1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/ossrv/ssl/tsrc/topenssl/src/gendsa.c Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,265 @@
1.4 +/* apps/gendsa.c */
1.5 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
1.6 + * All rights reserved.
1.7 + *
1.8 + * This package is an SSL implementation written
1.9 + * by Eric Young (eay@cryptsoft.com).
1.10 + * The implementation was written so as to conform with Netscapes SSL.
1.11 + *
1.12 + * This library is free for commercial and non-commercial use as long as
1.13 + * the following conditions are aheared to. The following conditions
1.14 + * apply to all code found in this distribution, be it the RC4, RSA,
1.15 + * lhash, DES, etc., code; not just the SSL code. The SSL documentation
1.16 + * included with this distribution is covered by the same copyright terms
1.17 + * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1.18 + *
1.19 + * Copyright remains Eric Young's, and as such any Copyright notices in
1.20 + * the code are not to be removed.
1.21 + * If this package is used in a product, Eric Young should be given attribution
1.22 + * as the author of the parts of the library used.
1.23 + * This can be in the form of a textual message at program startup or
1.24 + * in documentation (online or textual) provided with the package.
1.25 + *
1.26 + * Redistribution and use in source and binary forms, with or without
1.27 + * modification, are permitted provided that the following conditions
1.28 + * are met:
1.29 + * 1. Redistributions of source code must retain the copyright
1.30 + * notice, this list of conditions and the following disclaimer.
1.31 + * 2. Redistributions in binary form must reproduce the above copyright
1.32 + * notice, this list of conditions and the following disclaimer in the
1.33 + * documentation and/or other materials provided with the distribution.
1.34 + * 3. All advertising materials mentioning features or use of this software
1.35 + * must display the following acknowledgement:
1.36 + * "This product includes cryptographic software written by
1.37 + * Eric Young (eay@cryptsoft.com)"
1.38 + * The word 'cryptographic' can be left out if the rouines from the library
1.39 + * being used are not cryptographic related :-).
1.40 + * 4. If you include any Windows specific code (or a derivative thereof) from
1.41 + * the apps directory (application code) you must include an acknowledgement:
1.42 + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
1.43 + *
1.44 + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
1.45 + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1.46 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1.47 + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1.48 + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1.49 + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1.50 + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.51 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1.52 + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1.53 + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.54 + * SUCH DAMAGE.
1.55 + *
1.56 + * The licence and distribution terms for any publically available version or
1.57 + * derivative of this code cannot be changed. i.e. this code cannot simply be
1.58 + * copied and put under another distribution licence
1.59 + * [including the GNU Public Licence.]
1.60 + */
1.61 +
1.62 +#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
1.63 +#ifndef OPENSSL_NO_DSA
1.64 +#include <stdio.h>
1.65 +#include <string.h>
1.66 +#include <sys/types.h>
1.67 +#include <sys/stat.h>
1.68 +#include "apps.h"
1.69 +#include <openssl/bio.h>
1.70 +#include <openssl/err.h>
1.71 +#include <openssl/bn.h>
1.72 +#include <openssl/dsa.h>
1.73 +#include <openssl/x509.h>
1.74 +#include <openssl/pem.h>
1.75 +
1.76 +#define DEFBITS 512
1.77 +#undef PROG
1.78 +#define PROG gendsa_main
1.79 +
1.80 +
1.81 +int MAIN(int, char **);
1.82 +
1.83 +int MAIN(int argc, char **argv)
1.84 + {
1.85 +#ifndef OPENSSL_NO_ENGINE
1.86 + ENGINE *e = NULL;
1.87 +#endif
1.88 + DSA *dsa=NULL;
1.89 + int ret=1;
1.90 + char *outfile=NULL;
1.91 + char *inrand=NULL,*dsaparams=NULL;
1.92 + char *passargout = NULL, *passout = NULL;
1.93 + BIO *out=NULL,*in=NULL;
1.94 + const EVP_CIPHER *enc=NULL;
1.95 +#ifndef OPENSSL_NO_ENGINE
1.96 + char *engine=NULL;
1.97 +#endif
1.98 +
1.99 + apps_startup();
1.100 +
1.101 + if (bio_err == NULL)
1.102 + if ((bio_err=BIO_new(BIO_s_file())) != NULL)
1.103 + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
1.104 +
1.105 +
1.106 + if (!load_config(bio_err, NULL))
1.107 + goto end;
1.108 +
1.109 + argv++;
1.110 + argc--;
1.111 + for (;;)
1.112 + {
1.113 + if (argc <= 0) break;
1.114 + if (strcmp(*argv,"-out") == 0)
1.115 + {
1.116 + if (--argc < 1) goto bad;
1.117 + outfile= *(++argv);
1.118 + }
1.119 + else if (strcmp(*argv,"-passout") == 0)
1.120 + {
1.121 + if (--argc < 1) goto bad;
1.122 + passargout= *(++argv);
1.123 + }
1.124 +#ifndef OPENSSL_NO_ENGINE
1.125 + else if (strcmp(*argv,"-engine") == 0)
1.126 + {
1.127 + if (--argc < 1) goto bad;
1.128 + engine= *(++argv);
1.129 + }
1.130 +#endif
1.131 + else if (strcmp(*argv,"-rand") == 0)
1.132 + {
1.133 + if (--argc < 1) goto bad;
1.134 + inrand= *(++argv);
1.135 + }
1.136 + else if (strcmp(*argv,"-") == 0)
1.137 + goto bad;
1.138 +#ifndef OPENSSL_NO_DES
1.139 + else if (strcmp(*argv,"-des") == 0)
1.140 + enc=EVP_des_cbc();
1.141 + else if (strcmp(*argv,"-des3") == 0)
1.142 + enc=EVP_des_ede3_cbc();
1.143 +#endif
1.144 +#ifndef OPENSSL_NO_IDEA
1.145 + else if (strcmp(*argv,"-idea") == 0)
1.146 + enc=EVP_idea_cbc();
1.147 +#endif
1.148 +#ifndef OPENSSL_NO_AES
1.149 + else if (strcmp(*argv,"-aes128") == 0)
1.150 + enc=EVP_aes_128_cbc();
1.151 + else if (strcmp(*argv,"-aes192") == 0)
1.152 + enc=EVP_aes_192_cbc();
1.153 + else if (strcmp(*argv,"-aes256") == 0)
1.154 + enc=EVP_aes_256_cbc();
1.155 +#endif
1.156 + else if (**argv != '-' && dsaparams == NULL)
1.157 + {
1.158 + dsaparams = *argv;
1.159 + }
1.160 + else
1.161 + goto bad;
1.162 + argv++;
1.163 + argc--;
1.164 + }
1.165 +
1.166 + if (dsaparams == NULL)
1.167 + {
1.168 +bad:
1.169 + BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
1.170 + BIO_printf(bio_err," -out file - output the key to 'file'\n");
1.171 +#ifndef OPENSSL_NO_DES
1.172 + BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n");
1.173 + BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
1.174 +#endif
1.175 +#ifndef OPENSSL_NO_IDEA
1.176 + BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
1.177 +#endif
1.178 +#ifndef OPENSSL_NO_AES
1.179 + BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
1.180 + BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
1.181 +#endif
1.182 +#ifndef OPENSSL_NO_ENGINE
1.183 + BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
1.184 +#endif
1.185 + BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
1.186 + BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
1.187 + BIO_printf(bio_err," the random number generator\n");
1.188 + BIO_printf(bio_err," dsaparam-file\n");
1.189 + BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n");
1.190 + goto end;
1.191 + }
1.192 +
1.193 +#ifndef OPENSSL_NO_ENGINE
1.194 + e = setup_engine(bio_err, engine, 0);
1.195 +#endif
1.196 +
1.197 + if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
1.198 + BIO_printf(bio_err, "Error getting password\n");
1.199 + goto end;
1.200 + }
1.201 +
1.202 +
1.203 + in=BIO_new(BIO_s_file());
1.204 + if (!(BIO_read_filename(in,dsaparams)))
1.205 + {
1.206 + perror(dsaparams);
1.207 + goto end;
1.208 + }
1.209 +
1.210 + if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
1.211 + {
1.212 + BIO_printf(bio_err,"unable to load DSA parameter file\n");
1.213 + goto end;
1.214 + }
1.215 + BIO_free(in);
1.216 + in = NULL;
1.217 +
1.218 + out=BIO_new(BIO_s_file());
1.219 + if (out == NULL) goto end;
1.220 +
1.221 + if (outfile == NULL)
1.222 + {
1.223 + BIO_set_fp(out,stdout,BIO_NOCLOSE);
1.224 +
1.225 +#ifdef OPENSSL_SYS_VMS
1.226 + {
1.227 + BIO *tmpbio = BIO_new(BIO_f_linebuffer());
1.228 + out = BIO_push(tmpbio, out);
1.229 + }
1.230 +#endif
1.231 + }
1.232 + else
1.233 + {
1.234 + if (BIO_write_filename(out,outfile) <= 0)
1.235 + {
1.236 + perror(outfile);
1.237 + goto end;
1.238 + }
1.239 + }
1.240 +
1.241 + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
1.242 + {
1.243 + BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
1.244 + }
1.245 + if (inrand != NULL)
1.246 + BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
1.247 + app_RAND_load_files(inrand));
1.248 +
1.249 + BIO_printf(bio_err,"Generating DSA key, %d bits\n",
1.250 + BN_num_bits(dsa->p));
1.251 + if (!DSA_generate_key(dsa)) goto end;
1.252 +
1.253 + app_RAND_write_file(NULL, bio_err);
1.254 +
1.255 + if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
1.256 + goto end;
1.257 + ret=0;
1.258 +end:
1.259 + if (ret != 0)
1.260 + ERR_print_errors(bio_err);
1.261 + if (in != NULL) BIO_free(in);
1.262 + if (out != NULL) BIO_free_all(out);
1.263 + if (dsa != NULL) DSA_free(dsa);
1.264 + if(passout) OPENSSL_free(passout);
1.265 + apps_shutdown();
1.266 + OPENSSL_EXIT(ret);
1.267 + }
1.268 +#endif