summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/usr.bin/openssl/rsa.c435
1 files changed, 251 insertions, 184 deletions
diff --git a/src/usr.bin/openssl/rsa.c b/src/usr.bin/openssl/rsa.c
index d8366aae7b..91a9d161fb 100644
--- a/src/usr.bin/openssl/rsa.c
+++ b/src/usr.bin/openssl/rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: rsa.c,v 1.2 2014/08/28 14:23:52 jsing Exp $ */ 1/* $OpenBSD: rsa.c,v 1.3 2015/01/24 05:48:39 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -58,7 +58,6 @@
58 58
59#include <openssl/opensslconf.h> 59#include <openssl/opensslconf.h>
60 60
61
62#include <stdio.h> 61#include <stdio.h>
63#include <stdlib.h> 62#include <stdlib.h>
64#include <string.h> 63#include <string.h>
@@ -74,28 +73,202 @@
74#include <openssl/rsa.h> 73#include <openssl/rsa.h>
75#include <openssl/x509.h> 74#include <openssl/x509.h>
76 75
77/* -inform arg - input format - default PEM (one of DER, NET or PEM) 76static struct {
78 * -outform arg - output format - default PEM 77 int check;
79 * -in arg - input file - default stdin 78 const EVP_CIPHER *enc;
80 * -out arg - output file - default stdout 79#ifndef OPENSSL_NO_ENGINE
81 * -des - encrypt output if PEM format with DES in cbc mode 80 char *engine;
82 * -des3 - encrypt output if PEM format 81#endif
83 * -idea - encrypt output if PEM format 82 char *infile;
84 * -seed - encrypt output if PEM format 83 int informat;
85 * -aes128 - encrypt output if PEM format 84 int modulus;
86 * -aes192 - encrypt output if PEM format 85 int noout;
87 * -aes256 - encrypt output if PEM format 86 char *outfile;
88 * -camellia128 - encrypt output if PEM format 87 int outformat;
89 * -camellia192 - encrypt output if PEM format 88 char *passargin;
90 * -camellia256 - encrypt output if PEM format 89 char *passargout;
91 * -text - print a text version 90 int pubin;
92 * -modulus - print the RSA key modulus 91 int pubout;
93 * -check - verify key consistency 92 int pvk_encr;
94 * -pubin - Expect a public key in input file. 93 int sgckey;
95 * -pubout - Output a public key. 94 int text;
96 */ 95} rsa_config;
97 96
98int rsa_main(int, char **); 97static int
98rsa_opt_cipher(int argc, char **argv, int *argsused)
99{
100 char *name = argv[0];
101
102 if (*name++ != '-')
103 return (1);
104
105 if ((rsa_config.enc = EVP_get_cipherbyname(name)) == NULL) {
106 fprintf(stderr, "Invalid cipher '%s'\n", name);
107 return (1);
108 }
109
110 *argsused = 1;
111 return (0);
112}
113
114static struct option rsa_options[] = {
115 {
116 .name = "check",
117 .desc = "Check consistency of RSA private key",
118 .type = OPTION_FLAG,
119 .opt.flag = &rsa_config.check,
120 },
121#ifndef OPENSSL_NO_ENGINE
122 {
123 .name = "engine",
124 .argname = "id",
125 .desc = "Use the engine specified by the given identifier",
126 .type = OPTION_ARG,
127 .opt.arg = &rsa_config.engine,
128 },
129#endif
130 {
131 .name = "in",
132 .argname = "file",
133 .desc = "Input file (default stdin)",
134 .type = OPTION_ARG,
135 .opt.arg = &rsa_config.infile,
136 },
137 {
138 .name = "inform",
139 .argname = "format",
140 .desc = "Input format (DER, NET or PEM (default))",
141 .type = OPTION_ARG_FORMAT,
142 .opt.value = &rsa_config.informat,
143 },
144 {
145 .name = "modulus",
146 .desc = "Print the RSA key modulus",
147 .type = OPTION_FLAG,
148 .opt.flag = &rsa_config.modulus,
149 },
150 {
151 .name = "noout",
152 .desc = "Do not print encoded version of the key",
153 .type = OPTION_FLAG,
154 .opt.flag = &rsa_config.noout,
155 },
156 {
157 .name = "out",
158 .argname = "file",
159 .desc = "Output file (default stdout)",
160 .type = OPTION_ARG,
161 .opt.arg = &rsa_config.outfile,
162 },
163 {
164 .name = "outform",
165 .argname = "format",
166 .desc = "Output format (DER, NET or PEM (default PEM))",
167 .type = OPTION_ARG_FORMAT,
168 .opt.value = &rsa_config.outformat,
169 },
170 {
171 .name = "passin",
172 .argname = "src",
173 .desc = "Input file passphrase source",
174 .type = OPTION_ARG,
175 .opt.arg = &rsa_config.passargin,
176 },
177 {
178 .name = "passout",
179 .argname = "src",
180 .desc = "Output file passphrase source",
181 .type = OPTION_ARG,
182 .opt.arg = &rsa_config.passargout,
183 },
184 {
185 .name = "pubin",
186 .desc = "Expect a public key (default private key)",
187 .type = OPTION_VALUE,
188 .value = 1,
189 .opt.value = &rsa_config.pubin,
190 },
191 {
192 .name = "pubout",
193 .desc = "Output a public key (default private key)",
194 .type = OPTION_VALUE,
195 .value = 1,
196 .opt.value = &rsa_config.pubout,
197 },
198 {
199 .name = "pvk-none",
200 .type = OPTION_VALUE,
201 .value = 0,
202 .opt.value = &rsa_config.pvk_encr,
203 },
204 {
205 .name = "pvk-strong",
206 .type = OPTION_VALUE,
207 .value = 2,
208 .opt.value = &rsa_config.pvk_encr,
209 },
210 {
211 .name = "pvk-weak",
212 .type = OPTION_VALUE,
213 .value = 1,
214 .opt.value = &rsa_config.pvk_encr,
215 },
216 {
217 .name = "RSAPublicKey_in",
218 .type = OPTION_VALUE,
219 .value = 2,
220 .opt.value = &rsa_config.pubin,
221 },
222 {
223 .name = "RSAPublicKey_out",
224 .type = OPTION_VALUE,
225 .value = 2,
226 .opt.value = &rsa_config.pubout,
227 },
228 {
229 .name = "sgckey",
230 .desc = "Use modified NET algorithm for IIS and SGC keys",
231 .type = OPTION_FLAG,
232 .opt.flag = &rsa_config.sgckey,
233 },
234 {
235 .name = "text",
236 .desc = "Print in plain text in addition to encoded",
237 .type = OPTION_FLAG,
238 .opt.flag = &rsa_config.text,
239 },
240 {
241 .name = NULL,
242 .type = OPTION_ARGV_FUNC,
243 .opt.argvfunc = rsa_opt_cipher,
244 },
245 { NULL }
246};
247
248static void
249show_ciphers(const OBJ_NAME *name, void *arg)
250{
251 static int n;
252
253 fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
254}
255
256static void
257rsa_usage()
258{
259 fprintf(stderr,
260 "usage: rsa [-ciphername] [-check] [-engine id] [-in file] "
261 "[-inform fmt]\n"
262 " [-modulus] [-noout] [-out file] [-outform fmt] "
263 "[-passin src]\n"
264 " [-passout src] [-pubin] [-pubout] [-sgckey] [-text]\n\n");
265 options_usage(rsa_options);
266 fprintf(stderr, "\n");
267
268 fprintf(stderr, "Valid ciphername values:\n\n");
269 OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
270 fprintf(stderr, "\n");
271}
99 272
100int 273int
