1 files changed, 44 insertions, 33 deletions
diff --git a/src/lib/libssl/src/apps/genrsa.c b/src/lib/libssl/src/apps/genrsa.c
index 7dbd0923b6..1599bb7a69 100644
--- a/src/lib/libssl/src/apps/genrsa.c
+++ b/src/lib/libssl/src/apps/genrsa.c
@@ -56,6 +56,13 @@
 * [including the GNU Public Licence.]
 */
+#include <openssl/opensslconf.h>
+/* Until the key-gen callbacks are modified to use newer prototypes, we allow
+ * deprecated functions for openssl-internal code */
+#ifdef OPENSSL_NO_DEPRECATED
+#undef OPENSSL_NO_DEPRECATED
+#endif
 #ifndef OPENSSL_NO_RSA
 #include <stdio.h>
 #include <string.h>
@@ -75,22 +82,19 @@
 #undef PROG
 #define PROG genrsa_main
-static void MS_CALLBACK genrsa_cb(int p, int n, void *arg);
+static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb);
 int MAIN(int, char **);
 int MAIN(int argc, char **argv)
        {
+        BN_GENCB cb;
 #ifndef OPENSSL_NO_ENGINE
        ENGINE *e = NULL;
 #endif
        int ret=1;
-        RSA *rsa=NULL;
        int i,num=DEFBITS;
        long l;
-#ifdef OPENSSL_FIPS
-        int use_x931 = 0;
-#endif
        const EVP_CIPHER *enc=NULL;
        unsigned long f4=RSA_F4;
        char *outfile=NULL;
@@ -100,8 +104,13 @@ int MAIN(int argc, char **argv)
 #endif
        char *inrand=NULL;
        BIO *out=NULL;
+        BIGNUM *bn = BN_new();
+        RSA *rsa = RSA_new();
+        if(!bn || !rsa) goto err;
        apps_startup();
+        BN_GENCB_set(&cb, genrsa_cb, bio_err);
        if (bio_err == NULL)
                if ((bio_err=BIO_new(BIO_s_file())) != NULL)
@@ -129,10 +138,6 @@ int MAIN(int argc, char **argv)
                        f4=3;
                else if (strcmp(*argv,"-F4") == 0 || strcmp(*argv,"-f4") == 0)
                        f4=RSA_F4;
-#ifdef OPENSSL_FIPS
-                else if (strcmp(*argv,"-x931") == 0)
-                        use_x931 = 1;
-#endif
 #ifndef OPENSSL_NO_ENGINE
                else if (strcmp(*argv,"-engine") == 0)
                        {
@@ -155,6 +160,10 @@ int MAIN(int argc, char **argv)
                else if (strcmp(*argv,"-idea") == 0)
                        enc=EVP_idea_cbc();
 #endif
+#ifndef OPENSSL_NO_SEED
+                else if (strcmp(*argv,"-seed") == 0)
+                        enc=EVP_seed_cbc();
+#endif
 #ifndef OPENSSL_NO_AES
                else if (strcmp(*argv,"-aes128") == 0)
                        enc=EVP_aes_128_cbc();
@@ -163,6 +172,14 @@ int MAIN(int argc, char **argv)
                else if (strcmp(*argv,"-aes256") == 0)
                        enc=EVP_aes_256_cbc();
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+                else if (strcmp(*argv,"-camellia128") == 0)
+                        enc=EVP_camellia_128_cbc();
+                else if (strcmp(*argv,"-camellia192") == 0)
+                        enc=EVP_camellia_192_cbc();
+                else if (strcmp(*argv,"-camellia256") == 0)
+                        enc=EVP_camellia_256_cbc();
+#endif
                else if (strcmp(*argv,"-passout") == 0)
                        {
                        if (--argc < 1) goto bad;
@@ -182,10 +199,18 @@ bad:
 #ifndef OPENSSL_NO_IDEA
                BIO_printf(bio_err," -idea           encrypt the generated key with IDEA in cbc mode\n");
 #endif
+#ifndef OPENSSL_NO_SEED
+                BIO_printf(bio_err," -seed\n");
