| version 1.17, 2022/11/11 17:07:39 |
version 1.18, 2023/03/06 14:32:06 |
|
|
| int pubout; |
int pubout; |
| int pvk_encr; |
int pvk_encr; |
| int text; |
int text; |
| } rsa_config; |
} cfg; |
| |
|
| static int |
static int |
| rsa_opt_cipher(int argc, char **argv, int *argsused) |
rsa_opt_cipher(int argc, char **argv, int *argsused) |
|
|
| if (*name++ != '-') |
if (*name++ != '-') |
| return (1); |
return (1); |
| |
|
| if ((rsa_config.enc = EVP_get_cipherbyname(name)) == NULL) { |
if ((cfg.enc = EVP_get_cipherbyname(name)) == NULL) { |
| fprintf(stderr, "Invalid cipher '%s'\n", name); |
fprintf(stderr, "Invalid cipher '%s'\n", name); |
| return (1); |
return (1); |
| } |
} |
|
|
| .name = "check", |
.name = "check", |
| .desc = "Check consistency of RSA private key", |
.desc = "Check consistency of RSA private key", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &rsa_config.check, |
.opt.flag = &cfg.check, |
| }, |
}, |
| { |
{ |
| .name = "in", |
.name = "in", |
| .argname = "file", |
.argname = "file", |
| .desc = "Input file (default stdin)", |
.desc = "Input file (default stdin)", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &rsa_config.infile, |
.opt.arg = &cfg.infile, |
| }, |
}, |
| { |
{ |
| .name = "inform", |
.name = "inform", |
| .argname = "format", |
.argname = "format", |
| .desc = "Input format (DER, NET or PEM (default))", |
.desc = "Input format (DER, NET or PEM (default))", |
| .type = OPTION_ARG_FORMAT, |
.type = OPTION_ARG_FORMAT, |
| .opt.value = &rsa_config.informat, |
.opt.value = &cfg.informat, |
| }, |
}, |
| { |
{ |
| .name = "modulus", |
.name = "modulus", |
| .desc = "Print the RSA key modulus", |
.desc = "Print the RSA key modulus", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &rsa_config.modulus, |
.opt.flag = &cfg.modulus, |
| }, |
}, |
| { |
{ |
| .name = "noout", |
.name = "noout", |
| .desc = "Do not print encoded version of the key", |
.desc = "Do not print encoded version of the key", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &rsa_config.noout, |
.opt.flag = &cfg.noout, |
| }, |
}, |
| { |
{ |
| .name = "out", |
.name = "out", |
| .argname = "file", |
.argname = "file", |
| .desc = "Output file (default stdout)", |
.desc = "Output file (default stdout)", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &rsa_config.outfile, |
.opt.arg = &cfg.outfile, |
| }, |
}, |
| { |
{ |
| .name = "outform", |
.name = "outform", |
| .argname = "format", |
.argname = "format", |
| .desc = "Output format (DER, NET or PEM (default PEM))", |
.desc = "Output format (DER, NET or PEM (default PEM))", |
| .type = OPTION_ARG_FORMAT, |
.type = OPTION_ARG_FORMAT, |
| .opt.value = &rsa_config.outformat, |
.opt.value = &cfg.outformat, |
| }, |
}, |
| { |
{ |
| .name = "passin", |
.name = "passin", |
| .argname = "src", |
.argname = "src", |
| .desc = "Input file passphrase source", |
.desc = "Input file passphrase source", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &rsa_config.passargin, |
.opt.arg = &cfg.passargin, |
| }, |
}, |
| { |
{ |
| .name = "passout", |
.name = "passout", |
| .argname = "src", |
.argname = "src", |
| .desc = "Output file passphrase source", |
.desc = "Output file passphrase source", |
| .type = OPTION_ARG, |
.type = OPTION_ARG, |
| .opt.arg = &rsa_config.passargout, |
.opt.arg = &cfg.passargout, |
| }, |
}, |
| { |
{ |
| .name = "pubin", |
.name = "pubin", |
| .desc = "Expect a public key (default private key)", |
.desc = "Expect a public key (default private key)", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .value = 1, |
.value = 1, |
| .opt.value = &rsa_config.pubin, |
.opt.value = &cfg.pubin, |
| }, |
}, |
| { |
