apps.h revision 142425 
1159248Srwatson/* apps/apps.h */
2159248Srwatson/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3159248Srwatson * All rights reserved.
4159248Srwatson *
5159248Srwatson * This package is an SSL implementation written
6159248Srwatson * by Eric Young (eay@cryptsoft.com).
7159248Srwatson * The implementation was written so as to conform with Netscapes SSL.
8159248Srwatson *
9159248Srwatson * This library is free for commercial and non-commercial use as long as
10159248Srwatson * the following conditions are aheared to.  The following conditions
11159248Srwatson * apply to all code found in this distribution, be it the RC4, RSA,
12159248Srwatson * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13168777Srwatson * included with this distribution is covered by the same copyright terms
14159248Srwatson * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15159248Srwatson *
16159248Srwatson * Copyright remains Eric Young's, and as such any Copyright notices in
17159248Srwatson * the code are not to be removed.
18159248Srwatson * If this package is used in a product, Eric Young should be given attribution
19159248Srwatson * as the author of the parts of the library used.
20159248Srwatson * This can be in the form of a textual message at program startup or
21159248Srwatson * in documentation (online or textual) provided with the package.
22159248Srwatson *
23159248Srwatson * Redistribution and use in source and binary forms, with or without
24159248Srwatson * modification, are permitted provided that the following conditions
25159248Srwatson * are met:
26168777Srwatson * 1. Redistributions of source code must retain the copyright
27159248Srwatson *    notice, this list of conditions and the following disclaimer.
28159248Srwatson * 2. Redistributions in binary form must reproduce the above copyright
29159248Srwatson *    notice, this list of conditions and the following disclaimer in the
30159248Srwatson *    documentation and/or other materials provided with the distribution.
31159248Srwatson * 3. All advertising materials mentioning features or use of this software
32162503Srwatson *    must display the following acknowledgement:
33162503Srwatson *    "This product includes cryptographic software written by
34162503Srwatson *     Eric Young (eay@cryptsoft.com)"
35159248Srwatson *    The word 'cryptographic' can be left out if the rouines from the library
36162503Srwatson *    being used are not cryptographic related :-).
37168777Srwatson * 4. If you include any Windows specific code (or a derivative thereof) from
38159248Srwatson *    the apps directory (application code) you must include an acknowledgement:
39159248Srwatson *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40159248Srwatson *
41168777Srwatson * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42159248Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43168777Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44159248Srwatson * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45159248Srwatson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46159248Srwatson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47159248Srwatson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48159248Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49159248Srwatson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50159248Srwatson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51159248Srwatson * SUCH DAMAGE.
52159248Srwatson *
53159248Srwatson * The licence and distribution terms for any publically available version or
54159248Srwatson * derivative of this code cannot be changed.  i.e. this code cannot simply be
55159248Srwatson * copied and put under another distribution licence
56159248Srwatson * [including the GNU Public Licence.]
57159248Srwatson */
58159248Srwatson/* ====================================================================
59159248Srwatson * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
60159248Srwatson *
61159248Srwatson * Redistribution and use in source and binary forms, with or without
62159248Srwatson * modification, are permitted provided that the following conditions
63159248Srwatson * are met:
64159248Srwatson *
65159248Srwatson * 1. Redistributions of source code must retain the above copyright
66159248Srwatson *    notice, this list of conditions and the following disclaimer.
67159248Srwatson *
68159248Srwatson * 2. Redistributions in binary form must reproduce the above copyright
69159248Srwatson *    notice, this list of conditions and the following disclaimer in
70159248Srwatson *    the documentation and/or other materials provided with the
71159248Srwatson *    distribution.
72159248Srwatson *
73159248Srwatson * 3. All advertising materials mentioning features or use of this
74159248Srwatson *    software must display the following acknowledgment:
75159248Srwatson *    "This product includes software developed by the OpenSSL Project
76168777Srwatson *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77159248Srwatson *
78159248Srwatson * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79159248Srwatson *    endorse or promote products derived from this software without
80159248Srwatson *    prior written permission. For written permission, please contact
81159248Srwatson *    openssl-core@openssl.org.
82159248Srwatson *
83159248Srwatson * 5. Products derived from this software may not be called "OpenSSL"
84168777Srwatson *    nor may "OpenSSL" appear in their names without prior written
85159248Srwatson *    permission of the OpenSSL Project.
86159248Srwatson *
87159248Srwatson * 6. Redistributions of any form whatsoever must retain the following
88159248Srwatson *    acknowledgment:
89159248Srwatson *    "This product includes software developed by the OpenSSL Project
90159248Srwatson *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91168777Srwatson *
92159248Srwatson * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93159248Srwatson * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94168777Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95159248Srwatson * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96159248Srwatson * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97159248Srwatson * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98159248Srwatson * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99159248Srwatson * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100168777Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101159248Srwatson * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102168777Srwatson * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103159248Srwatson * OF THE POSSIBILITY OF SUCH DAMAGE.
104168777Srwatson * ====================================================================
105168777Srwatson *
106159248Srwatson * This product includes cryptographic software written by Eric Young
107168777Srwatson * (eay@cryptsoft.com).  This product includes software written by Tim
108159248Srwatson * Hudson (tjh@cryptsoft.com).
109159248Srwatson *
110159248Srwatson */
111159248Srwatson
112159248Srwatson#ifndef HEADER_APPS_H
113159248Srwatson#define HEADER_APPS_H
114159248Srwatson
115159248Srwatson#include "e_os.h"
116159248Srwatson
117159248Srwatson#include <openssl/buffer.h>
118159248Srwatson#include <openssl/bio.h>
119159248Srwatson#include <openssl/crypto.h>
120159248Srwatson#include <openssl/x509.h>
121159248Srwatson#include <openssl/lhash.h>
122159248Srwatson#include <openssl/conf.h>
123159248Srwatson#include <openssl/txt_db.h>
124159248Srwatson#ifndef OPENSSL_NO_ENGINE
125159248Srwatson#include <openssl/engine.h>
126162503Srwatson#endif
127159248Srwatson#include <openssl/ossl_typ.h>
128168777Srwatson
129168777Srwatsonint app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
130168777Srwatsonint app_RAND_write_file(const char *file, BIO *bio_e);
131168777Srwatson/* When `file' is NULL, use defaults.
132168777Srwatson * `bio_e' is for error messages. */
133159248Srwatsonvoid app_RAND_allow_write_file(void);
134168777Srwatsonlong app_RAND_load_files(char *file); /* `file' is a list of files to read,
135168777Srwatson                                       * separated by LIST_SEPARATOR_CHAR
136168777Srwatson                                       * (see e_os.h).  The string is
137168777Srwatson                                       * destroyed! */
138168777Srwatson
139168777Srwatson#ifdef OPENSSL_SYS_WIN32
140168777Srwatson#define rename(from,to) WIN32_rename((from),(to))
141159248Srwatsonint WIN32_rename(char *oldname,char *newname);
142159248Srwatson#endif
143159248Srwatson
144159248Srwatson#ifndef MONOLITH
145159248Srwatson
146159248Srwatson#define MAIN(a,v)	main(a,v)
147159248Srwatson
148159248Srwatson#ifndef NON_MAIN
149159248SrwatsonCONF *config=NULL;
150159248SrwatsonBIO *bio_err=NULL;
151159248Srwatsonint in_FIPS_mode=0;
152159248Srwatson#else
153159248Srwatsonextern CONF *config;
154159248Srwatsonextern BIO *bio_err;
155159248Srwatsonextern int in_FIPS_mode;
156159248Srwatson#endif
157159248Srwatson
158159248Srwatson#else
159
160#define MAIN(a,v)	PROG(a,v)
161extern CONF *config;
162extern char *default_config_file;
163extern BIO *bio_err;
164extern int in_FIPS_mode;
165
166#endif
167
168#include <signal.h>
169
170#ifdef SIGPIPE
171#define do_pipe_sig()	signal(SIGPIPE,SIG_IGN)
172#else
173#define do_pipe_sig()
174#endif
175
176#if defined(MONOLITH) && !defined(OPENSSL_C)
177#  define apps_startup() \
178		do_pipe_sig()
179#  define apps_shutdown()
180#else
181#  ifndef OPENSSL_NO_ENGINE
182#    if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
183     defined(OPENSSL_SYS_WIN32)
184#      ifdef _O_BINARY
185#        define apps_startup() \
186			do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
187			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
188			ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
189#      else
190#        define apps_startup() \
191			do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
192			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
193			ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
194#      endif
195#    else
196#      define apps_startup() \
197			do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
198			ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
199			setup_ui_method(); } while(0)
200#    endif
201#    define apps_shutdown() \
202			do { CONF_modules_unload(1); destroy_ui_method(); \
203			EVP_cleanup(); ENGINE_cleanup(); \
204			CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
205			ERR_free_strings(); } while(0)
206#  else
207#    if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
208     defined(OPENSSL_SYS_WIN32)
209#      ifdef _O_BINARY
210#        define apps_startup() \
211			do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
212			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
213			setup_ui_method(); } while(0)
214#      else
215#        define apps_startup() \
216			do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
217			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
218			setup_ui_method(); } while(0)
219#      endif
220#    else
221#      define apps_startup() \
222			do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
223			ERR_load_crypto_strings(); \
224			setup_ui_method(); } while(0)
225#    endif
226#    define apps_shutdown() \
227			do { CONF_modules_unload(1); destroy_ui_method(); \
228			EVP_cleanup(); \
229			CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
230			ERR_free_strings(); } while(0)
231#  endif
232#endif
233
234typedef struct args_st
235	{
236	char **data;
237	int count;
238	} ARGS;
239
240#define PW_MIN_LENGTH 4
241typedef struct pw_cb_data
242	{
243	const void *password;
244	const char *prompt_info;
245	} PW_CB_DATA;
246
247int password_callback(char *buf, int bufsiz, int verify,
248	PW_CB_DATA *cb_data);
249
250int setup_ui_method(void);
251void destroy_ui_method(void);
252
253int should_retry(int i);
254int args_from_file(char *file, int *argc, char **argv[]);
255int str2fmt(char *s);
256void program_name(char *in,char *out,int size);
257int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
258#ifdef HEADER_X509_H
259int dump_cert_text(BIO *out, X509 *x);
260void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags);
261#endif
262int set_cert_ex(unsigned long *flags, const char *arg);
263int set_name_ex(unsigned long *flags, const char *arg);
264int set_ext_copy(int *copy_type, const char *arg);
265int copy_extensions(X509 *x, X509_REQ *req, int copy_type);
266int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
267int add_oid_section(BIO *err, CONF *conf);
268X509 *load_cert(BIO *err, const char *file, int format,
269	const char *pass, ENGINE *e, const char *cert_descrip);
270EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
271	const char *pass, ENGINE *e, const char *key_descrip);
272EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
273	const char *pass, ENGINE *e, const char *key_descrip);
274STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
275	const char *pass, ENGINE *e, const char *cert_descrip);
276X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
277#ifndef OPENSSL_NO_ENGINE
278ENGINE *setup_engine(BIO *err, const char *engine, int debug);
279#endif
280
281int load_config(BIO *err, CONF *cnf);
282char *make_config_name(void);
283
284/* Functions defined in ca.c and also used in ocsp.c */
285int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
286			ASN1_GENERALIZEDTIME **pinvtm, char *str);
287
288#define DB_type         0
289#define DB_exp_date     1
290#define DB_rev_date     2
291#define DB_serial       3       /* index - unique */
292#define DB_file         4
293#define DB_name         5       /* index - unique when active and not disabled */
294#define DB_NUMBER       6
295
296#define DB_TYPE_REV	'R'
297#define DB_TYPE_EXP	'E'
298#define DB_TYPE_VAL	'V'
299
300typedef struct db_attr_st
301	{
302	int unique_subject;
303	} DB_ATTR;
304typedef struct ca_db_st
305	{
306	DB_ATTR attributes;
307	TXT_DB *db;
308	} CA_DB;
309
310BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
311int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai);
312int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
313int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
314CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
315int index_index(CA_DB *db);
316int save_index(char *dbfile, char *suffix, CA_DB *db);
317int rotate_index(char *dbfile, char *new_suffix, char *old_suffix);
318void free_index(CA_DB *db);
319int index_name_cmp(const char **a, const char **b);
320
321X509_NAME *do_subject(char *str, long chtype);
322
323#define FORMAT_UNDEF    0
324#define FORMAT_ASN1     1
325#define FORMAT_TEXT     2
326#define FORMAT_PEM      3
327#define FORMAT_NETSCAPE 4
328#define FORMAT_PKCS12   5
329#define FORMAT_SMIME    6
330#define FORMAT_ENGINE   7
331#define FORMAT_IISSGC	8	/* XXX this stupid macro helps us to avoid
332				 * adding yet another param to load_*key() */
333
334#define EXT_COPY_NONE	0
335#define EXT_COPY_ADD	1
336#define EXT_COPY_ALL	2
337
338#define NETSCAPE_CERT_HDR	"certificate"
339
340#define APP_PASS_LEN	1024
341
342#define SERIAL_RAND_BITS	64
343
344#endif
345