xref: /freebsd/crypto/openssl/apps/openssl.c (revision 7aa383846770374466b1dcb2cefd71bde9acf463)
1 /* apps/openssl.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 /* ====================================================================
59  * Copyright (c) 1998-2006 The OpenSSL Project.  All rights reserved.
60  *
61  * Redistribution and use in source and binary forms, with or without
62  * modification, are permitted provided that the following conditions
63  * are met:
64  *
65  * 1. Redistributions of source code must retain the above copyright
66  *    notice, this list of conditions and the following disclaimer.
67  *
68  * 2. Redistributions in binary form must reproduce the above copyright
69  *    notice, this list of conditions and the following disclaimer in
70  *    the documentation and/or other materials provided with the
71  *    distribution.
72  *
73  * 3. All advertising materials mentioning features or use of this
74  *    software must display the following acknowledgment:
75  *    "This product includes software developed by the OpenSSL Project
76  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77  *
78  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79  *    endorse or promote products derived from this software without
80  *    prior written permission. For written permission, please contact
81  *    openssl-core@openssl.org.
82  *
83  * 5. Products derived from this software may not be called "OpenSSL"
84  *    nor may "OpenSSL" appear in their names without prior written
85  *    permission of the OpenSSL Project.
86  *
87  * 6. Redistributions of any form whatsoever must retain the following
88  *    acknowledgment:
89  *    "This product includes software developed by the OpenSSL Project
90  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91  *
92  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103  * OF THE POSSIBILITY OF SUCH DAMAGE.
104  * ====================================================================
105  *
106  * This product includes cryptographic software written by Eric Young
107  * (eay@cryptsoft.com).  This product includes software written by Tim
108  * Hudson (tjh@cryptsoft.com).
109  *
110  */
111 
112 
113 #include <stdio.h>
114 #include <string.h>
115 #include <stdlib.h>
116 #define OPENSSL_C /* tells apps.h to use complete apps_startup() */
117 #include "apps.h"
118 #include <openssl/bio.h>
119 #include <openssl/crypto.h>
120 #include <openssl/lhash.h>
121 #include <openssl/conf.h>
122 #include <openssl/x509.h>
123 #include <openssl/pem.h>
124 #include <openssl/ssl.h>
125 #ifndef OPENSSL_NO_ENGINE
126 #include <openssl/engine.h>
127 #endif
128 #define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
129 #include "progs.h"
130 #include "s_apps.h"
131 #include <openssl/err.h>
132 
133 /* The LHASH callbacks ("hash" & "cmp") have been replaced by functions with the
134  * base prototypes (we cast each variable inside the function to the required
135  * type of "FUNCTION*"). This removes the necessity for macro-generated wrapper
136  * functions. */
137 
138 /* static unsigned long MS_CALLBACK hash(FUNCTION *a); */
139 static unsigned long MS_CALLBACK hash(const void *a_void);
140 /* static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b); */
141 static int MS_CALLBACK cmp(const void *a_void,const void *b_void);
142 static LHASH *prog_init(void );
143 static int do_cmd(LHASH *prog,int argc,char *argv[]);
144 char *default_config_file=NULL;
145 
146 /* Make sure there is only one when MONOLITH is defined */
147 #ifdef MONOLITH
148 CONF *config=NULL;
149 BIO *bio_err=NULL;
150 int in_FIPS_mode=0;
151 #endif
152 
153 
154 static void lock_dbg_cb(int mode, int type, const char *file, int line)
155 	{
156 	static int modes[CRYPTO_NUM_LOCKS]; /* = {0, 0, ... } */
157 	const char *errstr = NULL;
158 	int rw;
159 
160 	rw = mode & (CRYPTO_READ|CRYPTO_WRITE);
161 	if (!((rw == CRYPTO_READ) || (rw == CRYPTO_WRITE)))
162 		{
163 		errstr = "invalid mode";
164 		goto err;
165 		}
166 
167 	if (type < 0 || type >= CRYPTO_NUM_LOCKS)
168 		{
169 		errstr = "type out of bounds";
170 		goto err;
171 		}
172 
173 	if (mode & CRYPTO_LOCK)
174 		{
175 		if (modes[type])
176 			{
177 			errstr = "already locked";
178 			/* must not happen in a single-threaded program
179 			 * (would deadlock) */
180 			goto err;
181 			}
182 
183 		modes[type] = rw;
184 		}
185 	else if (mode & CRYPTO_UNLOCK)
186 		{
187 		if (!modes[type])
188 			{
189 			errstr = "not locked";
190 			goto err;
191 			}
192 
193 		if (modes[type] != rw)
194 			{
195 			errstr = (rw == CRYPTO_READ) ?
