From d7610bb566b677b7cd1dff6af83c18174a305942 Mon Sep 17 00:00:00 2001 From: tb <> Date: Mon, 10 Jan 2022 12:17:49 +0000 Subject: Implement openssl pkey -{,pub}check and pkeyparam -check These expose EVP_PKEY_{,public_,param_}check() to the command line. They are currently noops and will be enabled in the upcoming bump. ok inoguchi jsing --- src/usr.bin/openssl/pkeyparam.c | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'src/usr.bin/openssl/pkeyparam.c') diff --git a/src/usr.bin/openssl/pkeyparam.c b/src/usr.bin/openssl/pkeyparam.c index 81bed13958..6ac4558578 100644 --- a/src/usr.bin/openssl/pkeyparam.c +++ b/src/usr.bin/openssl/pkeyparam.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pkeyparam.c,v 1.12 2019/07/14 03:30:46 guenther Exp $ */ +/* $OpenBSD: pkeyparam.c,v 1.13 2022/01/10 12:17:49 tb Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2006 */ @@ -66,6 +66,7 @@ #include struct { + int check; char *infile; int noout; char *outfile; @@ -73,6 +74,12 @@ struct { } pkeyparam_config; static const struct option pkeyparam_options[] = { + { + .name = "check", + .desc = "Check validity of key parameters", + .type = OPTION_FLAG, + .opt.flag = &pkeyparam_config.check, + }, { .name = "in", .argname = "file", @@ -106,7 +113,7 @@ static void pkeyparam_usage() { fprintf(stderr, - "usage: pkeyparam [-in file] [-noout] [-out file] " + "usage: pkeyparam [-check] [-in file] [-noout] [-out file] " "[-text]\n"); options_usage(pkeyparam_options); } @@ -157,6 +164,14 @@ pkeyparam_main(int argc, char **argv) ERR_print_errors(bio_err); goto end; } + +#if notyet + if (pkeyparam_config.check) { + if (!pkey_check(out, pkey, EVP_PKEY_param_check, "Parameters")) + goto end; + } +#endif + if (!pkeyparam_config.noout) PEM_write_bio_Parameters(out, pkey); -- cgit v1.2.3-55-g6feb