101rsa_main(int argc, char **argv) 274rsa_main(int argc, char **argv)
@@ -103,140 +276,30 @@ rsa_main(int argc, char **argv)
103 ENGINE *e = NULL; 276 ENGINE *e = NULL;
104 int ret = 1; 277 int ret = 1;
105 RSA *rsa = NULL; 278 RSA *rsa = NULL;
106 int i, badops = 0, sgckey = 0; 279 int i;
107 const EVP_CIPHER *enc = NULL;
108 BIO *out = NULL; 280 BIO *out = NULL;
109 int informat, outformat, text = 0, check = 0, noout = 0;
110 int pubin = 0, pubout = 0;
111 char *infile, *outfile, *prog;
112 char *passargin = NULL, *passargout = NULL;
113 char *passin = NULL, *passout = NULL; 281 char *passin = NULL, *passout = NULL;
114#ifndef OPENSSL_NO_ENGINE
115 char *engine = NULL;
116#endif
117 int modulus = 0;
118 282
119 int pvk_encr = 2; 283 memset(&rsa_config, 0, sizeof(rsa_config));
284 rsa_config.pvk_encr = 2;
285 rsa_config.informat = FORMAT_PEM;
286 rsa_config.outformat = FORMAT_PEM;
120 287
121 infile = NULL; 288 if (options_parse(argc, argv, rsa_options, NULL, NULL) != 0) {
122 outfile = NULL; 289 rsa_usage();
123 informat = FORMAT_PEM;
124 outformat = FORMAT_PEM;
125
126 prog = argv[0];
127 argc--;
128 argv++;
129 while (argc >= 1) {
130 if (strcmp(*argv, "-inform") == 0) {
131 if (--argc < 1)
132 goto bad;
133 informat = str2fmt(*(++argv));
134 } else if (strcmp(*argv, "-outform") == 0) {
135 if (--argc < 1)
136 goto bad;
137 outformat = str2fmt(*(++argv));
138 } else if (strcmp(*argv, "-in") == 0) {
139 if (--argc < 1)
140 goto bad;
141 infile = *(++argv);
142 } else if (strcmp(*argv, "-out") == 0) {
143 if (--argc < 1)
144 goto bad;
145 outfile = *(++argv);
146 } else if (strcmp(*argv, "-passin") == 0) {
147 if (--argc < 1)
148 goto bad;
149 passargin = *(++argv);
150 } else if (strcmp(*argv, "-passout") == 0) {
151 if (--argc < 1)
152 goto bad;
153 passargout = *(++argv);
154 }
155#ifndef OPENSSL_NO_ENGINE
156 else if (strcmp(*argv, "-engine") == 0) {
157 if (--argc < 1)
158 goto bad;
159 engine = *(++argv);
160 }
161#endif
162 else if (strcmp(*argv, "-sgckey") == 0)
163 sgckey = 1;
164 else if (strcmp(*argv, "-pubin") == 0)
165 pubin = 1;
166 else if (strcmp(*argv, "-pubout") == 0)
167 pubout = 1;
168 else if (strcmp(*argv, "-RSAPublicKey_in") == 0)
169 pubin = 2;
170 else if (strcmp(*argv, "-RSAPublicKey_out") == 0)
171 pubout = 2;
172 else if (strcmp(*argv, "-pvk-strong") == 0)
173 pvk_encr = 2;
174 else if (strcmp(*argv, "-pvk-weak") == 0)
175 pvk_encr = 1;
176 else if (strcmp(*argv, "-pvk-none") == 0)
177 pvk_encr = 0;
178 else if (strcmp(*argv, "-noout") == 0)
179 noout = 1;
180 else if (strcmp(*argv, "-text") == 0)
181 text = 1;
182 else if (strcmp(*argv, "-modulus") == 0)
183 modulus = 1;
184 else if (strcmp(*argv, "-check") == 0)
185 check = 1;
186 else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
187 BIO_printf(bio_err, "unknown option %s\n", *argv);
188 badops = 1;
189 break;
190 }
191 argc--;
192 argv++;
193 }
194
195 if (badops) {
196bad:
197 BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
198 BIO_printf(bio_err, "where options are\n");
199 BIO_printf(bio_err, " -inform arg input format - one of DER NET PEM\n");
200 BIO_printf(bio_err, " -outform arg output format - one of DER NET PEM\n");
201 BIO_printf(bio_err, " -in arg input file\n");
202 BIO_printf(bio_err, " -sgckey Use IIS SGC key format\n");
203 BIO_printf(bio_err, " -passin arg input file pass phrase source\n");
204 BIO_printf(bio_err, " -out arg output file\n");
205 BIO_printf(bio_err, " -passout arg output file pass phrase source\n");
206 BIO_printf(bio_err, " -des encrypt PEM output with cbc des\n");
207 BIO_printf(bio_err, " -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
208#ifndef OPENSSL_NO_IDEA
209 BIO_printf(bio_err, " -idea encrypt PEM output with cbc idea\n");
210#endif
211#ifndef OPENSSL_NO_AES
212 BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
213 BIO_printf(bio_err, " encrypt PEM output with cbc aes\n");
214#endif
215#ifndef OPENSSL_NO_CAMELLIA
216 BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
217 BIO_printf(bio_err, " encrypt PEM output with cbc camellia\n");
218#endif
219 BIO_printf(bio_err, " -text print the key in text\n");
220 BIO_printf(bio_err, " -noout don't print key out\n");
221 BIO_printf(bio_err, " -modulus print the RSA key modulus\n");
222 BIO_printf(bio_err, " -check verify key consistency\n");
223 BIO_printf(bio_err, " -pubin expect a public key in input file\n");
224 BIO_printf(bio_err, " -pubout output a public key\n");
225#ifndef OPENSSL_NO_ENGINE
226 BIO_printf(bio_err, " -engine e use engine e, possibly a hardware device.\n");
227#endif
228 goto end; 290 goto end;
229 } 291 }
230 292
231#ifndef OPENSSL_NO_ENGINE 293#ifndef OPENSSL_NO_ENGINE
232 e = setup_engine(bio_err, engine, 0); 294 e = setup_engine(bio_err, rsa_config.engine, 0);
233#endif 295#endif
234 296
235 if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) { 297 if (!app_passwd(bio_err, rsa_config.passargin, rsa_config.passargout,
298 &passin, &passout)) {
236 BIO_printf(bio_err, "Error getting passwords\n"); 299 BIO_printf(bio_err, "Error getting passwords\n");
237 goto end; 300 goto end;
238 } 301 }
239 if (check && pubin) { 302 if (rsa_config.check && rsa_config.pubin) {
240 BIO_printf(bio_err, "Only private keys can be checked\n"); 303 BIO_printf(bio_err, "Only private keys can be checked\n");
241 goto end; 304 goto end;
242 } 305 }
@@ -245,25 +308,26 @@ bad:
245 { 308 {
246 EVP_PKEY *pkey; 309 EVP_PKEY *pkey;
247 310
248 if (pubin) { 311 if (rsa_config.pubin) {
249 int tmpformat = -1; 312 int tmpformat = -1;
250 if (pubin == 2) { 313 if (rsa_config.pubin == 2) {
251 if (informat == FORMAT_PEM) 314 if (rsa_config.informat == FORMAT_PEM)
252 tmpformat = FORMAT_PEMRSA; 315 tmpformat = FORMAT_PEMRSA;
253 else if (informat == FORMAT_ASN1) 316 else if (rsa_config.informat == FORMAT_ASN1)
254 tmpformat = FORMAT_ASN1RSA; 317 tmpformat = FORMAT_ASN1RSA;
255 } else if (informat == FORMAT_NETSCAPE && sgckey) 318 } else if (rsa_config.informat == FORMAT_NETSCAPE &&
319 rsa_config.sgckey)
256 tmpformat = FORMAT_IISSGC; 320 tmpformat = FORMAT_IISSGC;
257 else 321 else
258 tmpformat = informat; 322 tmpformat = rsa_config.informat;
259 323
260 pkey = load_pubkey(bio_err, infile, tmpformat, 1, 324 pkey = load_pubkey(bio_err, rsa_config.infile,
