X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fdsaparam.c;h=708cb9a6488ded6b1eaf656729cc0a6d0ba658aa;hp=25b86d5cc6fda1a0e5f2047d96ba72bf5f40d1c0;hb=e1cd94f2dca4056ce042c62b89c468dffc088033;hpb=1ddf2594e18137aeb7ce861e54f46824db76e36f diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 25b86d5cc6..708cb9a648 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -7,36 +7,28 @@ * https://www.openssl.org/source/license.html */ -/* We need to use some deprecated APIs */ -#define OPENSSL_SUPPRESS_DEPRECATED - #include -#if defined(OPENSSL_NO_DSA) || defined(OPENSSL_NO_DEPRECATED_3_0) -NON_EMPTY_TRANSLATION_UNIT -#else -# include -# include -# include -# include -# include "apps.h" -# include "progs.h" -# include -# include -# include -# include -# include -# include +#include +#include +#include +#include +#include "apps.h" +#include "progs.h" +#include +#include +#include +#include +#include +#include static int verbose = 0; -static int dsa_cb(int p, int n, BN_GENCB *cb); - typedef enum OPTION_choice { - OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, - OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT, OPT_C, + OPT_COMMON, + OPT_INFORM, OPT_OUTFORM, OPT_IN, OPT_OUT, OPT_TEXT, OPT_NOOUT, OPT_GENKEY, OPT_ENGINE, OPT_VERBOSE, - OPT_R_ENUM + OPT_R_ENUM, OPT_PROV_ENUM } OPTION_CHOICE; const OPTIONS dsaparam_options[] = { @@ -44,9 +36,9 @@ const OPTIONS dsaparam_options[] = { OPT_SECTION("General"), {"help", OPT_HELP, '-', "Display this summary"}, -# ifndef OPENSSL_NO_ENGINE +#ifndef OPENSSL_NO_ENGINE {"engine", OPT_ENGINE, 's', "Use engine e, possibly a hardware device"}, -# endif +#endif OPT_SECTION("Input"), {"in", OPT_IN, '<', "Input file"}, @@ -56,12 +48,12 @@ const OPTIONS dsaparam_options[] = { {"out", OPT_OUT, '>', "Output file"}, {"outform", OPT_OUTFORM, 'F', "Output format - DER or PEM"}, {"text", OPT_TEXT, '-', "Print as text"}, - {"C", OPT_C, '-', "Output C code"}, {"noout", OPT_NOOUT, '-', "No output"}, {"verbose", OPT_VERBOSE, '-', "Verbose output"}, {"genkey", OPT_GENKEY, '-', "Generate a DSA key"}, OPT_R_OPTIONS, + OPT_PROV_OPTIONS, OPT_PARAMETERS(), {"numbits", 0, 0, "Number of bits if generating parameters (optional)"}, @@ -71,11 +63,11 @@ const OPTIONS dsaparam_options[] = { int dsaparam_main(int argc, char **argv) { ENGINE *e = NULL; - DSA *dsa = NULL; - BIO *in = NULL, *out = NULL; - BN_GENCB *cb = NULL; + BIO *out = NULL; + EVP_PKEY *params = NULL, *pkey = NULL; + EVP_PKEY_CTX *ctx = NULL; int numbits = -1, num = 0, genkey = 0; - int informat = FORMAT_PEM, outformat = FORMAT_PEM, noout = 0, C = 0; + int informat = FORMAT_UNDEF, outformat = FORMAT_PEM, noout = 0; int ret = 1, i, text = 0, private = 0; char *infile = NULL, *outfile = NULL, *prog; OPTION_CHOICE o; @@ -112,9 +104,6 @@ int dsaparam_main(int argc, char **argv) case OPT_TEXT: text = 1; break; - case OPT_C: - C = 1; - break; case OPT_GENKEY: genkey = 1; break; @@ -122,6 +111,10 @@ int dsaparam_main(int argc, char **argv) if (!opt_rand(o)) goto end; break; + case OPT_PROV_CASES: + if (!opt_provider(o)) + goto end; + break; case OPT_NOOUT: noout = 1; break; @@ -130,24 +123,33 @@ int dsaparam_main(int argc, char **argv) break; } } + + /* Optional arg is bitsize. */ argc = opt_num_rest(); argv = opt_rest(); - if (argc == 1) { if (!opt_int(argv[0], &num) || num < 0) - goto end; - /* generate a key */ - numbits = num; + goto opthelp; + } else if (!opt_check_rest_arg(NULL)) { + goto opthelp; } + if (!app_RAND_load()) + goto end; + + /* generate a key */ + numbits = num; private = genkey ? 1 : 0; - in = bio_open_default(infile, 'r', informat); - if (in == NULL) - goto end; out = bio_open_owner(outfile, outformat, private); if (out == NULL) goto end; + ctx = EVP_PKEY_CTX_new_from_name(NULL, "DSA", NULL); + if (ctx == NULL) { + BIO_printf(bio_err, + "Error, DSA parameter generation context allocation failed\n"); + goto end; + } if (numbits > 0) { if (numbits > OPENSSL_DSA_MAX_MODULUS_BITS) BIO_printf(bio_err, @@ -155,76 +157,34 @@ int dsaparam_main(int argc, char **argv) " Your key size is %d! Larger key size may behave not as expected.