diff options
Diffstat (limited to 'crypto/openssl/apps/genrsa.c')
| -rw-r--r-- | crypto/openssl/apps/genrsa.c | 54 |
1 files changed, 44 insertions, 10 deletions
diff --git a/crypto/openssl/apps/genrsa.c b/crypto/openssl/apps/genrsa.c index ac0b709..dbc23e4 100644 --- a/crypto/openssl/apps/genrsa.c +++ b/crypto/openssl/apps/genrsa.c @@ -56,7 +56,7 @@ * [including the GNU Public Licence.] */ -#ifndef NO_RSA +#ifndef OPENSSL_NO_RSA #include <stdio.h> #include <string.h> #include <sys/types.h> @@ -69,6 +69,7 @@ #include <openssl/evp.h> #include <openssl/x509.h> #include <openssl/pem.h> +#include <openssl/rand.h> #define DEFBITS 512 #undef PROG @@ -80,14 +81,16 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { + ENGINE *e = NULL; int ret=1; RSA *rsa=NULL; int i,num=DEFBITS; long l; - EVP_CIPHER *enc=NULL; + const EVP_CIPHER *enc=NULL; unsigned long f4=RSA_F4; char *outfile=NULL; char *passargout = NULL, *passout = NULL; + char *engine=NULL; char *inrand=NULL; BIO *out=NULL; @@ -96,6 +99,9 @@ int MAIN(int argc, char **argv) if (bio_err == NULL) if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); + + if (!load_config(bio_err, NULL)) + goto err; if ((out=BIO_new(BIO_s_file())) == NULL) { BIO_printf(bio_err,"unable to create BIO for output\n"); @@ -116,21 +122,34 @@ int MAIN(int argc, char **argv) f4=3; else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0) f4=RSA_F4; + else if (strcmp(*argv,"-engine") == 0) + { + if (--argc < 1) goto bad; + engine= *(++argv); + } else if (strcmp(*argv,"-rand") == 0) { if (--argc < 1) goto bad; inrand= *(++argv); } -#ifndef NO_DES +#ifndef OPENSSL_NO_DES else if (strcmp(*argv,"-des") == 0) enc=EVP_des_cbc(); else if (strcmp(*argv,"-des3") == 0) enc=EVP_des_ede3_cbc(); #endif -#ifndef NO_IDEA +#ifndef OPENSSL_NO_IDEA else if (strcmp(*argv,"-idea") == 0) enc=EVP_idea_cbc(); #endif +#ifndef OPENSSL_NO_AES + else if (strcmp(*argv,"-aes128") == 0) + enc=EVP_aes_128_cbc(); + else if (strcmp(*argv,"-aes192") == 0) + enc=EVP_aes_192_cbc(); + else if (strcmp(*argv,"-aes256") == 0) + enc=EVP_aes_256_cbc(); +#endif else if (strcmp(*argv,"-passout") == 0) { if (--argc < 1) goto bad; @@ -147,13 +166,18 @@ bad: BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n"); BIO_printf(bio_err," -des encrypt the generated key with DES in cbc mode\n"); BIO_printf(bio_err," -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n"); -#ifndef NO_IDEA +#ifndef OPENSSL_NO_IDEA BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n"); #endif +#ifndef OPENSSL_NO_AES + BIO_printf(bio_err," -aes128, -aes192, -aes256\n"); + BIO_printf(bio_err," encrypt PEM output with cbc aes\n"); +#endif BIO_printf(bio_err," -out file output the key to 'file\n"); BIO_printf(bio_err," -passout arg output file pass phrase source\n"); BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n"); BIO_printf(bio_err," -3 use 3 for the E value\n"); + BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR); BIO_printf(bio_err," load the file (or the files in the directory) into\n"); BIO_printf(bio_err," the random number generator\n"); @@ -167,10 +191,12 @@ bad: goto err; } + e = setup_engine(bio_err, engine, 0); + if (outfile == NULL) { BIO_set_fp(out,stdout,BIO_NOCLOSE); -#ifdef VMS +#ifdef OPENSSL_SYS_VMS { BIO *tmpbio = BIO_new(BIO_f_linebuffer()); out = BIO_push(tmpbio, out); @@ -186,7 +212,8 @@ bad: } } - if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL) + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL + && !RAND_status()) { BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n"); } @@ -214,8 +241,14 @@ bad: l+=rsa->e->d[i]; } BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l); - if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL, passout)) + { + PW_CB_DATA cb_data; + cb_data.password = passout; + cb_data.prompt_info = outfile; + if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0, + (pem_password_cb *)password_callback,&cb_data)) goto err; + } ret=0; err: @@ -224,7 +257,8 @@ err: if(passout) OPENSSL_free(passout); if (ret != 0) ERR_print_errors(bio_err); - EXIT(ret); + apps_shutdown(); + OPENSSL_EXIT(ret); } static void MS_CALLBACK genrsa_cb(int p, int n, void *arg) @@ -241,7 +275,7 @@ static void MS_CALLBACK genrsa_cb(int p, int n, void *arg) p=n; #endif } -#else /* !NO_RSA */ +#else /* !OPENSSL_NO_RSA */ # if PEDANTIC static void *dummy=&dummy; |