261 passin, e, "Public Key"); 325 tmpformat, 1, passin, e, "Public Key");
262 } else 326 } else
263 pkey = load_key(bio_err, infile, 327 pkey = load_key(bio_err, rsa_config.infile,
264 (informat == FORMAT_NETSCAPE && sgckey ? 328 (rsa_config.informat == FORMAT_NETSCAPE &&
265 FORMAT_IISSGC : informat), 1, 329 rsa_config.sgckey ? FORMAT_IISSGC :
266 passin, e, "Private Key"); 330 rsa_config.informat), 1, passin, e, "Private Key");
267 331
268 if (pkey != NULL) 332 if (pkey != NULL)
269 rsa = EVP_PKEY_get1_RSA(pkey); 333 rsa = EVP_PKEY_get1_RSA(pkey);
@@ -274,27 +338,27 @@ bad:
274 ERR_print_errors(bio_err); 338 ERR_print_errors(bio_err);
275 goto end; 339 goto end;
276 } 340 }
277 if (outfile == NULL) { 341 if (rsa_config.outfile == NULL) {
278 BIO_set_fp(out, stdout, BIO_NOCLOSE); 342 BIO_set_fp(out, stdout, BIO_NOCLOSE);
279 } else { 343 } else {
280 if (BIO_write_filename(out, outfile) <= 0) { 344 if (BIO_write_filename(out, rsa_config.outfile) <= 0) {
281 perror(outfile); 345 perror(rsa_config.outfile);
282 goto end; 346 goto end;
283 } 347 }
284 } 348 }
285 349
286 if (text) 350 if (rsa_config.text)
287 if (!RSA_print(out, rsa, 0)) { 351 if (!RSA_print(out, rsa, 0)) {
288 perror(outfile); 352 perror(rsa_config.outfile);
289 ERR_print_errors(bio_err); 353 ERR_print_errors(bio_err);
290 goto end; 354 goto end;
291 } 355 }
292 if (modulus) { 356 if (rsa_config.modulus) {
293 BIO_printf(out, "Modulus="); 357 BIO_printf(out, "Modulus=");
294 BN_print(out, rsa->n); 358 BN_print(out, rsa->n);
295 BIO_printf(out, "\n"); 359 BIO_printf(out, "\n");
296 } 360 }
297 if (check) { 361 if (rsa_config.check) {
298 int r = RSA_check_key(rsa); 362 int r = RSA_check_key(rsa);
299 363
300 if (r == 1) 364 if (r == 1)
@@ -306,7 +370,8 @@ bad:
306 ERR_GET_LIB(err) == ERR_LIB_RSA && 370 ERR_GET_LIB(err) == ERR_LIB_RSA &&
307 ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY && 371 ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY &&
308 ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) { 372 ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) {
309 BIO_printf(out, "RSA key error: %s\n", ERR_reason_error_string(err)); 373 BIO_printf(out, "RSA key error: %s\n",
374 ERR_reason_error_string(err));
310 ERR_get_error(); /* remove e from error 375 ERR_get_error(); /* remove e from error
311 * stack */ 376 * stack */
312 } 377 }
@@ -317,14 +382,14 @@ bad:
317 goto end; 382 goto end;
318 } 383 }
319 } 384 }
320 if (noout) { 385 if (rsa_config.noout) {
321 ret = 0; 386 ret = 0;
322 goto end; 387 goto end;
323 } 388 }
324 BIO_printf(bio_err, "writing RSA key\n"); 389 BIO_printf(bio_err, "writing RSA key\n");
325 if (outformat == FORMAT_ASN1) { 390 if (rsa_config.outformat == FORMAT_ASN1) {
326 if (pubout || pubin) { 391 if (rsa_config.pubout || rsa_config.pubin) {
327 if (pubout == 2) 392 if (rsa_config.pubout == 2)
328 i = i2d_RSAPublicKey_bio(out, rsa); 393 i = i2d_RSAPublicKey_bio(out, rsa);
329 else 394 else
330 i = i2d_RSA_PUBKEY_bio(out, rsa); 395 i = i2d_RSA_PUBKEY_bio(out, rsa);
@@ -332,46 +397,49 @@ bad:
332 i = i2d_RSAPrivateKey_bio(out, rsa); 397 i = i2d_RSAPrivateKey_bio(out, rsa);
