X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fgendsa.c;h=828e27f1c0458f39088eb2bbd487a20bdfe4bfb3;hp=e43fd6a3a26418639df675b27912dcc6be6b8f33;hb=1edba2110f6801f28c9f65c843921ef66297cc39;hpb=a9be3af5ad4836f7e50f0546311ca90c717b861e diff --git a/apps/gendsa.c b/apps/gendsa.c index e43fd6a3a2..828e27f1c0 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -56,13 +56,14 @@ * [including the GNU Public Licence.] */ +#include /* for OPENSSL_NO_DSA */ +#ifndef OPENSSL_NO_DSA #include #include #include #include #include "apps.h" #include -#include #include #include #include @@ -73,16 +74,23 @@ #undef PROG #define PROG gendsa_main -static long dsa_load_rand(char *names); +int MAIN(int, char **); + int MAIN(int argc, char **argv) { - char buffer[200]; +#ifndef OPENSSL_NO_ENGINE + ENGINE *e = NULL; +#endif DSA *dsa=NULL; int ret=1; char *outfile=NULL; - char *inrand=NULL,*randfile,*dsaparams=NULL; + char *inrand=NULL,*dsaparams=NULL; + char *passargout = NULL, *passout = NULL; BIO *out=NULL,*in=NULL; - EVP_CIPHER *enc=NULL; + const EVP_CIPHER *enc=NULL; +#ifndef OPENSSL_NO_ENGINE + char *engine=NULL; +#endif apps_startup(); @@ -90,6 +98,9 @@ int MAIN(int argc, char **argv) if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); + if (!load_config(bio_err, NULL)) + goto end; + argv++; argc--; for (;;) @@ -100,6 +111,18 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; outfile= *(++argv); } + else if (strcmp(*argv,"-passout") == 0) + { + if (--argc < 1) goto bad; + passargout= *(++argv); + } +#ifndef OPENSSL_NO_ENGINE + else if (strcmp(*argv,"-engine") == 0) + { + if (--argc < 1) goto bad; + engine= *(++argv); + } +#endif else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; @@ -107,20 +130,28 @@ int MAIN(int argc, char **argv) } else if (strcmp(*argv,"-") == 0) goto bad; - else if (dsaparams == NULL) - { - dsaparams= *argv; - } -#ifndef NO_DES +#ifndef OPENSSL_NO_DES else if (strcmp(*argv,"-des") == 0) enc=EVP_des_cbc(); else if (strcmp(*argv,"-des3") == 0) enc=EVP_des_ede3_cbc(); #endif -#ifndef NO_IDEA +#ifndef OPENSSL_NO_IDEA else if (strcmp(*argv,"-idea") == 0) enc=EVP_idea_cbc(); #endif +#ifndef OPENSSL_NO_AES + else if (strcmp(*argv,"-aes128") == 0) + enc=EVP_aes_128_cbc(); + else if (strcmp(*argv,"-aes192") == 0) + enc=EVP_aes_192_cbc(); + else if (strcmp(*argv,"-aes256") == 0) + enc=EVP_aes_256_cbc(); +#endif + else if (**argv != '-' && dsaparams == NULL) + { + dsaparams = *argv; + } else goto bad; argv++; @@ -132,14 +163,21 @@ int MAIN(int argc, char **argv) bad: BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n"); BIO_printf(bio_err," -out file - output the key to 'file'\n"); -#ifndef NO_DES +#ifndef OPENSSL_NO_DES BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n"); BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); #endif -#ifndef NO_IDEA +#ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n"); #endif - BIO_printf(bio_err," -rand file:file:...\n"); +#ifndef OPENSSL_NO_AES + BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); +#endif +#ifndef OPENSSL_NO_ENGINE + BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n"); +#endif + BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," - load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); BIO_printf(bio_err," dsaparam-file\n"); @@ -147,6 +185,16 @@ bad: goto end; } +#ifndef OPENSSL_NO_ENGINE + e = setup_engine(bio_err, engine, 0); +#endif + + if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { + BIO_printf(bio_err, "Error getting password\n"); + goto end; + } + + in=BIO_new(BIO_s_file()); if (!(BIO_read_filename(in,dsaparams))) { @@ -154,18 +202,27 @@ bad: goto end; } - if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL) + if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL) { BIO_printf(bio_err,"unable to load DSA parameter file\n"); goto end; } BIO_free(in); + in = NULL; out=BIO_new(BIO_s_file()); if (out == NULL) goto end; if (outfile == NULL) + { BIO_set_fp(out,stdout,BIO_NOCLOSE); +#ifdef OPENSSL_SYS_VMS + { + BIO *tmpbio = BIO_new(BIO_f_linebuffer()); + out = BIO_push(tmpbio, out); + } +#endif + } else { if (BIO_write_filename(out,outfile) <= 0) @@ -175,58 +232,31 @@ bad: } } - randfile=RAND_file_name(buffer,200); - if ((randfile == NULL)|| !RAND_load_file(randfile,1024L*1024L)) - BIO_printf(bio_err,"unable to load 'random state'\n"); - - if (inrand == NULL) - BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); - else + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) { - BIO_printf(bio_err,"%ld semi-random bytes loaded\n", - dsa_load_rand(inrand)); + BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } + if (inrand != NULL) + BIO_printf(bio_err,"%ld semi-random bytes loaded\n", + app_RAND_load_files(inrand)); BIO_printf(bio_err,"Generating DSA key, %d bits\n", BN_num_bits(dsa->p)); if (!DSA_generate_key(dsa)) goto end; - if (randfile == NULL) - BIO_printf(bio_err,"unable to write 'random state'\n"); - else - RAND_write_file(randfile); + app_RAND_write_file(NULL, bio_err); - if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL)) + if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout)) goto end; ret=0; end: if (ret != 0) ERR_print_errors(bio_err); - if (out != NULL) BIO_free(out); + if (in != NULL) BIO_free(in); + if (out != NULL) BIO_free_all(out); if (dsa != NULL) DSA_free(dsa); - EXIT(ret); + if(passout) OPENSSL_free(passout); + apps_shutdown(); + OPENSSL_EXIT(ret); } - -static long dsa_load_rand(char *name) - { - char *p,*n; - int last; - long tot=0; - - for (;;) - { - last=0; - for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++); - if (*p == '\0') last=1; - *p='\0'; - n=name; - name=p+1; - if (*n == '\0') break; - - tot+=RAND_load_file(n,1); - if (last) break; - } - return(tot); - } - - +#endif