apps/storeutl.c

   1 /*
   2  * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the OpenSSL license (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <openssl/opensslconf.h>
  11
  12 #include "apps.h"
  13 #include <openssl/err.h>
  14 #include <openssl/pem.h>
  15 #include <openssl/store.h>
  16
  17 static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
  18                    int text, int noout, int recursive, int indent, BIO *out);
  19
  20 typedef enum OPTION_choice {
  21     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ENGINE, OPT_OUT, OPT_PASSIN,
  22     OPT_NOOUT, OPT_TEXT, OPT_RECURSIVE
  23 } OPTION_CHOICE;
  24
  25 const OPTIONS storeutl_options[] = {
  26     {OPT_HELP_STR, 1, '-', "Usage: %s [options] uri\nValid options are:\n"},
  27     {"help", OPT_HELP, '-', "Display this summary"},
  28     {"out", OPT_OUT, '>', "Output file - default stdout"},
  29     {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
  30     {"text", OPT_TEXT, '-', "Print a text form of the objects"},
  31     {"noout", OPT_NOOUT, '-', "No PEM output, just status"},
  32 #ifndef OPENSSL_NO_ENGINE
  33     {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
  34 #endif
  35     {"r", OPT_RECURSIVE, '-', "Recurse through names"},
  36     {NULL}
  37 };
  38
  39 int storeutl_main(int argc, char *argv[])
  40 {
  41     int ret = 1, noout = 0, text = 0, recursive = 0;
  42     char *outfile = NULL, *passin = NULL, *passinarg = NULL;
  43     BIO *out = NULL;
  44     ENGINE *e = NULL;
  45     OPTION_CHOICE o;
  46     char *prog = opt_init(argc, argv, storeutl_options);
  47     PW_CB_DATA pw_cb_data;
  48
  49     while ((o = opt_next()) != OPT_EOF) {
  50         switch (o) {
  51         case OPT_EOF:
  52         case OPT_ERR:
  53  opthelp:
  54             BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
  55             goto end;
  56         case OPT_HELP:
  57             opt_help(storeutl_options);
  58             ret = 0;
  59             goto end;
  60         case OPT_OUT:
  61             outfile = opt_arg();
  62             break;
  63         case OPT_PASSIN:
  64             passinarg = opt_arg();
  65             break;
  66         case OPT_NOOUT:
  67             noout = 1;
  68             break;
  69         case OPT_TEXT:
  70             text = 1;
  71             break;
  72         case OPT_RECURSIVE:
  73             recursive = 1;
  74             break;
  75         case OPT_ENGINE:
  76             e = setup_engine(opt_arg(), 0);
  77             break;
  78         }
  79     }
  80     argc = opt_num_rest();
  81     argv = opt_rest();
  82
  83     if (argc == 0) {
  84         BIO_printf(bio_err, "%s: No URI given, nothing to do...\n", prog);
  85         goto opthelp;
  86     }
  87     if (argc > 1) {
  88         BIO_printf(bio_err, "%s: Unknown extra parameters after URI\n", prog);
  89         goto opthelp;
  90     }
  91
  92     if (!app_passwd(passinarg, NULL, &passin, NULL)) {
  93         BIO_printf(bio_err, "Error getting passwords\n");
  94         goto end;
  95     }
  96     pw_cb_data.password = passin;
  97     pw_cb_data.prompt_info = argv[0];
  98
  99     out = bio_open_default(outfile, 'w', FORMAT_TEXT);
 100     if (out == NULL)
 101         goto end;
 102
 103     ret = process(argv[0], get_ui_method(), &pw_cb_data, text, noout, recursive,
 104                   0, out);
 105
 106  end:
 107     BIO_free_all(out);
 108     OPENSSL_free(passin);
 109     release_engine(e);
 110     return ret;
 111 }
 112
 113 static int indent_printf(int indent, BIO *bio, const char *format, ...)
