1 /* 2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #include <stdio.h> 11 #include <string.h> 12 #include <stdlib.h> 13 #include <openssl/bio.h> 14 #include <openssl/crypto.h> 15 #include <openssl/lhash.h> 16 #include <openssl/conf.h> 17 #include <openssl/x509.h> 18 #include <openssl/pem.h> 19 #include <openssl/ssl.h> 20 #ifndef OPENSSL_NO_ENGINE 21 # include <openssl/engine.h> 22 #endif 23 #include <openssl/err.h> 24 #ifdef OPENSSL_FIPS 25 # include <openssl/fips.h> 26 #endif 27 #define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */ 28 #include "s_apps.h" 29 /* Needed to get the other O_xxx flags. */ 30 #ifdef OPENSSL_SYS_VMS 31 # include <unixio.h> 32 #endif 33 #define INCLUDE_FUNCTION_TABLE 34 #include "apps.h" 35 36 37 #ifdef OPENSSL_NO_CAMELLIA 38 # define FORMAT "%-15s" 39 # define COLUMNS 5 40 #else 41 # define FORMAT "%-18s" 42 # define COLUMNS 4 43 #endif 44 45 /* Special sentinel to exit the program. */ 46 #define EXIT_THE_PROGRAM (-1) 47 48 /* 49 * The LHASH callbacks ("hash" & "cmp") have been replaced by functions with 50 * the base prototypes (we cast each variable inside the function to the 51 * required type of "FUNCTION*"). This removes the necessity for 52 * macro-generated wrapper functions. 53 */ 54 static LHASH_OF(FUNCTION) *prog_init(void); 55 static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]); 56 static void list_pkey(void); 57 static void list_type(FUNC_TYPE ft); 58 static void list_disabled(void); 59 char *default_config_file = NULL; 60 61 BIO *bio_in = NULL; 62 BIO *bio_out = NULL; 63 BIO *bio_err = NULL; 64 65 static int apps_startup(void) 66 { 67 #ifdef SIGPIPE 68 signal(SIGPIPE, SIG_IGN); 69 #endif 70 71 /* Set non-default library initialisation settings */ 72 if (!OPENSSL_init_ssl(OPENSSL_INIT_ENGINE_ALL_BUILTIN 73 | OPENSSL_INIT_LOAD_CONFIG, NULL)) 74 return 0; 75 76 #ifndef OPENSSL_NO_UI 77 setup_ui_method(); 78 #endif 79 80 return 1; 81 } 82 83 static void apps_shutdown(void) 84 { 85 #ifndef OPENSSL_NO_UI 86 destroy_ui_method(); 87 #endif 88 } 89 90 static char *make_config_name(void) 91 { 92 const char *t; 93 size_t len; 94 char *p; 95 96 if ((t = getenv("OPENSSL_CONF")) != NULL) 97 return OPENSSL_strdup(t); 98 99 t = X509_get_default_cert_area(); 100 len = strlen(t) + 1 + strlen(OPENSSL_CONF) + 1; 101 p = app_malloc(len, "config filename buffer"); 102 strcpy(p, t); 103 #ifndef OPENSSL_SYS_VMS 104 strcat(p, "/"); 105 #endif 106 strcat(p, OPENSSL_CONF); 107 108 return p; 109 } 110 111 int main(int argc, char *argv[]) 112 { 113 FUNCTION f, *fp; 114 LHASH_OF(FUNCTION) *prog = NULL; 115 char **copied_argv = NULL; 116 char *p, *pname; 117 char buf[1024]; 118 const char *prompt; 119 ARGS arg; 120 int first, n, i, ret = 0; 121 122 arg.argv = NULL; 123 arg.size = 0; 124 125 /* Set up some of the environment. */ 126 default_config_file = make_config_name(); 127 bio_in = dup_bio_in(FORMAT_TEXT); 128 bio_out = dup_bio_out(FORMAT_TEXT); 129 bio_err = dup_bio_err(FORMAT_TEXT); 130 131 #if defined(OPENSSL_SYS_VMS) && defined(__DECC) 132 copied_argv = argv = copy_argv(&argc, argv); 133 #elif defined(_WIN32) 134 /* 135 * Replace argv[] with UTF-8 encoded strings. 136 */ 137 win32_utf8argv(&argc, &argv); 138 #endif 139 140 p = getenv("OPENSSL_DEBUG_MEMORY"); 141 if (p != NULL && strcmp(p, "on") == 0) 142 CRYPTO_set_mem_debug(1); 143 CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); 144 145 if (getenv("OPENSSL_FIPS")) { 146 #ifdef OPENSSL_FIPS 147 if (!FIPS_mode_set(1)) { 148 ERR_print_errors(bio_err); 149 return 1; 150 } 151 #else 152 BIO_printf(bio_err, "FIPS mode not supported.\n"); 153 return 1; 154 #endif 155 } 156 157 if (!apps_startup()) { 158 BIO_printf(bio_err, 159 "FATAL: Startup failure (dev note: apps_startup() failed)\n"); 160 ERR_print_errors(bio_err); 161 ret = 1; 162 goto end; 163 } 164 165 prog = prog_init(); 166 pname = opt_progname(argv[0]); 167 168 /* first check the program name */ 169 f.name = pname; 170 fp = lh_FUNCTION_retrieve(prog, &f); 171 if (fp != NULL) { 172 argv[0] = pname; 173 ret = fp->func(argc, argv); 174 goto end; 175 } 176 177 /* If there is stuff on the command line, run with that. */ 178 if (argc != 1) { 179 argc--; 180 argv++; 181 ret = do_cmd(prog, argc, argv); 182 if (ret < 0) 183 ret = 0; 184 goto end; 185 } 186 187 /* ok, lets enter interactive mode */ 188 for (;;) { 189 ret = 0; 190 /* Read a line, continue reading if line ends with \ */ 191 for (p = buf, n = sizeof(buf), i = 0, first = 1; n > 0; first = 0) { 192 prompt = first ? "OpenSSL> " : "> "; 193 p[0] = '\0'; 194 #ifndef READLINE 195 fputs(prompt, stdout); 196 fflush(stdout); 197 if (!fgets(p, n, stdin)) 198 goto end; 199 if (p[0] == '\0') 200 goto end; 201 i = strlen(p); 202 if (i <= 1) 203 break; 204 if (p[i - 2] != '\\') 205 break; 206 i -= 2; 207 p += i; 208 n -= i; 209 #else 210 { 211 extern char *readline(const char *); 212 extern void add_history(const char *cp); 213 char *text; 214 215 text = readline(prompt); 216 if (text == NULL) 217 goto end; 218 i = strlen(text); 219 if (i == 0 || i > n) 220 break; 221 if (text[i - 1] != '\\') { 222 p += strlen(strcpy(p, text)); 223 free(text); 224 add_history(buf); 225 break; 226 } 227 228 text[i - 1] = '\0'; 229 p += strlen(strcpy(p, text)); 230 free(text); 231 n -= i; 232 } 233 #endif 234 } 235 236 if (!chopup_args(&arg, buf)) { 237 BIO_printf(bio_err, "Can't parse (no memory?)\n"); 238 break; 239 } 240 241 ret = do_cmd(prog, arg.argc, arg.argv); 242 if (ret == EXIT_THE_PROGRAM) { 243 ret = 0; 244 goto end; 245 } 246 if (ret != 0) 247 BIO_printf(bio_err, "error in %s\n", arg.argv[0]); 248 (void)BIO_flush(bio_out); 249 (void)BIO_flush(bio_err); 250 } 251 ret = 1; 252 end: 253 OPENSSL_free(copied_argv); 254 OPENSSL_free(default_config_file); 255 lh_FUNCTION_free(prog); 256 OPENSSL_free(arg.argv); 257 258 BIO_free(bio_in); 259 BIO_free_all(bio_out); 260 apps_shutdown(); 261 #ifndef OPENSSL_NO_CRYPTO_MDEBUG 262 if (CRYPTO_mem_leaks(bio_err) <= 0) 263 ret = 1; 264 #endif 265 BIO_free(bio_err); 266 EXIT(ret); 267 } 268 269 OPTIONS exit_options[] = { 270 {NULL} 271 }; 272 273 static void list_cipher_fn(const EVP_CIPHER *c, 274 const char *from, const char *to, void *arg) 275 { 276 if (c) 277 BIO_printf(arg, "%s\n", EVP_CIPHER_name(c)); 278 else { 279 if (!from) 280 from = "<undefined>"; 281 if (!to) 282 to = "<undefined>"; 283 BIO_printf(arg, "%s => %s\n", from, to); 284 } 285 } 286 287 static void list_md_fn(const EVP_MD *m, 288 const char *from, const char *to, void *arg) 289 { 290 if (m) 291 BIO_printf(arg, "%s\n", EVP_MD_name(m)); 292 else { 293 if (!from) 294 from = "<undefined>"; 295 if (!to) 296 to = "<undefined>"; 297 BIO_printf((BIO *)arg, "%s => %s\n", from, to); 298 } 299 } 300 301 /* Unified enum for help and list commands. */ 302 typedef enum HELPLIST_CHOICE { 303 OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, 304 OPT_COMMANDS, OPT_DIGEST_COMMANDS, 305 OPT_DIGEST_ALGORITHMS, OPT_CIPHER_COMMANDS, OPT_CIPHER_ALGORITHMS, 306 OPT_PK_ALGORITHMS, OPT_DISABLED 307 } HELPLIST_CHOICE; 308 309 OPTIONS list_options[] = { 310 {"help", OPT_HELP, '-', "Display this summary"}, 311 {"commands", OPT_COMMANDS, '-', "List of standard commands"}, 312 {"digest-commands", OPT_DIGEST_COMMANDS, '-', 313 "List of message digest commands"}, 314 {"digest-algorithms", OPT_DIGEST_ALGORITHMS, '-', 315 "List of message digest algorithms"}, 316 {"cipher-commands", OPT_CIPHER_COMMANDS, '-', "List of cipher commands"}, 317 {"cipher-algorithms", OPT_CIPHER_ALGORITHMS, '-', 318 "List of cipher algorithms"}, 319 {"public-key-algorithms", OPT_PK_ALGORITHMS, '-', 320 "List of public key algorithms"}, 321 {"disabled", OPT_DISABLED, '-', 322 "List of disabled features"}, 323 {NULL} 324 }; 325 326 int list_main(int argc, char **argv) 327 { 328 char *prog; 329 HELPLIST_CHOICE o; 330 int done = 0; 331 332 prog = opt_init(argc, argv, list_options); 333 while ((o = opt_next()) != OPT_EOF) { 334 switch (o) { 335 case OPT_EOF: /* Never hit, but suppresses warning */ 336 case OPT_ERR: 337 opthelp: 338 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); 339 return 1; 340 case OPT_HELP: 341 opt_help(list_options); 342 break; 343 case OPT_COMMANDS: 344 list_type(FT_general); 345 break; 346 case OPT_DIGEST_COMMANDS: 347 list_type(FT_md); 348 break; 349 case OPT_DIGEST_ALGORITHMS: 350 EVP_MD_do_all_sorted(list_md_fn, bio_out); 351 break; 352 case OPT_CIPHER_COMMANDS: 353 list_type(FT_cipher); 354 break; 355 case OPT_CIPHER_ALGORITHMS: 356 EVP_CIPHER_do_all_sorted(list_cipher_fn, bio_out); 357 break; 358 case OPT_PK_ALGORITHMS: 359 list_pkey(); 360 break; 361 case OPT_DISABLED: 362 list_disabled(); 363 break; 364 } 365 done = 1; 366 } 367 if (opt_num_rest() != 0) { 368 BIO_printf(bio_err, "Extra arguments given.