Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add help for pkeyopt values for the genpkey commandline app. #19931

Closed
wants to merge 2 commits into from
Closed

Add help for pkeyopt values for the genpkey commandline app. #19931

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
b119771
Add help for pkeyopt values for the genpkey commandline app.
slontis Dec 15, 2022
5fede0c
fixup! Add help for pkeyopt values for the genpkey commandline app.
slontis Dec 21, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
45 changes: 45 additions & 0 deletions apps/genpkey.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,50 @@ const OPTIONS genpkey_options[] = {
{NULL}
};

static const char *param_datatype_2name(unsigned int type, int *ishex)
{
*ishex = 0;

switch (type) {
case OSSL_PARAM_INTEGER: return "int";
case OSSL_PARAM_UNSIGNED_INTEGER: return "uint";
case OSSL_PARAM_REAL: return "float";
case OSSL_PARAM_OCTET_STRING: *ishex = 1; return "string";
case OSSL_PARAM_UTF8_STRING: return "string";
default:
return NULL;
}
}

static void show_gen_pkeyopt(const char *algname, OSSL_LIB_CTX *libctx, const char *propq)
{
EVP_PKEY_CTX *ctx = NULL;
const OSSL_PARAM *params;
int i, ishex = 0;

if (algname == NULL)
return;
ctx = EVP_PKEY_CTX_new_from_name(libctx, algname, propq);
if (ctx == NULL)
return;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we not have some kind of output in the event of error (or at least a process exit code)?


if (EVP_PKEY_keygen_init(ctx) <= 0)
goto cleanup;
params = EVP_PKEY_CTX_settable_params(ctx);
if (params == NULL)
goto cleanup;

BIO_printf(bio_err, "\nThe possible -pkeyopt arguments are:\n");
for (i = 0; params[i].key != NULL; ++i) {
const char *name = param_datatype_2name(params[i].data_type, &ishex);

if (name != NULL)
BIO_printf(bio_err, " %s%s:%s\n", ishex ? "hex" : "", params[i].key, name);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This would print e.g. hexpropname:string... this seems confusing?

Perhaps propname:string (hex) / propname:string?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it still needs the hex in front of the name as that is what you do to parse hex format.

}
cleanup:
EVP_PKEY_CTX_free(ctx);
}

int genpkey_main(int argc, char **argv)
{
CONF *conf = NULL;
Expand Down Expand Up @@ -88,6 +132,7 @@ int genpkey_main(int argc, char **argv)
case OPT_HELP:
ret = 0;
opt_help(genpkey_options);
show_gen_pkeyopt(algname, libctx, app_get0_propq());
goto end;
case OPT_OUTFORM:
if (!opt_format(opt_arg(), OPT_FMT_PEMDER, &outformat))
Expand Down
3 changes: 3 additions & 0 deletions doc/man1/openssl-genpkey.pod.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,9 @@ options supported depends on the public key algorithm used and its
implementation. See L</KEY GENERATION OPTIONS> and
L</PARAMETER GENERATION OPTIONS> below for more details.

To list the possible I<opt> values for an algorithm use:
B<openssl> B<genpkey> -algorithm XXX -help

=item B<-genparam>

Generate a set of parameters instead of a private key. If used this option must
Expand Down
31 changes: 31 additions & 0 deletions test/recipes/15-test_genpkey.t
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
#! /usr/bin/env perl
# Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the Apache License 2.0 (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
# in the file LICENSE in the source distribution or at
# https://www.openssl.org/source/license.html

use strict;
use warnings;

use OpenSSL::Test qw/:DEFAULT/;
use OpenSSL::Test::Utils;

setup("test_genpkey");

my @algs = ();
push @algs, qw(RSA) unless disabled("rsa");
push @algs, qw(DSA) unless disabled("dsa");
push @algs, qw(DH DHX) unless disabled("dh");
push @algs, qw(EC X25519 X448) unless disabled("ec");
push @algs, qw(SM2) unless disabled("sm2");

plan tests => scalar(@algs);

foreach (@algs) {
my $alg = $_;

ok(run(app([ 'openssl', 'genpkey', '-algorithm', $alg, '-help'])),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should the output be checked for minimal sanity?

E.g. the string "pkeyopt values are" appears. Perhaps an option as well.

"show genpkey pkeyopt values for $alg");
}