apps.h File Reference

#include "e_os.h"
#include <openssl/bio.h>
#include <openssl/x509.h>
#include <openssl/lhash.h>
#include <openssl/conf.h>
#include <openssl/txt_db.h>
#include <openssl/engine.h>
#include <openssl/ossl_typ.h>
#include <signal.h>

Go to the source code of this file.

Classes
struct	args_st
struct	pw_cb_data
struct	db_attr_st
struct	ca_db_st
Defines
#define	MAIN(a, v)   main(a,v)
#define	do_pipe_sig()
#define	apps_startup()
#define	apps_shutdown()
#define	PW_MIN_LENGTH   4
#define	DB_type   0
#define	DB_exp_date   1
#define	DB_rev_date   2
#define	DB_serial   3
#define	DB_file   4
#define	DB_name   5
#define	DB_NUMBER   6
#define	DB_TYPE_REV   'R'
#define	DB_TYPE_EXP   'E'
#define	DB_TYPE_VAL   'V'
#define	FORMAT_UNDEF   0
#define	FORMAT_ASN1   1
#define	FORMAT_TEXT   2
#define	FORMAT_PEM   3
#define	FORMAT_NETSCAPE   4
#define	FORMAT_PKCS12   5
#define	FORMAT_SMIME   6
#define	FORMAT_ENGINE   7
#define	FORMAT_IISSGC   8
#define	EXT_COPY_NONE   0
#define	EXT_COPY_ADD   1
#define	EXT_COPY_ALL   2
#define	NETSCAPE_CERT_HDR   "certificate"
#define	APP_PASS_LEN   1024
#define	SERIAL_RAND_BITS   64
Typedefs
typedef args_st	ARGS
typedef pw_cb_data	PW_CB_DATA
typedef db_attr_st	DB_ATTR
typedef ca_db_st	CA_DB
Functions
int	app_RAND_load_file (const char *file, BIO *bio_e, int dont_warn)
int	app_RAND_write_file (const char *file, BIO *bio_e)
void	app_RAND_allow_write_file (void)
long	app_RAND_load_files (char *file)
int	password_callback (char *buf, int bufsiz, int verify, PW_CB_DATA *cb_data)
int	setup_ui_method (void)
void	destroy_ui_method (void)
int	should_retry (int i)
int	args_from_file (char *file, int *argc, char **argv[])
int	str2fmt (char *s)
void	program_name (char *in, char *out, int size)
int	chopup_args (ARGS *arg, char *buf, int *argc, char **argv[])
int	set_cert_ex (unsigned long *flags, const char *arg)
int	set_name_ex (unsigned long *flags, const char *arg)
int	set_ext_copy (int *copy_type, const char *arg)
int	copy_extensions (X509 *x, X509_REQ *req, int copy_type)
int	app_passwd (BIO *err, char *arg1, char *arg2, char **pass1, char **pass2)
int	add_oid_section (BIO *err, CONF *conf)
X509 *	load_cert (BIO *err, const char *file, int format, const char *pass, ENGINE *e, const char *cert_descrip)
EVP_PKEY *	load_key (BIO *err, const char *file, int format, int maybe_stdin, const char *pass, ENGINE *e, const char *key_descrip)
EVP_PKEY *	load_pubkey (BIO *err, const char *file, int format, int maybe_stdin, const char *pass, ENGINE *e, const char *key_descrip)
	STACK_OF (X509)*load_certs(BIO *err
X509_STORE *	setup_verify (BIO *bp, char *CAfile, char *CApath)
ENGINE *	setup_engine (BIO *err, const char *engine, int debug)
int	load_config (BIO *err, CONF *cnf)
char *	make_config_name (void)
int	unpack_revinfo (ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold, ASN1_GENERALIZEDTIME **pinvtm, const char *str)
BIGNUM *	load_serial (char *serialfile, int create, ASN1_INTEGER **retai)
int	save_serial (char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai)
int	rotate_serial (char *serialfile, char *new_suffix, char *old_suffix)
int	rand_serial (BIGNUM *b, ASN1_INTEGER *ai)
CA_DB *	load_index (char *dbfile, DB_ATTR *dbattr)
int	index_index (CA_DB *db)
int	save_index (const char *dbfile, const char *suffix, CA_DB *db)
int	rotate_index (const char *dbfile, const char *new_suffix, const char *old_suffix)
void	free_index (CA_DB *db)
int	index_name_cmp (const char **a, const char **b)
int	parse_yesno (const char *str, int def)
X509_NAME *	parse_name (char *str, long chtype, int multirdn)
int	args_verify (char ***pargs, int *pargc, int *badarg, BIO *err, X509_VERIFY_PARAM **pm)
void	policies_print (BIO *out, X509_STORE_CTX *ctx)
Variables
CONF *	config = NULL
BIO *	bio_err = NULL
const char *	file
const char int	format
const char int const char *	pass
const char int const char ENGINE *	e
const char int const char ENGINE const char *	cert_descrip

