diff options
author | Dr. Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> | 2018-09-26 08:37:01 +0200 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-06-09 09:47:34 +0200 |
commit | 34df960a75aeb85b97e5ac70465275c2057ee1a3 (patch) | |
tree | 8ae3ce275585e7f79563dd8faac4605c221705da /apps | |
parent | ca857d7332d042142ced23b37fdd1d52dbf152b9 (diff) |
apps/asn1parse: improve RFC7462 compliance
The asn1parse command now supports three different input formats:
openssl asn1parse -inform PEM|DER|B64
PEM: base64 encoded data enclosed by PEM markers (RFC7462)
DER: der encoded binary data
B64: raw base64 encoded data
The PEM input format is the default format. It is equivalent
to the former `-strictpem` option which is now marked obsolete
and kept for backward compatibility only.
The B64 is equivalent to the former default input format of the
asn1parse command (without `-strictpem`)
Fixes #7317
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7320)
Diffstat (limited to 'apps')
-rw-r--r-- | apps/asn1parse.c | 14 | ||||
-rw-r--r-- | apps/include/opt.h | 27 |
2 files changed, 29 insertions, 12 deletions
diff --git a/apps/asn1parse.c b/apps/asn1parse.c index b456f13d94..6c436d2f76 100644 --- a/apps/asn1parse.c +++ b/apps/asn1parse.c @@ -32,7 +32,7 @@ const OPTIONS asn1parse_options[] = { {"oid", OPT_OID, '<', "file of extra oid definitions"}, OPT_SECTION("I/O"), - {"inform", OPT_INFORM, 'F', "input format - one of DER PEM"}, + {"inform", OPT_INFORM, 'A', "input format - one of DER PEM B64"}, {"in", OPT_IN, '<', "input file"}, {"out", OPT_OUT, '>', "output file (output format is always DER)"}, {"noout", OPT_NOOUT, 0, "do not produce any output"}, @@ -44,7 +44,7 @@ const OPTIONS asn1parse_options[] = { {OPT_MORE_STR, 0, 0, "into multiple ASN1 blob wrappings"}, {"genconf", OPT_GENCONF, 's', "file to generate ASN1 structure from"}, {"strictpem", OPT_STRICTPEM, 0, - "do not attempt base64 decode outside PEM markers"}, + "equivalent to '-inform pem' (obsolete)"}, {"item", OPT_ITEM, 's', "item to parse and print"}, {OPT_MORE_STR, 0, 0, "(-inform will be ignored)"}, @@ -69,7 +69,7 @@ int asn1parse_main(int argc, char **argv) unsigned char *str = NULL; char *name = NULL, *header = NULL, *prog; const unsigned char *ctmpbuf; - int indent = 0, noout = 0, dump = 0, strictpem = 0, informat = FORMAT_PEM; + int indent = 0, noout = 0, dump = 0, informat = FORMAT_PEM; int offset = 0, ret = 1, i, j; long num, tmplen; unsigned char *tmpbuf; @@ -96,7 +96,7 @@ int asn1parse_main(int argc, char **argv) ret = 0; goto end; case OPT_INFORM: - if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &informat)) + if (!opt_format(opt_arg(), OPT_FMT_ASN1, &informat)) goto opthelp; break; case OPT_IN: @@ -136,7 +136,7 @@ int asn1parse_main(int argc, char **argv) genconf = opt_arg(); break; case OPT_STRICTPEM: - strictpem = 1; + /* accepted for backward compatibility */ informat = FORMAT_PEM; break; case OPT_ITEM: @@ -178,7 +178,7 @@ int asn1parse_main(int argc, char **argv) if ((buf = BUF_MEM_new()) == NULL) goto end; - if (strictpem) { + if (informat == FORMAT_PEM) { if (PEM_read_bio(in, &name, &header, &str, &num) != 1) { BIO_printf(bio_err, "Error reading PEM file\n"); ERR_print_errors(bio_err); @@ -198,7 +198,7 @@ int asn1parse_main(int argc, char **argv) } } else { - if (informat == FORMAT_PEM) { + if (informat == FORMAT_BASE64) { BIO *tmp; if ((b64 = BIO_new(BIO_f_base64())) == NULL) diff --git a/apps/include/opt.h b/apps/include/opt.h index 396215735b..26d40eb436 100644 --- a/apps/include/opt.h +++ b/apps/include/opt.h @@ -319,11 +319,28 @@ extern const char OPT_PARAM_STR[]; typedef struct options_st { const char *name; int retval; - /* - * value type: - no value (also the value zero), n number, p positive - * number, u unsigned, l long, s string, < input file, > output file, - * f any format, F der/pem format, E der/pem/engine format identifier. - * l, n and u include zero; p does not. + /*- + * value type: + * + * '-' no value (also the value zero) + * 'n' number (type 'int') + * 'p' positive number (type 'int') + * 'u' unsigned number (type 'unsigned long') + * 'l' number (type 'unsigned long') + * 'M' number (type 'intmax_t') + * 'U' unsigned number (type 'uintmax_t') + * 's' string + * '<' input file + * '>' output file + * '/' directory + * 'f' any format [OPT_FMT_ANY] + * 'F' der/pem format [OPT_FMT_PEMDER] + * 'A' any ASN1, der/pem/b64 format [OPT_FMT_ASN1] + * 'E' der/pem/engine format [OPT_FMT_PDE] + * 'c' pem/der/smime format [OPT_FMT_PDS] + * + * The 'l', 'n' and 'u' value types include the values zero, + * the 'p' value type does not. */ int valtype; const char *helpstr; |