1 files changed, 183 insertions, 70 deletions
diff --git a/src/usr.bin/openssl/genrsa.c b/src/usr.bin/openssl/genrsa.c
index 3ed2835631..63d3de4218 100644
--- a/src/usr.bin/openssl/genrsa.c
+++ b/src/usr.bin/openssl/genrsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: genrsa.c,v 1.13 2019/06/19 01:51:14 inoguchi Exp $ */
+/* $OpenBSD: genrsa.c,v 1.14 2019/07/09 11:02:52 inoguchi Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -92,12 +92,188 @@ static struct {
        char *passargout;
 } genrsa_config;
+static int
+set_public_exponent(int argc, char **argv, int *argsused)
+{
+        char *option = argv[0];
+        if (strcmp(option, "-3") == 0)
+                genrsa_config.f4 = 3;
+        else if (strcmp(option, "-f4") == 0 || strcmp(option, "-F4") == 0)
+                genrsa_config.f4 = RSA_F4;
+        else
+                return (1);
+        *argsused = 1;
+        return (0);
+}
+static const EVP_CIPHER *get_cipher_by_name(char *name)
+{
+        if (name == NULL || strcmp(name, "") == 0)
+                return (NULL);
+#ifndef OPENSSL_NO_AES
+        else if (strcmp(name, "aes128") == 0)
+                return EVP_aes_128_cbc();
+        else if (strcmp(name, "aes192") == 0)
+                return EVP_aes_192_cbc();
+        else if (strcmp(name, "aes256") == 0)
+                return EVP_aes_256_cbc();
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+        else if (strcmp(name, "camellia128") == 0)
+                return EVP_camellia_128_cbc();
+        else if (strcmp(name, "camellia192") == 0)
+                return EVP_camellia_192_cbc();
+        else if (strcmp(name, "camellia256") == 0)
+                return EVP_camellia_256_cbc();
+#endif
+#ifndef OPENSSL_NO_DES
+        else if (strcmp(name, "des") == 0)
+                return EVP_des_cbc();
+        else if (strcmp(name, "des3") == 0)
+                return EVP_des_ede3_cbc();
+#endif
+#ifndef OPENSSL_NO_IDEA
+        else if (strcmp(name, "idea") == 0)
+                return EVP_idea_cbc();
+#endif
+        else
+                return (NULL);
+}
+static int
+set_enc(int argc, char **argv, int *argsused)
+{
+        char *name = argv[0];
+        if (*name++ != '-')
+                return (1);
+        if ((genrsa_config.enc = get_cipher_by_name(name)) == NULL)
+                return (1);
+        *argsused = 1;
+        return (0);
+}
+static struct option genrsa_options[] = {
+        {
+                .name = "3",
+                .desc = "Use 3 for the E value",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_public_exponent,
+        },
+        {
+                .name = "f4",
+                .desc = "Use F4 (0x10001) for the E value",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_public_exponent,
+        },
+        {
+                .name = "F4",
+                .desc = "Use F4 (0x10001) for the E value",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_public_exponent,
+        },
+#ifndef OPENSSL_NO_AES
+        {
+                .name = "aes128",
+                .desc = "Encrypt PEM output with cbc aes",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_enc,
+        },
+        {
+                .name = "aes192",
+                .desc = "Encrypt PEM output with cbc aes",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_enc,
+        },
+        {
+                .name = "aes256",
+                .desc = "Encrypt PEM output with cbc aes",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_enc,
+        },
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+        {
+                .name = "camellia128",
+                .desc = "Encrypt PEM output with cbc camellia",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_enc,
+        },
+        {
+                .name = "camellia192",
+                .desc = "Encrypt PEM output with cbc camellia",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_enc,
+        },
+        {
+                .name = "camellia256",
+                .desc = "Encrypt PEM output with cbc camellia",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_enc,
+        },
+#endif
+#ifndef OPENSSL_NO_DES
+        {
+                .name = "des",
+                .desc = "Encrypt the generated key with DES in cbc mode",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_enc,
+        },
+        {
+                .name = "des3",
+                .desc = "Encrypt the generated key with DES in ede cbc mode (168 bit key)",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_enc,
+        },
+#endif
+#ifndef OPENSSL_NO_IDEA
+        {
+                .name = "idea",
+                .desc = "Encrypt the generated key with IDEA in cbc mode",
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = set_enc,
+        },
+#endif
+        {
+                .name = "out",
+                .argname = "file",
+                .desc = "Output the key to 'file'",
+                .type = OPTION_ARG,
+                .opt.arg = &genrsa_config.outfile,
+        },
+        {
+                .name = "passout",
+                .argname = "arg",
+                .desc = "Output file passphrase source",
+                .type = OPTION_ARG,
+                .opt.arg = &genrsa_config.passargout,
+        },
+        { NULL },
+};
+static void
+genrsa_usage(void)
+{
+        fprintf(stderr, "usage: genrsa [-3 | -f4] [-aes128 | -aes192 |");
+        fprintf(stderr, " -aes256 |\n");
+        fprintf(stderr, "    -camellia128 | -camellia192 | -camellia256 |");
+        fprintf(stderr, " -des | -des3 | -idea]\n");
+        fprintf(stderr, "    [-out file] [-passout arg] [numbits]\n\n");
+        options_usage(genrsa_options);
+        fprintf(stderr, "\n");
+}
 int
 genrsa_main(int argc, char **argv)
 {
        BN_GENCB cb;
        int ret = 1;
        int i, num = DEFBITS;
+        char *numbits= NULL;
        long l;
        char *passout = NULL;
        BIO *out = NULL;
@@ -124,76 +300,13 @@ genrsa_main(int argc, char **argv)
        memset(&genrsa_config, 0, sizeof(genrsa_config));
        genrsa_config.f4 = RSA_F4;
-        argv++;
+        if (options_parse(argc, argv, genrsa_options, &numbits, NULL) != 0) {
-        argc--;
+                genrsa_usage();
-        for (;;) {
+                goto err;
-                if (argc <= 0)
-                        break;
-                if (strcmp(*argv, "-out") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        genrsa_config.outfile = *(++argv);
-                } else if (strcmp(*argv, "-3") == 0)
-                        genrsa_config.f4 = 3;
-                else if (strcmp(*argv, "-F4") == 0 || strcmp(*argv, "-f4") == 0)
-                        genrsa_config.f4 = RSA_F4;
-#ifndef OPENSSL_NO_DES
-                else if (strcmp(*argv, "-des") == 0)
-                        genrsa_config.enc = EVP_des_cbc();
-                else if (strcmp(*argv, "-des3") == 0)
-                        genrsa_config.enc = EVP_des_ede3_cbc();
-#endif
-#ifndef OPENSSL_NO_IDEA
-                else if (strcmp(*argv, "-idea") == 0)
-                        genrsa_config.enc = EVP_idea_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
-                else if (strcmp(*argv, "-aes128") == 0)
-                        genrsa_config.enc = EVP_aes_128_cbc();
-                else if (strcmp(*argv, "-aes192") == 0)
-                        genrsa_config.enc = EVP_aes_192_cbc();
-                else if (strcmp(*argv, "-aes256") == 0)
-                        genrsa_config.enc = EVP_aes_256_cbc();
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-                else if (strcmp(*argv, "-camellia128") == 0)
-                        genrsa_config.enc = EVP_camellia_128_cbc();
-                else if (strcmp(*argv, "-camellia192") == 0)
-                        genrsa_config.enc = EVP_camellia_192_cbc();
-                else if (strcmp(*argv, "-camellia256") == 0)
-                        genrsa_config.enc = EVP_camellia_256_cbc();
-#endif
-                else if (strcmp(*argv, "-passout") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        genrsa_config.passargout = *(++argv);
-                } else
-                        break;
-                argv++;
-                argc--;
        }
-        if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
- bad:
+        if ((numbits != NULL) && ((sscanf(numbits, "%d", &num) == 0) || (num < 0))) {
-                BIO_printf(bio_err, "usage: genrsa [args] [numbits]\n");
+                genrsa_usage();
-#ifndef OPENSSL_NO_DES
-                BIO_printf(bio_err, " -des            encrypt the generated key with DES in cbc mode\n");
-                BIO_printf(bio_err, " -des3           encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#endif
-#ifndef OPENSSL_NO_IDEA
-                BIO_printf(bio_err, " -idea           encrypt the generated key with IDEA in cbc mode\n");
-#endif
-#ifndef OPENSSL_NO_AES
-                BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
-                BIO_printf(bio_err, "                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-                BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
-                BIO_printf(bio_err, "                 encrypt PEM output with cbc camellia\n");
-#endif
-                BIO_printf(bio_err, " -out file       output the key to 'file\n");
-                BIO_printf(bio_err, " -passout arg    output file pass phrase source\n");
-                BIO_printf(bio_err, " -f4             use F4 (0x10001) for the E value\n");
-                BIO_printf(bio_err, " -3              use 3 for the E value\n");
                goto err;
        }

diff --git a/src/usr.bin/openssl/genrsa.c b/src/usr.bin/openssl/genrsa.c index 3ed2835631..63d3de4218 100644 --- a/src/usr.bin/openssl/genrsa.c +++ b/src/usr.bin/openssl/genrsa.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: genrsa.c,v 1.13 2019/06/19 01:51:14 inoguchi Exp $ */	1	/* $OpenBSD: genrsa.c,v 1.14 2019/07/09 11:02:52 inoguchi Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -92,12 +92,188 @@ static struct {
92	char *passargout;	92	char *passargout;
93	} genrsa_config;	93	} genrsa_config;
94		94
		95	static int
		96	set_public_exponent(int argc, char *argv, int argsused)
		97	{
		98	char *option = argv[0];
		99
		100	if (strcmp(option, "-3") == 0)
		101	genrsa_config.f4 = 3;
		102	else if (strcmp(option, "-f4") == 0 \|\| strcmp(option, "-F4") == 0)
		103	genrsa_config.f4 = RSA_F4;
		104	else
		105	return (1);
		106
		107	*argsused = 1;
		108	return (0);
		109	}
		110
		111	static const EVP_CIPHER get_cipher_by_name(char name)
		112	{
		113	if (name == NULL \|\| strcmp(name, "") == 0)
		114	return (NULL);
		115	#ifndef OPENSSL_NO_AES
		116	else if (strcmp(name, "aes128") == 0)
		117	return EVP_aes_128_cbc();
		118	else if (strcmp(name, "aes192") == 0)
		119	return EVP_aes_192_cbc();
		120	else if (strcmp(name, "aes256") == 0)
		121	return EVP_aes_256_cbc();
		122	#endif
		123	#ifndef OPENSSL_NO_CAMELLIA
		124	else if (strcmp(name, "camellia128") == 0)
		125	return EVP_camellia_128_cbc();
		126	else if (strcmp(name, "camellia192") == 0)
		127	return EVP_camellia_192_cbc();
		128	else if (strcmp(name, "camellia256") == 0)
		129	return EVP_camellia_256_cbc();
		130	#endif
		131	#ifndef OPENSSL_NO_DES
		132	else if (strcmp(name, "des") == 0)
		133	return EVP_des_cbc();
		134	else if (strcmp(name, "des3") == 0)
		135	return EVP_des_ede3_cbc();
		136	#endif
		137	#ifndef OPENSSL_NO_IDEA
		138	else if (strcmp(name, "idea") == 0)
		139	return EVP_idea_cbc();
		140	#endif
		141	else
		142	return (NULL);
		143	}
		144
		145	static int
		146	set_enc(int argc, char *argv, int argsused)
		147	{
		148	char *name = argv[0];
		149
		150	if (*name++ != '-')
		151	return (1);
		152
		153	if ((genrsa_config.enc = get_cipher_by_name(name)) == NULL)
		154	return (1);
		155
		156	*argsused = 1;
		157	return (0);
		158	}
		159
		160	static struct option genrsa_options[] = {
		161	{
		162	.name = "3",
		163	.desc = "Use 3 for the E value",
		164	.type = OPTION_ARGV_FUNC,
		165	.opt.argvfunc = set_public_exponent,
		166	},
		167	{
		168	.name = "f4",
		169	.desc = "Use F4 (0x10001) for the E value",
		170	.type = OPTION_ARGV_FUNC,
		171	.opt.argvfunc = set_public_exponent,
		172	},
		173	{
		174	.name = "F4",
		175	.desc = "Use F4 (0x10001) for the E value",
		176	.type = OPTION_ARGV_FUNC,
		177	.opt.argvfunc = set_public_exponent,
		178	},
		179	#ifndef OPENSSL_NO_AES
		180	{
		181	.name = "aes128",
		182	.desc = "Encrypt PEM output with cbc aes",
		183	.type = OPTION_ARGV_FUNC,
		184	.opt.argvfunc = set_enc,
		185	},
		186	{
		187	.name = "aes192",
		188	.desc = "Encrypt PEM output with cbc aes",
		189	.type = OPTION_ARGV_FUNC,
		190	.opt.argvfunc = set_enc,
		191	},
		192	{
		193	.name = "aes256",
		194	.desc = "Encrypt PEM output with cbc aes",
		195	.type = OPTION_ARGV_FUNC,
		196	.opt.argvfunc = set_enc,
		197	},
		198	#endif
		199	#ifndef OPENSSL_NO_CAMELLIA
		200	{
		201	.name = "camellia128",
		202	.desc = "Encrypt PEM output with cbc camellia",
		203	.type = OPTION_ARGV_FUNC,
		204	.opt.argvfunc = set_enc,
		205	},
		206	{
		207	.name = "camellia192",
		208	.desc = "Encrypt PEM output with cbc camellia",
		209	.type = OPTION_ARGV_FUNC,
		210	.opt.argvfunc = set_enc,
		211	},
		212	{
		213	.name = "camellia256",
		214	.desc = "Encrypt PEM output with cbc camellia",
		215	.type = OPTION_ARGV_FUNC,
		216	.opt.argvfunc = set_enc,
		217	},
		218	#endif
		219	#ifndef OPENSSL_NO_DES
		220	{
		221	.name = "des",
		222	.desc = "Encrypt the generated key with DES in cbc mode",
		223	.type = OPTION_ARGV_FUNC,
		224	.opt.argvfunc = set_enc,
		225	},
		226	{
		227	.name = "des3",
		228	.desc = "Encrypt the generated key with DES in ede cbc mode (168 bit key)",
		229	.type = OPTION_ARGV_FUNC,
		230	.opt.argvfunc = set_enc,
		231	},
		232	#endif
		233	#ifndef OPENSSL_NO_IDEA
		234	{
		235	.name = "idea",
		236	.desc = "Encrypt the generated key with IDEA in cbc mode",
		237	.type = OPTION_ARGV_FUNC,
		238	.opt.argvfunc = set_enc,
		239	},
		240	#endif
		241	{
		242	.name = "out",
		243	.argname = "file",
		244	.desc = "Output the key to 'file'",
		245	.type = OPTION_ARG,
		246	.opt.arg = &genrsa_config.outfile,
		247	},
		248	{
		249	.name = "passout",
		250	.argname = "arg",
		251	.desc = "Output file passphrase source",
		252	.type = OPTION_ARG,
		253	.opt.arg = &genrsa_config.passargout,
		254	},
		255	{ NULL },
		256	};
		257
		258	static void
		259	genrsa_usage(void)
		260	{
		261	fprintf(stderr, "usage: genrsa [-3 \| -f4] [-aes128 \| -aes192 \|");
		262	fprintf(stderr, " -aes256 \|\n");
		263	fprintf(stderr, " -camellia128 \| -camellia192 \| -camellia256 \|");
		264	fprintf(stderr, " -des \| -des3 \| -idea]\n");
		265	fprintf(stderr, " [-out file] [-passout arg] [numbits]\n\n");
		266	options_usage(genrsa_options);
		267	fprintf(stderr, "\n");
		268	}
		269
95	int	270	int
96	genrsa_main(int argc, char **argv)	271	genrsa_main(int argc, char **argv)
97	{	272	{
98	BN_GENCB cb;	273	BN_GENCB cb;
99	int ret = 1;	274	int ret = 1;
100	int i, num = DEFBITS;	275	int i, num = DEFBITS;
		276	char *numbits= NULL;
101	long l;	277	long l;
102	char *passout = NULL;	278	char *passout = NULL;
103	BIO *out = NULL;	279	BIO *out = NULL;
@@ -124,76 +300,13 @@ genrsa_main(int argc, char **argv)
124	memset(&genrsa_config, 0, sizeof(genrsa_config));	300	memset(&genrsa_config, 0, sizeof(genrsa_config));
125	genrsa_config.f4 = RSA_F4;	301	genrsa_config.f4 = RSA_F4;
126		302
127	argv++;	303	if (options_parse(argc, argv, genrsa_options, &numbits, NULL) != 0) {
128	argc--;	304	genrsa_usage();
129	for (;;) {	305	goto err;
130	if (argc <= 0)
131	break;
132	if (strcmp(*argv, "-out") == 0) {
133	if (--argc < 1)
134	goto bad;
135	genrsa_config.outfile = *(++argv);
136	} else if (strcmp(*argv, "-3") == 0)
137	genrsa_config.f4 = 3;
138	else if (strcmp(argv, "-F4") == 0 \|\| strcmp(argv, "-f4") == 0)
139	genrsa_config.f4 = RSA_F4;
140	#ifndef OPENSSL_NO_DES
141	else if (strcmp(*argv, "-des") == 0)
142	genrsa_config.enc = EVP_des_cbc();
143	else if (strcmp(*argv, "-des3") == 0)
144	genrsa_config.enc = EVP_des_ede3_cbc();
145	#endif
146	#ifndef OPENSSL_NO_IDEA
147	else if (strcmp(*argv, "-idea") == 0)
148	genrsa_config.enc = EVP_idea_cbc();
149	#endif
150	#ifndef OPENSSL_NO_AES
151	else if (strcmp(*argv, "-aes128") == 0)
152	genrsa_config.enc = EVP_aes_128_cbc();
153	else if (strcmp(*argv, "-aes192") == 0)
154	genrsa_config.enc = EVP_aes_192_cbc();
155	else if (strcmp(*argv, "-aes256") == 0)
156	genrsa_config.enc = EVP_aes_256_cbc();
157	#endif
158	#ifndef OPENSSL_NO_CAMELLIA
159	else if (strcmp(*argv, "-camellia128") == 0)
160	genrsa_config.enc = EVP_camellia_128_cbc();
161	else if (strcmp(*argv, "-camellia192") == 0)
162	genrsa_config.enc = EVP_camellia_192_cbc();
163	else if (strcmp(*argv, "-camellia256") == 0)
164	genrsa_config.enc = EVP_camellia_256_cbc();
165	#endif
166	else if (strcmp(*argv, "-passout") == 0) {
167	if (--argc < 1)
168	goto bad;
169	genrsa_config.passargout = *(++argv);
170	} else
171	break;
172	argv++;
173	argc--;
174	}	306	}
175	if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) \|\| (num < 0))) {	307
176	bad:	308	if ((numbits != NULL) && ((sscanf(numbits, "%d", &num) == 0) \|\| (num < 0))) {
177	BIO_printf(bio_err, "usage: genrsa [args] [numbits]\n");	309	genrsa_usage();
178	#ifndef OPENSSL_NO_DES
179	BIO_printf(bio_err, " -des encrypt the generated key with DES in cbc mode\n");
180	BIO_printf(bio_err, " -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
181	#endif
182	#ifndef OPENSSL_NO_IDEA
183	BIO_printf(bio_err, " -idea encrypt the generated key with IDEA in cbc mode\n");
184	#endif
185	#ifndef OPENSSL_NO_AES
186	BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
187	BIO_printf(bio_err, " encrypt PEM output with cbc aes\n");
188	#endif
189	#ifndef OPENSSL_NO_CAMELLIA
190	BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
191	BIO_printf(bio_err, " encrypt PEM output with cbc camellia\n");
192	#endif
193	BIO_printf(bio_err, " -out file output the key to 'file\n");
194	BIO_printf(bio_err, " -passout arg output file pass phrase source\n");
195	BIO_printf(bio_err, " -f4 use F4 (0x10001) for the E value\n");
196	BIO_printf(bio_err, " -3 use 3 for the E value\n");
197	goto err;	310	goto err;
198	}	311	}
199		312