333 } 398 }
334#ifndef OPENSSL_NO_RC4 399#ifndef OPENSSL_NO_RC4
335 else if (outformat == FORMAT_NETSCAPE) { 400 else if (rsa_config.outformat == FORMAT_NETSCAPE) {
336 unsigned char *p, *pp; 401 unsigned char *p, *pp;
337 int size; 402 int size;
338 403
339 i = 1; 404 i = 1;
340 size = i2d_RSA_NET(rsa, NULL, NULL, sgckey); 405 size = i2d_RSA_NET(rsa, NULL, NULL, rsa_config.sgckey);
341 if ((p = malloc(size)) == NULL) { 406 if ((p = malloc(size)) == NULL) {
342 BIO_printf(bio_err, "Memory allocation failure\n"); 407 BIO_printf(bio_err, "Memory allocation failure\n");
343 goto end; 408 goto end;
344 } 409 }
345 pp = p; 410 pp = p;
346 i2d_RSA_NET(rsa, &p, NULL, sgckey); 411 i2d_RSA_NET(rsa, &p, NULL, rsa_config.sgckey);
347 BIO_write(out, (char *) pp, size); 412 BIO_write(out, (char *) pp, size);
348 free(pp); 413 free(pp);
349 } 414 }
350#endif 415#endif
351 else if (outformat == FORMAT_PEM) { 416 else if (rsa_config.outformat == FORMAT_PEM) {
352 if (pubout || pubin) { 417 if (rsa_config.pubout || rsa_config.pubin) {
353 if (pubout == 2) 418 if (rsa_config.pubout == 2)
354 i = PEM_write_bio_RSAPublicKey(out, rsa); 419 i = PEM_write_bio_RSAPublicKey(out, rsa);
355 else 420 else
356 i = PEM_write_bio_RSA_PUBKEY(out, rsa); 421 i = PEM_write_bio_RSA_PUBKEY(out, rsa);
357 } else 422 } else
358 i = PEM_write_bio_RSAPrivateKey(out, rsa, 423 i = PEM_write_bio_RSAPrivateKey(out, rsa,
359 enc, NULL, 0, NULL, passout); 424 rsa_config.enc, NULL, 0, NULL, passout);
360#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) 425#if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4)
361 } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { 426 } else if (rsa_config.outformat == FORMAT_MSBLOB ||
427 rsa_config.outformat == FORMAT_PVK) {
362 EVP_PKEY *pk; 428 EVP_PKEY *pk;
363 pk = EVP_PKEY_new(); 429 pk = EVP_PKEY_new();
364 EVP_PKEY_set1_RSA(pk, rsa); 430 EVP_PKEY_set1_RSA(pk, rsa);
365 if (outformat == FORMAT_PVK) 431 if (rsa_config.outformat == FORMAT_PVK)
366 i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); 432 i = i2b_PVK_bio(out, pk, rsa_config.pvk_encr, 0,
367 else if (pubin || pubout) 433 passout);
434 else if (rsa_config.pubin || rsa_config.pubout)
368 i = i2b_PublicKey_bio(out, pk); 435 i = i2b_PublicKey_bio(out, pk);
369 else 436 else
370 i = i2b_PrivateKey_bio(out, pk); 437 i = i2b_PrivateKey_bio(out, pk);
371 EVP_PKEY_free(pk); 438 EVP_PKEY_free(pk);
372#endif 439#endif
373 } else { 440 } else {
374 BIO_printf(bio_err, "bad output format specified for outfile\n"); 441 BIO_printf(bio_err,
442 "bad output format specified for outfile\n");
375 goto end; 443 goto end;
376 } 444 }
377 if (i <= 0) { 445 if (i <= 0) {
@@ -379,11 +447,10 @@ bad:
379 ERR_print_errors(bio_err); 447 ERR_print_errors(bio_err);
380 } else 448 } else
381 ret = 0; 449 ret = 0;
450
382end: 451end:
383 if (out != NULL) 452 BIO_free_all(out);
384 BIO_free_all(out); 453 RSA_free(rsa);
385 if (rsa != NULL)
386 RSA_free(rsa);
387 free(passin); 454 free(passin);
388 free(passout); 455 free(passout);
389 456
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-22 22:41:21 +0000