1 files changed, 208 insertions, 154 deletions
diff --git a/src/usr.bin/openssl/dsa.c b/src/usr.bin/openssl/dsa.c
index a84b25503b..6edd694530 100644
--- a/src/usr.bin/openssl/dsa.c
+++ b/src/usr.bin/openssl/dsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: dsa.c,v 1.2 2014/08/28 14:23:52 jsing Exp $ */
+/* $OpenBSD: dsa.c,v 1.3 2015/07/12 22:21:38 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -58,7 +58,7 @@
 #include <openssl/opensslconf.h>        /* for OPENSSL_NO_DSA */
+#include <ctype.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <time.h>
@@ -74,23 +74,174 @@
 #include <openssl/pem.h>
 #include <openssl/x509.h>
-/* -inform arg  - input format - default PEM (one of DER, NET or PEM)
+static struct {
- * -outform arg - output format - default PEM
+        const EVP_CIPHER *enc;
- * -in arg      - input file - default stdin
+#ifndef OPENSSL_NO_ENGINE
- * -out arg     - output file - default stdout
+        char *engine;
- * -des         - encrypt output if PEM format with DES in cbc mode
+#endif
- * -des3        - encrypt output if PEM format
+        char *infile;
- * -idea        - encrypt output if PEM format
+        int informat;
- * -aes128      - encrypt output if PEM format
+        int modulus;
- * -aes192      - encrypt output if PEM format
+        int noout;
- * -aes256      - encrypt output if PEM format
+        char *outfile;
- * -camellia128 - encrypt output if PEM format
+        int outformat;
- * -camellia192 - encrypt output if PEM format
+        char *passargin;
- * -camellia256 - encrypt output if PEM format
+        char *passargout;
- * -seed        - encrypt output if PEM format
+        int pubin;
- * -text        - print a text version
+        int pubout;
- * -modulus     - print the DSA public key
+        int pvk_encr;
- */
+        int text;
+} dsa_config;
+static int
+dsa_opt_enc(int argc, char **argv, int *argsused)
+{
+        char *name = argv[0];
+        if (*name++ != '-')
+                return (1);
+        if ((dsa_config.enc = EVP_get_cipherbyname(name)) != NULL) {
+                *argsused = 1;
+                return (0);
+        }
+        return (1);
+}
+static struct option dsa_options[] = {
+#ifndef OPENSSL_NO_ENGINE
+        {
+                .name = "engine",
+                .argname = "id",
+                .desc = "Use the engine specified by the given identifier",
+                .type = OPTION_ARG,
+                .opt.arg = &dsa_config.engine,
+        },
+#endif
+        {
+                .name = "in",
+                .argname = "file",
+                .desc = "Input file (default stdin)",
+                .type = OPTION_ARG,
+                .opt.arg = &dsa_config.infile,
+        },
+        {
+                .name = "inform",
+                .argname = "format",
+                .desc = "Input format (PEM (default) or any other supported"
+                    " format)",
+                .type = OPTION_ARG_FORMAT,
+                .opt.value = &dsa_config.informat,
+        },
+        {
+                .name = "noout",
+                .desc = "No output",
+                .type = OPTION_FLAG,
+                .opt.flag = &dsa_config.noout,
+        },
+        {
+                .name = "out",
+                .argname = "file",
+                .desc = "Output file (default stdout)",
+                .type = OPTION_ARG,
+                .opt.arg = &dsa_config.outfile,
+        },
+        {
+                .name = "outform",
+                .argname = "format",
+                .desc = "Output format (DER, MSBLOB, PEM (default) or PVK)",
+                .type = OPTION_ARG_FORMAT,
+                .opt.value = &dsa_config.outformat,
+        },
+        {
+                .name = "passin",
+                .argname = "source",
+                .desc = "Input file passphrase source",
+                .type = OPTION_ARG,
