X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=apps%2Frsa.c;h=825d925c662bec272dcd2b32d5ba04a3abd78638;hp=219bdd65d6e5b84661d29cd32589d5e9071621a2;hb=23f80f46a43badabadb3f14487b8cd9af3336ef2;hpb=52664f5081939c96c5867fd02278f7575f1cab2d

diff --git a/apps/rsa.c b/apps/rsa.c
index 219bdd65d6..825d925c66 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -68,6 +68,7 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/pem.h>
+#include <openssl/engine.h>
 
 #undef PROG
 #define PROG	rsa_main
@@ -86,17 +87,22 @@
  * -pubout	- Output a public key.
  */
 
+int MAIN(int, char **);
+
 int MAIN(int argc, char **argv)
 	{
+	ENGINE *e = NULL;
 	int ret=1;
 	RSA *rsa=NULL;
-	int i,badops=0;
+	int i,badops=0, sgckey=0;
 	const EVP_CIPHER *enc=NULL;
 	BIO *in=NULL,*out=NULL;
 	int informat,outformat,text=0,check=0,noout=0;
 	int pubin = 0, pubout = 0;
 	char *infile,*outfile,*prog;
+	char *passargin = NULL, *passargout = NULL;
 	char *passin = NULL, *passout = NULL;
+	char *engine=NULL;
 	int modulus=0;
 
 	apps_startup();
@@ -138,36 +144,20 @@ int MAIN(int argc, char **argv)
 		else if (strcmp(*argv,"-passin") == 0)
 			{
 			if (--argc < 1) goto bad;
-			passin= *(++argv);
-			}
-		else if (strcmp(*argv,"-envpassin") == 0)
-			{
-			if (--argc < 1) goto bad;
-				if(!(passin= getenv(*(++argv))))
-				{
-				BIO_printf(bio_err,
-				 "Can't read environment variable %s\n",
-								*argv);
-				badops = 1;
-				}
+			passargin= *(++argv);
 			}
-		else if (strcmp(*argv,"-envpassout") == 0)
+		else if (strcmp(*argv,"-passout") == 0)
 			{
 			if (--argc < 1) goto bad;
-				if(!(passout= getenv(*(++argv))))
-				{
-				BIO_printf(bio_err,
-				 "Can't read environment variable %s\n",
-								*argv);
-				badops = 1;
-				}
-			argv++;
+			passargout= *(++argv);
 			}
-		else if (strcmp(*argv,"-passout") == 0)
+		else if (strcmp(*argv,"-engine") == 0)
 			{
 			if (--argc < 1) goto bad;
-			passout= *(++argv);
+			engine= *(++argv);
 			}
+		else if (strcmp(*argv,"-sgckey") == 0)
+			sgckey=1;
 		else if (strcmp(*argv,"-pubin") == 0)
 			pubin=1;
 		else if (strcmp(*argv,"-pubout") == 0)
@@ -198,12 +188,10 @@ bad:
 		BIO_printf(bio_err," -inform arg     input format - one of DER NET PEM\n");
 		BIO_printf(bio_err," -outform arg    output format - one of DER NET PEM\n");
 		BIO_printf(bio_err," -in arg         input file\n");
-		BIO_printf(bio_err," -passin arg     input file pass phrase\n");
-		BIO_printf(bio_err," -envpassin arg  environment variable containing input file pass phrase\n");
-		BIO_printf(bio_err," -in arg         input file\n");
+		BIO_printf(bio_err," -sgckey         Use IIS SGC key format\n");
+		BIO_printf(bio_err," -passin arg     input file pass phrase source\n");
 		BIO_printf(bio_err," -out arg        output file\n");
-		BIO_printf(bio_err," -passout arg    input file pass phrase\n");
-		BIO_printf(bio_err," -envpassout arg environment variable containing input file pass phrase\n");
+		BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
 		BIO_printf(bio_err," -des            encrypt PEM output with cbc des\n");
 		BIO_printf(bio_err," -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
 #ifndef NO_IDEA
@@ -215,11 +203,35 @@ bad:
 		BIO_printf(bio_err," -check          verify key consistency\n");
 		BIO_printf(bio_err," -pubin          expect a public key in input file\n");
 		BIO_printf(bio_err," -pubout         output a public key\n");
+		BIO_printf(bio_err," -engine e       use engine e, possibly a hardware device.\n");
 		goto end;
 		}
 
 	ERR_load_crypto_strings();
 
+	if (engine != NULL)
+		{
+		if((e = ENGINE_by_id(engine)) == NULL)
+			{
+			BIO_printf(bio_err,"invalid engine \"%s\"\n",
+				engine);
+			goto end;
+			}
+		if(!ENGINE_set_default(e, ENGINE_METHOD_ALL))
+			{
+			BIO_printf(bio_err,"can't use that engine\n");
+			goto end;
+			}
+		BIO_printf(bio_err,"engine \"%s\" set.\n", engine);
+		/* Free our "structural" reference. */
+		ENGINE_free(e);
+		}
+
+	if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+		BIO_printf(bio_err, "Error getting passwords\n");
+		goto end;
+	}
+
 	if(check && pubin) {
 		BIO_printf(bio_err, "Only private keys can be checked\n");
 		goto end;
@@ -253,7 +265,7 @@ bad:
 	else if (informat == FORMAT_NETSCAPE)
 		{
 		BUF_MEM *buf=NULL;
-		unsigned char *p;
+		const unsigned char *p;
 		int size=0;
 
 		buf=BUF_MEM_new();
@@ -272,17 +284,13 @@ bad:
 				}
 			}
 		p=(unsigned char *)buf->data;
-		rsa=(RSA *)d2i_Netscape_RSA(NULL,&p,(long)size,NULL);
+		rsa=d2i_RSA_NET(NULL,&p,(long)size,NULL, sgckey);
 		BUF_MEM_free(buf);
 		}
 #endif
 	else if (informat == FORMAT_PEM) {
 		if(pubin) rsa=PEM_read_bio_RSA_PUBKEY(in,NULL,NULL,NULL);
-		else {
-			if(passin) rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
-								key_cb,passin);
-			else rsa=PEM_read_bio_RSAPrivateKey(in,NULL,NULL,NULL);
-		}
+		else rsa=PEM_read_bio_RSAPrivateKey(in,NULL, NULL,passin);
 	}
 	else
 		{
@@ -297,7 +305,15 @@ bad:
 		}
 
 	if (outfile == NULL)
+		{
 		BIO_set_fp(out,stdout,BIO_NOCLOSE);
+#ifdef VMS
+		{
+		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+		out = BIO_push(tmpbio, out);
+		}
+#endif
+		}
 	else
 		{
 		if (BIO_write_filename(out,outfile) <= 0)
@@ -330,14 +346,14 @@ bad:
 			BIO_printf(out,"RSA key ok\n");
 		else if (r == 0)
 			{
-			long e;
+			long err;
 
-			while ((e = ERR_peek_error()) != 0 &&
-				ERR_GET_LIB(e) == ERR_LIB_RSA &&
-				ERR_GET_FUNC(e) == RSA_F_RSA_CHECK_KEY &&
-				ERR_GET_REASON(e) != ERR_R_MALLOC_FAILURE)
+			while ((err = ERR_peek_error()) != 0 &&
+				ERR_GET_LIB(err) == ERR_LIB_RSA &&
+				ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
+				ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE)
 				{
-				BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(e));
+				BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(err));
 				ERR_get_error(); /* remove e from error stack */
 				}
 			}
@@ -366,27 +382,23 @@ bad:
 		int size;
 
 		i=1;
-		size=i2d_Netscape_RSA(rsa,NULL,NULL);
-		if ((p=(unsigned char *)Malloc(size)) == NULL)
+		size=i2d_RSA_NET(rsa,NULL,NULL, sgckey);
+		if ((p=(unsigned char *)OPENSSL_malloc(size)) == NULL)
 			{
-			BIO_printf(bio_err,"Malloc failure\n");
+			BIO_printf(bio_err,"Memory allocation failure\n");
 			goto end;
 			}
 		pp=p;
-		i2d_Netscape_RSA(rsa,&p,NULL);
+		i2d_RSA_NET(rsa,&p,NULL, sgckey);
 		BIO_write(out,(char *)pp,size);
-		Free(pp);
+		OPENSSL_free(pp);
 		}
 #endif
 	else if (outformat == FORMAT_PEM) {
 		if(pubout || pubin)
 		    i=PEM_write_bio_RSA_PUBKEY(out,rsa);
-		else {
-			if(passout) i=PEM_write_bio_RSAPrivateKey(out,rsa,
-						enc,NULL,0,key_cb,passout);
-			else i=PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,
-								0,NULL,NULL);
-		}
+		else i=PEM_write_bio_RSAPrivateKey(out,rsa,
+						enc,NULL,0,NULL,passout);
 	} else	{
 		BIO_printf(bio_err,"bad output format specified for outfile\n");
 		goto end;
@@ -399,9 +411,17 @@ bad:
 	else
 		ret=0;
 end:
-	if (in != NULL) BIO_free(in);
-	if (out != NULL) BIO_free(out);
-	if (rsa != NULL) RSA_free(rsa);
+	if(in != NULL) BIO_free(in);
+	if(out != NULL) BIO_free_all(out);
+	if(rsa != NULL) RSA_free(rsa);
+	if(passin) OPENSSL_free(passin);
+	if(passout) OPENSSL_free(passout);
 	EXIT(ret);
 	}
+#else /* !NO_RSA */
+
+# if PEDANTIC
+static void *dummy=&dummy;
+# endif
+
 #endif