X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=apps%2Fgenrsa.c;h=515bd7c9017135667781a2c8cc4ba3ae2ba84d16;hb=d0ff2a237bfba01dda49a32a76e7551cf58a06cc;hp=30f1618f18f0d1bb20342b77cd3f65b2452784ab;hpb=ec577822f95a8bca0023c5c77cef1a4916822d4a;p=openssl.git diff --git a/apps/genrsa.c b/apps/genrsa.c index 30f1618f18..515bd7c901 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -56,43 +56,42 @@ * [including the GNU Public Licence.] */ +#ifndef OPENSSL_NO_RSA #include #include #include #include #include "apps.h" #include -#include #include #include #include #include #include #include +#include #define DEFBITS 512 #undef PROG #define PROG genrsa_main -#ifndef NOPROTO -static void MS_CALLBACK genrsa_cb(int p, int n, char *arg); -static long gr_load_rand(char *names); -#else -static void MS_CALLBACK genrsa_cb(); -static long gr_load_rand(); -#endif +static void MS_CALLBACK genrsa_cb(int p, int n, void *arg); + +int MAIN(int, char **); int MAIN(int argc, char **argv) { + ENGINE *e = NULL; int ret=1; - char buffer[200]; RSA *rsa=NULL; int i,num=DEFBITS; - long rnum=0,l; - EVP_CIPHER *enc=NULL; + long l; + const EVP_CIPHER *enc=NULL; unsigned long f4=RSA_F4; char *outfile=NULL; - char *inrand=NULL,*randfile; + char *passargout = NULL, *passout = NULL; + char *engine=NULL; + char *inrand=NULL; BIO *out=NULL; apps_startup(); @@ -100,9 +99,12 @@ int MAIN(int argc, char **argv) if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); + + if (!load_config(bio_err, NULL)) + goto err; if ((out=BIO_new(BIO_s_file())) == NULL) { - BIO_printf(bio_err,"unable to creat BIO for output\n"); + BIO_printf(bio_err,"unable to create BIO for output\n"); goto err; } @@ -118,23 +120,41 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-3") == 0) f4=3; - else if (strcmp(*argv,"-F4") == 0) + else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) f4=RSA_F4; + else if (strcmp(*argv,"-engine") == 0) + { + if (--argc < 1) goto bad; + engine= *(++argv); + } else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; inrand= *(++argv); } -#ifndef NO_DES +#ifndef OPENSSL_NO_DES else if (strcmp(*argv,"-des") == 0) enc=EVP_des_cbc(); else if (strcmp(*argv,"-des3") == 0) enc=EVP_des_ede3_cbc(); #endif -#ifndef NO_IDEA +#ifndef OPENSSL_NO_IDEA else if (strcmp(*argv,"-idea") == 0) enc=EVP_idea_cbc(); #endif +#ifndef OPENSSL_NO_AES + else if (strcmp(*argv,"-aes128") == 0) + enc=EVP_aes_128_cbc(); + else if (strcmp(*argv,"-aes192") == 0) + enc=EVP_aes_192_cbc(); + else if (strcmp(*argv,"-aes256") == 0) + enc=EVP_aes_256_cbc(); +#endif + else if (strcmp(*argv,"-passout") == 0) + { + if (--argc < 1) goto bad; + passargout= *(++argv); + } else break; argv++; @@ -144,23 +164,45 @@ int MAIN(int argc, char **argv) { bad: BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n"); - BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n"); - BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); -#ifndef NO_IDEA - BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); + BIO_printf(bio_err," -des encrypt the generated key with DES in cbc mode\n"); + BIO_printf(bio_err," -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); +#ifndef OPENSSL_NO_IDEA + BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n"); +#endif +#ifndef OPENSSL_NO_AES + BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); #endif - BIO_printf(bio_err," -out file - output the key to 'file\n"); - BIO_printf(bio_err," -f4 - use F4 (0x10001) for the E value\n"); - BIO_printf(bio_err," -3 - use 3 for the E value\n"); - BIO_printf(bio_err," -rand file:file:...