196 				"CRYPTO_r_unlock on write lock" :
197 				"CRYPTO_w_unlock on read lock";
198 			}
199 
200 		modes[type] = 0;
201 		}
202 	else
203 		{
204 		errstr = "invalid mode";
205 		goto err;
206 		}
207 
208  err:
209 	if (errstr)
210 		{
211 		/* we cannot use bio_err here */
212 		fprintf(stderr, "openssl (lock_dbg_cb): %s (mode=%d, type=%d) at %s:%d\n",
213 			errstr, mode, type, file, line);
214 		}
215 	}
216 
217 
218 int main(int Argc, char *Argv[])
219 	{
220 	ARGS arg;
221 #define PROG_NAME_SIZE	39
222 	char pname[PROG_NAME_SIZE+1];
223 	FUNCTION f,*fp;
224 	MS_STATIC const char *prompt;
225 	MS_STATIC char buf[1024];
226 	char *to_free=NULL;
227 	int n,i,ret=0;
228 	int argc;
229 	char **argv,*p;
230 	LHASH *prog=NULL;
231 	long errline;
232 
233 	arg.data=NULL;
234 	arg.count=0;
235 
236 	in_FIPS_mode = 0;
237 
238 	if(getenv("OPENSSL_FIPS")) {
239 #ifdef OPENSSL_FIPS
240 		if (!FIPS_mode_set(1)) {
241 			ERR_load_crypto_strings();
242 			ERR_print_errors(BIO_new_fp(stderr,BIO_NOCLOSE));
243 			EXIT(1);
244 		}
245 		in_FIPS_mode = 1;
246 #else
247 		fprintf(stderr, "FIPS mode not supported.\n");
248 		EXIT(1);
249 #endif
250 		}
251 
252 	if (bio_err == NULL)
253 		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
254 			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
255 
256 	if (getenv("OPENSSL_DEBUG_MEMORY") != NULL) /* if not defined, use compiled-in library defaults */
257 		{
258 		if (!(0 == strcmp(getenv("OPENSSL_DEBUG_MEMORY"), "off")))
259 			{
260 			CRYPTO_malloc_debug_init();
261 			CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
262 			}
263 		else
264 			{
265 			/* OPENSSL_DEBUG_MEMORY=off */
266 			CRYPTO_set_mem_debug_functions(0, 0, 0, 0, 0);
267 			}
268 		}
269 	CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
270 
271 #if 0
272 	if (getenv("OPENSSL_DEBUG_LOCKING") != NULL)
273 #endif
274 		{
275 		CRYPTO_set_locking_callback(lock_dbg_cb);
276 		}
277 
278 	apps_startup();
279 
280 	/* Lets load up our environment a little */
281 	p=getenv("OPENSSL_CONF");
282 	if (p == NULL)
283 		p=getenv("SSLEAY_CONF");
284 	if (p == NULL)
285 		p=to_free=make_config_name();
286 
287 	default_config_file=p;
288 
289 	config=NCONF_new(NULL);
290 	i=NCONF_load(config,p,&errline);
291 	if (i == 0)
292 		{
293 		NCONF_free(config);
294 		config = NULL;
295 		ERR_clear_error();
296 		}
297 
298 	prog=prog_init();
299 
300 	/* first check the program name */
301 	program_name(Argv[0],pname,sizeof pname);
302 
303 	f.name=pname;
304 	fp=(FUNCTION *)lh_retrieve(prog,&f);
305 	if (fp != NULL)
306 		{
307 		Argv[0]=pname;
308 		ret=fp->func(Argc,Argv);
309 		goto end;
310 		}
311 
312 	/* ok, now check that there are not arguments, if there are,
313 	 * run with them, shifting the ssleay off the front */
314 	if (Argc != 1)
315 		{
316 		Argc--;
317 		Argv++;
318 		ret=do_cmd(prog,Argc,Argv);
319 		if (ret < 0) ret=0;
