diff options
| -rw-r--r-- | src/usr.bin/openssl/pkcs12.c | 54 |
1 files changed, 30 insertions, 24 deletions
diff --git a/src/usr.bin/openssl/pkcs12.c b/src/usr.bin/openssl/pkcs12.c index 8d1ae415fa..ad71155f17 100644 --- a/src/usr.bin/openssl/pkcs12.c +++ b/src/usr.bin/openssl/pkcs12.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: pkcs12.c,v 1.17 2022/03/28 10:56:26 inoguchi Exp $ */ | 1 | /* $OpenBSD: pkcs12.c,v 1.18 2022/03/28 11:02:49 inoguchi Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project. | 3 | * project. |
| 4 | */ | 4 | */ |
| @@ -77,17 +77,18 @@ | |||
| 77 | #define CLCERTS 0x8 | 77 | #define CLCERTS 0x8 |
| 78 | #define CACERTS 0x10 | 78 | #define CACERTS 0x10 |
| 79 | 79 | ||
| 80 | int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **chain); | 80 | static int get_cert_chain(X509 *cert, X509_STORE *store, |
| 81 | int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, | 81 | STACK_OF(X509) **chain); |
| 82 | static int dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, | ||
| 82 | int options, char *pempass); | 83 | int options, char *pempass); |
| 83 | int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass, | 84 | static int dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, |
| 85 | char *pass, int passlen, int options, char *pempass); | ||
| 86 | static int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, | ||
| 84 | int passlen, int options, char *pempass); | 87 | int passlen, int options, char *pempass); |
| 85 | int dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bags, char *pass, | 88 | static int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst, |
| 86 | int passlen, int options, char *pempass); | ||
| 87 | int print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst, | ||
| 88 | const char *name); | 89 | const char *name); |
| 89 | void hex_prin(BIO *out, unsigned char *buf, int len); | 90 | static void hex_prin(BIO *out, unsigned char *buf, int len); |
| 90 | int alg_print(BIO *x, const X509_ALGOR *alg); | 91 | static int alg_print(BIO *x, const X509_ALGOR *alg); |
| 91 | static int set_pbe(BIO *err, int *ppbe, const char *str); | 92 | static int set_pbe(BIO *err, int *ppbe, const char *str); |
| 92 | 93 | ||
| 93 | static struct { | 94 | static struct { |
| @@ -818,9 +819,9 @@ pkcs12_main(int argc, char **argv) | |||
| 818 | return (ret); | 819 | return (ret); |
| 819 | } | 820 | } |
| 820 | 821 | ||
| 821 | int | 822 | static int |
| 822 | dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, | 823 | dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, int passlen, int options, |
| 823 | int passlen, int options, char *pempass) | 824 | char *pempass) |
| 824 | { | 825 | { |
| 825 | STACK_OF(PKCS7) *asafes = NULL; | 826 | STACK_OF(PKCS7) *asafes = NULL; |
| 826 | STACK_OF(PKCS12_SAFEBAG) *bags; | 827 | STACK_OF(PKCS12_SAFEBAG) *bags; |
| @@ -863,11 +864,12 @@ dump_certs_keys_p12(BIO *out, PKCS12 *p12, char *pass, | |||
| 863 | return ret; | 864 | return ret; |
| 864 | } | 865 | } |
| 865 | 866 | ||
| 866 | int | 867 | static int |
| 867 | dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, | 868 | dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, char *pass, |
| 868 | char *pass, int passlen, int options, char *pempass) | 869 | int passlen, int options, char *pempass) |
| 869 | { | 870 | { |
| 870 | int i; | 871 | int i; |
| 872 | |||
| 871 | for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { | 873 | for (i = 0; i < sk_PKCS12_SAFEBAG_num(bags); i++) { |
| 872 | if (!dump_certs_pkeys_bag(out, | 874 | if (!dump_certs_pkeys_bag(out, |
| 873 | sk_PKCS12_SAFEBAG_value(bags, i), | 875 | sk_PKCS12_SAFEBAG_value(bags, i), |
| @@ -878,9 +880,9 @@ dump_certs_pkeys_bags(BIO *out, STACK_OF(PKCS12_SAFEBAG) *bags, | |||
| 878 | return 1; | 880 | return 1; |
| 879 | } | 881 | } |
| 880 | 882 | ||
| 881 | int | 883 | static int |
| 882 | dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass, | 884 | dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass, int passlen, |
| 883 | int passlen, int options, char *pempass) | 885 | int options, char *pempass) |
| 884 | { | 886 | { |
| 885 | EVP_PKEY *pkey; | 887 | EVP_PKEY *pkey; |
| 886 | PKCS8_PRIV_KEY_INFO *p8; | 888 | PKCS8_PRIV_KEY_INFO *p8; |
| @@ -964,7 +966,7 @@ dump_certs_pkeys_bag(BIO *out, PKCS12_SAFEBAG *bag, char *pass, | |||
| 964 | } | 966 | } |
| 965 | 967 | ||
| 966 | /* Given a single certificate return a verified chain or NULL if error */ | 968 | /* Given a single certificate return a verified chain or NULL if error */ |
| 967 | int | 969 | static int |
| 968 | get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **out_chain) | 970 | get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **out_chain) |
| 969 | { | 971 | { |
| 970 | X509_STORE_CTX *store_ctx = NULL; | 972 | X509_STORE_CTX *store_ctx = NULL; |
| @@ -989,11 +991,12 @@ get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) **out_chain) | |||
| 989 | return ret; | 991 | return ret; |
| 990 | } | 992 | } |
| 991 | 993 | ||
| 992 | int | 994 | static int |
| 993 | alg_print(BIO *x, const X509_ALGOR *alg) | 995 | alg_print(BIO *x, const X509_ALGOR *alg) |
| 994 | { | 996 | { |
| 995 | PBEPARAM *pbe; | 997 | PBEPARAM *pbe; |
| 996 | const unsigned char *p; | 998 | const unsigned char *p; |
| 999 | |||
| 997 | p = alg->parameter->value.sequence->data; | 1000 | p = alg->parameter->value.sequence->data; |
| 998 | pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); | 1001 | pbe = d2i_PBEPARAM(NULL, &p, alg->parameter->value.sequence->length); |
| 999 | if (!pbe) | 1002 | if (!pbe) |
| @@ -1006,7 +1009,7 @@ alg_print(BIO *x, const X509_ALGOR *alg) | |||
| 1006 | } | 1009 | } |
| 1007 | 1010 | ||
| 1008 | /* Generalised attribute print: handle PKCS#8 and bag attributes */ | 1011 | /* Generalised attribute print: handle PKCS#8 and bag attributes */ |
| 1009 | void | 1012 | static void |
| 1010 | print_attribute(BIO *out, const ASN1_TYPE *av) | 1013 | print_attribute(BIO *out, const ASN1_TYPE *av) |
| 1011 | { | 1014 | { |
| 1012 | char *value; | 1015 | char *value; |
| @@ -1039,12 +1042,14 @@ print_attribute(BIO *out, const ASN1_TYPE *av) | |||
| 1039 | } | 1042 | } |
| 1040 | } | 1043 | } |
| 1041 | 1044 | ||
| 1042 | int | 1045 | static int |
| 1043 | print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst, const char *name) | 1046 | print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst, |
| 1047 | const char *name) | ||
| 1044 | { | 1048 | { |
| 1045 | X509_ATTRIBUTE *attr; | 1049 | X509_ATTRIBUTE *attr; |
| 1046 | ASN1_TYPE *av; | 1050 | ASN1_TYPE *av; |
| 1047 | int i, j, attr_nid; | 1051 | int i, j, attr_nid; |
| 1052 | |||
| 1048 | if (!attrlst) { | 1053 | if (!attrlst) { |
| 1049 | BIO_printf(out, "%s: <No Attributes>\n", name); | 1054 | BIO_printf(out, "%s: <No Attributes>\n", name); |
| 1050 | return 1; | 1055 | return 1; |
| @@ -1078,10 +1083,11 @@ print_attribs(BIO *out, const STACK_OF(X509_ATTRIBUTE) *attrlst, const char *nam | |||
| 1078 | return 1; | 1083 | return 1; |
| 1079 | } | 1084 | } |
| 1080 | 1085 | ||
| 1081 | void | 1086 | static void |
| 1082 | hex_prin(BIO *out, unsigned char *buf, int len) | 1087 | hex_prin(BIO *out, unsigned char *buf, int len) |
| 1083 | { | 1088 | { |
| 1084 | int i; | 1089 | int i; |
| 1090 | |||
| 1085 | for (i = 0; i < len; i++) | 1091 | for (i = 0; i < len; i++) |
| 1086 | BIO_printf(out, "%02X ", buf[i]); | 1092 | BIO_printf(out, "%02X ", buf[i]); |
| 1087 | } | 1093 | } |