+                .opt.arg = &dsa_config.passargin,
+        },
+        {
+                .name = "passout",
+                .argname = "source",
+                .desc = "Output file passphrase source",
+                .type = OPTION_ARG,
+                .opt.arg = &dsa_config.passargout,
+        },
+        {
+                .name = "pubin",
+                .desc = "Read a public key from the input file instead of"
+                    " private key",
+                .type = OPTION_FLAG,
+                .opt.flag = &dsa_config.pubin,
+        },
+        {
+                .name = "pubout",
+                .desc = "Output a public key instead of private key",
+                .type = OPTION_FLAG,
+                .opt.flag = &dsa_config.pubout,
+        },
+        {
+                .name = "pvk-none",
+                .desc = "PVK encryption level",
+                .type = OPTION_VALUE,
+                .value = 0,
+                .opt.value = &dsa_config.pvk_encr,
+        },
+        {
+                .name = "pvk-strong",
+                .desc = "PVK encryption level (default)",
+                .type = OPTION_VALUE,
+                .value = 2,
+                .opt.value = &dsa_config.pvk_encr,
+        },
+        {
+                .name = "pvk-weak",
+                .desc = "PVK encryption level",
+                .type = OPTION_VALUE,
+                .value = 1,
+                .opt.value = &dsa_config.pvk_encr,
+        },
+        {
+                .name = "text",
+                .desc = "Print the key in text form",
+                .type = OPTION_FLAG,
+                .opt.flag = &dsa_config.text,
+        },
+        {
+                .name = NULL,
+                .type = OPTION_ARGV_FUNC,
+                .opt.argvfunc = dsa_opt_enc,
+        },
+        { NULL },
+};
+static void
+show_ciphers(const OBJ_NAME *name, void *arg)
+{
+        static int n;
+        if (!islower((unsigned char)*name->name))
+                return;
+        fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
+}
+static void
+dsa_usage(void)
+{
+        fprintf(stderr,
+            "usage: dsa [-engine id] [-in file] [-inform format] [-noout]\n"
+            "    [-out file] [-outform format] [-passin src] [-passout src]\n"
+            "    [-pubin] [-pubout] [-pvk-none | -pvk-strong | -pvk-weak]\n"
+            "    [-text] [-ciphername]\n\n");
+        options_usage(dsa_options);
+        fprintf(stderr, "\n");
+        fprintf(stderr, "Valid ciphername values:\n\n");
+        OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
+        fprintf(stderr, "\n");
+}
 int dsa_main(int, char **);
@@ -100,141 +251,42 @@ dsa_main(int argc, char **argv)
        ENGINE *e = NULL;
        int ret = 1;
        DSA *dsa = NULL;
-        int i, badops = 0;
+        int i;
-        const EVP_CIPHER *enc = NULL;
        BIO *in = NULL, *out = NULL;
-        int informat, outformat, text = 0, noout = 0;
-        int pubin = 0, pubout = 0;
-        char *infile, *outfile, *prog;
-#ifndef OPENSSL_NO_ENGINE
-        char *engine;
-#endif
-        char *passargin = NULL, *passargout = NULL;
        char *passin = NULL, *passout = NULL;
-        int modulus = 0;
-        int pvk_encr = 2;
-#ifndef OPENSSL_NO_ENGINE
+        memset(&dsa_config, 0, sizeof(dsa_config));
-        engine = NULL;
-#endif
-        infile = NULL;
-        outfile = NULL;
-        informat = FORMAT_PEM;
-        outformat = FORMAT_PEM;
-        prog = argv[0];
+        dsa_config.pvk_encr = 2;
-        argc--;
+        dsa_config.informat = FORMAT_PEM;
-        argv++;
+        dsa_config.outformat = FORMAT_PEM;
-        while (argc >= 1) {
-                if (strcmp(*argv, "-inform") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        informat = str2fmt(*(++argv));
-                } else if (strcmp(*argv, "-outform") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        outformat = str2fmt(*(++argv));
-                } else if (strcmp(*argv, "-in") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        infile = *(++argv);
-                } else if (strcmp(*argv, "-out") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        outfile = *(++argv);
-                } else if (strcmp(*argv, "-passin") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        passargin = *(++argv);
-                } else if (strcmp(*argv, "-passout") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        passargout = *(++argv);
-                }
-#ifndef OPENSSL_NO_ENGINE
-                else if (strcmp(*argv, "-engine") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        engine = *(++argv);
-                }
-#endif
-                else if (strcmp(*argv, "-pvk-strong") == 0)
-                        pvk_encr = 2;
-                else if (strcmp(*argv, "-pvk-weak") == 0)
-                        pvk_encr = 1;
-                else if (strcmp(*argv, "-pvk-none") == 0)
-                        pvk_encr = 0;
-                else if (strcmp(*argv, "-noout") == 0)
-                        noout = 1;
-                else if (strcmp(*argv, "-text") == 0)
-                        text = 1;
-                else if (strcmp(*argv, "-modulus") == 0)
-                        modulus = 1;
-                else if (strcmp(*argv, "-pubin") == 0)
-                        pubin = 1;
-                else if (strcmp(*argv, "-pubout") == 0)
-                        pubout = 1;
-                else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
-                        BIO_printf(bio_err, "unknown option %s\n", *argv);
-                        badops = 1;
-                        break;
-                }
-                argc--;
-                argv++;
-        }
-        if (badops) {
+        if (options_parse(argc, argv, dsa_options, NULL, NULL) != 0) {
-bad:
+                dsa_usage();
-                BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
-                BIO_printf(bio_err, "where options are\n");
-                BIO_printf(bio_err, " -inform arg     input format - DER or PEM\n");
-                BIO_printf(bio_err, " -outform arg    output format - DER or PEM\n");
-                BIO_printf(bio_err, " -in arg         input file\n");
-                BIO_printf(bio_err, " -passin arg     input file pass phrase source\n");
-                BIO_printf(bio_err, " -out arg        output file\n");
-                BIO_printf(bio_err, " -passout arg    output file pass phrase source\n");
-#ifndef OPENSSL_NO_ENGINE
-                BIO_printf(bio_err, " -engine e       use engine e, possibly a hardware device.\n");
-#endif
-                BIO_printf(bio_err, " -des            encrypt PEM output with cbc des\n");
-                BIO_printf(bio_err, " -des3           encrypt PEM output with ede cbc des using 168 bit key\n");
-#ifndef OPENSSL_NO_IDEA
-                BIO_printf(bio_err, " -idea           encrypt PEM output with cbc idea\n");
-#endif
-#ifndef OPENSSL_NO_AES
-                BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
-                BIO_printf(bio_err, "                 encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
-                BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
-                BIO_printf(bio_err, "                 encrypt PEM output with cbc camellia\n");
-#endif
-                BIO_printf(bio_err, " -text           print the key in text\n");
-                BIO_printf(bio_err, " -noout          don't print key out\n");
-                BIO_printf(bio_err, " -modulus        print the DSA public value\n");
                goto end;
        }
 #ifndef OPENSSL_NO_ENGINE
-        e = setup_engine(bio_err, engine, 0);
+        e = setup_engine(bio_err, dsa_config.engine, 0);
 #endif
-        if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
+        if (!app_passwd(bio_err, dsa_config.passargin, dsa_config.passargout,
+            &passin, &passout)) {
                BIO_printf(bio_err, "Error getting passwords\n");
                goto end;
        }
        in = BIO_new(BIO_s_file());
        out = BIO_new(BIO_s_file());
-        if ((in == NULL) || (out == NULL)) {
+        if (in == NULL || out == NULL) {
                ERR_print_errors(bio_err);
                goto end;
        }
-        if (infile == NULL)
+        if (dsa_config.infile == NULL)
                BIO_set_fp(in, stdin, BIO_NOCLOSE);
        else {
-                if (BIO_read_filename(in, infile) <= 0) {
+                if (BIO_read_filename(in, dsa_config.infile) <= 0) {
-                        perror(infile);
+                        perror(dsa_config.infile);
                        goto end;
                }
        }
@@ -244,12 +296,12 @@ bad:
        {
                EVP_PKEY *pkey;
-                if (pubin)
+                if (dsa_config.pubin)
-                        pkey = load_pubkey(bio_err, infile, informat, 1,
+                        pkey = load_pubkey(bio_err, dsa_config.infile,
-                            passin, e, "Public Key");
+                            dsa_config.informat, 1, passin, e, "Public Key");
                else
-                        pkey = load_key(bio_err, infile, informat, 1,
+                        pkey = load_key(bio_err, dsa_config.infile,
-                            passin, e, "Private Key");
+                            dsa_config.informat, 1, passin, e, "Private Key");
                if (pkey) {
                        dsa = EVP_PKEY_get1_DSA(pkey);
@@ -261,49 +313,51 @@ bad:
                ERR_print_errors(bio_err);
                goto end;
        }
-        if (outfile == NULL) {
+        if (dsa_config.outfile == NULL) {
                BIO_set_fp(out, stdout, BIO_NOCLOSE);
        } else {
-                if (BIO_write_filename(out, outfile) <= 0) {
+                if (BIO_write_filename(out, dsa_config.outfile) <= 0) {
-                        perror(outfile);
+                        perror(dsa_config.outfile);
                        goto end;
                }
        }
-        if (text) {
+        if (dsa_config.text) {
                if (!DSA_print(out, dsa, 0)) {
-                        perror(outfile);
+                        perror(dsa_config.outfile);
                        ERR_print_errors(bio_err);
                        goto end;
                }
        }
-        if (modulus) {
+        if (dsa_config.modulus) {
                fprintf(stdout, "Public Key=");
                BN_print(out, dsa->pub_key);
                fprintf(stdout, "\n");
        }
-        if (noout)
+        if (dsa_config.noout)
                goto end;
        BIO_printf(bio_err, "writing DSA key\n");
-        if (outformat == FORMAT_ASN1) {
+        if (dsa_config.outformat == FORMAT_ASN1) {
-                if (pubin || pubout)
+                if (dsa_config.pubin || dsa_config.pubout)
                        i = i2d_DSA_PUBKEY_bio(out, dsa);
                else
                        i = i2d_DSAPrivateKey_bio(out, dsa);
-        } else if (outformat == FORMAT_PEM) {
+        } else if (dsa_config.outformat == FORMAT_PEM) {
-                if (pubin || pubout)
+                if (dsa_config.pubin || dsa_config.pubout)
                        i = PEM_write_bio_DSA_PUBKEY(out, dsa);
                else
-                        i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,
+                        i = PEM_write_bio_DSAPrivateKey(out, dsa, dsa_config.enc,
                            NULL, 0, NULL, passout);
 #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
-        } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) {
+        } else if (dsa_config.outformat == FORMAT_MSBLOB ||
+            dsa_config.outformat == FORMAT_PVK) {
                EVP_PKEY *pk;
                pk = EVP_PKEY_new();
                EVP_PKEY_set1_DSA(pk, dsa);
-                if (outformat == FORMAT_PVK)
+                if (dsa_config.outformat == FORMAT_PVK)
-                        i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);
+                        i = i2b_PVK_bio(out, pk, dsa_config.pvk_encr, 0,
-                else if (pubin || pubout)
+                            passout);
+                else if (dsa_config.pubin || dsa_config.pubout)
                        i = i2b_PublicKey_bio(out, pk);
                else
                        i = i2b_PrivateKey_bio(out, pk);

diff --git a/src/usr.bin/openssl/dsa.c b/src/usr.bin/openssl/dsa.c index a84b25503b..6edd694530 100644 --- a/src/usr.bin/openssl/dsa.c +++ b/src/usr.bin/openssl/dsa.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: dsa.c,v 1.2 2014/08/28 14:23:52 jsing Exp $ */	1	/* $OpenBSD: dsa.c,v 1.3 2015/07/12 22:21:38 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -58,7 +58,7 @@
58		58
59	#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */	59	#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
60		60
61		61	#include <ctype.h>
62	#include <stdio.h>	62	#include <stdio.h>
63	#include <stdlib.h>	63	#include <stdlib.h>
64	#include <time.h>	64	#include <time.h>
@@ -74,23 +74,174 @@
74	#include <openssl/pem.h>	74	#include <openssl/pem.h>
75	#include <openssl/x509.h>	75	#include <openssl/x509.h>
76		76
77	/* -inform arg - input format - default PEM (one of DER, NET or PEM)	77	static struct {
78	* -outform arg - output format - default PEM	78	const EVP_CIPHER *enc;
79	* -in arg - input file - default stdin	79	#ifndef OPENSSL_NO_ENGINE
80	* -out arg - output file - default stdout	80	char *engine;
81	* -des - encrypt output if PEM format with DES in cbc mode	81	#endif
82	* -des3 - encrypt output if PEM format	82	char *infile;
83	* -idea - encrypt output if PEM format	83	int informat;
84	* -aes128 - encrypt output if PEM format	84	int modulus;
85	* -aes192 - encrypt output if PEM format	85	int noout;
86	* -aes256 - encrypt output if PEM format	86	char *outfile;
87	* -camellia128 - encrypt output if PEM format	87	int outformat;
88	* -camellia192 - encrypt output if PEM format	88	char *passargin;
89	* -camellia256 - encrypt output if PEM format	89	char *passargout;
90	* -seed - encrypt output if PEM format	90	int pubin;
91	* -text - print a text version	91	int pubout;
92	* -modulus - print the DSA public key	92	int pvk_encr;
93	*/	93	int text;
		94	} dsa_config;
		95
		96	static int
		97	dsa_opt_enc(int argc, char *argv, int argsused)
		98	{
		99	char *name = argv[0];
		100
		101	if (*name++ != '-')
		102	return (1);
		103
		104	if ((dsa_config.enc = EVP_get_cipherbyname(name)) != NULL) {
		105	*argsused = 1;
		106	return (0);
		107	}
		108
		109	return (1);
		110	}
		111
		112	static struct option dsa_options[] = {
		113	#ifndef OPENSSL_NO_ENGINE
		114	{
		115	.name = "engine",
		116	.argname = "id",
		117	.desc = "Use the engine specified by the given identifier",
		118	.type = OPTION_ARG,
		119	.opt.arg = &dsa_config.engine,
		120	},
		121	#endif
		122	{
		123	.name = "in",
		124	.argname = "file",
		125	.desc = "Input file (default stdin)",
		126	.type = OPTION_ARG,
		127	.opt.arg = &dsa_config.infile,
		128	},
		129	{
		130	.name = "inform",
		131	.argname = "format",
		132	.desc = "Input format (PEM (default) or any other supported"
		133	" format)",
		134	.type = OPTION_ARG_FORMAT,
		135	.opt.value = &dsa_config.informat,
		136	},
		137	{
		138	.name = "noout",
		139	.desc = "No output",
		140	.type = OPTION_FLAG,
		141	.opt.flag = &dsa_config.noout,
		142	},
		143	{
		144	.name = "out",
		145	.argname = "file",
		146	.desc = "Output file (default stdout)",
		147	.type = OPTION_ARG,
		148	.opt.arg = &dsa_config.outfile,
		149	},
		150	{
		151	.name = "outform",
		152	.argname = "format",
		153	.desc = "Output format (DER, MSBLOB, PEM (default) or PVK)",
		154	.type = OPTION_ARG_FORMAT,
		155	.opt.value = &dsa_config.outformat,
		156	},
		157	{
		158	.name = "passin",
		159	.argname = "source",
		160	.desc = "Input file passphrase source",
		161	.type = OPTION_ARG,
		162	.opt.arg = &dsa_config.passargin,
		163	},
		164	{
		165	.name = "passout",
		166	.argname = "source",
		167	.desc = "Output file passphrase source",
		168	.type = OPTION_ARG,
		169	.opt.arg = &dsa_config.passargout,
		170	},
		171	{
		172	.name = "pubin",
		173	.desc = "Read a public key from the input file instead of"
		174	" private key",
		175	.type = OPTION_FLAG,
		176	.opt.flag = &dsa_config.pubin,
		177	},
		178	{
		179	.name = "pubout",
		180	.desc = "Output a public key instead of private key",
		181	.type = OPTION_FLAG,
		182	.opt.flag = &dsa_config.pubout,
		183	},
		184	{
		185	.name = "pvk-none",
		186	.desc = "PVK encryption level",
		187	.type = OPTION_VALUE,
		188	.value = 0,
		189	.opt.value = &dsa_config.pvk_encr,
		190	},
		191	{
		192	.name = "pvk-strong",
		193	.desc = "PVK encryption level (default)",
		194	.type = OPTION_VALUE,
		195	.value = 2,
		196	.opt.value = &dsa_config.pvk_encr,
		197	},
		198	{
		199	.name = "pvk-weak",
		200	.desc = "PVK encryption level",
		201	.type = OPTION_VALUE,
		202	.value = 1,
		203	.opt.value = &dsa_config.pvk_encr,
		204	},
		205	{
		206	.name = "text",
		207	.desc = "Print the key in text form",
		208	.type = OPTION_FLAG,
		209	.opt.flag = &dsa_config.text,
		210	},
		211	{
		212	.name = NULL,
		213	.type = OPTION_ARGV_FUNC,
		214	.opt.argvfunc = dsa_opt_enc,
		215	},
		216	{ NULL },
		217	};
		218
		219	static void
		220	show_ciphers(const OBJ_NAME name, void arg)
		221	{
		222	static int n;
		223
		224	if (!islower((unsigned char)*name->name))
		225	return;
		226
		227	fprintf(stderr, " -%-24s%s", name->name, (++n % 3 ? "" : "\n"));
		228	}
		229
		230	static void
		231	dsa_usage(void)
		232	{
		233	fprintf(stderr,
		234	"usage: dsa [-engine id] [-in file] [-inform format] [-noout]\n"
		235	" [-out file] [-outform format] [-passin src] [-passout src]\n"
		236	" [-pubin] [-pubout] [-pvk-none \| -pvk-strong \| -pvk-weak]\n"
		237	" [-text] [-ciphername]\n\n");
		238	options_usage(dsa_options);
		239	fprintf(stderr, "\n");
		240
		241	fprintf(stderr, "Valid ciphername values:\n\n");
		242	OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, show_ciphers, NULL);
		243	fprintf(stderr, "\n");
		244	}
94		245
95	int dsa_main(int, char **);	246	int dsa_main(int, char **);
96		247
@@ -100,141 +251,42 @@ dsa_main(int argc, char **argv)
100	ENGINE *e = NULL;	251	ENGINE *e = NULL;
101	int ret = 1;	252	int ret = 1;
102	DSA *dsa = NULL;	253	DSA *dsa = NULL;
103	int i, badops = 0;	254	int i;
104	const EVP_CIPHER *enc = NULL;
105	BIO in = NULL, out = NULL;	255	BIO in = NULL, out = NULL;
106	int informat, outformat, text = 0, noout = 0;
107	int pubin = 0, pubout = 0;
108	char infile, outfile, *prog;
109	#ifndef OPENSSL_NO_ENGINE
110	char *engine;
111	#endif
112	char passargin = NULL, passargout = NULL;
113	char passin = NULL, passout = NULL;	256	char passin = NULL, passout = NULL;
114	int modulus = 0;
115
116	int pvk_encr = 2;
117		257
118	#ifndef OPENSSL_NO_ENGINE	258	memset(&dsa_config, 0, sizeof(dsa_config));
119	engine = NULL;
120	#endif
121	infile = NULL;
122	outfile = NULL;
123	informat = FORMAT_PEM;
124	outformat = FORMAT_PEM;
125		259
126	prog = argv[0];	260	dsa_config.pvk_encr = 2;
127	argc--;	261	dsa_config.informat = FORMAT_PEM;
128	argv++;	262	dsa_config.outformat = FORMAT_PEM;
129	while (argc >= 1) {
130	if (strcmp(*argv, "-inform") == 0) {
