nhyatt/osslsigncode
1
0
Fork 0
mirror of https://github.com/mtrojnar/osslsigncode.git synced 2025-04-05 01:00:11 -05:00
Code Issues Projects Releases Wiki Activity

Merge pull request #90 from olszomal/style

Browse Source 
Handle unsuccessful termination exit(-1)
This commit is contained in:
Michał Trojnara 2021-05-04 09:40:12 +02:00 committed by GitHub
commit 1c175c4339
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 185 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

254
osslsigncode.c
View File

@ -1181,7 +1181,6 @@ static void usage(const char *argv0, const char *cmd)
printf("%12s[ -timestamp-expiration ]\n", "");
printf("%12s[ -verbose ]\n\n", "");
}
exit(-1);
}
static void help_for(const char *argv0, const char *cmd)
@ -1405,7 +1404,8 @@ typedef enum {
CMD_REMOVE,
CMD_VERIFY,
CMD_ADD,
CMD_ATTACH
CMD_ATTACH,
CMD_HELP
} cmd_type_t;
@ -1421,7 +1421,7 @@ static SpcLink *get_obsolete_link(void)
link->value.file = SpcString_new();
link->value.file->type = 0;
link->value.file->value.unicode = ASN1_BMPSTRING_new();
ASN1_STRING_set(link->value.file->value.unicode, obsolete, sizeof(obsolete));
ASN1_STRING_set(link->value.file->value.unicode, obsolete, sizeof obsolete);
return link;
}
@ -1433,7 +1433,7 @@ static const unsigned char classid_page_hash[] = {
static unsigned char *pe_calc_page_hash(char *indata, uint32_t header_size,
int pe32plus, uint32_t sigpos, int phtype, size_t *rphlen)
{
uint16_t nsections, sizeofopthdr;
uint16_t nsections, opthdr_size;
uint32_t pagesize, hdrsize;
uint32_t rs, ro, l, lastpos = 0;
int pphlen, phlen, i, pi = 1;
@ -1462,8 +1462,8 @@ static unsigned char *pe_calc_page_hash(char *indata, uint32_t header_size,
memset(res, 0, 4);
EVP_DigestFinal(mdctx, res + 4, NULL);
sizeofopthdr = GET_UINT16_LE(indata + header_size + 20);
sections = indata + header_size + 24 + sizeofopthdr;
opthdr_size = GET_UINT16_LE(indata + header_size + 20);
sections = indata + header_size + 24 + opthdr_size;
for (i=0; i<nsections; i++) {
rs = GET_UINT32_LE(sections + 16);
ro = GET_UINT32_LE(sections + 20);
@ -1506,7 +1506,7 @@ static SpcLink *get_page_hash_link(int phtype, char *indata, FILE_HEADER *header
header->fileend, phtype, &phlen);
if (!ph) {
printf("Failed to calculate page hash\n");
exit(-1);
return NULL; /* FAILED */
}
tohex(ph, hexbuf, (phlen < 32) ? phlen : 32);
printf("Calculated page hash : %s ...\n", hexbuf);
@ -1553,7 +1553,7 @@ static SpcLink *get_page_hash_link(int phtype, char *indata, FILE_HEADER *header
sk_ASN1_TYPE_free(aset);
so = SpcSerializedObject_new();
ASN1_OCTET_STRING_set(so->classId, classid_page_hash, sizeof(classid_page_hash));
ASN1_OCTET_STRING_set(so->classId, classid_page_hash, sizeof classid_page_hash);
ASN1_OCTET_STRING_set(so->serializedData, p, l);
OPENSSL_free(p);
@ -1563,7 +1563,7 @@ static SpcLink *get_page_hash_link(int phtype, char *indata, FILE_HEADER *header
return link;
}
static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *options,
static int get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *options,
FILE_HEADER *header, file_type_t type, char *indata)
{
u_char *p;
@ -1592,10 +1592,14 @@ static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *opti
SpcPeImageData *pid = SpcPeImageData_new();
ASN1_BIT_STRING_set(pid->flags, (unsigned char*)"0", 0);
if (options->pagehash) {
SpcLink *link;
phtype = NID_sha1;
if (EVP_MD_size(options->md) > EVP_MD_size(EVP_sha1()))
phtype = NID_sha256;
pid->file = get_page_hash_link(phtype, indata, header);
link = get_page_hash_link(phtype, indata, header);
if (!link)
return 0; /* FAILED */
pid->file = link;
} else {
pid->file = get_obsolete_link();
}
@ -1613,7 +1617,7 @@ static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *opti
ASN1_INTEGER_set(si->d, 0);
ASN1_INTEGER_set(si->e, 0);
ASN1_INTEGER_set(si->f, 0);
ASN1_OCTET_STRING_set(si->string, msistr, sizeof(msistr));
ASN1_OCTET_STRING_set(si->string, msistr, sizeof msistr);
l = i2d_SpcSipInfo(si, NULL);
p = OPENSSL_malloc(l);
i2d_SpcSipInfo(si, &p);
@ -1622,7 +1626,7 @@ static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *opti
SpcSipInfo_free(si);
} else {
printf("Unexpected file type: %d\n", type);
exit(1);
return 0; /* FAILED */
}
idc->data->type = dtype;
@ -1644,6 +1648,7 @@ static void get_indirect_data_blob(u_char **blob, int *len, GLOBAL_OPTIONS *opti
i2d_SpcIndirectDataContent(idc, &p);
SpcIndirectDataContent_free(idc);
*len -= EVP_MD_size(options->md);
return 1; /* OK */
}
static int set_signing_blob(PKCS7 *sig, BIO *hash, unsigned char *buf, int len)
@ -1727,7 +1732,8 @@ static int set_indirect_data_blob(PKCS7 *sig, BIO *hash, file_type_t type,
u_char *p = NULL;
int len = 0;
get_indirect_data_blob(&p, &len, options, header, type, indata);
if (!get_indirect_data_blob(&p, &len, options, header, type, indata))
return 0; /* FAILED */
memcpy(buf, p, len);
OPENSSL_free(p);
if (!set_signing_blob(sig, hash, buf, len))
@ -1963,7 +1969,7 @@ static time_t si_get_time(PKCS7_SIGNER_INFO *si)
if (object == NULL)
return INVALID_TIME; /* FAILED */
object_txt[0] = 0x00;
OBJ_obj2txt(object_txt, sizeof(object_txt), object, 1);
OBJ_obj2txt(object_txt, sizeof object_txt, object, 1);
if (!strcmp(object_txt, PKCS9_SIGNING_TIME)) {
/* PKCS#9 signing time - Policy OID: 1.2.840.113549.1.9.5 */
time = X509_ATTRIBUTE_get0_data(attr, 0, V_ASN1_UTCTIME, NULL);
@ -2198,9 +2204,9 @@ static int print_attributes(SIGNATURE *signature, int verbose)
print_time_t(signature->signtime);
if (signature->purpose) {
if (!memcmp(signature->purpose, purpose_comm, sizeof(purpose_comm)))
if (!memcmp(signature->purpose, purpose_comm, sizeof purpose_comm))
printf("\tMicrosoft Commercial Code Signing purpose\n");
else if (!memcmp(signature->purpose, purpose_ind, sizeof(purpose_ind)))
else if (!memcmp(signature->purpose, purpose_ind, sizeof purpose_ind))
printf("\tMicrosoft Individual Code Signing purpose\n");
else
printf("\tUnrecognized Code Signing purpose\n");
@ -2212,7 +2218,7 @@ static int print_attributes(SIGNATURE *signature, int verbose)
printf("\tText description: %s\n", signature->desc);
}
if (signature->level) {
if (!memcmp(signature->level, java_attrs_low, sizeof(java_attrs_low)))
if (!memcmp(signature->level, java_attrs_low, sizeof java_attrs_low))
printf("\tLow level of permissions in Microsoft Internet Explorer 4.x for CAB files\n");
else
printf("\tUnrecognized level of permissions in Microsoft Internet Explorer 4.x for CAB files\n");
@ -2250,7 +2256,7 @@ static void get_signed_attributes(SIGNATURE *signature, STACK_OF(X509_ATTRIBUTE)
if (object == NULL)
continue;
object_txt[0] = 0x00;
OBJ_obj2txt(object_txt, sizeof(object_txt), object, 1);
OBJ_obj2txt(object_txt, sizeof object_txt, object, 1);
if (!strcmp(object_txt, PKCS9_MESSAGE_DIGEST)) {
/* PKCS#9 message digest - Policy OID: 1.2.840.113549.1.9.4 */
signature->digest = X509_ATTRIBUTE_get0_data(attr, 0, V_ASN1_OCTET_STRING, NULL);
@ -2329,7 +2335,7 @@ static void get_unsigned_attributes(STACK_OF(SIGNATURE) **signatures, SIGNATURE
if (object == NULL)
continue;
object_txt[0] = 0x00;
OBJ_obj2txt(object_txt, sizeof(object_txt), object, 1);
OBJ_obj2txt(object_txt, sizeof object_txt, object, 1);
if (!strcmp(object_txt, PKCS9_COUNTER_SIGNATURE)) {
/* Authenticode Timestamp - Policy OID: 1.2.840.113549.1.9.6 */
PKCS7_SIGNER_INFO *countersi;
@ -3173,8 +3179,8 @@ static void pe_calc_digest(char *indata, const EVP_MD *md, unsigned char *mdbuf,
while (n < offset) {
int l;
size_t want = offset - n;
if (want > sizeof(bfb))
want = sizeof(bfb);
if (want > sizeof bfb)
want = sizeof bfb;
l = BIO_read(bio, bfb, want);
if (l <= 0)
break;
@ -3215,8 +3221,8 @@ static void pe_extract_page_hash(SpcAttributeTypeAndOptionalValue *obj,
return;
}
so = id->file->value.moniker;
if (so->classId->length != sizeof(classid_page_hash) ||
memcmp(so->classId->data, classid_page_hash, sizeof (classid_page_hash))) {
if (so->classId->length != sizeof classid_page_hash ||
memcmp(so->classId->data, classid_page_hash, sizeof classid_page_hash)) {
SpcPeImageData_free(id);
return;
}
@ -3230,7 +3236,7 @@ static void pe_extract_page_hash(SpcAttributeTypeAndOptionalValue *obj,
*phtype = 0;
buf[0] = 0x00;
OBJ_obj2txt(buf, sizeof(buf), obj->type, 1);
OBJ_obj2txt(buf, sizeof buf, obj->type, 1);
if (!strcmp(buf, SPC_PE_IMAGE_PAGE_HASHES_V1)) {
*phtype = NID_sha1;
} else if (!strcmp(buf, SPC_PE_IMAGE_PAGE_HASHES_V2)) {
@ -3665,8 +3671,8 @@ static void cab_calc_digest(char *indata, const EVP_MD *md, unsigned char *mdbuf
while (coffFiles < offset) {
int l;
uint32_t want = offset - coffFiles;
if (want > sizeof(bfb))
want = sizeof(bfb);
if (want > sizeof bfb)
want = sizeof bfb;
l = BIO_read(bio, bfb, want);
if (l <= 0)
break;
@ -4244,7 +4250,7 @@ static void add_jp_attribute(PKCS7_SIGNER_INFO *si, int jp)
switch (jp) {
case 0:
attrs = java_attrs_low;
len = sizeof(java_attrs_low);
len = sizeof java_attrs_low;
break;
case 1:
/* XXX */
@ -4267,9 +4273,9 @@ static void add_purpose_attribute(PKCS7_SIGNER_INFO *si, int comm)
astr = ASN1_STRING_new();
if (comm) {
ASN1_STRING_set(astr, purpose_comm, sizeof(purpose_comm));
ASN1_STRING_set(astr, purpose_comm, sizeof purpose_comm);
} else {
ASN1_STRING_set(astr, purpose_ind, sizeof(purpose_ind));
ASN1_STRING_set(astr, purpose_ind, sizeof purpose_ind);
}
PKCS7_add_signed_attribute(si, OBJ_txt2nid(SPC_STATEMENT_TYPE_OBJID),
V_ASN1_SEQUENCE, astr);
@ -4392,8 +4398,8 @@ static int add_unauthenticated_blob(PKCS7 *sig)
if ((p = OPENSSL_malloc(len)) == NULL)
return 1; /* FAILED */
memset(p, 0, len);
memcpy(p, prefix, sizeof(prefix));
memcpy(p+len-sizeof(postfix), postfix, sizeof(postfix));
memcpy(p, prefix, sizeof prefix);
memcpy(p + len - sizeof postfix, postfix, sizeof postfix);
astr = ASN1_STRING_new();
ASN1_STRING_set(astr, p, len);
nid = OBJ_create(SPC_UNAUTHENTICATED_DATA_BLOB_OBJID,
@ -4688,10 +4694,10 @@ static int get_file_type(char *indata, char *infile, file_type_t *type)
*type = FILE_TYPE_CAB;
} else if (!memcmp(indata, "MZ", 2)) {
*type = FILE_TYPE_PE;
} else if (!memcmp(indata, msi_magic, sizeof(msi_magic))) {
} else if (!memcmp(indata, msi_magic, sizeof msi_magic)) {
*type = FILE_TYPE_MSI;
} else if (!memcmp(indata + ((GET_UINT8_LE(indata+1) == 0x82) ? 4 : 5),
pkcs7_signed_data, sizeof(pkcs7_signed_data))) {
pkcs7_signed_data, sizeof pkcs7_signed_data)) {
/* the maximum size of a supported cat file is (2^24 -1) bytes */
*type = FILE_TYPE_CAT;
} else {
@ -4719,7 +4725,7 @@ static char *getpassword(const char *prompt)
printf("Failed to set terminal attributes\n");
return NULL;
}
p = fgets(passbuf, sizeof(passbuf), stdin);
p = fgets(passbuf, sizeof passbuf, stdin);
if (tcsetattr(fileno(stdin), TCSANOW, &ofl) != 0)
printf("Failed to restore terminal attributes\n");
if (!p) {
@ -4728,7 +4734,7 @@ static char *getpassword(const char *prompt)
}
passbuf[strlen(passbuf)-1] = 0x00;
pass = OPENSSL_strdup(passbuf);
memset(passbuf, 0, sizeof(passbuf));
memset(passbuf, 0, sizeof passbuf);
return pass;
#else
return getpass(prompt);
@ -4748,7 +4754,7 @@ static int read_password(GLOBAL_OPTIONS *options)
printf("Failed to open password file: %s\n", options->readpass);
return 0; /* FAILED */
}
passlen = read(passfd, passbuf, sizeof(passbuf)-1);
passlen = read(passfd, passbuf, sizeof passbuf - 1);
close(passfd);
if (passlen <= 0) {
printf("Failed to read password from file: %s\n", options->readpass);
@ -5199,7 +5205,7 @@ static PKCS7 *get_sigfile(char *sigfile, file_type_t type)
printf("Failed to open file: %s\n", sigfile);
return NULL; /* FAILED */
}
if (sigfilesize >= sizeof(pemhdr) && !memcmp(insigdata, pemhdr, sizeof(pemhdr)-1)) {
if (sigfilesize >= sizeof pemhdr && !memcmp(insigdata, pemhdr, sizeof pemhdr - 1)) {
sigbio = BIO_new_mem_buf(insigdata, sigfilesize);
sig = PEM_read_bio_PKCS7(sigbio, NULL, NULL, NULL);
BIO_free_all(sigbio);
@ -5422,9 +5428,10 @@ static cmd_type_t get_command(char **argv)
if (!strcmp(argv[1], "--help")) {
print_version();
help_for(argv[0], "all");
return CMD_HELP;
} else if (!strcmp(argv[1], "-v") || !strcmp(argv[1], "--version")) {
print_version();
exit(-1);
return CMD_HELP;
} else if (!strcmp(argv[1], "sign"))
return CMD_SIGN;
else if (!strcmp(argv[1], "extract-signature"))
@ -5458,68 +5465,122 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
options->signing_time = INVALID_TIME;
options->jp = -1;
if (*cmd == CMD_HELP) {
return 0; /* FAILED */
}
if (*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) {
options->cafile = get_cafile();
options->tsa_cafile = get_cafile();
}
for (argc--,argv++; argc >= 1; argc--,argv++) {
if (!strcmp(*argv, "-in")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->infile = *(++argv);
} else if (!strcmp(*argv, "-out")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->outfile = *(++argv);
} else if (!strcmp(*argv, "-sigin")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->sigfile = *(++argv);
} else if ((*cmd == CMD_SIGN) && (!strcmp(*argv, "-spc") || !strcmp(*argv, "-certs"))) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->certfile = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-ac")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->xcertfile = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-key")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->keyfile = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs12")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->pkcs12file = *(++argv);
} else if ((*cmd == CMD_EXTRACT) && !strcmp(*argv, "-pem")) {
options->output_pkcs7 = 1;
#ifndef OPENSSL_NO_ENGINE
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs11cert")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->p11cert = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs11engine")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->p11engine = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pkcs11module")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->p11module = *(++argv);
#endif /* OPENSSL_NO_ENGINE */
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-pass")) {
if (options->askpass || options->readpass) usage(argv0, "all");
if (--argc < 1) usage(argv0, "all");
if (options->askpass || options->readpass) {
usage(argv0, "all");
return 0; /* FAILED */
}
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->pass = OPENSSL_strdup(*(++argv));
memset(*argv, 0, strlen(*argv));
#ifdef PROVIDE_ASKPASS
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-askpass")) {
if (options->pass || options->readpass) usage(argv0, "all");
if (options->pass || options->readpass) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->askpass = 1;
#endif
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-readpass")) {
if (options->askpass || options->pass) usage(argv0, "all");
if (--argc < 1) usage(argv0, "all");
if (options->askpass || options->pass) {
usage(argv0, "all");
return 0; /* FAILED */
}
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->readpass = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-comm")) {
options->comm = 1;
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-ph")) {
options->pagehash = 1;
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-n")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->desc = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-h")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
++argv;
if (!strcmp(*argv, "md5")) {
options->md = EVP_md5();
@ -5533,22 +5594,38 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
options->md = EVP_sha512();
} else {
usage(argv0, "all");
return 0; /* FAILED */
}
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-i")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->url = *(++argv);
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "-st")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->signing_time = (time_t)strtoul(*(++argv), NULL, 10);
#ifdef ENABLE_CURL
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-t")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->turl[options->nturl++] = *(++argv);
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-ts")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->tsurl[options->ntsurl++] = *(++argv);
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-p")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->proxy = *(++argv);
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD) && !strcmp(*argv, "-noverifypeer")) {
options->noverifypeer = 1;
@ -5564,40 +5641,73 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
} else if ((*cmd == CMD_SIGN || *cmd == CMD_ADD || *cmd == CMD_ATTACH) && !strcmp(*argv, "-add-msi-dse")) {
options->add_msi_dse = 1;
} else if ((*cmd == CMD_VERIFY) && (!strcmp(*argv, "-c") || !strcmp(*argv, "-catalog"))) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->catalog = *(++argv);
} else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && !strcmp(*argv, "-CAfile")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
OPENSSL_free(options->cafile);
options->cafile = OPENSSL_strdup(*++argv);
} else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && !strcmp(*argv, "-CRLfile")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->crlfile = OPENSSL_strdup(*++argv);
} else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && (!strcmp(*argv, "-untrusted") || !strcmp(*argv, "-TSA-CAfile"))) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
OPENSSL_free(options->tsa_cafile);
options->tsa_cafile = OPENSSL_strdup(*++argv);
} else if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && (!strcmp(*argv, "-CRLuntrusted") || !strcmp(*argv, "-TSA-CRLfile"))) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->tsa_crlfile = OPENSSL_strdup(*++argv);
} else if ((*cmd == CMD_VERIFY) && !strcmp(*argv, "-require-leaf-hash")) {
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
options->leafhash = (*++argv);
} else if ((*cmd == CMD_ADD) && !strcmp(*argv, "--help")) {
help_for(argv0, "add");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_ATTACH) && !strcmp(*argv, "--help")) {
help_for(argv0, "attach-signature");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_EXTRACT) && !strcmp(*argv, "--help")) {
help_for(argv0, "extract-signature");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_REMOVE) && !strcmp(*argv, "--help")) {
help_for(argv0, "remove-signature");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_SIGN) && !strcmp(*argv, "--help")) {
help_for(argv0, "sign");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if ((*cmd == CMD_VERIFY) && !strcmp(*argv, "--help")) {
help_for(argv0, "verify");
*cmd = CMD_HELP;
return 0; /* FAILED */
} else if (!strcmp(*argv, "-jp")) {
char *ap;
if (--argc < 1) usage(argv0, "all");
if (--argc < 1) {
usage(argv0, "all");
return 0; /* FAILED */
}
ap = *(++argv);
for (i=0; ap[i]; i++) ap[i] = tolower((int)ap[i]);
if (!strcmp(ap, "low")) {
@ -5607,7 +5717,10 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
} else if (!strcmp(ap, "high")) {
options->jp = 2;
}
if (options->jp != 0) usage(argv0, "all"); /* XXX */
if (options->jp != 0) { /* XXX */
usage(argv0, "all");
return 0; /* FAILED */
}
} else {
failarg = *argv;
break;
@ -5641,6 +5754,7 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
if (failarg)
printf("Unknown option: %s\n", failarg);
usage(argv0, "all");
return 0; /* FAILED */
}
if ((*cmd == CMD_VERIFY || *cmd == CMD_ATTACH) && access(options->cafile, R_OK)) {
@ -5648,7 +5762,7 @@ static int main_configure(int argc, char **argv, cmd_type_t *cmd, GLOBAL_OPTIONS
return 0; /* FAILED */
}
return 1;
return 1; /* OK */
}
int main(int argc, char **argv)
@ -5885,7 +5999,7 @@ err_cleanup:
free_options(&options);
if (ret)
ERR_print_errors_fp(stdout);
if (cmd != CMD_HELP)
printf(ret ? "Failed\n" : "Succeeded\n");
return ret;
}