Symaptic: os/ossrv/ssl/tsrc/BC/libcrypto/topenssl/src/rsautl.c@260cb5ec6c19 (annotated)

sl@0	1	/* rsautl.c */
sl@0	2	/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
sl@0	3	* project 2000.
sl@0	4	*/
sl@0	5	/* ====================================================================
sl@0	6	* Copyright (c) 2000 The OpenSSL Project. All rights reserved.
sl@0	7	*
sl@0	8	* Redistribution and use in source and binary forms, with or without
sl@0	9	* modification, are permitted provided that the following conditions
sl@0	10	* are met:
sl@0	11	*
sl@0	12	* 1. Redistributions of source code must retain the above copyright
sl@0	13	* notice, this list of conditions and the following disclaimer.
sl@0	14	*
sl@0	15	* 2. Redistributions in binary form must reproduce the above copyright
sl@0	16	* notice, this list of conditions and the following disclaimer in
sl@0	17	* the documentation and/or other materials provided with the
sl@0	18	* distribution.
sl@0	19	*
sl@0	20	* 3. All advertising materials mentioning features or use of this
sl@0	21	* software must display the following acknowledgment:
sl@0	22	* "This product includes software developed by the OpenSSL Project
sl@0	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
sl@0	24	*
sl@0	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
sl@0	26	* endorse or promote products derived from this software without
sl@0	27	* prior written permission. For written permission, please contact
sl@0	28	* licensing@OpenSSL.org.
sl@0	29	*
sl@0	30	* 5. Products derived from this software may not be called "OpenSSL"
sl@0	31	* nor may "OpenSSL" appear in their names without prior written
sl@0	32	* permission of the OpenSSL Project.
sl@0	33	*
sl@0	34	* 6. Redistributions of any form whatsoever must retain the following
sl@0	35	* acknowledgment:
sl@0	36	* "This product includes software developed by the OpenSSL Project
sl@0	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
sl@0	38	*
sl@0	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
sl@0	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
sl@0	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
sl@0	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
sl@0	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
sl@0	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
sl@0	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
sl@0	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
sl@0	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
sl@0	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
sl@0	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
sl@0	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
sl@0	51	* ====================================================================
sl@0	52	*
sl@0	53	* This product includes cryptographic software written by Eric Young
sl@0	54	* (eay@cryptsoft.com). This product includes software written by Tim
sl@0	55	* Hudson (tjh@cryptsoft.com).
sl@0	56	*
sl@0	57	*/
sl@0	58
sl@0	59	#include <openssl/opensslconf.h>
