static void
run (void *cls,
char *const *args,
const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *cfg)
{
struct GNUNET_MQ_MessageHandler handlers[] = {
GNUNET_MQ_hd_fixed_size (test,
MTYPE,
struct GNUNET_MessageHeader,
NULL),
GNUNET_MQ_handler_end ()
};
GNUNET_assert (ok == 1);
OKPP;
setup_peer (&p1,
"test_core_api_peer1.conf");
setup_peer (&p2,
"test_core_api_peer2.conf");
err_task =
GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply
(GNUNET_TIME_UNIT_SECONDS, 300),
&terminate_task_error, NULL);
p1.ch =
GNUNET_CORE_connect (p1.cfg,
&p1,
&init_notify,
&connect_notify,
&disconnect_notify,
handlers);
}
static void
run (void *cls,
char *const *args,
const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *cfg)
{
struct GNUNET_MQ_MessageHandler handlers[] = {
GNUNET_MQ_hd_fixed_size (test,
MTYPE,
struct TestMessage,
NULL),
GNUNET_MQ_handler_end ()
};
GNUNET_assert (ok == 1);
OKPP;
setup_peer (&p1,
"test_core_api_peer1.conf");
setup_peer (&p2,
"test_core_api_peer2.conf");
err_task =
GNUNET_SCHEDULER_add_delayed (TIMEOUT,
&terminate_task_error,
NULL);
GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
NULL);
GNUNET_assert (NULL !=
(p1.ch = GNUNET_CORE_connect (p1.cfg,
&p1,
&init_notify,
&connect_notify,
&disconnect_notify,
handlers)));
}
static void
run (void *cls, char *const *args, const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *cfg)
{
GNUNET_assert (ok == 1);
ok++;
timeout_task = GNUNET_SCHEDULER_add_delayed (TIMEOUT, &timeout_error, NULL);
GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &shutdown_task,
NULL);
setup_peer (&p1, "test_gnunet_daemon_hostlist_peer1.conf");
setup_peer (&p2, "test_gnunet_daemon_hostlist_peer2.conf");
}
bool RtpSession::setup( uint16_t base_port, const char* cname,
const char* peer_addr, uint16_t peer_port,
uint8_t payload_type, uint32_t rtp_clock )
{
if ( rtp_clock == 0 ) {
printf("RtpSession: RTPClock is 0.. aborting..\n");
return false;
}
m_payload_type = payload_type;
m_rtp_clock = rtp_clock;
m_ssrc = (uint32_t)my_random();
m_base_timestamp = (uint32_t)my_random();
m_base_seq = (uint16_t)my_random();
m_last_timestamp = m_base_timestamp;
m_prev_timestamp = m_base_timestamp;
m_seq = m_base_seq;
if ( ! create_sockets( base_port ) ) {
printf("RtpSession: cannot create socket pairs\n");
return false;
}
if ( ! setup_peer( peer_addr, peer_port ) ) {
printf("RtpSession: cannot setup pear host\n");
return false;
}
set_cname( cname );
return true;
}
static void
run (void *cls, char *const *args, const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *cfg)
{
GNUNET_assert (ok == 1);
OKPP;
setup_peer (&p1, "test_core_api_peer1.conf");
setup_peer (&p2, "test_core_api_peer2.conf");
timeout_task_id =
GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply
(GNUNET_TIME_UNIT_MINUTES, TIMEOUT),
&timeout_task, NULL);
p1.ch =
GNUNET_CORE_connect (p1.cfg, &p1, &init_notify, &connect_notify,
&disconnect_notify, &inbound_notify, GNUNET_YES,
&outbound_notify, GNUNET_YES, handlers);
}
static void
run (void *cls, char *const *args, const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *cfg)
{
struct GNUNET_FS_Handle *fs;
setup_peer (&p1, "test_fs_data.conf");
fs = GNUNET_FS_start (cfg, "test-fs-start-stop", &progress_cb, NULL,
GNUNET_FS_FLAGS_NONE, GNUNET_FS_OPTIONS_END);
GNUNET_assert (NULL != fs);
GNUNET_FS_stop (fs);
}
static void
run (void *cls, char *const *args, const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *c)
{
const char *keywords[] = {
"down_foo",
"down_bar",
};
char *buf;
struct GNUNET_CONTAINER_MetaData *meta;
struct GNUNET_FS_Uri *kuri;
struct GNUNET_FS_FileInformation *fi;
size_t i;
struct GNUNET_FS_BlockOptions bo;
cfg = c;
setup_peer (&p1, "test_fs_unindex_data.conf");
fn = GNUNET_DISK_mktemp ("gnunet-unindex-test-dst");
fs = GNUNET_FS_start (cfg, "test-fs-unindex-persistence", &progress_cb, NULL,
GNUNET_FS_FLAGS_PERSISTENCE, GNUNET_FS_OPTIONS_END);
GNUNET_assert (NULL != fs);
buf = GNUNET_malloc (FILESIZE);
for (i = 0; i < FILESIZE; i++)
