-
-
Notifications
You must be signed in to change notification settings - Fork 9.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add help for pkeyopt values for the genpkey commandline app. #19931
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -57,6 +57,50 @@ const OPTIONS genpkey_options[] = { | |
{NULL} | ||
}; | ||
|
||
static const char *param_datatype_2name(unsigned int type, int *ishex) | ||
{ | ||
*ishex = 0; | ||
|
||
switch (type) { | ||
case OSSL_PARAM_INTEGER: return "int"; | ||
case OSSL_PARAM_UNSIGNED_INTEGER: return "uint"; | ||
case OSSL_PARAM_REAL: return "float"; | ||
case OSSL_PARAM_OCTET_STRING: *ishex = 1; return "string"; | ||
case OSSL_PARAM_UTF8_STRING: return "string"; | ||
default: | ||
return NULL; | ||
} | ||
} | ||
|
||
static void show_gen_pkeyopt(const char *algname, OSSL_LIB_CTX *libctx, const char *propq) | ||
{ | ||
EVP_PKEY_CTX *ctx = NULL; | ||
const OSSL_PARAM *params; | ||
int i, ishex = 0; | ||
|
||
if (algname == NULL) | ||
return; | ||
ctx = EVP_PKEY_CTX_new_from_name(libctx, algname, propq); | ||
if (ctx == NULL) | ||
return; | ||
|
||
if (EVP_PKEY_keygen_init(ctx) <= 0) | ||
goto cleanup; | ||
params = EVP_PKEY_CTX_settable_params(ctx); | ||
if (params == NULL) | ||
goto cleanup; | ||
|
||
BIO_printf(bio_err, "\nThe possible -pkeyopt arguments are:\n"); | ||
for (i = 0; params[i].key != NULL; ++i) { | ||
const char *name = param_datatype_2name(params[i].data_type, &ishex); | ||
|
||
if (name != NULL) | ||
BIO_printf(bio_err, " %s%s:%s\n", ishex ? "hex" : "", params[i].key, name); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This would print e.g. Perhaps There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think it still needs the hex in front of the name as that is what you do to parse hex format. |
||
} | ||
cleanup: | ||
EVP_PKEY_CTX_free(ctx); | ||
} | ||
|
||
int genpkey_main(int argc, char **argv) | ||
{ | ||
CONF *conf = NULL; | ||
|
@@ -88,6 +132,7 @@ int genpkey_main(int argc, char **argv) | |
case OPT_HELP: | ||
ret = 0; | ||
opt_help(genpkey_options); | ||
show_gen_pkeyopt(algname, libctx, app_get0_propq()); | ||
goto end; | ||
case OPT_OUTFORM: | ||
if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat)) | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
#! /usr/bin/env perl | ||
# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved. | ||
# | ||
# Licensed under the Apache License 2.0 (the "License"). You may not use | ||
# this file except in compliance with the License. You can obtain a copy | ||
# in the file LICENSE in the source distribution or at | ||
# https://www.openssl.org/source/license.html | ||
|
||
use strict; | ||
use warnings; | ||
|
||
use OpenSSL::Test qw/:DEFAULT/; | ||
use OpenSSL::Test::Utils; | ||
|
||
setup("test_genpkey"); | ||
|
||
my @algs = (); | ||
push @algs, qw(RSA) unless disabled("rsa"); | ||
push @algs, qw(DSA) unless disabled("dsa"); | ||
push @algs, qw(DH DHX) unless disabled("dh"); | ||
push @algs, qw(EC X25519 X448) unless disabled("ec"); | ||
push @algs, qw(SM2) unless disabled("sm2"); | ||
|
||
plan tests => scalar(@algs); | ||
|
||
foreach (@algs) { | ||
my $alg = $_; | ||
|
||
ok(run(app([ 'openssl', 'genpkey', '-algorithm', $alg, '-help'])), | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should the output be checked for minimal sanity? E.g. the string "pkeyopt values are" appears. Perhaps an option as well. |
||
"show genpkey pkeyopt values for $alg"); | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we not have some kind of output in the event of error (or at least a process exit code)?