Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl, since it is not

a system/superuser binary. At the same time, move the source code from its current lib/libssl/src/apps location to a more appropriate home under usr.bin/openssl. ok deraadt@ miod@
author: jsing <> 2014-08-26 17:47:25 +0000
committer: jsing <> 2014-08-26 17:47:25 +0000
commit: f3755acd5513f85ff734de6a822b6f804d3776ce (patch)
tree: 1f859a78eae941040f58599de8c0e1e56d61fdad /src/usr.bin/openssl/pkey.c
parent: 0779b9f30aa9875c290af18a4362799668829707 (diff)
download: openbsd-f3755acd5513f85ff734de6a822b6f804d3776ce.tar.gz
openbsd-f3755acd5513f85ff734de6a822b6f804d3776ce.tar.bz2
openbsd-f3755acd5513f85ff734de6a822b6f804d3776ce.zip
1 files changed, 235 insertions, 0 deletions
diff --git a/src/usr.bin/openssl/pkey.c b/src/usr.bin/openssl/pkey.c
new file mode 100644
index 0000000000..7f13bbbf62
--- /dev/null
+++ b/src/usr.bin/openssl/pkey.c
@@ -0,0 +1,235 @@
+/* $OpenBSD: pkey.c,v 1.1 2014/08/26 17:47:25 jsing Exp $ */
+/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
+ * project 2006
+ */
+/* ====================================================================
+ * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <string.h>
+#include "apps.h"
+#include <openssl/err.h>
+#include <openssl/evp.h>
+#include <openssl/pem.h>
+int pkey_main(int, char **);
+int
+pkey_main(int argc, char **argv)
+{
+        ENGINE *e = NULL;
+        char **args, *infile = NULL, *outfile = NULL;
+        char *passargin = NULL, *passargout = NULL;
+        BIO *in = NULL, *out = NULL;
+        const EVP_CIPHER *cipher = NULL;
+        int informat, outformat;
+        int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
+        EVP_PKEY *pkey = NULL;
+        char *passin = NULL, *passout = NULL;
+        int badarg = 0;
+#ifndef OPENSSL_NO_ENGINE
+        char *engine = NULL;
+#endif
+        int ret = 1;
+        informat = FORMAT_PEM;
+        outformat = FORMAT_PEM;
+        ERR_load_crypto_strings();
+        OpenSSL_add_all_algorithms();
+        args = argv + 1;
+        while (!badarg && *args && *args[0] == '-') {
+                if (!strcmp(*args, "-inform")) {
+                        if (args[1]) {
+                                args++;
+                                informat = str2fmt(*args);
+                        } else
+                                badarg = 1;
+                } else if (!strcmp(*args, "-outform")) {
+                        if (args[1]) {
+                                args++;
+                                outformat = str2fmt(*args);
+                        } else
+                                badarg = 1;
+                } else if (!strcmp(*args, "-passin")) {
+                        if (!args[1])
+                                goto bad;
+                        passargin = *(++args);
+                } else if (!strcmp(*args, "-passout")) {
+                        if (!args[1])
+                                goto bad;
+                        passargout = *(++args);
+                }
+#ifndef OPENSSL_NO_ENGINE
+                else if (strcmp(*args, "-engine") == 0) {
+                        if (!args[1])
+                                goto bad;
+                        engine = *(++args);
+                }
+#endif
+                else if (!strcmp(*args, "-in")) {
+                        if (args[1]) {
+                                args++;
+                                infile = *args;
+                        } else
+                                badarg = 1;
+                } else if (!strcmp(*args, "-out")) {
+                        if (args[1]) {
+                                args++;
+                                outfile = *args;
+                        } else
+                                badarg = 1;
+                } else if (strcmp(*args, "-pubin") == 0) {
+                        pubin = 1;
+                        pubout = 1;
+                        pubtext = 1;
+                } else if (strcmp(*args, "-pubout") == 0)
+                        pubout = 1;
+                else if (strcmp(*args, "-text_pub") == 0) {
+                        pubtext = 1;
+                        text = 1;
+                } else if (strcmp(*args, "-text") == 0)
+                        text = 1;
+                else if (strcmp(*args, "-noout") == 0)
+                        noout = 1;
+                else {
+                        cipher = EVP_get_cipherbyname(*args + 1);
+                        if (!cipher) {
+                                BIO_printf(bio_err, "Unknown cipher %s\n",
+                                    *args + 1);
+                                badarg = 1;
+                        }
+                }
+                args++;
+        }
+        if (badarg) {
+bad:
+                BIO_printf(bio_err, "Usage pkey [options]\n");
+                BIO_printf(bio_err, "where options are\n");
+                BIO_printf(bio_err, "-in file        input file\n");
+                BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
+                BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
+                BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
+                BIO_printf(bio_err, "-out file       output file\n");
+                BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
+#ifndef OPENSSL_NO_ENGINE
+                BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
+#endif
+                return 1;
+        }
+#ifndef OPENSSL_NO_ENGINE
+        e = setup_engine(bio_err, engine, 0);
+#endif
+        if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+                BIO_printf(bio_err, "Error getting passwords\n");
+                goto end;
+        }
+        if (outfile) {
+                if (!(out = BIO_new_file(outfile, "wb"))) {
+                        BIO_printf(bio_err,
+                            "Can't open output file %s\n", outfile);
+                        goto end;
+                }
+        } else {
+                out = BIO_new_fp(stdout, BIO_NOCLOSE);
+        }
+        if (pubin)
+                pkey = load_pubkey(bio_err, infile, informat, 1,
+                    passin, e, "Public Key");
+        else
+                pkey = load_key(bio_err, infile, informat, 1,
+                    passin, e, "key");
+        if (!pkey)
+                goto end;
+        if (!noout) {
+                if (outformat == FORMAT_PEM) {
+                        if (pubout)
+                                PEM_write_bio_PUBKEY(out, pkey);
+                        else
+                                PEM_write_bio_PrivateKey(out, pkey, cipher,
+                                    NULL, 0, NULL, passout);
+                } else if (outformat == FORMAT_ASN1) {
+                        if (pubout)
+                                i2d_PUBKEY_bio(out, pkey);
+                        else
+                                i2d_PrivateKey_bio(out, pkey);
+                } else {
+                        BIO_printf(bio_err, "Bad format specified for key\n");
+                        goto end;
+                }
+        }
+        if (text) {
+                if (pubtext)
+                        EVP_PKEY_print_public(out, pkey, 0, NULL);
+                else
+                        EVP_PKEY_print_private(out, pkey, 0, NULL);
+        }
+        ret = 0;
+end:
+        EVP_PKEY_free(pkey);
+        BIO_free_all(out);
+        BIO_free(in);
+        free(passin);
+        free(passout);
+        return ret;
+}
author	jsing <>	2014-08-26 17:47:25 +0000
committer	jsing <>	2014-08-26 17:47:25 +0000
commit	f3755acd5513f85ff734de6a822b6f804d3776ce (patch)
tree	1f859a78eae941040f58599de8c0e1e56d61fdad /src/usr.bin/openssl/pkey.c
parent	0779b9f30aa9875c290af18a4362799668829707 (diff)
download	openbsd-f3755acd5513f85ff734de6a822b6f804d3776ce.tar.gz openbsd-f3755acd5513f85ff734de6a822b6f804d3776ce.tar.bz2 openbsd-f3755acd5513f85ff734de6a822b6f804d3776ce.zip

diff --git a/src/usr.bin/openssl/pkey.c b/src/usr.bin/openssl/pkey.c new file mode 100644 index 0000000000..7f13bbbf62 --- /dev/null +++ b/src/usr.bin/openssl/pkey.c
@@ -0,0 +1,235 @@
	1	/* $OpenBSD: pkey.c,v 1.1 2014/08/26 17:47:25 jsing Exp $ */
	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
	3	* project 2006
	4	*/
	5	/* ====================================================================
	6	* Copyright (c) 2006 The OpenSSL Project. All rights reserved.
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	*
	12	* 1. Redistributions of source code must retain the above copyright
	13	* notice, this list of conditions and the following disclaimer.
	14	*
	15	* 2. Redistributions in binary form must reproduce the above copyright
	16	* notice, this list of conditions and the following disclaimer in
	17	* the documentation and/or other materials provided with the
	18	* distribution.
	19	*
	20	* 3. All advertising materials mentioning features or use of this
	21	* software must display the following acknowledgment:
	22	* "This product includes software developed by the OpenSSL Project
	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	24	*
	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	26	* endorse or promote products derived from this software without
	27	* prior written permission. For written permission, please contact
	28	* licensing@OpenSSL.org.
	29	*
	30	* 5. Products derived from this software may not be called "OpenSSL"
	31	* nor may "OpenSSL" appear in their names without prior written
	32	* permission of the OpenSSL Project.
	33	*
	34	* 6. Redistributions of any form whatsoever must retain the following
	35	* acknowledgment:
	36	* "This product includes software developed by the OpenSSL Project
	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	38	*
	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
	51	* ====================================================================
	52	*
	53	* This product includes cryptographic software written by Eric Young
	54	* (eay@cryptsoft.com). This product includes software written by Tim
	55	* Hudson (tjh@cryptsoft.com).
	56	*
	57	*/
	58
	59	#include <stdio.h>
	60	#include <string.h>
	61
	62	#include "apps.h"
	63
	64	#include <openssl/err.h>
	65	#include <openssl/evp.h>
	66	#include <openssl/pem.h>
	67
	68	int pkey_main(int, char **);
	69
	70	int
	71	pkey_main(int argc, char **argv)
	72	{
	73	ENGINE *e = NULL;
	74	char *args, infile = NULL, *outfile = NULL;
	75	char passargin = NULL, passargout = NULL;
	76	BIO in = NULL, out = NULL;
	77	const EVP_CIPHER *cipher = NULL;
	78	int informat, outformat;
	79	int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
	80	EVP_PKEY *pkey = NULL;
	81	char passin = NULL, passout = NULL;
	82	int badarg = 0;
	83	#ifndef OPENSSL_NO_ENGINE
	84	char *engine = NULL;
	85	#endif
	86	int ret = 1;
	87
	88	informat = FORMAT_PEM;
	89	outformat = FORMAT_PEM;
	90
	91	ERR_load_crypto_strings();
	92	OpenSSL_add_all_algorithms();
	93	args = argv + 1;
	94	while (!badarg && args && args[0] == '-') {
	95	if (!strcmp(*args, "-inform")) {
	96	if (args[1]) {
	97	args++;
	98	informat = str2fmt(*args);
	99	} else
	100	badarg = 1;
	101	} else if (!strcmp(*args, "-outform")) {
	102	if (args[1]) {
	103	args++;
	104	outformat = str2fmt(*args);
	105	} else
	106	badarg = 1;
	107	} else if (!strcmp(*args, "-passin")) {
	108	if (!args[1])
	109	goto bad;
	110	passargin = *(++args);
	111	} else if (!strcmp(*args, "-passout")) {
	112	if (!args[1])
	113	goto bad;
	114	passargout = *(++args);
	115	}
	116	#ifndef OPENSSL_NO_ENGINE
	117	else if (strcmp(*args, "-engine") == 0) {
	118	if (!args[1])
	119	goto bad;
	120	engine = *(++args);
	121	}
	122	#endif
	123	else if (!strcmp(*args, "-in")) {
	124	if (args[1]) {
	125	args++;
	126	infile = *args;
	127	} else
	128	badarg = 1;
	129	} else if (!strcmp(*args, "-out")) {
	130	if (args[1]) {
	131	args++;
	132	outfile = *args;
	133	} else
	134	badarg = 1;
	135	} else if (strcmp(*args, "-pubin") == 0) {
	136	pubin = 1;
	137	pubout = 1;
	138	pubtext = 1;
	139	} else if (strcmp(*args, "-pubout") == 0)
	140	pubout = 1;
	141	else if (strcmp(*args, "-text_pub") == 0) {
	142	pubtext = 1;
	143	text = 1;
	144	} else if (strcmp(*args, "-text") == 0)
	145	text = 1;
	146	else if (strcmp(*args, "-noout") == 0)
	147	noout = 1;
	148	else {
	149	cipher = EVP_get_cipherbyname(*args + 1);
	150	if (!cipher) {
	151	BIO_printf(bio_err, "Unknown cipher %s\n",
	152	*args + 1);
	153	badarg = 1;
	154	}
	155	}
	156	args++;
	157	}
	158
	159	if (badarg) {
	160	bad:
	161	BIO_printf(bio_err, "Usage pkey [options]\n");
	162	BIO_printf(bio_err, "where options are\n");
	163	BIO_printf(bio_err, "-in file input file\n");
	164	BIO_printf(bio_err, "-inform X input format (DER or PEM)\n");
	165	BIO_printf(bio_err, "-passin arg input file pass phrase source\n");
	166	BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
	167	BIO_printf(bio_err, "-out file output file\n");
	168	BIO_printf(bio_err, "-passout arg output file pass phrase source\n");
	169	#ifndef OPENSSL_NO_ENGINE
	170	BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
	171	#endif
	172	return 1;
	173	}
	174	#ifndef OPENSSL_NO_ENGINE
	175	e = setup_engine(bio_err, engine, 0);
	176	#endif
	177
	178	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
	179	BIO_printf(bio_err, "Error getting passwords\n");
	180	goto end;
	181	}
	182	if (outfile) {
	183	if (!(out = BIO_new_file(outfile, "wb"))) {
	184	BIO_printf(bio_err,
	185	"Can't open output file %s\n", outfile);
	186	goto end;
	187	}
	188	} else {
	189	out = BIO_new_fp(stdout, BIO_NOCLOSE);
	190	}
	191
	192	if (pubin)
	193	pkey = load_pubkey(bio_err, infile, informat, 1,
	194	passin, e, "Public Key");
	195	else
	196	pkey = load_key(bio_err, infile, informat, 1,
	197	passin, e, "key");
	198	if (!pkey)
	199	goto end;
	200
	201	if (!noout) {
	202	if (outformat == FORMAT_PEM) {
	203	if (pubout)
	204	PEM_write_bio_PUBKEY(out, pkey);
	205	else
	206	PEM_write_bio_PrivateKey(out, pkey, cipher,
	207	NULL, 0, NULL, passout);
	208	} else if (outformat == FORMAT_ASN1) {
	209	if (pubout)
	210	i2d_PUBKEY_bio(out, pkey);
	211	else
	212	i2d_PrivateKey_bio(out, pkey);
	213	} else {
	214	BIO_printf(bio_err, "Bad format specified for key\n");
	215	goto end;
	216	}
	217
	218	}
	219	if (text) {
	220	if (pubtext)
	221	EVP_PKEY_print_public(out, pkey, 0, NULL);
	222	else
	223	EVP_PKEY_print_private(out, pkey, 0, NULL);
	224	}
	225	ret = 0;
	226
	227	end:
	228	EVP_PKEY_free(pkey);
	229	BIO_free_all(out);
	230	BIO_free(in);
	231	free(passin);
	232	free(passout);
	233
	234	return ret;
	235	}