upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-02-18 18:20:26 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/crypto/ui/ui_util.c
Pierre Pronchery b84c4564ef openssl: Vendor import of OpenSSL-3.0.9 
Summary:

Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html .

Obtained from:  https://www.openssl.org/source/openssl-3.0.9.tar.gz

Test Plan:
```
$ git status
On branch vendor/openssl-3.0
Your branch is up to date with 'origin/vendor/openssl-3.0'.

nothing to commit, working tree clean
$ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc)
openssl-3.0.9.tar.gz                                    14 MB   74 MBps    01s
openssl-3.0.9.tar.gz.asc                               833  B   10 MBps    00s
$ set | egrep '(XLIST|OSSLVER)='
OSSLVER=3.0.9
XLIST=FREEBSD-Xlist
$ gpg --list-keys
/home/khorben/.gnupg/pubring.kbx
--------------------------------
pub   rsa4096 2021-07-16 [SC] [expires: 2031-07-14]
      A21FAB74B0088AA361152586B8EF1A6BA9DA2D5C
uid           [ unknown] Tomáš Mráz <tm@t8m.info>
uid           [ unknown] Tomáš Mráz <tomas@arleto.cz>
uid           [ unknown] Tomáš Mráz <tomas@openssl.org>
sub   rsa4096 2021-07-16 [S] [expires: 2027-07-15]
sub   rsa4096 2021-07-16 [E] [expires: 2031-07-14]

$ gpg --verify ../openssl-${OSSLVER}.tar.gz.asc ../openssl-${OSSLVER}.tar.gz
gpg: Signature made Tue May 30 14:32:24 2023 CEST
gpg:                using RSA key DC7032662AF885E2F47F243F527466A21CA79E6D
gpg: Good signature from "Tomáš Mráz <tm@t8m.info>" [unknown]
gpg:                 aka "Tomáš Mráz <tomas@arleto.cz>" [unknown]
gpg:                 aka "Tomáš Mráz <tomas@openssl.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: A21F AB74 B008 8AA3 6115  2586 B8EF 1A6B A9DA 2D5C
     Subkey fingerprint: DC70 3266 2AF8 85E2 F47F  243F 5274 66A2 1CA7 9E6D

$ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C ..
$ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* .
[...]
$ diff -arq ../openssl-${OSSLVER}  .
Only in .: .git
Only in .: FREEBSD-Xlist
Only in .: FREEBSD-upgrade
$ git status FREEBSD*
On branch vendor/openssl-3.0
Your branch is up to date with 'origin/vendor/openssl-3.0'.

nothing to commit, working tree clean
```
2023-06-23 09:13:27 -04:00

163 lines
4.5 KiB
C
Raw Blame History

/*
* Copyright 2002-2023 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <string.h>
#include <openssl/pem.h> /* PEM_def_callback() */
#include "internal/thread_once.h"
#include "ui_local.h"
#ifndef BUFSIZ
#define BUFSIZ 256
#endif
int UI_UTIL_read_pw_string(char *buf, int length, const char *prompt,
int verify)
{
char buff[BUFSIZ];
int ret;
ret =
UI_UTIL_read_pw(buf, buff, (length > BUFSIZ) ? BUFSIZ : length,
prompt, verify);
OPENSSL_cleanse(buff, BUFSIZ);
return ret;
}
int UI_UTIL_read_pw(char *buf, char *buff, int size, const char *prompt,
int verify)
{
int ok = -2;
UI *ui;
if (size < 1)
return -1;
ui = UI_new();
if (ui != NULL) {
ok = UI_add_input_string(ui, prompt, 0, buf, 0, size - 1);
if (ok >= 0 && verify)
ok = UI_add_verify_string(ui, prompt, 0, buff, 0, size - 1, buf);
if (ok >= 0)
ok = UI_process(ui);
UI_free(ui);
}
return ok;
}
/*
* Wrapper around pem_password_cb, a method to help older APIs use newer
* ones.
*/
struct pem_password_cb_data {
pem_password_cb *cb;
int rwflag;
};
static void ui_new_method_data(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp)
{
/*
* Do nothing, the data is allocated externally and assigned later with
* CRYPTO_set_ex_data()
*/
}
static int ui_dup_method_data(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from,
void **pptr, int idx, long argl, void *argp)
{
if (*pptr != NULL) {
*pptr = OPENSSL_memdup(*pptr, sizeof(struct pem_password_cb_data));
if (*pptr != NULL)
return 1;
}
return 0;
}
static void ui_free_method_data(void *parent, void *ptr, CRYPTO_EX_DATA *ad,
int idx, long argl, void *argp)
{
OPENSSL_free(ptr);
}
static CRYPTO_ONCE get_index_once = CRYPTO_ONCE_STATIC_INIT;
static int ui_method_data_index = -1;
DEFINE_RUN_ONCE_STATIC(ui_method_data_index_init)
{
ui_method_data_index = CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_UI_METHOD,
0, NULL, ui_new_method_data,
ui_dup_method_data,
ui_free_method_data);
return 1;
}
static int ui_open(UI *ui)
{
return 1;
}
static int ui_read(UI *ui, UI_STRING *uis)
{
switch (UI_get_string_type(uis)) {
case UIT_PROMPT:
{
char result[PEM_BUFSIZE + 1];
const struct pem_password_cb_data *data =
UI_method_get_ex_data(UI_get_method(ui), ui_method_data_index);
int maxsize = UI_get_result_maxsize(uis);
int len = data->cb(result,
maxsize > PEM_BUFSIZE ? PEM_BUFSIZE : maxsize,
data->rwflag, UI_get0_user_data(ui));
if (len >= 0)
result[len] = '\0';
if (len < 0)
return len;
if (UI_set_result_ex(ui, uis, result, len) >= 0)
return 1;
return 0;
}
case UIT_VERIFY:
case UIT_NONE:
case UIT_BOOLEAN:
case UIT_INFO:
case UIT_ERROR:
break;
}
return 1;
}
static int ui_write(UI *ui, UI_STRING *uis)
{
return 1;
}
static int ui_close(UI *ui)
{
return 1;
}
UI_METHOD *UI_UTIL_wrap_read_pem_callback(pem_password_cb *cb, int rwflag)
{
struct pem_password_cb_data *data = NULL;
UI_METHOD *ui_method = NULL;
if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL
|| (ui_method = UI_create_method("PEM password callback wrapper")) == NULL
|| UI_method_set_opener(ui_method, ui_open) < 0
|| UI_method_set_reader(ui_method, ui_read) < 0
|| UI_method_set_writer(ui_method, ui_write) < 0
|| UI_method_set_closer(ui_method, ui_close) < 0
|| !RUN_ONCE(&get_index_once, ui_method_data_index_init)
|| !UI_method_set_ex_data(ui_method, ui_method_data_index, data)) {
UI_destroy_method(ui_method);
OPENSSL_free(data);
return NULL;
}
data->rwflag = rwflag;
data->cb = cb != NULL ? cb : PEM_def_callback;
return ui_method;
}
Reference in a new issue View git blame Copy permalink