Move add_oid_section to apps.c, so it can be shared by several

applications.  Also, have it and the certificate and key loading
functions take a BIO argument for error output.

apps/apps.c

@@ -424,7 +424,29 @@ static char *app_get_pass(BIO *err, char *arg, int keepbio)
 	return BUF_strdup(tpass);
 }
 
-X509 *load_cert(char *file, int format)
+int add_oid_section(BIO *err, LHASH *conf)
+{	
+	char *p;
+	STACK_OF(CONF_VALUE) *sktmp;
+	CONF_VALUE *cnf;
+	int i;
+	if(!(p=CONF_get_string(conf,NULL,"oid_section"))) return 1;
+	if(!(sktmp = CONF_get_section(conf, p))) {
+		BIO_printf(err, "problem loading oid section %s\n", p);
+		return 0;
+	}
+	for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
+		cnf = sk_CONF_VALUE_value(sktmp, i);
+		if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
+			BIO_printf(err, "problem creating object %s=%s\n",
+							 cnf->name, cnf->value);
+			return 0;
+		}
+	}
+	return 1;
+}
+
+X509 *load_cert(BIO *err, char *file, int format)
 	{
 	ASN1_HEADER *ah=NULL;
 	BUF_MEM *buf=NULL;
@@ -433,7 +455,7 @@ X509 *load_cert(char *file, int format)
 
 	if ((cert=BIO_new(BIO_s_file())) == NULL)
 		{
-		ERR_print_errors(bio_err);
+		ERR_print_errors(err);
 		goto end;
 		}
 
@@ -482,7 +504,7 @@ X509 *load_cert(char *file, int format)
 			(strncmp(NETSCAPE_CERT_HDR,(char *)ah->header->data,
 			ah->header->length) != 0))
 			{
-			BIO_printf(bio_err,"Error reading header on certificate\n");
+			BIO_printf(err,"Error reading header on certificate\n");
 			goto end;
 			}
 		/* header is ok, so now read the object */
@@ -504,14 +526,14 @@ X509 *load_cert(char *file, int format)
 		p12 = NULL;
 		}
 	else	{
-		BIO_printf(bio_err,"bad input format specified for input cert\n");
+		BIO_printf(err,"bad input format specified for input cert\n");
 		goto end;
 		}
 end:
 	if (x == NULL)
 		{
-		BIO_printf(bio_err,"unable to load certificate\n");
+		BIO_printf(err,"unable to load certificate\n");
-		ERR_print_errors(bio_err);
+		ERR_print_errors(err);
 		}
 	if (ah != NULL) ASN1_HEADER_free(ah);
 	if (cert != NULL) BIO_free(cert);
@@ -519,20 +541,20 @@ end:
 	return(x);
 	}
 
-EVP_PKEY *load_key(char *file, int format, char *pass)
+EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass)
 	{
 	BIO *key=NULL;
 	EVP_PKEY *pkey=NULL;
 
 	if (file == NULL)
 		{
-		BIO_printf(bio_err,"no keyfile specified\n");
+		BIO_printf(err,"no keyfile specified\n");
 		goto end;
 		}
 	key=BIO_new(BIO_s_file());
 	if (key == NULL)
 		{
-		ERR_print_errors(bio_err);
+		ERR_print_errors(err);
 		goto end;
 		}
 	if (BIO_read_filename(key,file) <= 0)
@@ -558,17 +580,17 @@ EVP_PKEY *load_key(char *file, int format, char *pass)
 		}
 	else
 		{
-		BIO_printf(bio_err,"bad input format specified for key\n");
+		BIO_printf(err,"bad input format specified for key\n");
 		goto end;
 		}
  end:
 	if (key != NULL) BIO_free(key);
 	if (pkey == NULL)
-		BIO_printf(bio_err,"unable to load Private Key\n");
+		BIO_printf(err,"unable to load Private Key\n");
 	return(pkey);
 	}
 
-STACK_OF(X509) *load_certs(char *file, int format)
+STACK_OF(X509) *load_certs(BIO *err, char *file, int format)
 	{
 	BIO *certs;
 	int i;
@@ -578,7 +600,7 @@ STACK_OF(X509) *load_certs(char *file, int format)
 
 	if((certs = BIO_new(BIO_s_file())) == NULL)
 		{
-		ERR_print_errors(bio_err);
+		ERR_print_errors(err);
 		goto end;
 		}
 