+                BIO_printf(bio_err,"                 encrypt PEM output with cbc seed\n");
+#endif
 #ifndef OPENSSL_NO_AES
                BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
                BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
 #endif
+#ifndef OPENSSL_NO_CAMELLIA
+                BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
+                BIO_printf(bio_err,"                 encrypt PEM output with cbc camellia\n");
+#endif
                BIO_printf(bio_err," -out file       output the key to 'file\n");
                BIO_printf(bio_err," -passout arg    output file pass phrase source\n");
                BIO_printf(bio_err," -f4             use F4 (0x10001) for the E value\n");
@@ -240,28 +265,12 @@ bad:
        BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
                num);
-#ifdef OPENSSL_FIPS
-        if (use_x931)
+        if(!BN_set_word(bn, f4) || !RSA_generate_key_ex(rsa, num, bn, &cb))
-                {
+                goto err;
-                BIGNUM *pubexp;
-                pubexp = BN_new();
-                BN_set_word(pubexp, f4);
-                rsa = RSA_X931_generate_key(num, pubexp, genrsa_cb, bio_err);
-                BN_free(pubexp);
-                }
-        else
-#endif
-                rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err);
                
        app_RAND_write_file(NULL, bio_err);
-        if (rsa == NULL)
-                {
-                BIO_printf(bio_err, "Key Generation error\n");
-                goto err;
-                }
-        
        /* We need to do the following for when the base number size is <
         * long, esp windows 3.1 :-(. */
        l=0L;
@@ -285,8 +294,9 @@ bad:
        ret=0;
 err:
-        if (rsa != NULL) RSA_free(rsa);
+        if (bn) BN_free(bn);
-        if (out != NULL) BIO_free_all(out);
+        if (rsa) RSA_free(rsa);
+        if (out) BIO_free_all(out);
        if(passout) OPENSSL_free(passout);
        if (ret != 0)
                ERR_print_errors(bio_err);
@@ -294,7 +304,7 @@ err:
        OPENSSL_EXIT(ret);
        }
-static void MS_CALLBACK genrsa_cb(int p, int n, void *arg)
+static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
        {
        char c='*';
@@ -302,11 +312,12 @@ static void MS_CALLBACK genrsa_cb(int p, int n, void *arg)
        if (p == 1) c='+';
        if (p == 2) c='*';
        if (p == 3) c='\n';
-        BIO_write((BIO *)arg,&c,1);
+        BIO_write(cb->arg,&c,1);
-        (void)BIO_flush((BIO *)arg);
+        (void)BIO_flush(cb->arg);
 #ifdef LINT
        p=n;
 #endif
+        return 1;
        }
 #else /* !OPENSSL_NO_RSA */

diff --git a/src/lib/libssl/src/apps/genrsa.c b/src/lib/libssl/src/apps/genrsa.c index 7dbd0923b6..1599bb7a69 100644 --- a/src/lib/libssl/src/apps/genrsa.c +++ b/src/lib/libssl/src/apps/genrsa.c
@@ -56,6 +56,13 @@
56	* [including the GNU Public Licence.]	56	* [including the GNU Public Licence.]
57	*/	57	*/
58		58
		59	#include <openssl/opensslconf.h>
		60	/* Until the key-gen callbacks are modified to use newer prototypes, we allow
		61	* deprecated functions for openssl-internal code */
		62	#ifdef OPENSSL_NO_DEPRECATED
		63	#undef OPENSSL_NO_DEPRECATED
		64	#endif
		65
59	#ifndef OPENSSL_NO_RSA	66	#ifndef OPENSSL_NO_RSA
60	#include <stdio.h>	67	#include <stdio.h>
61	#include <string.h>	68	#include <string.h>
@@ -75,22 +82,19 @@
75	#undef PROG	82	#undef PROG
76	#define PROG genrsa_main	83	#define PROG genrsa_main
77		84
78	static void MS_CALLBACK genrsa_cb(int p, int n, void *arg);	85	static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb);
79		86
80	int MAIN(int, char **);	87	int MAIN(int, char **);
81		88
82	int MAIN(int argc, char **argv)	89	int MAIN(int argc, char **argv)
83	{	90	{
		91	BN_GENCB cb;
84	#ifndef OPENSSL_NO_ENGINE	92	#ifndef OPENSSL_NO_ENGINE
85	ENGINE *e = NULL;	93	ENGINE *e = NULL;
86	#endif	94	#endif
87	int ret=1;	95	int ret=1;
88	RSA *rsa=NULL;
89	int i,num=DEFBITS;	96	int i,num=DEFBITS;
90	long l;	97	long l;
91	#ifdef OPENSSL_FIPS
92	int use_x931 = 0;
93	#endif
94	const EVP_CIPHER *enc=NULL;	98	const EVP_CIPHER *enc=NULL;
95	unsigned long f4=RSA_F4;	99	unsigned long f4=RSA_F4;
96	char *outfile=NULL;	100	char *outfile=NULL;
@@ -100,8 +104,13 @@ int MAIN(int argc, char **argv)
100	#endif	104	#endif
101	char *inrand=NULL;	105	char *inrand=NULL;
102	BIO *out=NULL;	106	BIO *out=NULL;
		107	BIGNUM *bn = BN_new();
		108	RSA *rsa = RSA_new();
		109
		110	if(!bn \|\| !rsa) goto err;
103		111
104	apps_startup();	112	apps_startup();
		113	BN_GENCB_set(&cb, genrsa_cb, bio_err);
105		114
106	if (bio_err == NULL)	115	if (bio_err == NULL)
107	if ((bio_err=BIO_new(BIO_s_file())) != NULL)	116	if ((bio_err=BIO_new(BIO_s_file())) != NULL)
@@ -129,10 +138,6 @@ int MAIN(int argc, char **argv)
129	f4=3;	138	f4=3;
130	else if (strcmp(argv,"-F4") == 0 \|\| strcmp(argv,"-f4") == 0)	139	else if (strcmp(argv,"-F4") == 0 \|\| strcmp(argv,"-f4") == 0)
131	f4=RSA_F4;	140	f4=RSA_F4;
132	#ifdef OPENSSL_FIPS
133	else if (strcmp(*argv,"-x931") == 0)
134	use_x931 = 1;
135	#endif
136	#ifndef OPENSSL_NO_ENGINE	141	#ifndef OPENSSL_NO_ENGINE
137	else if (strcmp(*argv,"-engine") == 0)	142	else if (strcmp(*argv,"-engine") == 0)
138	{	143	{
@@ -155,6 +160,10 @@ int MAIN(int argc, char **argv)
155	else if (strcmp(*argv,"-idea") == 0)	160	else if (strcmp(*argv,"-idea") == 0)
156	enc=EVP_idea_cbc();	161	enc=EVP_idea_cbc();
157	#endif	162	#endif
		163	#ifndef OPENSSL_NO_SEED
		164	else if (strcmp(*argv,"-seed") == 0)
		165	enc=EVP_seed_cbc();
		166	#endif
158	#ifndef OPENSSL_NO_AES	167	#ifndef OPENSSL_NO_AES
159	else if (strcmp(*argv,"-aes128") == 0)	168	else if (strcmp(*argv,"-aes128") == 0)
160	enc=EVP_aes_128_cbc();	169	enc=EVP_aes_128_cbc();
@@ -163,6 +172,14 @@ int MAIN(int argc, char **argv)
163	else if (strcmp(*argv,"-aes256") == 0)	172	else if (strcmp(*argv,"-aes256") == 0)
164	enc=EVP_aes_256_cbc();	173	enc=EVP_aes_256_cbc();
165	#endif	174	#endif
		175	#ifndef OPENSSL_NO_CAMELLIA
		176	else if (strcmp(*argv,"-camellia128") == 0)
		177	enc=EVP_camellia_128_cbc();
		178	else if (strcmp(*argv,"-camellia192") == 0)
		179	enc=EVP_camellia_192_cbc();
		180	else if (strcmp(*argv,"-camellia256") == 0)
		181	enc=EVP_camellia_256_cbc();
		182	#endif
166	else if (strcmp(*argv,"-passout") == 0)	183	else if (strcmp(*argv,"-passout") == 0)
167	{	184	{
168	if (--argc < 1) goto bad;	185	if (--argc < 1) goto bad;
@@ -182,10 +199,18 @@ bad:
182	#ifndef OPENSSL_NO_IDEA	199	#ifndef OPENSSL_NO_IDEA
183	BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n");	200	BIO_printf(bio_err," -idea encrypt the generated key with IDEA in cbc mode\n");
184	#endif	201	#endif
		202	#ifndef OPENSSL_NO_SEED
		203	BIO_printf(bio_err," -seed\n");
		204	BIO_printf(bio_err," encrypt PEM output with cbc seed\n");
		205	#endif
185	#ifndef OPENSSL_NO_AES	206	#ifndef OPENSSL_NO_AES
186	BIO_printf(bio_err," -aes128, -aes192, -aes256\n");	207	BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
187	BIO_printf(bio_err," encrypt PEM output with cbc aes\n");	208	BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
188	#endif	209	#endif
		210	#ifndef OPENSSL_NO_CAMELLIA
		211	BIO_printf(bio_err," -camellia128, -camellia192, -camellia256\n");
		212	BIO_printf(bio_err," encrypt PEM output with cbc camellia\n");
		213	#endif
189	BIO_printf(bio_err," -out file output the key to 'file\n");	214	BIO_printf(bio_err," -out file output the key to 'file\n");
190	BIO_printf(bio_err," -passout arg output file pass phrase source\n");	215	BIO_printf(bio_err," -passout arg output file pass phrase source\n");
191	BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");	216	BIO_printf(bio_err," -f4 use F4 (0x10001) for the E value\n");
@@ -240,28 +265,12 @@ bad:
240		265
241	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",	266	BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
242	num);	267	num);
243	#ifdef OPENSSL_FIPS	268
244	if (use_x931)	269	if(!BN_set_word(bn, f4) \|\| !RSA_generate_key_ex(rsa, num, bn, &cb))
245	{	270	goto err;
246	BIGNUM *pubexp;
247	pubexp = BN_new();
248	BN_set_word(pubexp, f4);
249	rsa = RSA_X931_generate_key(num, pubexp, genrsa_cb, bio_err);
250	BN_free(pubexp);
251	}
252	else
253	#endif
254	rsa=RSA_generate_key(num,f4,genrsa_cb,bio_err);
255		271
256	app_RAND_write_file(NULL, bio_err);	272	app_RAND_write_file(NULL, bio_err);
257		273
258	if (rsa == NULL)
259	{
260	BIO_printf(bio_err, "Key Generation error\n");
261
262	goto err;
263	}
264
265	/* We need to do the following for when the base number size is <	274	/* We need to do the following for when the base number size is <
266	* long, esp windows 3.1 :-(. */	275	* long, esp windows 3.1 :-(. */
267	l=0L;	276	l=0L;
@@ -285,8 +294,9 @@ bad:
285		294
286	ret=0;	295	ret=0;
287	err:	296	err:
288	if (rsa != NULL) RSA_free(rsa);	297	if (bn) BN_free(bn);
289	if (out != NULL) BIO_free_all(out);	298	if (rsa) RSA_free(rsa);
		299	if (out) BIO_free_all(out);
290	if(passout) OPENSSL_free(passout);	300	if(passout) OPENSSL_free(passout);
291	if (ret != 0)	301	if (ret != 0)
292	ERR_print_errors(bio_err);	302	ERR_print_errors(bio_err);
@@ -294,7 +304,7 @@ err:
294	OPENSSL_EXIT(ret);	304	OPENSSL_EXIT(ret);
295	}	305	}
296		306
297	static void MS_CALLBACK genrsa_cb(int p, int n, void *arg)	307	static int MS_CALLBACK genrsa_cb(int p, int n, BN_GENCB *cb)
298	{	308	{
299	char c='*';	309	char c='*';
300		310
@@ -302,11 +312,12 @@ static void MS_CALLBACK genrsa_cb(int p, int n, void *arg)
302	if (p == 1) c='+';	312	if (p == 1) c='+';
303	if (p == 2) c='*';	313	if (p == 2) c='*';
304	if (p == 3) c='\n';	314	if (p == 3) c='\n';
305	BIO_write((BIO *)arg,&c,1);	315	BIO_write(cb->arg,&c,1);
306	(void)BIO_flush((BIO *)arg);	316	(void)BIO_flush(cb->arg);
307	#ifdef LINT	317	#ifdef LINT
308	p=n;	318	p=n;
309	#endif	319	#endif
		320	return 1;
310	}	321	}
311	#else /* !OPENSSL_NO_RSA */	322	#else /* !OPENSSL_NO_RSA */
312		323