nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-05 17:08:05 -05:00
Code Issues Projects Releases Wiki Activity

Merge pull request #90 from olszomal/style

Browse Source 
Handle unsuccessful termination exit(-1)
This commit is contained in:
Michał Trojnara 2021-05-04 09:40:12 +02:00 committed by GitHub
commit 1c175c4339
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 185 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

256
osslsigncode.c
View File

@ -1181,7 +1181,6 @@ static void usage(const char *argv0, const char *cmd)
printf("%12s[ -timestamp-expiration ]\n", ""); printf("%12s[ -timestamp-expiration ]\n", "");
printf("%12s[ -verbose ]\n\n", ""); printf("%12s[ -verbose ]\n\n", "");
} }
exit(-1);
} }
static void help_for(const char *argv0, const char *cmd) static void help_for(const char *argv0, const char *cmd)
@ -1405,7 +1404,8 @@ typedef enum {
CMD_REMOVE, CMD_REMOVE,
CMD_VERIFY, CMD_VERIFY,
CMD_ADD, CMD_ADD,
CMD_ATTACH CMD_ATTACH,
CMD_HELP
} cmd_type_t; } cmd_type_t;
@ -1421,7 +1421,7 @@ static SpcLink *get_obsolete_link(void)
link->value.file = SpcString_new(); link->value.file = SpcString_new();
link->value.file->type = 0; link->value.file->type = 0;
link->value.file->value.unicode = ASN1_BMPSTRING_new(); link->value.file->value.unicode = ASN1_BMPSTRING_new();
ASN1_STRING_set(link->value.file->value.unicode, obsolete, sizeof(obsolete)); ASN1_STRING_set(link->value.file->value.unicode, obsolete, sizeof obsolete);
return link; return link;
} }
@ -1433,7 +1433,7 @@ static const unsigned char classid_page_hash[] = {
static unsigned char *pe_calc_page_hash(char *indata, uint32_t header_size, static unsigned char *pe_calc_page_hash(char *indata, uint32_t header_size,
int pe32plus, uint32_t sigpos, int phtype, size_t *rphlen) int pe32plus, uint32_t sigpos, int phtype, size_t *rphlen)
{ {
uint16_t nsections, sizeofopthdr; uint16_t nsections, opthdr_size;
uint32_t pagesize, hdrsize; uint32_t pagesize, hdrsize;
uint32_t rs, ro, l, lastpos = 0; uint32_t rs, ro, l, lastpos = 0;
int pphlen, phlen, i, pi = 1; int pphlen, phlen, i, pi = 1;
@ -1462,8 +1462,8 @@ static unsigned char *pe_calc_page_hash(char *indata, uint32_t header_size,
memset(res, 0, 4); memset(res, 0, 4);
EVP_DigestFinal(mdctx, res + 4, NULL); EVP_DigestFinal(mdctx, res + 4, NULL);
sizeofopthdr = GET_UINT16_LE(indata + header_size + 20); opthdr_size = GET_UINT16_LE(indata + header_size + 20);
sections = indata + header_size + 24 + sizeofopthdr; sections = indata + header_size + 24 + opthdr_size;
for (i=0; i<nsections; i++) { for (i=0; i<nsections; i++) {
rs = GET_UINT32_LE(sections + 16); rs = GET_UINT32_LE(sections + 16);
ro = GET_UINT32_LE(sections + 20); ro = GET_UINT32_LE(sections + 20);
@ -1506,7 +1506,7 @@ static SpcLink *get_page_hash_link(int phtype, char *indata, FILE_HEADER *header
header->fileend, phtype, &phlen); header->fileend, phtype, &phlen);
if (!ph) { if (!ph) {
printf("Failed to calculate page hash\n"); printf("Failed to calculate page hash\n");
exit(-1); return NULL; /* FAILED */
} }
tohex(ph, hexbuf, (phlen < 32) ? phlen : 32); tohex(ph, hexbuf, (phlen < 32) ? phlen : 32);
printf("Calculated page hash : %s ...\n", hexbuf); printf("Calculated page hash : %s ...\n", hexbuf);
@ -1553,7 +1553,7 @@ static SpcLink *get_page_hash_link(int phtype, char *indata, FILE_HEADER *header
sk_ASN1_TYPE_free(aset); sk_ASN1_TYPE_free(aset);
so = SpcSerializedObject_new(); so = SpcSerializedObject_new();
ASN1_OCTET_STRING_set(so->classId, classid_page_hash, sizeof(classid_page_hash)); ASN1_OCTET_STRING_set(so->classId, classid_page_hash, sizeof classid_page_hash);
ASN1_OCTET_STRING_set(so->serializedData, p, l); ASN1_OCTET_STRING_set(so->serializedData, p, l);
OPENSSL_free(p); OPENSSL_free(p);
@ -1563,7 +1563,7 @@ static SpcLink *get_page_hash_link(int phtype, char *indata, FILE_HEADER *header
return link; return link;
} }
static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *options, static int get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *options,
FILE_HEADER *header, file_type_t type, char *indata) FILE_HEADER *header, file_type_t type, char *indata)
{ {
u_char *p; u_char *p;
@ -1592,10 +1592,14 @@ static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *opti
SpcPeImageData *pid = SpcPeImageData_new(); SpcPeImageData *pid = SpcPeImageData_new();
ASN1_BIT_STRING_set(pid->flags, (unsigned char*)"0", 0); ASN1_BIT_STRING_set(pid->flags, (unsigned char*)"0", 0);
if (options->pagehash) { if (options->pagehash) {
SpcLink *link;
phtype = NID_sha1; phtype = NID_sha1;
if (EVP_MD_size(options->md) > EVP_MD_size(EVP_sha1())) if (EVP_MD_size(options->md) > EVP_MD_size(EVP_sha1()))
phtype = NID_sha256; phtype = NID_sha256;
pid->file = get_page_hash_link(phtype, indata, header); link = get_page_hash_link(phtype, indata, header);
if (!link)
return 0; /* FAILED */
pid->file = link;
} else { } else {
pid->file = get_obsolete_link(); pid->file = get_obsolete_link();
} }
@ -1613,7 +1617,7 @@ static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *opti
ASN1_INTEGER_set(si->d, 0); ASN1_INTEGER_set(si->d, 0);
ASN1_INTEGER_set(si->e, 0); ASN1_INTEGER_set(si->e, 0);
ASN1_INTEGER_set(si->f, 0); ASN1_INTEGER_set(si->f, 0);
ASN1_OCTET_STRING_set(si->string, msistr, sizeof(msistr)); ASN1_OCTET_STRING_set(si->string, msistr, sizeof msistr);
l = i2d_SpcSipInfo(si, NULL); l = i2d_SpcSipInfo(si, NULL);
p = OPENSSL_malloc(l); p = OPENSSL_malloc(l);
i2d_SpcSipInfo(si, &p); i2d_SpcSipInfo(si, &p);
@ -1622,7 +1626,7 @@ static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *opti
SpcSipInfo_free(si); SpcSipInfo_free(si);
} else { } else {
printf("Unexpected file type: %d\n", type); printf("Unexpected file type: %d\n", type);
exit(1); return 0; /* FAILED */
} }
idc->data->type = dtype; idc->data->type = dtype;
@ -1644,6 +1648,7 @@ static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *opti
i2d_SpcIndirectDataContent(idc, &p); i2d_SpcIndirectDataContent(idc, &p);
SpcIndirectDataContent_free(idc); SpcIndirectDataContent_free(idc);
*len -= EVP_MD_size(options->md); *len -= EVP_MD_size(options->md);
return 1; /* OK */
} }
static int set_signing_blob(PKCS7 *sig, BIO *hash, unsigned char *buf, int len) static int set_signing_blob(PKCS7 *sig, BIO *hash, unsigned char *buf, int len)
@ -1727,7 +1732,8 @@ static int set_indirect_data_blob(PKCS7 *sig, BIO *hash, file_type_t type,
u_char *p = NULL; u_char *p = NULL;
int len = 0; int len = 0;
get_indirect_data_blob(&p, &len, options, header, type, indata); if (!get_indirect_data_blob(&p, &len, options, header, type, indata))
return 0; /* FAILED */
memcpy(buf, p, len); memcpy(buf, p, len);
OPENSSL_free(p); OPENSSL_free(p);
if (!set_signing_blob(sig, hash, buf, len)) if (!set_signing_blob(sig, hash, buf, len))
@ -1963,7 +1969,7 @@ static time_t si_get_time(PKCS7_SIGNER_INFO *si)
if (object == NULL) if (object == NULL)
return INVALID_TIME; /* FAILED */ return INVALID_TIME; /* FAILED */
object_txt[0] = 0x00; object_txt[0] = 0x00;
OBJ_obj2txt(object_txt, sizeof(object_txt), object, 1); OBJ_obj2txt(object_txt, sizeof object_txt, object, 1);
if (!strcmp(object_txt, PKCS9_SIGNING_TIME)) { if (!strcmp(object_txt, PKCS9_SIGNING_TIME)) {
/* PKCS#9 signing time - Policy OID: 1.2.840.113549.1.9.5 */ /* PKCS#9 signing time - Policy OID: 1.2.840.113549.1.9.5 */
time = X509_ATTRIBUTE_get0_data(attr, 0, V_ASN1_UTCTIME, NULL); time = X509_ATTRIBUTE_get0_data(attr, 0, V_ASN1_UTCTIME, NULL);
@ -2198,9 +2204,9 @@ static int print_attributes(SIGNATURE *signature, int verbose)
print_time_t(signature->signtime); print_time_t(signature->signtime);
if (signature->purpose) { if (signature->purpose) {
if (!memcmp(signature->purpose, purpose_comm, sizeof(purpose_comm))) if (!memcmp(signature->purpose, purpose_comm, sizeof purpose_comm))
printf("\tMicrosoft Commercial Code Signing purpose\n"); printf("\tMicrosoft Commercial Code Signing purpose\n");
else if (!memcmp(signature->purpose, purpose_ind, sizeof(purpose_ind))) else if (!memcmp(signature->purpose, purpose_ind, sizeof purpose_ind))
printf("\tMicrosoft Individual Code Signing purpose\n"); printf("\tMicrosoft Individual Code Signing purpose\n");
else else
printf("\tUnrecognized Code Signing purpose\n"); printf("\tUnrecognized Code Signing purpose\n");
@ -2212,7 +2218,7 @@ static int print_attributes(SIGNATURE *signature, int verbose)
printf("\tText description: %s\n", signature->desc); printf("\tText description: %s\n", signature->desc);
} }
if (signature->level) { if (signature->level) {
if (!memcmp(signature->level, java_attrs_low, sizeof(java_attrs_low))) if (!memcmp(signature->level, java_attrs_low, sizeof java_attrs_low))
printf("\tLow level of permissions in Microsoft Internet Explorer 4.x for CAB files\n"); printf("\tLow level of permissions in Microsoft Internet Explorer 4.x for CAB files\n");
else else
printf("\tUnrecognized level of permissions in Microsoft Internet Explorer 4.x for CAB files\n"); printf("\tUnrecognized level of permissions in Microsoft Internet Explorer 4.x for CAB files\n");
@ -2250,7 +2256,7 @@ static void get_signed_attributes(SIGNATURE *signature, STACK_OF(X509_ATTRIBUTE)
if (object == NULL) if (object == NULL)
continue; continue;
object_txt[0] = 0x00; object_txt[0] = 0x00;
OBJ_obj2txt(object_txt, sizeof(object_txt), object, 1); OBJ_obj2txt(object_txt, sizeof object_txt, object, 1);
if (!strcmp(object_txt, PKCS9_MESSAGE_DIGEST)) { if (!strcmp(object_txt, PKCS9_MESSAGE_DIGEST)) {
/* PKCS#9 message digest - Policy OID: 1.2.840.113549.1.9.4 */ /* PKCS#9 message digest - Policy OID: 1.2.840.113549.1.9.4 */
signature->digest = X509_ATTRIBUTE_get0_data(attr, 0, V_ASN1_OCTET_STRING, NULL); signature->digest = X509_ATTRIBUTE_get0_data(attr, 0, V_ASN1_OCTET_STRING, NULL);
@ -2329,7 +2335,7 @@ static void get_unsigned_attributes(STACK_OF(SIGNATURE) **signatures, SIGNATURE
if (object == NULL) if (object == NULL)
continue; continue;
object_txt[0] = 0x00; object_txt[0] = 0x00;
OBJ_obj2txt(object_txt, sizeof(object_txt), object, 1); OBJ_obj2txt(object_txt, sizeof object_txt, object, 1);
if (!strcmp(object_txt, PKCS9_COUNTER_SIGNATURE)) { if (!strcmp(object_txt, PKCS9_COUNTER_SIGNATURE)) {
/* Authenticode Timestamp - Policy OID: 1.2.840.113549.1.9.6 */ /* Authenticode Timestamp - Policy OID: 1.2.840.113549.1.9.6 */
PKCS7_SIGNER_INFO *countersi; PKCS7_SIGNER_INFO *countersi;
@ -3173,8 +3179,8 @@ static void pe_calc_digest(char *indata, const EVP_MD *md, unsigned char *mdbuf,
while (n < offset) { while (n < offset) {
int l; int l;
size_t want = offset - n; size_t want = offset - n;
if (want > sizeof(bfb)) if (want > sizeof bfb)
want = sizeof(bfb); want = sizeof bfb;
l = BIO_read(bio, bfb, want); l = BIO_read(bio, bfb, want);
if (l <= 0) if (l <= 0)
break; break;
@ -3215,8 +3221,8 @@ static void pe_extract_page_hash(SpcAttributeTypeAndOptionalValue *obj,
return; return;
} }
so = id->file->value.moniker; so = id->file->value.moniker;
if (so->classId->length != sizeof(classid_page_hash) || if (so->classId->length != sizeof classid_page_hash ||
memcmp(so->classId->data, classid_page_hash, sizeof (classid_page_hash))) { memcmp(so->classId->data, classid_page_hash, sizeof classid_page_hash)) {
SpcPeImageData_free(id); SpcPeImageData_free(id);
return; return;
} }
@ -3230,7 +3236,7 @@ static void pe_extract_page_hash(SpcAttributeTypeAndOptionalValue *obj,
*phtype = 0; *phtype = 0;
buf[0] = 0x00; buf[0] = 0x00;
OBJ_obj2txt(buf, sizeof(buf), obj->type, 1); OBJ_obj2txt(buf, sizeof buf, obj->type, 1);
if (!strcmp(buf, SPC_PE_IMAGE_PAGE_HASHES_V1)) { if (!strcmp(buf, SPC_PE_IMAGE_PAGE_HASHES_V1)) {
*phtype = NID_sha1; *phtype = NID_sha1;
} else if (!strcmp(buf, SPC_PE_IMAGE_PAGE_HASHES_V2)) { } else if (!strcmp(buf, SPC_PE_IMAGE_PAGE_HASHES_V2)) {
@ -3665,8 +3671,8 @@ static void cab_calc_digest(char *indata, const EVP_MD *md, unsigned char *mdbuf
while (coffFiles < offset) { while (coffFiles < offset) {
int l; int l;
uint32_t want = offset - coffFiles; uint32_t want = offset - coffFiles;
if (want > sizeof(bfb)) if (want > sizeof bfb)
want = sizeof(bfb); want = sizeof bfb;
l = BIO_read(bio, bfb, want); l = BIO_read(bio, bfb, want);
if (l <= 0) if (l <= 0)
break; break;
@ -4244,7 +4250,7 @@ static void add_jp_attribute(PKCS7_SIGNER_INFO *si, int jp)
switch (jp) { switch (jp) {
case 0: case 0:
attrs = java_attrs_low; attrs = java_attrs_low;
len = sizeof(java_attrs_low); len = sizeof java_attrs_low;
break; break;
case 1: case 1:
/* XXX */ /* XXX */
@ -4267,9 +4273,9 @@ static void add_purpose_attribute(PKCS7_SIGNER_INFO *si, int comm)
astr = ASN1_STRING_new(); astr = ASN1_STRING_new();
if (comm) { if (comm) {
ASN1_STRING_set(astr, purpose_comm, sizeof(purpose_comm)); ASN1_STRING_set(astr, purpose_comm, sizeof purpose_comm);
} else { } else {
ASN1_STRING_set(astr, purpose_ind, sizeof(purpose_ind)); ASN1_STRING_set(astr, purpose_ind, sizeof purpose_ind);
} }
PKCS7_add_signed_attribute(si, OBJ_txt2nid(SPC_STATEMENT_TYPE_OBJID), PKCS7_add_signed_attribute(si, OBJ_txt2nid(SPC_STATEMENT_TYPE_OBJID),
V_ASN1_SEQUENCE, astr); V_ASN1_SEQUENCE, astr);
@ -4392,8 +4398,8 @@ static int add_unauthenticated_blob(PKCS7 *sig)
if ((p = OPENSSL_malloc(len)) == NULL) if ((p = OPENSSL_malloc(len)) == NULL)
return 1; /* FAILED */ return 1; /* FAILED */
memset(p, 0, len); memset(p, 0, len);
memcpy(p, prefix, sizeof(prefix)); memcpy(p, prefix, sizeof prefix);
memcpy(p+len-sizeof(postfix), postfix, sizeof(postfix)); memcpy(p + len - sizeof postfix, postfix, sizeof postfix);
astr = ASN1_STRING_new(); astr = ASN1_STRING_new();
ASN1_STRING_set(astr, p, len); ASN1_STRING_set(astr, p, len);
nid = OBJ_create(SPC_UNAUTHENTICATED_DATA_BLOB_OBJID, nid = OBJ_create(SPC_UNAUTHENTICATED_DATA_BLOB_OBJID,
@ -4688,10 +4694,10 @@ static int get_file_type(char *indata, char *infile, file_type_t *type)
*type = FILE_TYPE_CAB; *type = FILE_TYPE_CAB;
} else if (!memcmp(indata, "MZ", 2)) { } else if (!memcmp(indata, "MZ", 2)) {
*type = FILE_TYPE_PE; *type = FILE_TYPE_PE;
} else if (!memcmp(indata, msi_magic, sizeof(msi_magic))) { } else if (!memcmp(indata, msi_magic, sizeof msi_magic)) {
*type = FILE_TYPE_MSI; *type = FILE_TYPE_MSI;
} else if (!memcmp(indata + ((GET_UINT8_LE(indata+1) == 0x82) ? 4 : 5), } else if (!memcmp(indata + ((GET_UINT8_LE(indata+1) == 0x82) ? 4 : 5),
pkcs7_signed_data, sizeof(pkcs7_signed_data))) { pkcs7_signed_data, sizeof pkcs7_signed_data)) {
/* the maximum size of a supported cat file is (2^24 -1) bytes */ /* the maximum size of a supported cat file is (2^24 -1) bytes */
*type = FILE_TYPE_CAT; *type = FILE_TYPE_CAT;
} else { } else {
@ -4719,7 +4725,7 @@ static char *getpassword(const char *prompt)
printf("Failed to set terminal attributes\n"); printf("Failed to set terminal attributes\n");
return NULL; return NULL;
} }
p = fgets(passbuf, sizeof(passbuf), stdin); p = fgets(passbuf, sizeof passbuf, stdin);
if (tcsetattr(fileno(stdin), TCSANOW, &ofl) != 0) if (tcsetattr(fileno(stdin), TCSANOW, &ofl) != 0)
printf("Failed to restore terminal attributes\n"); printf("Failed to restore terminal attributes\n");
if (!p) { if (!p) {
@ -4728,7 +4734,7 @@ static char *getpassword(const char *prompt)
} }
passbuf[strlen(passbuf)-1] = 0x00; passbuf[strlen(passbuf)-1] = 0x00;
pass = OPENSSL_strdup(passbuf); pass = OPENSSL_strdup(passbuf);
memset(passbuf, 0, sizeof(passbuf)); memset(passbuf, 0, sizeof passbuf);
return pass; return pass;
#else #else
return getpass(prompt); return getpass(prompt);
@ -4748,7 +4754,7 @@ static int read_password(GLOBAL_OPTIONS *options)
printf("Failed to open password file: %s\n", options->readpass); printf("Failed to open password file: %s\n", options->readpass);
return 0; /* FAILED */ return 0; /* FAILED */
} }
passlen = read(passfd, passbuf, sizeof(passbuf)-1); passlen = read(passfd, passbuf, sizeof passbuf - 1);
close(passfd); close(passfd);
if (passlen <= 0) { if (passlen <= 0) {
printf("Failed to read password from file: %s\n", options->readpass); printf("Failed to read password from file: %s\n", options->readpass);
@ -5199,7 +5205,7 @@ static PKCS7 *get_sigfile(char *sigfile, file_type_t type)
printf("Failed to open file: %s\n", sigfile); printf("Failed to open file: %s\n", sigfile);
return NULL; /* FAILED */ return NULL; /* FAILED */
} }
if (sigfilesize >= sizeof(pemhdr) && !memcmp(insigdata, pemhdr, sizeof(pemhdr)-1)) { if (sigfilesize >= sizeof pemhdr && !memcmp(insigdata, pemhdr, sizeof pemhdr - 1)) {
sigbio = BIO_new_mem_buf(insigdata, sigfilesize); sigbio = BIO_new_mem_buf(insigdata, sigfilesize);
sig = PEM_read_bio_PKCS7(sigbio, NULL, NULL, NULL); sig = PEM_read_bio_PKCS7(sigbio, NULL, NULL, NULL);
BIO_free_all(sigbio); BIO_free_all(sigbio);
@ -5422,9 +5428,10 @@ static cmd_type_t get_command(char **argv)
if (!strcmp(argv[1], "--help")) { if (!strcmp(argv[1], "--help")) {
print_version(); print_version();
help_for(argv[0], "all"); help_for(argv[0], "all");
return CMD_HELP;
} else if (!strcmp(argv[1], "-v") || !strcmp(argv[1], "--version")) { } else if (!strcmp(argv[1], "-v") || !strcmp(argv[1], "--version")) {
print_version(); print_version();
exit(-1); return CMD_HELP;
} else if (!strcmp(argv[1], "sign")) } else if (!strcmp(argv[1], "sign"))
return CMD_SIGN; return CMD_SIGN;
else if (!strcmp(argv[1], "extract-signature")) else if (!strcmp(argv[1], "extract-signature"))
@ -5458,68 +5465,122 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
options->signing_time = INVALID_TIME; options->signing_time = INVALID_TIME;
options->jp = -1; options->jp = -1;
if (*cmd == CMD_HELP) {
return 0; /* FAILED */
}
if (*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) { if (*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) {
options->cafile = get_cafile(); options->cafile = get_cafile();
options->tsa_cafile = get_cafile(); options->tsa_cafile = get_cafile();
} }
for (argc--,argv++; argc >= 1; argc--,argv++) { for (argc--,argv++; argc >= 1; argc--,argv++) {
if (!strcmp(*argv, "-in")) { if (!strcmp(*argv, "-in")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->infile = *(++argv); options->infile = *(++argv);
} else if (!strcmp(*argv, "-out")) { } else if (!strcmp(*argv, "-out")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->outfile = *(++argv); options->outfile = *(++argv);
} else if (!strcmp(*argv, "-sigin")) { } else if (!strcmp(*argv, "-sigin")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->sigfile = *(++argv); options->sigfile = *(++argv);
} else if ((*cmd == CMD_SIGN) && (!strcmp(*argv, "-spc") || !strcmp(*argv, "-certs"))) { } else if ((*cmd == CMD_SIGN) && (!strcmp(*argv, "-spc") || !strcmp(*argv, "-certs"))) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->certfile = *(++argv); options->certfile = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-ac")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-ac")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->xcertfile = *(++argv); options->xcertfile = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-key")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-key")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->keyfile = *(++argv); options->keyfile = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs12")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs12")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->pkcs12file = *(++argv); options->pkcs12file = *(++argv);
} else if ((*cmd == CMD_EXTRACT) && !strcmp(*argv, "-pem")) { } else if ((*cmd == CMD_EXTRACT) && !strcmp(*argv, "-pem")) {
options->output_pkcs7 = 1; options->output_pkcs7 = 1;
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs11cert")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs11cert")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->p11cert = *(++argv); options->p11cert = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs11engine")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs11engine")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->p11engine = *(++argv); options->p11engine = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs11module")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs11module")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->p11module = *(++argv); options->p11module = *(++argv);
#endif /* OPENSSL_NO_ENGINE */ #endif /* OPENSSL_NO_ENGINE */
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pass")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pass")) {
if (options->askpass || options->readpass) usage(argv0, "all"); if (options->askpass || options->readpass) {
if (--argc < 1) usage(argv0, "all"); usage(argv0, "all");
return 0; /* FAILED */
}
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->pass = OPENSSL_strdup(*(++argv)); options->pass = OPENSSL_strdup(*(++argv));
memset(*argv, 0, strlen(*argv)); memset(*argv, 0, strlen(*argv));
#ifdef PROVIDE_ASKPASS #ifdef PROVIDE_ASKPASS
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-askpass")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-askpass")) {
if (options->pass || options->readpass) usage(argv0, "all"); if (options->pass || options->readpass) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->askpass = 1; options->askpass = 1;
#endif #endif
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-readpass")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-readpass")) {
if (options->askpass || options->pass) usage(argv0, "all"); if (options->askpass || options->pass) {
if (--argc < 1) usage(argv0, "all"); usage(argv0, "all");
return 0; /* FAILED */
}
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->readpass = *(++argv); options->readpass = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-comm")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-comm")) {
options->comm = 1; options->comm = 1;
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-ph")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-ph")) {
options->pagehash = 1; options->pagehash = 1;
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-n")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-n")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->desc = *(++argv); options->desc = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-h")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-h")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
++argv; ++argv;
if (!strcmp(*argv, "md5")) { if (!strcmp(*argv, "md5")) {
options->md = EVP_md5(); options->md = EVP_md5();
@ -5533,22 +5594,38 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
options->md = EVP_sha512(); options->md = EVP_sha512();
} else { } else {
usage(argv0, "all"); usage(argv0, "all");
return 0; /* FAILED */
} }
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-i")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-i")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->url = *(++argv); options->url = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-st")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-st")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->signing_time = (time_t)strtoul(*(++argv), NULL, 10); options->signing_time = (time_t)strtoul(*(++argv), NULL, 10);
#ifdef ENABLE_CURL #ifdef ENABLE_CURL
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-t")) { } else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-t")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->turl[options->nturl++] = *(++argv); options->turl[options->nturl++] = *(++argv);
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-ts")) { } else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-ts")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->tsurl[options->ntsurl++] = *(++argv); options->tsurl[options->ntsurl++] = *(++argv);
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-p")) { } else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-p")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->proxy = *(++argv); options->proxy = *(++argv);
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-noverifypeer")) { } else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-noverifypeer")) {
options->noverifypeer = 1; options->noverifypeer = 1;
@ -5564,40 +5641,73 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD || *cmd == CMD_ATTACH) && !strcmp(*argv, "-add-msi-dse")) { } else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD || *cmd == CMD_ATTACH) && !strcmp(*argv, "-add-msi-dse")) {
options->add_msi_dse = 1; options->add_msi_dse = 1;
} else if ((*cmd == CMD_VERIFY) && (!strcmp(*argv, "-c") || !strcmp(*argv, "-catalog"))) { } else if ((*cmd == CMD_VERIFY) && (!strcmp(*argv, "-c") || !strcmp(*argv, "-catalog"))) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->catalog = *(++argv); options->catalog = *(++argv);
} else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && !strcmp(*argv, "-CAfile")) { } else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && !strcmp(*argv, "-CAfile")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
OPENSSL_free(options->cafile); OPENSSL_free(options->cafile);
options->cafile = OPENSSL_strdup(*++argv); options->cafile = OPENSSL_strdup(*++argv);
} else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && !strcmp(*argv, "-CRLfile")) { } else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && !strcmp(*argv, "-CRLfile")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->crlfile = OPENSSL_strdup(*++argv); options->crlfile = OPENSSL_strdup(*++argv);
} else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && (!strcmp(*argv, "-untrusted") || !strcmp(*argv, "-TSA-CAfile"))) { } else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && (!strcmp(*argv, "-untrusted") || !strcmp(*argv, "-TSA-CAfile"))) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
OPENSSL_free(options->tsa_cafile); OPENSSL_free(options->tsa_cafile);
options->tsa_cafile = OPENSSL_strdup(*++argv); options->tsa_cafile = OPENSSL_strdup(*++argv);
} else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && (!strcmp(*argv, "-CRLuntrusted") || !strcmp(*argv, "-TSA-CRLfile"))) { } else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && (!strcmp(*argv, "-CRLuntrusted") || !strcmp(*argv, "-TSA-CRLfile"))) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->tsa_crlfile = OPENSSL_strdup(*++argv); options->tsa_crlfile = OPENSSL_strdup(*++argv);
} else if ((*cmd == CMD_VERIFY) && !strcmp(*argv, "-require-leaf-hash")) { } else if ((*cmd == CMD_VERIFY) && !strcmp(*argv, "-require-leaf-hash")) {
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->leafhash = (*++argv); options->leafhash = (*++argv);
} else if ((*cmd == CMD_ADD) && !strcmp(*argv, "--help")) { } else if ((*cmd == CMD_ADD) && !strcmp(*argv, "--help")) {
help_for(argv0, "add"); help_for(argv0, "add");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_ATTACH) && !strcmp(*argv, "--help")) { } else if ((*cmd == CMD_ATTACH) && !strcmp(*argv, "--help")) {
help_for(argv0, "attach-signature"); help_for(argv0, "attach-signature");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_EXTRACT) && !strcmp(*argv, "--help")) { } else if ((*cmd == CMD_EXTRACT) && !strcmp(*argv, "--help")) {
help_for(argv0, "extract-signature"); help_for(argv0, "extract-signature");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_REMOVE) && !strcmp(*argv, "--help")) { } else if ((*cmd == CMD_REMOVE) && !strcmp(*argv, "--help")) {
help_for(argv0, "remove-signature"); help_for(argv0, "remove-signature");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "--help")) { } else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "--help")) {
help_for(argv0, "sign"); help_for(argv0, "sign");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_VERIFY) && !strcmp(*argv, "--help")) { } else if ((*cmd == CMD_VERIFY) && !strcmp(*argv, "--help")) {
help_for(argv0, "verify"); help_for(argv0, "verify");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if (!strcmp(*argv, "-jp")) { } else if (!strcmp(*argv, "-jp")) {
char *ap; char *ap;
if (--argc < 1) usage(argv0, "all"); if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
ap = *(++argv); ap = *(++argv);
for (i=0; ap[i]; i++) ap[i] = tolower((int)ap[i]); for (i=0; ap[i]; i++) ap[i] = tolower((int)ap[i]);
if (!strcmp(ap, "low")) { if (!strcmp(ap, "low")) {
@ -5607,7 +5717,10 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
} else if (!strcmp(ap, "high")) { } else if (!strcmp(ap, "high")) {
options->jp = 2; options->jp = 2;
} }
if (options->jp != 0) usage(argv0, "all"); /* XXX */ if (options->jp != 0) { /* XXX */
usage(argv0, "all");
return 0; /* FAILED */
}
} else { } else {
failarg = *argv; failarg = *argv;
break; break;
@ -5641,6 +5754,7 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
if (failarg) if (failarg)
printf("Unknown option: %s\n", failarg); printf("Unknown option: %s\n", failarg);
usage(argv0, "all"); usage(argv0, "all");
return 0; /* FAILED */
} }
if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && access(options->cafile, R_OK)) { if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && access(options->cafile, R_OK)) {
@ -5648,7 +5762,7 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
return 0; /* FAILED */ return 0; /* FAILED */
} }
return 1; return 1; /* OK */
} }
int main(int argc, char **argv) int main(int argc, char **argv)
@ -5885,8 +5999,8 @@ err_cleanup:
free_options(&options); free_options(&options);
if (ret) if (ret)
ERR_print_errors_fp(stdout); ERR_print_errors_fp(stdout);
if (cmd != CMD_HELP)
printf(ret ? "Failed\n" : "Succeeded\n"); printf(ret ? "Failed\n" : "Succeeded\n");
return ret; return ret;
} }