@@ -615,14 +637,14 @@ STACK_OF(X509) *load_certs(char *file, int format)
 		goto end;
 		}
 	else	{
-		BIO_printf(bio_err,"bad input format specified for input cert\n");
+		BIO_printf(err,"bad input format specified for input cert\n");
 		goto end;
 		}
 end:
 	if (othercerts == NULL)
 		{
-		BIO_printf(bio_err,"unable to load certificates\n");
+		BIO_printf(err,"unable to load certificates\n");
-		ERR_print_errors(bio_err);
+		ERR_print_errors(err);
 		}
 	if (allcerts) sk_X509_INFO_pop_free(allcerts, X509_INFO_free);
 	if (certs != NULL) BIO_free(certs);

apps/apps.h

@@ -65,6 +65,7 @@
 #include <openssl/bio.h>
 #include <openssl/crypto.h>
 #include <openssl/x509.h>
+#include <openssl/lhash.h>
 
 int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn);
 int app_RAND_write_file(const char *file, BIO *bio_e);
@@ -146,9 +147,10 @@ int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
 int dump_cert_text(BIO *out, X509 *x);
 #endif
 int app_passwd(BIO *err, char *arg1, char *arg2, char **pass1, char **pass2);
-X509 *load_cert(char *file, int format);
+int add_oid_section(BIO *err, LHASH *conf);
-EVP_PKEY *load_key(char *file, int format, char *pass);
+X509 *load_cert(BIO *err, char *file, int format);
-STACK_OF(X509) *load_certs(char *file, int format);
+EVP_PKEY *load_key(BIO *err, char *file, int format, char *pass);
+STACK_OF(X509) *load_certs(BIO *err, char *file, int format);
 
 #define FORMAT_UNDEF    0
 #define FORMAT_ASN1     1

apps/ca.c

@@ -176,7 +176,6 @@ extern int EF_PROTECT_BELOW;
 extern int EF_ALIGNMENT;
 #endif
 
-static int add_oid_section(LHASH *conf);
 static void lookup_fail(char *name,char *tag);
 static unsigned long index_serial_hash(char **a);
 static int index_serial_cmp(char **a, char **b);
@@ -498,7 +497,7 @@ bad:
 				BIO_free(oid_bio);
 				}
 			}
-		if(!add_oid_section(conf)) 
+		if(!add_oid_section(bio_err,conf)) 
 			{
 			ERR_print_errors(bio_err);
 			goto err;
@@ -2100,28 +2099,6 @@ static int check_time_format(char *str)
 	return(ASN1_UTCTIME_check(&tm));
 	}
 
-static int add_oid_section(LHASH *hconf)
-{	
-	char *p;
-	STACK_OF(CONF_VALUE) *sktmp;
-	CONF_VALUE *cnf;
-	int i;
-	if(!(p=CONF_get_string(hconf,NULL,"oid_section"))) return 1;
-	if(!(sktmp = CONF_get_section(hconf, p))) {
-		BIO_printf(bio_err, "problem loading oid section %s\n", p);
-		return 0;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
-		cnf = sk_CONF_VALUE_value(sktmp, i);
-		if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
-			BIO_printf(bio_err, "problem creating object %s=%s\n",
-							 cnf->name, cnf->value);
-			return 0;
-		}
-	}
-	return 1;
-}
-
 static int do_revoke(X509 *x509, TXT_DB *db)
 {
 	ASN1_UTCTIME *tm=NULL, *revtm=NULL;

apps/req.c

@@ -126,7 +126,6 @@ static void MS_CALLBACK req_cb(int p,int n,void *arg);
 #endif
 static int req_check_len(int len,int min,int max);
 static int check_end(char *str, char *end);
-static int add_oid_section(LHASH *conf);
 #ifndef MONOLITH
 static char *default_config_file=NULL;
 static LHASH *config=NULL;
@@ -467,7 +466,7 @@ bad:
 				}
 			}
 		}
-		if(!add_oid_section(req_conf)) goto end;
+		if(!add_oid_section(bio_err, req_conf)) goto end;
 
 	if ((md_alg == NULL) &&
 		((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL))
@@ -1268,25 +1267,3 @@ static int check_end(char *str, char *end)
 	tmp = str + slen - elen;
 	return strcmp(tmp, end);
 }
-
-static int add_oid_section(LHASH *conf)
-{	
-	char *p;
-	STACK_OF(CONF_VALUE) *sktmp;
-	CONF_VALUE *cnf;
-	int i;
-	if(!(p=CONF_get_string(conf,NULL,"oid_section"))) return 1;
-	if(!(sktmp = CONF_get_section(conf, p))) {
-		BIO_printf(bio_err, "problem loading oid section %s\n", p);
-		return 0;
-	}
-	for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
-		cnf = sk_CONF_VALUE_value(sktmp, i);
-		if(OBJ_create(cnf->value, cnf->name, cnf->name) == NID_undef) {
-			BIO_printf(bio_err, "problem creating object %s=%s\n",
-							 cnf->name, cnf->value);
-			return 0;
-		}
-	}
-	return 1;
-}

apps/smime.c

@@ -308,7 +308,7 @@ int MAIN(int argc, char **argv)
 		}
 		encerts = sk_X509_new_null();
 		while (*args) {
-			if(!(cert = load_cert(*args,FORMAT_PEM))) {
+			if(!(cert = load_cert(bio_err,*args,FORMAT_PEM))) {
 				BIO_printf(bio_err, "Can't read recipient certificate file %s\n", *args);
 				goto end;
 			}
@@ -319,14 +319,14 @@ int MAIN(int argc, char **argv)
 	}
 
 	if(signerfile && (operation == SMIME_SIGN)) {
-		if(!(signer = load_cert(signerfile,FORMAT_PEM))) {
+		if(!(signer = load_cert(bio_err,signerfile,FORMAT_PEM))) {
 			BIO_printf(bio_err, "Can't read signer certificate file %s\n", signerfile);
 			goto end;
 		}
 	}
 
 	if(certfile) {
-		if(!(other = load_certs(certfile,FORMAT_PEM))) {
+		if(!(other = load_certs(bio_err,certfile,FORMAT_PEM))) {
 			BIO_printf(bio_err, "Can't read certificate file %s\n", certfile);
 			ERR_print_errors(bio_err);
 			goto end;
@@ -334,7 +334,7 @@ int MAIN(int argc, char **argv)
 	}
 
 	if(recipfile && (operation == SMIME_DECRYPT)) {
-		if(!(recip = load_cert(recipfile,FORMAT_PEM))) {
+		if(!(recip = load_cert(bio_err,recipfile,FORMAT_PEM))) {
 			BIO_printf(bio_err, "Can't read recipient certificate file %s\n", recipfile);
 			ERR_print_errors(bio_err);
 			goto end;
@@ -348,7 +348,7 @@ int MAIN(int argc, char **argv)
 	} else keyfile = NULL;
 
 	if(keyfile) {
-		if(!(key = load_key(keyfile, FORMAT_PEM, passin))) {
+		if(!(key = load_key(bio_err,keyfile, FORMAT_PEM, passin))) {
 			BIO_printf(bio_err, "Can't read recipient certificate file %s\n", keyfile);
 			ERR_print_errors(bio_err);
 			goto end;

apps/x509.c

@@ -543,12 +543,12 @@ bad:
 		EVP_PKEY_free(pkey);
 		}
 	else
-		x=load_cert(infile,informat);
+		x=load_cert(bio_err,infile,informat);
 
 	if (x == NULL) goto end;
 	if (CA_flag)
 		{
-		xca=load_cert(CAfile,CAformat);
+		xca=load_cert(bio_err,CAfile,CAformat);
 		if (xca == NULL) goto end;
 		}
 
@@ -787,7 +787,8 @@ bad:
 				BIO_printf(bio_err,"Getting Private key\n");
 				if (Upkey == NULL)
 					{
-					Upkey=load_key(keyfile,keyformat, passin);
+					Upkey=load_key(bio_err,
+						keyfile,keyformat, passin);
 					if (Upkey == NULL) goto end;
 					}
 #ifndef NO_DSA
@@ -804,7 +805,8 @@ bad:
 				BIO_printf(bio_err,"Getting CA Private Key\n");
 				if (CAkeyfile != NULL)
 					{
-					CApkey=load_key(CAkeyfile,CAkeyformat, passin);
+					CApkey=load_key(bio_err,
+						CAkeyfile,CAkeyformat, passin);
 					if (CApkey == NULL) goto end;
 					}
 #ifndef NO_DSA
@@ -830,7 +832,8 @@ bad:
 					}
 				else
 					{
-					pk=load_key(keyfile,FORMAT_PEM, passin);
+					pk=load_key(bio_err,
+						keyfile,FORMAT_PEM, passin);
 					if (pk == NULL) goto end;
 					}