X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fdsa.c;h=1109346f78c7672e4d2ef54b68e35975f5975314;hp=229f2ea24664661c4196420fff73ef396743185b;hb=637f374ad49d5f6d4f81d87d7cdd226428aa470c;hpb=def38e38ec4fa5795414ee6536f3806f7fe7db13 diff --git a/apps/dsa.c b/apps/dsa.c index 229f2ea246..1109346f78 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -56,7 +56,8 @@ * [including the GNU Public Licence.] */ -#ifndef NO_DSA +#include /* for OPENSSL_NO_DSA */ +#ifndef OPENSSL_NO_DSA #include #include #include @@ -68,6 +69,7 @@ #include #include #include +#include #undef PROG #define PROG dsa_main @@ -79,12 +81,22 @@ * -des - encrypt output if PEM format with DES in cbc mode * -des3 - encrypt output if PEM format * -idea - encrypt output if PEM format + * -aes128 - encrypt output if PEM format + * -aes192 - encrypt output if PEM format + * -aes256 - encrypt output if PEM format + * -camellia128 - encrypt output if PEM format + * -camellia192 - encrypt output if PEM format + * -camellia256 - encrypt output if PEM format + * -seed - encrypt output if PEM format * -text - print a text version * -modulus - print the DSA public key */ +int MAIN(int, char **); + int MAIN(int argc, char **argv) { + ENGINE *e = NULL; int ret=1; DSA *dsa=NULL; int i,badops=0; @@ -93,14 +105,27 @@ int MAIN(int argc, char **argv) int informat,outformat,text=0,noout=0; int pubin = 0, pubout = 0; char *infile,*outfile,*prog; +#ifndef OPENSSL_NO_ENGINE + char *engine; +#endif + char *passargin = NULL, *passargout = NULL; + char *passin = NULL, *passout = NULL; int modulus=0; + int pvk_encr = 2; + apps_startup(); if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); + if (!load_config(bio_err, NULL)) + goto end; + +#ifndef OPENSSL_NO_ENGINE + engine=NULL; +#endif infile=NULL; outfile=NULL; informat=FORMAT_PEM; @@ -131,6 +156,29 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; outfile= *(++argv); } + else if (strcmp(*argv,"-passin") == 0) + { + if (--argc < 1) goto bad; + passargin= *(++argv); + } + else if (strcmp(*argv,"-passout") == 0) + { + if (--argc < 1) goto bad; + passargout= *(++argv); + } +#ifndef OPENSSL_NO_ENGINE + else if (strcmp(*argv,"-engine") == 0) + { + if (--argc < 1) goto bad; + engine= *(++argv); + } +#endif + else if (strcmp(*argv,"-pvk-strong") == 0) + pvk_encr=2; + else if (strcmp(*argv,"-pvk-weak") == 0) + pvk_encr=1; + else if (strcmp(*argv,"-pvk-none") == 0) + pvk_encr=0; else if (strcmp(*argv,"-noout") == 0) noout=1; else if (strcmp(*argv,"-text") == 0) @@ -156,23 +204,48 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"%s [options] outfile\n",prog); BIO_printf(bio_err,"where options are\n"); - BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); - BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); - BIO_printf(bio_err," -in arg input file\n"); - BIO_printf(bio_err," -out arg output file\n"); - BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); - BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); -#ifndef NO_IDEA - BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); + BIO_printf(bio_err," -inform arg input format - DER or PEM\n"); + BIO_printf(bio_err," -outform arg output format - DER or PEM\n"); + BIO_printf(bio_err," -in arg input file\n"); + BIO_printf(bio_err," -passin arg input file pass phrase source\n"); + BIO_printf(bio_err," -out arg output file\n"); + BIO_printf(bio_err," -passout arg output file pass phrase source\n"); +#ifndef OPENSSL_NO_ENGINE + BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif + BIO_printf(bio_err," -des encrypt PEM output with cbc