X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=apps%2Frsa.c;h=a17708fe9cab0916b3c32dcbce529ecde6da7022;hp=4e19bc16fb877d019abe2aa65e38be1ed2c90cbb;hb=f50ffd10fa08c0762489119a4f36fa86163679ef;hpb=da9b97246695c370702d15be2b3778427cf57082 diff --git a/apps/rsa.c b/apps/rsa.c index 4e19bc16fb..a17708fe9c 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -56,6 +56,7 @@ * [including the GNU Public Licence.] */ +#include #ifndef OPENSSL_NO_RSA #include #include @@ -68,6 +69,7 @@ #include #include #include +#include #undef PROG #define PROG rsa_main @@ -79,9 +81,13 @@ * -des - encrypt output if PEM format with DES in cbc mode * -des3 - encrypt output if PEM format * -idea - encrypt output if PEM format + * -seed - encrypt output if PEM format * -aes128 - encrypt output if PEM format * -aes192 - encrypt output if PEM format * -aes256 - encrypt output if PEM format + * -camellia128 - encrypt output if PEM format + * -camellia192 - encrypt output if PEM format + * -camellia256 - encrypt output if PEM format * -text - print a text version * -modulus - print the RSA key modulus * -check - verify key consistency @@ -104,9 +110,13 @@ int MAIN(int argc, char **argv) char *infile,*outfile,*prog; char *passargin = NULL, *passargout = NULL; char *passin = NULL, *passout = NULL; +#ifndef OPENSSL_NO_ENGINE char *engine=NULL; +#endif int modulus=0; + int pvk_encr = 2; + apps_startup(); if (bio_err == NULL) @@ -156,17 +166,29 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; passargout= *(++argv); } +#ifndef OPENSSL_NO_ENGINE else if (strcmp(*argv,"-engine") == 0) { if (--argc < 1) goto bad; engine= *(++argv); } +#endif else if (strcmp(*argv,"-sgckey") == 0) sgckey=1; else if (strcmp(*argv,"-pubin") == 0) pubin=1; else if (strcmp(*argv,"-pubout") == 0) pubout=1; + else if (strcmp(*argv,"-RSAPublicKey_in") == 0) + pubin = 2; + else if (strcmp(*argv,"-RSAPublicKey_out") == 0) + pubout = 2; + else if (strcmp(*argv,"-pvk-strong") == 0) + pvk_encr=2; + else if (strcmp(*argv,"-pvk-weak") == 0) + pvk_encr=1; + else if (strcmp(*argv,"-pvk-none") == 0) + pvk_encr=0; else if (strcmp(*argv,"-noout") == 0) noout=1; else if (strcmp(*argv,"-text") == 0) @@ -202,9 +224,16 @@ bad: #ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n"); #endif +#ifndef OPENSSL_NO_SEED + BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n"); +#endif #ifndef OPENSSL_NO_AES BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); +#endif +#ifndef OPENSSL_NO_CAMELLIA + BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc camellia\n"); #endif BIO_printf(bio_err," -text print the key in text\n"); BIO_printf(bio_err," -noout don't print key out\n"); @@ -212,13 +241,17 @@ bad: BIO_printf(bio_err," -check verify key consistency\n"); BIO_printf(bio_err," -pubin expect a public key in input file\n"); BIO_printf(bio_err," -pubout output a public key\n"); +#ifndef OPENSSL_NO_ENGINE BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#endif goto end; } ERR_load_crypto_strings(); +#ifndef OPENSSL_NO_ENGINE e = setup_engine(bio_err, engine, 0); +#endif if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { BIO_printf(bio_err, "Error getting passwords\n"); @@ -236,10 +269,23 @@ bad: EVP_PKEY *pkey; if (pubin) - pkey = load_pubkey(bio_err, infile, - (informat == FORMAT_NETSCAPE && sgckey ? - FORMAT_IISSGC : informat), 1, + { + int tmpformat=-1; + if (pubin == 2) + { + if (informat == FORMAT_PEM) + tmpformat = FORMAT_PEMRSA; + else if (informat == FORMAT_ASN1) + tmpformat = FORMAT_ASN1RSA; + } + else if (informat == FORMAT_NETSCAPE && sgckey) + tmpformat = FORMAT_IISSGC; + else + tmpformat = informat; + + pkey = load_pubkey(bio_err, infile, tmpformat, 1, passin, e, "Public Key"); + } else pkey = load_key(bio_err, infile, (informat == FORMAT_NETSCAPE && sgckey ? @@ -247,7 +293,7 @@ bad: passin, e, "Private Key"); if (pkey != NULL) - rsa = pkey == NULL ? NULL : EVP_PKEY_get1_RSA(pkey); + rsa = EVP_PKEY_get1_RSA(pkey); EVP_PKEY_free(pkey); } @@ -299,7 +345,7 @@ bad: BIO_printf(out,"RSA key ok\n"); else if (r == 0) { - long err; + unsigned long err; while ((err = ERR_peek_error()) != 0 && ERR_GET_LIB(err) == ERR_LIB_RSA && @@ -325,7 +371,13 @@ bad: } BIO_printf(bio_err,"writing RSA key\n"); if (outformat == FORMAT_ASN1) { - if(pubout || pubin) i=i2d_RSA_PUBKEY_bio(out,rsa); + if(pubout || pubin) + { + if (pubout == 2) + i=i2d_RSAPublicKey_bio(out,rsa); + else + i=i2d_RSA_PUBKEY_bio(out,rsa); + } else i=i2d_RSAPrivateKey_bio(out,rsa); } #ifndef OPENSSL_NO_RC4 @@ -349,14 +401,32 @@ bad: #endif else if (outformat == FORMAT_PEM) { if(pubout || pubin) - i=PEM_write_bio_RSA_PUBKEY(out,rsa); + { + if (pubout == 2) + i=PEM_write_bio_RSAPublicKey(out,rsa); + else + i=PEM_write_bio_RSA_PUBKEY(out,rsa); + } else i=PEM_write_bio_RSAPrivateKey(out,rsa, enc,NULL,0,NULL,passout); +#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) + } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { + EVP_PKEY *pk; + pk = EVP_PKEY_new(); + EVP_PKEY_set1_RSA(pk, rsa); + if (outformat == FORMAT_PVK) + i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); + else if (pubin || pubout) + i = i2b_PublicKey_bio(out, pk); + else + i = i2b_PrivateKey_bio(out, pk); + EVP_PKEY_free(pk); +#endif } else { BIO_printf(bio_err,"bad output format specified for outfile\n"); goto end; } - if (!i) + if (i <= 0) { BIO_printf(bio_err,"unable to write key\n"); ERR_print_errors(bio_err); @@ -369,7 +439,7 @@ end: if(passin) OPENSSL_free(passin); if(passout) OPENSSL_free(passout); apps_shutdown(); - EXIT(ret); + OPENSSL_EXIT(ret); } #else /* !OPENSSL_NO_RSA */