]>
Commit | Line | Data |
---|---|---|
7e1b7485 RS |
1 | /* ==================================================================== |
2 | * Copyright (c) 2015 The OpenSSL Project. All rights reserved. | |
3 | * | |
4 | * Redistribution and use in source and binary forms, with or without | |
5 | * modification, are permitted provided that the following conditions | |
6 | * are met: | |
7 | * | |
8 | * 1. Redistributions of source code must retain the above copyright | |
9 | * notice, this list of conditions and the following disclaimer. | |
10 | * | |
11 | * 2. Redistributions in binary form must reproduce the above copyright | |
12 | * notice, this list of conditions and the following disclaimer in | |
13 | * the documentation and/or other materials provided with the | |
14 | * distribution. | |
15 | * | |
16 | * 3. All advertising materials mentioning features or use of this | |
17 | * software must display the following acknowledgment: | |
18 | * "This product includes software developed by the OpenSSL Project | |
19 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
20 | * | |
21 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
22 | * endorse or promote products derived from this software without | |
23 | * prior written permission. For written permission, please contact | |
24 | * licensing@OpenSSL.org. | |
25 | * | |
26 | * 5. Products derived from this software may not be called "OpenSSL" | |
27 | * nor may "OpenSSL" appear in their names without prior written | |
28 | * permission of the OpenSSL Project. | |
29 | * | |
30 | * 6. Redistributions of any form whatsoever must retain the following | |
31 | * acknowledgment: | |
32 | * "This product includes software developed by the OpenSSL Project | |
33 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
34 | * | |
35 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
36 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
37 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
38 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
39 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
40 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
41 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
42 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
43 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
44 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
45 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
46 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
47 | * ==================================================================== | |
48 | */ | |
49 | ||
50 | /* #define COMPILE_STANDALONE_TEST_DRIVER */ | |
51 | #include "apps.h" | |
7e1b7485 RS |
52 | #include <string.h> |
53 | #if !defined(OPENSSL_SYS_MSDOS) | |
54 | # include OPENSSL_UNISTD | |
55 | #endif | |
a3ed492f | 56 | |
7e1b7485 RS |
57 | #include <stdlib.h> |
58 | #include <errno.h> | |
59 | #include <ctype.h> | |
bd4850df | 60 | #include <limits.h> |
7e1b7485 RS |
61 | #include <openssl/bio.h> |
62 | ||
63 | #define MAX_OPT_HELP_WIDTH 30 | |
64 | const char OPT_HELP_STR[] = "--"; | |
65 | const char OPT_MORE_STR[] = "---"; | |
66 | ||
67 | /* Our state */ | |
68 | static char **argv; | |
69 | static int argc; | |
70 | static int opt_index; | |
71 | static char *arg; | |
72 | static char *flag; | |
73 | static char *dunno; | |
74 | static const OPTIONS *unknown; | |
75 | static const OPTIONS *opts; | |
76 | static char prog[40]; | |
77 | ||
78 | /* | |
79 | * Return the simple name of the program; removing various platform gunk. | |
80 | */ | |
1fbab1dc | 81 | #if defined(OPENSSL_SYS_WIN32) |
7e1b7485 RS |
82 | char *opt_progname(const char *argv0) |
83 | { | |
45f13518 | 84 | size_t i, n; |
7e1b7485 RS |
85 | const char *p; |
86 | char *q; | |
87 | ||
88 | /* find the last '/', '\' or ':' */ | |
89 | for (p = argv0 + strlen(argv0); --p > argv0;) | |
90 | if (*p == '/' || *p == '\\' || *p == ':') { | |
91 | p++; | |
92 | break; | |
93 | } | |
94 | ||
95 | /* Strip off trailing nonsense. */ | |
96 | n = strlen(p); | |
97 | if (n > 4 && | |
a3ed492f | 98 | (strcmp(&p[n - 4], ".exe") == 0 || strcmp(&p[n - 4], ".EXE") == 0)) |
7e1b7485 | 99 | n -= 4; |
7e1b7485 RS |
100 | |
101 | /* Copy over the name, in lowercase. */ | |
102 | if (n > sizeof prog - 1) | |
103 | n = sizeof prog - 1; | |
104 | for (q = prog, i = 0; i < n; i++, p++) | |
a3ed492f | 105 | *q++ = isupper(*p) ? tolower(*p) : *p; |
7e1b7485 RS |
106 | *q = '\0'; |
107 | return prog; | |
108 | } | |
109 | ||
110 | #elif defined(OPENSSL_SYS_VMS) | |
111 | ||
112 | char *opt_progname(const char *argv0) | |
113 | { | |
114 | const char *p, *q; | |
115 | ||
116 | /* Find last special charcter sys:[foo.bar]openssl */ | |
117 | for (p = argv0 + strlen(argv0); --p > argv0;) | |
118 | if (*p == ':' || *p == ']' || *p == '>') { | |
119 | p++; | |
120 | break; | |
121 | } | |
122 | ||
123 | q = strrchr(p, '.'); | |
124 | strncpy(prog, p, sizeof prog - 1); | |
125 | prog[sizeof prog - 1] = '\0'; | |
211a68b4 | 126 | if (q != NULL && q - p < sizeof prog) |
7e1b7485 RS |
127 | prog[q - p] = '\0'; |
128 | return prog; | |
129 | } | |
130 | ||
131 | #else | |
132 | ||
133 | char *opt_progname(const char *argv0) | |
134 | { | |
135 | const char *p; | |
136 | ||
137 | /* Could use strchr, but this is like the ones above. */ | |
138 | for (p = argv0 + strlen(argv0); --p > argv0;) | |
139 | if (*p == '/') { | |
140 | p++; | |
141 | break; | |
142 | } | |
143 | strncpy(prog, p, sizeof prog - 1); | |
144 | prog[sizeof prog - 1] = '\0'; | |
145 | return prog; | |
146 | } | |
147 | #endif | |
148 | ||
149 | char *opt_getprog(void) | |
150 | { | |
151 | return prog; | |
152 | } | |
153 | ||
154 | /* Set up the arg parsing. */ | |
155 | char *opt_init(int ac, char **av, const OPTIONS *o) | |
156 | { | |
157 | /* Store state. */ | |
158 | argc = ac; | |
159 | argv = av; | |
160 | opt_index = 1; | |
161 | opts = o; | |
162 | opt_progname(av[0]); | |
163 | unknown = NULL; | |
164 | ||
165 | for (; o->name; ++o) { | |
166 | const OPTIONS *next; | |
167 | #ifndef NDEBUG | |
88806cfc | 168 | int duplicated, i; |
7e1b7485 RS |
169 | #endif |
170 | ||
171 | if (o->name == OPT_HELP_STR || o->name == OPT_MORE_STR) | |
172 | continue; | |
173 | #ifndef NDEBUG | |
174 | i = o->valtype; | |
175 | ||
176 | /* Make sure options are legit. */ | |
177 | assert(o->name[0] != '-'); | |
178 | assert(o->retval > 0); | |
03f887ca | 179 | switch (i) { |
0c20802c VD |
180 | case 0: case '-': case '/': case '<': case '>': case 'E': case 'F': |
181 | case 'M': case 'U': case 'f': case 'l': case 'n': case 'p': case 's': | |
182 | case 'u': | |
03f887ca VD |
183 | break; |
184 | default: | |
185 | assert(0); | |
186 | } | |
7e1b7485 RS |
187 | |
188 | /* Make sure there are no duplicates. */ | |
88806cfc | 189 | for (next = o + 1; next->name; ++next) { |
7e1b7485 | 190 | /* |
88806cfc | 191 | * Some compilers inline strcmp and the assert string is too long. |
7e1b7485 | 192 | */ |
88806cfc RS |
193 | duplicated = strcmp(o->name, next->name) == 0; |
194 | assert(!duplicated); | |
7e1b7485 RS |
195 | } |
196 | #endif | |
197 | if (o->name[0] == '\0') { | |
198 | assert(unknown == NULL); | |
199 | unknown = o; | |
200 | assert(unknown->valtype == 0 || unknown->valtype == '-'); | |
201 | } | |
202 | } | |
203 | return prog; | |
204 | } | |
205 | ||
206 | static OPT_PAIR formats[] = { | |
207 | {"PEM/DER", OPT_FMT_PEMDER}, | |
208 | {"pkcs12", OPT_FMT_PKCS12}, | |
209 | {"smime", OPT_FMT_SMIME}, | |
210 | {"engine", OPT_FMT_ENGINE}, | |
211 | {"msblob", OPT_FMT_MSBLOB}, | |
212 | {"netscape", OPT_FMT_NETSCAPE}, | |
213 | {"nss", OPT_FMT_NSS}, | |
214 | {"text", OPT_FMT_TEXT}, | |
215 | {"http", OPT_FMT_HTTP}, | |
216 | {"pvk", OPT_FMT_PVK}, | |
217 | {NULL} | |
218 | }; | |
219 | ||
220 | /* Print an error message about a failed format parse. */ | |
221 | int opt_format_error(const char *s, unsigned long flags) | |
222 | { | |
223 | OPT_PAIR *ap; | |
224 | ||
225 | if (flags == OPT_FMT_PEMDER) | |
226 | BIO_printf(bio_err, "%s: Bad format \"%s\"; must be pem or der\n", | |
227 | prog, s); | |
228 | else { | |
229 | BIO_printf(bio_err, "%s: Bad format \"%s\"; must be one of:\n", | |
230 | prog, s); | |
231 | for (ap = formats; ap->name; ap++) | |
