aboutsummaryrefslogtreecommitdiff
path: root/apps/storeutl.c
diff options
context:
space:
mode:
Diffstat (limited to 'apps/storeutl.c')
-rw-r--r--apps/storeutl.c113
1 files changed, 69 insertions, 44 deletions
diff --git a/apps/storeutl.c b/apps/storeutl.c
index 644fe28499d6..30c9915de3e8 100644
--- a/apps/storeutl.c
+++ b/apps/storeutl.c
@@ -1,7 +1,7 @@
/*
- * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
*
- * Licensed under the OpenSSL license (the "License"). You may not use
+ * Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
@@ -19,24 +19,29 @@
static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
int expected, int criterion, OSSL_STORE_SEARCH *search,
int text, int noout, int recursive, int indent, BIO *out,
- const char *prog);
+ const char *prog, OSSL_LIB_CTX *libctx);
typedef enum OPTION_choice {
- OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ENGINE, OPT_OUT, OPT_PASSIN,
+ OPT_COMMON,
+ OPT_ENGINE, OPT_OUT, OPT_PASSIN,
OPT_NOOUT, OPT_TEXT, OPT_RECURSIVE,
OPT_SEARCHFOR_CERTS, OPT_SEARCHFOR_KEYS, OPT_SEARCHFOR_CRLS,
OPT_CRITERION_SUBJECT, OPT_CRITERION_ISSUER, OPT_CRITERION_SERIAL,
OPT_CRITERION_FINGERPRINT, OPT_CRITERION_ALIAS,
- OPT_MD
+ OPT_MD, OPT_PROV_ENUM
} OPTION_CHOICE;
const OPTIONS storeutl_options[] = {
- {OPT_HELP_STR, 1, '-', "Usage: %s [options] uri\nValid options are:\n"},
+ {OPT_HELP_STR, 1, '-', "Usage: %s [options] uri\n"},
+
+ OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
- {"out", OPT_OUT, '>', "Output file - default stdout"},
- {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
- {"text", OPT_TEXT, '-', "Print a text form of the objects"},
- {"noout", OPT_NOOUT, '-', "No PEM output, just status"},
+ {"", OPT_MD, '-', "Any supported digest"},
+#ifndef OPENSSL_NO_ENGINE
+ {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
+#endif
+
+ OPT_SECTION("Search"),
{"certs", OPT_SEARCHFOR_CERTS, '-', "Search for certificates only"},
{"keys", OPT_SEARCHFOR_KEYS, '-', "Search for keys only"},
{"crls", OPT_SEARCHFOR_CRLS, '-', "Search for CRLs only"},
@@ -45,11 +50,20 @@ const OPTIONS storeutl_options[] = {
{"serial", OPT_CRITERION_SERIAL, 's', "Search by issuer and serial, serial number"},
{"fingerprint", OPT_CRITERION_FINGERPRINT, 's', "Search by public key fingerprint, given in hex"},
{"alias", OPT_CRITERION_ALIAS, 's', "Search by alias"},
- {"", OPT_MD, '-', "Any supported digest"},
-#ifndef OPENSSL_NO_ENGINE
- {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
-#endif
{"r", OPT_RECURSIVE, '-', "Recurse through names"},
+
+ OPT_SECTION("Input"),
+ {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
+
+ OPT_SECTION("Output"),
+ {"out", OPT_OUT, '>', "Output file - default stdout"},
+ {"text", OPT_TEXT, '-', "Print a text form of the objects"},
+ {"noout", OPT_NOOUT, '-', "No PEM output, just status"},
+
+ OPT_PROV_OPTIONS,
+
+ OPT_PARAMETERS(),
+ {"uri", 0, 0, "URI of the store object"},
{NULL}
};
@@ -68,9 +82,10 @@ int storeutl_main(int argc, char *argv[])
ASN1_INTEGER *serial = NULL;
unsigned char *fingerprint = NULL;
size_t fingerprintlen = 0;
- char *alias = NULL;
+ char *alias = NULL, *digestname = NULL;
OSSL_STORE_SEARCH *search = NULL;
- const EVP_MD *digest = NULL;
+ EVP_MD *digest = NULL;
+ OSSL_LIB_CTX *libctx = app_get0_libctx();
while ((o = opt_next()) != OPT_EOF) {
switch (o) {
@@ -142,16 +157,13 @@ int storeutl_main(int argc, char *argv[])
prog);
goto end;
}
- if ((subject = parse_name(opt_arg(), MBSTRING_UTF8, 1)) == NULL) {
- BIO_printf(bio_err, "%s: can't parse subject argument.\n",
- prog);
+ subject = parse_name(opt_arg(), MBSTRING_UTF8, 1, "subject");
+ if (subject == NULL)
goto end;
- }
break;
case OPT_CRITERION_ISSUER:
if (criterion != 0
- || (criterion == OSSL_STORE_SEARCH_BY_ISSUER_SERIAL
- && issuer != NULL)) {