{ |
| .name = "pubout", |
.name = "pubout", |
| .desc = "Output a public key (default private key)", |
.desc = "Output a public key (default private key)", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .value = 1, |
.value = 1, |
| .opt.value = &rsa_config.pubout, |
.opt.value = &cfg.pubout, |
| }, |
}, |
| { |
{ |
| .name = "pvk-none", |
.name = "pvk-none", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .value = 0, |
.value = 0, |
| .opt.value = &rsa_config.pvk_encr, |
.opt.value = &cfg.pvk_encr, |
| }, |
}, |
| { |
{ |
| .name = "pvk-strong", |
.name = "pvk-strong", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .value = 2, |
.value = 2, |
| .opt.value = &rsa_config.pvk_encr, |
.opt.value = &cfg.pvk_encr, |
| }, |
}, |
| { |
{ |
| .name = "pvk-weak", |
.name = "pvk-weak", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .value = 1, |
.value = 1, |
| .opt.value = &rsa_config.pvk_encr, |
.opt.value = &cfg.pvk_encr, |
| }, |
}, |
| { |
{ |
| .name = "RSAPublicKey_in", |
.name = "RSAPublicKey_in", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .value = 2, |
.value = 2, |
| .opt.value = &rsa_config.pubin, |
.opt.value = &cfg.pubin, |
| }, |
}, |
| { |
{ |
| .name = "RSAPublicKey_out", |
.name = "RSAPublicKey_out", |
| .type = OPTION_VALUE, |
.type = OPTION_VALUE, |
| .value = 2, |
.value = 2, |
| .opt.value = &rsa_config.pubout, |
.opt.value = &cfg.pubout, |
| }, |
}, |
| { |
{ |
| .name = "text", |
.name = "text", |
| .desc = "Print in plain text in addition to encoded", |
.desc = "Print in plain text in addition to encoded", |
| .type = OPTION_FLAG, |
.type = OPTION_FLAG, |
| .opt.flag = &rsa_config.text, |
.opt.flag = &cfg.text, |
| }, |
}, |
| { |
{ |
| .name = NULL, |
.name = NULL, |
|
|
| exit(1); |
exit(1); |
| } |
} |
| |
|
| memset(&rsa_config, 0, sizeof(rsa_config)); |
memset(&cfg, 0, sizeof(cfg)); |
| rsa_config.pvk_encr = 2; |
cfg.pvk_encr = 2; |
| rsa_config.informat = FORMAT_PEM; |
cfg.informat = FORMAT_PEM; |
| rsa_config.outformat = FORMAT_PEM; |
cfg.outformat = FORMAT_PEM; |
| |
|
| if (options_parse(argc, argv, rsa_options, NULL, NULL) != 0) { |
if (options_parse(argc, argv, rsa_options, NULL, NULL) != 0) { |
| rsa_usage(); |
rsa_usage(); |
| goto end; |
goto end; |
| } |
} |
| |
|
| if (!app_passwd(bio_err, rsa_config.passargin, rsa_config.passargout, |
if (!app_passwd(bio_err, cfg.passargin, cfg.passargout, |
| &passin, &passout)) { |
&passin, &passout)) { |
| BIO_printf(bio_err, "Error getting passwords\n"); |
BIO_printf(bio_err, "Error getting passwords\n"); |
| goto end; |
goto end; |
| } |
} |
| if (rsa_config.check && rsa_config.pubin) { |
if (cfg.check && cfg.pubin) { |
| BIO_printf(bio_err, "Only private keys can be checked\n"); |
BIO_printf(bio_err, "Only private keys can be checked\n"); |
| goto end; |
goto end; |
| } |
} |
|
|
| { |
{ |
| EVP_PKEY *pkey; |
EVP_PKEY *pkey; |
| |
|
| if (rsa_config.pubin) { |
if (cfg.pubin) { |
| int tmpformat = -1; |
int tmpformat = -1; |
| if (rsa_config.pubin == 2) { |
if (cfg.pubin == 2) { |
| if (rsa_config.informat == FORMAT_PEM) |
if (cfg.informat == FORMAT_PEM) |
| tmpformat = FORMAT_PEMRSA; |
tmpformat = FORMAT_PEMRSA; |
| else if (rsa_config.informat == FORMAT_ASN1) |
else if (cfg.informat == FORMAT_ASN1) |
| tmpformat = FORMAT_ASN1RSA; |
tmpformat = FORMAT_ASN1RSA; |
| } else |
} else |
| tmpformat = rsa_config.informat; |
tmpformat = cfg.informat; |
| |
|
| pkey = load_pubkey(bio_err, rsa_config.infile, |
pkey = load_pubkey(bio_err, cfg.infile, |
| tmpformat, 1, passin, "Public Key"); |
tmpformat, 1, passin, "Public Key"); |
| } else |
} else |
| pkey = load_key(bio_err, rsa_config.infile, |
pkey = load_key(bio_err, cfg.infile, |
