Run util/openssl-format-source -v -c . (0f113f3e) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

apps/app_rand.c

+95 −93

Original line number	Diff line number	Diff line
		@@ -115,7 +115,6 @@
		#include <openssl/bio.h>
		#include <openssl/rand.h>


		static int seeded = 0;
		static int egdsocket = 0;

		@@ -133,26 +132,27 @@ int app_RAND_load_file(const char file, BIO bio_e, int dont_warn)

		if (file == NULL)
		file = RAND_file_name(buffer, sizeof buffer);
		else if (RAND_egd(file) > 0)
		{
		/* we try if the given filename is an EGD socket.
		if it is, we don't write anything back to the file. */
		else if (RAND_egd(file) > 0) {
		/*
		* we try if the given filename is an EGD socket. if it is, we don't
		* write anything back to the file.
		*/
		egdsocket = 1;
		return 1;
		}
		if (file == NULL \|\| !RAND_load_file(file, -1))
		{
		if (RAND_status() == 0)
		{
		if (!dont_warn)
		{
		if (file == NULL \|\| !RAND_load_file(file, -1)) {
		if (RAND_status() == 0) {
		if (!dont_warn) {
		BIO_printf(bio_e, "unable to load 'random state'\n");
		BIO_printf(bio_e,"This means that the random number generator has not been seeded\n");
		BIO_printf(bio_e,
		"This means that the random number generator has not been seeded\n");
		BIO_printf(bio_e, "with much random data.\n");
		if (consider_randfile) /* explanation does not apply when a file is explicitly named */
		{
		BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n");
		BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n");
		if (consider_randfile) { /* explanation does not apply when a
		* file is explicitly named */
		BIO_printf(bio_e,
		"Consider setting the RANDFILE environment variable to point at a file that\n");
		BIO_printf(bio_e,
		"'random' data can be kept in (the file will be overwritten).\n");
		}
		}
		return 0;
		@@ -169,22 +169,24 @@ long app_RAND_load_files(char *name)
		long tot = 0;
		int egd;

		for (;;)
		{
		for (;;) {
		last = 0;
		for (p = name; ((p != '\0') && (p != LIST_SEPARATOR_CHAR)); p++) ;
		if (*p == '\0') last=1;
		if (*p == '\0')
		last = 1;
		*p = '\0';
		n = name;
		name = p + 1;
		if (*n == '\0') break;
		if (*n == '\0')
		break;

		egd = RAND_egd(n);
		if (egd > 0)
		tot += egd;
		else
		tot += RAND_load_file(n, -1);
		if (last) break;
		if (last)
		break;
		}
		if (tot > 512)
		app_RAND_allow_write_file();
		@@ -196,16 +198,16 @@ int app_RAND_write_file(const char file, BIO bio_e)
		char buffer[200];

		if (egdsocket \|\| !seeded)
		/* If we did not manage to read the seed file,
		* we should not write a low-entropy seed file back --
		* it would suppress a crucial warning the next time
		* we want to use it. */
		/*
		* If we did not manage to read the seed file, we should not write a
		* low-entropy seed file back -- it would suppress a crucial warning
		* the next time we want to use it.
		*/
		return 0;

		if (file == NULL)
		file = RAND_file_name(buffer, sizeof buffer);
		if (file == NULL \|\| !RAND_write_file(file))
		{
		if (file == NULL \|\| !RAND_write_file(file)) {
		BIO_printf(bio_e, "unable to write 'random state'\n");
		return 0;
		}

apps/apps.c

+2709 −2879

File changed.