des\n"); + BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n"); +#ifndef OPENSSL_NO_IDEA + BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); +#endif +#ifndef OPENSSL_NO_AES + BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); +#endif +#ifndef OPENSSL_NO_CAMELLIA + BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); +#endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); #endif - BIO_printf(bio_err," -text print the key in text\n"); - BIO_printf(bio_err," -noout don't print key out\n"); - BIO_printf(bio_err," -modulus print the DSA public value\n"); + BIO_printf(bio_err," -text print the key in text\n"); + BIO_printf(bio_err," -noout don't print key out\n"); + BIO_printf(bio_err," -modulus print the DSA public value\n"); goto end; } ERR_load_crypto_strings(); +#ifndef OPENSSL_NO_ENGINE + e = setup_engine(bio_err, engine, 0); +#endif + + if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { + BIO_printf(bio_err, "Error getting passwords\n"); + goto end; + } + in=BIO_new(BIO_s_file()); out=BIO_new(BIO_s_file()); if ((in == NULL) || (out == NULL)) @@ -193,16 +266,22 @@ bad: } BIO_printf(bio_err,"read DSA key\n"); - if (informat == FORMAT_ASN1) { - if(pubin) dsa=d2i_DSAPublicKey_bio(in,NULL); - else dsa=d2i_DSAPrivateKey_bio(in,NULL); - } else if (informat == FORMAT_PEM) { - if(pubin) dsa=PEM_read_bio_DSAPublicKey(in,NULL, NULL, NULL); - else dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL,NULL); - } else + { - BIO_printf(bio_err,"bad input format specified for key\n"); - goto end; + EVP_PKEY *pkey; + + if (pubin) + pkey = load_pubkey(bio_err, infile, informat, 1, + passin, e, "Public Key"); + else + pkey = load_key(bio_err, infile, informat, 1, + passin, e, "Private Key"); + + if (pkey) + { + dsa = EVP_PKEY_get1_DSA(pkey); + EVP_PKEY_free(pkey); + } } if (dsa == NULL) { @@ -212,7 +291,15 @@ bad: } if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef OPENSSL_SYS_VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -240,17 +327,31 @@ bad: if (noout) goto end; BIO_printf(bio_err,"writing DSA key\n"); if (outformat == FORMAT_ASN1) { - if(pubin || pubout) i=i2d_DSAPublicKey_bio(out,dsa); + if(pubin || pubout) i=i2d_DSA_PUBKEY_bio(out,dsa); else i=i2d_DSAPrivateKey_bio(out,dsa); } else if (outformat == FORMAT_PEM) { if(pubin || pubout) - i=PEM_write_bio_DSAPublicKey(out,dsa); - else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL,NULL); - } else { + i=PEM_write_bio_DSA_PUBKEY(out,dsa); + else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc, + NULL,0,NULL, passout); +#ifndef OPENSSL_NO_RSA + } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { + EVP_PKEY *pk; + pk = EVP_PKEY_new(); + EVP_PKEY_set1_DSA(pk, dsa); + if (outformat == FORMAT_PVK) + i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); + else if (pubin || pubout) + i = i2b_PublicKey_bio(out, pk); + else + i = i2b_PrivateKey_bio(out, pk); + EVP_PKEY_free(pk); +#endif + } else { BIO_printf(bio_err,"bad output format specified for outfile\n"); goto end; } - if (!i) + if (i <= 0) { BIO_printf(bio_err,"unable to write private key\n"); ERR_print_errors(bio_err); @@ -258,9 +359,18 @@ bad: else ret=0; end: - if (in != NULL) BIO_free(in); - if (out != NULL) BIO_free(out); - if (dsa != NULL) DSA_free(dsa); - EXIT(ret); + if(in != NULL) BIO_free(in); + if(out != NULL) BIO_free_all(out); + if(dsa != NULL) DSA_free(dsa); + if(passin) OPENSSL_free(passin); + if(passout) OPENSSL_free(passout); + apps_shutdown(); + OPENSSL_EXIT(ret); } +#else /* !OPENSSL_NO_DSA */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + #endif