+ && criterion != OSSL_STORE_SEARCH_BY_ISSUER_SERIAL) {
BIO_printf(bio_err, "%s: criterion already given.\n",
prog);
goto end;
@@ -162,16 +174,13 @@ int storeutl_main(int argc, char *argv[])
prog);
goto end;
}
- if ((issuer = parse_name(opt_arg(), MBSTRING_UTF8, 1)) == NULL) {
- BIO_printf(bio_err, "%s: can't parse issuer argument.\n",
- prog);
+ issuer = parse_name(opt_arg(), MBSTRING_UTF8, 1, "issuer");
+ if (issuer == NULL)
goto end;
- }
break;
case OPT_CRITERION_SERIAL:
if (criterion != 0
- || (criterion == OSSL_STORE_SEARCH_BY_ISSUER_SERIAL
- && serial != NULL)) {
+ && criterion != OSSL_STORE_SEARCH_BY_ISSUER_SERIAL) {
BIO_printf(bio_err, "%s: criterion already given.\n",
prog);
goto end;
@@ -237,20 +246,24 @@ int storeutl_main(int argc, char *argv[])
e = setup_engine(opt_arg(), 0);
break;
case OPT_MD:
- if (!opt_md(opt_unknown(), &digest))
- goto opthelp;
+ digestname = opt_unknown();
+ break;
+ case OPT_PROV_CASES:
+ if (!opt_provider(o))
+ goto end;
+ break;
}
}
+
+ /* One argument, the URI */
argc = opt_num_rest();
argv = opt_rest();
-
- if (argc == 0) {
- BIO_printf(bio_err, "%s: No URI given, nothing to do...\n", prog);
- goto opthelp;
- }
- if (argc > 1) {
- BIO_printf(bio_err, "%s: Unknown extra parameters after URI\n", prog);
+ if (argc != 1)
goto opthelp;
+
+ if (digestname != NULL) {
+ if (!opt_md(digestname, &digest))
+ goto opthelp;
}
if (criterion != 0) {
@@ -305,9 +318,10 @@ int storeutl_main(int argc, char *argv[])
ret = process(argv[0], get_ui_method(), &pw_cb_data,
expected, criterion, search,
- text, noout, recursive, 0, out, prog);
+ text, noout, recursive, 0, out, prog, libctx);
end:
+ EVP_MD_free(digest);
OPENSSL_free(fingerprint);
OPENSSL_free(alias);
ASN1_INTEGER_free(serial);
@@ -336,12 +350,13 @@ static int indent_printf(int indent, BIO *bio, const char *format, ...)
static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
int expected, int criterion, OSSL_STORE_SEARCH *search,
int text, int noout, int recursive, int indent, BIO *out,
- const char *prog)
+ const char *prog, OSSL_LIB_CTX *libctx)
{
OSSL_STORE_CTX *store_ctx = NULL;
int ret = 1, items = 0;
- if ((store_ctx = OSSL_STORE_open(uri, uimeth, uidata, NULL, NULL))
+ if ((store_ctx = OSSL_STORE_open_ex(uri, libctx, app_get0_propq(), uimeth, uidata,
+ NULL, NULL, NULL))
== NULL) {
BIO_printf(bio_err, "Couldn't open file or uri %s\n", uri);
ERR_print_errors(bio_err);
@@ -379,18 +394,20 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
info == NULL ? NULL : OSSL_STORE_INFO_type_string(type);
if (info == NULL) {
- if (OSSL_STORE_eof(store_ctx))
- break;
-
if (OSSL_STORE_error(store_ctx)) {
if (recursive)
ERR_clear_error();
else
ERR_print_errors(bio_err);
+ if (OSSL_STORE_eof(store_ctx))
+ break;
ret++;
continue;
}
+ if (OSSL_STORE_eof(store_ctx))
+ break;
+
BIO_printf(bio_err,
"ERROR: OSSL_STORE_load() returned NULL without "
"eof or error indications\n");
@@ -422,7 +439,8 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
const char *suburi = OSSL_STORE_INFO_get0_NAME(info);
ret += process(suburi, uimeth, uidata,
expected, criterion, search,
- text, noout, recursive, indent + 2, out, prog);
+ text, noout, recursive, indent + 2, out, prog,
+ libctx);
}
break;
case OSSL_STORE_INFO_PARAMS:
@@ -433,6 +451,13 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
PEM_write_bio_Parameters(out,
OSSL_STORE_INFO_get0_PARAMS(info));
break;
+ case OSSL_STORE_INFO_PUBKEY:
+ if (text)
+ EVP_PKEY_print_public(out, OSSL_STORE_INFO_get0_PUBKEY(info),
+ 0, NULL);
+ if (!noout)
+ PEM_write_bio_PUBKEY(out, OSSL_STORE_INFO_get0_PUBKEY(info));
+ break;
case OSSL_STORE_INFO_PKEY:
if (text)
EVP_PKEY_print_private(out, OSSL_STORE_INFO_get0_PKEY(info),
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-23 12:41:37 +0000