Preview size limit exceeded, changes collapsed.

apps/apps.h

+182 −182

Original line number	Diff line number	Diff line
		@@ -129,8 +129,9 @@

		int app_RAND_load_file(const char file, BIO bio_e, int dont_warn);
		int app_RAND_write_file(const char file, BIO bio_e);
		/* When `file' is NULL, use defaults.
		* `bio_e' is for error messages. */
		/*
		* When `file' is NULL, use defaults. `bio_e' is for error messages.
		*/
		void app_RAND_allow_write_file(void);
		long app_RAND_load_files(char file); / `file' is a list of files to read,
		* separated by LIST_SEPARATOR_CHAR
		@@ -210,22 +211,18 @@ extern BIO *bio_err;
		# define openssl_fdset(a,b) FD_SET(a, b)
		# endif


		typedef struct args_st
		{
		typedef struct args_st {
		char **data;
		int count;
		} ARGS;

		# define PW_MIN_LENGTH 4
		typedef struct pw_cb_data
		{
		typedef struct pw_cb_data {
		const void *password;
		const char *prompt_info;
		} PW_CB_DATA;

		int password_callback(char *buf, int bufsiz, int verify,
		PW_CB_DATA *cb_data);
		int password_callback(char buf, int bufsiz, int verify, PW_CB_DATA cb_data);

		int setup_ui_method(void);
		void destroy_ui_method(void);
		@@ -237,7 +234,8 @@ void program_name(char in,char out,int size);
		int chopup_args(ARGS arg, char buf, int argc, char *argv[]);
		# ifdef HEADER_X509_H
		int dump_cert_text(BIO out, X509 x);
		void print_name(BIO out, const char title, X509_NAME *nm, unsigned long lflags);
		void print_name(BIO out, const char title, X509_NAME *nm,
		unsigned long lflags);
		# endif
		int set_cert_ex(unsigned long flags, const char arg);
		int set_name_ex(unsigned long flags, const char arg);
		@@ -255,9 +253,11 @@ EVP_PKEY load_key(BIO err, const char *file, int format, int maybe_stdin,
		EVP_PKEY load_pubkey(BIO err, const char *file, int format, int maybe_stdin,
		const char pass, ENGINE e, const char *key_descrip);
		STACK_OF(X509) load_certs(BIO err, const char *file, int format,
		const char pass, ENGINE e, const char *cert_descrip);
		const char pass, ENGINE e,
		const char *cert_descrip);
		STACK_OF(X509_CRL) load_crls(BIO err, const char *file, int format,
		const char pass, ENGINE e, const char *cert_descrip);
		const char pass, ENGINE e,
		const char *cert_descrip);
		X509_STORE setup_verify(BIO bp, char CAfile, char CApath);
		# ifndef OPENSSL_NO_ENGINE
		ENGINE setup_engine(BIO err, const char *engine, int debug);
		@@ -283,31 +283,32 @@ int unpack_revinfo(ASN1_TIME *prevtm, int preason, ASN1_OBJECT **phold,
		# define DB_rev_date 2
		# define DB_serial 3 /* index - unique */
		# define DB_file 4
		#define DB_name 5 /* index - unique when active and not disabled */
		# define DB_name 5 /* index - unique when active and not
		* disabled */
		# define DB_NUMBER 6

		# define DB_TYPE_REV 'R'
		# define DB_TYPE_EXP 'E'
		# define DB_TYPE_VAL 'V'

		typedef struct db_attr_st
		{
		typedef struct db_attr_st {
		int unique_subject;
		} DB_ATTR;
		typedef struct ca_db_st
		{
		typedef struct ca_db_st {
		DB_ATTR attributes;
		TXT_DB *db;
		} CA_DB;

		BIGNUM load_serial(char serialfile, int create, ASN1_INTEGER **retai);
		int save_serial(char serialfile, char suffix, BIGNUM serial, ASN1_INTEGER *retai);
		int save_serial(char serialfile, char suffix, BIGNUM *serial,
		ASN1_INTEGER **retai);
		int rotate_serial(char serialfile, char new_suffix, char *old_suffix);
		int rand_serial(BIGNUM b, ASN1_INTEGER ai);
		CA_DB load_index(char dbfile, DB_ATTR *dbattr);
		int index_index(CA_DB *db);
		int save_index(const char dbfile, const char suffix, CA_DB *db);
		int rotate_index(const char dbfile, const char new_suffix, const char *old_suffix);
		int rotate_index(const char dbfile, const char new_suffix,
		const char *old_suffix);
		void free_index(CA_DB *db);
		# define index_name_cmp_noconst(a, b) \
		index_name_cmp((const OPENSSL_CSTRING *)CHECKED_PTR_OF(OPENSSL_STRING, a), \
		@@ -343,8 +344,7 @@ unsigned char next_protos_parse(unsigned short outlen, const char *in);

		void print_cert_checks(BIO bio, X509 x,
		const char *checkhost,
		const char *checkemail,
		const char *checkip);
		const char checkemail, const char checkip);

		void store_setup_crl_download(X509_STORE *st);

apps/asn1pars.c

+362 −379

Original line number	Diff line number	Diff line
		@@ -56,8 +56,9 @@
		* [including the GNU Public Licence.]
		*/

		/* A nice addition from Dr Stephen Henson <steve@openssl.org> to
		* add the -strparse option which parses nested binary structures
		/*
		* A nice addition from Dr Stephen Henson <steve@openssl.org> to add the
		* -strparse option which parses nested binary structures
		*/

		#include <stdio.h>
		@@ -81,7 +82,6 @@
		#undef PROG
		#define PROG asn1parse_main


		int MAIN(int, char **);

		static int do_generate(BIO bio, char genstr, char genconf, BUF_MEM buf);
		@@ -93,7 +93,8 @@ int MAIN(int argc, char **argv)
		long num, tmplen;
		BIO in = NULL, out = NULL, b64 = NULL, derout = NULL;
		int informat, indent = 0, noout = 0, dump = 0, strictpem = 0;
		char infile=NULL,str=NULL,prog,oidfile=NULL, derfile=NULL, name=NULL, *header=NULL;
		char infile = NULL, str = NULL, prog, oidfile = NULL, *derfile =
		NULL, name = NULL, header = NULL;
		char genstr = NULL, genconf = NULL;
		unsigned char *tmpbuf;
		const unsigned char *ctmpbuf;
		@@ -115,81 +116,65 @@ int MAIN(int argc, char **argv)
		prog = argv[0];
		argc--;
		argv++;
		if ((osk=sk_OPENSSL_STRING_new_null()) == NULL)
		{
		if ((osk = sk_OPENSSL_STRING_new_null()) == NULL) {
		BIO_printf(bio_err, "Memory allocation failure\n");
		goto end;
		}
		while (argc >= 1)
		{
		if (strcmp(*argv,"-inform") == 0)
		{
		if (--argc < 1) goto bad;
		while (argc >= 1) {
		if (strcmp(*argv, "-inform") == 0) {
		if (--argc < 1)
		goto bad;
		informat = str2fmt(*(++argv));
		}
		else if (strcmp(*argv,"-in") == 0)
		{
		if (--argc < 1) goto bad;
		} else if (strcmp(*argv, "-in") == 0) {
		if (--argc < 1)
		goto bad;
		infile = *(++argv);
		}
		else if (strcmp(*argv,"-out") == 0)
		{
		if (--argc < 1) goto bad;
		} else if (strcmp(*argv, "-out") == 0) {
		if (--argc < 1)
		goto bad;
		derfile = *(++argv);
		}
		else if (strcmp(*argv,"-i") == 0)
		{
		} else if (strcmp(*argv, "-i") == 0) {
		indent = 1;
		}
		else if (strcmp(*argv,"-noout") == 0) noout = 1;
		else if (strcmp(*argv,"-oid") == 0)
		{
		if (--argc < 1) goto bad;
		} else if (strcmp(*argv, "-noout") == 0)
		noout = 1;
		else if (strcmp(*argv, "-oid") == 0) {
		if (--argc < 1)
		goto bad;
		oidfile = *(++argv);
		}
		else if (strcmp(*argv,"-offset") == 0)
		{
		if (--argc < 1) goto bad;
		} else if (strcmp(*argv, "-offset") == 0) {
		if (--argc < 1)
		goto bad;
		offset = atoi(*(++argv));
		}
		else if (strcmp(*argv,"-length") == 0)
		{
		if (--argc < 1) goto bad;
		} else if (strcmp(*argv, "-length") == 0) {
		if (--argc < 1)
		goto bad;
		length = atoi(*(++argv));
		if (length == 0) goto bad;
		}
		else if (strcmp(*argv,"-dump") == 0)
		{
		if (length == 0)
		goto bad;
		} else if (strcmp(*argv, "-dump") == 0) {
		dump = -1;
		}
		else if (strcmp(*argv,"-dlimit") == 0)
		{
		if (--argc < 1) goto bad;
		} else if (strcmp(*argv, "-dlimit") == 0) {
		if (--argc < 1)
		goto bad;
		dump = atoi(*(++argv));
		if (dump <= 0) goto bad;
		}
		else if (strcmp(*argv,"-strparse") == 0)
		{
		if (--argc < 1) goto bad;
		if (dump <= 0)
		goto bad;
		} else if (strcmp(*argv, "-strparse") == 0) {
		if (--argc < 1)
		goto bad;
		sk_OPENSSL_STRING_push(osk, *(++argv));
		}
		else if (strcmp(*argv,"-genstr") == 0)
		{
		if (--argc < 1) goto bad;
		} else if (strcmp(*argv, "-genstr") == 0) {
		if (--argc < 1)
		goto bad;
		genstr = *(++argv);
		}
		else if (strcmp(*argv,"-genconf") == 0)
		{
		if (--argc < 1) goto bad;
		} else if (strcmp(*argv, "-genconf") == 0) {
		if (--argc < 1)
		goto bad;
		genconf = *(++argv);
		}
		else if (strcmp(*argv,"-strictpem") == 0)
		{
		} else if (strcmp(*argv, "-strictpem") == 0) {
		strictpem = 1;
		informat = FORMAT_PEM;
		}
		else
		{
		} else {
		BIO_printf(bio_err, "unknown option %s\n", *argv);
		badops = 1;
		break;
		@@ -198,27 +183,32 @@ int MAIN(int argc, char **argv)
		argv++;
		}

		if (badops)
		{
		if (badops) {
		bad:
		BIO_printf(bio_err, "%s [options] <infile\n", prog);
		BIO_printf(bio_err, "where options are\n");
		BIO_printf(bio_err, " -inform arg input format - one of DER PEM\n");
		BIO_printf(bio_err, " -in arg input file\n");
		BIO_printf(bio_err," -out arg output file (output format is always DER\n");
		BIO_printf(bio_err,
		" -out arg output file (output format is always DER\n");
		BIO_printf(bio_err, " -noout arg don't produce any output\n");
		BIO_printf(bio_err, " -offset arg offset into file\n");
		BIO_printf(bio_err, " -length arg length of section in file\n");
		BIO_printf(bio_err, " -i indent entries\n");
		BIO_printf(bio_err, " -dump dump unknown data in hex form\n");
		BIO_printf(bio_err," -dlimit arg dump the first arg bytes of unknown data in hex form\n");
		BIO_printf(bio_err,
		" -dlimit arg dump the first arg bytes of unknown data in hex form\n");
		BIO_printf(bio_err, " -oid file file of extra oid definitions\n");
		BIO_printf(bio_err, " -strparse offset\n");
		BIO_printf(bio_err," a series of these can be used to 'dig' into multiple\n");
		BIO_printf(bio_err,
		" a series of these can be used to 'dig' into multiple\n");
		BIO_printf(bio_err, " ASN1 blob wrappings\n");
		BIO_printf(bio_err," -genstr str string to generate ASN1 structure from\n");
		BIO_printf(bio_err," -genconf file file to generate ASN1 structure from\n");
		BIO_printf(bio_err," -strictpem do not attempt base64 decode outside PEM markers (-inform \n");
		BIO_printf(bio_err,
		" -genstr str string to generate ASN1 structure from\n");
		BIO_printf(bio_err,
		" -genconf file file to generate ASN1 structure from\n");
		BIO_printf(bio_err,
		" -strictpem do not attempt base64 decode outside PEM markers (-inform \n");
		BIO_printf(bio_err, " will be ignored)\n");
		goto end;
		}
		@@ -227,8 +217,7 @@ bad:

		in = BIO_new(BIO_s_file());
		out = BIO_new(BIO_s_file());
		if ((in == NULL) \|\| (out == NULL))
		{
		if ((in == NULL) \|\| (out == NULL)) {
		ERR_print_errors(bio_err);
		goto end;
		}
		@@ -240,10 +229,8 @@ bad:
		}
		#endif

		if (oidfile != NULL)
		{
		if (BIO_read_filename(in,oidfile) <= 0)
		{
		if (oidfile != NULL) {
		if (BIO_read_filename(in, oidfile) <= 0) {
		BIO_printf(bio_err, "problems opening %s\n", oidfile);
		ERR_print_errors(bio_err);
		goto end;
		@@ -253,10 +240,8 @@ bad:

		if (infile == NULL)
		BIO_set_fp(in, stdin, BIO_NOCLOSE);
		else
		{
		if (BIO_read_filename(in,infile) <= 0)
		{
		else {
		if (BIO_read_filename(in, infile) <= 0) {
		perror(infile);
		goto end;
		}
		@@ -270,36 +255,31 @@ bad:
		}
		}

		if(strictpem)
		{
		if(PEM_read_bio(in, &name, &header, (unsigned char **)&str, &num) != 1)
		{
		if (strictpem) {
		if (PEM_read_bio(in, &name, &header, (unsigned char **)&str, &num) !=
		1) {
		BIO_printf(bio_err, "Error reading PEM file\n");
		ERR_print_errors(bio_err);
		goto end;
		}
		}
		else
		{
		} else {

		if ((buf=BUF_MEM_new()) == NULL) goto end;
		if (!BUF_MEM_grow(buf,BUFSIZ8)) goto end; / Pre-allocate :-) */
		if ((buf = BUF_MEM_new()) == NULL)
		goto end;
		if (!BUF_MEM_grow(buf, BUFSIZ * 8))
		goto end; /* Pre-allocate :-) */

		if (genstr \|\| genconf)
		{
		if (genstr \|\| genconf) {
		num = do_generate(bio_err, genstr, genconf, buf);
		if (num < 0)
		{
		if (num < 0) {
		ERR_print_errors(bio_err);
		goto end;
		}
		}

		else
		{
		else {

		if (informat == FORMAT_PEM)
		{
		if (informat == FORMAT_PEM) {
		BIO *tmp;

		if ((b64 = BIO_new(BIO_f_base64())) == NULL)
		@@ -311,11 +291,12 @@ bad:
		}

		num = 0;
		for (;;)
		{
		if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
		for (;;) {
		if (!BUF_MEM_grow(buf, (int)num + BUFSIZ))
		goto end;
		i = BIO_read(in, &(buf->data[num]), BUFSIZ);
		if (i <= 0) break;
		if (i <= 0)
		break;
		num += i;
		}
		}
		@@ -325,18 +306,16 @@ bad:

		/* If any structs to parse go through in sequence */

		if (sk_OPENSSL_STRING_num(osk))
		{
		if (sk_OPENSSL_STRING_num(osk)) {
		tmpbuf = (unsigned char *)str;
		tmplen = num;
		for (i=0; i<sk_OPENSSL_STRING_num(osk); i++)
		{
		for (i = 0; i < sk_OPENSSL_STRING_num(osk); i++) {
		ASN1_TYPE *atmp;
		int typ;
		j = atoi(sk_OPENSSL_STRING_value(osk, i));
		if (j == 0)
		{
		BIO_printf(bio_err,"'%s' is an invalid number\n",sk_OPENSSL_STRING_value(osk,i));
		if (j == 0) {
		BIO_printf(bio_err, "'%s' is an invalid number\n",
		sk_OPENSSL_STRING_value(osk, i));
		continue;
		}
		tmpbuf += j;
		@@ -345,16 +324,14 @@ bad:
		ctmpbuf = tmpbuf;
		at = d2i_ASN1_TYPE(NULL, &ctmpbuf, tmplen);
		ASN1_TYPE_free(atmp);
		if(!at)
		{
		if (!at) {
		BIO_printf(bio_err, "Error parsing structure\n");
		ERR_print_errors(bio_err);
		goto end;
		}
		typ = ASN1_TYPE_get(at);
		if ((typ == V_ASN1_OBJECT)
		\|\| (typ == V_ASN1_NULL))
		{
		\|\| (typ == V_ASN1_NULL)) {
		BIO_printf(bio_err, "Can't parse %s type\n",
		typ == V_ASN1_NULL ? "NULL" : "OBJECT");
		ERR_print_errors(bio_err);
		@@ -368,15 +345,15 @@ bad:
		num = tmplen;
		}

		if (offset >= num)
		{
		if (offset >= num) {
		BIO_printf(bio_err, "Error: offset too large\n");
		goto end;
		}

		num -= offset;

		if ((length == 0) \|\| ((long)length > num)) length=(unsigned int)num;
		if ((length == 0) \|\| ((long)length > num))
		length = (unsigned int)num;
		if (derout) {
		if (BIO_write(derout, str + offset, length) != (int)length) {
		BIO_printf(bio_err, "Error writing output\n");
		@@ -386,25 +363,33 @@ bad:
		}
		if (!noout &&
		!ASN1_parse_dump(out, (unsigned char *)&(str[offset]), length,
		indent,dump))
		{
		indent, dump)) {
		ERR_print_errors(bio_err);
		goto end;
		}
		ret = 0;
		end:
		BIO_free(derout);
		if (in != NULL) BIO_free(in);
		if (out != NULL) BIO_free_all(out);
		if (b64 != NULL) BIO_free(b64);
		if (in != NULL)
		BIO_free(in);
		if (out != NULL)
		BIO_free_all(out);
		if (b64 != NULL)
		BIO_free(b64);
		if (ret != 0)
		ERR_print_errors(bio_err);
		if (buf != NULL) BUF_MEM_free(buf);
		if (name != NULL) OPENSSL_free(name);
		if (header != NULL) OPENSSL_free(header);
		if (strictpem && str != NULL) OPENSSL_free(str);
		if (at != NULL) ASN1_TYPE_free(at);
		if (osk != NULL) sk_OPENSSL_STRING_free(osk);
		if (buf != NULL)
		BUF_MEM_free(buf);
		if (name != NULL)
		OPENSSL_free(name);
		if (header != NULL)
		OPENSSL_free(header);
		if (strictpem && str != NULL)
		OPENSSL_free(str);
		if (at != NULL)
		ASN1_TYPE_free(at);
		if (osk != NULL)
		sk_OPENSSL_STRING_free(osk);
		OBJ_cleanup();
		apps_shutdown();
		OPENSSL_EXIT(ret);
		@@ -418,15 +403,13 @@ static int do_generate(BIO bio, char genstr, char genconf, BUF_MEM buf)
		unsigned char *p;
		ASN1_TYPE *atyp = NULL;

		if (genconf)
		{
		if (genconf) {
		cnf = NCONF_new(NULL);
		if (!NCONF_load(cnf, genconf, &errline))
		goto conferr;
		if (!genstr)
		genstr = NCONF_get_string(cnf, "default", "asn1");
		if (!genstr)
		{
		if (!genstr) {
		BIO_printf(bio, "Can't find 'asn1' in '%s'\n", genconf);
		goto err;
		}

apps/ca.c

+2718 −2855

File changed.

Preview size limit exceeded, changes collapsed.

Admin message