diff options
author | Rich Salz <rsalz@akamai.com> | 2014-07-09 23:41:38 -0400 |
---|---|---|
committer | Rich Salz <rsalz@akamai.com> | 2014-07-14 18:03:33 -0400 |
commit | b446cd99c0e18b090a168186aadcd484f100d448 (patch) | |
tree | 64608e57a75d9306fae1daf2fb4504159feee2c6 | |
parent | 93ba433a9f2f89e72e41fc3fcf2c515f57841a68 (diff) | |
download | openssl-new-b446cd99c0e18b090a168186aadcd484f100d448.tar.gz |
checkpoint
-rw-r--r-- | apps/Makefile | 2 | ||||
-rw-r--r-- | apps/apps.h | 17 | ||||
-rw-r--r-- | apps/asn1pars.c | 13 | ||||
-rw-r--r-- | apps/ca.c | 3 | ||||
-rw-r--r-- | apps/ciphers.c | 120 | ||||
-rw-r--r-- | apps/cms.c | 7 | ||||
-rw-r--r-- | apps/crl.c | 223 | ||||
-rw-r--r-- | apps/crl2p7.c | 109 | ||||
-rw-r--r-- | apps/dgst.c | 2 | ||||
-rw-r--r-- | apps/dh.c | 131 | ||||
-rw-r--r-- | apps/dhparam.c | 195 | ||||
-rw-r--r-- | apps/dsa.c | 201 | ||||
-rw-r--r-- | apps/dsaparam.c | 20 | ||||
-rw-r--r-- | apps/ec.c | 181 | ||||
-rw-r--r-- | apps/ecparam.c | 12 | ||||
-rw-r--r-- | apps/enc.c | 2 | ||||
-rw-r--r-- | apps/errstr.c | 20 | ||||
-rw-r--r-- | apps/gendh.c | 3 | ||||
-rw-r--r-- | apps/gendsa.c | 191 | ||||
-rw-r--r-- | apps/genpkey.c | 3 | ||||
-rw-r--r-- | apps/genrsa.c | 152 | ||||
-rw-r--r-- | apps/nseq.c | 10 | ||||
-rw-r--r-- | apps/ocsp.c | 4 | ||||
-rw-r--r-- | apps/openssl.c | 16 | ||||
-rw-r--r-- | apps/opt.c | 127 | ||||
-rw-r--r-- | apps/pkcs12.c | 94 | ||||
-rw-r--r-- | apps/pkcs7.c | 115 | ||||
-rw-r--r-- | apps/pkcs8.c | 264 | ||||
-rw-r--r-- | apps/pkey.c | 184 | ||||
-rw-r--r-- | apps/pkeyparam.c | 14 | ||||
-rw-r--r-- | apps/prime.c | 9 | ||||
-rw-r--r-- | apps/progs.h | 4 | ||||
-rw-r--r-- | apps/progs.pl | 4 | ||||
-rw-r--r-- | apps/rand.c | 14 | ||||
-rw-r--r-- | apps/req.c | 79 | ||||
-rw-r--r-- | apps/rsa.c | 3 | ||||
-rw-r--r-- | apps/rsautl.c | 190 | ||||
-rw-r--r-- | apps/sess_id.c | 10 | ||||
-rw-r--r-- | apps/smime.c | 9 | ||||
-rw-r--r-- | apps/spkac.c | 130 | ||||
-rw-r--r-- | apps/ts.c | 6 | ||||
-rw-r--r-- | apps/version.c | 10 | ||||
-rw-r--r-- | apps/x509.c | 6 |
43 files changed, 1419 insertions, 1490 deletions
diff --git a/apps/Makefile b/apps/Makefile index 5aaefc7456..8a37695aac 100644 --- a/apps/Makefile +++ b/apps/Makefile @@ -6,7 +6,7 @@ DIR= apps TOP= .. CC= cc INCLUDES= -I$(TOP) -I../include $(KRB5_INCLUDES) -CFLAG= -g -static +CFLAG= -g -static -Wswitch MAKEFILE= Makefile PERL= perl RM= rm -f diff --git a/apps/apps.h b/apps/apps.h index d880bff50c..2edd96d93b 100644 --- a/apps/apps.h +++ b/apps/apps.h @@ -152,18 +152,6 @@ extern void unbuffer(FILE* fp); #include <signal.h> #endif -#ifdef SIGPIPE -#define do_pipe_sig() signal(SIGPIPE,SIG_IGN) -#else -#define do_pipe_sig() -#endif - -#ifdef OPENSSL_NO_COMP -#define zlib_cleanup() -#else -#define zlib_cleanup() COMP_zlib_cleanup() -#endif - #if defined(OPENSSL_SYSNAME_WIN32) || defined(OPENSSL_SYSNAME_WINCE) # define openssl_fdset(a,b) FD_SET((unsigned int)a, b) @@ -189,6 +177,11 @@ extern char* opt_progname(const char *argv0); extern char* opt_init(int ac, char** av, const OPTIONS* o); extern int opt_next(); extern int opt_format(const char *s, int onlyderpem, int* result); +extern int opt_int(const char* arg, int* result); +extern int opt_ulong(const char* arg, unsigned long* result); +extern int opt_long(const char* arg, long* result); +extern int opt_cipher(const char* name, const EVP_CIPHER** cipherp); +extern int opt_md(const char* name, const EVP_MD** mdp); extern char* opt_arg(void); extern char* opt_unknown(void); extern char* opt_reset(void); diff --git a/apps/asn1pars.c b/apps/asn1pars.c index f2fabde1b6..22cd362f44 100644 --- a/apps/asn1pars.c +++ b/apps/asn1pars.c @@ -120,7 +120,8 @@ static int do_generate(BIO *bio, char *genstr, char *genconf, BUF_MEM *buf); int asn1parse_main(int argc, char **argv) { - int i,offset=0,ret=1,j; + int offset=0,ret=1,j; + enum options i; unsigned int length=0; long num,tmplen; BIO *in=NULL,*b64=NULL, *derout = NULL; @@ -143,10 +144,9 @@ int asn1parse_main(int argc, char **argv) goto end; } - while ((i = opt_next()) != 0) { + while ((i = opt_next()) != OPT_EOF) { switch (i) { - default: - BIO_printf(bio_err,"%s: Unhandled flag %d\n", prog, i); + case OPT_EOF: case OPT_ERR: BIO_printf(bio_err,"Valid options are:\n"); printhelp(asn1parse_help); @@ -200,12 +200,9 @@ int asn1parse_main(int argc, char **argv) if (oidfile != NULL) { - in = BIO_new_file(oidfile, "r"); + in = bio_open_default(oidfile, "r"); if (in == NULL) - { - ERR_print_errors(bio_err); goto end; - } OBJ_create_objects(in); BIO_free(in); } @@ -1008,9 +1008,8 @@ bad: md = (char *)OBJ_nid2sn(def_nid); } - if ((dgst=EVP_get_digestbyname(md)) == NULL) + if (!opt_md(md, &dgst)) { - BIO_printf(bio_err,"%s is an unsupported message digest type\n",md); goto err; } diff --git a/apps/ciphers.c b/apps/ciphers.c index b9f5123428..b725e24c5a 100644 --- a/apps/ciphers.c +++ b/apps/ciphers.c @@ -76,6 +76,43 @@ const char *ciphers_help[]={ NULL }; + +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_V, OPT_UPPER_V, OPT_S, +#ifndef OPENSSL_NO_SSL_TRACE + OPT_STDNAME, +#endif +#ifndef OPENSSL_NO_SSL2 + OPT_SSL2, +#endif +#ifndef OPENSSL_NO_SSL3 + OPT_SSL3, +#endif +#ifndef OPENSSL_NO_TLS1 + OPT_TLS1, +#endif +}; +static OPTIONS options[] = { + { "v", OPT_V, '-' }, + { "V", OPT_UPPER_V, '-' }, + { "s", OPT_S, '-' }, +#ifndef OPENSSL_NO_SSL_TRACE + { "stdname", OPT_STDNAME, '-' }, +#endif +#ifndef OPENSSL_NO_SSL2 + { "ssl2", OPT_SSL2, '-' }, +#endif +#ifndef OPENSSL_NO_SSL3 + { "ssl3", OPT_SSL3, '-' }, +#endif +#ifndef OPENSSL_NO_TLS1 + { "tls1", OPT_TLS1, '-' }, +#endif + { NULL } +}; + + int ciphers_main(int argc, char **argv) { int ret=1,i; @@ -85,65 +122,65 @@ int ciphers_main(int argc, char **argv) int stdname = 0; #endif const char *p; - int badops=0; SSL_CTX *ctx=NULL; SSL *ssl=NULL; char *ciphers=NULL; - const SSL_METHOD *meth=NULL; + const SSL_METHOD *meth=SSLv23_server_method(); STACK_OF(SSL_CIPHER) *sk=NULL; char buf[512]; + enum options o; + char* prog; - meth=SSLv23_server_method(); - - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-v") == 0) - verbose=1; - else if (strcmp(*argv,"-V") == 0) - verbose=Verbose=1; - else if (strcmp(*argv,"-s") == 0) + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: +bad: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(ciphers_help); + goto end; + case OPT_V: + verbose = 1; + break; + case OPT_UPPER_V: + verbose = Verbose = 1; + break; + case OPT_S: use_supported = 1; + break; #ifndef OPENSSL_NO_SSL_TRACE - else if (strcmp(*argv,"-stdname") == 0) - stdname=verbose=1; + case OPT_STDNAME: + stdname = verbose = 1; + break; #endif + #ifndef OPENSSL_NO_SSL2 - else if (strcmp(*argv,"-ssl2") == 0) + case OPT_SSL2: meth=SSLv2_client_method(); + break; #endif #ifndef OPENSSL_NO_SSL3 - else if (strcmp(*argv,"-ssl3") == 0) + case OPT_SSL3: meth=SSLv3_client_method(); + break; #endif #ifndef OPENSSL_NO_TLS1 - else if (strcmp(*argv,"-tls1") == 0) + case OPT_TLS1: meth=TLSv1_client_method(); -#endif - else if ((strncmp(*argv,"-h",2) == 0) || - (strcmp(*argv,"-?") == 0)) - { - badops=1; break; - } - else - { - ciphers= *argv; - } - argc--; - argv++; +#endif } + } - if (badops) - { - BIO_printf(bio_err, "usage: ciphers args\n"); - printhelp(ciphers_help); - goto end; - } + argv = opt_rest(); + argc = opt_num_rest(); + if (argc == 1) + ciphers = *argv; + else if (argc != 0) + goto bad; OpenSSL_add_ssl_algorithms(); - ctx=SSL_CTX_new(meth); if (ctx == NULL) goto err; if (ciphers != NULL) { @@ -172,7 +209,7 @@ int ciphers_main(int argc, char **argv) } BIO_printf(bio_out,"\n"); } - else /* verbose */ + else { for (i=0; i<sk_SSL_CIPHER_num(sk); i++) @@ -210,12 +247,9 @@ int ciphers_main(int argc, char **argv) } ret=0; - if (0) - { + goto end; err: - SSL_load_error_strings(); - ERR_print_errors(bio_err); - } + ERR_print_errors(bio_err); end: if (use_supported && sk) sk_SSL_CIPHER_free(sk); diff --git a/apps/cms.c b/apps/cms.c index aea969a7e4..bdb9e26800 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -504,11 +504,8 @@ int cms_main(int argc, char **argv) { if (!args[1]) goto argerr; - sign_md = EVP_get_digestbyname(*++args); - if (sign_md == NULL) + if (!opt_md(opt_arg(), &sign_md)) { - BIO_printf(bio_err, "Unknown digest %s\n", - *args); goto argerr; } } @@ -633,7 +630,7 @@ int cms_main(int argc, char **argv) } else if (args_verify(&args, NULL, &badarg, bio_err, &vpm)) continue; - else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL) + else if (!opt_cipher(opt_unknown(), &cipher)) badarg = 1; args++; } diff --git a/apps/crl.c b/apps/crl.c index 8225f62262..70bd30252d 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -67,9 +67,6 @@ #include <openssl/pem.h> -#undef POSTFIX -#define POSTFIX ".rvk" - const char *crl_help[]={ "-inform arg input format - default PEM (DER or PEM)", "-outform arg output format - default PEM", @@ -91,17 +88,52 @@ const char *crl_help[]={ "-nameopt arg various certificate name options", NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_IN, OPT_OUTFORM, OPT_OUT, OPT_KEYFORM, OPT_KEY, + OPT_ISSUER, OPT_LASTUPDATE, OPT_NEXTUPDATE, OPT_FINGERPRINT, + OPT_CRLNUMBER, OPT_BADSIG, OPT_GENDELTA, OPT_CAPATH, OPT_CAFILE, + OPT_VERIFY, OPT_TEXT, OPT_HASH, OPT_HASH_OLD, OPT_NOOUT, + OPT_NAMEOPT, OPT_MD +}; +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "in", OPT_IN, '<' }, + { "outform", OPT_OUTFORM, 'F' }, + { "out", OPT_OUT, '>' }, + { "keyform", OPT_KEYFORM, 'F' }, + { "key", OPT_KEY, '<' }, + { "issuer", OPT_ISSUER, '-' }, + { "lastupdate", OPT_LASTUPDATE, '-' }, + { "nextupdate", OPT_NEXTUPDATE, '-' }, + { "noout", OPT_NOOUT, '-' }, + { "fingerprint", OPT_FINGERPRINT, '-' }, + { "crlnumber", OPT_CRLNUMBER, '-' }, + { "badsig", OPT_BADSIG, '-' }, + { "gendelta", OPT_GENDELTA, '<' }, + { "CApath", OPT_CAPATH, '/' }, + { "CAfile", OPT_CAFILE, '<' }, + { "verify", OPT_VERIFY, '-' }, + { "text", OPT_TEXT, '-' }, + { "hash", OPT_HASH, '-' }, + { "hash_old", OPT_HASH_OLD, '-' }, + { "nameopt", OPT_NAMEOPT, 's' }, + { "", OPT_MD, '-' }, + { NULL } +}; int crl_main(int argc, char **argv) { unsigned long nmflag = 0; X509_CRL *x=NULL; char *CAfile = NULL, *CApath = NULL; - int ret=1,i,num,badops=0,badsig=0; + int ret=1,num,badsig=0; + enum options o; BIO *out=NULL; - int informat,outformat, keyformat; + int informat=FORMAT_PEM,outformat=FORMAT_PEM, keyformat=FORMAT_PEM; char *infile=NULL,*outfile=NULL, *crldiff = NULL, *keyfile = NULL; int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0,text=0; + char* prog; #ifndef OPENSSL_NO_MD5 int hash_old=0; #endif @@ -111,127 +143,96 @@ int crl_main(int argc, char **argv) X509_LOOKUP *lookup = NULL; X509_OBJECT xobj; EVP_PKEY *pkey; - int do_ver = 0; + int i,do_ver = 0; const EVP_MD *md_alg,*digest=EVP_sha1(); - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - keyformat=FORMAT_PEM; - - argc--; - argv++; - num=0; - while (argc >= 1) - { -#ifdef undef - if (strcmp(*argv,"-p") == 0) - { - if (--argc < 1) goto bad; - if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/ - } -#endif - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-gendelta") == 0) - { - if (--argc < 1) goto bad; - crldiff= *(++argv); - } - else if (strcmp(*argv,"-key") == 0) - { - if (--argc < 1) goto bad; - keyfile= *(++argv); - } - else