← Back to branch summary

~ubuntu-branches/ubuntu/maverick/openssl/maverick

« back to all changes in this revision

Viewing changes to apps/pkcs8.c

  • Committer: Bazaar Package Importer
  • Author(s): Christoph Martin
  • Date: 2004-12-16 18:41:29 UTC
  • mto: (11.1.1 lenny)
  • mto: This revision was merged to the branch mainline in revision 3.
  • Revision ID: james.westby@ubuntu.com-20041216184129-z7xjkul57mh1jiha
Tags: upstream-0.9.7e
ImportĀ upstreamĀ versionĀ 0.9.7e

Show diffs side-by-side

added added

removed removed

Lines of Context:
apps/pkcs8.c
1
1
/* pkcs8.c */
2
2
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3
 
 * project 1999.
 
3
 * project 1999-2004.
4
4
 */
5
5
/* ====================================================================
6
6
 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
68
68
int MAIN(int, char **);
69
69
 
70
70
int MAIN(int argc, char **argv)
71
 
{
 
71
        {
72
72
        ENGINE *e = NULL;
73
73
        char **args, *infile = NULL, *outfile = NULL;
74
74
        char *passargin = NULL, *passargout = NULL;
100
100
        ERR_load_crypto_strings();
101
101
        OpenSSL_add_all_algorithms();
102
102
        args = argv + 1;
103
 
        while (!badarg && *args && *args[0] == '-') {
104
 
                if (!strcmp(*args,"-v2")) {
105
 
                        if (args[1]) {
 
103
        while (!badarg && *args && *args[0] == '-')
 
104
                {
 
105
                if (!strcmp(*args,"-v2"))
 
106
                        {
 
107
                        if (args[1])
 
108
                                {
106
109
                                args++;
107
110
                                cipher=EVP_get_cipherbyname(*args);
108
 
                                if(!cipher) {
 
111
                                if (!cipher)
 
112
                                        {
109
113
                                        BIO_printf(bio_err,
110
114
                                                 "Unknown cipher %s\n", *args);
111
115
                                        badarg = 1;
 
116
                                        }
112
117
                                }
113
 
                        } else badarg = 1;
114
 
                } else if (!strcmp(*args,"-v1")) {
115
 
                        if (args[1]) {
 
118
                        else
 
119
                                badarg = 1;
 
120
                        }
 
121
                else if (!strcmp(*args,"-v1"))
 
122
                        {
 
123
                        if (args[1])
 
124
                                {
116
125
                                args++;
117
126
                                pbe_nid=OBJ_txt2nid(*args);
118
 
                                if(pbe_nid == NID_undef) {
 
127
                                if (pbe_nid == NID_undef)
 
128
                                        {
119
129
                                        BIO_printf(bio_err,
120
130
                                                 "Unknown PBE algorithm %s\n", *args);
121
131
                                        badarg = 1;
 
132
                                        }
122
133
                                }
123
 
                        } else badarg = 1;
124
 
                } else if (!strcmp(*args,"-inform")) {
125
 
                        if (args[1]) {
 
134
                        else
 
135
                                badarg = 1;
 
136
                        }
 
137
                else if (!strcmp(*args,"-inform"))
 
138
                        {
 
139
                        if (args[1])
 
140
                                {
126
141
                                args++;
127
142
                                informat=str2fmt(*args);
128
 
                        } else badarg = 1;
129
 
                } else if (!strcmp(*args,"-outform")) {
130
 
                        if (args[1]) {
 
143
                                }
 
144
                        else badarg = 1;
 
145
                        }
 
146
                else if (!strcmp(*args,"-outform"))
 
147
                        {
 
148
                        if (args[1])
 
149
                                {
131
150
                                args++;
132
151
                                outformat=str2fmt(*args);
133
 
                        } else badarg = 1;
134
 
                } else if (!strcmp (*args, "-topk8")) topk8 = 1;
135
 
                else if (!strcmp (*args, "-noiter")) iter = 1;
136
 
                else if (!strcmp (*args, "-nocrypt")) nocrypt = 1;
137
 
                else if (!strcmp (*args, "-nooct")) p8_broken = PKCS8_NO_OCTET;
138
 
                else if (!strcmp (*args, "-nsdb")) p8_broken = PKCS8_NS_DB;
139
 
                else if (!strcmp (*args, "-embed")) p8_broken = PKCS8_EMBEDDED_PARAM;
 
152
                                }
 
153
                        else badarg = 1;
 
154
                        }
 
155
                else if (!strcmp (*args, "-topk8"))
 
156
                        topk8 = 1;
 
157
                else if (!strcmp (*args, "-noiter"))
 
158
                        iter = 1;
 
159
                else if (!strcmp (*args, "-nocrypt"))
 
160
                        nocrypt = 1;
 
161
                else if (!strcmp (*args, "-nooct"))
 
162
                        p8_broken = PKCS8_NO_OCTET;
 
163
                else if (!strcmp (*args, "-nsdb"))
 
164
                        p8_broken = PKCS8_NS_DB;
 
165
                else if (!strcmp (*args, "-embed"))
 
166
                        p8_broken = PKCS8_EMBEDDED_PARAM;
140
167
                else if (!strcmp(*args,"-passin"))
141
168
                        {
142
169
                        if (!args[1]) goto bad;
154
181
                        engine= *(++args);
155
182
                        }
156
183
#endif
157
 
                else if (!strcmp (*args, "-in")) {
158
 
                        if (args[1]) {
 
184
                else if (!strcmp (*args, "-in"))
 
185
                        {
 
186
                        if (args[1])
 
187
                                {
159
188
                                args++;
160
189
                                infile = *args;
161
 
                        } else badarg = 1;
162
 
                } else if (!strcmp (*args, "-out")) {
163
 
                        if (args[1]) {
 
190
                                }
 
191
                        else badarg = 1;
 
192
                        }
 
193
                else if (!strcmp (*args, "-out"))
 
194
                        {
 
195
                        if (args[1])
 
196
                                {
164
197
                                args++;
165
198
                                outfile = *args;
166
 
                        } else badarg = 1;
167
 
                } else badarg = 1;
 
199
                                }
 
200
                        else badarg = 1;
 
201
                        }
 
202
                else badarg = 1;
168
203
                args++;
169
 
        }
 
204
                }
170
205
 
171
 
        if (badarg) {
 
206
        if (badarg)
 
207
                {
172
208
                bad:
173
209
                BIO_printf(bio_err, "Usage pkcs8 [options]\n");
174
210
                BIO_printf(bio_err, "where options are\n");
189
225
#ifndef OPENSSL_NO_ENGINE
190
226
                BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
191
227
#endif
192
 
                return (1);
193
 
        }
 
228
                return 1;
 
229
                }
194
230
 
195
231
#ifndef OPENSSL_NO_ENGINE
196
232
        e = setup_engine(bio_err, engine, 0);
197
233
#endif
198
234
 
199
 
        if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
 
235
        if (!app_passwd(bio_err, passargin, passargout, &passin, &passout))
 
236
                {
200
237
                BIO_printf(bio_err, "Error getting passwords\n");
201
 
                return (1);
202
 
        }
203
 
 
204
 
        if ((pbe_nid == -1) && !cipher) pbe_nid = NID_pbeWithMD5AndDES_CBC;
205
 
 
206
 
        if (infile) {
207
 
                if (!(in = BIO_new_file(infile, "rb"))) {
 
238
                return 1;
 
239
                }
 
240
 
 
241
        if ((pbe_nid == -1) && !cipher)
 
242
                pbe_nid = NID_pbeWithMD5AndDES_CBC;
 
243
 
 
244
        if (infile)
 
245
                {
 
246
                if (!(in = BIO_new_file(infile, "rb")))
 
247
                        {
208
248
                        BIO_printf(bio_err,
209
249
                                 "Can't open input file %s\n", infile);
210
250
                        return (1);
 
251
                        }
211
252
                }
212
 
        } else in = BIO_new_fp (stdin, BIO_NOCLOSE);
 
253
        else
 
254
                in = BIO_new_fp (stdin, BIO_NOCLOSE);
213
255
 
214
 
        if (outfile) {
215
 
                if (!(out = BIO_new_file (outfile, "wb"))) {
 
256
        if (outfile)
 
257
                {
 
258
                if (!(out = BIO_new_file (outfile, "wb")))
 
259
                        {
216
260
                        BIO_printf(bio_err,
217
261
                                 "Can't open output file %s\n", outfile);
218
262
                        return (1);
 
263
                        }
219
264
                }
220
 
        } else {
 
265
        else
 
266
                {
221
267
                out = BIO_new_fp (stdout, BIO_NOCLOSE);
222
268
#ifdef OPENSSL_SYS_VMS
223
 
                {
 
269
                        {
224
270
                        BIO *tmpbio = BIO_new(BIO_f_linebuffer());
225
271
                        out = BIO_push(tmpbio, out);
 
272
                        }
 
273
#endif
226
274
                }
227
 
#endif
228
 
        }
229
275
        if (topk8)
230
276
                {
231
277
                BIO_free(in); /* Not needed in this section */
232
278
                pkey = load_key(bio_err, infile, informat, 1,
233
279
                        passin, e, "key");
234
 
                if (!pkey) {
235
 
                        return (1);
236
 
                }
237
 
                if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken))) {
 
280
                if (!pkey)
 
281
                        {
 
282
                        BIO_free_all(out);
 
283
                        return 1;
 
284
                        }
 
285
                if (!(p8inf = EVP_PKEY2PKCS8_broken(pkey, p8_broken)))
 
286
                        {
238
287
                        BIO_printf(bio_err, "Error converting key\n");
239
288
                        ERR_print_errors(bio_err);
240
 
                        return (1);
241
 
                }
242
 
                if(nocrypt) {
243
 
                        if(outformat == FORMAT_PEM) 
 
289
                        EVP_PKEY_free(pkey);
 
290
                        BIO_free_all(out);
 
291
                        return 1;
 
292
                        }
 
293
                if (nocrypt)
 
294
                        {
 
295
                        if (outformat == FORMAT_PEM) 
244
296
                                PEM_write_bio_PKCS8_PRIV_KEY_INFO(out, p8inf);
245
 
                        else if(outformat == FORMAT_ASN1)
 
297
                        else if (outformat == FORMAT_ASN1)
246
298
                                i2d_PKCS8_PRIV_KEY_INFO_bio(out, p8inf);
247
 
                        else {
 
299
                        else
 
300
                                {
248
301
                                BIO_printf(bio_err, "Bad format specified for key\n");
 
302
                                PKCS8_PRIV_KEY_INFO_free(p8inf);
 
303
                                EVP_PKEY_free(pkey);
 
304
                                BIO_free_all(out);
249
305
                                return (1);
 
306
                                }
250
307
                        }
251
 
                } else {
252
 
                        if(passout) p8pass = passout;
253
 
                        else {
 
308
                else
 
309
                        {
 
310
                        if (passout)
 
311
                                p8pass = passout;
 
312
                        else
 
313
                                {
254
314
                                p8pass = pass;
255
315
                                if (EVP_read_pw_string(pass, sizeof pass, "Enter Encryption Password:", 1))
 
316
                                        {
 
317
                                        PKCS8_PRIV_KEY_INFO_free(p8inf);
 
318
                                        EVP_PKEY_free(pkey);
 
319
                                        BIO_free_all(out);
256
320
                                        return (1);
257
 
                        }
 
321
                                        }
 
322
                                }
258
323
                        app_RAND_load_file(NULL, bio_err, 0);
259
324
                        if (!(p8 = PKCS8_encrypt(pbe_nid, cipher,
260
325
                                        p8pass, strlen(p8pass),
261
 
                                        NULL, 0, iter, p8inf))) {
 
326
                                        NULL, 0, iter, p8inf)))
 
327
                                {
262
328
                                BIO_printf(bio_err, "Error encrypting key\n");
263
329
                                ERR_print_errors(bio_err);
 
330
                                PKCS8_PRIV_KEY_INFO_free(p8inf);
 
331
                                EVP_PKEY_free(pkey);
 
332
                                BIO_free_all(out);
264
333
                                return (1);
265
 
                        }
 
334
                                }
266
335
                        app_RAND_write_file(NULL, bio_err);
267
 
                        if(outformat == FORMAT_PEM) 
 
336
                        if (outformat == FORMAT_PEM) 
268
337
                                PEM_write_bio_PKCS8(out, p8);
269
 
                        else if(outformat == FORMAT_ASN1)
 
338
                        else if (outformat == FORMAT_ASN1)
270
339
                                i2d_PKCS8_bio(out, p8);
271
 
                        else {
 
340
                        else
 
341
                                {
272
342
                                BIO_printf(bio_err, "Bad format specified for key\n");
 
343
                                PKCS8_PRIV_KEY_INFO_free(p8inf);
 
344
                                EVP_PKEY_free(pkey);
 
345
                                BIO_free_all(out);
273
346
                                return (1);
274
 
                        }
 
347
                                }
275
348
                        X509_SIG_free(p8);
276
 
                }
 
349
                        }
 
350
 
277
351
                PKCS8_PRIV_KEY_INFO_free (p8inf);
278
352
                EVP_PKEY_free(pkey);
279
353
                BIO_free_all(out);
280
 
                if(passin) OPENSSL_free(passin);
281
 
                if(passout) OPENSSL_free(passout);
 
354
                if (passin)
 
355
                        OPENSSL_free(passin);
 
356
                if (passout)
 
357
                        OPENSSL_free(passout);
282
358
                return (0);
283
 
        }
 
359
                }
284
360
 
285
 
        if(nocrypt) {
286
 
                if(informat == FORMAT_PEM) 
 
361
        if (nocrypt)
 
362
                {
 
363
                if (informat == FORMAT_PEM) 
287
364
                        p8inf = PEM_read_bio_PKCS8_PRIV_KEY_INFO(in,NULL,NULL, NULL);
288
 
                else if(informat == FORMAT_ASN1)
 
365
                else if (informat == FORMAT_ASN1)
289
366
                        p8inf = d2i_PKCS8_PRIV_KEY_INFO_bio(in, NULL);
290
 
                else {
 
367
                else
 
368
                        {
291
369
                        BIO_printf(bio_err, "Bad format specified for key\n");
292
370
                        return (1);
 
371
                        }
293
372
                }
294
 
        } else {
295
 
                if(informat == FORMAT_PEM) 
 
373
        else
 
374
                {
 
375
                if (informat == FORMAT_PEM) 
296
376
                        p8 = PEM_read_bio_PKCS8(in, NULL, NULL, NULL);
297
 
                else if(informat == FORMAT_ASN1)
 
377
                else if (informat == FORMAT_ASN1)
298
378
                        p8 = d2i_PKCS8_bio(in, NULL);
299
 
                else {
 
379
                else
 
380
                        {
300
381
                        BIO_printf(bio_err, "Bad format specified for key\n");
301
382
                        return (1);
302
 
                }
 
383
                        }
303
384
 
304
 
                if (!p8) {
 
385
                if (!p8)
 
386
                        {
305
387
                        BIO_printf (bio_err, "Error reading key\n");
306
388
                        ERR_print_errors(bio_err);
307
389
                        return (1);
308
 
                }
309
 
                if(passin) p8pass = passin;
310
 
                else {
 
390
                        }
 
391
                if (passin)
 
392
                        p8pass = passin;
 
393
                else
 
394
                        {
311
395
                        p8pass = pass;
312
396
                        EVP_read_pw_string(pass, sizeof pass, "Enter Password:", 0);
313
 
                }
 
397
                        }
314
398
                p8inf = PKCS8_decrypt(p8, p8pass, strlen(p8pass));
315
399
                X509_SIG_free(p8);
316
 
        }
 
400
                }
317
401
 
318
 
        if (!p8inf) {
 
402
        if (!p8inf)
 
403
                {
319
404
                BIO_printf(bio_err, "Error decrypting key\n");
320
405
                ERR_print_errors(bio_err);
321
406
                return (1);
322
 
        }
 
407
                }
323
408
 
324
 
        if (!(pkey = EVP_PKCS82PKEY(p8inf))) {
 
409
        if (!(pkey = EVP_PKCS82PKEY(p8inf)))
 
410
                {
325
411
                BIO_printf(bio_err, "Error converting key\n");
326
412
                ERR_print_errors(bio_err);
327
413
                return (1);
328
 
        }
 
414
                }
329
415
        
330
 
        if (p8inf->broken) {
 
416
        if (p8inf->broken)
 
417
                {
331
418
                BIO_printf(bio_err, "Warning: broken key encoding: ");
332
 
                switch (p8inf->broken) {
 
419
                switch (p8inf->broken)
 
420
                        {
333
421
                        case PKCS8_NO_OCTET:
334
422
                        BIO_printf(bio_err, "No Octet String in PrivateKey\n");
335
423
                        break;
349
437
        }
350
438
        
351
439
        PKCS8_PRIV_KEY_INFO_free(p8inf);
352
 
        if(outformat == FORMAT_PEM) 
 
440
        if (outformat == FORMAT_PEM) 
353
441
                PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, passout);
354
 
        else if(outformat == FORMAT_ASN1)
 
442
        else if (outformat == FORMAT_ASN1)
355
443
                i2d_PrivateKey_bio(out, pkey);
356
 
        else {
 
444
        else
 
445
                {
357
446
                BIO_printf(bio_err, "Bad format specified for key\n");
358
447
                        return (1);
359
 
        }
 
448
                }
360
449
 
361
450
        end:
362
451
        EVP_PKEY_free(pkey);
363
452
        BIO_free_all(out);
364
453
        BIO_free(in);
365
 
        if(passin) OPENSSL_free(passin);
366
 
        if(passout) OPENSSL_free(passout);
 
454
        if (passin)
 
455
                OPENSSL_free(passin);
 
456
        if (passout)
 
457
                OPENSSL_free(passout);
367
458
 
368
459
        return (0);
369
 
}
 
460
        }