1 files changed, 98 insertions, 67 deletions
diff --git a/src/lib/libssl/src/apps/gendsa.c b/src/lib/libssl/src/apps/gendsa.c
index e0e5afa400..1e1e9f3e4c 100644
--- a/src/lib/libssl/src/apps/gendsa.c
+++ b/src/lib/libssl/src/apps/gendsa.c
@@ -56,39 +56,36 @@
 * [including the GNU Public Licence.]
 */
+#ifndef OPENSSL_NO_DSA
 #include <stdio.h>
 #include <string.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include "apps.h"
-#include "bio.h"
+#include <openssl/bio.h>
-#include "rand.h"
+#include <openssl/err.h>
-#include "err.h"
+#include <openssl/bn.h>
-#include "bn.h"
+#include <openssl/dsa.h>
-#include "dsa.h"
+#include <openssl/x509.h>
-#include "x509.h"
+#include <openssl/pem.h>
-#include "pem.h"
 #define DEFBITS 512
 #undef PROG
 #define PROG gendsa_main
-#ifndef NOPROTO
+int MAIN(int, char **);
-static long dsa_load_rand(char *names);
-#else
-static long dsa_load_rand();
-#endif
-int MAIN(argc, argv)
+int MAIN(int argc, char **argv)
-int argc;
-char **argv;
        {
-        char buffer[200];
+        ENGINE *e = NULL;
        DSA *dsa=NULL;
-        int ret=1,num=DEFBITS;
+        int ret=1;
        char *outfile=NULL;
-        char *inrand=NULL,*randfile,*dsaparams=NULL;
+        char *inrand=NULL,*dsaparams=NULL;
+        char *passargout = NULL, *passout = NULL;
        BIO *out=NULL,*in=NULL;
+        const EVP_CIPHER *enc=NULL;
+        char *engine=NULL;
        apps_startup();
@@ -96,6 +93,9 @@ char **argv;
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
                        BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);
+        if (!load_config(bio_err, NULL))
+                goto end;
        argv++;
        argc--;
        for (;;)
@@ -106,6 +106,16 @@ char **argv;
                        if (--argc < 1) goto bad;
                        outfile= *(++argv);
                        }
+                else if (strcmp(*argv,"-passout") == 0)
+                        {
+                        if (--argc < 1) goto bad;
+                        passargout= *(++argv);
+                        }
+                else if (strcmp(*argv,"-engine") == 0)
+                        {
+                        if (--argc < 1) goto bad;
+                        engine= *(++argv);
+                        }
                else if (strcmp(*argv,"-rand") == 0)
                        {
                        if (--argc < 1) goto bad;
@@ -113,9 +123,27 @@ char **argv;
                        }
                else if (strcmp(*argv,"-") == 0)
                        goto bad;
-                else if (dsaparams == NULL)
+#ifndef OPENSSL_NO_DES
+                else if (strcmp(*argv,"-des") == 0)
+                        enc=EVP_des_cbc();
+                else if (strcmp(*argv,"-des3") == 0)
+                        enc=EVP_des_ede3_cbc();
+#endif
+#ifndef OPENSSL_NO_IDEA
+                else if (strcmp(*argv,"-idea") == 0)
+                        enc=EVP_idea_cbc();
+#endif
+#ifndef OPENSSL_NO_AES
+                else if (strcmp(*argv,"-aes128") == 0)
+                        enc=EVP_aes_128_cbc();
+                else if (strcmp(*argv,"-aes192") == 0)
+                        enc=EVP_aes_192_cbc();
+                else if (strcmp(*argv,"-aes256") == 0)
+                        enc=EVP_aes_256_cbc();
+#endif
+                else if (**argv != '-' && dsaparams == NULL)
                        {
-                        dsaparams= *argv;
+                        dsaparams = *argv;
                        }
                else
                        goto bad;
@@ -126,33 +154,64 @@ char **argv;
        if (dsaparams == NULL)
                {
 bad:
-                BIO_printf(bio_err,"usage: gendsa [args] [numbits]\n");
+                BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
-                BIO_printf(bio_err," -out file - output the key to 'file\n");
+                BIO_printf(bio_err," -out file - output the key to 'file'\n");
-                BIO_printf(bio_err," -rand file:file:...\n");
+#ifndef OPENSSL_NO_DES
+                BIO_printf(bio_err," -des      - encrypt the generated key with DES in cbc mode\n");
+                BIO_printf(bio_err," -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
+#endif
+#ifndef OPENSSL_NO_IDEA
+                BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
+#endif
+#ifndef OPENSSL_NO_AES
+                BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
+                BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
+#endif
+                BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
+                BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
                BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
                BIO_printf(bio_err,"             the random number generator\n");
+                BIO_printf(bio_err," dsaparam-file\n");
+                BIO_printf(bio_err,"           - a DSA parameter file as generated by the dsaparam command\n");
                goto end;
                }
+        e = setup_engine(bio_err, engine, 0);
+        if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
+                BIO_printf(bio_err, "Error getting password\n");
+                goto end;
+        }
        in=BIO_new(BIO_s_file());
-        if (!(BIO_read_filename(in,"dsaparams")))
+        if (!(BIO_read_filename(in,dsaparams)))
                {
                perror(dsaparams);
                goto end;
                }
-        if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL)
+        if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
                {
                BIO_printf(bio_err,"unable to load DSA parameter file\n");
                goto end;
                }
        BIO_free(in);
+        in = NULL;
                
        out=BIO_new(BIO_s_file());
        if (out == NULL) goto end;
        if (outfile == NULL)
+                {
                BIO_set_fp(out,stdout,BIO_NOCLOSE);
+#ifdef OPENSSL_SYS_VMS
+                {
+                BIO *tmpbio = BIO_new(BIO_f_linebuffer());
+                out = BIO_push(tmpbio, out);
+                }
+#endif
+                }
        else
                {
                if (BIO_write_filename(out,outfile) <= 0)
@@ -162,59 +221,31 @@ bad:
                        }
                }
-        randfile=RAND_file_name(buffer,200);
+        if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
-        if ((randfile == NULL)|| !RAND_load_file(randfile,1024L*1024L))
-                BIO_printf(bio_err,"unable to load 'random state'\n");
-        if (inrand == NULL)
-                BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-        else
                {
-                BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+                BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
-                        dsa_load_rand(inrand));
                }
+        if (inrand != NULL)
+                BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+                        app_RAND_load_files(inrand));
-        BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
+        BIO_printf(bio_err,"Generating DSA key, %d bits\n",
-        BIO_printf(bio_err,"This could take some time\n");
+                                                        BN_num_bits(dsa->p));
        if (!DSA_generate_key(dsa)) goto end;
-        if (randfile == NULL)
+        app_RAND_write_file(NULL, bio_err);
-                BIO_printf(bio_err,"unable to write 'random state'\n");
-        else
-                RAND_write_file(randfile);
-        if (!PEM_write_bio_DSAPrivateKey(out,dsa,EVP_des_ede3_cbc(),NULL,0,NULL))
+        if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
                goto end;
        ret=0;
 end:
        if (ret != 0)
                ERR_print_errors(bio_err);
-        if (out != NULL) BIO_free(out);
+        if (in != NULL) BIO_free(in);
+        if (out != NULL) BIO_free_all(out);
        if (dsa != NULL) DSA_free(dsa);
+        if(passout) OPENSSL_free(passout);
+        apps_shutdown();
        EXIT(ret);
        }
+#endif
-static long dsa_load_rand(name)
-char *name;
-        {
-        char *p,*n;
-        int last;
-        long tot=0;
-        for (;;)
-                {
-                last=0;
-                for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
-                if (*p == '\0') last=1;
-                *p='\0';
-                n=name;
-                name=p+1;
-                if (*n == '\0') break;
-                tot+=RAND_load_file(n,1);
-                if (last) break;
-                }
-        return(tot);
-        }

diff --git a/src/lib/libssl/src/apps/gendsa.c b/src/lib/libssl/src/apps/gendsa.c index e0e5afa400..1e1e9f3e4c 100644 --- a/src/lib/libssl/src/apps/gendsa.c +++ b/src/lib/libssl/src/apps/gendsa.c
@@ -56,39 +56,36 @@
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
58		58
		59	#ifndef OPENSSL_NO_DSA
59	#include <stdio.h>	60	#include <stdio.h>
60	#include <string.h>	61	#include <string.h>
61	#include <sys/types.h>	62	#include <sys/types.h>
62	#include <sys/stat.h>	63	#include <sys/stat.h>
63	#include "apps.h"	64	#include "apps.h"
64	#include "bio.h"	65	#include <openssl/bio.h>
65	#include "rand.h"	66	#include <openssl/err.h>
66	#include "err.h"	67	#include <openssl/bn.h>
67	#include "bn.h"	68	#include <openssl/dsa.h>
68	#include "dsa.h"	69	#include <openssl/x509.h>
69	#include "x509.h"	70	#include <openssl/pem.h>
70	#include "pem.h"
71		71
72	#define DEFBITS 512	72	#define DEFBITS 512
73	#undef PROG	73	#undef PROG
74	#define PROG gendsa_main	74	#define PROG gendsa_main
75		75
76	#ifndef NOPROTO	76	int MAIN(int, char **);
77	static long dsa_load_rand(char *names);
78	#else
79	static long dsa_load_rand();
80	#endif
81		77
82	int MAIN(argc, argv)	78	int MAIN(int argc, char **argv)
83	int argc;
84	char **argv;
85	{	79	{
86	char buffer[200];	80	ENGINE *e = NULL;
87	DSA *dsa=NULL;	81	DSA *dsa=NULL;
88	int ret=1,num=DEFBITS;	82	int ret=1;
89	char *outfile=NULL;	83	char *outfile=NULL;
90	char inrand=NULL,randfile,*dsaparams=NULL;	84	char inrand=NULL,dsaparams=NULL;
		85	char passargout = NULL, passout = NULL;
91	BIO out=NULL,in=NULL;	86	BIO out=NULL,in=NULL;
		87	const EVP_CIPHER *enc=NULL;
		88	char *engine=NULL;
92		89
93	apps_startup();	90	apps_startup();
94		91
@@ -96,6 +93,9 @@ char **argv;
96	if ((bio_err=BIO_new(BIO_s_file())) != NULL)	93	if ((bio_err=BIO_new(BIO_s_file())) != NULL)
97	BIO_set_fp(bio_err,stderr,BIO_NOCLOSE\|BIO_FP_TEXT);	94	BIO_set_fp(bio_err,stderr,BIO_NOCLOSE\|BIO_FP_TEXT);
98		95
		96	if (!load_config(bio_err, NULL))
		97	goto end;
		98
99	argv++;	99	argv++;
100	argc--;	100	argc--;
101	for (;;)	101	for (;;)
@@ -106,6 +106,16 @@ char **argv;
106	if (--argc < 1) goto bad;	106	if (--argc < 1) goto bad;
107	outfile= *(++argv);	107	outfile= *(++argv);
108	}	108	}
		109	else if (strcmp(*argv,"-passout") == 0)
		110	{
		111	if (--argc < 1) goto bad;
		112	passargout= *(++argv);
		113	}
		114	else if (strcmp(*argv,"-engine") == 0)
		115	{
		116	if (--argc < 1) goto bad;
		117	engine= *(++argv);
		118	}
109	else if (strcmp(*argv,"-rand") == 0)	119	else if (strcmp(*argv,"-rand") == 0)
110	{	120	{
111	if (--argc < 1) goto bad;	121	if (--argc < 1) goto bad;
@@ -113,9 +123,27 @@ char **argv;
113	}	123	}
114	else if (strcmp(*argv,"-") == 0)	124	else if (strcmp(*argv,"-") == 0)
115	goto bad;	125	goto bad;
116	else if (dsaparams == NULL)	126	#ifndef OPENSSL_NO_DES
		127	else if (strcmp(*argv,"-des") == 0)
		128	enc=EVP_des_cbc();
		129	else if (strcmp(*argv,"-des3") == 0)
		130	enc=EVP_des_ede3_cbc();
		131	#endif
		132	#ifndef OPENSSL_NO_IDEA
		133	else if (strcmp(*argv,"-idea") == 0)
		134	enc=EVP_idea_cbc();
		135	#endif
		136	#ifndef OPENSSL_NO_AES
		137	else if (strcmp(*argv,"-aes128") == 0)
		138	enc=EVP_aes_128_cbc();
		139	else if (strcmp(*argv,"-aes192") == 0)
		140	enc=EVP_aes_192_cbc();
		141	else if (strcmp(*argv,"-aes256") == 0)
		142	enc=EVP_aes_256_cbc();
		143	#endif
		144	else if (**argv != '-' && dsaparams == NULL)
117	{	145	{
118	dsaparams= *argv;	146	dsaparams = *argv;
119	}	147	}
120	else	148	else
121	goto bad;	149	goto bad;
@@ -126,33 +154,64 @@ char **argv;
126	if (dsaparams == NULL)	154	if (dsaparams == NULL)
127	{	155	{
128	bad:	156	bad:
129	BIO_printf(bio_err,"usage: gendsa [args] [numbits]\n");	157	BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
130	BIO_printf(bio_err," -out file - output the key to 'file\n");	158	BIO_printf(bio_err," -out file - output the key to 'file'\n");
131	BIO_printf(bio_err," -rand file:file:...\n");	159	#ifndef OPENSSL_NO_DES
		160	BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n");
		161	BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
		162	#endif
		163	#ifndef OPENSSL_NO_IDEA
		164	BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
		165	#endif
		166	#ifndef OPENSSL_NO_AES
		167	BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
		168	BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
		169	#endif
		170	BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
		171	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
132	BIO_printf(bio_err," - load the file (or the files in the directory) into\n");	172	BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
133	BIO_printf(bio_err," the random number generator\n");	173	BIO_printf(bio_err," the random number generator\n");
		174	BIO_printf(bio_err," dsaparam-file\n");
		175	BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n");
134	goto end;	176	goto end;
135	}	177	}
136		178
		179	e = setup_engine(bio_err, engine, 0);
		180
		181	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
		182	BIO_printf(bio_err, "Error getting password\n");
		183	goto end;
		184	}
		185
		186
137	in=BIO_new(BIO_s_file());	187	in=BIO_new(BIO_s_file());
138	if (!(BIO_read_filename(in,"dsaparams")))	188	if (!(BIO_read_filename(in,dsaparams)))
139	{	189	{
140	perror(dsaparams);	190	perror(dsaparams);
141	goto end;	191	goto end;
142	}	192	}
143		193
144	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL)	194	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
145	{	195	{
146	BIO_printf(bio_err,"unable to load DSA parameter file\n");	196	BIO_printf(bio_err,"unable to load DSA parameter file\n");
147	goto end;	197	goto end;
148	}	198	}
149	BIO_free(in);	199	BIO_free(in);
		200	in = NULL;
150		201
151	out=BIO_new(BIO_s_file());	202	out=BIO_new(BIO_s_file());
152	if (out == NULL) goto end;	203	if (out == NULL) goto end;
153		204
154	if (outfile == NULL)	205	if (outfile == NULL)
		206	{
155	BIO_set_fp(out,stdout,BIO_NOCLOSE);	207	BIO_set_fp(out,stdout,BIO_NOCLOSE);
		208	#ifdef OPENSSL_SYS_VMS
		209	{
		210	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
		211	out = BIO_push(tmpbio, out);
		212	}
		213	#endif
		214	}
156	else	215	else
157	{	216	{
158	if (BIO_write_filename(out,outfile) <= 0)	217	if (BIO_write_filename(out,outfile) <= 0)
@@ -162,59 +221,31 @@ bad:
162	}	221	}
163	}	222	}
164		223
165	randfile=RAND_file_name(buffer,200);	224	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
166	if ((randfile == NULL)\|\| !RAND_load_file(randfile,1024L*1024L))
167	BIO_printf(bio_err,"unable to load 'random state'\n");
168
169	if (inrand == NULL)
170	BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
171	else
172	{	225	{
173	BIO_printf(bio_err,"%ld semi-random bytes loaded\n",	226	BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
174	dsa_load_rand(inrand));
175	}	227	}
		228	if (inrand != NULL)
		229	BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
		230	app_RAND_load_files(inrand));
176		231
177	BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);	232	BIO_printf(bio_err,"Generating DSA key, %d bits\n",
178	BIO_printf(bio_err,"This could take some time\n");	233	BN_num_bits(dsa->p));
179	if (!DSA_generate_key(dsa)) goto end;	234	if (!DSA_generate_key(dsa)) goto end;
180		235
181	if (randfile == NULL)	236	app_RAND_write_file(NULL, bio_err);
182	BIO_printf(bio_err,"unable to write 'random state'\n");
183	else
184	RAND_write_file(randfile);
185		237
186	if (!PEM_write_bio_DSAPrivateKey(out,dsa,EVP_des_ede3_cbc(),NULL,0,NULL))	238	if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
187	goto end;	239	goto end;
188	ret=0;	240	ret=0;
189	end:	241	end:
190	if (ret != 0)	242	if (ret != 0)
191	ERR_print_errors(bio_err);	243	ERR_print_errors(bio_err);
192	if (out != NULL) BIO_free(out);	244	if (in != NULL) BIO_free(in);
		245	if (out != NULL) BIO_free_all(out);
193	if (dsa != NULL) DSA_free(dsa);	246	if (dsa != NULL) DSA_free(dsa);
		247	if(passout) OPENSSL_free(passout);
		248	apps_shutdown();
194	EXIT(ret);	249	EXIT(ret);
195	}	250	}
196		251	#endif
197	static long dsa_load_rand(name)
198	char *name;
199	{
200	char p,n;
201	int last;
202	long tot=0;
203
204	for (;;)
205	{
206	last=0;
207	for (p=name; ((p != '\0') && (p != LIST_SEPARATOR_CHAR)); p++);
208	if (*p == '\0') last=1;
209	*p='\0';
210	n=name;
211	name=p+1;
212	if (*n == '\0') break;
213
214	tot+=RAND_load_file(n,1);
215	if (last) break;
216	}
217	return(tot);
218	}
219
220