---

Define Documentation

#define APP_PASS_LEN   1024

Definition at line 341 of file apps.h. Referenced by app_get_pass().

#define apps_shutdown (   )

Value: do { CONF_modules_unload(1); destroy_ui_method(); \ EVP_cleanup(); ENGINE_cleanup(); \ CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \ ERR_free_strings(); } while(0) Definition at line 198 of file apps.h. Referenced by main(), and MAIN().

#define apps_startup (   )

Value: do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \ ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \ setup_ui_method(); } while(0) Definition at line 193 of file apps.h. Referenced by main(), and MAIN().

#define DB_exp_date   1

Definition at line 286 of file apps.h.

#define DB_file   4

Definition at line 289 of file apps.h. Referenced by do_body(), and do_revoke().

#define DB_name   5

Definition at line 290 of file apps.h. Referenced by do_body(), do_revoke(), index_index(), index_name_cmp(), and index_name_hash().

#define DB_NUMBER   6

Definition at line 291 of file apps.h. Referenced by do_body(), do_revoke(), get_certificate_status(), load_index(), and lookup_serial().

#define DB_rev_date   2

Definition at line 287 of file apps.h. Referenced by make_ocsp_response().

#define DB_serial   3

Definition at line 288 of file apps.h. Referenced by do_body(), do_revoke(), do_updatedb(), get_certificate_status(), index_index(), index_serial_cmp(), index_serial_hash(), and lookup_serial().

#define DB_type   0

Definition at line 285 of file apps.h. Referenced by do_body(), do_revoke(), do_updatedb(), get_certificate_status(), and make_ocsp_response().

#define DB_TYPE_EXP   'E'

Definition at line 294 of file apps.h.

#define DB_TYPE_REV   'R'

Definition at line 293 of file apps.h. Referenced by make_ocsp_response().

#define DB_TYPE_VAL   'V'

Definition at line 295 of file apps.h. Referenced by make_ocsp_response().

#define do_pipe_sig (   )

Definition at line 170 of file apps.h.

#define EXT_COPY_ADD   1

Definition at line 336 of file apps.h. Referenced by copy_extensions(), and set_ext_copy().

#define EXT_COPY_ALL   2

Definition at line 337 of file apps.h. Referenced by set_ext_copy().

#define EXT_COPY_NONE   0

Definition at line 335 of file apps.h. Referenced by copy_extensions(), and set_ext_copy().

#define FORMAT_ASN1   1

Definition at line 325 of file apps.h. Referenced by load_cert(), load_crl(), load_key(), load_pubkey(), load_sess_id(), and str2fmt().

#define FORMAT_ENGINE   7

Definition at line 331 of file apps.h. Referenced by load_key(), load_pubkey(), and str2fmt().

#define FORMAT_IISSGC   8

Definition at line 332 of file apps.h. Referenced by load_key(), load_netscape_key(), and load_pubkey().