buf[i] = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, 256);
GNUNET_assert (FILESIZE ==
GNUNET_DISK_fn_write (fn, buf, FILESIZE,
GNUNET_DISK_PERM_USER_READ |
GNUNET_DISK_PERM_USER_WRITE));
GNUNET_free (buf);
meta = GNUNET_CONTAINER_meta_data_create ();
kuri = GNUNET_FS_uri_ksk_create_from_args (2, keywords);
bo.content_priority = 42;
bo.anonymity_level = 1;
bo.replication_level = 0;
bo.expiration_time = GNUNET_TIME_relative_to_absolute (LIFETIME);
fi = GNUNET_FS_file_information_create_from_file (fs, "publish-context", fn,
kuri, meta, GNUNET_YES,
&bo);
GNUNET_FS_uri_destroy (kuri);
GNUNET_CONTAINER_meta_data_destroy (meta);
GNUNET_assert (NULL != fi);
start = GNUNET_TIME_absolute_get ();
publish =
GNUNET_FS_publish_start (fs, fi, NULL, NULL, NULL,
GNUNET_FS_PUBLISH_OPTION_NONE);
GNUNET_assert (publish != NULL);
}
static void
run (void *cls, char *const *args, const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *cfg)
{
const char *keywords[] = {
"down_foo",
"down_bar"
};
char *buf;
struct GNUNET_CONTAINER_MetaData *meta;
struct GNUNET_FS_Uri *kuri;
struct GNUNET_FS_BlockOptions bo;
struct GNUNET_FS_FileInformation *fi;
size_t i;
setup_peer (&p1, "test_fs_search_data.conf");
fs = GNUNET_FS_start (cfg, "test-fs-search", &progress_cb, NULL,
GNUNET_FS_FLAGS_NONE, GNUNET_FS_OPTIONS_END);
GNUNET_assert (NULL != fs);
buf = GNUNET_malloc (FILESIZE);
for (i = 0; i < FILESIZE; i++)
buf[i] = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, 256);
meta = GNUNET_CONTAINER_meta_data_create ();
kuri = GNUNET_FS_uri_ksk_create_from_args (2, keywords);
bo.content_priority = 42;
bo.anonymity_level = 1;
bo.replication_level = 0;
bo.expiration_time = GNUNET_TIME_relative_to_absolute (LIFETIME);
fi = GNUNET_FS_file_information_create_from_data (fs, "publish-context",
FILESIZE, buf, kuri, meta,
GNUNET_NO, &bo);
GNUNET_FS_uri_destroy (kuri);
GNUNET_CONTAINER_meta_data_destroy (meta);
GNUNET_assert (NULL != fi);
start = GNUNET_TIME_absolute_get ();
publish =
GNUNET_FS_publish_start (fs, fi, NULL, NULL, NULL,
GNUNET_FS_PUBLISH_OPTION_NONE);
GNUNET_assert (publish != NULL);
}
static void
run (void *cls, char *const *args, const char *cfgfile,
const struct GNUNET_CONFIGURATION_Handle *cfg)
{
GNUNET_assert (ok == 1);
OKPP;
err_task =
GNUNET_SCHEDULER_add_delayed (TIMEOUT, &terminate_task_error, NULL);
if (test == SYMMETRIC)
{
setup_peer (&p1, "test_core_quota_peer1.conf");
setup_peer (&p2, "test_core_quota_peer2.conf");
}
else if (test == ASYMMETRIC_SEND_LIMITED)
{
setup_peer (&p1, "test_core_quota_asymmetric_send_limit_peer1.conf");
setup_peer (&p2, "test_core_quota_asymmetric_send_limit_peer2.conf");
}
else if (test == ASYMMETRIC_RECV_LIMITED)
{
setup_peer (&p1, "test_core_quota_asymmetric_recv_limited_peer1.conf");
setup_peer (&p2, "test_core_quota_asymmetric_recv_limited_peer2.conf");
}
GNUNET_assert (test != -1);
GNUNET_assert (GNUNET_SYSERR !=
GNUNET_CONFIGURATION_get_value_size (p1.cfg, "ATS",
"WAN_QUOTA_IN",
¤t_quota_p1_in));
GNUNET_assert (GNUNET_SYSERR !=
GNUNET_CONFIGURATION_get_value_size (p2.cfg, "ATS",
"WAN_QUOTA_IN",
¤t_quota_p2_in));
GNUNET_assert (GNUNET_SYSERR !=
GNUNET_CONFIGURATION_get_value_size (p1.cfg, "ATS",
"WAN_QUOTA_OUT",
¤t_quota_p1_out));
GNUNET_assert (GNUNET_SYSERR !=
GNUNET_CONFIGURATION_get_value_size (p2.cfg, "ATS",
"WAN_QUOTA_OUT",
¤t_quota_p2_out));
p1.ch =
GNUNET_CORE_connect (p1.cfg, &p1, &init_notify, &connect_notify,
&disconnect_notify, &inbound_notify, GNUNET_YES,
&outbound_notify, GNUNET_YES, handlers);
}
int
pkeyutl_main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL;
char *infile = NULL, *outfile = NULL, *sigfile = NULL;
int pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM, peerform = FORMAT_PEM;
char badarg = 0, rev = 0;
char hexdump = 0, asn1parse = 0;
EVP_PKEY_CTX *ctx = NULL;
char *passargin = NULL;
int keysize = -1;
unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
size_t buf_outlen = 0;
int buf_inlen = 0, siglen = -1;
int ret = 1, rv = -1;
