1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/ossrv/ssl/tsrc/topenssl/src/rsa.c Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,394 @@
1.4 +/* apps/rsa.c */
1.5 +/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
1.6 + * All rights reserved.
1.7 + *
1.8 + * This package is an SSL implementation written
1.9 + * by Eric Young (eay@cryptsoft.com).
1.10 + * The implementation was written so as to conform with Netscapes SSL.
1.11 + *
1.12 + * This library is free for commercial and non-commercial use as long as
1.13 + * the following conditions are aheared to. The following conditions
1.14 + * apply to all code found in this distribution, be it the RC4, RSA,
1.15 + * lhash, DES, etc., code; not just the SSL code. The SSL documentation
1.16 + * included with this distribution is covered by the same copyright terms
1.17 + * except that the holder is Tim Hudson (tjh@cryptsoft.com).
1.18 + *
1.19 + * Copyright remains Eric Young's, and as such any Copyright notices in
1.20 + * the code are not to be removed.
1.21 + * If this package is used in a product, Eric Young should be given attribution
1.22 + * as the author of the parts of the library used.
1.23 + * This can be in the form of a textual message at program startup or
1.24 + * in documentation (online or textual) provided with the package.
1.25 + *
1.26 + * Redistribution and use in source and binary forms, with or without
1.27 + * modification, are permitted provided that the following conditions
1.28 + * are met:
1.29 + * 1. Redistributions of source code must retain the copyright
1.30 + * notice, this list of conditions and the following disclaimer.
1.31 + * 2. Redistributions in binary form must reproduce the above copyright
1.32 + * notice, this list of conditions and the following disclaimer in the
1.33 + * documentation and/or other materials provided with the distribution.
1.34 + * 3. All advertising materials mentioning features or use of this software
1.35 + * must display the following acknowledgement:
1.36 + * "This product includes cryptographic software written by
1.37 + * Eric Young (eay@cryptsoft.com)"
1.38 + * The word 'cryptographic' can be left out if the rouines from the library
1.39 + * being used are not cryptographic related :-).
1.40 + * 4. If you include any Windows specific code (or a derivative thereof) from
1.41 + * the apps directory (application code) you must include an acknowledgement:
1.42 + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
1.43 + *
1.44 + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
1.45 + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1.46 + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1.47 + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
1.48 + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
1.49 + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
1.50 + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
1.51 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
1.52 + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
1.53 + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
1.54 + * SUCH DAMAGE.
1.55 + *
1.56 + * The licence and distribution terms for any publically available version or
1.57 + * derivative of this code cannot be changed. i.e. this code cannot simply be
1.58 + * copied and put under another distribution licence
1.59 + * [including the GNU Public Licence.]
1.60 + */
1.61 +
1.62 +#include <openssl/opensslconf.h>
1.63 +#ifndef OPENSSL_NO_RSA
1.64 +#include <stdio.h>
1.65 +#include <stdlib.h>
1.66 +#include <string.h>
1.67 +#include <time.h>
1.68 +#include "apps.h"
1.69 +#include <openssl/bio.h>
1.70 +#include <openssl/err.h>
1.71 +#include <openssl/rsa.h>
1.72 +#include <openssl/evp.h>
1.73 +#include <openssl/x509.h>
1.74 +#include <openssl/pem.h>
1.75 +#include <openssl/bn.h>
1.76 +
1.77 +#undef PROG
1.78 +#define PROG rsa_main
1.79 +
1.80 +/* -inform arg - input format - default PEM (one of DER, NET or PEM)
1.81 + * -outform arg - output format - default PEM
1.82 + * -in arg - input file - default stdin
1.83 + * -out arg - output file - default stdout
1.84 + * -des - encrypt output if PEM format with DES in cbc mode
1.85 + * -des3 - encrypt output if PEM format
1.86 + * -idea - encrypt output if PEM format
1.87 + * -seed - encrypt output if PEM format
1.88 + * -aes128 - encrypt output if PEM format
1.89 + * -aes192 - encrypt output if PEM format
1.90 + * -aes256 - encrypt output if PEM format
1.91 + * -text - print a text version
1.92 + * -modulus - print the RSA key modulus
1.93 + * -check - verify key consistency
1.94 + * -pubin - Expect a public key in input file.
1.95 + * -pubout - Output a public key.
1.96 + */
1.97 +
1.98 +
1.99 +int MAIN(int, char **);
1.100 +
1.101 +int MAIN(int argc, char **argv)
1.102 + {
1.103 + ENGINE *e = NULL;
1.104 + int ret=1;
1.105 + RSA *rsa=NULL;
1.106 + int i,badops=0, sgckey=0;
1.107 + const EVP_CIPHER *enc=NULL;
1.108 + BIO *out=NULL;
1.109 + int informat,outformat,text=0,check=0,noout=0;
1.110 + int pubin = 0, pubout = 0;
1.111 + char *infile,*outfile,*prog;
1.112 + char *passargin = NULL, *passargout = NULL;
1.113 + char *passin = NULL, *passout = NULL;
1.114 +#ifndef OPENSSL_NO_ENGINE
1.115 + char *engine=NULL;
1.116 +#endif
1.117 + int modulus=0;
1.118 +
1.119 + apps_startup();
1.120 +
1.121 + if (bio_err == NULL)
1.122 + if ((bio_err=BIO_new(BIO_s_file())) != NULL)
1.123 + BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
1.124 + if (!load_config(bio_err, NULL))
1.125 + goto end;
1.126 +
1.127 + infile=NULL;
1.128 + outfile=NULL;
1.129 + informat=FORMAT_PEM;
1.130 + outformat=FORMAT_PEM;
1.131 +
1.132 + prog=argv[0];
1.133 + argc--;
1.134 + argv++;
1.135 + while (argc >= 1)
1.136 + {
1.137 + if (strcmp(*argv,"-inform") == 0)
1.138 + {
1.139 + if (--argc < 1) goto bad;
1.140 + informat=str2fmt(*(++argv));
1.141 + }
1.142 + else if (strcmp(*argv,"-outform") == 0)
1.143 + {
1.144 + if (--argc < 1) goto bad;
1.145 + outformat=str2fmt(*(++argv));
1.146 + }
1.147 + else if (strcmp(*argv,"-in") == 0)
1.148 + {
1.149 + if (--argc < 1) goto bad;
1.150 + infile= *(++argv);
1.151 + }
1.152 + else if (strcmp(*argv,"-out") == 0)
1.153 + {
1.154 + if (--argc < 1) goto bad;
1.155 + outfile= *(++argv);
1.156 + }
1.157 + else if (strcmp(*argv,"-passin") == 0)
1.158 + {
1.159 + if (--argc < 1) goto bad;
1.160 + passargin= *(++argv);
1.161 + }
1.162 + else if (strcmp(*argv,"-passout") == 0)
1.163 + {
1.164 + if (--argc < 1) goto bad;
1.165 + passargout= *(++argv);
1.166 + }
1.167 +#ifndef OPENSSL_NO_ENGINE
1.168 + else if (strcmp(*argv,"-engine") == 0)
1.169 + {
1.170 + if (--argc < 1) goto bad;
1.171 + engine= *(++argv);
1.172 + }
1.173 +#endif
1.174 + else if (strcmp(*argv,"-sgckey") == 0)
1.175 + sgckey=1;
1.176 + else if (strcmp(*argv,"-pubin") == 0)
1.177 + pubin=1;
1.178 + else if (strcmp(*argv,"-pubout") == 0)
1.179 + pubout=1;
1.180 + else if (strcmp(*argv,"-noout") == 0)
1.181 + noout=1;
1.182 + else if (strcmp(*argv,"-text") == 0)
1.183 + text=1;
1.184 + else if (strcmp(*argv,"-modulus") == 0)
1.185 + modulus=1;
1.186 + else if (strcmp(*argv,"-check") == 0)
1.187 + check=1;
1.188 + else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
1.189 + {
1.190 + BIO_printf(bio_err,"unknown option %s\n",*argv);
1.191 + badops=1;
1.192 + break;
1.193 + }
1.194 + argc--;
1.195 + argv++;
1.196 + }
1.197 +
1.198 + if (badops)
1.199 + {
1.200 +bad:
1.201 + BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
1.202 + BIO_printf(bio_err,"where options are\n");
1.203 + BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n");
1.204 + BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n");
1.205 + BIO_printf(bio_err," -in arg input file\n");
1.206 + BIO_printf(bio_err," -sgckey Use IIS SGC key format\n");
1.207 + BIO_printf(bio_err," -passin arg input file pass phrase source\n");
1.208 + BIO_printf(bio_err," -out arg output file\n");
1.209 + BIO_printf(bio_err," -passout arg output file pass phrase source\n");
1.210 + BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
1.211 + BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
1.212 +#ifndef OPENSSL_NO_IDEA
1.213 + BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
1.214 +#endif
1.215 +#ifndef OPENSSL_NO_SEED
1.216 + BIO_printf(bio_err," -seed encrypt PEM output with cbc seed\n");
1.217 +#endif
1.218 +#ifndef OPENSSL_NO_AES
1.219 + BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
1.220 + BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
1.221 +#endif
1.222 + BIO_printf(bio_err," -text print the key in text\n");
1.223 + BIO_printf(bio_err," -noout don't print key out\n");
1.224 + BIO_printf(bio_err," -modulus print the RSA key modulus\n");
1.225 + BIO_printf(bio_err," -check verify key consistency\n");
1.226 + BIO_printf(bio_err," -pubin expect a public key in input file\n");
1.227 + BIO_printf(bio_err," -pubout output a public key\n");
1.228 +#ifndef OPENSSL_NO_ENGINE
1.229 + BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n");
1.230 +#endif
1.231 + goto end;
1.232 + }
1.233 +
1.234 + ERR_load_crypto_strings();
1.235 +
1.236 +#ifndef OPENSSL_NO_ENGINE
1.237 + e = setup_engine(bio_err, engine, 0);
1.238 +#endif
1.239 +
1.240 + if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
1.241 + BIO_printf(bio_err, "Error getting passwords\n");
1.242 + goto end;
1.243 + }
1.244 +
1.245 + if(check && pubin) {
1.246 + BIO_printf(bio_err, "Only private keys can be checked\n");
1.247 + goto end;
1.248 + }
1.249 +
1.250 + out=BIO_new(BIO_s_file());
1.251 +
1.252 + {
1.253 + EVP_PKEY *pkey;
1.254 +
1.255 + if (pubin)
1.256 + pkey = load_pubkey(bio_err, infile,
1.257 + (informat == FORMAT_NETSCAPE && sgckey ?
1.258 + FORMAT_IISSGC : informat), 1,
1.259 + passin, e, "Public Key");
1.260 + else
1.261 + pkey = load_key(bio_err, infile,
1.262 + (informat == FORMAT_NETSCAPE && sgckey ?
1.263 + FORMAT_IISSGC : informat), 1,
1.264 + passin, e, "Private Key");
1.265 +
1.266 + if (pkey != NULL)
1.267 + rsa = pkey == NULL ? NULL : EVP_PKEY_get1_RSA(pkey);
1.268 + EVP_PKEY_free(pkey);
1.269 + }
1.270 +
1.271 + if (rsa == NULL)
1.272 + {
1.273 + ERR_print_errors(bio_err);
1.274 + goto end;
1.275 + }
1.276 +
1.277 + if (outfile == NULL)
1.278 + {
1.279 + BIO_set_fp(out,stdout,BIO_NOCLOSE);
1.280 +#ifdef OPENSSL_SYS_VMS
1.281 + {
1.282 + BIO *tmpbio = BIO_new(BIO_f_linebuffer());
1.283 + out = BIO_push(tmpbio, out);
1.284 + }
1.285 +#endif
1.286 + }
1.287 + else
1.288 + {
1.289 + if (BIO_write_filename(out,outfile) <= 0)
1.290 + {
1.291 + perror(outfile);
1.292 + goto end;
1.293 + }
1.294 + }
1.295 +
1.296 + if (text)
1.297 + if (!RSA_print(out,rsa,0))
1.298 + {
1.299 + perror(outfile);
1.300 + ERR_print_errors(bio_err);
1.301 + goto end;
1.302 + }
1.303 +
1.304 + if (modulus)
1.305 + {
1.306 + BIO_printf(out,"Modulus=");
1.307 + BN_print(out,rsa->n);
1.308 + BIO_printf(out,"\n");
1.309 + }
1.310 +
1.311 + if (check)
1.312 + {
1.313 + int r = RSA_check_key(rsa);
1.314 +
1.315 + if (r == 1)
1.316 + BIO_printf(out,"RSA key ok\n");
1.317 + else if (r == 0)
1.318 + {
1.319 + unsigned long err;
1.320 +
1.321 + while ((err = ERR_peek_error()) != 0 &&
1.322 + ERR_GET_LIB(err) == ERR_LIB_RSA &&
1.323 + ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
1.324 + ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE)
1.325 + {
1.326 + BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(err));
1.327 + ERR_get_error(); /* remove e from error stack */
1.328 + }
1.329 + }
1.330 +
1.331 + if (r == -1 || ERR_peek_error() != 0) /* should happen only if r == -1 */
1.332 + {
1.333 + ERR_print_errors(bio_err);
1.334 + goto end;
1.335 + }
1.336 + }
1.337 +
1.338 + if (noout)
1.339 + {
1.340 + ret = 0;
1.341 + goto end;
1.342 + }
1.343 + BIO_printf(bio_err,"writing RSA key\n");
1.344 + if (outformat == FORMAT_ASN1) {
1.345 + if(pubout || pubin) i=i2d_RSA_PUBKEY_bio(out,rsa);
1.346 + else i=i2d_RSAPrivateKey_bio(out,rsa);
1.347 + }
1.348 +#ifndef OPENSSL_NO_RC4
1.349 + else if (outformat == FORMAT_NETSCAPE)
1.350 + {
1.351 + unsigned char *p,*pp;
1.352 + int size;
1.353 +
1.354 + i=1;
1.355 + size=i2d_RSA_NET(rsa,NULL,NULL, sgckey);
1.356 + if ((p=(unsigned char *)OPENSSL_malloc(size)) == NULL)
1.357 + {
1.358 + BIO_printf(bio_err,"Memory allocation failure\n");
1.359 + goto end;
1.360 + }
1.361 + pp=p;
1.362 + i2d_RSA_NET(rsa,&p,NULL, sgckey);
1.363 + BIO_write(out,(char *)pp,size);
1.364 + OPENSSL_free(pp);
1.365 + }
1.366 +#endif
1.367 + else if (outformat == FORMAT_PEM) {
1.368 + if(pubout || pubin)
1.369 + i=PEM_write_bio_RSA_PUBKEY(out,rsa);
1.370 + else i=PEM_write_bio_RSAPrivateKey(out,rsa,
1.371 + enc,NULL,0,NULL,passout);
1.372 + } else {
1.373 + BIO_printf(bio_err,"bad output format specified for outfile\n");
1.374 + goto end;
1.375 + }
1.376 + if (!i)
1.377 + {
1.378 + BIO_printf(bio_err,"unable to write key\n");
1.379 + ERR_print_errors(bio_err);
1.380 + }
1.381 + else
1.382 + ret=0;
1.383 +end:
1.384 + if(out != NULL) BIO_free_all(out);
1.385 + if(rsa != NULL) RSA_free(rsa);
1.386 + if(passin) OPENSSL_free(passin);
1.387 + if(passout) OPENSSL_free(passout);
1.388 + apps_shutdown();
1.389 + OPENSSL_EXIT(ret);
1.390 + }
1.391 +#else /* !OPENSSL_NO_RSA */
1.392 +
1.393 +# if PEDANTIC
1.394 +static void *dummy=&dummy;
1.395 +# endif
1.396 +
1.397 +#endif