#define FORMAT_NETSCAPE   4

Definition at line 328 of file apps.h. Referenced by load_cert(), load_key(), load_pubkey(), and str2fmt().

#define FORMAT_PEM   3

Definition at line 327 of file apps.h. Referenced by certify_cert(), check(), load_cert(), load_crl(), load_key(), load_pubkey(), load_sess_id(), MAIN(), STACK_OF(), and str2fmt().

#define FORMAT_PKCS12   5

Definition at line 329 of file apps.h. Referenced by load_cert(), load_key(), and str2fmt().

#define FORMAT_SMIME   6

Definition at line 330 of file apps.h. Referenced by str2fmt().

#define FORMAT_TEXT   2

Definition at line 326 of file apps.h. Referenced by str2fmt().

#define FORMAT_UNDEF   0

Definition at line 324 of file apps.h. Referenced by str2fmt().

#define MAIN (  a, v   )     main(a,v)

Definition at line 144 of file apps.h.

#define NETSCAPE_CERT_HDR   "certificate"

Definition at line 339 of file apps.h. Referenced by load_cert().

#define PW_MIN_LENGTH   4

Definition at line 237 of file apps.h. Referenced by password_callback().

#define SERIAL_RAND_BITS   64

Definition at line 343 of file apps.h. Referenced by rand_serial().

---

Typedef Documentation

typedef struct args_st ARGS

typedef struct ca_db_st CA_DB

typedef struct db_attr_st DB_ATTR

typedef struct pw_cb_data PW_CB_DATA

---

Function Documentation

int add_oid_section (  BIO *  err, CONF *  conf )

Definition at line 674 of file apps.c. References BIO_printf(), ERR_clear_error(), CONF_VALUE::name, NCONF_get_string(), NID_undef, OBJ_create(), sk_CONF_VALUE_num, sk_CONF_VALUE_value, STACK_OF, and CONF_VALUE::value. { char *p; STACK_OF(CONF_VALUE) *sktmp; CONF_VALUE *cnf; int i; if(!(p=NCONF_get_string(conf,NULL,"oid_section"))) { ERR_clear_error(); return 1; } if(!(sktmp = NCONF_get_section(conf, p))) { BIO_printf(err, "problem loading oid section %s\n", p); return 0; } for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { cnf = sk_CONF_VALUE_value(sktmp, i); if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) { BIO_printf(err, "problem creating object %s=%s\n", cnf->name, cnf->value); return 0; } } return 1; }

int app_passwd (  BIO *  err, char *  arg1, char *  arg2, char **  pass1, char **  pass2 )

Definition at line 601 of file apps.c. References app_get_pass(). Referenced by MAIN(). { int same; if(!arg2 || !arg1 || strcmp(arg1, arg2)) same = 0; else same = 1; if(arg1) { *pass1 = app_get_pass(err, arg1, same); if(!*pass1) return 0; } else if(pass1) *pass1 = NULL; if(arg2) { *pass2 = app_get_pass(err, arg2, same ? 2 : 0); if(!*pass2) return 0; } else if(pass2) *pass2 = NULL; return 1; }

void app_RAND_allow_write_file (  void   )

Definition at line 215 of file app_rand.c. References seeded. Referenced by app_RAND_load_files(). { seeded = 1; }

int app_RAND_load_file (  const char *  file, BIO *  bio_e, int  dont_warn )

Definition at line 122 of file app_rand.c. References BIO_flush, BIO_printf(), egdsocket, RAND_egd(), RAND_file_name(), RAND_load_file(), RAND_status(), and seeded. Referenced by MAIN(). { int consider_randfile = (file == NULL); char buffer[200]; #ifdef OPENSSL_SYS_WINDOWS BIO_printf(bio_e,"Loading 'screen' into random state -"); BIO_flush(bio_e); RAND_screen(); BIO_printf(bio_e," done\n"); #endif if (file == NULL) file = RAND_file_name(buffer, sizeof buffer); else if (RAND_egd(file) > 0) { /* we try if the given filename is an EGD socket. if it is, we don't write anything back to the file. */ egdsocket = 1; return 1; } if (file == NULL || !RAND_load_file(file, -1)) { if (RAND_status() == 0) { if (!dont_warn) { BIO_printf(bio_e,"unable to load 'random state'\n"); BIO_printf(bio_e,"This means that the random number generator has not been seeded\n"); BIO_printf(bio_e,"with much random data.\n"); if (consider_randfile) /* explanation does not apply when a file is explicitly named */ { BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n"); BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n"); } } return 0; } } seeded = 1; return 1; }

long app_RAND_load_files (  char *  file  )

Definition at line 165 of file app_rand.c. References app_RAND_allow_write_file(), LIST_SEPARATOR_CHAR, p, RAND_egd(), and RAND_load_file(). Referenced by MAIN(). { char *p,*n; int last; long tot=0; int egd; for (;;) { last=0; for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++); if (*p == '\0') last=1; *p='\0'; n=name; name=p+1; if (*n == '\0') break; egd=RAND_egd(n); if (egd > 0) tot+=egd; else tot+=RAND_load_file(n,-1); if (last) break; } if (tot > 512) app_RAND_allow_write_file(); return(tot); }

int app_RAND_write_file (  const char *  file, BIO *  bio_e )

Definition at line 194 of file app_rand.c. References BIO_printf(), egdsocket, RAND_file_name(), RAND_write_file(), and seeded. { char buffer[200]; if (egdsocket || !seeded) /* If we did not manage to read the seed file, * we should not write a low-entropy seed file back -- * it would suppress a crucial warning the next time * we want to use it. */ return 0; if (file == NULL) file = RAND_file_name(buffer, sizeof buffer); if (file == NULL || !RAND_write_file(file)) { BIO_printf(bio_e,"unable to write 'random state'\n"); return 0; } return 1; }

int args_from_file (  char *  file, int *  argc, char **  argv[] )

int args_verify (  char ***  pargs, int *  pargc, int *  badarg, BIO *  err, X509_VERIFY_PARAM **  pm )

Definition at line 2198 of file apps.c. References BIO_printf(), flags, OBJ_txt2obj(), X509_PURPOSE_get0(), X509_PURPOSE_get_by_sname(), X509_PURPOSE_get_id(), X509_V_FLAG_CB_ISSUER_CHECK, X509_V_FLAG_CRL_CHECK, X509_V_FLAG_CRL_CHECK_ALL, X509_V_FLAG_EXPLICIT_POLICY, X509_V_FLAG_IGNORE_CRITICAL, X509_V_FLAG_NOTIFY_POLICY, X509_V_FLAG_POLICY_CHECK, X509_V_FLAG_X509_STRICT, X509_VERIFY_PARAM_add0_policy(), X509_VERIFY_PARAM_free(), X509_VERIFY_PARAM_new(), X509_VERIFY_PARAM_set_flags(), and X509_VERIFY_PARAM_set_purpose(). { ASN1_OBJECT *otmp = NULL; unsigned long flags = 0; int i; int purpose = 0; char **oldargs = *pargs; char *arg = **pargs, *argn = (*pargs)[1]; if (!strcmp(arg, "-policy")) { if (!argn) *badarg = 1; else { otmp = OBJ_txt2obj(argn, 0); if (!otmp) { BIO_printf(err, "Invalid Policy \"%s\"\n", argn); *badarg = 1; } } (*pargs)++; } else if (strcmp(arg,"-purpose") == 0) { X509_PURPOSE *xptmp; if (!argn) *badarg = 1; else { i = X509_PURPOSE_get_by_sname(argn); if(i < 0) { BIO_printf(err, "unrecognized purpose\n"); *badarg = 1; } else { xptmp = X509_PURPOSE_get0(i); purpose = X509_PURPOSE_get_id(xptmp); } } (*pargs)++; } else if (!strcmp(arg, "-ignore_critical")) flags |= X509_V_FLAG_IGNORE_CRITICAL; else if (!strcmp(arg, "-issuer_checks")) flags |= X509_V_FLAG_CB_ISSUER_CHECK; else if (!strcmp(arg, "-crl_check")) flags |= X509_V_FLAG_CRL_CHECK; else if (!strcmp(arg, "-crl_check_all")) flags |= X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL; else if (!strcmp(arg, "-policy_check")) flags |= X509_V_FLAG_POLICY_CHECK; else if (!strcmp(arg, "-explicit_policy")) flags |= X509_V_FLAG_EXPLICIT_POLICY; else if (!strcmp(arg, "-x509_strict")) flags |= X509_V_FLAG_X509_STRICT; else if (!strcmp(arg, "-policy_print")) flags |= X509_V_FLAG_NOTIFY_POLICY; else return 0; if (*badarg) { if (*pm) X509_VERIFY_PARAM_free(*pm); *pm = NULL; goto end; } if (!*pm && !(*pm = X509_VERIFY_PARAM_new())) { *badarg = 1; goto end; } if (otmp) X509_VERIFY_PARAM_add0_policy(*pm, otmp); if (flags) X509_VERIFY_PARAM_set_flags(*pm, flags); if (purpose) X509_VERIFY_PARAM_set_purpose(*pm, purpose); end: (*pargs)++; if (pargc) *pargc -= *pargs - oldargs; return 1; }

int chopup_args (  ARGS *  arg, char *  buf, int *  argc, char **  argv[] )

Definition at line 348 of file apps.c. References args_st::count, args_st::data, OPENSSL_malloc, and OPENSSL_realloc. Referenced by main(). { int num,len,i; char *p; *argc=0; *argv=NULL; len=strlen(buf); i=0; if (arg->count == 0) { arg->count=20; arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count); } for (i=0; i<arg->count; i++) arg->data[i]=NULL; num=0; p=buf; for (;;) { /* first scan over white space */ if (!*p) break; while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n'))) p++; if (!*p) break; /* The start of something good :-) */ if (num >= arg->count) { char **tmp_p; int tlen = arg->count + 20; tmp_p = (char **)OPENSSL_realloc(arg->data, sizeof(char *)*tlen); if (tmp_p == NULL) return 0; arg->data = tmp_p; arg->count = tlen; /* initialize newly allocated data */ for (i = num; i < arg->count; i++) arg->data[i] = NULL; } arg->data[num++]=p; /* now look for the end of this */ if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */ { i= *(p++); arg->data[num-1]++; /* jump over quote */ while (*p && (*p != i)) p++; *p='\0'; } else { while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n'))) p++; if (*p == '\0') p--; else *p='\0'; } p++; } *argc=num; *argv=arg->data; return(1); }

int copy_extensions (  X509 *  x, X509_REQ *  req, int  copy_type )

Definition at line 1197 of file apps.c. References EXT_COPY_ADD, EXT_COPY_NONE, obj, ret, sk_X509_EXTENSION_num, sk_X509_EXTENSION_pop_free, sk_X509_EXTENSION_value, STACK_OF, X509_add_ext(), X509_delete_ext(), X509_EXTENSION_get_object(), X509_get_ext(), and X509_get_ext_by_OBJ(). Referenced by do_body(). { STACK_OF(X509_EXTENSION) *exts = NULL; X509_EXTENSION *ext, *tmpext; ASN1_OBJECT *obj; int i, idx, ret = 0; if (!x || !req || (copy_type == EXT_COPY_NONE)) return 1; exts = X509_REQ_get_extensions(req); for(i = 0; i < sk_X509_EXTENSION_num(exts); i++) { ext = sk_X509_EXTENSION_value(exts, i); obj = X509_EXTENSION_get_object(ext); idx = X509_get_ext_by_OBJ(x, obj, -1); /* Does extension exist? */ if (idx != -1) { /* If normal copy don't override existing extension */ if (copy_type == EXT_COPY_ADD) continue; /* Delete all extensions of same type */ do { tmpext = X509_get_ext(x, idx); X509_delete_ext(x, idx); X509_EXTENSION_free(tmpext); idx = X509_get_ext_by_OBJ(x, obj, -1); } while (idx != -1); } if (!X509_add_ext(x, ext, -1)) goto end; } ret = 1; end: sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free); return ret; }

void destroy_ui_method (  void   )

Definition at line 508 of file apps.c. References UI_destroy_method(). { if(ui_method) { UI_destroy_method(ui_method); ui_method = NULL; } }

void free_index (  CA_DB *  db  )

Definition at line 1985 of file apps.c. References ca_db_st::db, OPENSSL_free, and TXT_DB_free(). { if (db) { if (db->db) TXT_DB_free(db->db); OPENSSL_free(db); } }

int index_index (  CA_DB *  db  )

Definition at line 1763 of file apps.c. References txt_db_st::arg1, txt_db_st::arg2, ca_db_st::attributes, bio_err, BIO_printf(), ca_db_st::db, DB_name, DB_serial, txt_db_st::error, index_name_cmp(), index_name_hash(), index_name_qual(), index_serial_cmp(), index_serial_hash(), LHASH_COMP_FN, LHASH_HASH_FN, TXT_DB_create_index(), and db_attr_st::unique_subject. { if (!TXT_DB_create_index(db->db, DB_serial, NULL, LHASH_HASH_FN(index_serial_hash), LHASH_COMP_FN(index_serial_cmp))) { BIO_printf(bio_err, "error creating serial number index:(%ld,%ld,%ld)\n", db->db->error,db->db->arg1,db->db->arg2); return 0; } if (db->attributes.unique_subject && !TXT_DB_create_index(db->db, DB_name, index_name_qual, LHASH_HASH_FN(index_name_hash), LHASH_COMP_FN(index_name_cmp))) { BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n", db->db->error,db->db->arg1,db->db->arg2); return 0; } return 1; }

int index_name_cmp (  const char **  a, const char **  b )

Definition at line 1452 of file apps.c. References DB_name. Referenced by do_revoke(), and index_index(). { return(strcmp(a[DB_name], b[DB_name])); }

X509* load_cert (  BIO *  err, const char *  file, int  format, const char *  pass, ENGINE *  e, const char *  cert_descrip )

Definition at line 745 of file apps.c. References ASN1_HEADER_free(), BIO_free(), BIO_new(), BIO_NOCLOSE, BIO_printf(), BIO_read(), BIO_read_filename, BIO_s_file(), BIO_set_fp, BUF_MEM_free(), BUF_MEM_grow(), BUF_MEM_new(), d2i_ASN1_HEADER(), d2i_X509_bio(), asn1_header_st::data, asn1_string_st::data, buf_mem_st::data, ERR_print_errors(), FORMAT_ASN1, FORMAT_NETSCAPE, FORMAT_PEM, FORMAT_PKCS12, asn1_header_st::header, asn1_string_st::length, load_pkcs12(), asn1_header_st::meth, NETSCAPE_CERT_HDR, password_callback(), x, and X509_asn1_meth(). Referenced by certify_cert(), check(), and MAIN(). { ASN1_HEADER *ah=NULL; BUF_MEM *buf=NULL; X509 *x=NULL; BIO *cert; if ((cert=BIO_new(BIO_s_file())) == NULL) { ERR_print_errors(err); goto end; } if (file == NULL) { setvbuf(stdin, NULL, _IONBF, 0); BIO_set_fp(cert,stdin,BIO_NOCLOSE); } else { if (BIO_read_filename(cert,file) <= 0) { BIO_printf(err, "Error opening %s %s\n", cert_descrip, file); ERR_print_errors(err); goto end; } } if (format == FORMAT_ASN1) x=d2i_X509_bio(cert,NULL); else if (format ==