]> git.ipfire.org Git - thirdparty/openssl.git/blob - apps/pkey.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Check that the subject name in a proxy cert complies to RFC 3820
[thirdparty/openssl.git] / apps / pkey.c
1 /* apps/pkey.c */
2 /*
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
4 * 2006
5 */
6 /* ====================================================================
7 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * licensing@OpenSSL.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59 #include <stdio.h>
60 #include <string.h>
61 #include "apps.h"
62 #include <openssl/pem.h>
63 #include <openssl/err.h>
64 #include <openssl/evp.h>
65
66 #define PROG pkey_main
67
68 int MAIN(int, char **);
69
70 int MAIN(int argc, char **argv)
71 {
72 ENGINE *e = NULL;
73 char **args, *infile = NULL, *outfile = NULL;
74 char *passargin = NULL, *passargout = NULL;
75 BIO *in = NULL, *out = NULL;
76 const EVP_CIPHER *cipher = NULL;
77 int informat, outformat;
78 int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
79 EVP_PKEY *pkey = NULL;
80 char *passin = NULL, *passout = NULL;
81 int badarg = 0;
82 #ifndef OPENSSL_NO_ENGINE
83 char *engine = NULL;
84 #endif
85 int ret = 1;
86
87 if (bio_err == NULL)
88 bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
89
90 if (!load_config(bio_err, NULL))
91 goto end;
92
93 informat = FORMAT_PEM;
94 outformat = FORMAT_PEM;
95
96 ERR_load_crypto_strings();
97 OpenSSL_add_all_algorithms();
98 args = argv + 1;
99 while (!badarg && *args && *args[0] == '-') {
100 if (!strcmp(*args, "-inform")) {
101 if (args[1]) {
102 args++;
103 informat = str2fmt(*args);
104 } else
105 badarg = 1;
106 } else if (!strcmp(*args, "-outform")) {
107 if (args[1]) {
108 args++;
109 outformat = str2fmt(*args);
110 } else
111 badarg = 1;
112 } else if (!strcmp(*args, "-passin")) {
113 if (!args[1])
114 goto bad;
115 passargin = *(++args);
116 } else if (!strcmp(*args, "-passout")) {
117 if (!args[1])
118 goto bad;
119 passargout = *(++args);
120 }
121 #ifndef OPENSSL_NO_ENGINE
122 else if (strcmp(*args, "-engine") == 0) {
123 if (!args[1])
124 goto bad;
125 engine = *(++args);
126 }
127 #endif
128 else if (!strcmp(*args, "-in")) {
129 if (args[1]) {
130 args++;
131 infile = *args;
132 } else
133 badarg = 1;
134 } else if (!strcmp(*args, "-out")) {
135 if (args[1]) {
136 args++;
137 outfile = *args;
138 } else
139 badarg = 1;
140 } else if (strcmp(*args, "-pubin") == 0) {
141 pubin = 1;
142 pubout = 1;
143 pubtext = 1;
144 } else if (strcmp(*args, "-pubout") == 0)
145 pubout = 1;
146 else if (strcmp(*args, "-text_pub") == 0) {
147 pubtext = 1;
148 text = 1;
149 } else if (strcmp(*args, "-text") == 0)
150 text = 1;
151 else if (strcmp(*args, "-noout") == 0)
152 noout = 1;
153 else {
154 cipher = EVP_get_cipherbyname(*args + 1);
155 if (!cipher) {
156 BIO_printf(bio_err, "Unknown cipher %s\n", *args + 1);
157 badarg = 1;
158 }
159 }
160 args++;
161 }
162
163 if (badarg) {
164 bad:
165 BIO_printf(bio_err, "Usage pkey [options]\n");
166 BIO_printf(bio_err, "where options are\n");
167 BIO_printf(bio_err, "-in file input file\n");
168 BIO_printf(bio_err, "-inform X input format (DER or PEM)\n");
169 BIO_printf(bio_err,
170 "-passin arg input file pass phrase source\n");
171 BIO_printf(bio_err, "-outform X output format (DER or PEM)\n");
172 BIO_printf(bio_err, "-out file output file\n");
173 BIO_printf(bio_err,
174 "-passout arg output file pass phrase source\n");
175 #ifndef OPENSSL_NO_ENGINE
176 BIO_printf(bio_err,
177 "-engine e use engine e, possibly a hardware device.\n");
178 #endif
179 return 1;
180 }
181 #ifndef OPENSSL_NO_ENGINE
182 e = setup_engine(bio_err, engine, 0);
183 #endif
184
185 if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
186 BIO_printf(bio_err, "Error getting passwords\n");
187 goto end;
188 }
189
190 if (outfile) {
191 if (!(out = BIO_new_file(outfile, "wb"))) {
192 BIO_printf(bio_err, "Can't open output file %s\n", outfile);
193 goto end;
194 }
195 } else {
196 out = BIO_new_fp(stdout, BIO_NOCLOSE);
197 #ifdef OPENSSL_SYS_VMS
198 {
199 BIO *tmpbio = BIO_new(BIO_f_linebuffer());
200 out = BIO_push(tmpbio, out);
201 }
202 #endif
203 }
204
205 if (pubin)
206 pkey = load_pubkey(bio_err, infile, informat, 1,
207 passin, e, "Public Key");
208 else
209 pkey = load_key(bio_err, infile, informat, 1, passin, e, "key");
210 if (!pkey)
211 goto end;
212
213 if (!noout) {
214 if (outformat == FORMAT_PEM) {
215 if (pubout)
216 PEM_write_bio_PUBKEY(out, pkey);
217 else
218 PEM_write_bio_PrivateKey(out, pkey, cipher,
219 NULL, 0, NULL, passout);
220 } else if (outformat == FORMAT_ASN1) {
221 if (pubout)
222 i2d_PUBKEY_bio(out, pkey);
223 else
224 i2d_PrivateKey_bio(out, pkey);
225 } else {
226 BIO_printf(bio_err, "Bad format specified for key\n");
227 goto end;
228 }
229
230 }
231
232 if (text) {
233 if (pubtext)
234 EVP_PKEY_print_public(out, pkey, 0, NULL);
235 else
236 EVP_PKEY_print_private(out, pkey, 0, NULL);
237 }
238
239 ret = 0;
240
241 end:
242 EVP_PKEY_free(pkey);
243 BIO_free_all(out);
244 BIO_free(in);
245 if (passin)
246 OPENSSL_free(passin);
247 if (passout)
248 OPENSSL_free(passout);
249
250 return ret;
251 }
A mirror of the official openssl repository