320 		goto end;
321 		}
322 
323 	/* ok, lets enter the old 'OpenSSL>' mode */
324 
325 	for (;;)
326 		{
327 		ret=0;
328 		p=buf;
329 		n=sizeof buf;
330 		i=0;
331 		for (;;)
332 			{
333 			p[0]='\0';
334 			if (i++)
335 				prompt=">";
336 			else	prompt="OpenSSL> ";
337 			fputs(prompt,stdout);
338 			fflush(stdout);
339 			if (!fgets(p,n,stdin))
340 				goto end;
341 			if (p[0] == '\0') goto end;
342 			i=strlen(p);
343 			if (i <= 1) break;
344 			if (p[i-2] != '\\') break;
345 			i-=2;
346 			p+=i;
347 			n-=i;
348 			}
349 		if (!chopup_args(&arg,buf,&argc,&argv)) break;
350 
351 		ret=do_cmd(prog,argc,argv);
352 		if (ret < 0)
353 			{
354 			ret=0;
355 			goto end;
356 			}
357 		if (ret != 0)
358 			BIO_printf(bio_err,"error in %s\n",argv[0]);
359 		(void)BIO_flush(bio_err);
360 		}
361 	BIO_printf(bio_err,"bad exit\n");
362 	ret=1;
363 end:
364 	if (to_free)
365 		OPENSSL_free(to_free);
366 	if (config != NULL)
367 		{
368 		NCONF_free(config);
369 		config=NULL;
370 		}
371 	if (prog != NULL) lh_free(prog);
372 	if (arg.data != NULL) OPENSSL_free(arg.data);
373 
374 	apps_shutdown();
375 
376 	CRYPTO_mem_leaks(bio_err);
377 	if (bio_err != NULL)
378 		{
379 		BIO_free(bio_err);
380 		bio_err=NULL;
381 		}
382 	OPENSSL_EXIT(ret);
383 	}
384 
385 #define LIST_STANDARD_COMMANDS "list-standard-commands"
386 #define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands"
387 #define LIST_CIPHER_COMMANDS "list-cipher-commands"
388 
389 static int do_cmd(LHASH *prog, int argc, char *argv[])
390 	{
391 	FUNCTION f,*fp;
392 	int i,ret=1,tp,nl;
393 
394 	if ((argc <= 0) || (argv[0] == NULL))
395 		{ ret=0; goto end; }
396 	f.name=argv[0];
397 	fp=(FUNCTION *)lh_retrieve(prog,&f);
398 	if (fp != NULL)
399 		{
400 		ret=fp->func(argc,argv);
401 		}
402 	else if ((strncmp(argv[0],"no-",3)) == 0)
403 		{
404 		BIO *bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
405 #ifdef OPENSSL_SYS_VMS
406 		{
407 		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
408 		bio_stdout = BIO_push(tmpbio, bio_stdout);
409 		}
410 #endif
411 		f.name=argv[0]+3;
412 		ret = (lh_retrieve(prog,&f) != NULL);
413 		if (!ret)
414 			BIO_printf(bio_stdout, "%s\n", argv[0]);
415 		else
416 			BIO_printf(bio_stdout, "%s\n", argv[0]+3);
417 		BIO_free_all(bio_stdout);
418 		goto end;
419 		}
420 	else if ((strcmp(argv[0],"quit") == 0) ||
421 		(strcmp(argv[0],"q") == 0) ||
422 		(strcmp(argv[0],"exit") == 0) ||
423 		(strcmp(argv[0],"bye") == 0))
424 		{
425 		ret= -1;
426 		goto end;
427 		}
428 	else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) ||
429 		(strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) ||
430 		(strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0))
431 		{
432 		int list_type;
433 		BIO *bio_stdout;
434 
435 		if (strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0)
436 			list_type = FUNC_TYPE_GENERAL;
