1/* apps/apps.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to.  The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 *    notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 *    notice, this list of conditions and the following disclaimer in the
30 *    documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 *    must display the following acknowledgement:
33 *    "This product includes cryptographic software written by
34 *     Eric Young (eay@cryptsoft.com)"
35 *    The word 'cryptographic' can be left out if the rouines from the library
36 *    being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 *    the apps directory (application code) you must include an acknowledgement:
39 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed.  i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2001 The OpenSSL Project.  All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 *    notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 *    notice, this list of conditions and the following disclaimer in
70 *    the documentation and/or other materials provided with the
71 *    distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 *    software must display the following acknowledgment:
75 *    "This product includes software developed by the OpenSSL Project
76 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 *    endorse or promote products derived from this software without
80 *    prior written permission. For written permission, please contact
81 *    openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 *    nor may "OpenSSL" appear in their names without prior written
85 *    permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 *    acknowledgment:
89 *    "This product includes software developed by the OpenSSL Project
90 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com).  This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#ifndef HEADER_APPS_H
113#define HEADER_APPS_H
114
115#include "e_os.h"
116
117#include <openssl/buffer.h>
118#include <openssl/bio.h>
119#include <openssl/crypto.h>
120#include <openssl/x509.h>
121#include <openssl/lhash.h>
122#include <openssl/conf.h>
123#include <openssl/txt_db.h>
124#ifndef OPENSSL_NO_ENGINE
125#include <openssl/engine.h>
126#endif
127#include <openssl/ossl_typ.h>
128
129int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
130int app_RAND_write_file(const char *file, BIO *bio_e);
131/* When `file' is NULL, use defaults.
132 * `bio_e' is for error messages. */
133void app_RAND_allow_write_file(void);
134long app_RAND_load_files(char *file); /* `file' is a list of files to read,
135                                       * separated by LIST_SEPARATOR_CHAR
136                                       * (see e_os.h).  The string is
137                                       * destroyed! */
138
139#ifdef OPENSSL_SYS_WIN32
140#define rename(from,to) WIN32_rename((from),(to))
141int WIN32_rename(char *oldname,char *newname);
142#endif
143
144#ifndef MONOLITH
145
146#define MAIN(a,v)	main(a,v)
147
148#ifndef NON_MAIN
149CONF *config=NULL;
150BIO *bio_err=NULL;
151int in_FIPS_mode=0;
152#else
153extern CONF *config;
154extern BIO *bio_err;
155extern int in_FIPS_mode;
156#endif
157
158#else
159
160#define MAIN(a,v)	PROG(a,v)
161extern CONF *config;
162extern char *default_config_file;
163extern BIO *bio_err;
164extern int in_FIPS_mode;
165
166#endif
167
168#include <signal.h>
169
170#ifdef SIGPIPE
171#define do_pipe_sig()	signal(SIGPIPE,SIG_IGN)
172#else
173#define do_pipe_sig()
174#endif
175
176#if defined(MONOLITH) && !defined(OPENSSL_C)
177#  define apps_startup() \
178		do_pipe_sig()
179#  define apps_shutdown()
180#else
181#  ifndef OPENSSL_NO_ENGINE
182#    if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
183     defined(OPENSSL_SYS_WIN32)
184#      ifdef _O_BINARY
185#        define apps_startup() \
186			do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
187			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
188			ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
189#      else
190#        define apps_startup() \
191			do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
192			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
193			ENGINE_load_builtin_engines(); setup_ui_method(); } while(0)
194#      endif
195#    else
196#      define apps_startup() \
197			do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
198			ERR_load_crypto_strings(); ENGINE_load_builtin_engines(); \
199			setup_ui_method(); } while(0)
200#    endif
201#    define apps_shutdown() \
202			do { CONF_modules_unload(1); destroy_ui_method(); \
203			EVP_cleanup(); ENGINE_cleanup(); \
204			CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
205			ERR_free_strings(); } while(0)
206#  else
207#    if defined(OPENSSL_SYS_MSDOS) || defined(OPENSSL_SYS_WIN16) || \
208     defined(OPENSSL_SYS_WIN32)
209#      ifdef _O_BINARY
210#        define apps_startup() \
211			do { _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
212			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
213			setup_ui_method(); } while(0)
214#      else
215#        define apps_startup() \
216			do { _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
217			ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); \
218			setup_ui_method(); } while(0)
219#      endif
220#    else
221#      define apps_startup() \
222			do { do_pipe_sig(); OpenSSL_add_all_algorithms(); \
223			ERR_load_crypto_strings(); \
224			setup_ui_method(); } while(0)
225#    endif
226#    define apps_shutdown() \
227			do { CONF_modules_unload(1); destroy_ui_method(); \
228			EVP_cleanup(); \
229			CRYPTO_cleanup_all_ex_data(); ERR_remove_state(0); \
230			ERR_free_strings(); } while(0)
231#  endif
232#endif
233
234typedef struct args_st
235	{
236	char **data;
237	int count;
238	} ARGS;
239
240#define PW_MIN_LENGTH 4
241typedef struct pw_cb_data
242	{
243	const void *password;
244	const char *prompt_info;
245	} PW_CB_DATA;
246
247int password_callback(char *buf, int bufsiz, int verify,
248	PW_CB_DATA *cb_data);
249
250int setup_ui_method(void);
251void destroy_ui_method(void);
252
253int should_retry(int i);
254int args_from_file(char *file, int *argc, char **argv[]);
255int str2fmt(char *s);
256void program_name(char *in,char *out,int size);
257int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
258#ifdef HEADER_X509_H
259int dump_cert_text(BIO *out, X509 *x);
260void print_name(BIO *out, char *title, X509_NAME *nm, unsigned long lflags);
261#endif
262int set_cert_ex(unsigned long *flags, const char *arg);
263int set_name_ex(unsigned long *flags, const char *arg);
264int set_ext_copy(int *copy_type, const char *arg);
265int copy_extensions(X509 *x, X509_REQ *req, int copy_type);
266int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
267int add_oid_section(BIO *err, CONF *conf);
268X509 *load_cert(BIO *err, const char *file, int format,
269	const char *pass, ENGINE *e, const char *cert_descrip);
270EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin,
271	const char *pass, ENGINE *e, const char *key_descrip);
272EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin,
273	const char *pass, ENGINE *e, const char *key_descrip);
274STACK_OF(X509) *load_certs(BIO *err, const char *file, int format,
275	const char *pass, ENGINE *e, const char *cert_descrip);
276X509_STORE *setup_verify(BIO *bp, char *CAfile, char *CApath);
277#ifndef OPENSSL_NO_ENGINE
278ENGINE *setup_engine(BIO *err, const char *engine, int debug);
279#endif
280
281int load_config(BIO *err, CONF *cnf);
282char *make_config_name(void);
283
284/* Functions defined in ca.c and also used in ocsp.c */
285int unpack_revinfo(ASN1_TIME **prevtm, int *preason, ASN1_OBJECT **phold,
286			ASN1_GENERALIZEDTIME **pinvtm, char *str);
287
288#define DB_type         0
289#define DB_exp_date     1
290#define DB_rev_date     2
291#define DB_serial       3       /* index - unique */
292#define DB_file         4
293#define DB_name         5       /* index - unique when active and not disabled */
294#define DB_NUMBER       6
295
296#define DB_TYPE_REV	'R'
297#define DB_TYPE_EXP	'E'
298#define DB_TYPE_VAL	'V'
299
300typedef struct db_attr_st
301	{
302	int unique_subject;
303	} DB_ATTR;
304typedef struct ca_db_st
305	{
306	DB_ATTR attributes;
307	TXT_DB *db;
308	} CA_DB;
309
310BIGNUM *load_serial(char *serialfile, int create, ASN1_INTEGER **retai);
311int save_serial(char *serialfile, char *suffix, BIGNUM *serial, ASN1_INTEGER **retai);
312int rotate_serial(char *serialfile, char *new_suffix, char *old_suffix);
313int rand_serial(BIGNUM *b, ASN1_INTEGER *ai);
314CA_DB *load_index(char *dbfile, DB_ATTR *dbattr);
315int index_index(CA_DB *db);
316int save_index(char *dbfile, char *suffix, CA_DB *db);
317int rotate_index(char *dbfile, char *new_suffix, char *old_suffix);
318void free_index(CA_DB *db);
319int index_name_cmp(const char **a, const char **b);
320
321X509_NAME *do_subject(char *str, long chtype);
322
323#define FORMAT_UNDEF    0
324#define FORMAT_ASN1     1
325#define FORMAT_TEXT     2
326#define FORMAT_PEM      3
327#define FORMAT_NETSCAPE 4
328#define FORMAT_PKCS12   5
329#define FORMAT_SMIME    6
330#define FORMAT_ENGINE   7
331#define FORMAT_IISSGC	8	/* XXX this stupid macro helps us to avoid
332				 * adding yet another param to load_*key() */
333
334#define EXT_COPY_NONE	0
335#define EXT_COPY_ADD	1
336#define EXT_COPY_ALL	2
337
338#define NETSCAPE_CERT_HDR	"certificate"
339
340#define APP_PASS_LEN	1024
341
342#define SERIAL_RAND_BITS	64
343
344#endif
345