Context Navigation

source: trunk/third/openssl/apps/spkac.c @ 18442

Visit:

Revision 18442, 8.1 KB checked in by zacheiss, 21 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r18441, which included commits to RCS files with non-trunk default branches.

Line
1	/* apps/spkac.c */
2
3	/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
4	* project 1999. Based on an original idea by Massimiliano Pala
5	* (madwolf@openca.org).
6	*/
7	/* ====================================================================
8	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
9	*
10	* Redistribution and use in source and binary forms, with or without
11	* modification, are permitted provided that the following conditions
12	* are met:
13	*
14	* 1. Redistributions of source code must retain the above copyright
15	* notice, this list of conditions and the following disclaimer.
16	*
17	* 2. Redistributions in binary form must reproduce the above copyright
18	* notice, this list of conditions and the following disclaimer in
19	* the documentation and/or other materials provided with the
20	* distribution.
21	*
22	* 3. All advertising materials mentioning features or use of this
23	* software must display the following acknowledgment:
24	* "This product includes software developed by the OpenSSL Project
25	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
26	*
27	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
28	* endorse or promote products derived from this software without
29	* prior written permission. For written permission, please contact
30	* licensing@OpenSSL.org.
31	*
32	* 5. Products derived from this software may not be called "OpenSSL"
33	* nor may "OpenSSL" appear in their names without prior written
34	* permission of the OpenSSL Project.
35	*
36	* 6. Redistributions of any form whatsoever must retain the following
37	* acknowledgment:
38	* "This product includes software developed by the OpenSSL Project
39	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
42	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
44	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
45	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
46	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
47	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
48	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
49	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
50	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
51	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52	* OF THE POSSIBILITY OF SUCH DAMAGE.
53	* ====================================================================
54	*
55	* This product includes cryptographic software written by Eric Young
56	* (eay@cryptsoft.com). This product includes software written by Tim
57	* Hudson (tjh@cryptsoft.com).
58	*
59	*/
60	#include <stdio.h>
61	#include <stdlib.h>
62	#include <string.h>
63	#include <time.h>
64	#include "apps.h"
65	#include <openssl/bio.h>
66	#include <openssl/conf.h>
67	#include <openssl/err.h>
68	#include <openssl/evp.h>
69	#include <openssl/lhash.h>
70	#include <openssl/x509.h>
71	#include <openssl/pem.h>
72
73	#undef PROG
74	#define PROG spkac_main
75
76	/* -in arg - input file - default stdin
77	* -out arg - output file - default stdout
78	*/
79
80	int MAIN(int, char **);
81
82	int MAIN(int argc, char **argv)
83	{
84	ENGINE *e = NULL;
85	int i,badops=0, ret = 1;
86	BIO in = NULL,out = NULL;
87	int verify=0,noout=0,pubkey=0;
88	char infile = NULL,outfile = NULL,*prog;
89	char passargin = NULL, passin = NULL;
90	char spkac = "SPKAC", spksect = "default", *spkstr = NULL;
91	char challenge = NULL, keyfile = NULL;
92	CONF *conf = NULL;
93	NETSCAPE_SPKI *spki = NULL;
94	EVP_PKEY *pkey = NULL;
95	char *engine=NULL;
96
97	apps_startup();
98
99	if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
100
101	if (!load_config(bio_err, NULL))
102	goto end;
103
104	prog=argv[0];
105	argc--;
106	argv++;
107	while (argc >= 1)
108	{
109	if (strcmp(*argv,"-in") == 0)
110	{
111	if (--argc < 1) goto bad;
112	infile= *(++argv);
113	}
114	else if (strcmp(*argv,"-out") == 0)
115	{
116	if (--argc < 1) goto bad;
117	outfile= *(++argv);
118	}
119	else if (strcmp(*argv,"-passin") == 0)
120	{
121	if (--argc < 1) goto bad;
122	passargin= *(++argv);
123	}
124	else if (strcmp(*argv,"-key") == 0)
125	{
126	if (--argc < 1) goto bad;
127	keyfile= *(++argv);
128	}