if (strcmp(*argv,"-keyform") == 0) - { - if (--argc < 1) goto bad; - keyformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-CApath") == 0) - { - if (--argc < 1) goto bad; - CApath = *(++argv); - do_ver = 1; - } - else if (strcmp(*argv,"-CAfile") == 0) - { - if (--argc < 1) goto bad; - CAfile = *(++argv); + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: +bad: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(crl_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; + case OPT_OUT: + outfile = opt_arg(); + break; + case OPT_KEYFORM: + opt_format(opt_arg(), 1, &keyformat); + break; + case OPT_KEY: + keyfile= opt_arg(); + break; + case OPT_GENDELTA: + crldiff= opt_arg(); + break; + case OPT_CAPATH: + CApath = opt_arg(); do_ver = 1; - } - else if (strcmp(*argv,"-verify") == 0) + break; + case OPT_CAFILE: + CAfile = opt_arg(); do_ver = 1; - else if (strcmp(*argv,"-text") == 0) - text = 1; - else if (strcmp(*argv,"-hash") == 0) - hash= ++num; + break; #ifndef OPENSSL_NO_MD5 - else if (strcmp(*argv,"-hash_old") == 0) + case OPT_HASH_OLD: hash_old= ++num; + break; #endif - else if (strcmp(*argv,"-nameopt") == 0) - { - if (--argc < 1) goto bad; - if (!set_name_ex(&nmflag, *(++argv))) goto bad; - } - else if (strcmp(*argv,"-issuer") == 0) + case OPT_VERIFY: + do_ver = 1; + break; + case OPT_TEXT: + text = 1; + break; + case OPT_HASH: + hash= ++num; + break; + case OPT_ISSUER: issuer= ++num; - else if (strcmp(*argv,"-lastupdate") == 0) + break; + case OPT_LASTUPDATE: lastupdate= ++num; - else if (strcmp(*argv,"-nextupdate") == 0) + break; + case OPT_NEXTUPDATE: nextupdate= ++num; - else if (strcmp(*argv,"-noout") == 0) + break; + case OPT_NOOUT: noout= ++num; - else if (strcmp(*argv,"-fingerprint") == 0) + break; + case OPT_FINGERPRINT: fingerprint= ++num; - else if (strcmp(*argv,"-crlnumber") == 0) + break; + case OPT_CRLNUMBER: crlnumber= ++num; - else if (strcmp(*argv,"-badsig") == 0) + break; + case OPT_BADSIG: badsig = 1; - else if ((md_alg=EVP_get_digestbyname(*argv + 1))) - { - /* ok */ - digest=md_alg; - } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; break; - } - argc--; - argv++; + case OPT_NAMEOPT: + if (!set_name_ex(&nmflag, opt_arg())) + goto bad; + break; + case OPT_MD: + if (!opt_md(opt_unknown(), &md_alg)) + goto bad; } + } - if (badops) - { -bad: - BIO_printf(bio_err,"crl [options]\n"); - BIO_printf(bio_err,"where options are\n"); - printhelp(crl_help); - goto end; - } x=load_crl(infile,informat); - if (x == NULL) { goto end; } + if (x == NULL) + goto end; if(do_ver) { store = X509_STORE_new(); @@ -398,15 +399,11 @@ bad: if (outformat == FORMAT_ASN1) i=(int)i2d_X509_CRL_bio(out,x); - else if (outformat == FORMAT_PEM) + else i=PEM_write_bio_X509_CRL(out,x); - else - { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; } ret=0; + end: if (ret != 0) ERR_print_errors(bio_err); diff --git a/apps/crl2p7.c b/apps/crl2p7.c index 48298533a2..1b7bad7326 100644 --- a/apps/crl2p7.c +++ b/apps/crl2p7.c @@ -84,12 +84,25 @@ const char* crl2pkcs7_help[] = { NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_NOCRL, OPT_CERTFILE, +}; +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "outform", OPT_OUTFORM, 'F' }, + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "nocrl", OPT_NOCRL, '-' }, + { "certfile", OPT_CERTFILE, 's' }, + { NULL } +}; + int crl2pkcs7_main(int argc, char **argv) { - int i,badops=0; BIO *in=NULL,*out=NULL; - int informat,outformat; - char *infile,*outfile,*prog,*certfile; + int i,informat=FORMAT_PEM,outformat=FORMAT_PEM; + char *infile=NULL,*outfile=NULL,*prog,*certfile; PKCS7 *p7 = NULL; PKCS7_SIGNED *p7s = NULL; X509_CRL *crl=NULL; @@ -97,45 +110,34 @@ int crl2pkcs7_main(int argc, char **argv) STACK_OF(X509_CRL) *crl_stack=NULL; STACK_OF(X509) *cert_stack=NULL; int ret=1,nocrl=0; + enum options o; - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-nocrl") == 0) - { + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(crl2pkcs7_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUT: + outfile= opt_arg(); + break; + case OPT_NOCRL: nocrl=1; - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-certfile") == 0) - { - if (--argc < 1) goto bad; - if(!certflst) certflst = sk_OPENSSL_STRING_new_null(); + break; + case OPT_CERTFILE: + if(!certflst) + certflst = sk_OPENSSL_STRING_new_null(); if (!certflst) goto end; if (!sk_OPENSSL_STRING_push(certflst,*(++argv))) @@ -143,26 +145,9 @@ int crl2pkcs7_main(int argc, char **argv) sk_OPENSSL_STRING_free(certflst); goto end; } - } - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - printhelp(crl2pkcs7_help); - ret = 1; - goto end; } + } if (!nocrl) { @@ -174,10 +159,6 @@ bad: crl=d2i_X509_CRL_bio(in,NULL); else if (informat == FORMAT_PEM) crl=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL); - else { - BIO_printf(bio_err,"bad input format specified for input crl\n"); - goto end; - } if (crl == NULL) { BIO_printf(bio_err,"unable to load CRL\n"); @@ -224,10 +205,6 @@ bad: i=i2d_PKCS7_bio(out,p7); else if (outformat == FORMAT_PEM) i=PEM_write_bio_PKCS7(out,p7); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } if (!i) { BIO_printf(bio_err,"unable to write pkcs7 object\n"); diff --git a/apps/dgst.c b/apps/dgst.c index 65ab565a95..14484bb683 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -239,7 +239,7 @@ int dgst_main(int argc, char **argv) if (!macopts || !sk_OPENSSL_STRING_push(macopts, *(++argv))) break; } - else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL) + else if (opt_md(opt_unknown(), &m)) md=m; else break; @@ -85,84 +85,72 @@ const char* dh_help[] = { #endif NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_ENGINE, + OPT_CHECK, OPT_TEXT, OPT_C, OPT_NOOUT +}; +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "outform", OPT_OUTFORM, 'F' }, + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "engine", OPT_ENGINE, 's' }, + { "check", OPT_CHECK, '-' }, + { "text", OPT_TEXT, '-' }, + { "C", OPT_C, '-' }, + { "noout", OPT_NOOUT, '-' }, + { NULL } +}; + int dh_main(int argc, char **argv) { DH *dh=NULL; - int i,badops=0,text=0; + int i,text=0; BIO *in=NULL,*out=NULL; - int informat,outformat,check=0,noout=0,C=0,ret=1; - char *infile,*outfile,*prog; -#ifndef OPENSSL_NO_ENGINE - char *engine; -#endif + int informat=FORMAT_PEM,outformat=FORMAT_PEM,check=0,noout=0,C=0,ret=1; + char *infile=NULL,*outfile=NULL,*prog; + char *engine=NULL; + enum options o; -#ifndef OPENSSL_NO_ENGINE - engine=NULL; -#endif - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine= *(++argv); - } -#endif - else if (strcmp(*argv,"-check") == 0) + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(dh_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUT: + outfile= opt_arg(); + break; + case OPT_ENGINE: + engine = opt_arg(); + break; + case OPT_CHECK: check=1; - else if (strcmp(*argv,"-text") == 0) + break; + case OPT_TEXT: text=1; - else if (strcmp(*argv,"-C") == 0) + break; + case OPT_C: C=1; - else if (strcmp(*argv,"-noout") == 0) + break; + case OPT_NOOUT: noout=1; - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - printhelp(dh_help); - goto end; } + } #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); @@ -179,11 +167,6 @@ bad: dh=d2i_DHparams_bio(in,NULL); else if (informat == FORMAT_PEM) dh=PEM_read_bio_DHparams(in,NULL,NULL,NULL); - else - { - BIO_printf(bio_err,"bad input format specified\n"); - goto end; - } if (dh == NULL) { BIO_printf(bio_err,"unable to load DH parameters\n"); @@ -272,12 +255,8 @@ bad: { if (outformat == FORMAT_ASN1) i=i2d_DHparams_bio(out,dh); - else if (outformat == FORMAT_PEM) + else i=PEM_write_bio_DHparams(out,dh); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } if (!i) { BIO_printf(bio_err,"unable to write DH parameters\n"); diff --git a/apps/dhparam.c b/apps/dhparam.c index 3f5a8e19ad..e348ae8bb2 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -137,109 +137,115 @@ const char* dhparam_help[] = { "-outform arg output format, DER or PEM", "-in arg input file", "-out arg output file", -#ifndef OPENSSL_NO_DSA - "-dsaparam read or generate DSA parameters, convert to DH", -#endif "-check check the DH parameters", "-text print a text form of the DH parameters", "-C Output C code", "-2 generate parameters using 2 as the generator value", "-5 generate parameters using 5 as the generator value", "-rand file... load the file(s) into the random number generator", +#ifndef OPENSSL_NO_DSA + "-dsaparam read or generate DSA parameters, convert to DH", +#endif #ifndef OPENSSL_NO_ENGINE " -engine e use engine e, possibly a hardware device.", #endif NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, + OPT_ENGINE, OPT_CHECK, OPT_TEXT, OPT_NOOUT, + OPT_RAND, OPT_DSAPARAM, OPT_C, OPT_2, OPT_5, +}; + +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "outform", OPT_OUTFORM, 'F' }, + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "check", OPT_CHECK, '-' }, + { "text", OPT_TEXT, '-' }, + { "noout", OPT_NOOUT, '-' }, + { "rand", OPT_RAND, 's' }, + { "C", OPT_C, '-' }, + { "2", OPT_2, '-' }, + { "5", OPT_5, '-' }, +#ifndef OPENSSL_NO_ENGINE + { "engine", OPT_ENGINE, 's' }, +#endif +#ifndef OPENSSL_NO_DSA + { "dsaparam", OPT_DSAPARAM, '-' }, +#endif + { NULL } +}; int dhparam_main(int argc, char **argv) { DH *dh=NULL; - int i,badops=0,text=0; -#ifndef OPENSSL_NO_DSA - int dsaparam=0; -#endif + int i,text=0; + enum options o; BIO *in=NULL,*out=NULL; - int informat,outformat,check=0,noout=0,C=0,ret=1; - char *infile,*outfile,*prog; + int informat=FORMAT_PEM,outformat=FORMAT_PEM,check=0,noout=0,C=0,ret=1; + char *infile=NULL,*outfile=NULL,*prog; char *inrand=NULL; -#ifndef OPENSSL_NO_ENGINE - char *engine=NULL; -#endif int num = 0, g = 0; + int dsaparam=0; + char *engine=NULL; - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine= *(++argv); - } -#endif - else if (strcmp(*argv,"-check") == 0) - check=1; - else if (strcmp(*argv,"-text") == 0) - text=1; -#ifndef OPENSSL_NO_DSA - else if (strcmp(*argv,"-dsaparam") == 0) - dsaparam=1; -#endif - else if (strcmp(*argv,"-C") == 0) + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: + BIO_printf(bio_err,"Usage: %s [flags] [numbits]", prog); + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(dhparam_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUT: + outfile = opt_arg(); + break; + case OPT_ENGINE: + engine = opt_arg(); + break; + case OPT_CHECK: + check = 1; + break; + case OPT_TEXT: + text = 1; + break; + case OPT_DSAPARAM: + dsaparam = 1; + break; + case OPT_C: C=1; - else if (strcmp(*argv,"-noout") == 0) - noout=1; - else if (strcmp(*argv,"-2") == 0) + break; + case OPT_2: g=2; - else if (strcmp(*argv,"-5") == 0) + break; + case OPT_5: g=5; - else if (strcmp(*argv,"-rand") == 0) - { - if (--argc < 1) goto bad; - inrand= *(++argv); - } - else if (((sscanf(*argv,"%d",&num) == 0) || (num <= 0))) - goto bad; - argv++; - argc--; + break; + case OPT_NOOUT: + noout=1; + break; + case OPT_RAND: + inrand = opt_arg(); + break; } + } - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] [numbits]\n",prog); - BIO_printf(bio_err,"where options are\n"); - printhelp(dhparam_help); + argv = opt_rest(); + if (argv[0] && (!opt_int(argv[0], &num) || num <= 0)) goto end; - } #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); @@ -249,21 +255,15 @@ bad: num = DEFBITS; #ifndef OPENSSL_NO_DSA - if (dsaparam) + if (dsaparam && g) { - if (g) - { - BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n"); - goto end; - } + BIO_printf(bio_err, "generator may not be chosen for DSA parameters\n"); + goto end; } - else #endif - { - /* DH parameters */ - if (num && !g) - g = 2; - } + /* DH parameters */ + if (num && !g) + g = 2; if(num) { @@ -445,17 +445,10 @@ bad: { if (outformat == FORMAT_ASN1) i=i2d_DHparams_bio(out,dh); - else if (outformat == FORMAT_PEM) - { - if (dh->q) - i=PEM_write_bio_DHxparams(out,dh); - else - i=PEM_write_bio_DHparams(out,dh); - } - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } + else if (dh->q) + i=PEM_write_bio_DHxparams(out,dh); + else + i=PEM_write_bio_DHparams(out,dh); if (!i) { BIO_printf(bio_err,"unable to write DH parameters\n"); diff --git a/apps/dsa.c b/apps/dsa.c index bebf89aa91..d7d01d084e 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -104,116 +104,119 @@ const char* dsa_help[] = { NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, + OPT_ENGINE, OPT_PVK_STRONG, OPT_PVK_WEAK, + OPT_PVK_NONE, OPT_NOOUT, OPT_TEXT, OPT_MODULUS, OPT_PUBIN, + OPT_PUBOUT, OPT_CIPHER, OPT_PASSIN, OPT_PASSOUT, +}; +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "outform", OPT_OUTFORM, 'F' }, +#ifndef OPENSSL_NO_ENGINE + { "engine", OPT_ENGINE, 's' }, +#endif + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "pvk-strong", OPT_PVK_STRONG, '-' }, + { "pvk-weak", OPT_PVK_WEAK, '-' }, + { "pvk-none", OPT_PVK_NONE, '-' }, + { "noout", OPT_NOOUT, '-' }, + { "text", OPT_TEXT, '-' }, + { "modulus", OPT_MODULUS, '-' }, + { "pubin", OPT_PUBIN, '-' }, + { "pubout", OPT_PUBOUT, '-' }, + { "passin", OPT_PASSIN, 's' }, + { "passout", OPT_PASSOUT, 's' }, + { "", OPT_CIPHER, '-' }, + { NULL } +}; + int dsa_main(int argc, char **argv) { ENGINE *e = NULL; int ret=1; DSA *dsa=NULL; - int i,badops=0; + int i; const EVP_CIPHER *enc=NULL; BIO *in=NULL,*out=NULL; - int informat,outformat,text=0,noout=0; + int informat=FORMAT_PEM,outformat=FORMAT_PEM,text=0,noout=0; int pubin = 0, pubout = 0; - char *infile,*outfile,*prog; -#ifndef OPENSSL_NO_ENGINE - char *engine; -#endif - char *passargin = NULL, *passargout = NULL; + char *infile=NULL,*outfile=NULL,*prog; + char *engine=NULL; + char *passinarg = NULL, *passoutarg = NULL; char *passin = NULL, *passout = NULL; int modulus=0; - int pvk_encr = 2; + enum options o; -#ifndef OPENSSL_NO_ENGINE - engine=NULL; -#endif - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-passin") == 0) - { - if (--argc < 1) goto bad; - passargin= *(++argv); - } - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine= *(++argv); - } -#endif - else if (strcmp(*argv,"-pvk-strong") == 0) + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(dsa_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; + case OPT_OUT: + outfile= opt_arg(); + break; + case OPT_ENGINE: + engine = opt_arg(); + break; + case OPT_PASSIN: + passinarg = opt_arg(); + break; + case OPT_PASSOUT: + passoutarg= opt_arg(); + break; + case OPT_PVK_STRONG: pvk_encr=2; - else if (strcmp(*argv,"-pvk-weak") == 0) + break; + case OPT_PVK_WEAK: pvk_encr=1; - else if (strcmp(*argv,"-pvk-none") == 0) + break; + case OPT_PVK_NONE: pvk_encr=0; - else if (strcmp(*argv,"-noout") == 0) + break; + case OPT_NOOUT: noout=1; - else if (strcmp(*argv,"-text") == 0) + break; + case OPT_TEXT: text=1; - else if (strcmp(*argv,"-modulus") == 0) + break; + case OPT_MODULUS: modulus=1; - else if (strcmp(*argv,"-pubin") == 0) + break; + case OPT_PUBIN: pubin=1; - else if (strcmp(*argv,"-pubout") == 0) + break; + case OPT_PUBOUT: pubout=1; - else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL) - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; break; - } - argc--; - argv++; + case OPT_CIPHER: + if (!opt_cipher(opt_unknown(), &enc)) + goto end; + break; } + } - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - printhelp(dsa_help); - goto end; - } #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); #endif - if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { + if(!app_passwd(bio_err, passinarg, passoutarg, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); goto end; } @@ -224,22 +227,22 @@ bad: BIO_printf(bio_err,"read DSA key\n"); - { - EVP_PKEY *pkey; + { + EVP_PKEY *pkey; - if (pubin) - pkey = load_pubkey(bio_err, infile, informat, 1, - passin, e, "Public Key"); - else - pkey = load_key(bio_err, infile, informat, 1, - passin, e, "Private Key"); + if (pubin) + pkey = load_pubkey(bio_err, infile, informat, 1, + passin, e, "Public Key"); + else + pkey = load_key(bio_err, infile, informat, 1, + passin, e, "Private Key"); - if (pkey) - { - dsa = EVP_PKEY_get1_DSA(pkey); - EVP_PKEY_free(pkey); - } + if (pkey) + { + dsa = EVP_PKEY_get1_DSA(pkey); + EVP_PKEY_free(pkey); } + } if (dsa == NULL) { BIO_printf(bio_err,"unable to load Key\n"); @@ -261,9 +264,9 @@ bad: if (modulus) { - fprintf(stdout,"Public Key="); + BIO_printf(out,"Public Key="); BN_print(out,dsa->pub_key); - fprintf(stdout,"\n"); + BIO_printf(out,"\n"); } if (noout) goto end; @@ -297,9 +300,9 @@ bad: { BIO_printf(bio_err,"unable to write private key\n"); ERR_print_errors(bio_err); + goto end; } - else - ret=0; + ret=0; end: if(in != NULL) BIO_free(in); if(out != NULL) BIO_free_all(out); diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 06e4736add..f79dbedaab 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -283,13 +283,8 @@ bad: } else if (informat == FORMAT_ASN1) dsa=d2i_DSAparams_bio(in,NULL); - else if (informat == FORMAT_PEM) - dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL); else - { - BIO_printf(bio_err,"bad input format specified\n"); - goto end; - } + dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL); if (dsa == NULL) { BIO_printf(bio_err,"unable to load DSA parameters\n"); @@ -361,12 +356,8 @@ bad: { if (outformat == FORMAT_ASN1) i=i2d_DSAparams_bio(out,dsa); - else if (outformat == FORMAT_PEM) + else i=PEM_write_bio_DSAparams(out,dsa); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } if (!i) { BIO_printf(bio_err,"unable to write DSA parameters\n"); @@ -390,13 +381,8 @@ bad: } if (outformat == FORMAT_ASN1) i=i2d_DSAPrivateKey_bio(out,dsakey); - else if (outformat == FORMAT_PEM) + else i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - DSA_free(dsakey); - goto end; - } DSA_free(dsakey); } if (need_rand) @@ -89,79 +89,101 @@ const char* ec_help[] = { NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT, + OPT_NOOUT, OPT_TEXT, OPT_PARAM_OUT, OPT_PUBIN, OPT_PUBOUT, + OPT_PASSIN, OPT_PASSOUT, OPT_PARAM_ENC, OPT_CONV_FORM, OPT_CIPHER, +}; +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "outform", OPT_OUTFORM, 'F' }, +#ifndef OPENSSL_NO_ENGINE + { "engine", OPT_ENGINE, 's' }, +#endif + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "noout", OPT_NOOUT, '-' }, + { "text", OPT_TEXT, '-' }, + { "param_out", OPT_PARAM_OUT, '-' }, + { "pubin", OPT_PUBIN, '-' }, + { "pubout", OPT_PUBOUT, '-' }, + { "passin", OPT_PASSIN, 's' }, + { "passout", OPT_PASSOUT, 's' }, + { "param_enc", OPT_PARAM_ENC, 's' }, + { "conv_form", OPT_CONV_FORM, 's' }, + { "", OPT_CIPHER, '-' }, + { NULL } +}; + int ec_main(int argc, char **argv) { int ret = 1; EC_KEY *eckey = NULL; const EC_GROUP *group; - int i, badops = 0; + int i; const EVP_CIPHER *enc = NULL; BIO *in = NULL, *out = NULL; - int informat, outformat, text=0, noout=0; + int informat=FORMAT_PEM, outformat=FORMAT_PEM, text=0, noout=0; int pubin = 0, pubout = 0, param_out = 0; - char *infile, *outfile, *prog, *engine; - char *passargin = NULL, *passargout = NULL; + char *infile=NULL, *outfile=NULL, *prog, *engine=NULL; + char *passinarg = NULL, *passoutarg = NULL; char *passin = NULL, *passout = NULL; point_conversion_form_t form = POINT_CONVERSION_UNCOMPRESSED; int new_form = 0; int asn1_flag = OPENSSL_EC_NAMED_CURVE; int new_asn1_flag = 0; + enum options o; - engine = NULL; - infile = NULL; - outfile = NULL; - informat = FORMAT_PEM; - outformat = FORMAT_PEM; - - prog = argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-passin") == 0) - { - if (--argc < 1) goto bad; - passargin= *(++argv); - } - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } - else if (strcmp(*argv, "-engine") == 0) - { - if (--argc < 1) goto bad; - engine= *(++argv); - } - else if (strcmp(*argv, "-noout") == 0) + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: +bad: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(ec_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; + case OPT_OUT: + outfile= opt_arg(); + break; + case OPT_NOOUT: noout = 1; - else if (strcmp(*argv, "-text") == 0) + break; + case OPT_TEXT: text = 1; - else if (strcmp(*argv, "-conv_form") == 0) - { - if (--argc < 1) + break; + case OPT_PARAM_OUT: + param_out = 1; + break; + case OPT_PUBIN: + pubin=1; + break; + case OPT_PUBOUT: + pubout=1; + break; + case OPT_PASSIN: + passinarg= opt_arg(); + break; + case OPT_PASSOUT: + passoutarg= opt_arg(); + break; + case OPT_ENGINE: + engine= opt_arg(); + break; + case OPT_CIPHER: + if (!opt_cipher(opt_unknown(), &enc)) goto bad; - ++argv; + case OPT_CONV_FORM: new_form = 1; if (strcmp(*argv, "compressed") == 0) form = POINT_CONVERSION_COMPRESSED; @@ -171,12 +193,8 @@ int ec_main(int argc, char **argv) form = POINT_CONVERSION_HYBRID; else goto bad; - } - else if (strcmp(*argv, "-param_enc") == 0) - { - if (--argc < 1) - goto bad; - ++argv; + break; + case OPT_PARAM_ENC: new_asn1_flag = 1; if (strcmp(*argv, "named_curve") == 0) asn1_flag = OPENSSL_EC_NAMED_CURVE; @@ -184,37 +202,15 @@ int ec_main(int argc, char **argv) asn1_flag = 0; else goto bad; - } - else if (strcmp(*argv, "-param_out") == 0) - param_out = 1; - else if (strcmp(*argv, "-pubin") == 0) - pubin=1; - else if (strcmp(*argv, "-pubout") == 0) - pubout=1; - else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL) - { - BIO_printf(bio_err, "unknown option %s\n", *argv); - badops=1; break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog); - BIO_printf(bio_err, "where options are\n"); - printhelp(ec_help); - goto end; } + } #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); #endif - if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) + if(!app_passwd(bio_err, passinarg, passoutarg, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); goto end; @@ -232,20 +228,13 @@ bad: else eckey = d2i_ECPrivateKey_bio(in, NULL); } - else if (informat == FORMAT_PEM) + else { if (pubin) - eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, - NULL); + eckey = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, NULL); else - eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL, - passin); + eckey = PEM_read_bio_ECPrivateKey(in, NULL, NULL, passin); } - else - { - BIO_printf(bio_err, "bad input format specified for key\n"); - goto end; - } if (eckey == NULL) { BIO_printf(bio_err,"unable to load Key\n"); diff --git a/apps/ecparam.c b/apps/ecparam.c index 635d24a767..a3645e8688 100644 --- a/apps/ecparam.c +++ b/apps/ecparam.c @@ -334,19 +334,9 @@ bad: EC_GROUP_set_point_conversion_form(group, form); } else if (informat == FORMAT_ASN1) - { group = d2i_ECPKParameters_bio(in, NULL); - } - else if (informat == FORMAT_PEM) - { - group = PEM_read_bio_ECPKParameters(in,NULL,NULL,NULL); - } else - { - BIO_printf(bio_err, "bad input format specified\n"); - goto end; - } - + group = PEM_read_bio_ECPKParameters(in,NULL,NULL,NULL); if (group == NULL) { BIO_printf(bio_err, diff --git a/apps/enc.c b/apps/enc.c index 53583d3eed..6ac91c3e03 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -293,7 +293,7 @@ int enc_main(int argc, char **argv) else if (strcmp(*argv,"-non-fips-allow") == 0) non_fips_allow = 1; else if ((argv[0][0] == '-') && - ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL)) + opt_cipher(opt_unknown(), &c)) { cipher=c; } diff --git a/apps/errstr.c b/apps/errstr.c index 7fbd29fb3a..b84d4afa7b 100644 --- a/apps/errstr.c +++ b/apps/errstr.c @@ -81,18 +81,16 @@ static OPTIONS options[] = { int errstr_main(int argc, char **argv) { - int i,ret=0; + int ret=0; + enum options o; char buf[256]; - char* endptr; char* prog; unsigned long l; - SSL_load_error_strings(); prog = opt_init(argc, argv, options); - while ((i = opt_next()) != 0) { - switch (i) { - default: - BIO_printf(bio_err,"%s: Unhandled flag %d\n", prog, i); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: case OPT_ERR: BIO_printf(bio_err,"Valid options are:\n"); printhelp(errstr_help); @@ -110,14 +108,8 @@ int errstr_main(int argc, char **argv) for (argv = opt_rest(); *argv; argv++) { - l = strtoul(*argv, &endptr, 0); - if (*endptr) - { - BIO_printf(bio_err, - "%s: Bad char %c in error code %s\n", - prog, *endptr, *argv); + if (!opt_ulong(*argv, &l)) ret++; - } else { ERR_error_string_n(l, buf, sizeof buf); diff --git a/apps/gendh.c b/apps/gendh.c index c35d018435..9f182bc9f7 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -121,9 +121,10 @@ int gendh_main(int argc, char **argv) BN_GENCB_set(&cb, dh_cb, bio_err); prog = opt_init(argc, argv, options); - while ((i = opt_next()) != 0) { + while ((i = opt_next()) != OPT_EOF) { switch (i) { default: + case OPT_EOF: BIO_printf(bio_err,"%s: Unhandled flag %d\n", prog, i); case OPT_ERR: BIO_printf(bio_err,"Valid options are:\n"); diff --git a/apps/gendsa.c b/apps/gendsa.c index f45e2ebf14..b1fbe5b35f 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -99,114 +99,152 @@ const char* gendsa_help[] = { NULL }; + + +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_OUT, OPT_PASSOUT, OPT_ENGINE, OPT_RAND, +#ifndef OPENSSL_NO_DES + OPT_DES, OPT_DES3, +#endif +#ifndef OPENSSL_NO_IDEA + OPT_IDEA, +#endif +#ifndef OPENSSL_NO_SEED + OPT_SEED, +#endif +#ifndef OPENSSL_NO_AES + OPT_AES128, OPT_AES192, OPT_AES256, +#endif +#ifndef OPENSSL_NO_CAMELLIA + OPT_CAMELLIA128, OPT_CAMELLIA192, OPT_CAMELLIA256, +#endif +}; +static OPTIONS options[] = { + { "out", OPT_OUT, '>' }, + { "passout", OPT_PASSOUT, 's' }, + { "engine", OPT_ENGINE, 's' }, + { "rand", OPT_RAND, 's' }, +#ifndef OPENSSL_NO_DES + { "des", OPT_DES, '-' }, + { "des3", OPT_DES3, '-' }, +#endif +#ifndef OPENSSL_NO_IDEA + { "idea", OPT_IDEA, '-' }, +#endif +#ifndef OPENSSL_NO_SEED + { "seed", OPT_SEED, '-' }, +#endif +#ifndef OPENSSL_NO_AES + { "aes128", OPT_AES128, '-' }, + { "aes192", OPT_AES192, '-' }, + { "aes256", OPT_AES256, '-' }, +#endif +#ifndef OPENSSL_NO_CAMELLIA + { "camellia128", OPT_CAMELLIA128, '-' }, + { "camellia192", OPT_CAMELLIA192, '-' }, + { "camellia256", OPT_CAMELLIA256, '-' }, +#endif + { NULL } +}; + int gendsa_main(int argc, char **argv) { DSA *dsa=NULL; int ret=1; char *outfile=NULL; char *inrand=NULL,*dsaparams=NULL; - char *passargout = NULL, *passout = NULL; + char *passoutarg = NULL, *passout = NULL; BIO *out=NULL,*in=NULL; const EVP_CIPHER *enc=NULL; -#ifndef OPENSSL_NO_ENGINE char *engine=NULL; -#endif + enum options o; + char* prog; - argv++; - argc--; - for (;;) - { - if (argc <= 0) break; - if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine= *(++argv); - } -#endif - else if (strcmp(*argv,"-rand") == 0) - { - if (--argc < 1) goto bad; - inrand= *(++argv); - } - else if (strcmp(*argv,"-") == 0) - goto bad; -#ifndef OPENSSL_NO_DES - else if (strcmp(*argv,"-des") == 0) - enc=EVP_des_cbc(); - else if (strcmp(*argv,"-des3") == 0) - enc=EVP_des_ede3_cbc(); -#endif -#ifndef OPENSSL_NO_IDEA - else if (strcmp(*argv,"-idea") == 0) - enc=EVP_idea_cbc(); -#endif -#ifndef OPENSSL_NO_SEED - else if (strcmp(*argv,"-seed") == 0) - enc=EVP_seed_cbc(); -#endif + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: +bad: + BIO_printf(bio_err,"usage: %s [args] dsaparam-file\n", + prog); + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(gendsa_help); + goto end; + case OPT_OUT: + outfile= opt_arg(); + break; + case OPT_PASSOUT: + passoutarg= opt_arg(); + break; + case OPT_ENGINE: + engine= opt_arg(); + break; + case OPT_RAND: + inrand= opt_arg(); + break; #ifndef OPENSSL_NO_AES - else if (strcmp(*argv,"-aes128") == 0) + case OPT_AES128: enc=EVP_aes_128_cbc(); - else if (strcmp(*argv,"-aes192") == 0) + break; + case OPT_AES192: enc=EVP_aes_192_cbc(); - else if (strcmp(*argv,"-aes256") == 0) + break; + case OPT_AES256: enc=EVP_aes_256_cbc(); + break; #endif #ifndef OPENSSL_NO_CAMELLIA - else if (strcmp(*argv,"-camellia128") == 0) + case OPT_CAMELLIA128: enc=EVP_camellia_128_cbc(); - else if (strcmp(*argv,"-camellia192") == 0) + break; + case OPT_CAMELLIA192: enc=EVP_camellia_192_cbc(); - else if (strcmp(*argv,"-camellia256") == 0) + break; + case OPT_CAMELLIA256: enc=EVP_camellia_256_cbc(); + break; +#endif +#ifndef OPENSSL_NO_DES + case OPT_DES: + enc=EVP_des_cbc(); + break; + case OPT_DES3: + enc=EVP_des_ede3_cbc(); + break; +#endif +#ifndef OPENSSL_NO_IDEA + case OPT_IDEA: + enc=EVP_idea_cbc(); + break; +#endif +#ifndef OPENSSL_NO_SEED + case OPT_SEED: + enc=EVP_seed_cbc(); + break; #endif - else if (**argv != '-' && dsaparams == NULL) - { - dsaparams = *argv; - } - else - goto bad; - argv++; - argc--; } + } - if (dsaparams == NULL) - { -bad: - BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n"); - printhelp(gendsa_help); - BIO_printf(bio_err," dsaparam-file\n"); - BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n"); - goto end; - } + if (opt_num_rest() != 1) + goto bad; + argv = opt_rest(); + dsaparams = *argv; #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); #endif - if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { + if(!app_passwd(bio_err, NULL, passoutarg, NULL, &passout)) { BIO_printf(bio_err, "Error getting password\n"); goto end; } - in = BIO_new_file(dsaparams, "r"); + in = bio_open_default(dsaparams, "r"); if (in == NULL) - { - ERR_print_errors(bio_err); - goto end; - } + goto end2; if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL) { @@ -218,7 +256,7 @@ bad: out = bio_open_default(outfile, "w"); if (out == NULL) - goto end; + goto end2; if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) { @@ -240,6 +278,7 @@ bad: end: if (ret != 0) ERR_print_errors(bio_err); +end2: if (in != NULL) BIO_free(in); if (out != NULL) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); diff --git a/apps/genpkey.c b/apps/genpkey.c index 0c9ae96869..21df5df206 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -181,8 +181,7 @@ int genpkey_main(int argc, char **argv) text=1; else { - cipher = EVP_get_cipherbyname(*args + 1); - if (!cipher) + if (!opt_cipher(*args+1, &cipher)) { BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1); diff --git a/apps/genrsa.c b/apps/genrsa.c index d985c0aac9..5c5bd12dc9 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -110,109 +110,133 @@ const char* genrsa_help[] = { NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_3, OPT_F4, OPT_NON_FIPS_ALLOW, OPT_ENGINE, + OPT_OUT, OPT_RAND, OPT_PASSOUT, +#ifndef OPENSSL_NO_DES + OPT_DES, OPT_DES3, +#endif +#ifndef OPENSSL_NO_IDEA + OPT_IDEA, +#endif +#ifndef OPENSSL_NO_SEED + OPT_SEED, +#endif +#ifndef OPENSSL_NO_AES + OPT_AES128, OPT_AES192, OPT_AES256, +#endif +#ifndef OPENSSL_NO_CAMELLIA + OPT_CAMELLIA128, OPT_CAMELLIA192, OPT_CAMELLIA256, +#endif +}; +static OPTIONS options[] = { + { "3", OPT_3, '-' }, + { "F4", OPT_F4, '-' }, + { "f4", OPT_F4, '-' }, + { "non-fips-allow", OPT_NON_FIPS_ALLOW, '-' }, + { "out", OPT_OUT, 's' }, + { "engine", OPT_ENGINE, 's' }, + { "rand", OPT_RAND, 's' }, + { "passout", OPT_PASSOUT, 's' }, + { NULL } +}; + int genrsa_main(int argc, char **argv) { BN_GENCB cb; -#ifndef OPENSSL_NO_ENGINE ENGINE *e = NULL; -#endif int ret=1; - int non_fips_allow = 0; - int i,num=DEFBITS; + int non_fips_allow = 0,i,num=DEFBITS; long l; const EVP_CIPHER *enc=NULL; unsigned long f4=RSA_F4; - char *outfile=NULL; - char *passargout = NULL, *passout = NULL; -#ifndef OPENSSL_NO_ENGINE - char *engine=NULL; -#endif - char *inrand=NULL; + char *outfile=NULL, *passoutarg = NULL, *passout = NULL; + char *engine=NULL, *inrand=NULL, *prog; BIO *out=NULL; - BIGNUM *bn = BN_new(); RSA *rsa = NULL; + enum options o; + BIGNUM *bn = BN_new(); if(!bn) goto err; BN_GENCB_set(&cb, genrsa_cb, bio_err); - argv++; - argc--; - for (;;) - { - if (argc <= 0) break; - if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-3") == 0) + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(genrsa_help); + goto err; + case OPT_3: f4=3; - else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) + break; + case OPT_F4: f4=RSA_F4; -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine= *(++argv); - } -#endif - else if (strcmp(*argv,"-rand") == 0) - { - if (--argc < 1) goto bad; - inrand= *(++argv); - } + break; + case OPT_NON_FIPS_ALLOW: + non_fips_allow = 1; + break; + case OPT_OUT: + outfile= opt_arg(); + case OPT_ENGINE: + engine= opt_arg(); + break; + case OPT_RAND: + inrand= opt_arg(); + break; + case OPT_PASSOUT: + passoutarg= opt_arg(); + break; #ifndef OPENSSL_NO_DES - else if (strcmp(*argv,"-des") == 0) + case OPT_DES: enc=EVP_des_cbc(); - else if (strcmp(*argv,"-des3") == 0) + break; + case OPT_DES3: enc=EVP_des_ede3_cbc(); + break; #endif #ifndef OPENSSL_NO_IDEA - else if (strcmp(*argv,"-idea") == 0) + case OPT_IDEA: enc=EVP_idea_cbc(); + break; #endif #ifndef OPENSSL_NO_SEED - else if (strcmp(*argv,"-seed") == 0) + case OPT_SEED: enc=EVP_seed_cbc(); + break; #endif #ifndef OPENSSL_NO_AES - else if (strcmp(*argv,"-aes128") == 0) + case OPT_AES128: enc=EVP_aes_128_cbc(); - else if (strcmp(*argv,"-aes192") == 0) + break; + case OPT_AES192: enc=EVP_aes_192_cbc(); - else if (strcmp(*argv,"-aes256") == 0) + break; + case OPT_AES256: enc=EVP_aes_256_cbc(); + break; #endif #ifndef OPENSSL_NO_CAMELLIA - else if (strcmp(*argv,"-camellia128") == 0) + case OPT_CAMELLIA128: enc=EVP_camellia_128_cbc(); - else if (strcmp(*argv,"-camellia192") == 0) + break; + case OPT_CAMELLIA192: enc=EVP_camellia_192_cbc(); - else if (strcmp(*argv,"-camellia256") == 0) + break; + case OPT_CAMELLIA256: enc=EVP_camellia_256_cbc(); -#endif - else if (strcmp(*argv,"-passout") == 0) - { - if (--argc < 1) goto bad; - passargout= *(++argv); - } - else if (strcmp(*argv,"-non-fips-allow") == 0) - non_fips_allow = 1; - else break; - argv++; - argc--; +#endif } - if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0))) - { -bad: - BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n"); - printhelp(genrsa_help); + } + argv = opt_rest(); + if (argv[0] && (!opt_int(argv[0], &num) || num <= 0)) goto err; - } - - if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { + + if(!app_passwd(bio_err, NULL, passoutarg, NULL, &passout)) { BIO_printf(bio_err, "Error getting password\n"); goto err; } diff --git a/apps/nseq.c b/apps/nseq.c index b7f2bc3354..18ddbe2ad1 100644 --- a/apps/nseq.c +++ b/apps/nseq.c @@ -87,14 +87,14 @@ int nseq_main(int argc, char **argv) int toseq=0; X509 *x509=NULL; NETSCAPE_CERT_SEQUENCE *seq=NULL; - int i, ret=1; + enum options o; + int ret=1,i; char* prog; prog = opt_init(argc, argv, options); - while ((i = opt_next()) != 0) { - switch (i) { - default: - BIO_printf(bio_err,"%s: Unhandled flag %d\n", prog, i); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: case OPT_ERR: BIO_printf(bio_err,"Valid options are:\n"); printhelp(nseq_help); diff --git a/apps/ocsp.c b/apps/ocsp.c index c2c92573cf..c8ecea4b7a 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -624,13 +624,13 @@ int ocsp_main(int argc, char **argv) if (args[1]) { args++; - rsign_md = EVP_get_digestbyname(*args); + if (!opt_md(opt_arg(), &rsign_md)) if (!rsign_md) badarg = 1; } else badarg = 1; } - else if ((cert_id_md = EVP_get_digestbyname((*args)+1))==NULL) + else if (!opt_md(opt_unknown(), &cert_id_md)) { badarg = 1; } diff --git a/apps/openssl.c b/apps/openssl.c index 3f5097d20d..e65587f2d5 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -160,13 +160,15 @@ void printhelp(const char** cpp) static void apps_startup() { - do_pipe_sig(); +#ifdef SIGPIPE + signal(SIGPIPE, SIG_IGN); +#endif CRYPTO_malloc_init(); ERR_load_crypto_strings(); + ERR_load_SSL_strings(); OpenSSL_add_all_algorithms(); #ifndef OPENSSL_NO_ENGINE - /*ENGINE_load_builtin_engines(); - */ + ENGINE_load_builtin_engines(); #endif setup_ui_method(); } @@ -178,14 +180,16 @@ static void apps_shutdown() OBJ_cleanup(); EVP_cleanup(); #ifndef OPENSSL_NO_ENGINE - /*ENGINE_cleanup(); - */ + ENGINE_cleanup(); #endif CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); RAND_cleanup(); ERR_free_strings(); - zlib_cleanup(); + +#ifndef OPENSSL_NO_COMP + COMP_zlib_cleanup(); +#endif } static char *make_config_name() diff --git a/apps/opt.c b/apps/opt.c index 7091ab70de..2bf7fb2564 100644 --- a/apps/opt.c +++ b/apps/opt.c @@ -11,7 +11,6 @@ #include <errno.h> #include <ctype.h> #include <openssl/bio.h> - /* Our state */ static char** argv; static int argc; @@ -118,13 +117,14 @@ char *opt_init(int ac, char** av, const OPTIONS* o) assert(o->retval > 0); assert(i == 0 || i == '-' || i == 'n' || i == 'p' || i == 'u' - || i == 's' || i == '<' || i == '>' + || i == 's' || i == '<' || i == '>' || i == '/' || i == 'f' || i == 'F' ); /* Make sure there are no duplicates. */ for (next = o; (++next)->name; ) { - assert(o->retval != next->retval); + /* do allow aliases: + * assert(o->retval != next->retval); */ assert(strcmp(o->name, next->name) != 0); } #endif @@ -183,6 +183,86 @@ int opt_format(const char *s, int onlyderpem, int* result) return 1; } +/* Parse a cipher name, put it in *EVP_CIPHER; return 0 on failure, else 1. */ +int opt_cipher(const char* name, const EVP_CIPHER** cipherp) +{ + *cipherp = EVP_get_cipherbyname(name); + if (*cipherp) + return 1; + BIO_printf(bio_err, "%s: Unknown cipher %s\n", prog, name); + return 0; +} + +/* Parse message digest name, put it in *EVP_MD; return 0 on failure, else 1. */ +int opt_md(const char* name, const EVP_MD** mdp) +{ + *mdp = EVP_get_digestbyname(name); + if (*mdp) + return 1; + BIO_printf(bio_err, "%s: Unknown digest %s\n", prog, name); + return 0; +} + +/* See if cp looks like a hex number, in case user left off the 0x */ +static int scanforhex(const char* cp) +{ + for (; *cp; cp++) + if (isxdigit(*cp)) + return 16; + return 0; +} + +/* Parse an int, put it into *result; return 0 on failure, else 1. */ +int opt_int(const char* arg, int* result) +{ + const char* fmt = "%d"; + int base = scanforhex(arg); + if (base == 16) + fmt = "%x"; + else if (*arg == '0') + fmt = "%o"; + if (sscanf(arg, fmt, result) != 1) { + BIO_printf(bio_err, + "%s: Can't parse %s as base-%d number\n", + prog, arg, base); + return 0; + } + return 1; +} + +/* Parse a long, put it into *result; return 0 on failure, else 1. */ +int opt_long(const char* arg, long* result) +{ + char* endptr; + int base = scanforhex(arg); + + *result = strtol(arg, &endptr, base); + if (*endptr) { + BIO_printf(bio_err, + "%s: Bad char %c in number %s\n", + prog, *endptr, arg); + return 0; + } + return 1; +} + +/* Parse an unsigned long, put it into *result; return 0 on failure, else 1. */ +int opt_ulong(const char* arg, unsigned long* result) +{ + char* endptr; + int base = scanforhex(arg); + + *result = strtoul(arg, &endptr, base); + if (*endptr) + { + BIO_printf(bio_err, + "%s: Bad char %c in number %s\n", + prog, *endptr, arg); + return 0; + } + return 1; +} + /* Parse the next flag (and value if specified), return 0 if done, -1 on * error, otherwise the flag's retval. */ int opt_next(void) @@ -191,6 +271,7 @@ int opt_next(void) char* endptr; const OPTIONS* o; int dummy; + int base; long val; unsigned long uval; @@ -252,6 +333,13 @@ int opt_next(void) case 's': /* Just a string. */ break; + case '/': + if (app_isdir(arg) >= 0) + break; + BIO_printf(bio_err, + "%s: Not a directory: %s\n", + prog, arg); + return -1; case '<': /* Input file. */ if (access(arg, R_OK) >= 0) @@ -270,7 +358,8 @@ int opt_next(void) return -1; case 'p': case 'n': - val = strtol(arg, &endptr, 0); + base = scanforhex(arg); + val = strtol(arg, &endptr, base); if (*endptr == '\0') { if (o->valtype == 'p' && val <= 0) { BIO_printf(bio_err, @@ -285,7 +374,8 @@ int opt_next(void) prog, arg, o->name); return -1; case 'u': - uval = strtoul(arg, &endptr, 0); + base = scanforhex(arg); + uval = strtoul(arg, &endptr, base); if (*endptr == '\0') break; BIO_printf(bio_err, @@ -345,7 +435,7 @@ int opt_num_rest(void) #ifdef TEST enum options { - OPT_ERR=-1, OPT_EOF=0, + OPT_ERR=-1, OPT_EOF=0, OPT_NOTUSED, OPT_IN, OPT_INFORM, OPT_OUT, OPT_COUNT, OPT_U, OPT_FLAG, OPT_STR }; static OPTIONS options[] = { @@ -362,35 +452,36 @@ static OPTIONS options[] = { BIO* bio_err; int main(int ac, char **av) { - int c; + enum options c; char** rest; bio_err = BIO_new_fp(stderr, BIO_NOCLOSE|BIO_FP_TEXT); opt_init(ac, av, options); - while ((c = opt_next()) != 0) { - if (c == -1) - return 1; + while ((c = opt_next()) != OPT_EOF) { switch (c) { - case 1: + case OPT_ERR: + printf("Usage error"); + return -1; + case OPT_IN: printf("in %s\n", opt_arg()); break; - case 2: + case OPT_INFORM: printf("inform %s\n", opt_arg()); break; - case 3: + case OPT_OUT: printf("out %s\n", opt_arg()); break; - case 4: - printf("out %s\n", opt_arg()); + case OPT_COUNT: + printf("count %s\n", opt_arg()); break; - case 5: + case OPT_U: printf("u %s\n", opt_arg()); break; - case 7: + case OPT_FLAG: printf("flag\n"); break; - case 's': + case OPT_STR: printf("str %s\n", opt_arg()); break; } diff --git a/apps/pkcs12.c b/apps/pkcs12.c index f4c0da4d3f..eedffb7b6f 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -363,35 +363,22 @@ int pkcs12_main(int argc, char **argv) app_RAND_load_files(inrand)); } -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("read files"); -#endif in = bio_open_default(infile, "rb"); if (in == NULL) goto end; -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("write files"); -#endif out = bio_open_default(outfile, "wb"); if (out == NULL) goto end; if (twopass) { -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("read MAC password"); -#endif if(EVP_read_pw_string (macpass, sizeof macpass, "Enter MAC Password:", export_cert)) { BIO_printf (bio_err, "Can't read Password\n"); goto end; } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif } if (export_cert) { @@ -411,10 +398,6 @@ int pkcs12_main(int argc, char **argv) if (options & NOCERTS) chain = 0; -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("process -export_cert"); - CRYPTO_push_info("reading private key"); -#endif if (!(options & NOKEYS)) { key = load_key(bio_err, keyname ? keyname : infile, @@ -423,10 +406,6 @@ int pkcs12_main(int argc, char **argv) goto export_end; } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("reading certs from input"); -#endif /* Load in all certs in input file */ if(!(options & NOCERTS)) @@ -462,10 +441,6 @@ int pkcs12_main(int argc, char **argv) } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("reading certs from input 2"); -#endif /* Add any more certificates asked for */ if(certfile) @@ -480,15 +455,7 @@ int pkcs12_main(int argc, char **argv) sk_X509_free(morecerts); } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("reading certs from certfile"); -#endif -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("building chain"); -#endif /* If chaining get chain from user cert */ if (chain) { @@ -538,10 +505,6 @@ int pkcs12_main(int argc, char **argv) if (add_lmk && key) EVP_PKEY_add1_attr_by_NID(key, NID_LocalKeySet, 0, NULL, -1); -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("reading password"); -#endif if(!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Export Password:", 1)) @@ -551,10 +514,6 @@ int pkcs12_main(int argc, char **argv) } if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass); -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("creating PKCS#12 structure"); -#endif p12 = PKCS12_create(cpass, name, key, ucert, certs, key_pbe, cert_pbe, iter, -1, keytype); @@ -567,40 +526,24 @@ int pkcs12_main(int argc, char **argv) if (macalg) { - macmd = EVP_get_digestbyname(macalg); - if (!macmd) - { - BIO_printf(bio_err, "Unknown digest algorithm %s\n", - macalg); - } + if (!opt_md(macalg, &macmd)) + goto export_end; } if (maciter != -1) PKCS12_set_mac(p12, mpass, -1, NULL, 0, maciter, macmd); -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_push_info("writing pkcs12"); -#endif i2d_PKCS12_bio(out, p12); ret = 0; export_end: -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); - CRYPTO_pop_info(); - CRYPTO_push_info("process -export_cert: freeing"); -#endif if (key) EVP_PKEY_free(key); if (certs) sk_X509_pop_free(certs, X509_free); if (ucert) X509_free(ucert); -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif goto end; } @@ -610,24 +553,15 @@ int pkcs12_main(int argc, char **argv) goto end; } -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("read import password"); -#endif if(!noprompt && EVP_read_pw_string(pass, sizeof pass, "Enter Import Password:", 0)) { BIO_printf (bio_err, "Can't read Password\n"); goto end; } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif if (!twopass) BUF_strlcpy(macpass, pass, sizeof macpass); if ((options & INFO) && p12->mac) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1); if(macver) { -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("verify MAC"); -#endif /* If we enter empty password try no password first */ if(!mpass[0] && PKCS12_verify_mac(p12, NULL, 0)) { /* If mac and crypto pass the same set it to NULL too */ @@ -638,29 +572,17 @@ int pkcs12_main(int argc, char **argv) goto end; } BIO_printf (bio_err, "MAC verified OK\n"); -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif } -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("output keys and certificates"); -#endif if (!dump_certs_keys_p12 (out, p12, cpass, -1, options, passout)) { BIO_printf(bio_err, "Error outputting keys and certificates\n"); ERR_print_errors (bio_err); goto end; } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif ret = 0; end: if (p12) PKCS12_free(p12); if(export_cert || inrand) app_RAND_write_file(NULL, bio_err); -#ifdef CRYPTO_MDEBUG - CRYPTO_remove_all_info(); -#endif BIO_free(in); BIO_free_all(out); if (canames) sk_OPENSSL_STRING_free(canames); @@ -848,22 +770,10 @@ int cert_load(BIO *in, STACK_OF(X509) *sk) int ret; X509 *cert; ret = 0; -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("cert_load(): reading one cert"); -#endif while((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) { -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif ret = 1; sk_X509_push(sk, cert); -#ifdef CRYPTO_MDEBUG - CRYPTO_push_info("cert_load(): reading one cert"); -#endif } -#ifdef CRYPTO_MDEBUG - CRYPTO_pop_info(); -#endif if(ret) ERR_clear_error(); return ret; } diff --git a/apps/pkcs7.c b/apps/pkcs7.c index 6955a49455..7a2a4cbdbc 100644 --- a/apps/pkcs7.c +++ b/apps/pkcs7.c @@ -83,83 +83,74 @@ const char* pkcs7_help[] = { NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_NOOUT, + OPT_TEXT, OPT_PRINT, OPT_PRINT_CERTS, OPT_ENGINE, +}; +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "outform", OPT_OUTFORM, 'F' }, + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "noout", OPT_NOOUT, '-' }, + { "text", OPT_TEXT, '-' }, + { "print", OPT_PRINT, '-' }, + { "print_certs", OPT_PRINT_CERTS, '-' }, + { "engine", OPT_ENGINE, 's' }, + { NULL } +}; + int pkcs7_main(int argc, char **argv) { PKCS7 *p7=NULL; - int i,badops=0; + int i; BIO *in=NULL,*out=NULL; - int informat,outformat; - char *infile,*outfile,*prog; + int informat=FORMAT_PEM,outformat=FORMAT_PEM; + char *infile=NULL,*outfile=NULL,*prog; int print_certs=0,text=0,noout=0,p7_print=0; int ret=1; -#ifndef OPENSSL_NO_ENGINE + enum options o; char *engine=NULL; -#endif - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-inform") == 0) - { - if (--argc < 1) goto bad; - informat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-outform") == 0) - { - if (--argc < 1) goto bad; - outformat=str2fmt(*(++argv)); - } - else if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-noout") == 0) + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(pkcs7_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUT: + outfile = opt_arg(); + break; + case OPT_NOOUT: noout=1; - else if (strcmp(*argv,"-text") == 0) + break; + case OPT_TEXT: text=1; - else if (strcmp(*argv,"-print") == 0) + break; + case OPT_PRINT: p7_print=1; - else if (strcmp(*argv,"-print_certs") == 0) + break; + case OPT_PRINT_CERTS: print_certs=1; -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine= *(++argv); - } -#endif - else - { - BIO_printf(bio_err,"unknown option %s\n",*argv); - badops=1; break; - } - argc--; - argv++; - } - - if (badops) - { -bad: - BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog); - BIO_printf(bio_err,"where options are\n"); - printhelp(pkcs7_help); - ret = 1; - goto end; + case OPT_ENGINE: + engine= opt_arg(); + break; } + } #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); diff --git a/apps/pkcs8.c b/apps/pkcs8.c index 77b0b8a7df..02f5bf1202 100644 --- a/apps/pkcs8.c +++ b/apps/pkcs8.c @@ -81,183 +81,143 @@ const char* pkcs8_help[] = { "-v2 alg use PKCS#5 v2.0 and cipher ", "-v1 obj use PKCS#5 v1.5 and cipher ", #ifndef OPENSSL_NO_ENGINE - " -engine e use engine e, possibly a hardware device.", + "-engine e use engine e, possibly a hardware device.", #endif NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT, + OPT_TOPK8, OPT_NOITER, OPT_NOCRYPT, OPT_NOOCT, OPT_NSDB, OPT_EMBED, + OPT_V2, OPT_V1, OPT_V2PRF, OPT_ITER, OPT_PASSIN, OPT_PASSOUT, +}; +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "outform", OPT_OUTFORM, 'F' }, +#ifndef OPENSSL_NO_ENGINE + { "engine", OPT_ENGINE, 's' }, +#endif + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "topk8", OPT_TOPK8, '-' }, + { "noiter", OPT_NOITER, '-' }, + { "nocrypt", OPT_NOCRYPT, '-' }, + { "nooct", OPT_NOOCT, '-' }, + { "nsdb", OPT_NSDB, '-' }, + { "embed", OPT_EMBED, '-' }, + { "v2", OPT_V2, 's' }, + { "v1", OPT_V1, 's' }, + { "v2prf", OPT_V2PRF, 's' }, + { "iter", OPT_ITER, 'p' }, + { "passin", OPT_PASSIN, 's' }, + { "passout", OPT_PASSOUT, 's' }, + { NULL } +}; + int pkcs8_main(int argc, char **argv) { ENGINE *e = NULL; - char **args, *infile = NULL, *outfile = NULL; - char *passargin = NULL, *passargout = NULL; - BIO *in = NULL, *out = NULL; - int topk8 = 0; - int pbe_nid = -1; - const EVP_CIPHER *cipher = NULL; - int iter = PKCS12_DEFAULT_ITER; - int informat, outformat; - int p8_broken = PKCS8_OK; - int nocrypt = 0; - X509_SIG *p8 = NULL; - PKCS8_PRIV_KEY_INFO *p8inf = NULL; + char *infile=NULL, *outfile=NULL; + char *passinarg=NULL, *passoutarg=NULL; + BIO *in=NULL, *out=NULL; + int topk8=0, pbe_nid=-1; + const EVP_CIPHER *cipher=NULL; + int iter=PKCS12_DEFAULT_ITER; + int informat=FORMAT_PEM, outformat=FORMAT_PEM; + int p8_broken=PKCS8_OK; + int nocrypt=0, ret=1; + X509_SIG *p8=NULL; + PKCS8_PRIV_KEY_INFO *p8inf=NULL; EVP_PKEY *pkey=NULL; - char pass[50], *passin = NULL, *passout = NULL, *p8pass = NULL; - int badarg = 0; - int ret = 1; -#ifndef OPENSSL_NO_ENGINE + char pass[50], *passin=NULL, *passout=NULL, *p8pass=NULL; char *engine=NULL; -#endif - - informat=FORMAT_PEM; - outformat=FORMAT_PEM; + enum options o; + char* prog; - args = argv + 1; - while (!badarg && *args && *args[0] == '-') - { - if (!strcmp(*args,"-v2")) - { - if (args[1]) - { - args++; - cipher=EVP_get_cipherbyname(*args); - if (!cipher) - { - BIO_printf(bio_err, - "Unknown cipher %s\n", *args); - badarg = 1; - } - } - else - badarg = 1; - } - else if (!strcmp(*args,"-v1")) - { - if (args[1]) - { - args++; - pbe_nid=OBJ_txt2nid(*args); - if (pbe_nid == NID_undef) - { - BIO_printf(bio_err, - "Unknown PBE algorithm %s\n", *args); - badarg = 1; - } - } - else - badarg = 1; - } - else if (!strcmp(*args,"-v2prf")) - { - if (args[1]) - { - args++; - pbe_nid=OBJ_txt2nid(*args); - if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0)) - { - BIO_printf(bio_err, - "Unknown PRF algorithm %s\n", *args); - badarg = 1; - } - } - else - badarg = 1; - } - else if (!strcmp(*args,"-inform")) - { - if (args[1]) - { - args++; - informat=str2fmt(*args); - } - else badarg = 1; - } - else if (!strcmp(*args,"-outform")) - { - if (args[1]) - { - args++; - outformat=str2fmt(*args); - } - else badarg = 1; - } - else if (!strcmp (*args, "-topk8")) + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: +bad: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(pkcs8_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; + case OPT_OUT: + outfile= opt_arg(); + break; + case OPT_TOPK8: topk8 = 1; - else if (!strcmp (*args, "-noiter")) + break; + case OPT_NOITER: iter = 1; - else if (!strcmp (*args, "-iter")) - { - if (args[1]) - { - iter = atoi(*(++args)); - if (iter <= 0) badarg = 1; - } - else badarg = 1; - } - else if (!strcmp (*args, "-nocrypt")) + break; + case OPT_NOCRYPT: nocrypt = 1; - else if (!strcmp (*args, "-nooct")) + break; + case OPT_NOOCT: p8_broken = PKCS8_NO_OCTET; - else if (!strcmp (*args, "-nsdb")) + break; + case OPT_NSDB: p8_broken = PKCS8_NS_DB; - else if (!strcmp (*args, "-embed")) + break; + case OPT_EMBED: p8_broken = PKCS8_EMBEDDED_PARAM; - else if (!strcmp(*args,"-passin")) - { - if (args[1]) - passargin= *(++args); - else badarg = 1; - } - else if (!strcmp(*args,"-passout")) - { - if (args[1]) - passargout= *(++args); - else badarg = 1; - } -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*args,"-engine") == 0) - { - if (args[1]) - engine= *(++args); - else badarg = 1; - } -#endif - else if (!strcmp (*args, "-in")) - { - if (args[1]) - { - args++; - infile = *args; - } - else badarg = 1; + break; + case OPT_V2: + if (!opt_cipher(opt_arg(), &cipher)) + goto bad; + break; + case OPT_V1: + pbe_nid=OBJ_txt2nid(opt_arg()); + if (pbe_nid == NID_undef) { + BIO_printf(bio_err, + "%s: Unknown PBE algorithm %s\n", + prog, opt_arg()); + goto bad; } - else if (!strcmp (*args, "-out")) - { - if (args[1]) - { - args++; - outfile = *args; - } - else badarg = 1; + break; + case OPT_V2PRF: + pbe_nid=OBJ_txt2nid(opt_arg()); + if (!EVP_PBE_find(EVP_PBE_TYPE_PRF, pbe_nid, NULL, NULL, 0)) { + BIO_printf(bio_err, + "%s: Unknown PRF algorithm %s\n", + prog, opt_arg()); + goto bad; } - else badarg = 1; - args++; - } - - if (badarg) - { - BIO_printf(bio_err, "Usage pkcs8 [options]\n"); - BIO_printf(bio_err, "where options are\n"); - printhelp(pkcs8_help); - goto end; + break; + case OPT_ITER: + if (!opt_int(opt_arg(), &iter)) + goto bad; + break; + case OPT_PASSIN: + passinarg = opt_arg(); + break; + case OPT_PASSOUT: + passoutarg= opt_arg(); + break; + case OPT_ENGINE: + engine= opt_arg(); + break; } + } #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); #endif - if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) + if (!app_passwd(bio_err, passinarg, passoutarg, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); goto end; diff --git a/apps/pkey.c b/apps/pkey.c index e85f0b3284..9066aafeba 100644 --- a/apps/pkey.c +++ b/apps/pkey.c @@ -69,133 +69,115 @@ const char* pkey_help[] = { "-outform X output format (DER or PEM)", "-out file output file", "-passout arg output file pass phrase source", + "-cipher cipher algorithm to use", + "-text output in plaintext as well", + "-text_pub only output public key components", + "-noout do not output the key", + "-pubin read public key from input (default is private key)", + "-pubout output public key, not private" #ifndef OPENSSL_NO_ENGINE "-engine e use engine e, possibly a hardware device.", #endif NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_INFORM, OPT_OUTFORM, OPT_PASSIN, OPT_PASSOUT, OPT_ENGINE, + OPT_IN, OPT_OUT, OPT_PUBIN, OPT_PUBOUT, OPT_TEXT_PUB, + OPT_TEXT, OPT_NOOUT, OPT_MD, +}; +static OPTIONS options[] = { + { "inform", OPT_INFORM, 'F' }, + { "outform", OPT_OUTFORM, 'F' }, + { "passin", OPT_PASSIN, 's' }, + { "passout", OPT_PASSOUT, 's' }, + { "engine", OPT_ENGINE, 's' }, + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "pubin", OPT_PUBIN, '-' }, + { "pubout", OPT_PUBOUT, '-' }, + { "text_pub", OPT_TEXT_PUB, '-' }, + { "text", OPT_TEXT, '-' }, + { "noout", OPT_NOOUT, '-' }, + { "", OPT_MD, '-' }, + { NULL } +}; + + int pkey_main(int argc, char **argv) { ENGINE *e = NULL; - char **args, *infile = NULL, *outfile = NULL; - char *passargin = NULL, *passargout = NULL; + char *infile = NULL, *outfile = NULL; + char *passinarg = NULL, *passoutarg = NULL; BIO *in = NULL, *out = NULL; const EVP_CIPHER *cipher = NULL; - int informat, outformat; + int informat=FORMAT_PEM, outformat=FORMAT_PEM; int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0; EVP_PKEY *pkey=NULL; char *passin = NULL, *passout = NULL; - int badarg = 0; -#ifndef OPENSSL_NO_ENGINE - char *engine=NULL; -#endif int ret = 1; - - informat=FORMAT_PEM; - outformat=FORMAT_PEM; - - args = argv + 1; - while (!badarg && *args && *args[0] == '-') - { - if (!strcmp(*args,"-inform")) - { - if (args[1]) - { - args++; - informat=str2fmt(*args); - } - else badarg = 1; - } - else if (!strcmp(*args,"-outform")) - { - if (args[1]) - { - args++; - outformat=str2fmt(*args); - } - else badarg = 1; - } - else if (!strcmp(*args,"-passin")) - { - if (!args[1]) goto bad; - passargin= *(++args); - } - else if (!strcmp(*args,"-passout")) - { - if (!args[1]) goto bad; - passargout= *(++args); - } -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*args,"-engine") == 0) - { - if (!args[1]) goto bad; - engine= *(++args); - } -#endif - else if (!strcmp (*args, "-in")) - { - if (args[1]) - { - args++; - infile = *args; - } - else badarg = 1; - } - else if (!strcmp (*args, "-out")) - { - if (args[1]) - { - args++; - outfile = *args; - } - else badarg = 1; - } - else if (strcmp(*args,"-pubin") == 0) - { - pubin=1; - pubout=1; - pubtext=1; - } - else if (strcmp(*args,"-pubout") == 0) + enum options o; + char* prog, *engine=NULL; + + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: +bad: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(pkey_help); + goto end; + case OPT_INFORM: + opt_format(opt_arg(), 1, &informat); + break; + case OPT_OUTFORM: + opt_format(opt_arg(), 1, &outformat); + break; + case OPT_PASSIN: + passinarg = opt_arg(); + break; + case OPT_PASSOUT: + passoutarg = opt_arg(); + break; + case OPT_ENGINE: + engine = opt_arg(); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUT: + outfile = opt_arg(); + break; + case OPT_PUBIN: + pubin=pubout=pubtext=1; + break; + case OPT_PUBOUT: pubout=1; - else if (strcmp(*args,"-text_pub") == 0) - { - pubtext=1; - text=1; - } - else if (strcmp(*args,"-text") == 0) + break; + case OPT_TEXT_PUB: + pubtext=text=1; + break; + case OPT_TEXT: text=1; - else if (strcmp(*args,"-noout") == 0) + break; + case OPT_NOOUT: noout=1; - else - { - cipher = EVP_get_cipherbyname(*args + 1); - if (!cipher) - { - BIO_printf(bio_err, "Unknown cipher %s\n", - *args + 1); - badarg = 1; - } - } - args++; + break; + case OPT_MD: + if (!opt_cipher(opt_unknown(), &cipher)) + goto bad; } + } - if (badarg) - { - bad: - BIO_printf(bio_err, "Usage pkey [options]\n"); - BIO_printf(bio_err, "where options are\n"); - printhelp(pkey_help); - return 1; - } #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); #endif - if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) + if (!app_passwd(bio_err, passinarg, passoutarg, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); goto end; diff --git a/apps/pkeyparam.c b/apps/pkeyparam.c index 617ec4b83d..493bdd7943 100644 --- a/apps/pkeyparam.c +++ b/apps/pkeyparam.c @@ -93,17 +93,15 @@ int pkeyparam_main(int argc, char **argv) BIO *in=NULL, *out=NULL; int text=0, noout=0; EVP_PKEY *pkey=NULL; - int i,ret=1; + int ret=1; + enum options o; char* prog; -#ifndef OPENSSL_NO_ENGINE char *engine=NULL; -#endif prog = opt_init(argc, argv, options); - while ((i = opt_next()) != 0) { - switch (i) { - default: - BIO_printf(bio_err,"%s: Unhandled flag %d\n", prog, i); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: case OPT_ERR: BIO_printf(bio_err,"Valid options are:\n"); printhelp(pkeyparam_help); @@ -124,7 +122,7 @@ int pkeyparam_main(int argc, char **argv) noout=1; break; } - } + } #ifndef OPENSSL_NO_ENGINE setup_engine(bio_err, engine, 0); diff --git a/apps/prime.c b/apps/prime.c index e48253cbeb..da6c67cf67 100644 --- a/apps/prime.c +++ b/apps/prime.c @@ -81,15 +81,14 @@ int prime_main(int argc, char **argv) int generate=0; int bits=0; int safe=0; - int i; + enum options o; BIGNUM *bn=NULL; char* prog; prog = opt_init(argc, argv, options); - while ((i = opt_next()) != 0) { - switch (i) { - default: - BIO_printf(bio_err,"%s: Unhandled flag %d\n", prog, i); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: case OPT_ERR: BIO_printf(bio_err,"Valid options are:\n"); printhelp(req_help); diff --git a/apps/progs.h b/apps/progs.h index 6dedd3574d..e1f00f3001 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -9,12 +9,12 @@ #define FUNC_TYPE_MD_ALG 5 #define FUNC_TYPE_CIPHER_ALG 6 -typedef struct { +typedef struct function_st { int type; const char *name; int (*func)(int argc,char *argv[]); const char **help; - } FUNCTION; +} FUNCTION; #ifndef APP_MAIN extern FUNCTION functions[]; diff --git a/apps/progs.pl b/apps/progs.pl index 501316a9a9..24d0395860 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -13,12 +13,12 @@ print <<'EOF'; #define FUNC_TYPE_MD_ALG 5 #define FUNC_TYPE_CIPHER_ALG 6 -typedef struct { +typedef struct function_st { int type; const char *name; int (*func)(int argc,char *argv[]); const char **help; - } FUNCTION; +} FUNCTION; #ifndef APP_MAIN extern FUNCTION functions[]; diff --git a/apps/rand.c b/apps/rand.c index 734dbd9629..13ab1284c6 100644 --- a/apps/rand.c +++ b/apps/rand.c @@ -90,23 +90,21 @@ static OPTIONS options[] = { int rand_main(int argc, char **argv) { - int i, r, ret = 1; + int r, ret = 1; + enum options o; char *outfile = NULL; char *inrand = NULL; int base64 = 0; int hex = 0; BIO *out = NULL; - int num = -1; + int i,num = -1; char* prog; -#ifndef OPENSSL_NO_ENGINE char *engine=NULL; -#endif prog = opt_init(argc, argv, options); - while ((i = opt_next()) != 0) { - switch (i) { - default: - BIO_printf(bio_err,"%s: Unhandled flag %d\n", prog, i); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: case OPT_ERR: bad: BIO_printf(bio_err,"Usage: %s [flags] num\n", diff --git a/apps/req.c b/apps/req.c index d8b5c15430..b19cdb390e 100644 --- a/apps/req.c +++ b/apps/req.c @@ -113,9 +113,6 @@ const char *req_help[] = { "-verify verify signature on REQ", "-modulus RSA modulus", "-nodes don't encrypt the output key", -#ifndef OPENSSL_NO_ENGINE - "-engine e use engine e, possibly a hardware device", -#endif "-subject output the request's subject", "-passin private key password source", "-key file use the private key contained in file", @@ -125,9 +122,6 @@ const char *req_help[] = { "-rand file... load the file(s) into the random number generator", "-newkey rsa:bits generate a new RSA key of 'bits' in size", "-newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'", -#ifndef OPENSSL_NO_ECDSA - "-newkey ec:file generate a new EC key, parameters taken from CA in 'file'", -#endif "-[digest] Digest to sign with (md5, sha1, md2, mdc2, md4)", "-config file request template file.", "-subj arg set or modify request subject", @@ -145,6 +139,12 @@ const char *req_help[] = { "-utf8 input characters are UTF8 (default ASCII)", "-nameopt arg - various certificate name options", "-reqopt arg - various request text options", +#ifndef OPENSSL_NO_ENGINE + "-engine e use engine e, possibly a hardware device", +#endif +#ifndef OPENSSL_NO_ECDSA + "-newkey ec:file generate a new EC key, parameters taken from CA in 'file'", +#endif NULL }; enum options { @@ -162,7 +162,9 @@ enum options { static OPTIONS options[] = { { "inform", OPT_INFORM, 'F' }, { "outform", OPT_OUTFORM, 'F' }, +#ifndef OPENSSL_NO_ENGINE { "engine", OPT_ENGINE, 's' }, +#endif { "keygen_engine", OPT_KEYGEN_ENGINE, 's' }, { "key", OPT_KEY, '<' }, { "pubkey", OPT_PUBKEY, '-' }, @@ -239,15 +241,16 @@ int req_main(int argc, char **argv) char *keyalgstr = NULL; STACK_OF(OPENSSL_STRING) *pkeyopts = NULL, *sigopts = NULL; EVP_PKEY *pkey=NULL; - int i=0,badops=0,newreq=0,verbose=0,pkey_type=-1; + int i=0,newreq=0,verbose=0,pkey_type=-1; + enum options o; long newkey = -1; BIO *in=NULL,*out=NULL; - int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM; + int informat=FORMAT_PEM,outformat=FORMAT_PEM,keyform=FORMAT_PEM; + int verify=0,noout=0,text=0; int nodes=0,kludge=0,newhdr=0,subject=0,pubkey=0; - char *infile=NULL,*outfile,*keyfile=NULL,*template=NULL,*keyout=NULL; -#ifndef OPENSSL_NO_ENGINE + char *infile=NULL,*outfile=NULL,*keyfile=NULL; + char *template=NULL,*keyout=NULL; char *engine=NULL; -#endif char *extensions = NULL; char *req_exts = NULL; const EVP_CIPHER *cipher=NULL; @@ -265,17 +268,13 @@ int req_main(int argc, char **argv) #ifndef OPENSSL_NO_DES cipher=EVP_des_ede3_cbc(); #endif - infile=NULL; - outfile=NULL; - informat=FORMAT_PEM; - outformat=FORMAT_PEM; opt_init(argc, argv, options); - while ((i = opt_next()) != 0) { - switch (i) { - default: - BIO_printf(bio_err,"Unhandled flag %d\n", i); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: case OPT_ERR: +bad: BIO_printf(bio_err,"Valid options are:\n"); printhelp(req_help); goto end; @@ -410,26 +409,13 @@ int req_main(int argc, char **argv) req_exts = opt_arg(); break; case OPT_MD: - if ((md_alg=EVP_get_digestbyname(opt_unknown())) != NULL) - digest=md_alg; - else - { - BIO_printf(bio_err, "unknown option -%s\n", - opt_unknown()); - badops=1; - } + if (!opt_md(opt_unknown(), &md_alg)) + goto bad; + digest=md_alg; break; } } - if (badops) - { -bad: - BIO_printf(bio_err,"Where options are\n"); - printhelp(req_help); - goto end; - } - if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); goto end; @@ -495,9 +481,9 @@ bad: p=NCONF_get_string(req_conf,SECTION,"default_md"); if (p == NULL) ERR_clear_error(); - if (p != NULL) + else { - if ((md_alg=EVP_get_digestbyname(p)) != NULL) + if (opt_md(p, &md_alg)) digest=md_alg; } } @@ -965,13 +951,10 @@ loop: { if (outformat == FORMAT_ASN1) i=i2d_X509_REQ_bio(out,req); - else if (outformat == FORMAT_PEM) { - if(newhdr) i=PEM_write_bio_X509_REQ_NEW(out,req); - else i=PEM_write_bio_X509_REQ(out,req); - } else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } + else if(newhdr) + i=PEM_write_bio_X509_REQ_NEW(out,req); + else + i=PEM_write_bio_X509_REQ(out,req); if (!i) { BIO_printf(bio_err,"unable to write X509 request\n"); @@ -980,14 +963,10 @@ loop: } if (!noout && x509 && (x509ss != NULL)) { - if (outformat == FORMAT_ASN1) + if (outformat == FORMAT_ASN1) i=i2d_X509_bio(out,x509ss); - else if (outformat == FORMAT_PEM) + else i=PEM_write_bio_X509(out,x509ss); - else { - BIO_printf(bio_err,"bad output format specified for outfile\n"); - goto end; - } if (!i) { BIO_printf(bio_err,"unable to write X509 certificate\n"); diff --git a/apps/rsa.c b/apps/rsa.c index 331da2bbe1..a0f0d65a1d 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -198,9 +198,8 @@ int rsa_main(int argc, char **argv) modulus=1; else if (strcmp(*argv,"-check") == 0) check=1; - else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL) + else if (!opt_cipher(opt_unknown(), &enc)) { - BIO_printf(bio_err,"unknown option %s\n",*argv); badops=1; break; } diff --git a/apps/rsautl.c b/apps/rsautl.c index 3b7f55f2d3..6eade62ef9 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -99,94 +99,133 @@ const char* rsautl_help[] = { NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_ENGINE, OPT_IN, OPT_OUT, OPT_ASN1PARSE, OPT_HEXDUMP, + OPT_RAW, OPT_OAEP, OPT_SSL, OPT_PKCS, OPT_X931, + OPT_SIGN, OPT_VERIFY, OPT_REV, OPT_ENCRYPT, OPT_DECRYPT, + OPT_PUBIN, OPT_CERTIN, OPT_INKEY, OPT_PASSIN, OPT_KEYFORM, +}; +static OPTIONS options[] = { + { "keyform", OPT_KEYFORM, 'F' }, +#ifndef OPENSSL_NO_ENGINE + { "engine", OPT_ENGINE, 's' }, +#endif + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "asn1parse", OPT_ASN1PARSE, '-' }, + { "hexdump", OPT_HEXDUMP, '-' }, + { "raw", OPT_RAW, '-' }, + { "oaep", OPT_OAEP, '-' }, + { "ssl", OPT_SSL, '-' }, + { "pkcs", OPT_PKCS, '-' }, + { "x931", OPT_X931, '-' }, + { "sign", OPT_SIGN, '-' }, + { "verify", OPT_VERIFY, '-' }, + { "rev", OPT_REV, '-' }, + { "encrypt", OPT_ENCRYPT, '-' }, + { "decrypt", OPT_DECRYPT, '-' }, + { "pubin", OPT_PUBIN, '-' }, + { "certin", OPT_CERTIN, '-' }, + { "inkey", OPT_INKEY, '<' }, + { "passin", OPT_PASSIN, 's' }, + { NULL } +}; + + int rsautl_main(int argc, char **argv) { ENGINE *e = NULL; BIO *in = NULL, *out = NULL; char *infile = NULL, *outfile = NULL; -#ifndef OPENSSL_NO_ENGINE char *engine = NULL; -#endif char *keyfile = NULL; char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY; - int keyform = FORMAT_PEM; + int keyformat = FORMAT_PEM; char need_priv = 0, badarg = 0, rev = 0; char hexdump = 0, asn1parse = 0; X509 *x; EVP_PKEY *pkey = NULL; RSA *rsa = NULL; - unsigned char *rsa_in = NULL, *rsa_out = NULL, pad; - char *passargin = NULL, *passin = NULL; + unsigned char *rsa_in = NULL, *rsa_out = NULL, pad = RSA_PKCS1_PADDING; + char *passinarg = NULL, *passin = NULL; int rsa_inlen, rsa_outlen = 0; int keysize; int ret = 1; + enum options o; + char* prog; - argc--; - argv++; - pad = RSA_PKCS1_PADDING; - - while(argc >= 1) - { - if (!strcmp(*argv,"-in")) { - if (--argc < 1) - badarg = 1; - else - infile= *(++argv); - } else if (!strcmp(*argv,"-out")) { - if (--argc < 1) - badarg = 1; - else - outfile= *(++argv); - } else if(!strcmp(*argv, "-inkey")) { - if (--argc < 1) - badarg = 1; - else - keyfile = *(++argv); - } else if (!strcmp(*argv,"-passin")) { - if (--argc < 1) - badarg = 1; - else - passargin= *(++argv); - } else if (strcmp(*argv,"-keyform") == 0) { - if (--argc < 1) - badarg = 1; - else - keyform=str2fmt(*(++argv)); -#ifndef OPENSSL_NO_ENGINE - } else if(!strcmp(*argv, "-engine")) { - if (--argc < 1) - badarg = 1; - else - engine = *(++argv); -#endif - } else if(!strcmp(*argv, "-pubin")) { - key_type = KEY_PUBKEY; - } else if(!strcmp(*argv, "-certin")) { - key_type = KEY_CERT; - } - else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1; - else if(!strcmp(*argv, "-hexdump")) hexdump = 1; - else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING; - else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING; - else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING; - else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING; - else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING; - else if(!strcmp(*argv, "-sign")) { + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(rsautl_help); + goto end; + case OPT_KEYFORM: + opt_format(opt_arg(), 1, &keyformat); + break; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUT: + outfile= opt_arg(); + break; + case OPT_ENGINE: + engine = opt_arg(); + break; + case OPT_ASN1PARSE: + asn1parse = 1; + break; + case OPT_HEXDUMP: + hexdump = 1; + break; + case OPT_RAW: + pad = RSA_NO_PADDING; + break; + case OPT_OAEP: + pad = RSA_PKCS1_OAEP_PADDING; + break; + case OPT_SSL: + pad = RSA_SSLV23_PADDING; + break; + case OPT_PKCS: + pad = RSA_PKCS1_PADDING; + break; + case OPT_X931: + pad = RSA_X931_PADDING; + break; + case OPT_SIGN: rsa_mode = RSA_SIGN; need_priv = 1; - } else if(!strcmp(*argv, "-verify")) rsa_mode = RSA_VERIFY; - else if(!strcmp(*argv, "-rev")) rev = 1; - else if(!strcmp(*argv, "-encrypt")) rsa_mode = RSA_ENCRYPT; - else if(!strcmp(*argv, "-decrypt")) { + break; + case OPT_VERIFY: + rsa_mode = RSA_VERIFY; + break; + case OPT_REV: + rev = 1; + break; + case OPT_ENCRYPT: + rsa_mode = RSA_ENCRYPT; + break; + case OPT_DECRYPT: rsa_mode = RSA_DECRYPT; need_priv = 1; - } else badarg = 1; - if(badarg) { - usage(); - goto end; + break; + case OPT_PUBIN: + key_type = KEY_PUBKEY; + break; + case OPT_CERTIN: + key_type = KEY_CERT; + break; + case OPT_INKEY: + keyfile = opt_arg(); + break; + case OPT_PASSIN: + passinarg = opt_arg(); + break; } - argc--; - argv++; } if(need_priv && (key_type != KEY_PRIVKEY)) { @@ -197,7 +236,7 @@ int rsautl_main(int argc, char **argv) #ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); #endif - if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { + if(!app_passwd(bio_err, passinarg, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); goto end; } @@ -207,17 +246,17 @@ int rsautl_main(int argc, char **argv) switch(key_type) { case KEY_PRIVKEY: - pkey = load_key(bio_err, keyfile, keyform, 0, + pkey = load_key(bio_err, keyfile, keyformat, 0, passin, e, "Private Key"); break; case KEY_PUBKEY: - pkey = load_pubkey(bio_err, keyfile, keyform, 0, + pkey = load_pubkey(bio_err, keyfile, keyformat, 0, NULL, e, "Public Key"); break; case KEY_CERT: - x = load_cert(bio_err, keyfile, keyform, + x = load_cert(bio_err, keyfile, keyformat, NULL, e, "Certificate"); if(x) { pkey = X509_get_pubkey(x); @@ -256,7 +295,7 @@ int rsautl_main(int argc, char **argv) rsa_inlen = BIO_read(in, rsa_in, keysize * 2); if(rsa_inlen <= 0) { BIO_printf(bio_err, "Error reading input Data\n"); - exit(1); + goto end; } if(rev) { int i; @@ -297,9 +336,12 @@ int rsautl_main(int argc, char **argv) if(!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) { ERR_print_errors(bio_err); } - } else if(hexdump) BIO_dump(out, (char *)rsa_out, rsa_outlen); - else BIO_write(out, rsa_out, rsa_outlen); - end: + } + else if (hexdump) + BIO_dump(out, (char *)rsa_out, rsa_outlen); + else + BIO_write(out, rsa_out, rsa_outlen); +end: RSA_free(rsa); BIO_free(in); BIO_free_all(out); diff --git a/apps/sess_id.c b/apps/sess_id.c index 566237442c..5ded2676f4 100644 --- a/apps/sess_id.c +++ b/apps/sess_id.c @@ -105,12 +105,12 @@ int sess_id_main(int argc, char **argv) int informat=FORMAT_PEM,outformat=FORMAT_PEM; char *infile=NULL,*outfile=NULL,*context=NULL; int cert=0,noout=0,text=0; + enum options o; opt_init(argc, argv, options); - while ((i = opt_next()) != 0) { - switch (i) { - default: - BIO_printf(bio_err,"Unhandled flag %d\n", i); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: case OPT_ERR: BIO_printf(bio_err,"Valid options are:\n"); printhelp(sess_id_help); @@ -158,7 +158,7 @@ int sess_id_main(int argc, char **argv) SSL_SESSION_set1_id_context(x, (unsigned char *)context, ctx_len); } -#ifdef undef +#if 0 /* just testing for memory leaks :-) */ { SSL_SESSION *s; diff --git a/apps/smime.c b/apps/smime.c index 0494bfeb54..338bd17f34 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -326,13 +326,8 @@ int smime_main(int argc, char **argv) { if (!args[1]) goto argerr; - sign_md = EVP_get_digestbyname(*++args); - if (sign_md == NULL) - { - BIO_printf(bio_err, "Unknown digest %s\n", - *args); + if (!opt_md(opt_arg(), &sign_md)) goto argerr; - } } else if (!strcmp (*args, "-inkey")) { @@ -412,7 +407,7 @@ int smime_main(int argc, char **argv) } else if (args_verify(&args, NULL, &badarg, bio_err, &vpm)) continue; - else if ((cipher = EVP_get_cipherbyname(*args + 1)) == NULL) + else if (!opt_cipher(*args+1, &cipher)) badarg = 1; args++; } diff --git a/apps/spkac.c b/apps/spkac.c index 64ff6bd3a0..2237080859 100644 --- a/apps/spkac.c +++ b/apps/spkac.c @@ -87,92 +87,90 @@ const char* spkac_help[] = { NULL }; +enum options { + OPT_ERR = -1, OPT_EOF = 0, + OPT_NOOUT, OPT_PUBKEY, OPT_VERIFY, OPT_IN, OPT_OUT, + OPT_ENGINE, OPT_KEY, OPT_CHALLENGE, OPT_PASSIN, OPT_SPKAC, + OPT_SPKSECT, +}; +static OPTIONS options[] = { + { "noout", OPT_NOOUT, '-' }, + { "pubkey", OPT_PUBKEY, '-' }, + { "verify", OPT_VERIFY, '-' }, + { "in", OPT_IN, '<' }, + { "out", OPT_OUT, '>' }, + { "engine", OPT_ENGINE, 's' }, + { "key", OPT_KEY, '<' }, + { "challenge", OPT_CHALLENGE, 's' }, + { "passin", OPT_PASSIN, 's' }, + { "spkac", OPT_SPKAC, 's' }, + { "spksect", OPT_SPKSECT, 's' }, + { NULL } +}; + int spkac_main(int argc, char **argv) { ENGINE *e = NULL; - int i,badops=0, ret = 1; + int i, ret = 1; BIO *in = NULL,*out = NULL; int verify=0,noout=0,pubkey=0; char *infile = NULL,*outfile = NULL,*prog; - char *passargin = NULL, *passin = NULL; + char *passinarg = NULL, *passin = NULL; const char *spkac = "SPKAC", *spksect = "default"; char *spkstr = NULL; char *challenge = NULL, *keyfile = NULL; CONF *conf = NULL; NETSCAPE_SPKI *spki = NULL; EVP_PKEY *pkey = NULL; -#ifndef OPENSSL_NO_ENGINE char *engine=NULL; -#endif + enum options o; - prog=argv[0]; - argc--; - argv++; - while (argc >= 1) - { - if (strcmp(*argv,"-in") == 0) - { - if (--argc < 1) goto bad; - infile= *(++argv); - } - else if (strcmp(*argv,"-out") == 0) - { - if (--argc < 1) goto bad; - outfile= *(++argv); - } - else if (strcmp(*argv,"-passin") == 0) - { - if (--argc < 1) goto bad; - passargin= *(++argv); - } - else if (strcmp(*argv,"-key") == 0) - { - if (--argc < 1) goto bad; - keyfile= *(++argv); - } - else if (strcmp(*argv,"-challenge") == 0) - { - if (--argc < 1) goto bad; - challenge= *(++argv); - } - else if (strcmp(*argv,"-spkac") == 0) - { - if (--argc < 1) goto bad; - spkac= *(++argv); - } - else if (strcmp(*argv,"-spksect") == 0) - { - if (--argc < 1) goto bad; - spksect= *(++argv); - } -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*argv,"-engine") == 0) - { - if (--argc < 1) goto bad; - engine= *(++argv); - } -#endif - else if (strcmp(*argv,"-noout") == 0) + prog = opt_init(argc, argv, options); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: + case OPT_ERR: + BIO_printf(bio_err,"Valid options are:\n"); + printhelp(spkac_help); + goto end; + case OPT_IN: + infile = opt_arg(); + break; + case OPT_OUT: + outfile = opt_arg(); + break; + case OPT_NOOUT: noout=1; - else if (strcmp(*argv,"-pubkey") == 0) + break; + case OPT_PUBKEY: pubkey=1; - else if (strcmp(*argv,"-verify") == 0) + break; + case OPT_VERIFY: verify=1; - else badops = 1; - argc--; - argv++; - } + break; + case OPT_PASSIN: + passinarg= opt_arg(); + break; + case OPT_KEY: + keyfile= opt_arg(); + break; + case OPT_CHALLENGE: + challenge= opt_arg(); + break; + case OPT_SPKAC: + spkac= opt_arg(); + break; + case OPT_SPKSECT: + spksect= opt_arg(); + break; + case OPT_ENGINE: + engine= opt_arg(); + break; - if (badops) - { -bad: - BIO_printf(bio_err,"spkac [options]\n"); - BIO_printf(bio_err,"where options are\n"); - printhelp(spkac_help); - goto end; } + } - if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) { + if(!app_passwd(bio_err, passinarg, NULL, &passin, NULL)) { BIO_printf(bio_err, "Error getting password\n"); goto end; } @@ -291,10 +291,8 @@ int ts_main(int argc, char **argv) if (argc-- < 1) goto usage; engine = *++argv; } - else if ((md = EVP_get_digestbyname(*argv + 1)) != NULL) - { - /* empty. */ - } + else if (!opt_md(opt_unknown(), &md)) + goto usage; else goto usage; } diff --git a/apps/version.c b/apps/version.c index 76915b08d1..7da883ebb0 100644 --- a/apps/version.c +++ b/apps/version.c @@ -160,15 +160,15 @@ static OPTIONS optlist[] = { int version_main(int argc, char **argv) { - int i,ret=0; + int ret=0; int cflags=0,version=0,date=0,options=0,platform=0,dir=0; char* prog; + enum options o; prog = opt_init(argc, argv, optlist); - while ((i = opt_next()) != 0) { - switch (i) { - default: - BIO_printf(bio_err,"%s: Unhandled flag %d\n", prog, i); + while ((o = opt_next()) != OPT_EOF) { + switch (o) { + case OPT_EOF: case OPT_ERR: BIO_printf(bio_err,"Valid options are:\n"); printhelp(version_help); diff --git a/apps/x509.c b/apps/x509.c index 726d1ec354..75b3d464aa 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -491,14 +491,10 @@ int x509_main(int argc, char **argv) ocspid= ++num; else if (strcmp(*argv,"-badsig") == 0) badsig = 1; - else if ((md_alg=EVP_get_digestbyname(*argv + 1))) - { - /* ok */ + else if (opt_md(*argv+1, &md_alg)) digest=md_alg; - } else { - BIO_printf(bio_err,"unknown option %s\n",*argv); badops=1; break; } |