Output properly encoded PQGParams. r=wtc. Bug 247738.

security/nss/cmd/makepqg/makepqg.c

@@ -85,65 +85,112 @@ Usage(void)
 
 }
 
-int
+SECStatus
 outputPQGParams(PQGParams * pqgParams, PRBool output_binary, PRBool output_raw,
                 FILE * outFile)
 {
     PRArenaPool   * arena 		= NULL;
     char          * PQG;
+    SECItem       * pItem;
+    int             cc;
+    SECStatus       rv;
     SECItem         encodedParams;
 
     if (output_raw) {
     	SECItem item;
 
-	PK11_PQG_GetPrimeFromParams(pqgParams, &item);
+	rv = PK11_PQG_GetPrimeFromParams(pqgParams, &item);
+	if (rv) {
+	    SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
+	    return rv;
+	}
 	SECU_PrintInteger(outFile, &item,    "Prime",    1);
 	SECITEM_FreeItem(&item, PR_FALSE);
 
-	PK11_PQG_GetSubPrimeFromParams(pqgParams, &item);
+	rv = PK11_PQG_GetSubPrimeFromParams(pqgParams, &item);
+	if (rv) {
+	    SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
+	    return rv;
+	}
 	SECU_PrintInteger(outFile, &item, "Subprime", 1);
 	SECITEM_FreeItem(&item, PR_FALSE);
 
-	PK11_PQG_GetBaseFromParams(pqgParams, &item);
+	rv = PK11_PQG_GetBaseFromParams(pqgParams, &item);
+	if (rv) {
+	    SECU_PrintError(progName, "PK11_PQG_GetPrimeFromParams");
+	    return rv;
+	}
 	SECU_PrintInteger(outFile, &item,     "Base",     1);
 	SECITEM_FreeItem(&item, PR_FALSE);
 
 	fprintf(outFile, "\n");
-	return 0;
+	return SECSuccess;
     }
 
     encodedParams.data = NULL;
     encodedParams.len  = 0;
     arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
-    SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams,
+    if (!arena) {
+    	SECU_PrintError(progName, "PORT_NewArena");
+	return SECFailure;
+    }
+    pItem = SEC_ASN1EncodeItem(arena, &encodedParams, pqgParams,
 			       seckey_PQGParamsTemplate);
+    if (!pItem) {
+    	SECU_PrintError(progName, "SEC_ASN1EncodeItem");
+	PORT_FreeArena(arena, PR_FALSE);
+    	return SECFailure;
+    }
     if (output_binary) {
-	fwrite(encodedParams.data, encodedParams.len, sizeof(char), outFile);
-	printf("\n");
-	return 0;
+	size_t len;
+	len = fwrite(encodedParams.data, 1, encodedParams.len, outFile);
+	PORT_FreeArena(arena, PR_FALSE);
+	if (len != encodedParams.len) {
+	     fprintf(stderr, "%s: fwrite failed\n", progName);
+	     return SECFailure;
+	}
+	return SECSuccess;
     }
 
     /* must be output ASCII */
     PQG = BTOA_DataToAscii(encodedParams.data, encodedParams.len);    
-
-    fprintf(outFile,"%s",PQG);
-    printf("\n");
-    return 0;
+    PORT_FreeArena(arena, PR_FALSE);
+    if (!PQG) {
+    	SECU_PrintError(progName, "BTOA_DataToAscii");
+	return SECFailure;
     }
 
-int
+    cc = fprintf(outFile,"%s\n",PQG);
+    PORT_Free(PQG);
+    if (cc <= 0) {
+	 fprintf(stderr, "%s: fprintf failed\n", progName);
+	 return SECFailure;
+    }
+    return SECSuccess;
+}
+
+SECStatus
 outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw,
                 FILE * outFile)
 {
+    SECStatus rv = SECSuccess;
     if (output_raw) {
     	SECItem item;
 	unsigned int counter;
 
-	PK11_PQG_GetHFromVerify(pqgVerify, &item);
+	rv = PK11_PQG_GetHFromVerify(pqgVerify, &item);
+	if (rv) {
+	    SECU_PrintError(progName, "PK11_PQG_GetHFromVerify");
+	    return rv;
+	}
 	SECU_PrintInteger(outFile, &item,        "h",        1);
 	SECITEM_FreeItem(&item, PR_FALSE);
 
-	PK11_PQG_GetSeedFromVerify(pqgVerify, &item);
+	rv = PK11_PQG_GetSeedFromVerify(pqgVerify, &item);
+	if (rv) {
+	    SECU_PrintError(progName, "PK11_PQG_GetSeedFromVerify");
+	    return rv;
+	}
 	SECU_PrintInteger(outFile, &item,     "SEED",     1);
 	fprintf(outFile, "    g:       %d\n", item.len * BPB);
 	SECITEM_FreeItem(&item, PR_FALSE);
@@ -151,20 +198,19 @@ outputPQGVerify(PQGVerify * pqgVerify, PRBool output_binary, PRBool output_raw,
 	counter = PK11_PQG_GetCounterFromVerify(pqgVerify);
 	fprintf(outFile, "    counter: %d\n", counter);
 	fprintf(outFile, "\n");
-	return 0;
     }
-    return 0;
+    return rv;
 }
 
 int
 main(int argc, char **argv)
 {
     FILE          * outFile 		= NULL;
+    char          * outFileName         = NULL;
     PQGParams     * pqgParams 		= NULL;
     PQGVerify     * pqgVerify           = NULL;
     int             keySizeInBits	= 1024;
     int             j;
-    int             o;
     int             g                   = 0;
     SECStatus       rv 			= 0;
     SECStatus       passed 		= 0;
@@ -181,7 +227,7 @@ main(int argc, char **argv)
     progName = progName ? progName+1 : argv[0];
 
     /* Parse command line arguments */
-    optstate = PL_CreateOptState(argc, argv, "l:abro:g:" );
+    optstate = PL_CreateOptState(argc, argv, "?abg:l:o:r" );
     while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) {
 	switch (optstate->option) {
 
@@ -202,10 +248,11 @@ main(int argc, char **argv)
 	    break;
 
 	  case 'o':
-	    outFile = fopen(optstate->value, "wb");
-	    if (!outFile) {
-		fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
-			progName, optstate->value);
+	    if (outFileName) {
+	    	PORT_Free(outFileName);
+	    }
+	    outFileName = PORT_Strdup(optstate->value);
+	    if (!outFileName) {
 		rv = -1;
 	    }
 	    break;
@@ -221,9 +268,10 @@ main(int argc, char **argv)
 
 	}
     }
+    PL_DestroyOptState(optstate);
 
-    if (rv != 0) {
-	return rv;
+    if (status == PL_OPT_BAD) {
+        Usage();
     }
 
     /* exactly 1 of these options must be set. */
@@ -238,13 +286,28 @@ main(int argc, char **argv)
 	fprintf(stderr, "%s: Illegal prime length, \n"
 			"\tacceptable values are between 512 and 1024,\n"
 			"\tand divisible by 64\n", progName);
-	return -1;
+	return 2;
     }
     if (g != 0 && (g < 160 || g >= 2048 || g % 8 != 0)) {
 	fprintf(stderr, "%s: Illegal g bits, \n"
 			"\tacceptable values are between 160 and 2040,\n"
 			"\tand divisible by 8\n", progName);
-	return -1;
+	return 3;
+    }
+
+    if (!rv && outFileName) {
+	outFile = fopen(outFileName, output_binary ? "wb" : "w");
+	if (!outFile) {
+	    fprintf(stderr, "%s: unable to open \"%s\" for writing\n",
+		    progName, outFileName);
+	    rv = -1;
+	}
+    }
+    if (outFileName) {
+	PORT_Free(outFileName);
+    }
+    if (rv != 0) {
+	return 1;
     }
 
     if (outFile == NULL) {
@@ -259,15 +322,24 @@ main(int argc, char **argv)
 	                         &pqgParams, &pqgVerify);
     else 
 	rv = PK11_PQG_ParamGen((unsigned)j, &pqgParams, &pqgVerify);
+    /* below here, must go to loser */
 
-    if (rv != SECSuccess || pqgParams == NULL) {
-	fprintf(stderr, "%s: PQG parameter generation failed.\n", progName);
+    if (rv != SECSuccess || pqgParams == NULL || pqgVerify == NULL) {
+	SECU_PrintError(progName, "PQG parameter generation failed.\n");
 	goto loser;
     } 
     fprintf(stderr, "%s: PQG parameter generation completed.\n", progName);
 
-    o = outputPQGParams(pqgParams, output_binary, output_raw, outFile);
-    o = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile);
+    rv = outputPQGParams(pqgParams, output_binary, output_raw, outFile);
+    if (rv) {
+    	fprintf(stderr, "%s: failed to output PQG params.\n", progName);
+	goto loser;
+    }
+    rv = outputPQGVerify(pqgVerify, output_binary, output_raw, outFile);
+    if (rv) {
+    	fprintf(stderr, "%s: failed to output PQG Verify.\n", progName);
+	goto loser;
+    }
 
     rv = PK11_PQG_VerifyParams(pqgParams, pqgVerify, &passed);
     if (rv != SECSuccess) {