Convert openssl(1) pkey to the newer style of option handling.

ok jsing@

1 files changed, 171 insertions, 96 deletions

diff --git a/usr.bin/openssl/pkey.c b/usr.bin/openssl/pkey.c
index 49782317ee0..aab0b87032e 100644
--- a/usr.bin/openssl/pkey.c
+++ b/usr.bin/openssl/pkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pkey.c,v 1.10 2018/02/07 05:47:55 jsing Exp $ */
+/* $OpenBSD: pkey.c,v 1.11 2019/02/05 11:26:21 inoguchi Exp $ */
 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
  * project 2006
  */
@@ -65,18 +65,152 @@
 #include <openssl/evp.h>
 #include <openssl/pem.h>
 
+static struct {
+	const EVP_CIPHER *cipher;
+	char *infile;
+	int informat;
+	int noout;
+	char *outfile;
+	int outformat;
+	char *passargin;
+	char *passargout;
+	int pubin;
+	int pubout;
+	int pubtext;
+	int text;
+} pkey_config;
+
+static int
+pkey_opt_cipher(int argc, char **argv, int *argsused)
+{
+	char *name = argv[0];
+
+	if (*name++ != '-')
+		return (1);
+
+	if ((pkey_config.cipher = EVP_get_cipherbyname(name)) == NULL) {
+		BIO_printf(bio_err, "Unknown cipher %s\n", name);
+		return (1);
+	}
+
+	*argsused = 1;
+	return (0);
+}
+
+static struct option pkey_options[] = {
+	{
+		.name = "in",
+		.argname = "file",
+		.desc = "Input file (default stdin)",
+		.type = OPTION_ARG,
+		.opt.arg = &pkey_config.infile,
+	},
+	{
+		.name = "inform",
+		.argname = "format",
+		.desc = "Input format (DER or PEM (default))",
+		.type = OPTION_ARG_FORMAT,
+		.opt.value = &pkey_config.informat,
+	},
+	{
+		.name = "noout",
+		.desc = "Do not print encoded version of the key",
+		.type = OPTION_FLAG,
+		.opt.flag = &pkey_config.noout,
+	},
+	{
+		.name = "out",
+		.argname = "file",
+		.desc = "Output file (default stdout)",
+		.type = OPTION_ARG,
+		.opt.arg = &pkey_config.outfile,
+	},
+	{
+		.name = "outform",
+		.argname = "format",
+		.desc = "Output format (DER or PEM (default))",
+		.type = OPTION_ARG_FORMAT,
+		.opt.value = &pkey_config.outformat,
+	},
+	{
+		.name = "passin",
+		.argname = "src",
+		.desc = "Input file passphrase source",
+		.type = OPTION_ARG,
+		.opt.arg = &pkey_config.passargin,
+	},
+	{
+		.name = "passout",
+		.argname = "src",
+		.desc = "Output file passphrase source",
+		.type = OPTION_ARG,
+		.opt.arg = &pkey_config.passargout,
+	},
+	{
+		.name = "pubin",
+		.desc = "Expect a public key (default private key)",
+		.type = OPTION_VALUE,
+		.value = 1,
+		.opt.value = &pkey_config.pubin,
+	},
+	{
+		.name = "pubout",
+		.desc = "Output a public key (default private key)",
+		.type = OPTION_VALUE,
+		.value = 1,
+		.opt.value = &pkey_config.pubout,
+	},
+	{
+		.name = "text",
+		.desc = "Print the public/private key in plain text",
+		.type = OPTION_FLAG,
+		.opt.flag = &pkey_config.text,
+	},
+	{
+		.name = "text_pub",
+		.desc = "Print out only public key in plain text",
+		.type = OPTION_FLAG,
+		.opt.flag = &pkey_config.pubtext,
+	},
+	{
+		.name = NULL,
+		.type = OPTION_ARGV_FUNC,
+		.opt.argvfunc = pkey_opt_cipher,
+	},
+	{ NULL }
+};
+
+static void
+show_ciphers(const OBJ_NAME *name, void *arg)
+{
+	static int n;
+
+	fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
+}
+
+static void
+pkey_usage()
+{
+	fprintf(stderr,
+	    "usage: pkey [-ciphername] [-in file] [-inform fmt] [-noout] "
+	    "[-out file]\n"
+	    "    [-outform fmt] [-passin src] [-passout src] [-pubin] "
+	    "[-pubout] [-text]\n"
+	    "    [-text_pub]\n\n");
+	options_usage(pkey_options);
+	fprintf(stderr, "\n");
+
+	fprintf(stderr, "Valid ciphername values:\n\n");
+	OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
+	fprintf(stderr, "\n");
+}
+
 int
 pkey_main(int argc, char **argv)
 {
-	char **args, *infile = NULL, *outfile = NULL;
-	char *passargin = NULL, *passargout = NULL;
 	BIO *in = NULL, *out = NULL;
-	const EVP_CIPHER *cipher = NULL;
-	int informat, outformat;
-	int pubin = 0, pubout = 0, pubtext = 0, text = 0, noout = 0;
 	EVP_PKEY *pkey = NULL;
 	char *passin = NULL, *passout = NULL;
-	int badarg = 0;
 	int ret = 1;
 
 	if (single_execution) {
@@ -86,112 +220,53 @@ pkey_main(int argc, char **argv)
 		}
 	}
 
-	informat = FORMAT_PEM;
-	outformat = FORMAT_PEM;
-
-	args = argv + 1;
-	while (!badarg && *args && *args[0] == '-') {
-		if (!strcmp(*args, "-inform")) {
-			if (args[1]) {
-				args++;
-				informat = str2fmt(*args);
-			} else
-				badarg = 1;
-		} else if (!strcmp(*args, "-outform")) {
-			if (args[1]) {
-				args++;
-				outformat = str2fmt(*args);
-			} else
-				badarg = 1;
-		} else if (!strcmp(*args, "-passin")) {
-			if (!args[1])
-				goto bad;
-			passargin = *(++args);
-		} else if (!strcmp(*args, "-passout")) {
-			if (!args[1])
-				goto bad;
-			passargout = *(++args);
-		}
-		else if (!strcmp(*args, "-in")) {
-			if (args[1]) {
-				args++;
-				infile = *args;
-			} else
-				badarg = 1;
-		} else if (!strcmp(*args, "-out")) {
-			if (args[1]) {
-				args++;
-				outfile = *args;
-			} else
-				badarg = 1;
-		} else if (strcmp(*args, "-pubin") == 0) {
-			pubin = 1;
-			pubout = 1;
-			pubtext = 1;
-		} else if (strcmp(*args, "-pubout") == 0)
-			pubout = 1;
-		else if (strcmp(*args, "-text_pub") == 0) {
-			pubtext = 1;
-			text = 1;
-		} else if (strcmp(*args, "-text") == 0)
-			text = 1;
-		else if (strcmp(*args, "-noout") == 0)
-			noout = 1;
-		else {
-			cipher = EVP_get_cipherbyname(*args + 1);
-			if (!cipher) {
-				BIO_printf(bio_err, "Unknown cipher %s\n",
-				    *args + 1);
-				badarg = 1;
-			}
-		}
-		args++;
-	}
+	memset(&pkey_config, 0, sizeof(pkey_config));
+	pkey_config.informat = FORMAT_PEM;
+	pkey_config.outformat = FORMAT_PEM;
 
-	if (badarg) {
- bad:
-		BIO_printf(bio_err, "Usage pkey [options]\n");
-		BIO_printf(bio_err, "where options are\n");
-		BIO_printf(bio_err, "-in file        input file\n");
-		BIO_printf(bio_err, "-inform X       input format (DER or PEM)\n");
-		BIO_printf(bio_err, "-passin arg     input file pass phrase source\n");
-		BIO_printf(bio_err, "-outform X      output format (DER or PEM)\n");
-		BIO_printf(bio_err, "-out file       output file\n");
-		BIO_printf(bio_err, "-passout arg    output file pass phrase source\n");
-		return 1;
+	if (options_parse(argc, argv, pkey_options, NULL, NULL) != 0) {
+		pkey_usage();
+		goto end;
 	}
 
-	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+	if (pkey_config.pubtext)
+		pkey_config.text = 1;
+	if (pkey_config.pubin)
+		pkey_config.pubout = pkey_config.pubtext = 1;
+
+	if (!app_passwd(bio_err, pkey_config.passargin, pkey_config.passargout,
+	    &passin, &passout)) {
 		BIO_printf(bio_err, "Error getting passwords\n");
 		goto end;
 	}
-	if (outfile) {
-		if (!(out = BIO_new_file(outfile, "wb"))) {
+	if (pkey_config.outfile) {
+		if (!(out = BIO_new_file(pkey_config.outfile, "wb"))) {
 			BIO_printf(bio_err,
-			    "Can't open output file %s\n", outfile);
+			    "Can't open output file %s\n", pkey_config.outfile);
 			goto end;
 		}
 	} else {
 		out = BIO_new_fp(stdout, BIO_NOCLOSE);
 	}
 
-	if (pubin)
-		pkey = load_pubkey(bio_err, infile, informat, 1,
-		    passin, "Public Key");
+	if (pkey_config.pubin)
+		pkey = load_pubkey(bio_err, pkey_config.infile,
+		    pkey_config.informat, 1, passin, "Public Key");
 	else
-		pkey = load_key(bio_err, infile, informat, 1, passin, "key");
+		pkey = load_key(bio_err, pkey_config.infile,
+		    pkey_config.informat, 1, passin, "key");
 	if (!pkey)
 		goto end;
 
-	if (!noout) {
-		if (outformat == FORMAT_PEM) {
-			if (pubout)
+	if (!pkey_config.noout) {
+		if (pkey_config.outformat == FORMAT_PEM) {
+			if (pkey_config.pubout)
 				PEM_write_bio_PUBKEY(out, pkey);
 			else
-				PEM_write_bio_PrivateKey(out, pkey, cipher,
-				    NULL, 0, NULL, passout);
-		} else if (outformat == FORMAT_ASN1) {
-			if (pubout)
+				PEM_write_bio_PrivateKey(out, pkey,
+				    pkey_config.cipher, NULL, 0, NULL, passout);
+		} else if (pkey_config.outformat == FORMAT_ASN1) {
+			if (pkey_config.pubout)
 				i2d_PUBKEY_bio(out, pkey);
 			else
 				i2d_PrivateKey_bio(out, pkey);
@@ -201,8 +276,8 @@ pkey_main(int argc, char **argv)
 		}
 
 	}
-	if (text) {
-		if (pubtext)
+	if (pkey_config.text) {
+		if (pkey_config.pubtext)
 			EVP_PKEY_print_public(out, pkey, 0, NULL);
 		else
 			EVP_PKEY_print_private(out, pkey, 0, NULL);