Context Navigation

source: trunk/third/openssl/apps/spkac.c @ 15530

Visit:

Revision 15530, 8.0 KB checked in by ghudson, 23 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r15529, which included commits to RCS files with non-trunk default branches.

Line
1	/* apps/spkac.c */
2
3	/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
4	* project 1999. Based on an original idea by Massimiliano Pala
5	* (madwolf@openca.org).
6	*/
7	/* ====================================================================
8	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
9	*
10	* Redistribution and use in source and binary forms, with or without
11	* modification, are permitted provided that the following conditions
12	* are met:
13	*
14	* 1. Redistributions of source code must retain the above copyright
15	* notice, this list of conditions and the following disclaimer.
16	*
17	* 2. Redistributions in binary form must reproduce the above copyright
18	* notice, this list of conditions and the following disclaimer in
19	* the documentation and/or other materials provided with the
20	* distribution.
21	*
22	* 3. All advertising materials mentioning features or use of this
23	* software must display the following acknowledgment:
24	* "This product includes software developed by the OpenSSL Project
25	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
26	*
27	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
28	* endorse or promote products derived from this software without
29	* prior written permission. For written permission, please contact
30	* licensing@OpenSSL.org.
31	*
32	* 5. Products derived from this software may not be called "OpenSSL"
33	* nor may "OpenSSL" appear in their names without prior written
34	* permission of the OpenSSL Project.
35	*
36	* 6. Redistributions of any form whatsoever must retain the following
37	* acknowledgment:
38	* "This product includes software developed by the OpenSSL Project
39	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
42	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
44	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
45	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
46	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
47	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
48	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
49	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
50	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
51	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52	* OF THE POSSIBILITY OF SUCH DAMAGE.
53	* ====================================================================
54	*
55	* This product includes cryptographic software written by Eric Young
56	* (eay@cryptsoft.com). This product includes software written by Tim
57	* Hudson (tjh@cryptsoft.com).
58	*
59	*/
60	#include <stdio.h>
61	#include <stdlib.h>
62	#include <string.h>
63	#include <time.h>
64	#include "apps.h"
65	#include <openssl/bio.h>
66	#include <openssl/conf.h>
67	#include <openssl/err.h>
68	#include <openssl/evp.h>
69	#include <openssl/lhash.h>
70	#include <openssl/x509.h>
71	#include <openssl/pem.h>
72
73	#undef PROG
74	#define PROG spkac_main
75
76	/* -in arg - input file - default stdin
77	* -out arg - output file - default stdout
78	*/
79
80	int MAIN(int, char **);
81
82	int MAIN(int argc, char **argv)
83	{
84	int i,badops=0, ret = 1;
85	BIO in = NULL,out = NULL, *key = NULL;
86	int verify=0,noout=0,pubkey=0;
87	char infile = NULL,outfile = NULL,*prog;
88	char passargin = NULL, passin = NULL;
89	char spkac = "SPKAC", spksect = "default", *spkstr = NULL;
90	char challenge = NULL, keyfile = NULL;
91	LHASH *conf = NULL;
92	NETSCAPE_SPKI *spki = NULL;
93	EVP_PKEY *pkey = NULL;
94
95	apps_startup();
96
97	if (!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
98
99	prog=argv[0];
100	argc--;
101	argv++;
102	while (argc >= 1)
103	{
104	if (strcmp(*argv,"-in") == 0)
105	{
106	if (--argc < 1) goto bad;
107	infile= *(++argv);
108	}
109	else if (strcmp(*argv,"-out") == 0)
110	{
111	if (--argc < 1) goto bad;
112	outfile= *(++argv);
113	}
114	else if (strcmp(*argv,"-passin") == 0)
115	{
116	if (--argc < 1) goto bad;
117	passargin= *(++argv);
118	}
119	else if (strcmp(*argv,"-key") == 0)
120	{
121	if (--argc < 1) goto bad;
122	keyfile= *(++argv);
123	}
124	else if (strcmp(*argv,"-challenge") == 0)