\n"); 369 goto opthelp; 370 } 371 372 if (!done) 373 goto opthelp; 374 375 return 0; 376 } 377 378 OPTIONS help_options[] = { 379 {"help", OPT_HELP, '-', "Display this summary"}, 380 {NULL} 381 }; 382 383 int help_main(int argc, char **argv) 384 { 385 FUNCTION *fp; 386 int i, nl; 387 FUNC_TYPE tp; 388 char *prog; 389 HELPLIST_CHOICE o; 390 391 prog = opt_init(argc, argv, help_options); 392 while ((o = opt_next()) != OPT_EOF) { 393 switch (o) { 394 default: 395 BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); 396 return 1; 397 case OPT_HELP: 398 opt_help(help_options); 399 return 0; 400 } 401 } 402 403 if (opt_num_rest() != 0) { 404 BIO_printf(bio_err, "Usage: %s\n", prog); 405 return 1; 406 } 407 408 BIO_printf(bio_err, "\nStandard commands"); 409 i = 0; 410 tp = FT_none; 411 for (fp = functions; fp->name != NULL; fp++) { 412 nl = 0; 413 if (((i++) % COLUMNS) == 0) { 414 BIO_printf(bio_err, "\n"); 415 nl = 1; 416 } 417 if (fp->type != tp) { 418 tp = fp->type; 419 if (!nl) 420 BIO_printf(bio_err, "\n"); 421 if (tp == FT_md) { 422 i = 1; 423 BIO_printf(bio_err, 424 "\nMessage Digest commands (see the `dgst' command for more details)\n"); 425 } else if (tp == FT_cipher) { 426 i = 1; 427 BIO_printf(bio_err, 428 "\nCipher commands (see the `enc' command for more details)\n"); 429 } 430 } 431 BIO_printf(bio_err, FORMAT, fp->name); 432 } 433 BIO_printf(bio_err, "\n\n"); 434 return 0; 435 } 436 437 int exit_main(int argc, char **argv) 438 { 439 return EXIT_THE_PROGRAM; 440 } 441 442 static void list_type(FUNC_TYPE ft) 443 { 444 FUNCTION *fp; 445 int i = 0; 446 447 for (fp = functions; fp->name != NULL; fp++) 448 if (fp->type == ft) { 449 if ((i++ % COLUMNS) == 0) 450 BIO_printf(bio_out, "\n"); 451 BIO_printf(bio_out, FORMAT, fp->name); 452 } 453 BIO_printf(bio_out, "\n"); 454 } 455 456 static int do_cmd(LHASH_OF(FUNCTION) *prog, int argc, char *argv[]) 457 { 458 FUNCTION f, *fp; 459 460 if (argc <= 0 || argv[0] == NULL) 461 return (0); 462 f.name = argv[0]; 463 fp = lh_FUNCTION_retrieve(prog, &f); 464 if (fp == NULL) { 465 if (EVP_get_digestbyname(argv[0])) { 466 f.type = FT_md; 467 f.func = dgst_main; 468 fp = &f; 469 } else if (EVP_get_cipherbyname(argv[0])) { 470 f.type = FT_cipher; 471 f.func = enc_main; 472 fp = &f; 473 } 474 } 475 if (fp != NULL) { 476 return (fp->func(argc, argv)); 477 } 478 if ((strncmp(argv[0], "no-", 3)) == 0) { 479 /* 480 * User is asking if foo is unsupported, by trying to "run" the 481 * no-foo command. Strange. 482 */ 483 f.name = argv[0] + 3; 484 if (lh_FUNCTION_retrieve(prog, &f) == NULL) { 485 BIO_printf(bio_out, "%s\n", argv[0]); 486 return (0); 487 } 488 BIO_printf(bio_out, "%s\n", argv[0] + 3); 489 return 1; 490 } 491 if (strcmp(argv[0], "quit") == 0 || strcmp(argv[0], "q") == 0 || 492 strcmp(argv[0], "exit") == 0 || strcmp(argv[0], "bye") == 0) 493 /* Special value to mean "exit the program. */ 494 return EXIT_THE_PROGRAM; 495 496 BIO_printf(bio_err, "Invalid command '%s'; type \"help\" for a list.\n", 497 argv[0]); 498 return (1); 499 } 500 501 static void list_pkey(void) 502 { 503 int i; 504 505 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) { 506 const EVP_PKEY_ASN1_METHOD *ameth; 507 int pkey_id, pkey_base_id, pkey_flags; 508 const char *pinfo, *pem_str; 509 ameth = EVP_PKEY_asn1_get0(i); 510 EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags, 511 &pinfo, &pem_str, ameth); 512 if (pkey_flags & ASN1_PKEY_ALIAS) { 513 BIO_printf(bio_out, "Name: %s\n", OBJ_nid2ln(pkey_id)); 514 BIO_printf(bio_out, "\tAlias for: %s\n", 515 OBJ_nid2ln(pkey_base_id)); 516 } else { 517 BIO_printf(bio_out, "Name: %s\n", pinfo); 518 BIO_printf(bio_out, "\tType: %s Algorithm\n", 519 pkey_flags & ASN1_PKEY_DYNAMIC ? 520 "External" : "Builtin"); 521 BIO_printf(bio_out, "\tOID: %s\n", OBJ_nid2ln(pkey_id)); 522 if (pem_str == NULL) 523 pem_str = "(none)"; 524 BIO_printf(bio_out, "\tPEM string: %s\n", pem_str); 525 } 526 527 } 528 } 529 530 static int function_cmp(const FUNCTION * a, const FUNCTION * b) 531 { 532 return strncmp(a->name, b->name, 8); 533 } 534 535 static unsigned long function_hash(const FUNCTION * a) 536 { 537 return OPENSSL_LH_strhash(a->name); 538 } 539 540 static int SortFnByName(const void *_f1, const void *_f2) 541 { 542 const FUNCTION *f1 = _f1; 543 const FUNCTION *f2 = _f2; 544 545 if (f1->type != f2->type) 546 return f1->type - f2->type; 547 return strcmp(f1->name, f2->name); 548 } 549 550 static void list_disabled(void) 551 { 552 BIO_puts(bio_out, "Disabled algorithms:\n"); 553 #ifdef OPENSSL_NO_BF 554 BIO_puts(bio_out, "BF\n"); 555 #endif 556 #ifdef OPENSSL_NO_BLAKE2 557 BIO_puts(bio_out, "BLAKE2\n"); 558 #endif 559 #ifdef OPENSSL_NO_CAMELLIA 560 BIO_puts(bio_out, "CAMELLIA\n"); 561 #endif 562 #ifdef OPENSSL_NO_CAST 563 BIO_puts(bio_out, "CAST\n"); 564 #endif 565 #ifdef OPENSSL_NO_CMAC 566 BIO_puts(bio_out, "CMAC\n"); 567 #endif 568 #ifdef OPENSSL_NO_CMS 569 BIO_puts(bio_out, "CMS\n"); 570 #endif 571 #ifdef OPENSSL_NO_COMP 572 BIO_puts(bio_out, "COMP\n"); 573 #endif 574 #ifdef OPENSSL_NO_DES 575 BIO_puts(bio_out, "DES\n"); 576 #endif 577 #ifdef OPENSSL_NO_DGRAM 578 BIO_puts(bio_out, "DGRAM\n"); 579 #endif 580 #ifdef OPENSSL_NO_DH 581 BIO_puts(bio_out, "DH\n"); 582 #endif 583 #ifdef OPENSSL_NO_DSA 584 BIO_puts(bio_out, "DSA\n"); 585 #endif 586 #if defined(OPENSSL_NO_DTLS) 587 BIO_puts(bio_out, "DTLS\n"); 588 #endif 589 #if defined(OPENSSL_NO_DTLS1) 590 BIO_puts(bio_out, "DTLS1\n"); 591 #endif 592 #if defined(OPENSSL_NO_DTLS1_2) 593 BIO_puts(bio_out, "DTLS1_2\n"); 594 #endif 595 #ifdef OPENSSL_NO_EC 596 BIO_puts(bio_out, "EC\n"); 597 #endif 598 #ifdef OPENSSL_NO_EC2M 599 BIO_puts(bio_out, "EC2M\n"); 600 #endif 601 #ifdef OPENSSL_NO_ENGINE 602 BIO_puts(bio_out, "ENGINE\n"); 603 #endif 604 #ifdef OPENSSL_NO_GOST 605 BIO_puts(bio_out, "GOST\n"); 606 #endif 607 #ifdef OPENSSL_NO_HEARTBEATS 608 BIO_puts(bio_out, "HEARTBEATS\n"); 609 #endif 610 #ifdef OPENSSL_NO_IDEA 611 BIO_puts(bio_out, "IDEA\n"); 612 #endif 613 #ifdef OPENSSL_NO_MD2 614 BIO_puts(bio_out, "MD2\n"); 615 #endif 616 #ifdef OPENSSL_NO_MD4 617 BIO_puts(bio_out, "MD4\n"); 618 #endif 619 #ifdef OPENSSL_NO_MD5 620 BIO_puts(bio_out, "MD5\n"); 621 #endif 622 #ifdef OPENSSL_NO_MDC2 623 BIO_puts(bio_out, "MDC2\n"); 624 #endif 625 #ifdef OPENSSL_NO_OCB 626 BIO_puts(bio_out, "OCB\n"); 627 #endif 628 #ifdef OPENSSL_NO_OCSP 629 BIO_puts(bio_out, "OCSP\n"); 630 #endif 631 #ifdef OPENSSL_NO_PSK 632 BIO_puts(bio_out, "PSK\n"); 633 #endif 634 #ifdef OPENSSL_NO_RC2 635 BIO_puts(bio_out, "RC2\n"); 636 #endif 637 #ifdef OPENSSL_NO_RC4 638 BIO_puts(bio_out, "RC4\n"); 639 #endif 640 #ifdef OPENSSL_NO_RC5 641 BIO_puts(bio_out, "RC5\n"); 642 #endif 643 #ifdef OPENSSL_NO_RMD160 644 BIO_puts(bio_out, "RMD160\n"); 645 #endif 646 #ifdef OPENSSL_NO_RSA 647 BIO_puts(bio_out, "RSA\n"); 648 #endif 649 #ifdef OPENSSL_NO_SCRYPT 650 BIO_puts(bio_out, "SCRYPT\n"); 651 #endif 652 #ifdef OPENSSL_NO_SCTP 653 BIO_puts(bio_out, "SCTP\n"); 654 #endif 655 #ifdef OPENSSL_NO_SEED 656 BIO_puts(bio_out, "SEED\n"); 657 #endif 658 #ifdef OPENSSL_NO_SOCK 659 BIO_puts(bio_out, "SOCK\n"); 660 #endif 661 #ifdef OPENSSL_NO_SRP 662 BIO_puts(bio_out, "SRP\n"); 663 #endif 664 #ifdef OPENSSL_NO_SRTP 665 BIO_puts(bio_out, "SRTP\n"); 666 #endif 667 #ifdef OPENSSL_NO_SSL3 668 BIO_puts(bio_out, "SSL3\n"); 669 #endif 670 #ifdef OPENSSL_NO_TLS1 671 BIO_puts(bio_out, "TLS1\n"); 672 #endif 673 #ifdef OPENSSL_NO_TLS1_1 674 BIO_puts(bio_out, "TLS1_1\n"); 675 #endif 676 #ifdef OPENSSL_NO_TLS1_2 677 BIO_puts(bio_out, "TLS1_2\n"); 678 #endif 679 #ifdef OPENSSL_NO_WHIRLPOOL 680 BIO_puts(bio_out, "WHIRLPOOL\n"); 681 #endif 682 #ifndef ZLIB 683 BIO_puts(bio_out, "ZLIB\n"); 684 #endif 685 } 686 687 static LHASH_OF(FUNCTION) *prog_init(void) 688 { 689 LHASH_OF(FUNCTION) *ret; 690 FUNCTION *f; 691 size_t i; 692 693 /* Sort alphabetically within category. For nicer help displays. */ 694 for (i = 0, f = functions; f->name != NULL; ++f, ++i) ; 695 qsort(functions, i, sizeof(*functions), SortFnByName); 696 697 if ((ret = lh_FUNCTION_new(function_hash, function_cmp)) == NULL) 698 return (NULL); 699 700 for (f = functions; f->name != NULL; f++) 701 (void)lh_FUNCTION_insert(ret, f); 702 return (ret); 703 } 704