sl@0	60	#ifndef OPENSSL_NO_RSA
sl@0	61
sl@0	62	#include "apps.h"
sl@0	63	#include <string.h>
sl@0	64	#include <openssl/err.h>
sl@0	65	#include <openssl/pem.h>
sl@0	66	#include <openssl/rsa.h>
sl@0	67
sl@0	68	#define RSA_SIGN 1
sl@0	69	#define RSA_VERIFY 2
sl@0	70	#define RSA_ENCRYPT 3
sl@0	71	#define RSA_DECRYPT 4
sl@0	72
sl@0	73	#define KEY_PRIVKEY 1
sl@0	74	#define KEY_PUBKEY 2
sl@0	75	#define KEY_CERT 3
sl@0	76
sl@0	77	static void usage(void);
sl@0	78
sl@0	79	#undef PROG
sl@0	80
sl@0	81	#define PROG rsautl_main
sl@0	82
sl@0	83
sl@0	84	int MAIN(int argc, char **);
sl@0	85
sl@0	86	int MAIN(int argc, char **argv)
sl@0	87	{
sl@0	88	ENGINE *e = NULL;
sl@0	89	BIO in = NULL, out = NULL;
sl@0	90	char infile = NULL, outfile = NULL;
sl@0	91	#ifndef OPENSSL_NO_ENGINE
sl@0	92	char *engine = NULL;
sl@0	93	#endif
sl@0	94	char *keyfile = NULL;
sl@0	95	char rsa_mode = RSA_VERIFY, key_type = KEY_PRIVKEY;
sl@0	96	int keyform = FORMAT_PEM;
sl@0	97	char need_priv = 0, badarg = 0, rev = 0;
sl@0	98	char hexdump = 0, asn1parse = 0;
sl@0	99	X509 *x;
sl@0	100	EVP_PKEY *pkey = NULL;
sl@0	101	RSA *rsa = NULL;
sl@0	102	unsigned char rsa_in = NULL, rsa_out = NULL, pad;
sl@0	103	char passargin = NULL, passin = NULL;
sl@0	104	int rsa_inlen, rsa_outlen = 0;
sl@0	105	int keysize;
sl@0	106
sl@0	107	int ret = 1;
sl@0	108
sl@0	109	argc--;
sl@0	110	argv++;
sl@0	111	if(!bio_err) bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
sl@0	112
sl@0	113	if (!load_config(bio_err, NULL))
sl@0	114	goto end;
sl@0	115	ERR_load_crypto_strings();
sl@0	116	OpenSSL_add_all_algorithms();
sl@0	117	pad = RSA_PKCS1_PADDING;
sl@0	118
sl@0	119	while(argc >= 1)
sl@0	120	{
sl@0	121	if (!strcmp(*argv,"-in")) {
sl@0	122	if (--argc < 1) badarg = 1;
sl@0	123	infile= *(++argv);
sl@0	124	} else if (!strcmp(*argv,"-out")) {
sl@0	125	if (--argc < 1) badarg = 1;
sl@0	126	outfile= *(++argv);
sl@0	127	} else if(!strcmp(*argv, "-inkey")) {
sl@0	128	if (--argc < 1) badarg = 1;
sl@0	129	keyfile = *(++argv);
sl@0	130	} else if (!strcmp(*argv,"-passin")) {
sl@0	131	if (--argc < 1) badarg = 1;
sl@0	132	passargin= *(++argv);
sl@0	133	} else if (strcmp(*argv,"-keyform") == 0) {
sl@0	134	if (--argc < 1) badarg = 1;
sl@0	135	keyform=str2fmt(*(++argv));
sl@0	136	#ifndef OPENSSL_NO_ENGINE
sl@0	137	} else if(!strcmp(*argv, "-engine")) {
sl@0	138	if (--argc < 1) badarg = 1;
sl@0	139	engine = *(++argv);
sl@0	140	#endif
sl@0	141	} else if(!strcmp(*argv, "-pubin")) {
sl@0	142	key_type = KEY_PUBKEY;
sl@0	143	} else if(!strcmp(*argv, "-certin")) {
sl@0	144	key_type = KEY_CERT;
sl@0	145	}
sl@0	146	else if(!strcmp(*argv, "-asn1parse")) asn1parse = 1;
sl@0	147	else if(!strcmp(*argv, "-hexdump")) hexdump = 1;
sl@0	148	else if(!strcmp(*argv, "-raw")) pad = RSA_NO_PADDING;
sl@0	149	else if(!strcmp(*argv, "-oaep")) pad = RSA_PKCS1_OAEP_PADDING;
sl@0	150	else if(!strcmp(*argv, "-ssl")) pad = RSA_SSLV23_PADDING;
sl@0	151	else if(!strcmp(*argv, "-pkcs")) pad = RSA_PKCS1_PADDING;
sl@0	152	else if(!strcmp(*argv, "-x931")) pad = RSA_X931_PADDING;
