398a.tar.gz openbsd-efb27b60ee524c6da93693f208dc26799d23398a.tar.bz2 openbsd-efb27b60ee524c6da93693f208dc26799d23398a.zip

diff --git a/src/usr.bin/openssl/pkey.c b/src/usr.bin/openssl/pkey.c index 49782317ee..aab0b87032 100644 --- a/src/usr.bin/openssl/pkey.c +++ b/src/usr.bin/openssl/pkey.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: pkey.c,v 1.10 2018/02/07 05:47:55 jsing Exp $ */	1	/* $OpenBSD: pkey.c,v 1.11 2019/02/05 11:26:21 inoguchi Exp $ */
2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3	* project 2006	3	* project 2006
4	*/	4	*/
@@ -65,18 +65,152 @@
65	#include <openssl/evp.h>	65	#include <openssl/evp.h>
66	#include <openssl/pem.h>	66	#include <openssl/pem.h>
67		67
		68	static struct {
		69	const EVP_CIPHER *cipher;
		70	char *infile;
		71	int informat;
		72	int noout;
		73	char *outfile;
		74	int outformat;
		75	char *passargin;
		76	char *passargout;
		77	int pubin;
		78	int pubout;
		79	int pubtext;
		80	int text;
		81	} pkey_config;
		82
		83	static int
		84	pkey_opt_cipher(int argc, char *argv, int argsused)
		85	{
		86	char *name = argv[0];
		87
		88	if (*name++ != '-')
		89	return (1);
		90
		91	if ((pkey_config.cipher = EVP_get_cipherbyname(name)) == NULL) {
		92	BIO_printf(bio_err, "Unknown cipher %s\n", name);
		93	return (1);
		94	}
		95
		96	*argsused = 1;
		97	return (0);
		98	}
		99
		100	static struct option pkey_options[] = {
		101	{
		102	.name = "in",
		103	.argname = "file",
		104	.desc = "Input file (default stdin)",
		105	.type = OPTION_ARG,
		106	.opt.arg = &pkey_config.infile,
		107	},
		108	{
		109	.name = "inform",
		110	.argname = "format",
		111	.desc = "Input format (DER or PEM (default))",
		112	.type = OPTION_ARG_FORMAT,
		113	.opt.value = &pkey_config.informat,
		114	},
		115	{
		116	.name = "noout",
		117	.desc = "Do not print encoded version of the key",
		118	.type = OPTION_FLAG,
		119	.opt.flag = &pkey_config.noout,
		120	},
		121	{
		122	.name = "out",
		123	.argname = "file",
		124	.desc = "Output file (default stdout)",
		125	.type = OPTION_ARG,
		126	.opt.arg = &pkey_config.outfile,
		127	},
		128	{
		129	.name = "outform",
		130	.argname = "format",
		131	.desc = "Output format (DER or PEM (default))",
		132	.type = OPTION_ARG_FORMAT,
		133	.opt.value = &pkey_config.outformat,
		134	},
		135	{
		136	.name = "passin",
		137	.argname = "src",
		138	.desc = "Input file passphrase source",
		139	.type = OPTION_ARG,
		140	.opt.arg = &pkey_config.passargin,
		141	},
		142	{
		143	.name = "passout",
		144	.argname = "src",
		145	.desc = "Output file passphrase source",
		146	.type = OPTION_ARG,
		147	.opt.arg = &pkey_config.passargout,
		148	},
		149	{
		150	.name = "pubin",
		151	.desc = "Expect a public key (default private key)",
		152	.type = OPTION_VALUE,
		153	.value = 1,
		154	.opt.value = &pkey_config.pubin,
		155	},
		156	{
		157	.name = "pubout",
		158	.desc = "Output a public key (default private key)",
		159	.type = OPTION_VALUE,
		160	.value = 1,
		161	.opt.value = &pkey_config.pubout,
		162	},
		163	{
		164	.name = "text",
		165	.desc = "Print the public/private key in plain text",
		166	.type = OPTION_FLAG,
		167	.opt.flag = &pkey_config.text,