 114 {
 115     va_list args;
 116     int ret;
 117
 118     va_start(args, format);
 119
 120     ret = BIO_printf(bio, "%*s", indent, "") + BIO_vprintf(bio, format, args);
 121
 122     va_end(args);
 123     return ret;
 124 }
 125
 126 static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
 127                    int text, int noout, int recursive, int indent, BIO *out)
 128 {
 129     OSSL_STORE_CTX *store_ctx = NULL;
 130     int ret = 1, items = 0;
 131
 132     if ((store_ctx = OSSL_STORE_open(uri, uimeth, uidata, NULL, NULL))
 133         == NULL) {
 134         BIO_printf(bio_err, "Couldn't open file or uri %s\n", uri);
 135         ERR_print_errors(bio_err);
 136         return ret;
 137     }
 138
 139     /* From here on, we count errors, and we'll return the count at the end */
 140     ret = 0;
 141
 142     for (;;) {
 143         OSSL_STORE_INFO *info = OSSL_STORE_load(store_ctx);
 144         int type = info == NULL ? 0 : OSSL_STORE_INFO_get_type(info);
 145         const char *infostr =
 146             info == NULL ? NULL : OSSL_STORE_INFO_type_string(type);
 147
 148         if (info == NULL) {
 149             if (OSSL_STORE_eof(store_ctx))
 150                 break;
 151
 152             if (OSSL_STORE_error(store_ctx)) {
 153                 if (recursive)
 154                     ERR_clear_error();
 155                 else
 156                     ERR_print_errors(bio_err);
 157                 ret++;
 158                 continue;
 159             }
 160
 161             BIO_printf(bio_err,
 162                        "ERROR: OSSL_STORE_load() returned NULL without "
 163                        "eof or error indications\n");
 164             BIO_printf(bio_err, "       This is an error in the loader\n");
 165             ERR_print_errors(bio_err);
 166             ret++;
 167             break;
 168         }
 169
 170         if (type == OSSL_STORE_INFO_NAME) {
 171             const char *name = OSSL_STORE_INFO_get0_NAME(info);
 172             const char *desc = OSSL_STORE_INFO_get0_NAME_description(info);
 173             indent_printf(indent, bio_out, "%d: %s: %s\n", items, infostr,
 174                           name);
 175             if (desc != NULL)
 176                 indent_printf(indent, bio_out, "%s\n", desc);
 177         } else {
 178             indent_printf(indent, bio_out, "%d: %s\n", items, infostr);
 179         }
 180
 181         /*
 182          * Unfortunately, PEM_X509_INFO_write_bio() is sorely lacking in
 183          * functionality, so we must figure out how exactly to write things
 184          * ourselves...
 185          */
 186         switch (type) {
 187         case OSSL_STORE_INFO_NAME:
 188             if (recursive) {
 189                 const char *suburi = OSSL_STORE_INFO_get0_NAME(info);
 190                 ret += process(suburi, uimeth, uidata, text, noout, recursive,
 191                                indent + 2, out);
 192             }
 193             break;
 194         case OSSL_STORE_INFO_PARAMS:
 195             if (text)
 196                 EVP_PKEY_print_params(out, OSSL_STORE_INFO_get0_PARAMS(info),
 197                                       0, NULL);
 198             if (!noout)
 199                 PEM_write_bio_Parameters(out,
 200                                          OSSL_STORE_INFO_get0_PARAMS(info));
 201             break;
 202         case OSSL_STORE_INFO_PKEY:
 203             if (text)
 204                 EVP_PKEY_print_private(out, OSSL_STORE_INFO_get0_PKEY(info),
 205                                        0, NULL);
 206             if (!noout)
 207                 PEM_write_bio_PrivateKey(out, OSSL_STORE_INFO_get0_PKEY(info),
 208                                          NULL, NULL, 0, NULL, NULL);
 209             break;
 210         case OSSL_STORE_INFO_CERT:
 211             if (text)
 212                 X509_print(out, OSSL_STORE_INFO_get0_CERT(info));
 213             if (!noout)
 214                 PEM_write_bio_X509(out, OSSL_STORE_INFO_get0_CERT(info));
 215             break;
 216         case OSSL_STORE_INFO_CRL:
 217             if (text)
 218                 X509_CRL_print(out, OSSL_STORE_INFO_get0_CRL(info));
 219             if (!noout)
 220                 PEM_write_bio_X509_CRL(out, OSSL_STORE_INFO_get0_CRL(info));
 221             break;
 222         default:
 223             BIO_printf(bio_err, "!!! Unknown code\n");
 224             ret++;
 225             break;
 226         }
 227         items++;
 228         OSSL_STORE_INFO_free(info);
 229     }
 230     indent_printf(indent, out, "Total found: %d\n", items);
 231
 232     if (!OSSL_STORE_close(store_ctx)) {
 233         ERR_print_errors(bio_err);
 234         ret++;
 235     }
 236
 237     return ret;
 238 }