131	if (--argc < 1)
132	goto bad;
133	informat = str2fmt(*(++argv));
134	} else if (strcmp(*argv, "-outform") == 0) {
135	if (--argc < 1)
136	goto bad;
137	outformat = str2fmt(*(++argv));
138	} else if (strcmp(*argv, "-in") == 0) {
139	if (--argc < 1)
140	goto bad;
141	infile = *(++argv);
142	} else if (strcmp(*argv, "-out") == 0) {
143	if (--argc < 1)
144	goto bad;
145	outfile = *(++argv);
146	} else if (strcmp(*argv, "-passin") == 0) {
147	if (--argc < 1)
148	goto bad;
149	passargin = *(++argv);
150	} else if (strcmp(*argv, "-passout") == 0) {
151	if (--argc < 1)
152	goto bad;
153	passargout = *(++argv);
154	}
155	#ifndef OPENSSL_NO_ENGINE
156	else if (strcmp(*argv, "-engine") == 0) {
157	if (--argc < 1)
158	goto bad;
159	engine = *(++argv);
160	}
161	#endif
162	else if (strcmp(*argv, "-pvk-strong") == 0)
163	pvk_encr = 2;
164	else if (strcmp(*argv, "-pvk-weak") == 0)
165	pvk_encr = 1;
166	else if (strcmp(*argv, "-pvk-none") == 0)
167	pvk_encr = 0;
168	else if (strcmp(*argv, "-noout") == 0)
169	noout = 1;
170	else if (strcmp(*argv, "-text") == 0)
171	text = 1;
172	else if (strcmp(*argv, "-modulus") == 0)
173	modulus = 1;
174	else if (strcmp(*argv, "-pubin") == 0)
175	pubin = 1;
176	else if (strcmp(*argv, "-pubout") == 0)
177	pubout = 1;
178	else if ((enc = EVP_get_cipherbyname(&(argv[0][1]))) == NULL) {
179	BIO_printf(bio_err, "unknown option %s\n", *argv);
180	badops = 1;
181	break;
182	}
183	argc--;
184	argv++;
185	}
186		263
187	if (badops) {	264	if (options_parse(argc, argv, dsa_options, NULL, NULL) != 0) {
188	bad:	265	dsa_usage();
189	BIO_printf(bio_err, "%s [options] <infile >outfile\n", prog);
190	BIO_printf(bio_err, "where options are\n");
191	BIO_printf(bio_err, " -inform arg input format - DER or PEM\n");
192	BIO_printf(bio_err, " -outform arg output format - DER or PEM\n");
193	BIO_printf(bio_err, " -in arg input file\n");
194	BIO_printf(bio_err, " -passin arg input file pass phrase source\n");
195	BIO_printf(bio_err, " -out arg output file\n");
196	BIO_printf(bio_err, " -passout arg output file pass phrase source\n");
197	#ifndef OPENSSL_NO_ENGINE
198	BIO_printf(bio_err, " -engine e use engine e, possibly a hardware device.\n");
199	#endif
200	BIO_printf(bio_err, " -des encrypt PEM output with cbc des\n");
201	BIO_printf(bio_err, " -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
202	#ifndef OPENSSL_NO_IDEA
203	BIO_printf(bio_err, " -idea encrypt PEM output with cbc idea\n");
204	#endif
205	#ifndef OPENSSL_NO_AES
206	BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
207	BIO_printf(bio_err, " encrypt PEM output with cbc aes\n");
208	#endif
209	#ifndef OPENSSL_NO_CAMELLIA
210	BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
211	BIO_printf(bio_err, " encrypt PEM output with cbc camellia\n");
212	#endif
213	BIO_printf(bio_err, " -text print the key in text\n");
214	BIO_printf(bio_err, " -noout don't print key out\n");
215	BIO_printf(bio_err, " -modulus print the DSA public value\n");
216	goto end;	266	goto end;
217	}	267	}
218		268
219	#ifndef OPENSSL_NO_ENGINE	269	#ifndef OPENSSL_NO_ENGINE
220	e = setup_engine(bio_err, engine, 0);	270	e = setup_engine(bio_err, dsa_config.engine, 0);
221	#endif	271	#endif
222		272
223	if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {	273	if (!app_passwd(bio_err, dsa_config.passargin, dsa_config.passargout,
		274	&passin, &passout)) {
224	BIO_printf(bio_err, "Error getting passwords\n");	275	BIO_printf(bio_err, "Error getting passwords\n");
225	goto end;	276	goto end;
226	}	277	}
		278
227	in = BIO_new(BIO_s_file());	279	in = BIO_new(BIO_s_file());
228	out = BIO_new(BIO_s_file());	280	out = BIO_new(BIO_s_file());
229	if ((in == NULL) \|\| (out == NULL)) {	281	if (in == NULL \|\| out == NULL) {
230	ERR_print_errors(bio_err);	282	ERR_print_errors(bio_err);
231	goto end;	283	goto end;
232	}	284	}
233	if (infile == NULL)	285	if (dsa_config.infile == NULL)
234	BIO_set_fp(in, stdin, BIO_NOCLOSE);	286	BIO_set_fp(in, stdin, BIO_NOCLOSE);
235	else {	287	else {
236	if (BIO_read_filename(in, infile) <= 0) {	288	if (BIO_read_filename(in, dsa_config.infile) <= 0) {
237	perror(infile);	289	perror(dsa_config.infile);
238	goto end;	290	goto end;
239	}	291	}
240	}	292	}
@@ -244,12 +296,12 @@ bad:
244	{	296	{
245	EVP_PKEY *pkey;	297	EVP_PKEY *pkey;
246		298
247	if (pubin)	299	if (dsa_config.pubin)
248	pkey = load_pubkey(bio_err, infile, informat, 1,	300	pkey = load_pubkey(bio_err, dsa_config.infile,
249	passin, e, "Public Key");	301	dsa_config.informat, 1, passin, e, "Public Key");
250	else	302	else
251	pkey = load_key(bio_err, infile, informat, 1,	303	pkey = load_key(bio_err, dsa_config.infile,
252	passin, e, "Private Key");	304	dsa_config.informat, 1, passin, e, "Private Key");
253		305
254	if (pkey) {	306	if (pkey) {
255	dsa = EVP_PKEY_get1_DSA(pkey);	307	dsa = EVP_PKEY_get1_DSA(pkey);
@@ -261,49 +313,51 @@ bad:
261	ERR_print_errors(bio_err);	313	ERR_print_errors(bio_err);
262	goto end;	314	goto end;
263	}	315	}
264	if (outfile == NULL) {	316	if (dsa_config.outfile == NULL) {
265	BIO_set_fp(out, stdout, BIO_NOCLOSE);	317	BIO_set_fp(out, stdout, BIO_NOCLOSE);
266	} else {	318	} else {
267	if (BIO_write_filename(out, outfile) <= 0) {	319	if (BIO_write_filename(out, dsa_config.outfile) <= 0) {
268	perror(outfile);	320	perror(dsa_config.outfile);
269	goto end;	321	goto end;
270	}	322	}
271	}	323	}
272		324
273	if (text) {	325	if (dsa_config.text) {
274	if (!DSA_print(out, dsa, 0)) {	326	if (!DSA_print(out, dsa, 0)) {
275	perror(outfile);	327	perror(dsa_config.outfile);
276	ERR_print_errors(bio_err);	328	ERR_print_errors(bio_err);
277	goto end;	329	goto end;
278	}	330	}
279	}	331	}
280	if (modulus) {	332	if (dsa_config.modulus) {
281	fprintf(stdout, "Public Key=");	333	fprintf(stdout, "Public Key=");
282	BN_print(out, dsa->pub_key);	334	BN_print(out, dsa->pub_key);
283	fprintf(stdout, "\n");	335	fprintf(stdout, "\n");
284	}	336	}
285	if (noout)	337	if (dsa_config.noout)
286	goto end;	338	goto end;
287	BIO_printf(bio_err, "writing DSA key\n");	339	BIO_printf(bio_err, "writing DSA key\n");
288	if (outformat == FORMAT_ASN1) {	340	if (dsa_config.outformat == FORMAT_ASN1) {
289	if (pubin \|\| pubout)	341	if (dsa_config.pubin \|\| dsa_config.pubout)
290	i = i2d_DSA_PUBKEY_bio(out, dsa);	342	i = i2d_DSA_PUBKEY_bio(out, dsa);
291	else	343	else
292	i = i2d_DSAPrivateKey_bio(out, dsa);	344	i = i2d_DSAPrivateKey_bio(out, dsa);
293	} else if (outformat == FORMAT_PEM) {	345	} else if (dsa_config.outformat == FORMAT_PEM) {
294	if (pubin \|\| pubout)	346	if (dsa_config.pubin \|\| dsa_config.pubout)
295	i = PEM_write_bio_DSA_PUBKEY(out, dsa);	347	i = PEM_write_bio_DSA_PUBKEY(out, dsa);
296	else	348	else
297	i = PEM_write_bio_DSAPrivateKey(out, dsa, enc,	349	i = PEM_write_bio_DSAPrivateKey(out, dsa, dsa_config.enc,
298	NULL, 0, NULL, passout);	350	NULL, 0, NULL, passout);
299	#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)	351	#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_RC4)
300	} else if (outformat == FORMAT_MSBLOB \|\| outformat == FORMAT_PVK) {	352	} else if (dsa_config.outformat == FORMAT_MSBLOB \|\|
		353	dsa_config.outformat == FORMAT_PVK) {
301	EVP_PKEY *pk;	354	EVP_PKEY *pk;
302	pk = EVP_PKEY_new();	355	pk = EVP_PKEY_new();
303	EVP_PKEY_set1_DSA(pk, dsa);	356	EVP_PKEY_set1_DSA(pk, dsa);
304	if (outformat == FORMAT_PVK)	357	if (dsa_config.outformat == FORMAT_PVK)
305	i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout);	358	i = i2b_PVK_bio(out, pk, dsa_config.pvk_encr, 0,
306	else if (pubin \|\| pubout)	359	passout);
		360	else if (dsa_config.pubin \|\| dsa_config.pubout)
307	i = i2b_PublicKey_bio(out, pk);	361	i = i2b_PublicKey_bio(out, pk);
308	else	362	else
309	i = i2b_PrivateKey_bio(out, pk);	363	i = i2b_PrivateKey_bio(out, pk);