		168	},
		169	{
		170	.name = "text_pub",
		171	.desc = "Print out only public key in plain text",
		172	.type = OPTION_FLAG,
		173	.opt.flag = &pkey_config.pubtext,
		174	},
		175	{
		176	.name = NULL,
		177	.type = OPTION_ARGV_FUNC,
		178	.opt.argvfunc = pkey_opt_cipher,
		179	},
		180	{ NULL }
		181	};
		182
		183	static void
		184	show_ciphers(const OBJ_NAME name, void arg)
		185	{
		186	static int n;
		187
		188	fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
		189	}
		190
		191	static void
		192	pkey_usage()
		193	{
		194	fprintf(stderr,
		195	"usage: pkey [-ciphername] [-in file] [-inform fmt] [-noout] "
		196	"[-out file]\n"
		197	" [-outform fmt] [-passin src] [-passout src] [-pubin] "
		198	"[-pubout] [-text]\n"
		199	" [-text_pub]\n\n");
		200	options_usage(pkey_options);
		201	fprintf(stderr, "\n");
		202
		203	fprintf(stderr, "Valid ciphername values:\n\n");
		204	OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
		205	fprintf(stderr, "\n");
		206	}
		207
68	int	208	int
69	pkey_main(int argc, char **argv)	209	pkey_main(int argc, char **argv)
70	{	210	{
71	char *args, infile = NULL, *outfile = NULL;
72	char passargin = NULL, passargout = NULL;
73	BIO in = NULL, out = NULL;	211	BIO in = NULL, out = NULL;
74	const EVP_CIPHER *cipher = NULL;
75	int informat, outformat;
76	int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
77	EVP_PKEY *pkey = NULL;	212	EVP_PKEY *pkey = NULL;
78	char passin = NULL, passout = NULL;	213	char passin = NULL, passout = NULL;
79	int badarg = 0;
80	int ret = 1;	214	int ret = 1;
81		215
82	if (single_execution) {	216	if (single_execution) {
@@ -86,112 +220,53 @@ pkey_main(int argc, char **argv)
86	}	220	}
87	}	221	}
88		222
89	informat = FORMAT_PEM;	223	memset(&pkey_config, 0, sizeof(pkey_config));
90	outformat = FORMAT_PEM;	224	pkey_config.informat = FORMAT_PEM;
91		225	pkey_config.outformat = FORMAT_PEM;
92	args = argv + 1;
93	while (!badarg && args && args[0] == '-') {
94	if (!strcmp(*args, "-inform")) {
95	if (args[1]) {
96	args++;
97	informat = str2fmt(*args);
98	} else
99	badarg = 1;
100	} else if (!strcmp(*args, "-outform")) {
101	if (args[1]) {
102	args++;
103	outformat = str2fmt(*args);
104	} else
105	badarg = 1;
106	} else if (!strcmp(*args, "-passin")) {
107	if (!args[1])
108	goto bad;
109	passargin = *(++args);
110	} else if (!strcmp(*args, "-passout")) {
111	if (!args[1])
112	goto bad;
113	passargout = *(++args);
114	}
115	else if (!strcmp(*args, "-in")) {
116	if (args[1]) {
117	args++;
118	infile = *args;
119	} else
120	badarg = 1;
121	} else if (!strcmp(*args, "-out")) {
122	if (args[1]) {
123	args++;
124	outfile = *args;
125	} else
126	badarg = 1;
127	} else if (strcmp(*args, "-pubin") == 0) {
128	pubin = 1;
129	pubout = 1;
130	pubtext = 1;
131	} else if (strcmp(*args, "-pubout") == 0)
132	pubout = 1;
133	else if (strcmp(*args, "-text_pub") == 0) {
134	pubtext = 1;
135	text = 1;
136	} else if (strcmp(*args, "-text") == 0)
137	text = 1;
138	else if (strcmp(*args, "-noout") == 0)
139	noout = 1;
140	else {
141	cipher = EVP_get_cipherbyname(*args + 1);
142	if (!cipher) {
143	BIO_printf(bio_err, "Unknown cipher %s\n",
144	*args + 1);
145	badarg = 1;
146	}
147	}