sl@0	153	else if(!strcmp(*argv, "-sign")) {
sl@0	154	rsa_mode = RSA_SIGN;
sl@0	155	need_priv = 1;
sl@0	156	} else if(!strcmp(*argv, "-verify")) rsa_mode = RSA_VERIFY;
sl@0	157	else if(!strcmp(*argv, "-rev")) rev = 1;
sl@0	158	else if(!strcmp(*argv, "-encrypt")) rsa_mode = RSA_ENCRYPT;
sl@0	159	else if(!strcmp(*argv, "-decrypt")) {
sl@0	160	rsa_mode = RSA_DECRYPT;
sl@0	161	need_priv = 1;
sl@0	162	} else badarg = 1;
sl@0	163	if(badarg) {
sl@0	164	usage();
sl@0	165	goto end;
sl@0	166	}
sl@0	167	argc--;
sl@0	168	argv++;
sl@0	169	}
sl@0	170
sl@0	171	if(need_priv && (key_type != KEY_PRIVKEY)) {
sl@0	172	BIO_printf(bio_err, "A private key is needed for this operation\n");
sl@0	173	goto end;
sl@0	174	}
sl@0	175
sl@0	176	#ifndef OPENSSL_NO_ENGINE
sl@0	177	e = setup_engine(bio_err, engine, 0);
sl@0	178	#endif
sl@0	179	if(!app_passwd(bio_err, passargin, NULL, &passin, NULL)) {
sl@0	180	BIO_printf(bio_err, "Error getting password\n");
sl@0	181	goto end;
sl@0	182	}
sl@0	183
sl@0	184	/* FIXME: seed PRNG only if needed */
sl@0	185	app_RAND_load_file(NULL, bio_err, 0);
sl@0	186
sl@0	187	switch(key_type) {
sl@0	188	case KEY_PRIVKEY:
sl@0	189	pkey = load_key(bio_err, keyfile, keyform, 0,
sl@0	190	passin, e, "Private Key");
sl@0	191	break;
sl@0	192
sl@0	193	case KEY_PUBKEY:
sl@0	194	pkey = load_pubkey(bio_err, keyfile, keyform, 0,
sl@0	195	NULL, e, "Public Key");
sl@0	196	break;
sl@0	197
sl@0	198	case KEY_CERT:
sl@0	199	x = load_cert(bio_err, keyfile, keyform,
sl@0	200	NULL, e, "Certificate");
sl@0	201	if(x) {
sl@0	202	pkey = X509_get_pubkey(x);
sl@0	203	X509_free(x);
sl@0	204	}
sl@0	205	break;
sl@0	206	}
sl@0	207
sl@0	208	if(!pkey) {
sl@0	209	return 1;
sl@0	210	}
sl@0	211
sl@0	212	rsa = EVP_PKEY_get1_RSA(pkey);
sl@0	213	EVP_PKEY_free(pkey);
sl@0	214
sl@0	215	if(!rsa) {
sl@0	216	BIO_printf(bio_err, "Error getting RSA key\n");
sl@0	217	ERR_print_errors(bio_err);
sl@0	218	goto end;
sl@0	219	}
sl@0	220
sl@0	221
sl@0	222	if(infile) {
sl@0	223	if(!(in = BIO_new_file(infile, "rb"))) {
sl@0	224	BIO_printf(bio_err, "Error Reading Input File\n");
sl@0	225	ERR_print_errors(bio_err);
sl@0	226	goto end;
sl@0	227	}
sl@0	228	}
sl@0	229	else
sl@0	230	in = BIO_new_fp(stdin, BIO_NOCLOSE);
sl@0	231
sl@0	232	if(outfile) {
sl@0	233	if(!(out = BIO_new_file(outfile, "wb"))) {
sl@0	234	BIO_printf(bio_err, "Error Reading Output File\n");
sl@0	235	ERR_print_errors(bio_err);
sl@0	236	goto end;
sl@0	237	}
sl@0	238	} else {
sl@0	239
sl@0	240	out = BIO_new_fp(stdout, BIO_NOCLOSE);
sl@0	241	#ifdef OPENSSL_SYS_VMS
sl@0	242	{
sl@0	243	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
sl@0	244	out = BIO_push(tmpbio, out);
sl@0	245	}
sl@0	246	#endif
sl@0	247	}
sl@0	248
sl@0	249	keysize = RSA_size(rsa);
sl@0	250
sl@0	251	rsa_in = OPENSSL_malloc(keysize * 2);
sl@0	252	rsa_out = OPENSSL_malloc(keysize);
sl@0	253
sl@0	254	/* Read the input data */
sl@0	255	rsa_inlen = BIO_read(in, rsa_in, keysize * 2);
sl@0	256	if(rsa_inlen <= 0) {
sl@0	257	BIO_printf(bio_err, "Error reading input Data\n");