232 | if (flags & ap->retval) | |
233 | BIO_printf(bio_err, " %s\n", ap->name); | |
234 | } | |
235 | return 0; | |
236 | } | |
237 | ||
238 | /* Parse a format string, put it into *result; return 0 on failure, else 1. */ | |
239 | int opt_format(const char *s, unsigned long flags, int *result) | |
240 | { | |
241 | switch (*s) { | |
242 | default: | |
243 | return 0; | |
244 | case 'D': | |
245 | case 'd': | |
246 | if ((flags & OPT_FMT_PEMDER) == 0) | |
247 | return opt_format_error(s, flags); | |
248 | *result = FORMAT_ASN1; | |
249 | break; | |
250 | case 'T': | |
251 | case 't': | |
252 | if ((flags & OPT_FMT_TEXT) == 0) | |
253 | return opt_format_error(s, flags); | |
254 | *result = FORMAT_TEXT; | |
255 | break; | |
256 | case 'N': | |
257 | case 'n': | |
0bc2f365 RS |
258 | if ((flags & OPT_FMT_NSS) == 0) |
259 | return opt_format_error(s, flags); | |
260 | if (strcmp(s, "NSS") != 0 && strcmp(s, "nss") != 0) | |
261 | return opt_format_error(s, flags); | |
262 | *result = FORMAT_NSS; | |
7e1b7485 RS |
263 | break; |
264 | case 'S': | |
265 | case 's': | |
266 | if ((flags & OPT_FMT_SMIME) == 0) | |
267 | return opt_format_error(s, flags); | |
268 | *result = FORMAT_SMIME; | |
269 | break; | |
270 | case 'M': | |
271 | case 'm': | |
272 | if ((flags & OPT_FMT_MSBLOB) == 0) | |
273 | return opt_format_error(s, flags); | |
274 | *result = FORMAT_MSBLOB; | |
275 | break; | |
276 | case 'E': | |
277 | case 'e': | |
278 | if ((flags & OPT_FMT_ENGINE) == 0) | |
279 | return opt_format_error(s, flags); | |
280 | *result = FORMAT_ENGINE; | |
281 | break; | |
282 | case 'H': | |
283 | case 'h': | |
284 | if ((flags & OPT_FMT_HTTP) == 0) | |
285 | return opt_format_error(s, flags); | |
286 | *result = FORMAT_HTTP; | |
287 | break; | |
288 | case '1': | |
289 | if ((flags & OPT_FMT_PKCS12) == 0) | |
290 | return opt_format_error(s, flags); | |
291 | *result = FORMAT_PKCS12; | |
292 | break; | |
293 | case 'P': | |
294 | case 'p': | |
295 | if (s[1] == '\0' || strcmp(s, "PEM") == 0 || strcmp(s, "pem") == 0) { | |
296 | if ((flags & OPT_FMT_PEMDER) == 0) | |
297 | return opt_format_error(s, flags); | |
298 | *result = FORMAT_PEM; | |
299 | } else if (strcmp(s, "PVK") == 0 || strcmp(s, "pvk") == 0) { | |
300 | if ((flags & OPT_FMT_PVK) == 0) | |
301 | return opt_format_error(s, flags); | |
302 | *result = FORMAT_PVK; | |
303 | } else if (strcmp(s, "P12") == 0 || strcmp(s, "p12") == 0 | |
304 | || strcmp(s, "PKCS12") == 0 || strcmp(s, "pkcs12") == 0) { | |
305 | if ((flags & OPT_FMT_PKCS12) == 0) | |
306 | return opt_format_error(s, flags); | |
307 | *result = FORMAT_PKCS12; | |
308 | } else | |
309 | return 0; | |
310 | break; | |
311 | } | |
312 | return 1; | |
313 | } | |
314 | ||
315 | /* Parse a cipher name, put it in *EVP_CIPHER; return 0 on failure, else 1. */ | |
316 | int opt_cipher(const char *name, const EVP_CIPHER **cipherp) | |
317 | { | |
318 | *cipherp = EVP_get_cipherbyname(name); | |
319 | if (*cipherp) | |
320 | return 1; | |
321 | BIO_printf(bio_err, "%s: Unknown cipher %s\n", prog, name); | |
322 | return 0; | |
323 | } | |
324 | ||
325 | /* | |
326 | * Parse message digest name, put it in *EVP_MD; return 0 on failure, else 1. | |
327 | */ | |
328 | int opt_md(const char *name, const EVP_MD **mdp) | |
329 | { | |
330 | *mdp = EVP_get_digestbyname(name); | |
331 | if (*mdp) | |
332 | return 1; | |
333 | BIO_printf(bio_err, "%s: Unknown digest %s\n", prog, name); | |
334 | return 0; | |
335 | } | |
336 | ||
337 | /* Look through a list of name/value pairs. */ | |
338 | int opt_pair(const char *name, const OPT_PAIR* pairs, int *result) | |
339 | { | |
340 | const OPT_PAIR *pp; | |
341 | ||
342 | for (pp = pairs; pp->name; pp++) | |
343 | if (strcmp(pp->name, name) == 0) { | |
344 | *result = pp->retval; | |
345 | return 1; | |
346 | } | |
347 | BIO_printf(bio_err, "%s: Value must be one of:\n", prog); | |
348 | for (pp = pairs; pp->name; pp++) | |
349 | BIO_printf(bio_err, "\t%s\n", pp->name); | |
350 | return 0; | |
351 | } | |
352 | ||
7e1b7485 RS |
353 | /* Parse an int, put it into *result; return 0 on failure, else 1. */ |
354 | int opt_int(const char *value, int *result) | |
355 | { | |
bd4850df RS |
356 | long l; |
357 | ||
358 | if (!opt_long(value, &l)) | |
359 | return 0; | |
360 | *result = (int)l; | |
361 | if (*result != l) { | |
362 | BIO_printf(bio_err, "%s: Value \"%s\" outside integer range\n", | |
7e1b7485 RS |
363 | prog, value); |
364 | return 0; | |
365 | } | |
366 | return 1; | |
367 | } | |
368 | ||
369 | /* Parse a long, put it into *result; return 0 on failure, else 1. */ | |
370 | int opt_long(const char *value, long *result) | |
371 | { | |
bd4850df RS |
372 | int oerrno = errno; |
373 | long l; | |
374 | char *endp; | |
375 | ||
376 | l = strtol(value, &endp, 0); | |
377 | if (*endp | |
378 | || endp == value | |
379 | || ((l == LONG_MAX || l == LONG_MIN) && errno == ERANGE) | |
380 | || (l == 0 && errno != 0)) { | |
381 | BIO_printf(bio_err, "%s: Can't parse \"%s\" as a number\n", | |
382 | prog, value); | |
383 | errno = oerrno; | |
7e1b7485 RS |
384 | return 0; |
385 | } | |
bd4850df RS |
386 | *result = l; |
387 | errno = oerrno; | |
7e1b7485 RS |
388 | return 1; |
389 | } | |
390 | ||
d94a1a70 VD |
391 | #if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L && \ |
392 | defined(INTMAX_MAX) && defined(UINTMAX_MAX) | |
03f887ca VD |
393 | |
394 | /* Parse an intmax_t, put it into *result; return 0 on failure, else 1. */ | |
395 | int opt_imax(const char *value, intmax_t *result) | |
396 | { | |
397 | int oerrno = errno; | |
398 | intmax_t m; | |
399 | char *endp; | |
400 | ||
401 | m = strtoimax(value, &endp, 0); | |
402 | if (*endp | |
403 | || endp == value | |
404 | || ((m == INTMAX_MAX || m == INTMAX_MIN) && errno == ERANGE) | |
405 | || (m == 0 && errno != 0)) { | |
406 | BIO_printf(bio_err, "%s: Can't parse \"%s\" as a number\n", | |
407 | prog, value); | |
408 | errno = oerrno; | |
409 | return 0; | |
410 | } | |
411 | *result = m; | |
412 | errno = oerrno; | |
413 | return 1; | |
414 | } | |
415 | ||
416 | /* Parse a uintmax_t, put it into *result; return 0 on failure, else 1. */ | |
417 | int opt_umax(const char *value, uintmax_t *result) | |
418 | { | |
419 | int oerrno = errno; | |
420 | uintmax_t m; | |
421 | char *endp; | |
422 | ||
423 | m = strtoumax(value, &endp, 0); | |
424 | if (*endp | |
425 | || endp == value | |
426 | || (m == UINTMAX_MAX && errno == ERANGE) | |
427 | || (m == 0 && errno != 0)) { | |
428 | BIO_printf(bio_err, "%s: Can't parse \"%s\" as a number\n", | |
429 | prog, value); | |
430 | errno = oerrno; | |
431 | return 0; | |
432 | } | |
433 | *result = m; | |
434 | errno = oerrno; | |
435 | return 1; | |
436 | } | |
437 | #endif | |
438 | ||
7e1b7485 RS |
439 | /* |
440 | * Parse an unsigned long, put it into *result; return 0 on failure, else 1. | |
441 | */ | |
442 | int opt_ulong(const char *value, unsigned long *result) | |
443 | { | |
bd4850df | 444 | int oerrno = errno; |
7e1b7485 | 445 | char *endptr; |
bd4850df RS |
446 | unsigned long l; |
447 | ||
448 | l = strtoul(value, &endptr, 0); | |
449 | if (*endptr | |
450 | || endptr == value | |
451 | || ((l == ULONG_MAX) && errno == ERANGE) | |
452 | || (l == 0 && errno != 0)) { | |
453 | BIO_printf(bio_err, "%s: Can't parse \"%s\" as an unsigned number\n", | |
454 | prog, value); | |
455 | errno = oerrno; | |
7e1b7485 RS |
456 | return 0; |
457 | } | |
bd4850df RS |
458 | *result = l; |
459 | errno = oerrno; | |
7e1b7485 RS |
460 | return 1; |
461 | } | |
462 | ||
463 | /* | |
464 | * We pass opt as an int but cast it to "enum range" so that all the | |
465 | * items in the OPT_V_ENUM enumeration are caught; this makes -Wswitch | |
466 | * in gcc do the right thing. | |
467 | */ | |
468 | enum range { OPT_V_ENUM }; | |
469 | ||
470 | int opt_verify(int opt, X509_VERIFY_PARAM *vpm) | |
471 | { | |
7e1b7485 | 472 | int i; |
03f887ca | 473 | ossl_intmax_t t = 0; |
7e1b7485 RS |
474 | ASN1_OBJECT *otmp; |
475 | X509_PURPOSE *xptmp; | |
476 | const X509_VERIFY_PARAM *vtmp; | |
477 | ||
478 | assert(vpm != NULL); | |
479 | assert(opt > OPT_V__FIRST); | |
480 | assert(opt < OPT_V__LAST); | |
481 | ||
482 | switch ((enum range)opt) { | |
483 | case OPT_V__FIRST: | |
484 | case OPT_V__LAST: | |
485 | return 0; | |
486 | case OPT_V_POLICY: | |
487 | otmp = OBJ_txt2obj(opt_arg(), 0); | |
488 | if (otmp == NULL) { | |
489 | BIO_printf(bio_err, "%s: Invalid Policy %s\n", prog, opt_arg()); | |
490 | return 0; | |
491 | } | |
492 | X509_VERIFY_PARAM_add0_policy(vpm, otmp); | |
493 | break; | |
494 | case OPT_V_PURPOSE: | |
0daccd4d | 495 | /* purpose name -> purpose index */ |
7e1b7485 RS |
496 | i = X509_PURPOSE_get_by_sname(opt_arg()); |
497 | if (i < 0) { | |
498 | BIO_printf(bio_err, "%s: Invalid purpose %s\n", prog, opt_arg()); | |
499 | return 0; | |
500 | } | |
0daccd4d VD |
501 | |
502 | /* purpose index -> purpose object */ | |
7e1b7485 | 503 | xptmp = X509_PURPOSE_get0(i); |
0daccd4d VD |
504 | |
505 | /* purpose object -> purpose value */ | |
7e1b7485 | 506 | i = X509_PURPOSE_get_id(xptmp); |
0daccd4d VD |
507 | |
508 | if (!X509_VERIFY_PARAM_set_purpose(vpm, i)) { | |
509 | BIO_printf(bio_err, | |
510 | "%s: Internal error setting purpose %s\n", | |
511 | prog, opt_arg()); | |
512 | return 0; | |
513 | } | |
7e1b7485 RS |
514 | break; |
515 | case OPT_V_VERIFY_NAME: | |
516 | vtmp = X509_VERIFY_PARAM_lookup(opt_arg()); | |
517 | if (vtmp == NULL) { | |
518 | BIO_printf(bio_err, "%s: Invalid verify name %s\n", | |
519 | prog, opt_arg()); | |
520 | return 0; | |
521 | } | |
522 | X509_VERIFY_PARAM_set1(vpm, vtmp); | |
523 | break; | |
524 | case OPT_V_VERIFY_DEPTH: | |
525 | i = atoi(opt_arg()); | |
526 | if (i >= 0) | |
527 | X509_VERIFY_PARAM_set_depth(vpm, i); | |
528 | break; | |
529 | case OPT_V_ATTIME: | |
03f887ca VD |
530 | if (!opt_imax(opt_arg(), &t)) |
531 | return 0; | |
532 | if (t != (time_t)t) { | |
533 | BIO_printf(bio_err, "%s: epoch time out of range %s\n", | |
534 | prog, opt_arg()); | |
535 | return 0; | |
536 | } | |
537 | X509_VERIFY_PARAM_set_time(vpm, (time_t)t); | |
7e1b7485 RS |
538 | break; |
539 | case OPT_V_VERIFY_HOSTNAME: | |
540 | if (!X509_VERIFY_PARAM_set1_host(vpm, opt_arg(), 0)) | |
541 | return 0; | |
542 | break; | |
543 | case OPT_V_VERIFY_EMAIL: | |
544 | if (!X509_VERIFY_PARAM_set1_email(vpm, opt_arg(), 0)) | |
545 | return 0; | |
546 | break; | |
547 | case OPT_V_VERIFY_IP: | |
548 | if (!X509_VERIFY_PARAM_set1_ip_asc(vpm, opt_arg())) | |
549 | return 0; | |
550 | break; | |
551 | case OPT_V_IGNORE_CRITICAL: | |
552 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_IGNORE_CRITICAL); | |
553 | break; | |
554 | case OPT_V_ISSUER_CHECKS: | |
d33def66 | 555 | /* NOP, deprecated */ |
7e1b7485 RS |
556 | break; |
557 | case OPT_V_CRL_CHECK: | |
558 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_CRL_CHECK); | |
559 | break; | |
560 | case OPT_V_CRL_CHECK_ALL: | |
561 | X509_VERIFY_PARAM_set_flags(vpm, | |
562 | X509_V_FLAG_CRL_CHECK | | |
563 | X509_V_FLAG_CRL_CHECK_ALL); | |
564 | break; | |
565 | case OPT_V_POLICY_CHECK: | |
566 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_POLICY_CHECK); | |
567 | break; | |
568 | case OPT_V_EXPLICIT_POLICY: | |
569 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_EXPLICIT_POLICY); | |
570 | break; | |
571 | case OPT_V_INHIBIT_ANY: | |
572 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_INHIBIT_ANY); | |
573 | break; | |
574 | case OPT_V_INHIBIT_MAP: | |
575 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_INHIBIT_MAP); | |
576 | break; | |
577 | case OPT_V_X509_STRICT: | |
578 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_X509_STRICT); | |
579 | break; | |
580 | case OPT_V_EXTENDED_CRL: | |
581 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_EXTENDED_CRL_SUPPORT); | |
582 | break; | |
583 | case OPT_V_USE_DELTAS: | |
584 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_USE_DELTAS); | |
585 | break; | |
586 | case OPT_V_POLICY_PRINT: | |
587 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_NOTIFY_POLICY); | |
588 | break; | |
589 | case OPT_V_CHECK_SS_SIG: | |
590 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_CHECK_SS_SIGNATURE); | |
591 | break; | |
592 | case OPT_V_TRUSTED_FIRST: | |
593 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_TRUSTED_FIRST); | |
594 | break; | |
595 | case OPT_V_SUITEB_128_ONLY: | |
596 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_SUITEB_128_LOS_ONLY); | |
597 | break; | |
598 | case OPT_V_SUITEB_128: | |
599 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_SUITEB_128_LOS); | |
600 | break; | |
601 | case OPT_V_SUITEB_192: | |
602 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_SUITEB_192_LOS); | |
603 | break; | |
604 | case OPT_V_PARTIAL_CHAIN: | |
605 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_PARTIAL_CHAIN); | |
606 | break; | |
607 | case OPT_V_NO_ALT_CHAINS: | |
608 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_NO_ALT_CHAINS); | |
d35ff2c0 DW |
609 | break; |
610 | case OPT_V_NO_CHECK_TIME: | |
611 | X509_VERIFY_PARAM_set_flags(vpm, X509_V_FLAG_NO_CHECK_TIME); | |
612 | break; | |
7e1b7485 RS |
613 | } |
614 | return 1; | |
615 | ||
616 | } | |
617 | ||
618 | /* | |
619 | * Parse the next flag (and value if specified), return 0 if done, -1 on | |
620 | * error, otherwise the flag's retval. | |
621 | */ | |
622 | int opt_next(void) | |
623 | { | |
624 | char *p; | |
7e1b7485 | 625 | const OPTIONS *o; |
bd4850df | 626 | int ival; |
03f887ca VD |
627 | long lval; |
628 | unsigned long ulval; | |
629 | ossl_intmax_t imval; | |
630 | ossl_uintmax_t umval; | |
7e1b7485 RS |
631 | |
632 | /* Look at current arg; at end of the list? */ | |
633 | arg = NULL; | |
634 | p = argv[opt_index]; | |
635 | if (p == NULL) | |
636 | return 0; | |
637 | ||
638 | /* If word doesn't start with a -, we're done. */ | |
639 | if (*p != '-') | |
640 | return 0; | |
641 | ||
642 | /* Hit "--" ? We're done. */ | |
643 | opt_index++; | |
644 | if (strcmp(p, "--") == 0) | |
645 | return 0; | |
646 | ||
647 | /* Allow -nnn and --nnn */ | |
648 | if (*++p == '-') | |
649 | p++; | |
650 | flag = p - 1; | |
651 | ||
652 | /* If we have --flag=foo, snip it off */ | |
653 | if ((arg = strchr(p, '=')) != NULL) | |
654 | *arg++ = '\0'; | |
655 | for (o = opts; o->name; ++o) { | |
656 | /* If not this option, move on to the next one. */ | |
657 | if (strcmp(p, o->name) != 0) | |
658 | continue; | |
659 | ||
660 | /* If it doesn't take a value, make sure none was given. */ | |
661 | if (o->valtype == 0 || o->valtype == '-') { | |
662 | if (arg) { | |
663 | BIO_printf(bio_err, | |
664 | "%s: Option -%s does not take a value\n", prog, p); | |
665 | return -1; | |
666 | } | |
667 | return o->retval; | |
668 | } | |
669 | ||
670 | /* Want a value; get the next param if =foo not used. */ | |
671 | if (arg == NULL) { | |
672 | if (argv[opt_index] == NULL) { | |
673 | BIO_printf(bio_err, | |
674 | "%s: Option -%s needs a value\n", prog, o->name); | |
675 | return -1; | |
676 | } | |
677 | arg = argv[opt_index++]; | |
678 | } | |
679 | ||
680 | /* Syntax-check value. */ | |
7e1b7485 RS |
681 | switch (o->valtype) { |
682 | default: | |
683 | case 's': | |
684 | /* Just a string. */ | |
685 | break; | |
686 | case '/': | |
687 | if (app_isdir(arg) >= 0) | |
688 | break; | |
689 | BIO_printf(bio_err, "%s: Not a directory: %s\n", prog, arg); | |
690 | return -1; | |
691 | case '<': | |
692 | /* Input file. */ | |
693 | if (strcmp(arg, "-") == 0 || app_access(arg, R_OK) >= 0) | |
694 | break; | |
695 | BIO_printf(bio_err, | |
696 | "%s: Cannot open input file %s, %s\n", | |
697 | prog, arg, strerror(errno)); | |
698 | return -1; | |
699 | case '>': | |
700 | /* Output file. */ | |
701 | if (strcmp(arg, "-") == 0 || app_access(arg, W_OK) >= 0 || errno == ENOENT) | |
702 | break; | |
703 | BIO_printf(bio_err, | |
704 | "%s: Cannot open output file %s, %s\n", | |
705 | prog, arg, strerror(errno)); | |
706 | return -1; | |
707 | case 'p': | |
708 | case 'n': | |
bd4850df RS |
709 | if (!opt_int(arg, &ival) |
710 | || (o->valtype == 'p' && ival <= 0)) { | |
711 | BIO_printf(bio_err, | |
712 | "%s: Non-positive number \"%s\" for -%s\n", | |
713 | prog, arg, o->name); | |
714 | return -1; | |
7e1b7485 | 715 | } |
bd4850df | 716 | break; |
03f887ca VD |
717 | case 'M': |
718 | if (!opt_imax(arg, &imval)) { | |
719 | BIO_printf(bio_err, | |
720 | "%s: Invalid number \"%s\" for -%s\n", | |
721 | prog, arg, o->name); | |
722 | return -1; | |
