2 * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include <openssl/opensslconf.h>
11 #ifdef OPENSSL_NO_ENGINE
12 NON_EMPTY_TRANSLATION_UNIT
20 # include <openssl/err.h>
21 # include <openssl/engine.h>
22 # include <openssl/ssl.h>
23 # include <openssl/store.h>
25 typedef enum OPTION_choice
{
26 OPT_ERR
= -1, OPT_EOF
= 0, OPT_HELP
,
27 OPT_C
, OPT_T
, OPT_TT
, OPT_PRE
, OPT_POST
,
28 OPT_V
= 100, OPT_VV
, OPT_VVV
, OPT_VVVV
31 const OPTIONS engine_options
[] = {
32 {OPT_HELP_STR
, 1, '-', "Usage: %s [options] engine...\n"},
33 {OPT_HELP_STR
, 1, '-',
34 " engine... Engines to load\n"},
35 {"help", OPT_HELP
, '-', "Display this summary"},
36 {"v", OPT_V
, '-', "List 'control commands' For each specified engine"},
37 {"vv", OPT_VV
, '-', "Also display each command's description"},
38 {"vvv", OPT_VVV
, '-', "Also add the input flags for each command"},
39 {"vvvv", OPT_VVVV
, '-', "Also show internal input flags"},
40 {"c", OPT_C
, '-', "List the capabilities of specified engine"},
41 {"t", OPT_T
, '-', "Check that specified engine is available"},
42 {"tt", OPT_TT
, '-', "Display error trace for unavailable engines"},
43 {"pre", OPT_PRE
, 's', "Run command against the ENGINE before loading it"},
44 {"post", OPT_POST
, 's', "Run command against the ENGINE after loading it"},
45 {OPT_MORE_STR
, OPT_EOF
, 1,
46 "Commands are like \"SO_PATH:/lib/libdriver.so\""},
50 static int append_buf(char **buf
, int *size
, const char *s
)
52 const int expand
= 256;
53 int len
= strlen(s
) + 1;
57 *size
= ((len
+ expand
- 1) / expand
) * expand
;
58 p
= *buf
= app_malloc(*size
, "engine buffer");
60 const int blen
= strlen(p
);
66 *size
= ((len
+ expand
- 1) / expand
) * expand
;
67 p
= OPENSSL_realloc(p
, *size
);
87 static int util_flags(BIO
*out
, unsigned int flags
, const char *indent
)
89 int started
= 0, err
= 0;
90 /* Indent before displaying input flags */
91 BIO_printf(out
, "%s%s(input flags): ", indent
, indent
);
93 BIO_printf(out
, "<no flags>\n");
97 * If the object is internal, mark it in a way that shows instead of
98 * having it part of all the other flags, even if it really is.
100 if (flags
& ENGINE_CMD_FLAG_INTERNAL
) {
101 BIO_printf(out
, "[Internal] ");
104 if (flags
& ENGINE_CMD_FLAG_NUMERIC
) {
105 BIO_printf(out
, "NUMERIC");
109 * Now we check that no combinations of the mutually exclusive NUMERIC,
110 * STRING, and NO_INPUT flags have been used. Future flags that can be
111 * OR'd together with these would need to added after these to preserve
114 if (flags
& ENGINE_CMD_FLAG_STRING
) {
116 BIO_printf(out
, "|");
119 BIO_printf(out
, "STRING");
122 if (flags
& ENGINE_CMD_FLAG_NO_INPUT
) {
124 BIO_printf(out
, "|");
127 BIO_printf(out
, "NO_INPUT");
130 /* Check for unknown flags */
131 flags
= flags
& ~ENGINE_CMD_FLAG_NUMERIC
&
132 ~ENGINE_CMD_FLAG_STRING
&
133 ~ENGINE_CMD_FLAG_NO_INPUT
& ~ENGINE_CMD_FLAG_INTERNAL
;
136 BIO_printf(out
, "|");
137 BIO_printf(out
, "<0x%04X>", flags
);
140 BIO_printf(out
, " <illegal flags!>");
141 BIO_printf(out
, "\n");
145 static int util_verbose(ENGINE
*e
, int verbose
, BIO
*out
, const char *indent
)
147 static const int line_wrap
= 78;
154 STACK_OF(OPENSSL_STRING
) *cmds
= NULL
;
155 if (!ENGINE_ctrl(e
, ENGINE_CTRL_HAS_CTRL_FUNCTION
, 0, NULL
, NULL
) ||
156 ((num
= ENGINE_ctrl(e
, ENGINE_CTRL_GET_FIRST_CMD_TYPE
,
157 0, NULL
, NULL
)) <= 0)) {
