Annotation of src/usr.bin/openssl/gendsa.c, Revision 1.1
1.1 ! jsing 1: /* $OpenBSD: gendsa.c,v 1.31 2014/07/25 06:05:32 doug Exp $ */
! 2: /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
! 3: * All rights reserved.
! 4: *
! 5: * This package is an SSL implementation written
! 6: * by Eric Young (eay@cryptsoft.com).
! 7: * The implementation was written so as to conform with Netscapes SSL.
! 8: *
! 9: * This library is free for commercial and non-commercial use as long as
! 10: * the following conditions are aheared to. The following conditions
! 11: * apply to all code found in this distribution, be it the RC4, RSA,
! 12: * lhash, DES, etc., code; not just the SSL code. The SSL documentation
! 13: * included with this distribution is covered by the same copyright terms
! 14: * except that the holder is Tim Hudson (tjh@cryptsoft.com).
! 15: *
! 16: * Copyright remains Eric Young's, and as such any Copyright notices in
! 17: * the code are not to be removed.
! 18: * If this package is used in a product, Eric Young should be given attribution
! 19: * as the author of the parts of the library used.
! 20: * This can be in the form of a textual message at program startup or
! 21: * in documentation (online or textual) provided with the package.
! 22: *
! 23: * Redistribution and use in source and binary forms, with or without
! 24: * modification, are permitted provided that the following conditions
! 25: * are met:
! 26: * 1. Redistributions of source code must retain the copyright
! 27: * notice, this list of conditions and the following disclaimer.
! 28: * 2. Redistributions in binary form must reproduce the above copyright
! 29: * notice, this list of conditions and the following disclaimer in the
! 30: * documentation and/or other materials provided with the distribution.
! 31: * 3. All advertising materials mentioning features or use of this software
! 32: * must display the following acknowledgement:
! 33: * "This product includes cryptographic software written by
! 34: * Eric Young (eay@cryptsoft.com)"
! 35: * The word 'cryptographic' can be left out if the rouines from the library
! 36: * being used are not cryptographic related :-).
! 37: * 4. If you include any Windows specific code (or a derivative thereof) from
! 38: * the apps directory (application code) you must include an acknowledgement:
! 39: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
! 40: *
! 41: * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
! 42: * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
! 43: * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
! 44: * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
! 45: * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
! 46: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
! 47: * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
! 48: * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
! 49: * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
! 50: * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
! 51: * SUCH DAMAGE.
! 52: *
! 53: * The licence and distribution terms for any publically available version or
! 54: * derivative of this code cannot be changed. i.e. this code cannot simply be
! 55: * copied and put under another distribution licence
! 56: * [including the GNU Public Licence.]
! 57: */
! 58:
! 59: #include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
! 60:
! 61:
! 62: #include <sys/types.h>
! 63: #include <sys/stat.h>
! 64:
! 65: #include <stdio.h>
! 66: #include <string.h>
! 67:
! 68: #include "apps.h"
! 69:
! 70: #include <openssl/bio.h>
! 71: #include <openssl/bn.h>
! 72: #include <openssl/dsa.h>
! 73: #include <openssl/err.h>
! 74: #include <openssl/pem.h>
! 75: #include <openssl/x509.h>
! 76:
! 77: #define DEFBITS 512
! 78:
! 79: int gendsa_main(int, char **);
! 80:
! 81: int
! 82: gendsa_main(int argc, char **argv)
! 83: {
! 84: DSA *dsa = NULL;
! 85: int ret = 1;
! 86: char *outfile = NULL;
! 87: char *dsaparams = NULL;
! 88: char *passargout = NULL, *passout = NULL;
! 89: BIO *out = NULL, *in = NULL;
! 90: const EVP_CIPHER *enc = NULL;
! 91: #ifndef OPENSSL_NO_ENGINE
! 92: char *engine = NULL;
! 93: #endif
! 94:
! 95: argv++;
! 96: argc--;
! 97: for (;;) {
! 98: if (argc <= 0)
! 99: break;
! 100: if (strcmp(*argv, "-out") == 0) {
! 101: if (--argc < 1)
! 102: goto bad;
! 103: outfile = *(++argv);
! 104: } else if (strcmp(*argv, "-passout") == 0) {
! 105: if (--argc < 1)
! 106: goto bad;
! 107: passargout = *(++argv);
! 108: }
! 109: #ifndef OPENSSL_NO_ENGINE
! 110: else if (strcmp(*argv, "-engine") == 0) {
! 111: if (--argc < 1)
! 112: goto bad;
! 113: engine = *(++argv);
! 114: }
! 115: #endif
! 116: else if (strcmp(*argv, "-") == 0)
! 117: goto bad;
! 118: #ifndef OPENSSL_NO_DES
! 119: else if (strcmp(*argv, "-des") == 0)
! 120: enc = EVP_des_cbc();
! 121: else if (strcmp(*argv, "-des3") == 0)
! 122: enc = EVP_des_ede3_cbc();
! 123: #endif
! 124: #ifndef OPENSSL_NO_IDEA
! 125: else if (strcmp(*argv, "-idea") == 0)
! 126: enc = EVP_idea_cbc();
! 127: #endif
! 128: #ifndef OPENSSL_NO_AES
! 129: else if (strcmp(*argv, "-aes128") == 0)
! 130: enc = EVP_aes_128_cbc();
! 131: else if (strcmp(*argv, "-aes192") == 0)
! 132: enc = EVP_aes_192_cbc();
! 133: else if (strcmp(*argv, "-aes256") == 0)
! 134: enc = EVP_aes_256_cbc();
! 135: #endif
! 136: #ifndef OPENSSL_NO_CAMELLIA
! 137: else if (strcmp(*argv, "-camellia128") == 0)
! 138: enc = EVP_camellia_128_cbc();
! 139: else if (strcmp(*argv, "-camellia192") == 0)
! 140: enc = EVP_camellia_192_cbc();
! 141: else if (strcmp(*argv, "-camellia256") == 0)
! 142: enc = EVP_camellia_256_cbc();
! 143: #endif
! 144: else if (**argv != '-' && dsaparams == NULL) {
! 145: dsaparams = *argv;
! 146: } else
! 147: goto bad;
! 148: argv++;
! 149: argc--;
! 150: }
! 151:
! 152: if (dsaparams == NULL) {
! 153: bad:
! 154: BIO_printf(bio_err, "usage: gendsa [args] dsaparam-file\n");
! 155: BIO_printf(bio_err, " -out file - output the key to 'file'\n");
! 156: #ifndef OPENSSL_NO_DES
! 157: BIO_printf(bio_err, " -des - encrypt the generated key with DES in cbc mode\n");
! 158: BIO_printf(bio_err, " -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
! 159: #endif
! 160: #ifndef OPENSSL_NO_IDEA
! 161: BIO_printf(bio_err, " -idea - encrypt the generated key with IDEA in cbc mode\n");
! 162: #endif
! 163: #ifndef OPENSSL_NO_AES
! 164: BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
! 165: BIO_printf(bio_err, " encrypt PEM output with cbc aes\n");
! 166: #endif
! 167: #ifndef OPENSSL_NO_CAMELLIA
! 168: BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
! 169: BIO_printf(bio_err, " encrypt PEM output with cbc camellia\n");
! 170: #endif
! 171: #ifndef OPENSSL_NO_ENGINE
! 172: BIO_printf(bio_err, " -engine e - use engine e, possibly a hardware device.\n");
! 173: #endif
! 174: BIO_printf(bio_err, " dsaparam-file\n");
! 175: BIO_printf(bio_err, " - a DSA parameter file as generated by the dsaparam command\n");
! 176: goto end;
! 177: }
! 178: #ifndef OPENSSL_NO_ENGINE
! 179: setup_engine(bio_err, engine, 0);
! 180: #endif
! 181:
! 182: if (!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
! 183: BIO_printf(bio_err, "Error getting password\n");
! 184: goto end;
! 185: }
! 186: in = BIO_new(BIO_s_file());
! 187: if (!(BIO_read_filename(in, dsaparams))) {
! 188: perror(dsaparams);
! 189: goto end;
! 190: }
! 191: if ((dsa = PEM_read_bio_DSAparams(in, NULL, NULL, NULL)) == NULL) {
! 192: BIO_printf(bio_err, "unable to load DSA parameter file\n");
! 193: goto end;
! 194: }
! 195: BIO_free(in);
! 196: in = NULL;
! 197:
! 198: out = BIO_new(BIO_s_file());
! 199: if (out == NULL)
! 200: goto end;
! 201:
! 202: if (outfile == NULL) {
! 203: BIO_set_fp(out, stdout, BIO_NOCLOSE);
! 204: } else {
! 205: if (BIO_write_filename(out, outfile) <= 0) {
! 206: perror(outfile);
! 207: goto end;
! 208: }
! 209: }
! 210:
! 211: BIO_printf(bio_err, "Generating DSA key, %d bits\n",
! 212: BN_num_bits(dsa->p));
! 213: if (!DSA_generate_key(dsa))
! 214: goto end;
! 215:
! 216: if (!PEM_write_bio_DSAPrivateKey(out, dsa, enc, NULL, 0, NULL, passout))
! 217: goto end;
! 218: ret = 0;
! 219: end:
! 220: if (ret != 0)
! 221: ERR_print_errors(bio_err);
! 222: BIO_free(in);
! 223: if (out != NULL)
! 224: BIO_free_all(out);
! 225: if (dsa != NULL)
! 226: DSA_free(dsa);
! 227: free(passout);
! 228:
! 229: return (ret);
! 230: }