summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2015-07-21 16:34:31 +0000
committerjsing <>2015-07-21 16:34:31 +0000
commit470501e80d304311939e2bcfdc24e75ec8cc1026 (patch)
treeac7cb45d93325acc7582aa8156d4ecb0921a4aaf /src
parent6ddf15f9dc10ccbb7bce3ea929179e3aecd9d46d (diff)
downloadopenbsd-470501e80d304311939e2bcfdc24e75ec8cc1026.tar.gz
openbsd-470501e80d304311939e2bcfdc24e75ec8cc1026.tar.bz2
openbsd-470501e80d304311939e2bcfdc24e75ec8cc1026.zip
Convert openssl(1) pkcs7 to new option handling.
ok doug@
Diffstat (limited to 'src')
-rw-r--r--src/usr.bin/openssl/pkcs7.c204
1 files changed, 111 insertions, 93 deletions
diff --git a/src/usr.bin/openssl/pkcs7.c b/src/usr.bin/openssl/pkcs7.c
index 77a20da154..23c4799036 100644
--- a/src/usr.bin/openssl/pkcs7.c
+++ b/src/usr.bin/openssl/pkcs7.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pkcs7.c,v 1.3 2015/07/20 16:48:11 doug Exp $ */ 1/* $OpenBSD: pkcs7.c,v 1.4 2015/07/21 16:34:31 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -70,12 +70,93 @@
70#include <openssl/pkcs7.h> 70#include <openssl/pkcs7.h>
71#include <openssl/x509.h> 71#include <openssl/x509.h>
72 72
73/* -inform arg - input format - default PEM (DER or PEM) 73static struct {
74 * -outform arg - output format - default PEM 74#ifndef OPENSSL_NO_ENGINE
75 * -in arg - input file - default stdin 75 char *engine;
76 * -out arg - output file - default stdout 76#endif
77 * -print_certs 77 char *infile;
78 */ 78 int informat;
79 int noout;
80 char *outfile;
81 int outformat;
82 int p7_print;
83 int print_certs;
84 int text;
85} pkcs7_config;
86
87static struct option pkcs7_options[] = {
88#ifndef OPENSSL_NO_ENGINE
89 {
90 .name = "engine",
91 .argname = "id",
92 .desc = "Use the engine specified by the given identifier",
93 .type = OPTION_ARG,
94 .opt.arg = &pkcs7_config.engine,
95 },
96#endif
97 {
98 .name = "in",
99 .argname = "file",
100 .desc = "Input file (default stdin)",
101 .type = OPTION_ARG,
102 .opt.arg = &pkcs7_config.infile,
103 },
104 {
105 .name = "inform",
106 .argname = "format",
107 .desc = "Input format (DER or PEM (default))",
108 .type = OPTION_ARG_FORMAT,
109 .opt.value = &pkcs7_config.informat,
110 },
111 {
112 .name = "noout",
113 .desc = "Do not output encoded version of PKCS#7 structure",
114 .type = OPTION_FLAG,
115 .opt.flag = &pkcs7_config.noout,
116 },
117 {
118 .name = "out",
119 .argname = "file",
120 .desc = "Output file (default stdout)",
121 .type = OPTION_ARG,
122 .opt.arg = &pkcs7_config.outfile,
123 },
124 {
125 .name = "outform",
126 .argname = "format",
127 .desc = "Output format (DER or PEM (default))",
128 .type = OPTION_ARG_FORMAT,
129 .opt.value = &pkcs7_config.outformat,
130 },
131 {
132 .name = "print",
133 .desc = "Output ASN.1 representation of PKCS#7 structure",
134 .type = OPTION_FLAG,
135 .opt.flag = &pkcs7_config.p7_print,
136 },
137 {
138 .name = "print_certs",
139 .desc = "Print out any certificates or CRLs contained in file",
140 .type = OPTION_FLAG,
141 .opt.flag = &pkcs7_config.print_certs,
142 },
143 {
144 .name = "text",
145 .desc = "Print out full certificate details",
146 .type = OPTION_FLAG,
147 .opt.flag = &pkcs7_config.text,
148 },
149 { NULL },
150};
151
152static void
153pkcs7_usage()
154{
155 fprintf(stderr, "usage: pkcs7 [-engine id] [-in file] "
156 "[-inform DER | PEM] [-noout]\n"
157 " [-out file] [-outform DER | PEM] [-print_certs] [-text]\n\n");
158 options_usage(pkcs7_options);
159}
79 160
80int pkcs7_main(int, char **); 161int pkcs7_main(int, char **);
81 162
@@ -83,85 +164,22 @@ int
83pkcs7_main(int argc, char **argv) 164pkcs7_main(int argc, char **argv)
84{ 165{
85 PKCS7 *p7 = NULL; 166 PKCS7 *p7 = NULL;
86 int i, badops = 0;
87 BIO *in = NULL, *out = NULL; 167 BIO *in = NULL, *out = NULL;
88 int informat, outformat;
89 char *infile, *outfile, *prog;
90 int print_certs = 0, text = 0, noout = 0, p7_print = 0;
91 int ret = 1; 168 int ret = 1;
92#ifndef OPENSSL_NO_ENGINE 169 int i;
93 char *engine = NULL;
94#endif
95 170
96 infile = NULL; 171 memset(&pkcs7_config, 0, sizeof(pkcs7_config));
97 outfile = NULL;
98 informat = FORMAT_PEM;
99 outformat = FORMAT_PEM;
100 172
101 prog = argv[0]; 173 pkcs7_config.informat = FORMAT_PEM;
102 argc--; 174 pkcs7_config.outformat = FORMAT_PEM;
103 argv++;
104 while (argc >= 1) {
105 if (strcmp(*argv, "-inform") == 0) {
106 if (--argc < 1)
107 goto bad;
108 informat = str2fmt(*(++argv));
109 } else if (strcmp(*argv, "-outform") == 0) {
110 if (--argc < 1)
111 goto bad;
112 outformat = str2fmt(*(++argv));
113 } else if (strcmp(*argv, "-in") == 0) {
114 if (--argc < 1)
115 goto bad;
116 infile = *(++argv);
117 } else if (strcmp(*argv, "-out") == 0) {
118 if (--argc < 1)
119 goto bad;
120 outfile = *(++argv);
121 } else if (strcmp(*argv, "-noout") == 0)
122 noout = 1;
123 else if (strcmp(*argv, "-text") == 0)
124 text = 1;
125 else if (strcmp(*argv, "-print") == 0)
126 p7_print = 1;
127 else if (strcmp(*argv, "-print_certs") == 0)
128 print_certs = 1;
129#ifndef OPENSSL_NO_ENGINE
130 else if (strcmp(*argv, "-engine") == 0) {
131 if (--argc < 1)
132 goto bad;
133 engine = *(++argv);
134 }
135#endif
136 else {
137 BIO_printf(bio_err, "unknown option %s\n", *argv);
138 badops = 1;
139 break;
140 }
141 argc--;
142 argv++;
143 }
144 175
145 if (badops) { 176 if (options_parse(argc, argv, pkcs7_options, NULL, NULL) != 0) {
146bad: 177 pkcs7_usage();
147 BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
148 BIO_printf(bio_err, "where options are\n");
149 BIO_printf(bio_err, " -inform arg input format - DER or PEM\n");
150 BIO_printf(bio_err, " -outform arg output format - DER or PEM\n");
151 BIO_printf(bio_err, " -in arg input file\n");
152 BIO_printf(bio_err, " -out arg output file\n");
153 BIO_printf(bio_err, " -print_certs print any certs or crl in the input\n");
154 BIO_printf(bio_err, " -text print full details of certificates\n");
155 BIO_printf(bio_err, " -noout don't output encoded data\n");
156#ifndef OPENSSL_NO_ENGINE
157 BIO_printf(bio_err, " -engine e use engine e, possibly a hardware device.\n");
158#endif
159 ret = 1;
160 goto end; 178 goto end;
161 } 179 }
162 180
163#ifndef OPENSSL_NO_ENGINE 181#ifndef OPENSSL_NO_ENGINE
164 setup_engine(bio_err, engine, 0); 182 setup_engine(bio_err, pkcs7_config.engine, 0);
165#endif 183#endif
166 184
167 in = BIO_new(BIO_s_file()); 185 in = BIO_new(BIO_s_file());
@@ -170,18 +188,18 @@ bad:
170 ERR_print_errors(bio_err); 188 ERR_print_errors(bio_err);
171 goto end; 189 goto end;
172 } 190 }
173 if (infile == NULL) 191 if (pkcs7_config.infile == NULL)
174 BIO_set_fp(in, stdin, BIO_NOCLOSE); 192 BIO_set_fp(in, stdin, BIO_NOCLOSE);
175 else { 193 else {
176 if (BIO_read_filename(in, infile) <= 0) { 194 if (BIO_read_filename(in, pkcs7_config.infile) <= 0) {
177 perror(infile); 195 perror(pkcs7_config.infile);
178 goto end; 196 goto end;
179 } 197 }
180 } 198 }
181 199
182 if (informat == FORMAT_ASN1) 200 if (pkcs7_config.informat == FORMAT_ASN1)
183 p7 = d2i_PKCS7_bio(in, NULL); 201 p7 = d2i_PKCS7_bio(in, NULL);
184 else if (informat == FORMAT_PEM) 202 else if (pkcs7_config.informat == FORMAT_PEM)
185 p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL); 203 p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
186 else { 204 else {
187 BIO_printf(bio_err, "bad input format specified for pkcs7 object\n"); 205 BIO_printf(bio_err, "bad input format specified for pkcs7 object\n");
@@ -192,19 +210,19 @@ bad:
192 ERR_print_errors(bio_err); 210 ERR_print_errors(bio_err);
193 goto end; 211 goto end;
194 } 212 }
195 if (outfile == NULL) { 213 if (pkcs7_config.outfile == NULL) {
196 BIO_set_fp(out, stdout, BIO_NOCLOSE); 214 BIO_set_fp(out, stdout, BIO_NOCLOSE);
197 } else { 215 } else {
198 if (BIO_write_filename(out, outfile) <= 0) { 216 if (BIO_write_filename(out, pkcs7_config.outfile) <= 0) {
199 perror(outfile); 217 perror(pkcs7_config.outfile);
200 goto end; 218 goto end;
201 } 219 }
202 } 220 }
203 221
204 if (p7_print) 222 if (pkcs7_config.p7_print)
205 PKCS7_print_ctx(out, p7, 0, NULL); 223 PKCS7_print_ctx(out, p7, 0, NULL);
206 224
207 if (print_certs) { 225 if (pkcs7_config.print_certs) {
208 STACK_OF(X509) * certs = NULL; 226 STACK_OF(X509) * certs = NULL;
209 STACK_OF(X509_CRL) * crls = NULL; 227 STACK_OF(X509_CRL) * crls = NULL;
210 228
@@ -227,12 +245,12 @@ bad:
227 245
228 for (i = 0; i < sk_X509_num(certs); i++) { 246 for (i = 0; i < sk_X509_num(certs); i++) {
229 x = sk_X509_value(certs, i); 247 x = sk_X509_value(certs, i);
230 if (text) 248 if (pkcs7_config.text)
231 X509_print(out, x); 249 X509_print(out, x);
232 else 250 else
233 dump_cert_text(out, x); 251 dump_cert_text(out, x);
234 252
235 if (!noout) 253 if (!pkcs7_config.noout)
236 PEM_write_bio_X509(out, x); 254 PEM_write_bio_X509(out, x);
237 BIO_puts(out, "\n"); 255 BIO_puts(out, "\n");
238 } 256 }
@@ -245,7 +263,7 @@ bad:
245 263
246 X509_CRL_print(out, crl); 264 X509_CRL_print(out, crl);
247 265
248 if (!noout) 266 if (!pkcs7_config.noout)
249 PEM_write_bio_X509_CRL(out, crl); 267 PEM_write_bio_X509_CRL(out, crl);
250 BIO_puts(out, "\n"); 268 BIO_puts(out, "\n");
251 } 269 }
@@ -253,10 +271,10 @@ bad:
253 ret = 0; 271 ret = 0;
254 goto end; 272 goto end;
255 } 273 }
256 if (!noout) { 274 if (!pkcs7_config.noout) {
257 if (outformat == FORMAT_ASN1) 275 if (pkcs7_config.outformat == FORMAT_ASN1)
258 i = i2d_PKCS7_bio(out, p7); 276 i = i2d_PKCS7_bio(out, p7);
259 else if (outformat == FORMAT_PEM) 277 else if (pkcs7_config.outformat == FORMAT_PEM)
260 i = PEM_write_bio_PKCS7(out, p7); 278 i = PEM_write_bio_PKCS7(out, p7);
261 else { 279 else {
262 BIO_printf(bio_err, "bad output format specified for outfile\n"); 280 BIO_printf(bio_err, "bad output format specified for outfile\n");
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-21 00:40:55 +0000