diff options
Diffstat (limited to '')
| -rw-r--r-- | src/usr.bin/openssl/genpkey.c | 44 |
1 files changed, 9 insertions, 35 deletions
diff --git a/src/usr.bin/openssl/genpkey.c b/src/usr.bin/openssl/genpkey.c index 1ebc4e7d3c..d76e2febd8 100644 --- a/src/usr.bin/openssl/genpkey.c +++ b/src/usr.bin/openssl/genpkey.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: genpkey.c,v 1.4 2015/08/22 16:36:05 jsing Exp $ */ | 1 | /* $OpenBSD: genpkey.c,v 1.5 2015/09/11 14:30:23 bcook Exp $ */ |
| 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 | /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
| 3 | * project 2006 | 3 | * project 2006 |
| 4 | */ | 4 | */ |
| @@ -65,19 +65,13 @@ | |||
| 65 | #include <openssl/evp.h> | 65 | #include <openssl/evp.h> |
| 66 | #include <openssl/pem.h> | 66 | #include <openssl/pem.h> |
| 67 | 67 | ||
| 68 | #ifndef OPENSSL_NO_ENGINE | ||
| 69 | #include <openssl/engine.h> | ||
| 70 | #endif | ||
| 71 | |||
| 72 | static int | 68 | static int |
| 73 | init_keygen_file(BIO * err, EVP_PKEY_CTX ** pctx, const char *file, | 69 | init_keygen_file(BIO * err, EVP_PKEY_CTX ** pctx, const char *file); |
| 74 | ENGINE * e); | ||
| 75 | static int genpkey_cb(EVP_PKEY_CTX * ctx); | 70 | static int genpkey_cb(EVP_PKEY_CTX * ctx); |
| 76 | 71 | ||
| 77 | int | 72 | int |
| 78 | genpkey_main(int argc, char **argv) | 73 | genpkey_main(int argc, char **argv) |
| 79 | { | 74 | { |
| 80 | ENGINE *e = NULL; | ||
| 81 | char **args, *outfile = NULL; | 75 | char **args, *outfile = NULL; |
| 82 | char *passarg = NULL; | 76 | char *passarg = NULL; |
| 83 | BIO *in = NULL, *out = NULL; | 77 | BIO *in = NULL, *out = NULL; |
| @@ -107,20 +101,13 @@ genpkey_main(int argc, char **argv) | |||
| 107 | goto bad; | 101 | goto bad; |
| 108 | passarg = *(++args); | 102 | passarg = *(++args); |
| 109 | } | 103 | } |
| 110 | #ifndef OPENSSL_NO_ENGINE | ||
| 111 | else if (strcmp(*args, "-engine") == 0) { | ||
| 112 | if (!args[1]) | ||
| 113 | goto bad; | ||
| 114 | e = setup_engine(bio_err, *(++args), 0); | ||
| 115 | } | ||
| 116 | #endif | ||
| 117 | else if (!strcmp(*args, "-paramfile")) { | 104 | else if (!strcmp(*args, "-paramfile")) { |
| 118 | if (!args[1]) | 105 | if (!args[1]) |
| 119 | goto bad; | 106 | goto bad; |
| 120 | args++; | 107 | args++; |
| 121 | if (do_param == 1) | 108 | if (do_param == 1) |
| 122 | goto bad; | 109 | goto bad; |
| 123 | if (!init_keygen_file(bio_err, &ctx, *args, e)) | 110 | if (!init_keygen_file(bio_err, &ctx, *args)) |
| 124 | goto end; | 111 | goto end; |
| 125 | } else if (!strcmp(*args, "-out")) { | 112 | } else if (!strcmp(*args, "-out")) { |
| 126 | if (args[1]) { | 113 | if (args[1]) { |
| @@ -131,7 +118,7 @@ genpkey_main(int argc, char **argv) | |||
| 131 | } else if (strcmp(*args, "-algorithm") == 0) { | 118 | } else if (strcmp(*args, "-algorithm") == 0) { |
| 132 | if (!args[1]) | 119 | if (!args[1]) |
| 133 | goto bad; | 120 | goto bad; |
| 134 | if (!init_gen_str(bio_err, &ctx, *(++args), e, do_param)) | 121 | if (!init_gen_str(bio_err, &ctx, *(++args), do_param)) |
| 135 | goto end; | 122 | goto end; |
| 136 | } else if (strcmp(*args, "-pkeyopt") == 0) { | 123 | } else if (strcmp(*args, "-pkeyopt") == 0) { |
| 137 | if (!args[1]) | 124 | if (!args[1]) |
| @@ -174,9 +161,6 @@ bad: | |||
| 174 | BIO_printf(bio_err, "-outform X output format (DER or PEM)\n"); | 161 | BIO_printf(bio_err, "-outform X output format (DER or PEM)\n"); |
| 175 | BIO_printf(bio_err, "-pass arg output file pass phrase source\n"); | 162 | BIO_printf(bio_err, "-pass arg output file pass phrase source\n"); |
| 176 | BIO_printf(bio_err, "-<cipher> use cipher <cipher> to encrypt the key\n"); | 163 | BIO_printf(bio_err, "-<cipher> use cipher <cipher> to encrypt the key\n"); |
| 177 | #ifndef OPENSSL_NO_ENGINE | ||
| 178 | BIO_printf(bio_err, "-engine e use engine e, possibly a hardware device.\n"); | ||
| 179 | #endif | ||
| 180 | BIO_printf(bio_err, "-paramfile file parameters file\n"); | 164 | BIO_printf(bio_err, "-paramfile file parameters file\n"); |
| 181 | BIO_printf(bio_err, "-algorithm alg the public key algorithm\n"); | 165 | BIO_printf(bio_err, "-algorithm alg the public key algorithm\n"); |
| 182 | BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option <opt>\n" | 166 | BIO_printf(bio_err, "-pkeyopt opt:value set the public key algorithm option <opt>\n" |
| @@ -261,7 +245,7 @@ end: | |||
| 261 | 245 | ||
| 262 | static int | 246 | static int |
| 263 | init_keygen_file(BIO * err, EVP_PKEY_CTX ** pctx, | 247 | init_keygen_file(BIO * err, EVP_PKEY_CTX ** pctx, |
| 264 | const char *file, ENGINE * e) | 248 | const char *file) |
| 265 | { | 249 | { |
| 266 | BIO *pbio; | 250 | BIO *pbio; |
| 267 | EVP_PKEY *pkey = NULL; | 251 | EVP_PKEY *pkey = NULL; |
| @@ -282,7 +266,7 @@ init_keygen_file(BIO * err, EVP_PKEY_CTX ** pctx, | |||
| 282 | BIO_printf(bio_err, "Error reading parameter file %s\n", file); | 266 | BIO_printf(bio_err, "Error reading parameter file %s\n", file); |
| 283 | return 0; | 267 | return 0; |
| 284 | } | 268 | } |
| 285 | ctx = EVP_PKEY_CTX_new(pkey, e); | 269 | ctx = EVP_PKEY_CTX_new(pkey, NULL); |
| 286 | if (!ctx) | 270 | if (!ctx) |
| 287 | goto err; | 271 | goto err; |
| 288 | if (EVP_PKEY_keygen_init(ctx) <= 0) | 272 | if (EVP_PKEY_keygen_init(ctx) <= 0) |
| @@ -304,23 +288,17 @@ err: | |||
| 304 | 288 | ||
| 305 | int | 289 | int |
| 306 | init_gen_str(BIO * err, EVP_PKEY_CTX ** pctx, | 290 | init_gen_str(BIO * err, EVP_PKEY_CTX ** pctx, |
| 307 | const char *algname, ENGINE * e, int do_param) | 291 | const char *algname, int do_param) |
| 308 | { | 292 | { |
| 309 | EVP_PKEY_CTX *ctx = NULL; | 293 | EVP_PKEY_CTX *ctx = NULL; |
| 310 | const EVP_PKEY_ASN1_METHOD *ameth; | 294 | const EVP_PKEY_ASN1_METHOD *ameth; |
| 311 | ENGINE *tmpeng = NULL; | ||
| 312 | int pkey_id; | 295 | int pkey_id; |
| 313 | 296 | ||
| 314 | if (*pctx) { | 297 | if (*pctx) { |
| 315 | BIO_puts(err, "Algorithm already set!\n"); | 298 | BIO_puts(err, "Algorithm already set!\n"); |
| 316 | return 0; | 299 | return 0; |
| 317 | } | 300 | } |
| 318 | ameth = EVP_PKEY_asn1_find_str(&tmpeng, algname, -1); | 301 | ameth = EVP_PKEY_asn1_find_str(NULL, algname, -1); |
| 319 | |||
| 320 | #ifndef OPENSSL_NO_ENGINE | ||
| 321 | if (!ameth && e) | ||
| 322 | ameth = ENGINE_get_pkey_asn1_meth_str(e, algname, -1); | ||
| 323 | #endif | ||
| 324 | 302 | ||
| 325 | if (!ameth) { | 303 | if (!ameth) { |
| 326 | BIO_printf(bio_err, "Algorithm %s not found\n", algname); | 304 | BIO_printf(bio_err, "Algorithm %s not found\n", algname); |
| @@ -329,11 +307,7 @@ init_gen_str(BIO * err, EVP_PKEY_CTX ** pctx, | |||
| 329 | ERR_clear_error(); | 307 | ERR_clear_error(); |
| 330 | 308 | ||
| 331 | EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth); | 309 | EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth); |
| 332 | #ifndef OPENSSL_NO_ENGINE | 310 | ctx = EVP_PKEY_CTX_new_id(pkey_id, NULL); |
| 333 | if (tmpeng) | ||
| 334 | ENGINE_finish(tmpeng); | ||
| 335 | #endif | ||
| 336 | ctx = EVP_PKEY_CTX_new_id(pkey_id, e); | ||
| 337 | 311 | ||
| 338 | if (!ctx) | 312 | if (!ctx) |
| 339 | goto err; | 313 | goto err; |