723 | } | |
724 | break; | |
725 | case 'U': | |
726 | if (!opt_umax(arg, &umval)) { | |
727 | BIO_printf(bio_err, | |
728 | "%s: Invalid number \"%s\" for -%s\n", | |
729 | prog, arg, o->name); | |
730 | return -1; | |
731 | } | |
732 | break; | |
0c20802c | 733 | case 'l': |
03f887ca VD |
734 | if (!opt_long(arg, &lval)) { |
735 | BIO_printf(bio_err, | |
736 | "%s: Invalid number \"%s\" for -%s\n", | |
737 | prog, arg, o->name); | |
738 | return -1; | |
739 | } | |
740 | break; | |
7e1b7485 | 741 | case 'u': |
03f887ca | 742 | if (!opt_ulong(arg, &ulval)) { |
bd4850df RS |
743 | BIO_printf(bio_err, |
744 | "%s: Invalid number \"%s\" for -%s\n", | |
745 | prog, arg, o->name); | |
746 | return -1; | |
747 | } | |
748 | break; | |
0c20802c | 749 | case 'E': |
7e1b7485 | 750 | case 'F': |
0c20802c | 751 | case 'f': |
7e1b7485 | 752 | if (opt_format(arg, |
0c20802c | 753 | o->valtype == 'E' ? OPT_FMT_PDE : |
7e1b7485 | 754 | o->valtype == 'F' ? OPT_FMT_PEMDER |
bd4850df | 755 | : OPT_FMT_ANY, &ival)) |
7e1b7485 RS |
756 | break; |
757 | BIO_printf(bio_err, | |
758 | "%s: Invalid format \"%s\" for -%s\n", | |
759 | prog, arg, o->name); | |
760 | return -1; | |
761 | } | |
762 | ||
763 | /* Return the flag value. */ | |
764 | return o->retval; | |
765 | } | |
766 | if (unknown != NULL) { | |
767 | dunno = p; | |
768 | return unknown->retval; | |
769 | } | |
770 | BIO_printf(bio_err, "%s: Option unknown option -%s\n", prog, p); | |
771 | return -1; | |
772 | } | |
773 | ||
774 | /* Return the most recent flag parameter. */ | |
775 | char *opt_arg(void) | |
776 | { | |
777 | return arg; | |
778 | } | |
779 | ||
780 | /* Return the most recent flag. */ | |
781 | char *opt_flag(void) | |
782 | { | |
783 | return flag; | |
784 | } | |
785 | ||
786 | /* Return the unknown option. */ | |
787 | char *opt_unknown(void) | |
788 | { | |
789 | return dunno; | |
790 | } | |
791 | ||
792 | /* Return the rest of the arguments after parsing flags. */ | |
793 | char **opt_rest(void) | |
794 | { | |
795 | return &argv[opt_index]; | |
796 | } | |
797 | ||
798 | /* How many items in remaining args? */ | |
799 | int opt_num_rest(void) | |
800 | { | |
801 | int i = 0; | |
802 | char **pp; | |
803 | ||
804 | for (pp = opt_rest(); *pp; pp++, i++) | |
805 | continue; | |
806 | return i; | |
807 | } | |
808 | ||
809 | /* Return a string describing the parameter type. */ | |
810 | static const char *valtype2param(const OPTIONS *o) | |
811 | { | |
812 | switch (o->valtype) { | |
6755ff11 | 813 | case 0: |
7e1b7485 RS |
814 | case '-': |
815 | return ""; | |
816 | case 's': | |
817 | return "val"; | |
818 | case '/': | |
819 | return "dir"; | |
820 | case '<': | |
821 | return "infile"; | |
822 | case '>': | |
823 | return "outfile"; | |
824 | case 'p': | |
0c20802c | 825 | return "+int"; |
7e1b7485 | 826 | case 'n': |
0c20802c VD |
827 | return "int"; |
828 | case 'l': | |
829 | return "long"; | |
7e1b7485 | 830 | case 'u': |
0c20802c VD |
831 | return "ulong"; |
832 | case 'E': | |
833 | return "PEM|DER|ENGINE"; | |
7e1b7485 | 834 | case 'F': |
0c20802c | 835 | return "PEM|DER"; |
7e1b7485 RS |
836 | case 'f': |
837 | return "format"; | |
0c20802c VD |
838 | case 'M': |
839 | return "intmax"; | |
840 | case 'U': | |
841 | return "uintmax"; | |
7e1b7485 RS |
842 | } |
843 | return "parm"; | |
844 | } | |
845 | ||
846 | void opt_help(const OPTIONS *list) | |
847 | { | |
848 | const OPTIONS *o; | |
849 | int i; | |
850 | int standard_prolog; | |
851 | int width = 5; | |
852 | char start[80 + 1]; | |
853 | char *p; | |
854 | const char *help; | |
855 | ||
856 | /* Starts with its own help message? */ | |
857 | standard_prolog = list[0].name != OPT_HELP_STR; | |
858 | ||
859 | /* Find the widest help. */ | |
860 | for (o = list; o->name; o++) { | |
861 | if (o->name == OPT_MORE_STR) | |
862 | continue; | |
863 | i = 2 + (int)strlen(o->name); | |
864 | if (o->valtype != '-') | |
865 | i += 1 + strlen(valtype2param(o)); | |
866 | if (i < MAX_OPT_HELP_WIDTH && i > width) | |
867 | width = i; | |
868 | assert(i < (int)sizeof start); | |
869 | } | |
870 | ||
871 | if (standard_prolog) | |
