Changes between 0.9.3a and 0.9.4
+ *) New function RSA_check_key and new openssl rsa option -check
+ for verifying the consistency of RSA keys.
+ [Ulf Moeller, Bodo Moeller]
+
*) Various changes to make Win32 compile work:
1. Casts to avoid "loss of data" warnings in p5_crpt2.c
2. Change unsigned int to int in b_dump.c to avoid "signed/unsigned
* -idea - encrypt output if PEM format
* -text - print a text version
* -modulus - print the RSA key modulus
+ * -check - verify key consistency
*/
int MAIN(int argc, char **argv)
int i,badops=0;
const EVP_CIPHER *enc=NULL;
BIO *in=NULL,*out=NULL;
- int informat,outformat,text=0,noout=0;
+ int informat,outformat,text=0,check=0,noout=0;
char *infile,*outfile,*prog;
int modulus=0;
text=1;
else if (strcmp(*argv,"-modulus") == 0)
modulus=1;
+ else if (strcmp(*argv,"-check") == 0)
+ check=1;
else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
{
BIO_printf(bio_err,"unknown option %s\n",*argv);
BIO_printf(bio_err," -text print the key in text\n");
BIO_printf(bio_err," -noout don't print key out\n");
BIO_printf(bio_err," -modulus print the RSA key modulus\n");
+ BIO_printf(bio_err," -check verify key consistency\n");
goto end;
}
fprintf(stdout,"\n");
}
+ if (check)
+ if (RSA_check_key(rsa))
+ BIO_printf(out,"RSA key ok\n");
+ else
+ {
+ long e;
+
+ while ((e = ERR_peek_error()) != 0 &&
+ ERR_GET_LIB(e) == ERR_LIB_RSA &&
+ ERR_GET_FUNC(e) == RSA_F_RSA_CHECK_KEY &&
+ ERR_GET_REASON(e) != ERR_R_MALLOC_FAILURE)
+ {
+ BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(e));
+ ERR_get_error(); /* remove e from error stack */
+ }
+ if (e != 0)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
if (noout) goto end;
BIO_printf(bio_err,"writing RSA private key\n");
if (outformat == FORMAT_ASN1)
LIB=$(TOP)/libcrypto.a
LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
- rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c
+ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c
LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
- rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o
+ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o
SRC= $(LIBSRC)
# DO NOT DELETE THIS LINE -- make depend depends on it.
+rsa_chk.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
+rsa_chk.o: ../../include/openssl/err.h ../../include/openssl/opensslconf.h
+rsa_chk.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
+rsa_chk.o: ../../include/openssl/stack.h
rsa_eay.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_eay.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
rsa_eay.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
int RSA_size(RSA *);
RSA * RSA_generate_key(int bits, unsigned long e,void
(*callback)(int,int,void *),void *cb_arg);
+int RSA_check_key(RSA *);
/* next 4 return -1 on error */
int RSA_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa,int padding);
/* Function codes. */
#define RSA_F_MEMORY_LOCK 100
+#define RSA_F_RSA_CHECK_KEY 123
#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 101
#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 102
#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 103
#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 110
#define RSA_R_DATA_TOO_SMALL 111
#define RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE 122
+#define RSA_R_DE_NOT_CONGRUENT_TO_1 123
#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 112
+#define RSA_R_DMP1_NOT_CONGRUENT_TO_D 124
+#define RSA_R_DMQ1_NOT_CONGRUENT_TO_D 125
+#define RSA_R_IQMP_NOT_INVERSE_OF_Q 126
#define RSA_R_KEY_SIZE_TOO_SMALL 120
#define RSA_R_NULL_BEFORE_BLOCK_MISSING 113
+#define RSA_R_N_DOES_NOT_EQUAL_PQ 127
#define RSA_R_OAEP_DECODING_ERROR 121
#define RSA_R_PADDING_CHECK_FAILED 114
+#define RSA_R_P_NOT_PRIME 128
+#define RSA_R_Q_NOT_PRIME 129
#define RSA_R_SSLV3_ROLLBACK_ATTACK 115
#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 116
#define RSA_R_UNKNOWN_ALGORITHM_TYPE 117
static ERR_STRING_DATA RSA_str_functs[]=
{
{ERR_PACK(0,RSA_F_MEMORY_LOCK,0), "MEMORY_LOCK"},
+{ERR_PACK(0,RSA_F_RSA_CHECK_KEY,0), "RSA_check_key"},
{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"},
{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"},
{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"},
{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
{RSA_R_DATA_TOO_SMALL ,"data too small"},
{RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE ,"data too small for key size"},
+{RSA_R_DE_NOT_CONGRUENT_TO_1 ,"de not congruent to 1"},
{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
+{RSA_R_DMP1_NOT_CONGRUENT_TO_D ,"dmp1 not congruent to d"},
+{RSA_R_DMQ1_NOT_CONGRUENT_TO_D ,"dmq1 not congruent to d"},
+{RSA_R_IQMP_NOT_INVERSE_OF_Q ,"iqmp not inverse of q"},
{RSA_R_KEY_SIZE_TOO_SMALL ,"key size too small"},
{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"},
+{RSA_R_N_DOES_NOT_EQUAL_PQ ,"n does not equal pq"},
{RSA_R_OAEP_DECODING_ERROR ,"oaep decoding error"},
{RSA_R_PADDING_CHECK_FAILED ,"padding check failed"},
+{RSA_R_P_NOT_PRIME ,"p not prime"},
+{RSA_R_Q_NOT_PRIME ,"q not prime"},
{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"},
{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
sk_POLICYQUALINFO_sort 1866
sk_X509_CRL_sort 1867
sk_DIST_POINT_sort 1868
+RSA_check_key 1869
projects / openssl.git / commitdiff