129	else if (strcmp(*argv,"-challenge") == 0)
130	{
131	if (--argc < 1) goto bad;
132	challenge= *(++argv);
133	}
134	else if (strcmp(*argv,"-spkac") == 0)
135	{
136	if (--argc < 1) goto bad;
137	spkac= *(++argv);
138	}
139	else if (strcmp(*argv,"-spksect") == 0)
140	{
141	if (--argc < 1) goto bad;
142	spksect= *(++argv);
143	}
144	else if (strcmp(*argv,"-engine") == 0)
145	{
146	if (--argc < 1) goto bad;
147	engine= *(++argv);
148	}
149	else if (strcmp(*argv,"-noout") == 0)
150	noout=1;
151	else if (strcmp(*argv,"-pubkey") == 0)
152	pubkey=1;
153	else if (strcmp(*argv,"-verify") == 0)
154	verify=1;
155	else badops = 1;
156	argc--;
157	argv++;
158	}
159
160	if (badops)
161	{
162	bad:
163	BIO_printf(bio_err,"%s [options]\n",prog);
164	BIO_printf(bio_err,"where options are\n");
165	BIO_printf(bio_err," -in arg input file\n");
166	BIO_printf(bio_err," -out arg output file\n");
167	BIO_printf(bio_err," -key arg create SPKAC using private key\n");
168	BIO_printf(bio_err," -passin arg input file pass phrase source\n");
169	BIO_printf(bio_err," -challenge arg challenge string\n");
170	BIO_printf(bio_err," -spkac arg alternative SPKAC name\n");
171	BIO_printf(bio_err," -noout don't print SPKAC\n");
172	BIO_printf(bio_err," -pubkey output public key\n");
173	BIO_printf(bio_err," -verify verify SPKAC signature\n");
174	BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
175	goto end;
176	}
177
178	ERR_load_crypto_strings();
179	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
180	BIO_printf(bio_err, "Error getting password\n");
181	goto end;
182	}
183
184	e = setup_engine(bio_err, engine, 0);
185
186	if(keyfile) {
187	pkey = load_key(bio_err,
188	strcmp(keyfile, "-") ? keyfile : NULL,
189	FORMAT_PEM, 1, passin, e, "private key");
190	if(!pkey) {
191	goto end;
192	}
193	spki = NETSCAPE_SPKI_new();
194	if(challenge) ASN1_STRING_set(spki->spkac->challenge,
195	challenge, strlen(challenge));
196	NETSCAPE_SPKI_set_pubkey(spki, pkey);
197	NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
198	spkstr = NETSCAPE_SPKI_b64_encode(spki);
199
200	if (outfile) out = BIO_new_file(outfile, "w");
201	else {
202	out = BIO_new_fp(stdout, BIO_NOCLOSE);
203	#ifdef OPENSSL_SYS_VMS
204	{
205	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
206	out = BIO_push(tmpbio, out);
207	}
208	#endif
209	}
210
211	if(!out) {
212	BIO_printf(bio_err, "Error opening output file\n");
213	ERR_print_errors(bio_err);
214	goto end;
215	}
216	BIO_printf(out, "SPKAC=%s\n", spkstr);
217	OPENSSL_free(spkstr);
218	ret = 0;
219	goto end;
220	}
221
222
223
224	if (infile) in = BIO_new_file(infile, "r");
225	else in = BIO_new_fp(stdin, BIO_NOCLOSE);
226
227	if(!in) {
228	BIO_printf(bio_err, "Error opening input file\n");
229	ERR_print_errors(bio_err);
230	goto end;
231	}
232
233	conf = NCONF_new(NULL);
234	i = NCONF_load_bio(conf, in, NULL);
235
236	if(!i) {
237	BIO_printf(bio_err, "Error parsing config file\n");
238	ERR_print_errors(bio_err);
239	goto end;
240	}
241
242	spkstr = NCONF_get_string(conf, spksect, spkac);
243
244	if(!spkstr) {
245	BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac);
246	ERR_print_errors(bio_err);
247	goto end;
248	}
249
250	spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
251
252	if(!spki) {
253	BIO_printf(bio_err, "Error loading SPKAC\n");
254	ERR_print_errors(bio_err);
255	goto end;
256	}
257
258	if (outfile) out = BIO_new_file(outfile, "w");
259	else {
260	out = BIO_new_fp(stdout, BIO_NOCLOSE);
261	#ifdef OPENSSL_SYS_VMS
262	{
263	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
264	out = BIO_push(tmpbio, out);
265	}
266	#endif
267	}
268
269	if(!out) {
270	BIO_printf(bio_err, "Error opening output file\n");
271	ERR_print_errors(bio_err);
272	goto end;
273	}
274
275	if(!noout) NETSCAPE_SPKI_print(out, spki);
276	pkey = NETSCAPE_SPKI_get_pubkey(spki);
277	if(verify) {
278	i = NETSCAPE_SPKI_verify(spki, pkey);
279	if(i) BIO_printf(bio_err, "Signature OK\n");
280	else {
281	BIO_printf(bio_err, "Signature Failure\n");
282	ERR_print_errors(bio_err);
283	goto end;
284	}
285	}
286	if(pubkey) PEM_write_bio_PUBKEY(out, pkey);
287
288	ret = 0;
289
290	end:
291	NCONF_free(conf);
292	NETSCAPE_SPKI_free(spki);
293	BIO_free(in);
294	BIO_free_all(out);
295	EVP_PKEY_free(pkey);
296	if(passin) OPENSSL_free(passin);
297	apps_shutdown();
298	OPENSSL_EXIT(ret);
299	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: