Adapt storeutl to allow looking for a specific info type (9511d973) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP OpenSSL

apps/storeutl.c

+54 −5

Original line number	Diff line number	Diff line
		@@ -16,11 +16,13 @@
		#include <openssl/store.h>

		static int process(const char uri, const UI_METHOD uimeth, PW_CB_DATA *uidata,
		int expected,
		int text, int noout, int recursive, int indent, BIO *out);

		typedef enum OPTION_choice {
		OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ENGINE, OPT_OUT, OPT_PASSIN,
		OPT_NOOUT, OPT_TEXT, OPT_RECURSIVE
		OPT_NOOUT, OPT_TEXT, OPT_RECURSIVE,
		OPT_SEARCHFOR_CERTS, OPT_SEARCHFOR_KEYS, OPT_SEARCHFOR_CRLS
		} OPTION_CHOICE;

		const OPTIONS storeutl_options[] = {
		@@ -30,6 +32,9 @@ const OPTIONS storeutl_options[] = {
		{"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
		{"text", OPT_TEXT, '-', "Print a text form of the objects"},
		{"noout", OPT_NOOUT, '-', "No PEM output, just status"},
		{"certs", OPT_SEARCHFOR_CERTS, '-', "Search for certificates only"},
		{"keys", OPT_SEARCHFOR_KEYS, '-', "Search for keys only"},
		{"crls", OPT_SEARCHFOR_CRLS, '-', "Search for CRLs only"},
		#ifndef OPENSSL_NO_ENGINE
		{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
		#endif
		@@ -46,6 +51,7 @@ int storeutl_main(int argc, char *argv[])
		OPTION_CHOICE o;
		char *prog = opt_init(argc, argv, storeutl_options);
		PW_CB_DATA pw_cb_data;
		int expected = 0;

		while ((o = opt_next()) != OPT_EOF) {
		switch (o) {
		@@ -73,6 +79,38 @@ int storeutl_main(int argc, char *argv[])
		case OPT_RECURSIVE:
		recursive = 1;
		break;
		case OPT_SEARCHFOR_CERTS:
		case OPT_SEARCHFOR_KEYS:
		case OPT_SEARCHFOR_CRLS:
		if (expected != 0) {
		BIO_printf(bio_err, "%s: only one search type can be given.\n",
		prog);
		goto end;
		}
		{
		static const struct {
		enum OPTION_choice choice;
		int type;
		} map[] = {
		{OPT_SEARCHFOR_CERTS, OSSL_STORE_INFO_CERT},
		{OPT_SEARCHFOR_KEYS, OSSL_STORE_INFO_PKEY},
		{OPT_SEARCHFOR_CRLS, OSSL_STORE_INFO_CRL},
		};
		size_t i;

		for (i = 0; i < OSSL_NELEM(map); i++) {
		if (o == map[i].choice) {
		expected = map[i].type;
		break;
		}
		}
		/*
		* If expected wasn't set at this point, it means the map
		* isn't syncronised with the possible options leading here.
		*/
		OPENSSL_assert(expected != 0);
		}
		break;
		case OPT_ENGINE:
		e = setup_engine(opt_arg(), 0);
		break;
		@@ -101,8 +139,9 @@ int storeutl_main(int argc, char *argv[])
		if (out == NULL)
		goto end;

		ret = process(argv[0], get_ui_method(), &pw_cb_data, text, noout, recursive,
		0, out);
		ret = process(argv[0], get_ui_method(), &pw_cb_data,
		expected,
		text, noout, recursive, 0, out);

		end:
		BIO_free_all(out);
		@@ -125,6 +164,7 @@ static int indent_printf(int indent, BIO bio, const char format, ...)
		}

		static int process(const char uri, const UI_METHOD uimeth, PW_CB_DATA *uidata,
		int expected,
		int text, int noout, int recursive, int indent, BIO *out)
		{
		OSSL_STORE_CTX *store_ctx = NULL;
		@@ -137,6 +177,13 @@ static int process(const char uri, const UI_METHOD uimeth, PW_CB_DATA *uidata,
		return ret;
		}

		if (expected != 0) {
		if (!OSSL_STORE_expect(store_ctx, expected)) {
		ERR_print_errors(bio_err);
		goto end2;
		}
		}

		/* From here on, we count errors, and we'll return the count at the end */
		ret = 0;

		@@ -188,8 +235,9 @@ static int process(const char uri, const UI_METHOD uimeth, PW_CB_DATA *uidata,
		case OSSL_STORE_INFO_NAME:
		if (recursive) {
		const char *suburi = OSSL_STORE_INFO_get0_NAME(info);
		ret += process(suburi, uimeth, uidata, text, noout, recursive,
		indent + 2, out);
		ret += process(suburi, uimeth, uidata,
		expected,
		text, noout, recursive, indent + 2, out);
		}
		break;
		case OSSL_STORE_INFO_PARAMS:
		@@ -230,6 +278,7 @@ static int process(const char uri, const UI_METHOD uimeth, PW_CB_DATA *uidata,
		}
		indent_printf(indent, out, "Total found: %d\n", items);

		end2:
		if (!OSSL_STORE_close(store_ctx)) {
		ERR_print_errors(bio_err);
		ret++;