* Hudson (tjh@cryptsoft.com).
*
*/
+
+#include <openssl/opensslconf.h>
+#ifndef OPENSSL_NO_RSA
+
#include "apps.h"
+#include <string.h>
#include <openssl/err.h>
#include <openssl/pem.h>
+#include <openssl/rsa.h>
#define RSA_SIGN 1
#define RSA_VERIFY 2
int MAIN(int argc, char **argv)
{
+ ENGINE *e = NULL;
BIO *in = NULL, *out = NULL;
char *infile = NULL, *outfile = NULL;
+#ifndef OPENSSL_NO_ENGINE
+ char *engine = NULL;
+#endif
char *keyfile = NULL;
char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
int keyform = FORMAT_PEM;
EVP_PKEY *pkey = NULL;
RSA *rsa = NULL;
unsigned char *rsa_in = NULL, *rsa_out = NULL, pad;
+ char *passargin = NULL, *passin = NULL;
int rsa_inlen, rsa_outlen = 0;
int keysize;
argv++;
if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
+
+ if (!load_config(bio_err, NULL))
+ goto end;
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
pad = RSA_PKCS1_PADDING;
} else if(!strcmp(*argv, "-inkey")) {
if (--argc < 1) badarg = 1;
keyfile = *(++argv);
+ } else if (!strcmp(*argv,"-passin")) {
+ if (--argc < 1) badarg = 1;
+ passargin= *(++argv);
+ } else if (strcmp(*argv,"-keyform") == 0) {
+ if (--argc < 1) badarg = 1;
+ keyform=str2fmt(*(++argv));
+#ifndef OPENSSL_NO_ENGINE
+ } else if(!strcmp(*argv, "-engine")) {
+ if (--argc < 1) badarg = 1;
+ engine = *(++argv);
+#endif
} else if(!strcmp(*argv, "-pubin")) {
key_type = KEY_PUBKEY;
} else if(!strcmp(*argv, "-certin")) {
else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;
else if(!strcmp(*argv, "-hexdump")) hexdump = 1;
else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;
+ else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
+ else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
else if(!strcmp(*argv, "-sign")) {
rsa_mode = RSA_SIGN;
need_priv = 1;
goto end;
}
+#ifndef OPENSSL_NO_ENGINE
+ e = setup_engine(bio_err, engine, 0);
+#endif
+ if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
+ BIO_printf(bio_err, "Error getting password\n");
+ goto end;
+ }
+
+/* FIXME: seed PRNG only if needed */
+ app_RAND_load_file(NULL, bio_err, 0);
+
switch(key_type) {
case KEY_PRIVKEY:
- pkey = load_key(bio_err, keyfile, keyform, NULL);
+ pkey = load_key(bio_err, keyfile, keyform, 0,
+ passin, e, "Private Key");
break;
case KEY_PUBKEY:
- pkey = load_pubkey(bio_err, keyfile, keyform);
+ pkey = load_pubkey(bio_err, keyfile, keyform, 0,
+ NULL, e, "Public Key");
break;
case KEY_CERT:
- x = load_cert(bio_err, keyfile, keyform);
+ x = load_cert(bio_err, keyfile, keyform,
+ NULL, e, "Certificate");
if(x) {
pkey = X509_get_pubkey(x);
X509_free(x);
}
if(!pkey) {
- BIO_printf(bio_err, "Error loading key\n");
return 1;
}
ERR_print_errors(bio_err);
goto end;
}
- } else out = BIO_new_fp(stdout, BIO_NOCLOSE);
+ } else {
+ out = BIO_new_fp(stdout, BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+ {
+ BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+ out = BIO_push(tmpbio, out);
+ }
+#endif
+ }
keysize = RSA_size(rsa);
end:
RSA_free(rsa);
BIO_free(in);
- BIO_free(out);
+ BIO_free_all(out);
if(rsa_in) OPENSSL_free(rsa_in);
if(rsa_out) OPENSSL_free(rsa_out);
+ if(passin) OPENSSL_free(passin);
return ret;
}
BIO_printf(bio_err, "-in file input file\n");
BIO_printf(bio_err, "-out file output file\n");
BIO_printf(bio_err, "-inkey file input key\n");
+ BIO_printf(bio_err, "-keyform arg private key format - default PEM\n");
BIO_printf(bio_err, "-pubin input is an RSA public\n");
BIO_printf(bio_err, "-certin input is a certificate carrying an RSA public key\n");
BIO_printf(bio_err, "-ssl use SSL v2 padding\n");
BIO_printf(bio_err, "-raw use no padding\n");
- BIO_printf(bio_err, "-pkcs use PKCS#1 padding (default)\n");
+ BIO_printf(bio_err, "-pkcs use PKCS#1 v1.5 padding (default)\n");
+ BIO_printf(bio_err, "-oaep use PKCS#1 OAEP\n");
BIO_printf(bio_err, "-sign sign with private key\n");
BIO_printf(bio_err, "-verify verify with public key\n");
BIO_printf(bio_err, "-encrypt encrypt with public key\n");
BIO_printf(bio_err, "-decrypt decrypt with private key\n");
BIO_printf(bio_err, "-hexdump hex dump output\n");
+#ifndef OPENSSL_NO_ENGINE
+ BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
+ BIO_printf (bio_err, "-passin arg pass phrase source\n");
+#endif
+
}
+#endif
projects / openssl.git / blobdiff