437 		else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0)
438 			list_type = FUNC_TYPE_MD;
439 		else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */
440 			list_type = FUNC_TYPE_CIPHER;
441 		bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE);
442 #ifdef OPENSSL_SYS_VMS
443 		{
444 		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
445 		bio_stdout = BIO_push(tmpbio, bio_stdout);
446 		}
447 #endif
448 
449 		for (fp=functions; fp->name != NULL; fp++)
450 			if (fp->type == list_type)
451 				BIO_printf(bio_stdout, "%s\n", fp->name);
452 		BIO_free_all(bio_stdout);
453 		ret=0;
454 		goto end;
455 		}
456 	else
457 		{
458 		BIO_printf(bio_err,"openssl:Error: '%s' is an invalid command.\n",
459 			argv[0]);
460 		BIO_printf(bio_err, "\nStandard commands");
461 		i=0;
462 		tp=0;
463 		for (fp=functions; fp->name != NULL; fp++)
464 			{
465 			nl=0;
466 #ifdef OPENSSL_NO_CAMELLIA
467 			if (((i++) % 5) == 0)
468 #else
469 			if (((i++) % 4) == 0)
470 #endif
471 				{
472 				BIO_printf(bio_err,"\n");
473 				nl=1;
474 				}
475 			if (fp->type != tp)
476 				{
477 				tp=fp->type;
478 				if (!nl) BIO_printf(bio_err,"\n");
479 				if (tp == FUNC_TYPE_MD)
480 					{
481 					i=1;
482 					BIO_printf(bio_err,
483 						"\nMessage Digest commands (see the `dgst' command for more details)\n");
484 					}
485 				else if (tp == FUNC_TYPE_CIPHER)
486 					{
487 					i=1;
488 					BIO_printf(bio_err,"\nCipher commands (see the `enc' command for more details)\n");
489 					}
490 				}
491 #ifdef OPENSSL_NO_CAMELLIA
492 			BIO_printf(bio_err,"%-15s",fp->name);
493 #else
494 			BIO_printf(bio_err,"%-18s",fp->name);
495 #endif
496 			}
497 		BIO_printf(bio_err,"\n\n");
498 		ret=0;
499 		}
500 end:
501 	return(ret);
502 	}
503 
504 static int SortFnByName(const void *_f1,const void *_f2)
505     {
506     const FUNCTION *f1=_f1;
507     const FUNCTION *f2=_f2;
508 
509     if(f1->type != f2->type)
510 	return f1->type-f2->type;
511     return strcmp(f1->name,f2->name);
512     }
513 
514 static LHASH *prog_init(void)
515 	{
516 	LHASH *ret;
517 	FUNCTION *f;
518 	size_t i;
519 
520 	/* Purely so it looks nice when the user hits ? */
521 	for(i=0,f=functions ; f->name != NULL ; ++f,++i)
522 	    ;
523 	qsort(functions,i,sizeof *functions,SortFnByName);
524 
525 	if ((ret=lh_new(hash, cmp)) == NULL)
526 		return(NULL);
527 
528 	for (f=functions; f->name != NULL; f++)
529 		lh_insert(ret,f);
530 	return(ret);
531 	}
532 
533 /* static int MS_CALLBACK cmp(FUNCTION *a, FUNCTION *b) */
534 static int MS_CALLBACK cmp(const void *a_void, const void *b_void)
535 	{
536 	return(strncmp(((const FUNCTION *)a_void)->name,
537 			((const FUNCTION *)b_void)->name,8));
538 	}
539 
540 /* static unsigned long MS_CALLBACK hash(FUNCTION *a) */
541 static unsigned long MS_CALLBACK hash(const void *a_void)
542 	{
543 	return(lh_strhash(((const FUNCTION *)a_void)->name));
544 	}
545