diff options
| author | tb <> | 2021-11-20 18:10:48 +0000 |
|---|---|---|
| committer | tb <> | 2021-11-20 18:10:48 +0000 |
| commit | 4541acfc7d43d097ced3da574e8f80ec2529ee55 (patch) | |
| tree | 3b802e89fdcb5de312935cb76899b338d6c0999d /src/usr.bin/openssl/genrsa.c | |
| parent | 8e14ae7de26c61b00f26ed3704578c591fe6ae43 (diff) | |
| download | openbsd-4541acfc7d43d097ced3da574e8f80ec2529ee55.tar.gz openbsd-4541acfc7d43d097ced3da574e8f80ec2529ee55.tar.bz2 openbsd-4541acfc7d43d097ced3da574e8f80ec2529ee55.zip | |
Convert openssl(1) to using BN_GENCB on the heap
This is three times the same thing while genrsa needs some extra steps
to deal with opaque BIGNUMs. We can also garbage collect some Win 3.1
contortions and use the conversion routines directly instead of doing
them manually.
ok jsing
Diffstat (limited to 'src/usr.bin/openssl/genrsa.c')
| -rw-r--r-- | src/usr.bin/openssl/genrsa.c | 55 |
1 files changed, 29 insertions, 26 deletions
diff --git a/src/usr.bin/openssl/genrsa.c b/src/usr.bin/openssl/genrsa.c index f0cea1f9b1..024fa88d26 100644 --- a/src/usr.bin/openssl/genrsa.c +++ b/src/usr.bin/openssl/genrsa.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: genrsa.c,v 1.17 2019/07/24 14:23:25 inoguchi Exp $ */ | 1 | /* $OpenBSD: genrsa.c,v 1.18 2021/11/20 18:10:48 tb Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -83,7 +83,7 @@ | |||
| 83 | 83 | ||
| 84 | #define DEFBITS 2048 | 84 | #define DEFBITS 2048 |
| 85 | 85 | ||
| 86 | static int genrsa_cb(int p, int n, BN_GENCB * cb); | 86 | static int genrsa_cb(int p, int n, BN_GENCB *cb); |
| 87 | 87 | ||
| 88 | static struct { | 88 | static struct { |
| 89 | const EVP_CIPHER *enc; | 89 | const EVP_CIPHER *enc; |
| @@ -270,15 +270,16 @@ genrsa_usage(void) | |||
| 270 | int | 270 | int |
| 271 | genrsa_main(int argc, char **argv) | 271 | genrsa_main(int argc, char **argv) |
| 272 | { | 272 | { |
| 273 | BN_GENCB cb; | 273 | BN_GENCB *cb = NULL; |
| 274 | int ret = 1; | 274 | int ret = 1; |
| 275 | int i, num = DEFBITS; | 275 | int num = DEFBITS; |
| 276 | char *numbits= NULL; | 276 | char *numbits = NULL; |
| 277 | long l; | ||
| 278 | char *passout = NULL; | 277 | char *passout = NULL; |
| 279 | BIO *out = NULL; | 278 | BIO *out = NULL; |
| 280 | BIGNUM *bn = BN_new(); | 279 | BIGNUM *bn = NULL; |
| 281 | RSA *rsa = NULL; | 280 | RSA *rsa = NULL; |
| 281 | const BIGNUM *rsa_e = NULL; | ||
| 282 | char *rsa_e_hex = NULL, *rsa_e_dec = NULL; | ||
| 282 | 283 | ||
| 283 | if (single_execution) { | 284 | if (single_execution) { |
| 284 | if (pledge("stdio cpath wpath rpath tty", NULL) == -1) { | 285 | if (pledge("stdio cpath wpath rpath tty", NULL) == -1) { |
| @@ -287,10 +288,15 @@ genrsa_main(int argc, char **argv) | |||
| 287 | } | 288 | } |
| 288 | } | 289 | } |
| 289 | 290 | ||
| 290 | if (!bn) | 291 | if ((bn = BN_new()) == NULL) |
| 291 | goto err; | 292 | goto err; |
| 292 | 293 | ||
