X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Fgenrsa.c;h=0b0123fa1d1079ee87547bc1d6b70ad5f8482e28;hp=b7275aef7a866f8bdae0bc62e671db1efd043e63;hb=b7dffce017aa045272c42eeb5da40804015a759a;hpb=7e1b7485706c2b11091b5fa897fe496a2faa56cc

diff --git a/apps/genrsa.c b/apps/genrsa.c
index b7275aef7a..0b0123fa1d 100644
--- a/apps/genrsa.c
+++ b/apps/genrsa.c
@@ -56,8 +56,10 @@
  */
 
 #include <openssl/opensslconf.h>
+#ifdef OPENSSL_NO_RSA
+NON_EMPTY_TRANSLATION_UNIT
+#else
 
-#ifndef OPENSSL_NO_RSA
 # include <stdio.h>
 # include <string.h>
 # include <sys/types.h>
@@ -78,7 +80,7 @@ static int genrsa_cb(int p, int n, BN_GENCB *cb);
 
 typedef enum OPTION_choice {
     OPT_ERR = -1, OPT_EOF = 0, OPT_HELP,
-    OPT_3, OPT_F4, OPT_NON_FIPS_ALLOW, OPT_ENGINE,
+    OPT_3, OPT_F4, OPT_ENGINE,
     OPT_OUT, OPT_RAND, OPT_PASSOUT, OPT_CIPHER
 } OPTION_CHOICE;
 
@@ -87,7 +89,6 @@ OPTIONS genrsa_options[] = {
     {"3", OPT_3, '-', "Use 3 for the E value"},
     {"F4", OPT_F4, '-', "Use F4 (0x10001) for the E value"},
     {"f4", OPT_F4, '-', "Use F4 (0x10001) for the E value"},
-    {"non-fips-allow", OPT_NON_FIPS_ALLOW, '-'},
     {"out", OPT_OUT, 's', "Output the key to specified file"},
     {"rand", OPT_RAND, 's',
      "Load the file(s) into the random number generator"},
@@ -102,19 +103,19 @@ OPTIONS genrsa_options[] = {
 int genrsa_main(int argc, char **argv)
 {
     BN_GENCB *cb = BN_GENCB_new();
+    PW_CB_DATA cb_data;
     ENGINE *e = NULL;
     BIGNUM *bn = BN_new();
     BIO *out = NULL;
     RSA *rsa = NULL;
     const EVP_CIPHER *enc = NULL;
-    int ret = 1, non_fips_allow = 0, num = DEFBITS;
+    int ret = 1, num = DEFBITS, private = 0;
     unsigned long f4 = RSA_F4;
     char *outfile = NULL, *passoutarg = NULL, *passout = NULL;
-    char *engine = NULL, *inrand = NULL, *prog;
-    char *hexe, *dece;
+    char *inrand = NULL, *prog, *hexe, *dece;
     OPTION_CHOICE o;
 
-    if (!bn || !cb)
+    if (bn == NULL || cb == NULL)
         goto end;
 
     BN_GENCB_set(cb, genrsa_cb, bio_err);
@@ -136,13 +137,11 @@ int genrsa_main(int argc, char **argv)
         case OPT_F4:
             f4 = RSA_F4;
             break;
-        case OPT_NON_FIPS_ALLOW:
-            non_fips_allow = 1;
-            break;
         case OPT_OUT:
             outfile = opt_arg();
+            break;
         case OPT_ENGINE:
-            engine = opt_arg();
+            e = setup_engine(opt_arg(), 0);
             break;
         case OPT_RAND:
             inrand = opt_arg();
@@ -158,6 +157,7 @@ int genrsa_main(int argc, char **argv)
     }
     argc = opt_num_rest();
     argv = opt_rest();
+    private = 1;
 
     if (argv[0] && (!opt_int(argv[0], &num) || num <= 0))
         goto end;
@@ -166,11 +166,8 @@ int genrsa_main(int argc, char **argv)
         BIO_printf(bio_err, "Error getting password\n");
         goto end;
     }
-# ifndef OPENSSL_NO_ENGINE
-    e = setup_engine(engine, 0);
-# endif
 
-    out = bio_open_default(outfile, "w");
+    out = bio_open_owner(outfile, FORMAT_PEM, private);
     if (out == NULL)
         goto end;
 
@@ -185,17 +182,10 @@ int genrsa_main(int argc, char **argv)
 
     BIO_printf(bio_err, "Generating RSA private key, %d bit long modulus\n",
                num);
-# ifdef OPENSSL_NO_ENGINE
-    rsa = RSA_new();
-# else
-    rsa = RSA_new_method(e);
-# endif
-    if (!rsa)
+    rsa = e ? RSA_new_method(e) : RSA_new();
+    if (rsa == NULL)
         goto end;
 
-    if (non_fips_allow)
-        rsa->flags |= RSA_FLAG_NON_FIPS_ALLOW;
-
     if (!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, cb))
         goto end;
 
@@ -206,30 +196,23 @@ int genrsa_main(int argc, char **argv)
     if (hexe && dece) {
         BIO_printf(bio_err, "e is %s (0x%s)\n", dece, hexe);
     }
-    if (hexe)
-        OPENSSL_free(hexe);
-    if (dece)
-        OPENSSL_free(dece);
-    {
-        PW_CB_DATA cb_data;
-        cb_data.password = passout;
-        cb_data.prompt_info = outfile;
-        if (!PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0,
-                                         (pem_password_cb *)password_callback,
-                                         &cb_data))
-            goto end;
-    }
+    OPENSSL_free(hexe);
+    OPENSSL_free(dece);
+    cb_data.password = passout;
+    cb_data.prompt_info = outfile;
+    assert(private);
+    if (!PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0,
+                                     (pem_password_cb *)password_callback,
+                                     &cb_data))
+        goto end;
 
     ret = 0;
  end:
-    if (bn)
-        BN_free(bn);
-    if (cb)
-        BN_GENCB_free(cb);
+    BN_free(bn);
+    BN_GENCB_free(cb);
     RSA_free(rsa);
     BIO_free_all(out);
-    if (passout)
-        OPENSSL_free(passout);
+    OPENSSL_free(passout);
     if (ret != 0)
         ERR_print_errors(bio_err);
     return (ret);
@@ -251,10 +234,4 @@ static int genrsa_cb(int p, int n, BN_GENCB *cb)
     (void)BIO_flush(BN_GENCB_get_arg(cb));
     return 1;
 }
-#else                           /* !OPENSSL_NO_RSA */
-
-# if PEDANTIC
-static void *dummy = &dummy;
-# endif
-
 #endif