125	{
126	if (--argc < 1) goto bad;
127	challenge= *(++argv);
128	}
129	else if (strcmp(*argv,"-spkac") == 0)
130	{
131	if (--argc < 1) goto bad;
132	spkac= *(++argv);
133	}
134	else if (strcmp(*argv,"-spksect") == 0)
135	{
136	if (--argc < 1) goto bad;
137	spksect= *(++argv);
138	}
139	else if (strcmp(*argv,"-noout") == 0)
140	noout=1;
141	else if (strcmp(*argv,"-pubkey") == 0)
142	pubkey=1;
143	else if (strcmp(*argv,"-verify") == 0)
144	verify=1;
145	else badops = 1;
146	argc--;
147	argv++;
148	}
149
150	if (badops)
151	{
152	bad:
153	BIO_printf(bio_err,"%s [options]\n",prog);
154	BIO_printf(bio_err,"where options are\n");
155	BIO_printf(bio_err," -in arg input file\n");
156	BIO_printf(bio_err," -out arg output file\n");
157	BIO_printf(bio_err," -key arg create SPKAC using private key\n");
158	BIO_printf(bio_err," -passin arg input file pass phrase source\n");
159	BIO_printf(bio_err," -challenge arg challenge string\n");
160	BIO_printf(bio_err," -spkac arg alternative SPKAC name\n");
161	BIO_printf(bio_err," -noout don't print SPKAC\n");
162	BIO_printf(bio_err," -pubkey output public key\n");
163	BIO_printf(bio_err," -verify verify SPKAC signature\n");
164	goto end;
165	}
166
167	ERR_load_crypto_strings();
168	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
169	BIO_printf(bio_err, "Error getting password\n");
170	goto end;
171	}
172
173	if(keyfile) {
174	if(strcmp(keyfile, "-")) key = BIO_new_file(keyfile, "r");
175	else key = BIO_new_fp(stdin, BIO_NOCLOSE);
176	if(!key) {
177	BIO_printf(bio_err, "Error opening key file\n");
178	ERR_print_errors(bio_err);
179	goto end;
180	}
181	pkey = PEM_read_bio_PrivateKey(key, NULL, NULL, passin);
182	if(!pkey) {
183	BIO_printf(bio_err, "Error reading private key\n");
184	ERR_print_errors(bio_err);
185	goto end;
186	}
187	spki = NETSCAPE_SPKI_new();
188	if(challenge) ASN1_STRING_set(spki->spkac->challenge,
189	challenge, strlen(challenge));
190	NETSCAPE_SPKI_set_pubkey(spki, pkey);
191	NETSCAPE_SPKI_sign(spki, pkey, EVP_md5());
192	spkstr = NETSCAPE_SPKI_b64_encode(spki);
193
194	if (outfile) out = BIO_new_file(outfile, "w");
195	else {
196	out = BIO_new_fp(stdout, BIO_NOCLOSE);
197	#ifdef VMS
198	{
199	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
200	out = BIO_push(tmpbio, out);
201	}
202	#endif
203	}
204
205	if(!out) {
206	BIO_printf(bio_err, "Error opening output file\n");
207	ERR_print_errors(bio_err);
208	goto end;
209	}
210	BIO_printf(out, "SPKAC=%s\n", spkstr);
211	OPENSSL_free(spkstr);
212	ret = 0;
213	goto end;
214	}
215
216
217
218	if (infile) in = BIO_new_file(infile, "r");
219	else in = BIO_new_fp(stdin, BIO_NOCLOSE);
220
221	if(!in) {
222	BIO_printf(bio_err, "Error opening input file\n");
223	ERR_print_errors(bio_err);
224	goto end;
225	}
226
227	conf = CONF_load_bio(NULL, in, NULL);
228
229	if(!conf) {
230	BIO_printf(bio_err, "Error parsing config file\n");
231	ERR_print_errors(bio_err);
232	goto end;
233	}
234
235	spkstr = CONF_get_string(conf, spksect, spkac);
236
237	if(!spkstr) {
238	BIO_printf(bio_err, "Can't find SPKAC called \"%s\"\n", spkac);
239	ERR_print_errors(bio_err);
240	goto end;
241	}
242
243	spki = NETSCAPE_SPKI_b64_decode(spkstr, -1);
244
245	if(!spki) {
246	BIO_printf(bio_err, "Error loading SPKAC\n");
247	ERR_print_errors(bio_err);
248	goto end;
249	}
250
251	if (outfile) out = BIO_new_file(outfile, "w");
252	else {
253	out = BIO_new_fp(stdout, BIO_NOCLOSE);
254	#ifdef VMS
255	{
256	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
257	out = BIO_push(tmpbio, out);
258	}
259	#endif
260	}
261
262	if(!out) {
263	BIO_printf(bio_err, "Error opening output file\n");
264	ERR_print_errors(bio_err);
265	goto end;
266	}
267
268	if(!noout) NETSCAPE_SPKI_print(out, spki);
269	pkey = NETSCAPE_SPKI_get_pubkey(spki);
270	if(verify) {
271	i = NETSCAPE_SPKI_verify(spki, pkey);
272	if(i) BIO_printf(bio_err, "Signature OK\n");
273	else {
274	BIO_printf(bio_err, "Signature Failure\n");
275	ERR_print_errors(bio_err);
276	goto end;
277	}
278	}
279	if(pubkey) PEM_write_bio_PUBKEY(out, pkey);
280
281	ret = 0;
282
283	end:
284	CONF_free(conf);
285	NETSCAPE_SPKI_free(spki);
286	BIO_free(in);
287	BIO_free_all(out);
288	BIO_free(key);
289	EVP_PKEY_free(pkey);
290	if(passin) OPENSSL_free(passin);
291	EXIT(ret);
292	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: