diff --git a/CHANGES b/CHANGES index 462befa49..e173a298a 100644 --- a/CHANGES +++ b/CHANGES @@ -4,6 +4,11 @@ Changes between 0.9.8a and 0.9.9 [xx XXX xxxx] + *) New function EVP_PKEY_asn1_get0_info() to retrieve information about + public key algorithms. New option to openssl utility: + "list-public-key-algorithms" to print out info. + [Steve Henson] + *) Implement the Supported Elliptic Curves Extension for ECC ciphersuites from draft-ietf-tls-ecc-12.txt. [Douglas Stebila] diff --git a/apps/openssl.c b/apps/openssl.c index 02d86d546..26c7297d6 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -141,6 +141,7 @@ static unsigned long MS_CALLBACK hash(const void *a_void); static int MS_CALLBACK cmp(const void *a_void,const void *b_void); static LHASH *prog_init(void ); static int do_cmd(LHASH *prog,int argc,char *argv[]); +static void list_pkey(BIO *out); char *default_config_file=NULL; /* Make sure there is only one when MONOLITH is defined */ @@ -367,6 +368,7 @@ end: #define LIST_STANDARD_COMMANDS "list-standard-commands" #define LIST_MESSAGE_DIGEST_COMMANDS "list-message-digest-commands" #define LIST_CIPHER_COMMANDS "list-cipher-commands" +#define LIST_PUBLIC_KEY_ALGORITHMS "list-public-key-algorithms" static int do_cmd(LHASH *prog, int argc, char *argv[]) { @@ -409,7 +411,8 @@ static int do_cmd(LHASH *prog, int argc, char *argv[]) } else if ((strcmp(argv[0],LIST_STANDARD_COMMANDS) == 0) || (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) || - (strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0)) + (strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0) || + (strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0)) { int list_type; BIO *bio_stdout; @@ -418,6 +421,8 @@ static int do_cmd(LHASH *prog, int argc, char *argv[]) list_type = FUNC_TYPE_GENERAL; else if (strcmp(argv[0],LIST_MESSAGE_DIGEST_COMMANDS) == 0) list_type = FUNC_TYPE_MD; + else if (strcmp(argv[0],LIST_PUBLIC_KEY_ALGORITHMS) == 0) + list_type = FUNC_TYPE_PKEY; else /* strcmp(argv[0],LIST_CIPHER_COMMANDS) == 0 */ list_type = FUNC_TYPE_CIPHER; bio_stdout = BIO_new_fp(stdout,BIO_NOCLOSE); @@ -427,10 +432,15 @@ static int do_cmd(LHASH *prog, int argc, char *argv[]) bio_stdout = BIO_push(tmpbio, bio_stdout); } #endif - - for (fp=functions; fp->name != NULL; fp++) - if (fp->type == list_type) - BIO_printf(bio_stdout, "%s\n", fp->name); + if (list_type == FUNC_TYPE_PKEY) + list_pkey(bio_stdout); + else + { + for (fp=functions; fp->name != NULL; fp++) + if (fp->type == list_type) + BIO_printf(bio_stdout, "%s\n", + fp->name); + } BIO_free_all(bio_stdout); ret=0; goto end; @@ -485,6 +495,39 @@ static int SortFnByName(const void *_f1,const void *_f2) return strcmp(f1->name,f2->name); } +static void list_pkey(BIO *out) + { + int i; + for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) + { + const EVP_PKEY_ASN1_METHOD *ameth; + int pkey_id, pkey_base_id, pkey_flags; + const char *pinfo, *pem_str; + ameth = EVP_PKEY_asn1_get0(i); + EVP_PKEY_asn1_get0_info(&pkey_id, &pkey_base_id, &pkey_flags, + &pinfo, &pem_str, ameth); + if (pkey_flags & ASN1_PKEY_ALIAS) + { + BIO_printf(out, "Name: %s\n", + OBJ_nid2ln(pkey_id)); + BIO_printf(out, "\tType: Alias to %s\n", + OBJ_nid2ln(pkey_base_id)); + } + else + { + BIO_printf(out, "Name: %s\n", pinfo); + BIO_printf(out, "\tType: %s Algorithm\n", + pkey_flags & ASN1_PKEY_DYNAMIC ? + "External" : "Builtin"); + BIO_printf(out, "\tOID: %s\n", OBJ_nid2ln(pkey_id)); + if (pem_str == NULL) + pem_str = "(none)"; + BIO_printf(out, "\tPEM string: %s\n", pem_str); + } + + } + } + static LHASH *prog_init(void) { LHASH *ret; diff --git a/apps/progs.h b/apps/progs.h index 67cc6df1f..ec5b9af2b 100644 --- a/apps/progs.h +++ b/apps/progs.h @@ -47,6 +47,7 @@ extern int ts_main(int argc,char *argv[]); #define FUNC_TYPE_GENERAL 1 #define FUNC_TYPE_MD 2 #define FUNC_TYPE_CIPHER 3 +#define FUNC_TYPE_PKEY 4 typedef struct { int type; diff --git a/apps/progs.pl b/apps/progs.pl index 36569d266..aac86a3d9 100644 --- a/apps/progs.pl +++ b/apps/progs.pl @@ -13,6 +13,7 @@ print <<'EOF'; #define FUNC_TYPE_GENERAL 1 #define FUNC_TYPE_MD 2 #define FUNC_TYPE_CIPHER 3 +#define FUNC_TYPE_PKEY 4 typedef struct { int type; diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index 3616816c1..6f98872cf 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -186,6 +186,25 @@ int EVP_PKEY_asn1_add(const EVP_PKEY_ASN1_METHOD *ameth) return 1; } +int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags, + const char **pinfo, const char **ppem_str, + const EVP_PKEY_ASN1_METHOD *ameth) + { + if (!ameth) + return 0; + if (ppkey_id) + *ppkey_id = ameth->pkey_id; + if (ppkey_base_id) + *ppkey_base_id = ameth->pkey_base_id; + if (ppkey_flags) + *ppkey_flags = ameth->pkey_flags; + if (pinfo) + *pinfo = ameth->info; + if (ppem_str) + *ppem_str = ameth->pem_str; + return 1; + } + EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, const char *pem_str, const char *info) { diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h index d21108d9b..a81f56238 100644 --- a/crypto/asn1/asn1_locl.h +++ b/crypto/asn1/asn1_locl.h @@ -71,9 +71,6 @@ struct asn1_pctx_st /* ASN1 public key method structure */ -#define ASN1_PKEY_ALIAS 0x1 -#define ASN1_PKEY_DYNAMIC 0x2 - struct evp_pkey_asn1_method_st { int pkey_id; diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index ba3ff562a..03b40d0e5 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -149,7 +149,7 @@ const EVP_PKEY_ASN1_METHOD dh_asn1_meth = EVP_PKEY_DH, 0, - "dh", + "DH", "OpenSSL PKCS#3 DH method", 0, diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h index 9378d441e..e4cbd2d68 100644 --- a/crypto/evp/evp.h +++ b/crypto/evp/evp.h @@ -856,11 +856,17 @@ int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md, EVP_PBE_KEYGEN *keygen); void EVP_PBE_cleanup(void); +#define ASN1_PKEY_ALIAS 0x1 +#define ASN1_PKEY_DYNAMIC 0x2 + int EVP_PKEY_asn1_get_count(void); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(int type); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(const char *str, int len); int EVP_PKEY_asn1_add(const EVP_PKEY_ASN1_METHOD *ameth); +int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *pkey_base_id, int *ppkey_flags, + const char **pinfo, const char **ppem_str, + const EVP_PKEY_ASN1_METHOD *ameth); EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, const char *pem_str, const char *info);