| rsa_config.informat, 1, passin, "Private Key"); |
cfg.informat, 1, passin, "Private Key"); |
| |
|
| if (pkey != NULL) |
if (pkey != NULL) |
| rsa = EVP_PKEY_get1_RSA(pkey); |
rsa = EVP_PKEY_get1_RSA(pkey); |
|
|
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (rsa_config.outfile == NULL) { |
if (cfg.outfile == NULL) { |
| BIO_set_fp(out, stdout, BIO_NOCLOSE); |
BIO_set_fp(out, stdout, BIO_NOCLOSE); |
| } else { |
} else { |
| if (BIO_write_filename(out, rsa_config.outfile) <= 0) { |
if (BIO_write_filename(out, cfg.outfile) <= 0) { |
| perror(rsa_config.outfile); |
perror(cfg.outfile); |
| goto end; |
goto end; |
| } |
} |
| } |
} |
| |
|
| if (rsa_config.text) |
if (cfg.text) |
| if (!RSA_print(out, rsa, 0)) { |
if (!RSA_print(out, rsa, 0)) { |
| perror(rsa_config.outfile); |
perror(cfg.outfile); |
| ERR_print_errors(bio_err); |
ERR_print_errors(bio_err); |
| goto end; |
goto end; |
| } |
} |
| if (rsa_config.modulus) { |
if (cfg.modulus) { |
| BIO_printf(out, "Modulus="); |
BIO_printf(out, "Modulus="); |
| BN_print(out, RSA_get0_n(rsa)); |
BN_print(out, RSA_get0_n(rsa)); |
| BIO_printf(out, "\n"); |
BIO_printf(out, "\n"); |
| } |
} |
| if (rsa_config.check) { |
if (cfg.check) { |
| int r = RSA_check_key(rsa); |
int r = RSA_check_key(rsa); |
| |
|
| if (r == 1) |
if (r == 1) |
|
|
| goto end; |
goto end; |
| } |
} |
| } |
} |
| if (rsa_config.noout) { |
if (cfg.noout) { |
| ret = 0; |
ret = 0; |
| goto end; |
goto end; |
| } |
} |
| BIO_printf(bio_err, "writing RSA key\n"); |
BIO_printf(bio_err, "writing RSA key\n"); |
| if (rsa_config.outformat == FORMAT_ASN1) { |
if (cfg.outformat == FORMAT_ASN1) { |
| if (rsa_config.pubout || rsa_config.pubin) { |
if (cfg.pubout || cfg.pubin) { |
| if (rsa_config.pubout == 2) |
if (cfg.pubout == 2) |
| i = i2d_RSAPublicKey_bio(out, rsa); |
i = i2d_RSAPublicKey_bio(out, rsa); |
| else |
else |
| i = i2d_RSA_PUBKEY_bio(out, rsa); |
i = i2d_RSA_PUBKEY_bio(out, rsa); |
| } else |
} else |
| i = i2d_RSAPrivateKey_bio(out, rsa); |
i = i2d_RSAPrivateKey_bio(out, rsa); |
| } else if (rsa_config.outformat == FORMAT_PEM) { |
} else if (cfg.outformat == FORMAT_PEM) { |
| if (rsa_config.pubout || rsa_config.pubin) { |
if (cfg.pubout || cfg.pubin) { |
| if (rsa_config.pubout == 2) |
if (cfg.pubout == 2) |
| i = PEM_write_bio_RSAPublicKey(out, rsa); |
i = PEM_write_bio_RSAPublicKey(out, rsa); |
| else |
else |
| i = PEM_write_bio_RSA_PUBKEY(out, rsa); |
i = PEM_write_bio_RSA_PUBKEY(out, rsa); |
| } else |
} else |
| i = PEM_write_bio_RSAPrivateKey(out, rsa, |
i = PEM_write_bio_RSAPrivateKey(out, rsa, |
| rsa_config.enc, NULL, 0, NULL, passout); |
cfg.enc, NULL, 0, NULL, passout); |
| #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) |
#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) |
| } else if (rsa_config.outformat == FORMAT_MSBLOB || |
} else if (cfg.outformat == FORMAT_MSBLOB || |
| rsa_config.outformat == FORMAT_PVK) { |
cfg.outformat == FORMAT_PVK) { |
| EVP_PKEY *pk; |
EVP_PKEY *pk; |
| pk = EVP_PKEY_new(); |
pk = EVP_PKEY_new(); |
| EVP_PKEY_set1_RSA(pk, rsa); |
EVP_PKEY_set1_RSA(pk, rsa); |
| if (rsa_config.outformat == FORMAT_PVK) |
if (cfg.outformat == FORMAT_PVK) |
| i = i2b_PVK_bio(out, pk, rsa_config.pvk_encr, 0, |
i = i2b_PVK_bio(out, pk, cfg.pvk_encr, 0, |
| passout); |
passout); |
| else if (rsa_config.pubin || rsa_config.pubout) |
else if (cfg.pubin || cfg.pubout) |
| i = i2b_PublicKey_bio(out, pk); |
i = i2b_PublicKey_bio(out, pk); |
| else |
else |
| i = i2b_PrivateKey_bio(out, pk); |
i = i2b_PrivateKey_bio(out, pk); |
![[BACK]](/icons/back.gif){kind=icon}
Return to rsa.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl