Browse Source

APPS: Implement load_keyparams() to load key parameters

'openssl dsaparam' is affected as an obvious usage example.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/13191)
master
Richard Levitte 2 years ago
committed by Pauli
parent
commit
b78c777ee3
5 changed files with 41 additions and 17 deletions
  1. +1
    -1
      apps/cmp.c
  2. +6
    -8
      apps/dsaparam.c
  3. +2
    -0
      apps/include/apps.h
  4. +31
    -7
      apps/lib/apps.c
  5. +1
    -1
      doc/man1/openssl-dsaparam.pod.in

+ 1
- 1
apps/cmp.c View File

@ -724,7 +724,7 @@ static int load_cert_certs(const char *uri,
return ret;
}
pass_string = get_passwd(pass, desc);
ret = load_key_certs_crls(uri, 0, pass_string, desc, NULL, NULL,
ret = load_key_certs_crls(uri, 0, pass_string, desc, NULL, NULL, NULL,
pcert, pcerts, NULL, NULL);
clear_free(pass_string);


+ 6
- 8
apps/dsaparam.c View File

@ -66,7 +66,7 @@ const OPTIONS dsaparam_options[] = {
int dsaparam_main(int argc, char **argv)
{
ENGINE *e = NULL;
BIO *in = NULL, *out = NULL;
BIO *out = NULL;
EVP_PKEY *params = NULL, *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
int numbits = -1, num = 0, genkey = 0;
@ -140,9 +140,6 @@ int dsaparam_main(int argc, char **argv)
}
private = genkey ? 1 : 0;
in = bio_open_default(infile, 'r', informat);
if (in == NULL)
goto end;
out = bio_open_owner(outfile, outformat, private);
if (out == NULL)
goto end;
@ -181,10 +178,12 @@ int dsaparam_main(int argc, char **argv)
BIO_printf(bio_err, "Error, DSA key generation failed\n");
goto end;
}
} else if (informat == FORMAT_ASN1) {
params = d2i_KeyParams_bio(EVP_PKEY_DSA, NULL, in);
} else {
params = PEM_read_bio_Parameters(in, NULL);
params = load_keyparams(infile, 1, "DSA parameters");
if (!EVP_PKEY_is_a(params, "DSA")) {
EVP_PKEY_free(params);
params = NULL;
}
}
if (params == NULL) {
BIO_printf(bio_err, "Error, unable to load DSA parameters\n");
@ -276,7 +275,6 @@ int dsaparam_main(int argc, char **argv)
end:
if (ret != 0)
ERR_print_errors(bio_err);
BIO_free(in);
BIO_free_all(out);
EVP_PKEY_CTX_free(ctx);
EVP_PKEY_free(pkey);


+ 2
- 0
apps/include/apps.h View File

@ -116,6 +116,7 @@ EVP_PKEY *load_key(const char *uri, int format, int maybe_stdin,
const char *pass, ENGINE *e, const char *desc);
EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin,
const char *pass, ENGINE *e, const char *desc);
EVP_PKEY *load_keyparams(const char *uri, int maybe_stdin, const char *desc);
int load_certs(const char *uri, STACK_OF(X509) **certs,
const char *pass, const char *desc);
int load_crls(const char *uri, STACK_OF(X509_CRL) **crls,
@ -123,6 +124,7 @@ int load_crls(const char *uri, STACK_OF(X509_CRL) **crls,
int load_key_certs_crls(const char *uri, int maybe_stdin,
const char *pass, const char *desc,
EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
EVP_PKEY **pparams,
X509 **pcert, STACK_OF(X509) **pcerts,
X509_CRL **pcrl, STACK_OF(X509_CRL) **pcrls);
int load_key_cert_crl(const char *uri, int maybe_stdin,


+ 31
- 7
apps/lib/apps.c View File

@ -476,7 +476,7 @@ X509 *load_cert_pass(const char *uri, int maybe_stdin,
if (desc == NULL)
desc = "certificate";
(void)load_key_certs_crls(uri, maybe_stdin, pass, desc,
NULL, NULL, &cert, NULL, NULL, NULL);
NULL, NULL, NULL, &cert, NULL, NULL, NULL);
if (cert == NULL) {
BIO_printf(bio_err, "Unable to load %s\n", desc);
ERR_print_errors(bio_err);
@ -492,7 +492,7 @@ X509_CRL *load_crl(const char *uri, int format, const char *desc)
if (desc == NULL)
desc = "CRL";
(void)load_key_certs_crls(uri, 0, NULL, desc,
NULL, NULL, NULL, NULL, &crl, NULL);
NULL, NULL, NULL, NULL, NULL, &crl, NULL);
if (crl == NULL) {
BIO_printf(bio_err, "Unable to load %s\n", desc);
ERR_print_errors(bio_err);
@ -559,7 +559,7 @@ EVP_PKEY *load_key(const char *uri, int format, int may_stdin,
}
} else {
(void)load_key_certs_crls(uri, may_stdin, pass, desc,
&pkey, NULL, NULL, NULL, NULL, NULL);
&pkey, NULL, NULL, NULL, NULL, NULL, NULL);
}
if (pkey == NULL) {
@ -589,7 +589,7 @@ EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin,
}
} else {
(void)load_key_certs_crls(uri, maybe_stdin, pass, desc,
NULL, &pkey, NULL, NULL, NULL, NULL);
NULL, &pkey, NULL, NULL, NULL, NULL, NULL);
}
if (pkey == NULL) {
BIO_printf(bio_err, "Unable to load %s\n", desc);
@ -598,6 +598,22 @@ EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin,
return pkey;
}
EVP_PKEY *load_keyparams(const char *uri, int maybe_stdin, const char *desc)
{
EVP_PKEY *params = NULL;
if (desc == NULL)
desc = "key parameters";
(void)load_key_certs_crls(uri, maybe_stdin, NULL, desc,
NULL, NULL, &params, NULL, NULL, NULL, NULL);
if (params == NULL) {
BIO_printf(bio_err, "Unable to load %s\n", desc);
ERR_print_errors(bio_err);
}
return params;
}
void app_bail_out(char *fmt, ...)
{
va_list args;
@ -627,7 +643,7 @@ int load_certs(const char *uri, STACK_OF(X509) **certs,
const char *pass, const char *desc)
{
int was_NULL = *certs == NULL;
int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL,
int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL, NULL,
NULL, certs, NULL, NULL);
if (!ret && was_NULL) {
@ -645,7 +661,7 @@ int load_crls(const char *uri, STACK_OF(X509_CRL) **crls,
const char *pass, const char *desc)
{
int was_NULL = *crls == NULL;
int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL,
int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL, NULL,
NULL, NULL, NULL, crls);
if (!ret && was_NULL) {
@ -671,6 +687,7 @@ int load_crls(const char *uri, STACK_OF(X509_CRL) **crls,
int load_key_certs_crls(const char *uri, int maybe_stdin,
const char *pass, const char *desc,
EVP_PKEY **ppkey, EVP_PKEY **ppubkey,
EVP_PKEY **pparams,
X509 **pcert, STACK_OF(X509) **pcerts,
X509_CRL **pcrl, STACK_OF(X509_CRL) **pcrls)
{
@ -761,6 +778,10 @@ int load_key_certs_crls(const char *uri, int maybe_stdin,
if (ppubkey != NULL && *ppubkey == NULL)
ok = ((*ppubkey = OSSL_STORE_INFO_get1_PUBKEY(info)) != NULL);
break;
case OSSL_STORE_INFO_PARAMS:
if (pparams != NULL && *pparams == NULL)
ok = ((*pparams = OSSL_STORE_INFO_get1_PARAMS(info)) != NULL);
break;
case OSSL_STORE_INFO_CERT:
if (pcert != NULL && *pcert == NULL)
ok = (*pcert = OSSL_STORE_INFO_get1_CERT(info)) != NULL;
@ -794,8 +815,11 @@ int load_key_certs_crls(const char *uri, int maybe_stdin,
if (failed == NULL) {
int any = 0;
if (ppkey != NULL && *ppkey == NULL) {
if ((ppkey != NULL && *ppkey == NULL)
|| (ppubkey != NULL && *ppubkey == NULL)) {
failed = "key";
} else if (pparams != NULL && *pparams == NULL) {
failed = "params";
} else if ((pcert != NULL || pcerts != NULL) && ncerts == 0) {
if (pcert == NULL)
any = 1;


+ 1
- 1
doc/man1/openssl-dsaparam.pod.in View File

@ -40,7 +40,7 @@ Print out a usage message.
=item B<-inform> B<DER>|B<PEM>, B<-outform> B<DER>|B<PEM>
The input and formats; the default is B<PEM>.
This option has become obsolete.
See L<openssl(1)/Format Options> for details.
Parameters are a sequence of B<ASN.1 INTEGER>s: B<p>, B<q>, and B<g>.


Loading…
Cancel
Save