| 293 | BN_GENCB_set(&cb, genrsa_cb, bio_err); | 294 | if ((cb = BN_GENCB_new()) == NULL) { |
| 295 | BIO_printf(bio_err, "Error allocating BN_GENCB object\n"); | ||
| 296 | goto err; | ||
| 297 | } | ||
| 298 | |||
| 299 | BN_GENCB_set(cb, genrsa_cb, bio_err); | ||
| 294 | 300 | ||
| 295 | if ((out = BIO_new(BIO_s_file())) == NULL) { | 301 | if ((out = BIO_new(BIO_s_file())) == NULL) { |
| 296 | BIO_printf(bio_err, "unable to create BIO for output\n"); | 302 | BIO_printf(bio_err, "unable to create BIO for output\n"); |
| @@ -333,22 +339,16 @@ genrsa_main(int argc, char **argv) | |||
| 333 | goto err; | 339 | goto err; |
| 334 | 340 | ||
| 335 | if (!BN_set_word(bn, genrsa_config.f4) || | 341 | if (!BN_set_word(bn, genrsa_config.f4) || |
| 336 | !RSA_generate_key_ex(rsa, num, bn, &cb)) | 342 | !RSA_generate_key_ex(rsa, num, bn, cb)) |
| 337 | goto err; | 343 | goto err; |
| 338 | 344 | ||
| 339 | /* | 345 | RSA_get0_key(rsa, NULL, &rsa_e, NULL); |
| 340 | * We need to do the following for when the base number size is < | 346 | if ((rsa_e_hex = BN_bn2hex(rsa_e)) == NULL) |
| 341 | * long, esp windows 3.1 :-(. | 347 | goto err; |
| 342 | */ | 348 | if ((rsa_e_dec = BN_bn2dec(rsa_e)) == NULL) |
| 343 | l = 0L; | 349 | goto err; |
| 344 | for (i = 0; i < rsa->e->top; i++) { | 350 | |
| 345 | #ifndef _LP64 | 351 | BIO_printf(bio_err, "e is %s (0x%s)\n", rsa_e_hex, rsa_e_dec); |
| 346 | l <<= BN_BITS4; | ||
| 347 | l <<= BN_BITS4; | ||
| 348 | #endif | ||
| 349 | l += rsa->e->d[i]; | ||
| 350 | } | ||
| 351 | BIO_printf(bio_err, "e is %ld (0x%lX)\n", l, l); | ||
| 352 | { | 352 | { |
| 353 | PW_CB_DATA cb_data; | 353 | PW_CB_DATA cb_data; |
| 354 | cb_data.password = passout; | 354 | cb_data.password = passout; |
| @@ -361,8 +361,11 @@ genrsa_main(int argc, char **argv) | |||
| 361 | ret = 0; | 361 | ret = 0; |
| 362 | err: | 362 | err: |
| 363 | BN_free(bn); | 363 | BN_free(bn); |
| 364 | BN_GENCB_free(cb); | ||
| 364 | RSA_free(rsa); | 365 | RSA_free(rsa); |
| 365 | BIO_free_all(out); | 366 | BIO_free_all(out); |
| 367 | free(rsa_e_dec); | ||
| 368 | free(rsa_e_hex); | ||
| 366 | free(passout); | 369 | free(passout); |
| 367 | 370 | ||
| 368 | if (ret != 0) | 371 | if (ret != 0) |
| @@ -372,7 +375,7 @@ genrsa_main(int argc, char **argv) | |||
| 372 | } | 375 | } |
| 373 | 376 | ||
| 374 | static int | 377 | static int |
| 375 | genrsa_cb(int p, int n, BN_GENCB * cb) | 378 | genrsa_cb(int p, int n, BN_GENCB *cb) |
| 376 | { | 379 | { |
| 377 | char c = '*'; | 380 | char c = '*'; |
| 378 | 381 | ||
| @@ -384,7 +387,7 @@ genrsa_cb(int p, int n, BN_GENCB * cb) | |||
| 384 | c = '*'; | 387 | c = '*'; |
| 385 | if (p == 3) | 388 | if (p == 3) |
| 386 | c = '\n'; | 389 | c = '\n'; |
| 387 | BIO_write(cb->arg, &c, 1); | 390 | BIO_write(BN_GENCB_get_arg(cb), &c, 1); |
| 388 | (void) BIO_flush(cb->arg); | 391 | (void) BIO_flush(BN_GENCB_get_arg(cb)); |
| 389 | return 1; | 392 | return 1; |
| 390 | } | 393 | } |