BIO *in = NULL, *out = NULL;
DH *dh = NULL;
char *infile = NULL, *outfile = NULL, *prog, *inrand = NULL;
+ ENGINE *e = NULL;
#ifndef OPENSSL_NO_DSA
int dsaparam = 0;
#endif
outfile = opt_arg();
break;
case OPT_ENGINE:
- (void)setup_engine(opt_arg(), 0);
+ e = setup_engine(opt_arg(), 0);
break;
case OPT_CHECK:
check = 1;
} else
# endif
{
- if (informat == FORMAT_ASN1)
+ if (informat == FORMAT_ASN1) {
+ /*
+ * We have no PEM header to determine what type of DH params it
+ * is. We'll just try both.
+ */
dh = d2i_DHparams_bio(in, NULL);
- else /* informat == FORMAT_PEM */
+ /* BIO_reset() returns 0 for success for file BIOs only!!! */
+ if (dh == NULL && BIO_reset(in) == 0)
+ dh = d2i_DHxparams_bio(in, NULL);
+ } else {
+ /* informat == FORMAT_PEM */
dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
+ }
if (dh == NULL) {
BIO_printf(bio_err, "unable to load DH parameters\n");
goto end;
}
if (i & DH_CHECK_P_NOT_PRIME)
- printf("p value is not prime\n");
+ BIO_printf(bio_err, "WARNING: p value is not prime\n");
if (i & DH_CHECK_P_NOT_SAFE_PRIME)
- printf("p value is not a safe prime\n");
+ BIO_printf(bio_err, "WARNING: p value is not a safe prime\n");
+ if (i & DH_CHECK_Q_NOT_PRIME)
+ BIO_printf(bio_err, "WARNING: q value is not a prime\n");
+ if (i & DH_CHECK_INVALID_Q_VALUE)
+ BIO_printf(bio_err, "WARNING: q value is invalid\n");
+ if (i & DH_CHECK_INVALID_J_VALUE)
+ BIO_printf(bio_err, "WARNING: j value is invalid\n");
if (i & DH_UNABLE_TO_CHECK_GENERATOR)
- printf("unable to check the generator value\n");
+ BIO_printf(bio_err,
+ "WARNING: unable to check the generator value\n");
if (i & DH_NOT_SUITABLE_GENERATOR)
- printf("the g value is not a generator\n");
+ BIO_printf(bio_err, "WARNING: the g value is not a generator\n");
if (i == 0)
- printf("DH parameters appear to be ok.\n");
+ BIO_printf(bio_err, "DH parameters appear to be ok.\n");
+ if (num != 0 && i != 0) {
+ /*
+ * We have generated parameters but DH_check() indicates they are
+ * invalid! This should never happen!
+ */
+ BIO_printf(bio_err, "ERROR: Invalid parameters generated\n");
+ goto end;
+ }
}
if (C) {
unsigned char *data;
int len, bits;
- BIGNUM *pbn, *gbn;
+ const BIGNUM *pbn, *gbn;
len = DH_size(dh);
bits = DH_bits(dh);
"\n"
" if (dh == NULL)\n"
" return NULL;\n");
- BIO_printf(out, " dhp_bn = BN_bin2bn(dhp_%d, sizeof (dhp_%d), NULL);\n",
+ BIO_printf(out, " dhp_bn = BN_bin2bn(dhp_%d, sizeof(dhp_%d), NULL);\n",
bits, bits);
- BIO_printf(out, " dhg_bn = BN_bin2bn(dhg_%d, sizeof (dhg_%d), NULL);\n",
+ BIO_printf(out, " dhg_bn = BN_bin2bn(dhg_%d, sizeof(dhg_%d), NULL);\n",
bits, bits);
BIO_printf(out, " if (dhp_bn == NULL || dhg_bn == NULL\n"
" || !DH_set0_pqg(dh, dhp_bn, NULL, dhg_bn)) {\n"
}
if (!noout) {
- BIGNUM *q;
+ const BIGNUM *q;
DH_get0_pqg(dh, NULL, &q, NULL);
- if (outformat == FORMAT_ASN1)
- i = i2d_DHparams_bio(out, dh);
- else if (q != NULL)
+ if (outformat == FORMAT_ASN1) {
+ if (q != NULL)
+ i = i2d_DHxparams_bio(out, dh);
+ else
+ i = i2d_DHparams_bio(out, dh);
+ } else if (q != NULL)
i = PEM_write_bio_DHxparams(out, dh);
else
i = PEM_write_bio_DHparams(out, dh);
BIO_free(in);
BIO_free_all(out);
DH_free(dh);
+ release_engine(e);
return (ret);
}
projects / openssl.git / blobdiff