/*
- * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
static int gendh_cb(EVP_PKEY_CTX *ctx);
typedef enum OPTION_choice {
- OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
+ OPT_COMMON,
OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT,
OPT_ENGINE, OPT_CHECK, OPT_TEXT, OPT_NOOUT,
OPT_DSAPARAM, OPT_2, OPT_3, OPT_5,
OPT_SECTION("General"),
{"help", OPT_HELP, '-', "Display this summary"},
{"check", OPT_CHECK, '-', "Check the DH parameters"},
-#ifndef OPENSSL_NO_DSA
+#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_DEPRECATED_3_0)
{"dsaparam", OPT_DSAPARAM, '-',
"Read or generate DSA parameters, convert to DH"},
#endif
int dhparam_main(int argc, char **argv)
{
BIO *in = NULL, *out = NULL;
- DH *dh = NULL, *alloc_dh = NULL;
EVP_PKEY *pkey = NULL, *tmppkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
char *infile = NULL, *outfile = NULL, *prog;
text = 1;
break;
case OPT_DSAPARAM:
-# ifdef OPENSSL_NO_DEPRECATED_3_0
- BIO_printf(bio_err, "The dsaparam option is deprecated.\n");
-# else
dsaparam = 1;
-# endif
break;
case OPT_2:
g = 2;
break;
}
}
+
+ /* One optional argument, bitsize to generate. */
argc = opt_num_rest();
argv = opt_rest();
-
- if (argv[0] != NULL && (!opt_int(argv[0], &num) || num <= 0))
+ if (argc == 1) {
+ if (!opt_int(argv[0], &num) || num <= 0)
+ goto opthelp;
+ } else if (!opt_check_rest_arg(NULL)) {
+ goto opthelp;
+ }
+ if (!app_RAND_load())
goto end;
if (g && !num)
"Generating %s parameters, %d bit long %sprime\n",
alg, num, dsaparam ? "" : "safe ");
- if (!EVP_PKEY_paramgen_init(ctx)) {
+ if (EVP_PKEY_paramgen_init(ctx) <= 0) {
BIO_printf(bio_err,
"Error, unable to initialise %s parameters\n",
alg);
}
}
- if (!EVP_PKEY_paramgen(ctx, &tmppkey)) {
- BIO_printf(bio_err, "Error, %s generation failed\n", alg);
- goto end;
- }
-
+ tmppkey = app_paramgen(ctx, alg);
EVP_PKEY_CTX_free(ctx);
ctx = NULL;
if (dsaparam) {
* We check that we got one of those key types afterwards.
*/
decoderctx
- = OSSL_DECODER_CTX_new_by_EVP_PKEY(&tmppkey,
- (informat == FORMAT_ASN1)
+ = OSSL_DECODER_CTX_new_for_pkey(&tmppkey,
+ (informat == FORMAT_ASN1)
? "DER" : "PEM",
- NULL,
- (informat == FORMAT_ASN1)
+ NULL,
+ (informat == FORMAT_ASN1)
? keytype : NULL,
- OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
- NULL, NULL);
+ OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
+ NULL, NULL);
if (decoderctx != NULL
&& !OSSL_DECODER_from_bio(decoderctx, in)
*/
keytype = "DHX";
/*
- * BIO_reset() returns 0 for success for file BIOs only!!!
- * This won't work for stdin (and never has done)
- * TODO: We should fix this at some point
- */
+ * BIO_reset() returns 0 for success for file BIOs only!!!
+ * This won't work for stdin (and never has done)
+ */
if (BIO_reset(in) == 0)
done = 0;
}
if (!noout) {
OSSL_ENCODER_CTX *ectx =
- OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey,
- OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
- outformat == FORMAT_ASN1
- ? "DER" : "PEM",
- NULL, NULL, NULL);
+ OSSL_ENCODER_CTX_new_for_pkey(pkey,
+ OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
+ outformat == FORMAT_ASN1
+ ? "DER" : "PEM",
+ NULL, NULL);
if (ectx == NULL || !OSSL_ENCODER_to_bio(ectx, out)) {
OSSL_ENCODER_CTX_free(ectx);
end:
if (ret != 0)
ERR_print_errors(bio_err);
- DH_free(alloc_dh);
BIO_free(in);
BIO_free_all(out);
EVP_PKEY_free(pkey);
ctx = EVP_PKEY_CTX_new_from_name(NULL, "DHX", NULL);
if (ctx == NULL
- || !EVP_PKEY_param_fromdata_init(ctx)
- || !EVP_PKEY_fromdata(ctx, &pkey, params)) {
+ || EVP_PKEY_fromdata_init(ctx) <= 0
+ || EVP_PKEY_fromdata(ctx, &pkey, EVP_PKEY_KEY_PARAMETERS, params) <= 0) {
BIO_printf(bio_err, "Error, failed to set DH parameters\n");
goto err;
}
err:
EVP_PKEY_CTX_free(ctx);
- OSSL_PARAM_BLD_free_params(params);
+ OSSL_PARAM_free(params);
OSSL_PARAM_BLD_free(tmpl);
BN_free(bn_p);
BN_free(bn_q);