version 1.4, 2015/08/22 16:36:05 |
version 1.5, 2015/09/11 14:30:23 |
|
|
#include <openssl/evp.h> |
#include <openssl/evp.h> |
#include <openssl/pem.h> |
#include <openssl/pem.h> |
|
|
#ifndef OPENSSL_NO_ENGINE |
|
#include <openssl/engine.h> |
|
#endif |
|
|
|
static int |
static int |
init_keygen_file(BIO * err, EVP_PKEY_CTX ** pctx, const char *file, |
init_keygen_file(BIO * err, EVP_PKEY_CTX ** pctx, const char *file); |
ENGINE * e); |
|
static int genpkey_cb(EVP_PKEY_CTX * ctx); |
static int genpkey_cb(EVP_PKEY_CTX * ctx); |
|
|
int |
int |
genpkey_main(int argc, char **argv) |
genpkey_main(int argc, char **argv) |
{ |
{ |
ENGINE *e = NULL; |
|
char **args, *outfile = NULL; |
char **args, *outfile = NULL; |
char *passarg = NULL; |
char *passarg = NULL; |
BIO *in = NULL, *out = NULL; |
BIO *in = NULL, *out = NULL; |
|
|
goto bad; |
goto bad; |
passarg = *(++args); |
passarg = *(++args); |
} |
} |
#ifndef OPENSSL_NO_ENGINE |
|
else if (strcmp(*args, "-engine") == 0) { |
|
if (!args[1]) |
|
goto bad; |
|
e = setup_engine(bio_err, *(++args), 0); |
|
} |
|
#endif |
|
else if (!strcmp(*args, "-paramfile")) { |
else if (!strcmp(*args, "-paramfile")) { |
if (!args[1]) |
if (!args[1]) |
goto bad; |
goto bad; |
args++; |
args++; |
if (do_param == 1) |
if (do_param == 1) |
goto bad; |
goto bad; |
if (!init_keygen_file(bio_err, &ctx, *args, e)) |
if (!init_keygen_file(bio_err, &ctx, *args)) |
goto end; |
goto end; |
} else if (!strcmp(*args, "-out")) { |
} else if (!strcmp(*args, "-out")) { |
if (args[1]) { |
if (args[1]) { |
|
|
} else if (strcmp(*args, "-algorithm") == 0) { |
} else if (strcmp(*args, "-algorithm") == 0) { |
if (!args[1]) |
if (!args[1]) |
goto bad; |
goto bad; |
if (!init_gen_str(bio_err, &ctx, *(++args), e, do_param)) |
if (!init_gen_str(bio_err, &ctx, *(++args), do_param)) |
goto end; |
goto end; |
} else if (strcmp(*args, "-pkeyopt") == 0) { |
} else if (strcmp(*args, "-pkeyopt") == 0) { |
if (!args[1]) |
if (!args[1]) |
|
|
BIO_printf(bio_err, "-outform X output format (DER or PEM)\n"); |
BIO_printf(bio_err, "-outform X output format (DER or PEM)\n"); |
BIO_printf(bio_err, "-pass arg output file pass phrase source\n"); |
BIO_printf(bio_err, "-pass arg output file pass phrase source\n"); |
BIO_printf(bio_err, "-<cipher> use cipher <cipher> to encrypt the key\n"); |
BIO_printf(bio_err, "-<cipher> use cipher <cipher> to encrypt the key\n"); |
#ifndef OPENSSL_NO_ENGINE |
|
BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); |
|
#endif |
|
BIO_printf(bio_err, "-paramfile file parameters file\n"); |
BIO_printf(bio_err, "-paramfile file parameters file\n"); |
BIO_printf(bio_err, "-algorithm alg the public key algorithm\n"); |
BIO_printf(bio_err, "-algorithm alg the public key algorithm\n"); |
BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option <opt>\n" |
BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option <opt>\n" |
|
|
|
|
static int |
static int |
init_keygen_file(BIO * err, EVP_PKEY_CTX ** pctx, |
init_keygen_file(BIO * err, EVP_PKEY_CTX ** pctx, |
const char *file, ENGINE * e) |
const char *file) |
{ |
{ |
BIO *pbio; |
BIO *pbio; |
EVP_PKEY *pkey = NULL; |
EVP_PKEY *pkey = NULL; |
|
|
BIO_printf(bio_err, "Error reading parameter file %s\n", file); |
BIO_printf(bio_err, "Error reading parameter file %s\n", file); |
return 0; |
return 0; |
} |
} |
ctx = EVP_PKEY_CTX_new(pkey, e); |
ctx = EVP_PKEY_CTX_new(pkey, NULL); |
if (!ctx) |
if (!ctx) |
goto err; |
goto err; |
if (EVP_PKEY_keygen_init(ctx) <= 0) |
if (EVP_PKEY_keygen_init(ctx) <= 0) |
|
|
|
|
int |
int |
init_gen_str(BIO * err, EVP_PKEY_CTX ** pctx, |
init_gen_str(BIO * err, EVP_PKEY_CTX ** pctx, |
const char *algname, ENGINE * e, int do_param) |
const char *algname, int do_param) |
{ |
{ |
EVP_PKEY_CTX *ctx = NULL; |
EVP_PKEY_CTX *ctx = NULL; |
const EVP_PKEY_ASN1_METHOD *ameth; |
const EVP_PKEY_ASN1_METHOD *ameth; |
ENGINE *tmpeng = NULL; |
|
int pkey_id; |
int pkey_id; |
|
|
if (*pctx) { |
if (*pctx) { |
BIO_puts(err, "Algorithm already set!\n"); |
BIO_puts(err, "Algorithm already set!\n"); |
return 0; |
return 0; |
} |
} |
ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1); |
ameth = EVP_PKEY_asn1_find_str(NULL, algname, -1); |
|
|
#ifndef OPENSSL_NO_ENGINE |
|
if (!ameth && e) |
|
ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1); |
|
#endif |
|
|
|
if (!ameth) { |
if (!ameth) { |
BIO_printf(bio_err, "Algorithm %s not found\n", algname); |
BIO_printf(bio_err, "Algorithm %s not found\n", algname); |
return 0; |
return 0; |
|
|
ERR_clear_error(); |
ERR_clear_error(); |
|
|
EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth); |
EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth); |
#ifndef OPENSSL_NO_ENGINE |
ctx = EVP_PKEY_CTX_new_id(pkey_id, NULL); |
if (tmpeng) |
|
ENGINE_finish(tmpeng); |
|
#endif |
|
ctx = EVP_PKEY_CTX_new_id(pkey_id, e); |
|
|
|
if (!ctx) |
if (!ctx) |
goto err; |
goto err; |