sl@0	258	exit(1);
sl@0	259	}
sl@0	260	if(rev) {
sl@0	261	int i;
sl@0	262	unsigned char ctmp;
sl@0	263	for(i = 0; i < rsa_inlen/2; i++) {
sl@0	264	ctmp = rsa_in[i];
sl@0	265	rsa_in[i] = rsa_in[rsa_inlen - 1 - i];
sl@0	266	rsa_in[rsa_inlen - 1 - i] = ctmp;
sl@0	267	}
sl@0	268	}
sl@0	269	switch(rsa_mode) {
sl@0	270
sl@0	271	case RSA_VERIFY:
sl@0	272	rsa_outlen = RSA_public_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
sl@0	273	break;
sl@0	274
sl@0	275	case RSA_SIGN:
sl@0	276	rsa_outlen = RSA_private_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
sl@0	277	break;
sl@0	278
sl@0	279	case RSA_ENCRYPT:
sl@0	280	rsa_outlen = RSA_public_encrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
sl@0	281	break;
sl@0	282
sl@0	283	case RSA_DECRYPT:
sl@0	284	rsa_outlen = RSA_private_decrypt(rsa_inlen, rsa_in, rsa_out, rsa, pad);
sl@0	285	break;
sl@0	286
sl@0	287	}
sl@0	288
sl@0	289	if(rsa_outlen <= 0) {
sl@0	290	BIO_printf(bio_err, "RSA operation error\n");
sl@0	291	ERR_print_errors(bio_err);
sl@0	292	goto end;
sl@0	293	}
sl@0	294	ret = 0;
sl@0	295	if(asn1parse) {
sl@0	296	if(!ASN1_parse_dump(out, rsa_out, rsa_outlen, 1, -1)) {
sl@0	297	ERR_print_errors(bio_err);
sl@0	298	}
sl@0	299	} else if(hexdump) BIO_dump(out, (char *)rsa_out, rsa_outlen);
sl@0	300	else BIO_write(out, rsa_out, rsa_outlen);
sl@0	301	end:
sl@0	302	RSA_free(rsa);
sl@0	303	BIO_free(in);
sl@0	304	BIO_free_all(out);
sl@0	305	if(rsa_in) OPENSSL_free(rsa_in);
sl@0	306	if(rsa_out) OPENSSL_free(rsa_out);
sl@0	307	if(passin) OPENSSL_free(passin);
sl@0	308	return ret;
sl@0	309	}
sl@0	310
sl@0	311	static void usage()
sl@0	312	{
sl@0	313	BIO_printf(bio_err, "Usage: rsautl [options]\n");
sl@0	314	BIO_printf(bio_err, "-in file input file\n");
sl@0	315	BIO_printf(bio_err, "-out file output file\n");
sl@0	316	BIO_printf(bio_err, "-inkey file input key\n");
sl@0	317	BIO_printf(bio_err, "-keyform arg private key format - default PEM\n");
sl@0	318	BIO_printf(bio_err, "-pubin input is an RSA public\n");
sl@0	319	BIO_printf(bio_err, "-certin input is a certificate carrying an RSA public key\n");
sl@0	320	BIO_printf(bio_err, "-ssl use SSL v2 padding\n");
sl@0	321	BIO_printf(bio_err, "-raw use no padding\n");
sl@0	322	BIO_printf(bio_err, "-pkcs use PKCS#1 v1.5 padding (default)\n");
sl@0	323	BIO_printf(bio_err, "-oaep use PKCS#1 OAEP\n");
sl@0	324	BIO_printf(bio_err, "-sign sign with private key\n");
sl@0	325	BIO_printf(bio_err, "-verify verify with public key\n");
sl@0	326	BIO_printf(bio_err, "-encrypt encrypt with public key\n");
sl@0	327	BIO_printf(bio_err, "-decrypt decrypt with private key\n");
sl@0	328	BIO_printf(bio_err, "-hexdump hex dump output\n");
sl@0	329	#ifndef OPENSSL_NO_ENGINE
sl@0	330	BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n");
sl@0	331	BIO_printf (bio_err, "-passin arg pass phrase source\n");
sl@0	332	#endif
sl@0	333
sl@0	334	}
sl@0	335
sl@0	336	#endif

author	sl
	Tue, 10 Jun 2014 14:32:02 +0200
changeset 1	260cb5ec6c19
permissions	-rw-r--r--