if (single_execution) {
if (pledge("stdio cpath wpath rpath tty", NULL) == -1) {
perror("pledge");
exit(1);
}
}
argc--;
argv++;
while (argc >= 1) {
if (!strcmp(*argv, "-in")) {
if (--argc < 1)
badarg = 1;
else
infile = *(++argv);
} else if (!strcmp(*argv, "-out")) {
if (--argc < 1)
badarg = 1;
else
outfile = *(++argv);
} else if (!strcmp(*argv, "-sigfile")) {
if (--argc < 1)
badarg = 1;
else
sigfile = *(++argv);
} else if (!strcmp(*argv, "-inkey")) {
if (--argc < 1)
badarg = 1;
else {
ctx = init_ctx(&keysize,
*(++argv), keyform, key_type,
passargin, pkey_op);
if (!ctx) {
BIO_puts(bio_err,
"Error initializing context\n");
ERR_print_errors(bio_err);
badarg = 1;
}
}
} else if (!strcmp(*argv, "-peerkey")) {
if (--argc < 1)
badarg = 1;
else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
badarg = 1;
} else if (!strcmp(*argv, "-passin")) {
if (--argc < 1)
badarg = 1;
else
passargin = *(++argv);
} else if (strcmp(*argv, "-peerform") == 0) {
if (--argc < 1)
badarg = 1;
else
peerform = str2fmt(*(++argv));
} else if (strcmp(*argv, "-keyform") == 0) {
if (--argc < 1)
badarg = 1;
else
keyform = str2fmt(*(++argv));
}
else if (!strcmp(*argv, "-pubin"))
key_type = KEY_PUBKEY;
else if (!strcmp(*argv, "-certin"))
key_type = KEY_CERT;
else if (!strcmp(*argv, "-asn1parse"))
asn1parse = 1;
else if (!strcmp(*argv, "-hexdump"))
hexdump = 1;
else if (!strcmp(*argv, "-sign"))
pkey_op = EVP_PKEY_OP_SIGN;
else if (!strcmp(*argv, "-verify"))
pkey_op = EVP_PKEY_OP_VERIFY;
else if (!strcmp(*argv, "-verifyrecover"))
pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
else if (!strcmp(*argv, "-rev"))
rev = 1;
else if (!strcmp(*argv, "-encrypt"))
pkey_op = EVP_PKEY_OP_ENCRYPT;
else if (!strcmp(*argv, "-decrypt"))
pkey_op = EVP_PKEY_OP_DECRYPT;
else if (!strcmp(*argv, "-derive"))
pkey_op = EVP_PKEY_OP_DERIVE;
else if (strcmp(*argv, "-pkeyopt") == 0) {
if (--argc < 1)
badarg = 1;
else if (!ctx) {
BIO_puts(bio_err,
"-pkeyopt command before -inkey\n");
badarg = 1;
} else if (pkey_ctrl_string(ctx, *(++argv)) <= 0) {
BIO_puts(bio_err, "parameter setting error\n");
ERR_print_errors(bio_err);
goto end;
}
} else
badarg = 1;
if (badarg) {
usage();
goto end;
}
argc--;
argv++;
}
if (!ctx) {
usage();
goto end;
}
if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) {
BIO_puts(bio_err, "Signature file specified for non verify\n");
goto end;
}
if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY)) {
BIO_puts(bio_err, "No signature file specified for verify\n");
goto end;
}
if (pkey_op != EVP_PKEY_OP_DERIVE) {
if (infile) {
if (!(in = BIO_new_file(infile, "rb"))) {
BIO_puts(bio_err,
"Error Opening Input File\n");
ERR_print_errors(bio_err);
goto end;
}
} else
in = BIO_new_fp(stdin, BIO_NOCLOSE);
}
if (outfile) {
if (!(out = BIO_new_file(outfile, "wb"))) {
BIO_printf(bio_err, "Error Creating Output File\n");
ERR_print_errors(bio_err);
goto end;
}
} else {
out = BIO_new_fp(stdout, BIO_NOCLOSE);
}
if (sigfile) {
BIO *sigbio = BIO_new_file(sigfile, "rb");
if (!sigbio) {
BIO_printf(bio_err, "Can't open signature file %s\n",
sigfile);
goto end;
}
siglen = bio_to_mem(&sig, keysize * 10, sigbio);
BIO_free(sigbio);
if (siglen <= 0) {
BIO_printf(bio_err, "Error reading signature data\n");
goto end;
}
}
if (in) {
/* Read the input data */
buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
if (buf_inlen <= 0) {
BIO_printf(bio_err, "Error reading input Data\n");
exit(1);
}
if (rev) {
size_t i;
unsigned char ctmp;
size_t l = (size_t) buf_inlen;
for (i = 0; i < l / 2; i++) {
ctmp = buf_in[i];
buf_in[i] = buf_in[l - 1 - i];
buf_in[l - 1 - i] = ctmp;
}
}
}
if (pkey_op == EVP_PKEY_OP_VERIFY) {
rv = EVP_PKEY_verify(ctx, sig, (size_t) siglen,
buf_in, (size_t) buf_inlen);
if (rv == 1) {
BIO_puts(out, "Signature Verified Successfully\n");
ret = 0;
} else
BIO_puts(out, "Signature Verification Failure\n");
if (rv >= 0)
goto end;
} else {
rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
buf_in, (size_t) buf_inlen);
if (rv > 0) {
buf_out = malloc(buf_outlen);
if (!buf_out)