\n", OPENSSL_DSA_MAX_MODULUS_BITS, numbits); - cb = BN_GENCB_new(); - if (cb == NULL) { - BIO_printf(bio_err, "Error allocating BN_GENCB object\n"); - goto end; - } - BN_GENCB_set(cb, dsa_cb, bio_err); - dsa = DSA_new(); - if (dsa == NULL) { - BIO_printf(bio_err, "Error allocating DSA object\n"); - goto end; - } + EVP_PKEY_CTX_set_app_data(ctx, bio_err); if (verbose) { + EVP_PKEY_CTX_set_cb(ctx, progress_cb); BIO_printf(bio_err, "Generating DSA parameters, %d bit long prime\n", num); BIO_printf(bio_err, "This could take some time\n"); } - if (!DSA_generate_parameters_ex(dsa, num, NULL, 0, NULL, NULL, cb)) { - ERR_print_errors(bio_err); - BIO_printf(bio_err, "Error, DSA key generation failed\n"); + if (EVP_PKEY_paramgen_init(ctx) <= 0) { + BIO_printf(bio_err, + "Error, DSA key generation paramgen init failed\n"); + goto end; + } + if (!EVP_PKEY_CTX_set_dsa_paramgen_bits(ctx, num)) { + BIO_printf(bio_err, + "Error, DSA key generation setting bit length failed\n"); goto end; } - } else if (informat == FORMAT_ASN1) { - dsa = d2i_DSAparams_bio(in, NULL); + params = app_paramgen(ctx, "DSA"); } else { - dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL); + params = load_keyparams(infile, informat, 1, "DSA", "DSA parameters"); } - if (dsa == NULL) { - BIO_printf(bio_err, "unable to load DSA parameters\n"); - ERR_print_errors(bio_err); + if (params == NULL) { + /* Error message should already have been displayed */ goto end; } if (text) { - DSAparams_print(out, dsa); - } - - if (C) { - const BIGNUM *p = NULL, *q = NULL, *g = NULL; - unsigned char *data; - int len, bits_p; - - DSA_get0_pqg(dsa, &p, &q, &g); - len = BN_num_bytes(p); - bits_p = BN_num_bits(p); - - data = app_malloc(len + 20, "BN space"); - - BIO_printf(bio_out, "static DSA *get_dsa%d(void)\n{\n", bits_p); - print_bignum_var(bio_out, p, "dsap", bits_p, data); - print_bignum_var(bio_out, q, "dsaq", bits_p, data); - print_bignum_var(bio_out, g, "dsag", bits_p, data); - BIO_printf(bio_out, " DSA *dsa = DSA_new();\n" - " BIGNUM *p, *q, *g;\n" - "\n"); - BIO_printf(bio_out, " if (dsa == NULL)\n" - " return NULL;\n"); - BIO_printf(bio_out, " if (!DSA_set0_pqg(dsa, p = BN_bin2bn(dsap_%d, sizeof(dsap_%d), NULL),\n", - bits_p, bits_p); - BIO_printf(bio_out, " q = BN_bin2bn(dsaq_%d, sizeof(dsaq_%d), NULL),\n", - bits_p, bits_p); - BIO_printf(bio_out, " g = BN_bin2bn(dsag_%d, sizeof(dsag_%d), NULL))) {\n", - bits_p, bits_p); - BIO_printf(bio_out, " DSA_free(dsa);\n" - " BN_free(p);\n" - " BN_free(q);\n" - " BN_free(g);\n" - " return NULL;\n" - " }\n" - " return dsa;\n}\n"); - OPENSSL_free(data); + EVP_PKEY_print_params(out, params, 0, NULL); } if (outformat == FORMAT_ASN1 && genkey) @@ -232,53 +192,43 @@ int dsaparam_main(int argc, char **argv) if (!noout) { if (outformat == FORMAT_ASN1) - i = i2d_DSAparams_bio(out, dsa); + i = i2d_KeyParams_bio(out, params); else - i = PEM_write_bio_DSAparams(out, dsa); + i = PEM_write_bio_Parameters(out, params); if (!i) { - BIO_printf(bio_err, "unable to write DSA parameters\n"); - ERR_print_errors(bio_err); + BIO_printf(bio_err, "Error, unable to write DSA parameters\n"); goto end; } } if (genkey) { - DSA *dsakey; - - if ((dsakey = DSAparams_dup(dsa)) == NULL) + EVP_PKEY_CTX_free(ctx); + ctx = EVP_PKEY_CTX_new(params, NULL); + if (ctx == NULL) { + BIO_printf(bio_err, + "Error, DSA key generation context allocation failed\n"); goto end; - if (!DSA_generate_key(dsakey)) { - ERR_print_errors(bio_err); - DSA_free(dsakey); + } + if (EVP_PKEY_keygen_init(ctx) <= 0) { + BIO_printf(bio_err, + "Error, unable to initialise for key generation\n"); goto end; } + pkey = app_keygen(ctx, "DSA", numbits, verbose); assert(private); if (outformat == FORMAT_ASN1) - i = i2d_DSAPrivateKey_bio(out, dsakey); + i = i2d_PrivateKey_bio(out, pkey); else - i = PEM_write_bio_DSAPrivateKey(out, dsakey, NULL, NULL, 0, NULL, - NULL); - DSA_free(dsakey); + i = PEM_write_bio_PrivateKey(out, pkey, NULL, NULL, 0, NULL, NULL); } ret = 0; end: - BN_GENCB_free(cb); - BIO_free(in); + if (ret != 0) + ERR_print_errors(bio_err); BIO_free_all(out); - DSA_free(dsa); + EVP_PKEY_CTX_free(ctx); + EVP_PKEY_free(pkey); + EVP_PKEY_free(params); release_engine(e); return ret; } -static int dsa_cb(int p, int n, BN_GENCB *cb) -{ - static const char symbols[] = ".+*\n"; - char c = (p >= 0 && (size_t)p < sizeof(symbols) - 1) ? symbols[p] : '?'; - - if (!verbose) - return 1; - - BIO_write(BN_GENCB_get_arg(cb), &c, 1); - (void)BIO_flush(BN_GENCB_get_arg(cb)); - return 1; -} -#endif