148	args++;
149	}
150		226
151	if (badarg) {	227	if (options_parse(argc, argv, pkey_options, NULL, NULL) != 0) {
152	bad:	228	pkey_usage();
153	BIO_printf(bio_err, "Usage pkey [options]\n");	229	goto end;
154	BIO_printf(bio_err, "where options are\n");
155	BIO_printf(bio_err, "-in file input file\n");
156	BIO_printf(bio_err, "-inform X input format (DER or PEM)\n");
157	BIO_printf(bio_err, "-passin arg input file pass phrase source\n");
158	BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
159	BIO_printf(bio_err, "-out file output file\n");
160	BIO_printf(bio_err, "-passout arg output file pass phrase source\n");
161	return 1;
162	}	230	}
163		231
164	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {	232	if (pkey_config.pubtext)
		233	pkey_config.text = 1;
		234	if (pkey_config.pubin)
		235	pkey_config.pubout = pkey_config.pubtext = 1;
		236
		237	if (!app_passwd(bio_err, pkey_config.passargin, pkey_config.passargout,
		238	&passin, &passout)) {
165	BIO_printf(bio_err, "Error getting passwords\n");	239	BIO_printf(bio_err, "Error getting passwords\n");
166	goto end;	240	goto end;
167	}	241	}
168	if (outfile) {	242	if (pkey_config.outfile) {
169	if (!(out = BIO_new_file(outfile, "wb"))) {	243	if (!(out = BIO_new_file(pkey_config.outfile, "wb"))) {
170	BIO_printf(bio_err,	244	BIO_printf(bio_err,
171	"Can't open output file %s\n", outfile);	245	"Can't open output file %s\n", pkey_config.outfile);
172	goto end;	246	goto end;
173	}	247	}
174	} else {	248	} else {
175	out = BIO_new_fp(stdout, BIO_NOCLOSE);	249	out = BIO_new_fp(stdout, BIO_NOCLOSE);
176	}	250	}
177		251
178	if (pubin)	252	if (pkey_config.pubin)
179	pkey = load_pubkey(bio_err, infile, informat, 1,	253	pkey = load_pubkey(bio_err, pkey_config.infile,
180	passin, "Public Key");	254	pkey_config.informat, 1, passin, "Public Key");
181	else	255	else
182	pkey = load_key(bio_err, infile, informat, 1, passin, "key");	256	pkey = load_key(bio_err, pkey_config.infile,
		257	pkey_config.informat, 1, passin, "key");
183	if (!pkey)	258	if (!pkey)
184	goto end;	259	goto end;
185		260
186	if (!noout) {	261	if (!pkey_config.noout) {
187	if (outformat == FORMAT_PEM) {	262	if (pkey_config.outformat == FORMAT_PEM) {
188	if (pubout)	263	if (pkey_config.pubout)
189	PEM_write_bio_PUBKEY(out, pkey);	264	PEM_write_bio_PUBKEY(out, pkey);
190	else	265	else
191	PEM_write_bio_PrivateKey(out, pkey, cipher,	266	PEM_write_bio_PrivateKey(out, pkey,
192	NULL, 0, NULL, passout);	267	pkey_config.cipher, NULL, 0, NULL, passout);
193	} else if (outformat == FORMAT_ASN1) {	268	} else if (pkey_config.outformat == FORMAT_ASN1) {
194	if (pubout)	269	if (pkey_config.pubout)
195	i2d_PUBKEY_bio(out, pkey);	270	i2d_PUBKEY_bio(out, pkey);
196	else	271	else
197	i2d_PrivateKey_bio(out, pkey);	272	i2d_PrivateKey_bio(out, pkey);
@@ -201,8 +276,8 @@ pkey_main(int argc, char **argv)
201	}	276	}
202		277
203	}	278	}
204	if (text) {	279	if (pkey_config.text) {
205	if (pubtext)	280	if (pkey_config.pubtext)
206	EVP_PKEY_print_public(out, pkey, 0, NULL);	281	EVP_PKEY_print_public(out, pkey, 0, NULL);
207	else	282	else
208	EVP_PKEY_print_private(out, pkey, 0, NULL);	283	EVP_PKEY_print_private(out, pkey, 0, NULL);