161 cmds
= sk_OPENSSL_STRING_new_null();
167 /* Get the command input flags */
168 if ((flags
= ENGINE_ctrl(e
, ENGINE_CTRL_GET_CMD_FLAGS
, num
,
171 if (!(flags
& ENGINE_CMD_FLAG_INTERNAL
) || verbose
>= 4) {
172 /* Get the command name */
173 if ((len
= ENGINE_ctrl(e
, ENGINE_CTRL_GET_NAME_LEN_FROM_CMD
, num
,
176 name
= app_malloc(len
+ 1, "name buffer");
177 if (ENGINE_ctrl(e
, ENGINE_CTRL_GET_NAME_FROM_CMD
, num
, name
,
180 /* Get the command description */
181 if ((len
= ENGINE_ctrl(e
, ENGINE_CTRL_GET_DESC_LEN_FROM_CMD
, num
,
185 desc
= app_malloc(len
+ 1, "description buffer");
186 if (ENGINE_ctrl(e
, ENGINE_CTRL_GET_DESC_FROM_CMD
, num
, desc
,
190 /* Now decide on the output */
193 xpos
= BIO_puts(out
, indent
);
195 /* Otherwise prepend a ", " */
196 xpos
+= BIO_printf(out
, ", ");
199 * We're just listing names, comma-delimited
201 if ((xpos
> (int)strlen(indent
)) &&
202 (xpos
+ (int)strlen(name
) > line_wrap
)) {
203 BIO_printf(out
, "\n");
204 xpos
= BIO_puts(out
, indent
);
206 xpos
+= BIO_printf(out
, "%s", name
);
208 /* We're listing names plus descriptions */
209 BIO_printf(out
, "%s: %s\n", name
,
210 (desc
== NULL
) ? "<no description>" : desc
);
211 /* ... and sometimes input flags */
212 if ((verbose
>= 3) && !util_flags(out
, flags
, indent
))
221 /* Move to the next command */
222 num
= ENGINE_ctrl(e
, ENGINE_CTRL_GET_NEXT_CMD_TYPE
, num
, NULL
, NULL
);
225 BIO_printf(out
, "\n");
228 sk_OPENSSL_STRING_free(cmds
);
234 static void util_do_cmds(ENGINE
*e
, STACK_OF(OPENSSL_STRING
) *cmds
,
235 BIO
*out
, const char *indent
)
237 int loop
, res
, num
= sk_OPENSSL_STRING_num(cmds
);
240 BIO_printf(out
, "[Error]: internal stack error\n");
243 for (loop
= 0; loop
< num
; loop
++) {
245 const char *cmd
, *arg
;
246 cmd
= sk_OPENSSL_STRING_value(cmds
, loop
);
247 res
= 1; /* assume success */
248 /* Check if this command has no ":arg" */
249 if ((arg
= strstr(cmd
, ":")) == NULL
) {
250 if (!ENGINE_ctrl_cmd_string(e
, cmd
, NULL
, 0))
253 if ((int)(arg
- cmd
) > 254) {
254 BIO_printf(out
, "[Error]: command name too long\n");
257 memcpy(buf
, cmd
, (int)(arg
- cmd
));
258 buf
[arg
- cmd
] = '\0';
259 arg
++; /* Move past the ":" */
260 /* Call the command with the argument */
261 if (!ENGINE_ctrl_cmd_string(e
, buf
, arg
, 0))
265 BIO_printf(out
, "[Success]: %s\n", cmd
);
267 BIO_printf(out
, "[Failure]: %s\n", cmd
);
268 ERR_print_errors(out
);
273 struct util_store_cap_data
{
279 static void util_store_cap(const OSSL_STORE_LOADER
*loader
, void *arg
)
281 struct util_store_cap_data
*ctx
= arg
;
283 if (OSSL_STORE_LOADER_get0_engine(loader
) == ctx
->engine
) {
285 BIO_snprintf(buf
, sizeof(buf
), "STORE(%s)",
286 OSSL_STORE_LOADER_get0_scheme(loader
));
287 if (!append_buf(ctx
->cap_buf
, ctx
->cap_size
, buf
))
292 int engine_main(int argc
, char **argv
)
295 int verbose
= 0, list_cap
= 0, test_avail
= 0, test_avail_noise
= 0;
297 STACK_OF(OPENSSL_CSTRING
) *engines
= sk_OPENSSL_CSTRING_new_null();
298 STACK_OF(OPENSSL_STRING
) *pre_cmds
= sk_OPENSSL_STRING_new_null();
299 STACK_OF(OPENSSL_STRING
) *post_cmds
= sk_OPENSSL_STRING_new_null();
301 const char *indent
= " ";
306 out
= dup_bio_out(FORMAT_TEXT
);
307 if (engines
== NULL
|| pre_cmds
== NULL
|| post_cmds
== NULL
)
310 /* Remember the original command name, parse/skip any leading engine
311 * names, and then setup to parse the rest of the line as flags. */
313 while ((argv1
= argv
[1]) != NULL
&& *argv1
!= '-') {
314 sk_OPENSSL_CSTRING_push(engines
, argv1
);
319 opt_init(argc
, argv
, engine_options
);
321 while ((o
= opt_next()) != OPT_EOF
) {
325 BIO_printf(bio_err
, "%s: Use -help for summary.\n", prog
);
328 opt_help(engine_options
);
335 /* Convert to an integer from one to four. */
336 i
= (int)(o
- OPT_V
) + 1;
350 sk_OPENSSL_STRING_push(pre_cmds
, opt_arg());
353 sk_OPENSSL_STRING_push(post_cmds
, opt_arg());
358 /* Allow any trailing parameters as engine names. */
359 argc
= opt_num_rest();
361 for ( ; *argv
; argv
++) {
363 BIO_printf(bio_err
, "%s: Cannot mix flags and engine names.\n",
365 BIO_printf(bio_err
, "%s: Use -help for summary.\n", prog
);
368 sk_OPENSSL_CSTRING_push(engines
, *argv
);
371 if (sk_OPENSSL_CSTRING_num(engines
) == 0) {
372 for (e
= ENGINE_get_first(); e
!= NULL
; e
= ENGINE_get_next(e
)) {
373 sk_OPENSSL_CSTRING_push(engines
, ENGINE_get_id(e
));
378 for (i
= 0; i
< sk_OPENSSL_CSTRING_num(engines
); i
++) {
379 const char *id
= sk_OPENSSL_CSTRING_value(engines
, i
);
380 if ((e
= ENGINE_by_id(id
)) != NULL
) {
381 const char *name
= ENGINE_get_name(e
);
383 * Do "id" first, then "name". Easier to auto-parse.
385 BIO_printf(out
, "(%s) %s\n", id
, name
);
386 util_do_cmds(e
, pre_cmds
, out
, indent
);
387 if (strcmp(ENGINE_get_id(e
), id
) != 0) {
388 BIO_printf(out
, "Loaded: (%s) %s\n",
389 ENGINE_get_id(e
), ENGINE_get_name(e
));
393 char *cap_buf
= NULL
;
396 ENGINE_CIPHERS_PTR fn_c
;
397 ENGINE_DIGESTS_PTR fn_d
;
398 ENGINE_PKEY_METHS_PTR fn_pk
;
400 if (ENGINE_get_RSA(e
) != NULL
401 && !append_buf(&cap_buf
, &cap_size
, "RSA"))
403 if (ENGINE_get_DSA(e
) != NULL
404 && !append_buf(&cap_buf
, &cap_size
, "DSA"))
406 if (ENGINE_get_DH(e
) != NULL
407 && !append_buf(&cap_buf
, &cap_size
, "DH"))
409 if (ENGINE_get_RAND(e
) != NULL
410 && !append_buf(&cap_buf
, &cap_size
, "RAND"))
413 fn_c
= ENGINE_get_ciphers(e
);
416 n
= fn_c(e
, NULL
, &nids
, 0);
417 for (k
= 0; k
< n
; ++k
)
418 if (!append_buf(&cap_buf
, &cap_size
, OBJ_nid2sn(nids
[k
])))
422 fn_d
= ENGINE_get_digests(e
);
425 n
= fn_d(e
, NULL
, &nids
, 0);
426 for (k
= 0; k
< n
; ++k
)
427 if (!append_buf(&cap_buf
, &cap_size
, OBJ_nid2sn(nids
[k
])))
431 fn_pk
= ENGINE_get_pkey_meths(e
);
434 n
= fn_pk(e
, NULL
, &nids
, 0);
435 for (k
= 0; k
< n
; ++k
)
436 if (!append_buf(&cap_buf
, &cap_size
, OBJ_nid2sn(nids
[k
])))
440 struct util_store_cap_data store_ctx
;
442 store_ctx
.engine
= e
;
443 store_ctx
.cap_buf
= &cap_buf
;
444 store_ctx
.cap_size
= &cap_size
;
447 OSSL_STORE_do_all_loaders(util_store_cap
, &store_ctx
);
451 if (cap_buf
!= NULL
&& (*cap_buf
!= '\0'))
452 BIO_printf(out
, " [%s]\n", cap_buf
);
454 OPENSSL_free(cap_buf
);
457 BIO_printf(out
, "%s", indent
);
458 if (ENGINE_init(e
)) {
459 BIO_printf(out
, "[ available ]\n");
460 util_do_cmds(e
, post_cmds
, out
, indent
);
463 BIO_printf(out
, "[ unavailable ]\n");
464 if (test_avail_noise
)
465 ERR_print_errors_fp(stdout
);
469 if ((verbose
> 0) && !util_verbose(e
, verbose
, out
, indent
))
473 ERR_print_errors(bio_err
);
474 /* because exit codes above 127 have special meaning on Unix */
482 ERR_print_errors(bio_err
);
483 sk_OPENSSL_CSTRING_free(engines
);
484 sk_OPENSSL_STRING_free(pre_cmds
);
485 sk_OPENSSL_STRING_free(post_cmds
);