xref: /openbsd/usr.bin/openssl/pkey.c (revision cecf84d4) 
1 /* $OpenBSD: pkey.c,v 1.3 2014/08/28 14:25:48 jsing Exp $ */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3  * project 2006
4  */
5 /* ====================================================================
6  * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    licensing@OpenSSL.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * (eay@cryptsoft.com).  This product includes software written by Tim
55  * Hudson (tjh@cryptsoft.com).
56  *
57  */
58 
59 #include <stdio.h>
60 #include <string.h>
61 
62 #include "apps.h"
63 
64 #include <openssl/err.h>
65 #include <openssl/evp.h>
66 #include <openssl/pem.h>
67 
68 int pkey_main(int, char **);
69 
70 int
71 pkey_main(int argc, char **argv)
72 {
73 	ENGINE *e = NULL;
74 	char **args, *infile = NULL, *outfile = NULL;
75 	char *passargin = NULL, *passargout = NULL;
76 	BIO *in = NULL, *out = NULL;
77 	const EVP_CIPHER *cipher = NULL;
78 	int informat, outformat;
79 	int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
80 	EVP_PKEY *pkey = NULL;
81 	char *passin = NULL, *passout = NULL;
82 	int badarg = 0;
83 #ifndef OPENSSL_NO_ENGINE
84 	char *engine = NULL;
85 #endif
86 	int ret = 1;
87 
88 	informat = FORMAT_PEM;
89 	outformat = FORMAT_PEM;
90 
91 	args = argv + 1;
92 	while (!badarg && *args && *args[0] == '-') {
93 		if (!strcmp(*args, "-inform")) {
94 			if (args[1]) {
95 				args++;
96 				informat = str2fmt(*args);
97 			} else
98 				badarg = 1;
99 		} else if (!strcmp(*args, "-outform")) {
100 			if (args[1]) {
101 				args++;
102 				outformat = str2fmt(*args);
103 			} else
104 				badarg = 1;
105 		} else if (!strcmp(*args, "-passin")) {
106 			if (!args[1])
107 				goto bad;
108 			passargin = *(++args);
109 		} else if (!strcmp(*args, "-passout")) {
110 			if (!args[1])
111 				goto bad;
112 			passargout = *(++args);
113 		}
114 #ifndef OPENSSL_NO_ENGINE
115 		else if (strcmp(*args, "-engine") == 0) {
116 			if (!args[1])
117 				goto bad;
118 			engine = *(++args);
119 		}
120 #endif
121 		else if (!strcmp(*args, "-in")) {
122 			if (args[1]) {
123 				args++;
124 				infile = *args;
125 			} else
126 				badarg = 1;
127 		} else if (!strcmp(*args, "-out")) {
128 			if (args[1]) {
129 				args++;
130 				outfile = *args;
131 			} else
132 				badarg = 1;
133 		} else if (strcmp(*args, "-pubin") == 0) {
134 			pubin = 1;
135 			pubout = 1;
136 			pubtext = 1;
137 		} else if (strcmp(*args, "-pubout") == 0)
138 			pubout = 1;
139 		else if (strcmp(*args, "-text_pub") == 0) {
140 			pubtext = 1;
141 			text = 1;
142 		} else if (strcmp(*args, "-text") == 0)
143 			text = 1;
144 		else if (strcmp(*args, "-noout") == 0)
145 			noout = 1;
146 		else {
147 			cipher = EVP_get_cipherbyname(*args + 1);
148 			if (!cipher) {
149 				BIO_printf(bio_err, "Unknown cipher %s\n",
150 				    *args + 1);
151 				badarg = 1;
152 			}
153 		}
154 		args++;
155 	}
156 
157 	if (badarg) {
158 bad:
159 		BIO_printf(bio_err, "Usage pkey [options]\n");
160 		BIO_printf(bio_err, "where options are\n");
161 		BIO_printf(bio_err, "-in file        input file\n");
162 		BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
163 		BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
164 		BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
165 		BIO_printf(bio_err, "-out file       output file\n");
166 		BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
167 #ifndef OPENSSL_NO_ENGINE
168 		BIO_printf(bio_err, "-engine e       use engine e, possibly a hardware device.\n");
169 #endif
170 		return 1;
171 	}
172 #ifndef OPENSSL_NO_ENGINE
173 	e = setup_engine(bio_err, engine, 0);
174 #endif
175 
176 	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
177 		BIO_printf(bio_err, "Error getting passwords\n");
178 		goto end;
179 	}
180 	if (outfile) {
181 		if (!(out = BIO_new_file(outfile, "wb"))) {
182 			BIO_printf(bio_err,
183 			    "Can't open output file %s\n", outfile);
184 			goto end;
185 		}
186 	} else {
187 		out = BIO_new_fp(stdout, BIO_NOCLOSE);
188 	}
189 
190 	if (pubin)
191 		pkey = load_pubkey(bio_err, infile, informat, 1,
192 		    passin, e, "Public Key");
193 	else
194 		pkey = load_key(bio_err, infile, informat, 1,
195 		    passin, e, "key");
196 	if (!pkey)
197 		goto end;
198 
199 	if (!noout) {
200 		if (outformat == FORMAT_PEM) {
201 			if (pubout)
202 				PEM_write_bio_PUBKEY(out, pkey);
203 			else
204 				PEM_write_bio_PrivateKey(out, pkey, cipher,
205 				    NULL, 0, NULL, passout);
206 		} else if (outformat == FORMAT_ASN1) {
207 			if (pubout)
208 				i2d_PUBKEY_bio(out, pkey);
209 			else
210 				i2d_PrivateKey_bio(out, pkey);
211 		} else {
212 			BIO_printf(bio_err, "Bad format specified for key\n");
213 			goto end;
214 		}
215 
216 	}
217 	if (text) {
218 		if (pubtext)
219 			EVP_PKEY_print_public(out, pkey, 0, NULL);
220 		else
221 			EVP_PKEY_print_private(out, pkey, 0, NULL);
222 	}
223 	ret = 0;
224 
225 end:
226 	EVP_PKEY_free(pkey);
227 	BIO_free_all(out);
228 	BIO_free(in);
229 	free(passin);
230 	free(passout);
231 
232 	return ret;
233 }
234