From 8ddbff9c0811a0f11855eda871b9d3bff8fb325e Mon Sep 17 00:00:00 2001 From: Richard Levitte Date: Thu, 12 Jul 2018 14:22:43 +0200 Subject: [PATCH] 'openssl list': add option -objects to list built in objects Related to #6696 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/6702) --- CHANGES | 4 ++++ apps/openssl.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++- doc/man1/list.pod | 5 ++++ 3 files changed, 66 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index fab0af4b88..a1fa57c801 100644 --- a/CHANGES +++ b/CHANGES @@ -21,6 +21,10 @@ well as its type mnemonic (bin, lib, shlib). [Richard Levitte] + *) Added new option for 'openssl list', '-objects', which will display the + list of built in objects, i.e. OIDs with names. + [Richard Levitte] + Changes between 1.1.0i and 1.1.1 [11 Sep 2018] *) Add a new ClientHello callback. Provides a callback interface that gives diff --git a/apps/openssl.c b/apps/openssl.c index a872e2c5ee..3d6b276c40 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -316,6 +316,56 @@ static void list_missing_help(void) } } +static void list_objects(void) +{ + int max_nid = OBJ_new_nid(0); + int i; + char *oid_buf = NULL; + int oid_size = 0; + + /* Skip 0, since that's NID_undef */ + for (i = 1; i < max_nid; i++) { + const ASN1_OBJECT *obj = OBJ_nid2obj(i); + const char *sn = OBJ_nid2sn(i); + const char *ln = OBJ_nid2ln(i); + int n = 0; + + /* + * If one of the retrieved objects somehow generated an error, + * we ignore it. The check for NID_undef below will detect the + * error and simply skip to the next NID. + */ + ERR_clear_error(); + + if (OBJ_obj2nid(obj) == NID_undef) + continue; + + if ((n = OBJ_obj2txt(NULL, 0, obj, 1)) == 0) { + BIO_printf(bio_out, "# None-OID object: %s, %s\n", sn, ln); + continue; + } + if (n < 0) + break; /* Error */ + + if (n > oid_size) { + oid_buf = OPENSSL_realloc(oid_buf, n + 1); + if (oid_buf == NULL) { + BIO_printf(bio_err, "ERROR: Memory allocation\n"); + break; /* Error */ + } + oid_size = n + 1; + } + if (OBJ_obj2txt(oid_buf, oid_size, obj, 1) < 0) + break; /* Error */ + if (ln == NULL || strcmp(sn, ln) == 0) + BIO_printf(bio_out, "%s = %s\n", sn, oid_buf); + else + BIO_printf(bio_out, "%s = %s, %s\n", sn, ln, oid_buf); + } + + OPENSSL_free(oid_buf); +} + static void list_options_for_command(const char *command) { const FUNCTION *fp; @@ -348,7 +398,8 @@ typedef enum HELPLIST_CHOICE { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ONE, OPT_COMMANDS, OPT_DIGEST_COMMANDS, OPT_OPTIONS, OPT_DIGEST_ALGORITHMS, OPT_CIPHER_COMMANDS, OPT_CIPHER_ALGORITHMS, - OPT_PK_ALGORITHMS, OPT_PK_METHOD, OPT_DISABLED, OPT_MISSING_HELP + OPT_PK_ALGORITHMS, OPT_PK_METHOD, OPT_DISABLED, OPT_MISSING_HELP, + OPT_OBJECTS } HELPLIST_CHOICE; const OPTIONS list_options[] = { @@ -372,6 +423,8 @@ const OPTIONS list_options[] = { "List missing detailed help strings"}, {"options", OPT_OPTIONS, 's', "List options for specified command"}, + {"objects", OPT_OBJECTS, '-', + "List built in objects (OID<->name mappings)"}, {NULL} }; @@ -422,6 +475,9 @@ opthelp: case OPT_MISSING_HELP: list_missing_help(); break; + case OPT_OBJECTS: + list_objects(); + break; case OPT_OPTIONS: list_options_for_command(opt_arg()); break; diff --git a/doc/man1/list.pod b/doc/man1/list.pod index bed39b0c7c..f2fd06bb1f 100644 --- a/doc/man1/list.pod +++ b/doc/man1/list.pod @@ -80,6 +80,11 @@ without an associated ASN.1 method, for example, KDF algorithms. Display a list of disabled features, those that were compiled out of the installation. +=item B<-objects> + +Display a list of built in objects, i.e. OIDs with names. They're listed in the +format described in L. + =back =head1 COPYRIGHT -- 2.25.1