1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/ossrv/ssl/tsrc/topenssl/src/genrsa.c Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,309 @@
1.4 +/* apps/genrsa.c */
1.5 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
1.6 + * All rights reserved.
1.7 + *
1.8 + * This package is an SSL implementation written
1.9 + * by Eric Young (eay@cryptsoft.com).
1.10 + * The implementation was written so as to conform with Netscapes SSL.
1.11 + *
1.12 + * This library is free for commercial and non-commercial use as long as
1.13 + * the following conditions are aheared to. The following conditions
1.14 + * apply to all code found in this distribution, be it the RC4, RSA,
1.15 + * lhash, DES, etc., code; not just the SSL code. The SSL documentation
1.16 + * included with this distribution is covered by the same copyright terms
1.17 + * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1.18 + *
1.19 + * Copyright remains Eric Young's, and as such any Copyright notices in
1.20 + * the code are not to be removed.
1.21 + * If this package is used in a product, Eric Young should be given attribution
1.22 + * as the author of the parts of the library used.
1.23 + * This can be in the form of a textual message at program startup or
1.24 + * in documentation (online or textual) provided with the package.
1.25 + *
1.26 + * Redistribution and use in source and binary forms, with or without
1.27 + * modification, are permitted provided that the following conditions
1.28 + * are met:
1.29 + * 1. Redistributions of source code must retain the copyright
1.30 + * notice, this list of conditions and the following disclaimer.
1.31 + * 2. Redistributions in binary form must reproduce the above copyright
1.32 + * notice, this list of conditions and the following disclaimer in the
1.33 + * documentation and/or other materials provided with the distribution.
1.34 + * 3. All advertising materials mentioning features or use of this software
1.35 + * must display the following acknowledgement:
1.36 + * "This product includes cryptographic software written by
1.37 + * Eric Young (eay@cryptsoft.com)"
1.38 + * The word 'cryptographic' can be left out if the rouines from the library
1.39 + * being used are not cryptographic related :-).
1.40 + * 4. If you include any Windows specific code (or a derivative thereof) from
1.41 + * the apps directory (application code) you must include an acknowledgement:
1.42 + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
1.43 + *
1.44 + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
1.45 + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1.46 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1.47 + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1.48 + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1.49 + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1.50 + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.51 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1.52 + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1.53 + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.54 + * SUCH DAMAGE.
1.55 + *
1.56 + * The licence and distribution terms for any publically available version or
1.57 + * derivative of this code cannot be changed. i.e. this code cannot simply be
1.58 + * copied and put under another distribution licence
1.59 + * [including the GNU Public Licence.]
1.60 + */
1.61 +
1.62 +#include <openssl/opensslconf.h>
1.63 +/* Until the key-gen callbacks are modified to use newer prototypes, we allow
1.64 + * deprecated functions for openssl-internal code */
1.65 +#ifdef OPENSSL_NO_DEPRECATED
1.66 +#undef OPENSSL_NO_DEPRECATED
1.67 +#endif
1.68 +
1.69 +#ifndef OPENSSL_NO_RSA
1.70 +#include <stdio.h>
1.71 +#include <string.h>
1.72 +#include <sys/types.h>
1.73 +#include <sys/stat.h>
1.74 +#include "apps.h"
1.75 +#include <openssl/bio.h>
1.76 +#include <openssl/err.h>
1.77 +#include <openssl/bn.h>
1.78 +#include <openssl/rsa.h>
1.79 +#include <openssl/evp.h>
1.80 +#include <openssl/x509.h>
1.81 +#include <openssl/pem.h>
1.82 +#include <openssl/rand.h>
1.83 +
1.84 +#define DEFBITS 512
1.85 +#undef PROG
1.86 +#define PROG genrsa_main
1.87 +
1.88 +static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb);
1.89 +
1.90 +
1.91 +int MAIN(int, char **);
1.92 +
1.93 +int MAIN(int argc, char **argv)
1.94 + {
1.95 + BN_GENCB cb;
1.96 +#ifndef OPENSSL_NO_ENGINE
1.97 + ENGINE *e = NULL;
1.98 +#endif
1.99 + int ret=1;
1.100 + int i,num=DEFBITS;
1.101 + long l;
1.102 + const EVP_CIPHER *enc=NULL;
1.103 + unsigned long f4=RSA_F4;
1.104 + char *outfile=NULL;
1.105 + char *passargout = NULL, *passout = NULL;
1.106 +#ifndef OPENSSL_NO_ENGINE
1.107 + char *engine=NULL;
1.108 +#endif
1.109 + char *inrand=NULL;
1.110 + BIO *out=NULL;
1.111 + BIGNUM *bn = BN_new();
1.112 + RSA *rsa = RSA_new();
1.113 +
1.114 + if(!bn || !rsa) goto err;
1.115 +
1.116 + apps_startup();
1.117 + BN_GENCB_set(&cb, genrsa_cb, bio_err);
1.118 +
1.119 + if (bio_err == NULL)
1.120 + if ((bio_err=BIO_new(BIO_s_file())) != NULL)
1.121 + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
1.122 + if (!load_config(bio_err, NULL))
1.123 + goto err;
1.124 + if ((out=BIO_new(BIO_s_file())) == NULL)
1.125 + {
1.126 + BIO_printf(bio_err,"unable to create BIO for output\n");
1.127 + goto err;
1.128 + }
1.129 +
1.130 + argv++;
1.131 + argc--;
1.132 + for (;;)
1.133 + {
1.134 + if (argc <= 0) break;
1.135 + if (strcmp(*argv,"-out") == 0)
1.136 + {
1.137 + if (--argc < 1) goto bad;
1.138 + outfile= *(++argv);
1.139 + }
1.140 + else if (strcmp(*argv,"-3") == 0)
1.141 + f4=3;
1.142 + else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
1.143 + f4=RSA_F4;
1.144 +#ifndef OPENSSL_NO_ENGINE
1.145 + else if (strcmp(*argv,"-engine") == 0)
1.146 + {
1.147 + if (--argc < 1) goto bad;
1.148 + engine= *(++argv);
1.149 + }
1.150 +#endif
1.151 + else if (strcmp(*argv,"-rand") == 0)
1.152 + {
1.153 + if (--argc < 1) goto bad;
1.154 + inrand= *(++argv);
1.155 + }
1.156 +#ifndef OPENSSL_NO_DES
1.157 + else if (strcmp(*argv,"-des") == 0)
1.158 + enc=EVP_des_cbc();
1.159 + else if (strcmp(*argv,"-des3") == 0)
1.160 + enc=EVP_des_ede3_cbc();
1.161 +#endif
1.162 +#ifndef OPENSSL_NO_IDEA
1.163 + else if (strcmp(*argv,"-idea") == 0)
1.164 + enc=EVP_idea_cbc();
1.165 +#endif
1.166 +#ifndef OPENSSL_NO_AES
1.167 + else if (strcmp(*argv,"-aes128") == 0)
1.168 + enc=EVP_aes_128_cbc();
1.169 + else if (strcmp(*argv,"-aes192") == 0)
1.170 + enc=EVP_aes_192_cbc();
1.171 + else if (strcmp(*argv,"-aes256") == 0)
1.172 + enc=EVP_aes_256_cbc();
1.173 +#endif
1.174 + else if (strcmp(*argv,"-passout") == 0)
1.175 + {
1.176 + if (--argc < 1) goto bad;
1.177 + passargout= *(++argv);
1.178 + }
1.179 + else
1.180 + break;
1.181 + argv++;
1.182 + argc--;
1.183 + }
1.184 + if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
1.185 + {
1.186 +bad:
1.187 + BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n");
1.188 + BIO_printf(bio_err," -des encrypt the generated key with DES in cbc mode\n");
1.189 + BIO_printf(bio_err," -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
1.190 +#ifndef OPENSSL_NO_IDEA
1.191 + BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n");
1.192 +#endif
1.193 +#ifndef OPENSSL_NO_AES
1.194 + BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
1.195 + BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
1.196 +#endif
1.197 + BIO_printf(bio_err," -out file output the key to 'file\n");
1.198 + BIO_printf(bio_err," -passout arg output file pass phrase source\n");
1.199 + BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");
1.200 + BIO_printf(bio_err," -3 use 3 for the E value\n");
1.201 +#ifndef OPENSSL_NO_ENGINE
1.202 + BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
1.203 +#endif
1.204 + BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
1.205 + BIO_printf(bio_err," load the file (or the files in the directory) into\n");
1.206 + BIO_printf(bio_err," the random number generator\n");
1.207 + goto err;
1.208 + }
1.209 +
1.210 + ERR_load_crypto_strings();
1.211 +
1.212 + if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
1.213 + BIO_printf(bio_err, "Error getting password\n");
1.214 + goto err;
1.215 + }
1.216 +
1.217 +#ifndef OPENSSL_NO_ENGINE
1.218 + e = setup_engine(bio_err, engine, 0);
1.219 +#endif
1.220 +
1.221 + if (outfile == NULL)
1.222 + {
1.223 + BIO_set_fp(out,stdout,BIO_NOCLOSE);
1.224 +
1.225 +#ifdef OPENSSL_SYS_VMS
1.226 + {
1.227 + BIO *tmpbio = BIO_new(BIO_f_linebuffer());
1.228 + out = BIO_push(tmpbio, out);
1.229 + }
1.230 +#endif
1.231 + }
1.232 + else
1.233 + {
1.234 + if (BIO_write_filename(out,outfile) <= 0)
1.235 + {
1.236 + perror(outfile);
1.237 + goto err;
1.238 + }
1.239 + }
1.240 +
1.241 + if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
1.242 + && !RAND_status())
1.243 + {
1.244 + BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
1.245 + }
1.246 + if (inrand != NULL)
1.247 + BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
1.248 + app_RAND_load_files(inrand));
1.249 +
1.250 + BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
1.251 + num);
1.252 +
1.253 + if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
1.254 + goto err;
1.255 +
1.256 + app_RAND_write_file(NULL, bio_err);
1.257 +
1.258 + /* We need to do the following for when the base number size is <
1.259 + * long, esp windows 3.1 :-(. */
1.260 + l=0L;
1.261 + for (i=0; i<rsa->e->top; i++)
1.262 + {
1.263 +#ifndef SIXTY_FOUR_BIT
1.264 + l<<=BN_BITS4;
1.265 + l<<=BN_BITS4;
1.266 +#endif
1.267 + l+=rsa->e->d[i];
1.268 + }
1.269 + BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
1.270 + {
1.271 + PW_CB_DATA cb_data;
1.272 + cb_data.password = passout;
1.273 + cb_data.prompt_info = outfile;
1.274 + if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,
1.275 + (pem_password_cb *)password_callback,&cb_data))
1.276 + goto err;
1.277 + }
1.278 +
1.279 + ret=0;
1.280 +err:
1.281 + if (bn) BN_free(bn);
1.282 + if (rsa) RSA_free(rsa);
1.283 + if (out) BIO_free_all(out);
1.284 + if(passout) OPENSSL_free(passout);
1.285 + if (ret != 0)
1.286 + ERR_print_errors(bio_err);
1.287 + apps_shutdown();
1.288 + OPENSSL_EXIT(ret);
1.289 + }
1.290 +
1.291 +static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
1.292 + {
1.293 + char c='*';
1.294 +
1.295 + if (p == 0) c='.';
1.296 + if (p == 1) c='+';
1.297 + if (p == 2) c='*';
1.298 + if (p == 3) c='\n';
1.299 + BIO_write(cb->arg,&c,1);
1.300 + (void)BIO_flush(cb->arg);
1.301 +#ifdef LINT
1.302 + p=n;
1.303 +#endif
1.304 + return 1;
1.305 + }
1.306 +#else /* !OPENSSL_NO_RSA */
1.307 +
1.308 +# if PEDANTIC
1.309 +static void *dummy=&dummy;
1.310 +# endif
1.311 +
1.312 +#endif