872 | BIO_printf(bio_err, "Usage: %s [options]\nValid options are:\n", | |
873 | prog); | |
874 | ||
875 | /* Now let's print. */ | |
876 | for (o = list; o->name; o++) { | |
877 | help = o->helpstr ? o->helpstr : "(No additional info)"; | |
878 | if (o->name == OPT_HELP_STR) { | |
879 | BIO_printf(bio_err, help, prog); | |
880 | continue; | |
881 | } | |
882 | ||
883 | /* Pad out prefix */ | |
16f8d4eb | 884 | memset(start, ' ', sizeof(start) - 1); |
7e1b7485 RS |
885 | start[sizeof start - 1] = '\0'; |
886 | ||
887 | if (o->name == OPT_MORE_STR) { | |
888 | /* Continuation of previous line; padd and print. */ | |
889 | start[width] = '\0'; | |
890 | BIO_printf(bio_err, "%s %s\n", start, help); | |
891 | continue; | |
892 | } | |
893 | ||
894 | /* Build up the "-flag [param]" part. */ | |
895 | p = start; | |
896 | *p++ = ' '; | |
897 | *p++ = '-'; | |
898 | if (o->name[0]) | |
899 | p += strlen(strcpy(p, o->name)); | |
900 | else | |
901 | *p++ = '*'; | |
902 | if (o->valtype != '-') { | |
903 | *p++ = ' '; | |
904 | p += strlen(strcpy(p, valtype2param(o))); | |
905 | } | |
906 | *p = ' '; | |
907 | if ((int)(p - start) >= MAX_OPT_HELP_WIDTH) { | |
908 | *p = '\0'; | |
909 | BIO_printf(bio_err, "%s\n", start); | |
16f8d4eb | 910 | memset(start, ' ', sizeof(start)); |
7e1b7485 RS |
911 | } |
912 | start[width] = '\0'; | |
913 | BIO_printf(bio_err, "%s %s\n", start, help); | |
914 | } | |
915 | } | |
916 | ||
917 | #ifdef COMPILE_STANDALONE_TEST_DRIVER | |
918 | # include <sys/stat.h> | |
919 | ||
920 | typedef enum OPTION_choice { | |
921 | OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, | |
922 | OPT_IN, OPT_INFORM, OPT_OUT, OPT_COUNT, OPT_U, OPT_FLAG, | |
923 | OPT_STR, OPT_NOTUSED | |
924 | } OPTION_CHOICE; | |
925 | ||
926 | static OPTIONS options[] = { | |
927 | {OPT_HELP_STR, 1, '-', "Usage: %s flags\n"}, | |
928 | {OPT_HELP_STR, 1, '-', "Valid options are:\n"}, | |
929 | {"help", OPT_HELP, '-', "Display this summary"}, | |
930 | {"in", OPT_IN, '<', "input file"}, | |
931 | {OPT_MORE_STR, 1, '-', "more detail about input"}, | |
932 | {"inform", OPT_INFORM, 'f', "input file format; defaults to pem"}, | |
933 | {"out", OPT_OUT, '>', "output file"}, | |
934 | {"count", OPT_COUNT, 'p', "a counter greater than zero"}, | |
935 | {"u", OPT_U, 'u', "an unsigned number"}, | |
936 | {"flag", OPT_FLAG, 0, "just some flag"}, | |
937 | {"str", OPT_STR, 's', "the magic word"}, | |
938 | {"areallyverylongoption", OPT_HELP, '-', "long way for help"}, | |
939 | {NULL} | |
940 | }; | |
941 | ||
942 | BIO *bio_err; | |
943 | ||
944 | int app_isdir(const char *name) | |
945 | { | |
946 | struct stat sb; | |
947 | ||
948 | return name != NULL && stat(name, &sb) >= 0 && S_ISDIR(sb.st_mode); | |
949 | } | |
950 | ||
951 | int main(int ac, char **av) | |
952 | { | |
953 | OPTION_CHOICE o; | |
954 | char **rest; | |
955 | char *prog; | |
956 | ||
957 | bio_err = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT); | |
958 | ||
959 | prog = opt_init(ac, av, options); | |
960 | while ((o = opt_next()) != OPT_EOF) { | |
961 | switch (c) { | |
962 | case OPT_NOTUSED: | |
963 | case OPT_EOF: | |
964 | case OPT_ERR: | |
965 | printf("%s: Usage error; try -help.\n", prog); | |
966 | return 1; | |
967 | case OPT_HELP: | |
968 | opt_help(options); | |
969 | return 0; | |
970 | case OPT_IN: | |
971 | printf("in %s\n", opt_arg()); | |
972 | break; | |
973 | case OPT_INFORM: | |
974 | printf("inform %s\n", opt_arg()); | |
975 | break; | |
976 | case OPT_OUT: | |
977 | printf("out %s\n", opt_arg()); | |
978 | break; | |
979 | case OPT_COUNT: | |
980 | printf("count %s\n", opt_arg()); | |
981 | break; | |
982 | case OPT_U: | |
983 | printf("u %s\n", opt_arg()); | |
984 | break; | |
985 | case OPT_FLAG: | |
986 | printf("flag\n"); | |
987 | break; | |
988 | case OPT_STR: | |
989 | printf("str %s\n", opt_arg()); | |
990 | break; | |
991 | } | |
992 | } | |
993 | argc = opt_num_rest(); | |
994 | argv = opt_rest(); | |
995 | ||
996 | printf("args = %d\n", argc); | |
997 | if (argc) | |
998 | while (*argv) | |
999 | printf(" %s\n", *argv++); | |
1000 | return 0; | |
1001 | } | |
1002 | #endif |