rv = -1;
else
rv = do_keyop(ctx, pkey_op,
buf_out, (size_t *) & buf_outlen,
buf_in, (size_t) buf_inlen);
}
}
if (rv <= 0) {
BIO_printf(bio_err, "Public Key operation error\n");
ERR_print_errors(bio_err);
goto end;
}
ret = 0;
if (asn1parse) {
if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
ERR_print_errors(bio_err);
} else if (hexdump)
BIO_dump(out, (char *) buf_out, buf_outlen);
else
BIO_write(out, buf_out, buf_outlen);
end:
EVP_PKEY_CTX_free(ctx);
BIO_free(in);
BIO_free_all(out);
free(buf_in);
free(buf_out);
free(sig);
return ret;
}
int pkeyutl_main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL;
ENGINE *e = NULL;
EVP_PKEY_CTX *ctx = NULL;
char *infile = NULL, *outfile = NULL, *sigfile = NULL, *passinarg = NULL;
char hexdump = 0, asn1parse = 0, rev = 0, *prog;
unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
OPTION_CHOICE o;
int buf_inlen = 0, siglen = -1, keyform = FORMAT_PEM, peerform =
FORMAT_PEM;
int keysize = -1, pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
int engine_impl = 0;
int ret = 1, rv = -1;
size_t buf_outlen;
const char *inkey = NULL;
const char *peerkey = NULL;
STACK_OF(OPENSSL_STRING) *pkeyopts = NULL;
prog = opt_init(argc, argv, pkeyutl_options);
while ((o = opt_next()) != OPT_EOF) {
switch (o) {
case OPT_EOF:
case OPT_ERR:
opthelp:
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
goto end;
case OPT_HELP:
opt_help(pkeyutl_options);
ret = 0;
goto end;
case OPT_IN:
infile = opt_arg();
break;
case OPT_OUT:
outfile = opt_arg();
break;
case OPT_SIGFILE:
sigfile = opt_arg();
break;
case OPT_ENGINE_IMPL:
engine_impl = 1;
break;
case OPT_INKEY:
inkey = opt_arg();
break;
case OPT_PEERKEY:
peerkey = opt_arg();
break;
case OPT_PASSIN:
passinarg = opt_arg();
break;
case OPT_PEERFORM:
if (!opt_format(opt_arg(), OPT_FMT_PDE, &peerform))
goto opthelp;
break;
case OPT_KEYFORM:
if (!opt_format(opt_arg(), OPT_FMT_PDE, &keyform))
goto opthelp;
break;
case OPT_ENGINE:
e = setup_engine(opt_arg(), 0);
break;
case OPT_PUBIN:
key_type = KEY_PUBKEY;
break;
case OPT_CERTIN:
key_type = KEY_CERT;
break;
case OPT_ASN1PARSE:
asn1parse = 1;
break;
case OPT_HEXDUMP:
hexdump = 1;
break;
case OPT_SIGN:
pkey_op = EVP_PKEY_OP_SIGN;
break;
case OPT_VERIFY:
pkey_op = EVP_PKEY_OP_VERIFY;
break;
case OPT_VERIFYRECOVER:
pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
break;
case OPT_ENCRYPT:
pkey_op = EVP_PKEY_OP_ENCRYPT;
break;
case OPT_DECRYPT:
pkey_op = EVP_PKEY_OP_DECRYPT;
break;
case OPT_DERIVE:
pkey_op = EVP_PKEY_OP_DERIVE;
break;
case OPT_REV:
rev = 1;
break;
case OPT_PKEYOPT:
if ((pkeyopts == NULL &&
(pkeyopts = sk_OPENSSL_STRING_new_null()) == NULL) ||
sk_OPENSSL_STRING_push(pkeyopts, *++argv) == 0) {
BIO_puts(bio_err, "out of memory\n");
goto end;
}
break;
}
}
argc = opt_num_rest();
if (argc != 0)
goto opthelp;
if (inkey == NULL ||
(peerkey != NULL && pkey_op != EVP_PKEY_OP_DERIVE))
goto opthelp;
ctx = init_ctx(&keysize, inkey, keyform, key_type,
passinarg, pkey_op, e, engine_impl);
if (ctx == NULL) {
BIO_printf(bio_err, "%s: Error initializing context\n", prog);
ERR_print_errors(bio_err);
goto end;
}
if (peerkey != NULL && !setup_peer(ctx, peerform, peerkey, e)) {
BIO_printf(bio_err, "%s: Error setting up peer key\n", prog);
ERR_print_errors(bio_err);
goto end;
}
if (pkeyopts != NULL) {
int num = sk_OPENSSL_STRING_num(pkeyopts);
int i;
for (i = 0; i < num; ++i) {
const char *opt = sk_OPENSSL_STRING_value(pkeyopts, i);
if (pkey_ctrl_string(ctx, opt) <= 0) {
BIO_printf(bio_err, "%s: Can't set parameter:\n", prog);
ERR_print_errors(bio_err);
goto end;
}
}
}
if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY)) {
BIO_printf(bio_err,
"%s: Signature file specified for non verify\n", prog);
goto end;
}
if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY)) {
BIO_printf(bio_err,
"%s: No signature file specified for verify\n", prog);
goto end;
}
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, 0);
if (pkey_op != EVP_PKEY_OP_DERIVE) {
in = bio_open_default(infile, 'r', FORMAT_BINARY);
if (in == NULL)
goto end;
}
out = bio_open_default(outfile, 'w', FORMAT_BINARY);
if (out == NULL)
goto end;
if (sigfile) {
BIO *sigbio = BIO_new_file(sigfile, "rb");
if (!sigbio) {
BIO_printf(bio_err, "Can't open signature file %s\n", sigfile);
goto end;
}
siglen = bio_to_mem(&sig, keysize * 10, sigbio);
BIO_free(sigbio);
if (siglen < 0) {
BIO_printf(bio_err, "Error reading signature data\n");
goto end;
}
}
if (in) {
/* Read the input data */
buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
if (buf_inlen < 0) {
BIO_printf(bio_err, "Error reading input Data\n");
exit(1);
}
if (rev) {
size_t i;
unsigned char ctmp;
size_t l = (size_t)buf_inlen;
for (i = 0; i < l / 2; i++) {
ctmp = buf_in[i];
buf_in[i] = buf_in[l - 1 - i];
buf_in[l - 1 - i] = ctmp;
}
}
}
if (pkey_op == EVP_PKEY_OP_VERIFY) {
rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
buf_in, (size_t)buf_inlen);
if (rv == 1) {
BIO_puts(out, "Signature Verified Successfully\n");
ret = 0;
} else
BIO_puts(out, "Signature Verification Failure\n");
goto end;
}
rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
buf_in, (size_t)buf_inlen);
if (rv > 0 && buf_outlen != 0) {
buf_out = app_malloc(buf_outlen, "buffer output");
rv = do_keyop(ctx, pkey_op,
buf_out, (size_t *)&buf_outlen,
buf_in, (size_t)buf_inlen);
}
if (rv < 0) {
ERR_print_errors(bio_err);
goto end;
}
ret = 0;
if (asn1parse) {
if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
ERR_print_errors(bio_err);
} else if (hexdump)
BIO_dump(out, (char *)buf_out, buf_outlen);
else
BIO_write(out, buf_out, buf_outlen);
end:
EVP_PKEY_CTX_free(ctx);
BIO_free(in);
BIO_free_all(out);
OPENSSL_free(buf_in);
OPENSSL_free(buf_out);
OPENSSL_free(sig);
sk_OPENSSL_STRING_free(pkeyopts);
return ret;
}
int pkeyutl_main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL;
ENGINE *e = NULL;
EVP_PKEY_CTX *ctx = NULL;
EVP_PKEY *pkey = NULL;
char *infile = NULL, *outfile = NULL, *sigfile = NULL, *passinarg = NULL;
char hexdump = 0, asn1parse = 0, rev = 0, *prog;
unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
OPTION_CHOICE o;
int buf_inlen = 0, siglen = -1, keyform = FORMAT_PEM, peerform = FORMAT_PEM;
int keysize = -1, pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
int engine_impl = 0;
int ret = 1, rv = -1;
size_t buf_outlen;
const char *inkey = NULL;
const char *peerkey = NULL;
const char *kdfalg = NULL;
int kdflen = 0;
STACK_OF(OPENSSL_STRING) *pkeyopts = NULL;
STACK_OF(OPENSSL_STRING) *pkeyopts_passin = NULL;
int rawin = 0;
const EVP_MD *md = NULL;
prog = opt_init(argc, argv, pkeyutl_options);
while ((o = opt_next()) != OPT_EOF) {
switch (o) {
case OPT_EOF:
case OPT_ERR:
opthelp:
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
goto end;
case OPT_HELP:
opt_help(pkeyutl_options);
ret = 0;
goto end;
case OPT_IN:
infile = opt_arg();
break;
case OPT_OUT:
outfile = opt_arg();
break;
case OPT_SIGFILE:
sigfile = opt_arg();
break;
case OPT_ENGINE_IMPL:
engine_impl = 1;
break;
case OPT_INKEY:
inkey = opt_arg();
break;
case OPT_PEERKEY:
peerkey = opt_arg();
break;
case OPT_PASSIN:
passinarg = opt_arg();
break;
case OPT_PEERFORM:
if (!opt_format(opt_arg(), OPT_FMT_PDE, &peerform))
goto opthelp;
break;
case OPT_KEYFORM:
if (!opt_format(opt_arg(), OPT_FMT_PDE, &keyform))
goto opthelp;
break;
case OPT_R_CASES:
if (!opt_rand(o))
goto end;
break;
case OPT_ENGINE:
e = setup_engine(opt_arg(), 0);
break;
case OPT_PUBIN:
key_type = KEY_PUBKEY;
break;
case OPT_CERTIN:
key_type = KEY_CERT;
break;
case OPT_ASN1PARSE:
asn1parse = 1;
break;
case OPT_HEXDUMP:
hexdump = 1;
break;
case OPT_SIGN:
pkey_op = EVP_PKEY_OP_SIGN;
break;
case OPT_VERIFY:
pkey_op = EVP_PKEY_OP_VERIFY;
break;
case OPT_VERIFYRECOVER:
pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
break;
case OPT_ENCRYPT:
pkey_op = EVP_PKEY_OP_ENCRYPT;
break;
case OPT_DECRYPT:
pkey_op = EVP_PKEY_OP_DECRYPT;
break;
case OPT_DERIVE:
pkey_op = EVP_PKEY_OP_DERIVE;
break;
case OPT_KDF:
pkey_op = EVP_PKEY_OP_DERIVE;
key_type = KEY_NONE;
kdfalg = opt_arg();
break;
case OPT_KDFLEN:
kdflen = atoi(opt_arg());
break;
case OPT_REV:
rev = 1;
break;
case OPT_PKEYOPT:
if ((pkeyopts == NULL &&
(pkeyopts = sk_OPENSSL_STRING_new_null()) == NULL) ||
sk_OPENSSL_STRING_push(pkeyopts, opt_arg()) == 0) {
BIO_puts(bio_err, "out of memory\n");
goto end;
}
break;
case OPT_PKEYOPT_PASSIN:
if ((pkeyopts_passin == NULL &&
(pkeyopts_passin = sk_OPENSSL_STRING_new_null()) == NULL) ||
sk_OPENSSL_STRING_push(pkeyopts_passin, opt_arg()) == 0) {
BIO_puts(bio_err, "out of memory\n");
goto end;
}
break;
case OPT_RAWIN:
rawin = 1;
break;
case OPT_DIGEST:
if (!opt_md(opt_arg(), &md))
goto end;
break;
}
}
argc = opt_num_rest();
if (argc != 0)
goto opthelp;
if (rawin && pkey_op != EVP_PKEY_OP_SIGN && pkey_op != EVP_PKEY_OP_VERIFY) {
BIO_printf(bio_err,
"%s: -rawin can only be used with -sign or -verify\n",
prog);
goto opthelp;
}
if (md != NULL && !rawin) {
BIO_printf(bio_err,
"%s: -digest can only be used with -rawin\n",
prog);
goto opthelp;
}
if (rawin && rev) {
BIO_printf(bio_err, "%s: -rev cannot be used with raw input\n",
prog);
goto opthelp;
}
if (kdfalg != NULL) {
if (kdflen == 0) {
BIO_printf(bio_err,
"%s: no KDF length given (-kdflen parameter).\n", prog);
goto opthelp;
}
} else if (inkey == NULL) {
BIO_printf(bio_err,
"%s: no private key given (-inkey parameter).\n", prog);
goto opthelp;
} else if (peerkey != NULL && pkey_op != EVP_PKEY_OP_DERIVE) {
BIO_printf(bio_err,
"%s: no peer key given (-peerkey parameter).\n", prog);
goto opthelp;
}
ctx = init_ctx(kdfalg, &keysize, inkey, keyform, key_type,
passinarg, pkey_op, e, engine_impl, &pkey);
if (ctx == NULL) {
BIO_printf(bio_err, "%s: Error initializing context\n", prog);
ERR_print_errors(bio_err);
goto end;
}
if (peerkey != NULL && !setup_peer(ctx, peerform, peerkey, e)) {
BIO_printf(bio_err, "%s: Error setting up peer key\n", prog);
ERR_print_errors(bio_err);
goto end;
}
if (pkeyopts != NULL) {
int num = sk_OPENSSL_STRING_num(pkeyopts);
int i;
for (i = 0; i < num; ++i) {
const char *opt = sk_OPENSSL_STRING_value(pkeyopts, i);
if (pkey_ctrl_string(ctx, opt) <= 0) {
BIO_printf(bio_err, "%s: Can't set parameter \"%s\":\n",
prog, opt);
ERR_print_errors(bio_err);
goto end;
}
}
}
if (pkeyopts_passin != NULL) {
int num = sk_OPENSSL_STRING_num(pkeyopts_passin);
int i;
for (i = 0; i < num; i++) {
char *opt = sk_OPENSSL_STRING_value(pkeyopts_passin, i);
char *passin = strchr(opt, ':');
char *passwd;
if (passin == NULL) {
/* Get password interactively */
char passwd_buf[4096];
BIO_snprintf(passwd_buf, sizeof(passwd_buf), "Enter %s: ", opt);
EVP_read_pw_string(passwd_buf, sizeof(passwd_buf) - 1,
passwd_buf, 0);
passwd = OPENSSL_strdup(passwd_buf);
if (passwd == NULL) {
BIO_puts(bio_err, "out of memory\n");
goto end;
}
} else {
/* Get password as a passin argument: First split option name
* and passphrase argument into two strings */
*passin = 0;
passin++;
if (app_passwd(passin, NULL, &passwd, NULL) == 0) {
BIO_printf(bio_err, "failed to get '%s'\n", opt);
goto end;
}
}
if (EVP_PKEY_CTX_ctrl_str(ctx, opt, passwd) <= 0) {
BIO_printf(bio_err, "%s: Can't set parameter \"%s\":\n",
prog, opt);
goto end;
}
OPENSSL_free(passwd);
}
}
if (sigfile != NULL && (pkey_op != EVP_PKEY_OP_VERIFY)) {
BIO_printf(bio_err,
"%s: Signature file specified for non verify\n", prog);
goto end;
}
if (sigfile == NULL && (pkey_op == EVP_PKEY_OP_VERIFY)) {
BIO_printf(bio_err,
"%s: No signature file specified for verify\n", prog);
goto end;
}
if (pkey_op != EVP_PKEY_OP_DERIVE) {
in = bio_open_default(infile, 'r', FORMAT_BINARY);
if (in == NULL)
goto end;
}
out = bio_open_default(outfile, 'w', FORMAT_BINARY);
if (out == NULL)
goto end;
if (sigfile != NULL) {
BIO *sigbio = BIO_new_file(sigfile, "rb");
if (sigbio == NULL) {
BIO_printf(bio_err, "Can't open signature file %s\n", sigfile);
goto end;
}
siglen = bio_to_mem(&sig, keysize * 10, sigbio);
BIO_free(sigbio);
if (siglen < 0) {
BIO_printf(bio_err, "Error reading signature data\n");
goto end;
}
}
/* Raw input data is handled elsewhere */
if (in != NULL && !rawin) {
/* Read the input data */
buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
if (buf_inlen < 0) {
BIO_printf(bio_err, "Error reading input Data\n");
goto end;
}
if (rev) {
size_t i;
unsigned char ctmp;
size_t l = (size_t)buf_inlen;
for (i = 0; i < l / 2; i++) {
ctmp = buf_in[i];
buf_in[i] = buf_in[l - 1 - i];
buf_in[l - 1 - i] = ctmp;
}
}
}
/* Sanity check the input if the input is not raw */
if (!rawin
&& buf_inlen > EVP_MAX_MD_SIZE
&& (pkey_op == EVP_PKEY_OP_SIGN
|| pkey_op == EVP_PKEY_OP_VERIFY
|| pkey_op == EVP_PKEY_OP_VERIFYRECOVER)) {
BIO_printf(bio_err,
"Error: The input data looks too long to be a hash\n");
goto end;
}
if (pkey_op == EVP_PKEY_OP_VERIFY) {
if (rawin) {
rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, sig, siglen,
NULL, 0);
} else {
rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
buf_in, (size_t)buf_inlen);
}
if (rv == 1) {
BIO_puts(out, "Signature Verified Successfully\n");
ret = 0;
} else {
BIO_puts(out, "Signature Verification Failure\n");
}
goto end;
}
if (kdflen != 0) {
buf_outlen = kdflen;
rv = 1;
} else {
if (rawin) {
/* rawin allocates the buffer in do_raw_keyop() */
rv = do_raw_keyop(pkey_op, ctx, md, pkey, in, NULL, 0,
&buf_out, (size_t *)&buf_outlen);
} else {
rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
buf_in, (size_t)buf_inlen);
if (rv > 0 && buf_outlen != 0) {
buf_out = app_malloc(buf_outlen, "buffer output");
rv = do_keyop(ctx, pkey_op,
buf_out, (size_t *)&buf_outlen,
buf_in, (size_t)buf_inlen);
}
}
}
if (rv <= 0) {
if (pkey_op != EVP_PKEY_OP_DERIVE) {
BIO_puts(bio_err, "Public Key operation error\n");
} else {
BIO_puts(bio_err, "Key derivation failed\n");
}
ERR_print_errors(bio_err);
goto end;
}
ret = 0;
if (asn1parse) {
if (!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
ERR_print_errors(bio_err);
} else if (hexdump) {
BIO_dump(out, (char *)buf_out, buf_outlen);
} else {
BIO_write(out, buf_out, buf_outlen);
}
end:
EVP_PKEY_CTX_free(ctx);
release_engine(e);
BIO_free(in);
BIO_free_all(out);
OPENSSL_free(buf_in);
OPENSSL_free(buf_out);
OPENSSL_free(sig);
sk_OPENSSL_STRING_free(pkeyopts);
sk_OPENSSL_STRING_free(pkeyopts_passin);
return ret;
}
int MAIN(int argc, char **argv)
{
BIO *in = NULL, *out = NULL;
char *infile = NULL, *outfile = NULL, *sigfile = NULL;
ENGINE *e = NULL;
int pkey_op = EVP_PKEY_OP_SIGN, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM, peerform = FORMAT_PEM;
char badarg = 0, rev = 0;
char hexdump = 0, asn1parse = 0;
EVP_PKEY_CTX *ctx = NULL;
char *passargin = NULL;
int keysize = -1;
unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL;
size_t buf_outlen;
int buf_inlen = 0, siglen = -1;
int ret = 1, rv = -1;
argc--;
argv++;
if(!bio_err) bio_err = BIO_new_fp(OPENSSL_TYPE__FILE_STDERR, BIO_NOCLOSE);
if (!load_config(bio_err, NULL))
goto end;
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
while(argc >= 1)
{
if (!TINYCLR_SSL_STRCMP(*argv,"-in"))
{
if (--argc < 1) badarg = 1;
else infile= *(++argv);
}
else if (!TINYCLR_SSL_STRCMP(*argv,"-out"))
{
if (--argc < 1) badarg = 1;
else outfile= *(++argv);
}
else if (!TINYCLR_SSL_STRCMP(*argv,"-sigfile"))
{
if (--argc < 1) badarg = 1;
else sigfile= *(++argv);
}
else if(!TINYCLR_SSL_STRCMP(*argv, "-inkey"))
{
if (--argc < 1)
badarg = 1;
else
{
ctx = init_ctx(&keysize,
*(++argv), keyform, key_type,
passargin, pkey_op, e);
if (!ctx)
{
BIO_puts(bio_err,
"Error initializing context\n");
ERR_print_errors(bio_err);
badarg = 1;
}
}
}
else if (!TINYCLR_SSL_STRCMP(*argv,"-peerkey"))
{
if (--argc < 1)
badarg = 1;
else if (!setup_peer(bio_err, ctx, peerform, *(++argv)))
badarg = 1;
}
else if (!TINYCLR_SSL_STRCMP(*argv,"-passin"))
{
if (--argc < 1) badarg = 1;
else passargin= *(++argv);
}
else if (TINYCLR_SSL_STRCMP(*argv,"-peerform") == 0)
{
if (--argc < 1) badarg = 1;
else peerform=str2fmt(*(++argv));
}
else if (TINYCLR_SSL_STRCMP(*argv,"-keyform") == 0)
{
if (--argc < 1) badarg = 1;
else keyform=str2fmt(*(++argv));
}
#ifndef OPENSSL_NO_ENGINE
else if(!TINYCLR_SSL_STRCMP(*argv, "-engine"))
{
if (--argc < 1)
badarg = 1;
else
e = setup_engine(bio_err, *(++argv), 0);
}
#endif
else if(!TINYCLR_SSL_STRCMP(*argv, "-pubin"))
key_type = KEY_PUBKEY;
else if(!TINYCLR_SSL_STRCMP(*argv, "-certin"))
key_type = KEY_CERT;
else if(!TINYCLR_SSL_STRCMP(*argv, "-asn1parse"))
asn1parse = 1;
else if(!TINYCLR_SSL_STRCMP(*argv, "-hexdump"))
hexdump = 1;
else if(!TINYCLR_SSL_STRCMP(*argv, "-sign"))
pkey_op = EVP_PKEY_OP_SIGN;
else if(!TINYCLR_SSL_STRCMP(*argv, "-verify"))
pkey_op = EVP_PKEY_OP_VERIFY;
else if(!TINYCLR_SSL_STRCMP(*argv, "-verifyrecover"))
pkey_op = EVP_PKEY_OP_VERIFYRECOVER;
else if(!TINYCLR_SSL_STRCMP(*argv, "-rev"))
rev = 1;
else if(!TINYCLR_SSL_STRCMP(*argv, "-encrypt"))
pkey_op = EVP_PKEY_OP_ENCRYPT;
else if(!TINYCLR_SSL_STRCMP(*argv, "-decrypt"))
pkey_op = EVP_PKEY_OP_DECRYPT;
else if(!TINYCLR_SSL_STRCMP(*argv, "-derive"))
pkey_op = EVP_PKEY_OP_DERIVE;
else if (TINYCLR_SSL_STRCMP(*argv,"-pkeyopt") == 0)
{
if (--argc < 1)
badarg = 1;
else if (!ctx)
{
BIO_puts(bio_err,
"-pkeyopt command before -inkey\n");
badarg = 1;
}
else if (pkey_ctrl_string(ctx, *(++argv)) <= 0)
{
BIO_puts(bio_err, "parameter setting error\n");
ERR_print_errors(bio_err);
goto end;
}
}
else badarg = 1;
if(badarg)
{
usage();
goto end;
}
argc--;
argv++;
}
if (!ctx)
{
usage();
goto end;
}
if (sigfile && (pkey_op != EVP_PKEY_OP_VERIFY))
{
BIO_puts(bio_err, "Signature file specified for non verify\n");
goto end;
}
if (!sigfile && (pkey_op == EVP_PKEY_OP_VERIFY))
{
BIO_puts(bio_err, "No signature file specified for verify\n");
goto end;
}
/* FIXME: seed PRNG only if needed */
app_RAND_load_file(NULL, bio_err, 0);
if (pkey_op != EVP_PKEY_OP_DERIVE)
{
if(infile)
{
if(!(in = BIO_new_file(infile, "rb")))
{
BIO_puts(bio_err,
"Error Opening Input File\n");
ERR_print_errors(bio_err);
goto end;
}
}
else
in = BIO_new_fp(OPENSSL_TYPE__FILE_STDIN, BIO_NOCLOSE);
}
if(outfile)
{
if(!(out = BIO_new_file(outfile, "wb")))
{
BIO_printf(bio_err, "Error Creating Output File\n");
ERR_print_errors(bio_err);
goto end;
}
}
else
{
out = BIO_new_fp(OPENSSL_TYPE__FILE_STDOUT, BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
{
BIO *tmpbio = BIO_new(BIO_f_linebuffer());
out = BIO_push(tmpbio, out);
}
#endif
}
if (sigfile)
{
BIO *sigbio = BIO_new_file(sigfile, "rb");
if (!sigbio)
{
BIO_printf(bio_err, "Can't open signature file %s\n",
sigfile);
goto end;
}
siglen = bio_to_mem(&sig, keysize * 10, sigbio);
BIO_free(sigbio);
if (siglen <= 0)
{
BIO_printf(bio_err, "Error reading signature data\n");
goto end;
}
}
if (in)
{
/* Read the input data */
buf_inlen = bio_to_mem(&buf_in, keysize * 10, in);
if(buf_inlen <= 0)
{
BIO_printf(bio_err, "Error reading input Data\n");
TINYCLR_SSL_EXIT(1);
}
if(rev)
{
size_t i;
unsigned char ctmp;
size_t l = (size_t)buf_inlen;
for(i = 0; i < l/2; i++)
{
ctmp = buf_in[i];
buf_in[i] = buf_in[l - 1 - i];
buf_in[l - 1 - i] = ctmp;
}
}
}
if(pkey_op == EVP_PKEY_OP_VERIFY)
{
rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen,
buf_in, (size_t)buf_inlen);
if (rv == 0)
BIO_puts(out, "Signature Verification Failure\n");
else if (rv == 1)
BIO_puts(out, "Signature Verified Successfully\n");
if (rv >= 0)
goto end;
}
else
{
rv = do_keyop(ctx, pkey_op, NULL, (size_t *)&buf_outlen,
buf_in, (size_t)buf_inlen);
if (rv > 0)
{
buf_out = (unsigned char*)OPENSSL_malloc(buf_outlen);
if (!buf_out)
rv = -1;
else
rv = do_keyop(ctx, pkey_op,
buf_out, (size_t *)&buf_outlen,
buf_in, (size_t)buf_inlen);
}
}
if(rv <= 0)
{
BIO_printf(bio_err, "Public Key operation error\n");
ERR_print_errors(bio_err);
goto end;
}
ret = 0;
if(asn1parse)
{
if(!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1))
ERR_print_errors(bio_err);
}
else if(hexdump)
BIO_dump(out, (char *)buf_out, buf_outlen);
else
BIO_write(out, buf_out, buf_outlen);
end:
if (ctx)
EVP_PKEY_CTX_free(ctx);
BIO_free(in);
BIO_free_all(out);
if (buf_in)
OPENSSL_free(buf_in);
if (buf_out)
OPENSSL_free(buf_out);
if (sig)
OPENSSL_free(sig);
return ret;
}