\n"); - BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); - BIO_printf(bio_err," the random number generator\n"); + BIO_printf(bio_err," -out file output the key to 'file\n"); + BIO_printf(bio_err," -passout arg output file pass phrase source\n"); + BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n"); + BIO_printf(bio_err," -3 use 3 for the E value\n"); + BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); + BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); + BIO_printf(bio_err," load the file (or the files in the directory) into\n"); + BIO_printf(bio_err," the random number generator\n"); goto err; } ERR_load_crypto_strings(); + + if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { + BIO_printf(bio_err, "Error getting password\n"); + goto err; + } + + e = setup_engine(bio_err, engine, 0); + if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef OPENSSL_SYS_VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -170,45 +212,24 @@ bad: } } -#ifdef WINDOWS - BIO_printf(bio_err,"Loading 'screen' into random state -"); - BIO_flush(bio_err); - RAND_screen(); - BIO_printf(bio_err," done\n"); -#endif - randfile=RAND_file_name(buffer,200); - if ((randfile == NULL) || - !(rnum=(long)RAND_load_file(randfile,1024L*1024L))) + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL + && !RAND_status()) { - BIO_printf(bio_err,"unable to load 'random state'\n"); + BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } - - if (inrand == NULL) - { - if (rnum == 0) - { - BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); - } - } - else - { - rnum+=gr_load_rand(inrand); - } - if (rnum != 0) - BIO_printf(bio_err,"%ld semi-random bytes loaded\n",rnum); + if (inrand != NULL) + BIO_printf(bio_err,"%ld semi-random bytes loaded\n", + app_RAND_load_files(inrand)); BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n", num); - rsa=RSA_generate_key(num,f4,genrsa_cb,(char *)bio_err); + rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err); - if (randfile == NULL) - BIO_printf(bio_err,"unable to write 'random state'\n"); - else - RAND_write_file(randfile); + app_RAND_write_file(NULL, bio_err); if (rsa == NULL) goto err; - /* We need to do the folloing for when the base number size is < + /* We need to do the following for when the base number size is < * long, esp windows 3.1 :-(. */ l=0L; for (i=0; ie->top; i++) @@ -220,19 +241,27 @@ bad: l+=rsa->e->d[i]; } BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l); - if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL)) + { + PW_CB_DATA cb_data; + cb_data.password = passout; + cb_data.prompt_info = outfile; + if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0, + (pem_password_cb *)password_callback,&cb_data)) goto err; + } ret=0; err: if (rsa != NULL) RSA_free(rsa); - if (out != NULL) BIO_free(out); + if (out != NULL) BIO_free_all(out); + if(passout) OPENSSL_free(passout); if (ret != 0) ERR_print_errors(bio_err); + apps_shutdown(); EXIT(ret); } -static void MS_CALLBACK genrsa_cb(int p, int n, char *arg) +static void MS_CALLBACK genrsa_cb(int p, int n, void *arg) { char c='*'; @@ -241,32 +270,15 @@ static void MS_CALLBACK genrsa_cb(int p, int n, char *arg) if (p == 2) c='*'; if (p == 3) c='\n'; BIO_write((BIO *)arg,&c,1); - BIO_flush((BIO *)arg); + (void)BIO_flush((BIO *)arg); #ifdef LINT p=n; #endif } +#else /* !OPENSSL_NO_RSA */ -static long gr_load_rand(char *name) - { - char *p,*n; - int last; - long tot=0; - - for (;;) - { - last=0; - for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++); - if (*p == '\0') last=1; - *p='\0'; - n=name; - name=p+1; - if (*n == '\0') break; - - tot+=RAND_load_file(n,1024L*1024L); - if (last) break; - } - return(tot); - } - +# if PEDANTIC +static void *dummy=&dummy; +# endif +#endif