From: slontis Date: Thu, 15 Dec 2022 02:13:55 +0000 (+1000) Subject: Add help for pkeyopt values for the genpkey commandline app. X-Git-Tag: openssl-3.2.0-alpha1~1235 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2c1ec72a7abb29f2d91eda6f93942670f1cbdb9e;p=thirdparty%2Fopenssl.git Add help for pkeyopt values for the genpkey commandline app. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale Reviewed-by: Todd Short (Merged from https://github.com/openssl/openssl/pull/19931) --- diff --git a/apps/genpkey.c b/apps/genpkey.c index dcb9ad1dd83..52d1b44edbb 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -57,6 +57,50 @@ const OPTIONS genpkey_options[] = { {NULL} }; +static const char *param_datatype_2name(unsigned int type, int *ishex) +{ + *ishex = 0; + + switch (type) { + case OSSL_PARAM_INTEGER: return "int"; + case OSSL_PARAM_UNSIGNED_INTEGER: return "uint"; + case OSSL_PARAM_REAL: return "float"; + case OSSL_PARAM_OCTET_STRING: *ishex = 1; return "string"; + case OSSL_PARAM_UTF8_STRING: return "string"; + default: + return NULL; + } +} + +static void show_gen_pkeyopt(const char *algname, OSSL_LIB_CTX *libctx, const char *propq) +{ + EVP_PKEY_CTX *ctx = NULL; + const OSSL_PARAM *params; + int i, ishex = 0; + + if (algname == NULL) + return; + ctx = EVP_PKEY_CTX_new_from_name(libctx, algname, propq); + if (ctx == NULL) + return; + + if (EVP_PKEY_keygen_init(ctx) <= 0) + goto cleanup; + params = EVP_PKEY_CTX_settable_params(ctx); + if (params == NULL) + goto cleanup; + + BIO_printf(bio_err, "\nThe possible -pkeyopt arguments are:\n"); + for (i = 0; params[i].key != NULL; ++i) { + const char *name = param_datatype_2name(params[i].data_type, &ishex); + + if (name != NULL) + BIO_printf(bio_err, " %s%s:%s\n", ishex ? "hex" : "", params[i].key, name); + } +cleanup: + EVP_PKEY_CTX_free(ctx); +} + int genpkey_main(int argc, char **argv) { CONF *conf = NULL; @@ -88,6 +132,7 @@ int genpkey_main(int argc, char **argv) case OPT_HELP: ret = 0; opt_help(genpkey_options); + show_gen_pkeyopt(algname, libctx, app_get0_propq()); goto end; case OPT_OUTFORM: if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat)) diff --git a/doc/man1/openssl-genpkey.pod.in b/doc/man1/openssl-genpkey.pod.in index f107f4a4115..a1e0c51f4d6 100644 --- a/doc/man1/openssl-genpkey.pod.in +++ b/doc/man1/openssl-genpkey.pod.in @@ -92,6 +92,9 @@ options supported depends on the public key algorithm used and its implementation. See L and L below for more details. +To list the possible I values for an algorithm use: +B B -algorithm XXX -help + =item B<-genparam> Generate a set of parameters instead of a private key. If used this option must diff --git a/test/recipes/15-test_genpkey.t b/test/recipes/15-test_genpkey.t new file mode 100644 index 00000000000..6df2df58550 --- /dev/null +++ b/test/recipes/15-test_genpkey.t @@ -0,0 +1,31 @@ +#! /usr/bin/env perl +# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the Apache License 2.0 (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html + +use strict; +use warnings; + +use OpenSSL::Test qw/:DEFAULT/; +use OpenSSL::Test::Utils; + +setup("test_genpkey"); + +my @algs = (); +push @algs, qw(RSA) unless disabled("rsa"); +push @algs, qw(DSA) unless disabled("dsa"); +push @algs, qw(DH DHX) unless disabled("dh"); +push @algs, qw(EC X25519 X448) unless disabled("ec"); +push @algs, qw(SM2) unless disabled("sm2"); + +plan tests => scalar(@algs); + +foreach (@algs) { + my $alg = $_; + + ok(run(app([ 'openssl', 'genpkey', '-algorithm', $alg, '-help'])), + "show genpkey pkeyopt values for $alg"); +}