1 files changed, 79 insertions, 54 deletions
diff --git a/src/usr.bin/openssl/gendh.c b/src/usr.bin/openssl/gendh.c
index 64307eaadc..85aaf4d1d1 100644
--- a/src/usr.bin/openssl/gendh.c
+++ b/src/usr.bin/openssl/gendh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gendh.c,v 1.2 2014/10/22 13:51:31 jsing Exp $ */
+/* $OpenBSD: gendh.c,v 1.3 2015/07/12 22:09:00 doug Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -69,6 +69,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
+#include <limits.h>
 #include <stdio.h>
 #include <string.h>
@@ -85,6 +86,57 @@
 static int dh_cb(int p, int n, BN_GENCB * cb);
+static struct {
+#ifndef OPENSSL_NO_ENGINE
+        char *engine;
+#endif
+        int g;
+        char *outfile;
+} gendh_config;
+static struct option gendh_options[] = {
+        {
+                .name = "2",
+                .desc = "Generate DH parameters with a generator value of 2 "
+                    "(default)",
+                .type = OPTION_VALUE,
+                .value = 2,
+                .opt.value = &gendh_config.g,
+        },
+        {
+                .name = "5",
+                .desc = "Generate DH parameters with a generator value of 5",
+                .type = OPTION_VALUE,
+                .value = 5,
+                .opt.value = &gendh_config.g,
+        },
+#ifndef OPENSSL_NO_ENGINE
+        {
+                .name = "engine",
+                .argname = "id",
+                .desc = "Use the engine specified by the given identifier",
+                .type = OPTION_ARG,
+                .opt.arg = &gendh_config.engine,
+        },
+#endif
+        {
+                .name = "out",
+                .argname = "file",
+                .desc = "Output file (default stdout)",
+                .type = OPTION_ARG,
+                .opt.arg = &gendh_config.outfile,
+        },
+        { NULL },
+};
+static void
+gendh_usage(void)
+{
+        fprintf(stderr,
+            "usage: gendh [-2 | -5] [-engine id] [-out file] [numbits]\n\n");
+        options_usage(gendh_options);
+}
 int gendh_main(int, char **);
 int
@@ -92,61 +144,32 @@ gendh_main(int argc, char **argv)
 {
        BN_GENCB cb;
        DH *dh = NULL;
-        int ret = 1, num = DEFBITS;
+        int ret = 1, numbits = DEFBITS;
-        int g = 2;
-        char *outfile = NULL;
-#ifndef OPENSSL_NO_ENGINE
-        char *engine = NULL;
-#endif
        BIO *out = NULL;
+        char *strbits = NULL;
        BN_GENCB_set(&cb, dh_cb, bio_err);
-        argv++;
+        memset(&gendh_config, 0, sizeof(gendh_config));
-        argc--;
-        for (;;) {
+        gendh_config.g = 2;
-                if (argc <= 0)
-                        break;
+        if (options_parse(argc, argv, gendh_options, &strbits, NULL) != 0) {
-                if (strcmp(*argv, "-out") == 0) {
+                gendh_usage();
-                        if (--argc < 1)
-                                goto bad;
-                        outfile = *(++argv);
-                } else if (strcmp(*argv, "-2") == 0)
-                        g = 2;
-                /*
-                 * else if (strcmp(*argv,"-3") == 0) g=3;
-                 */
-                else if (strcmp(*argv, "-5") == 0)
-                        g = 5;
-#ifndef OPENSSL_NO_ENGINE
-                else if (strcmp(*argv, "-engine") == 0) {
-                        if (--argc < 1)
-                                goto bad;
-                        engine = *(++argv);
-                }
-#endif
-                else
-                        break;
-                argv++;
-                argc--;
-        }
-        if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
-bad:
-                BIO_printf(bio_err, "usage: gendh [args] [numbits]\n");
-                BIO_printf(bio_err, " -out file - output the key to 'file\n");
-                BIO_printf(bio_err, " -2        - use 2 as the generator value\n");
-                /*
-                 * BIO_printf(bio_err," -3        - use 3 as the generator
-                 * value\n");
-                 */
-                BIO_printf(bio_err, " -5        - use 5 as the generator value\n");
-#ifndef OPENSSL_NO_ENGINE
-                BIO_printf(bio_err, " -engine e - use engine e, possibly a hardware device.\n");
-#endif
                goto end;
        }
+        if (strbits != NULL) {
+                const char *errstr;
+                numbits = strtonum(strbits, 0, INT_MAX, &errstr);
+                if (errstr) {
+                        fprintf(stderr, "Invalid number of bits: %s\n", errstr);
+                        goto end;
+                }
+        }
 #ifndef OPENSSL_NO_ENGINE
-        setup_engine(bio_err, engine, 0);
+        setup_engine(bio_err, gendh_config.engine, 0);
 #endif
        out = BIO_new(BIO_s_file());
@@ -154,19 +177,21 @@ bad:
                ERR_print_errors(bio_err);
                goto end;
        }
-        if (outfile == NULL) {
+        if (gendh_config.outfile == NULL) {
                BIO_set_fp(out, stdout, BIO_NOCLOSE);
        } else {
-                if (BIO_write_filename(out, outfile) <= 0) {
+                if (BIO_write_filename(out, gendh_config.outfile) <= 0) {
-                        perror(outfile);
+                        perror(gendh_config.outfile);
                        goto end;
                }
        }
-        BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime, generator %d\n", num, g);
+        BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime,"
+            " generator %d\n", numbits, gendh_config.g);
        BIO_printf(bio_err, "This is going to take a long time\n");
-        if (((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb))
+        if (((dh = DH_new()) == NULL) ||
+            !DH_generate_parameters_ex(dh, numbits, gendh_config.g, &cb))
                goto end;
        if (!PEM_write_bio_DHparams(out, dh))

diff --git a/src/usr.bin/openssl/gendh.c b/src/usr.bin/openssl/gendh.c index 64307eaadc..85aaf4d1d1 100644 --- a/src/usr.bin/openssl/gendh.c +++ b/src/usr.bin/openssl/gendh.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: gendh.c,v 1.2 2014/10/22 13:51:31 jsing Exp $ */	1	/* $OpenBSD: gendh.c,v 1.3 2015/07/12 22:09:00 doug Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.	3	* All rights reserved.
4	*	4	*
@@ -69,6 +69,7 @@
69	#include <sys/types.h>	69	#include <sys/types.h>
70	#include <sys/stat.h>	70	#include <sys/stat.h>
71		71
		72	#include <limits.h>
72	#include <stdio.h>	73	#include <stdio.h>
73	#include <string.h>	74	#include <string.h>
74		75
@@ -85,6 +86,57 @@
85		86
86	static int dh_cb(int p, int n, BN_GENCB * cb);	87	static int dh_cb(int p, int n, BN_GENCB * cb);
87		88
		89	static struct {
		90	#ifndef OPENSSL_NO_ENGINE
		91	char *engine;
		92	#endif
		93	int g;
		94	char *outfile;
		95	} gendh_config;
		96
		97	static struct option gendh_options[] = {
		98	{
		99	.name = "2",
		100	.desc = "Generate DH parameters with a generator value of 2 "
		101	"(default)",
		102	.type = OPTION_VALUE,
		103	.value = 2,
		104	.opt.value = &gendh_config.g,
		105	},
		106	{
		107	.name = "5",
		108	.desc = "Generate DH parameters with a generator value of 5",
		109	.type = OPTION_VALUE,
		110	.value = 5,
		111	.opt.value = &gendh_config.g,
		112	},
		113	#ifndef OPENSSL_NO_ENGINE
		114	{
		115	.name = "engine",
		116	.argname = "id",
		117	.desc = "Use the engine specified by the given identifier",
		118	.type = OPTION_ARG,
		119	.opt.arg = &gendh_config.engine,
		120	},
		121	#endif
		122	{
		123	.name = "out",
		124	.argname = "file",
		125	.desc = "Output file (default stdout)",
		126	.type = OPTION_ARG,
		127	.opt.arg = &gendh_config.outfile,
		128	},
		129	{ NULL },
		130	};
		131
		132	static void
		133	gendh_usage(void)
		134	{
		135	fprintf(stderr,
		136	"usage: gendh [-2 \| -5] [-engine id] [-out file] [numbits]\n\n");
		137	options_usage(gendh_options);
		138	}
		139
88	int gendh_main(int, char **);	140	int gendh_main(int, char **);
89		141
90	int	142	int
@@ -92,61 +144,32 @@ gendh_main(int argc, char **argv)
92	{	144	{
93	BN_GENCB cb;	145	BN_GENCB cb;
94	DH *dh = NULL;	146	DH *dh = NULL;
95	int ret = 1, num = DEFBITS;	147	int ret = 1, numbits = DEFBITS;
96	int g = 2;
97	char *outfile = NULL;
98	#ifndef OPENSSL_NO_ENGINE
99	char *engine = NULL;
100	#endif
101	BIO *out = NULL;	148	BIO *out = NULL;
		149	char *strbits = NULL;
102		150
103	BN_GENCB_set(&cb, dh_cb, bio_err);	151	BN_GENCB_set(&cb, dh_cb, bio_err);
104		152
105	argv++;	153	memset(&gendh_config, 0, sizeof(gendh_config));
106	argc--;	154
107	for (;;) {	155	gendh_config.g = 2;
108	if (argc <= 0)	156
109	break;	157	if (options_parse(argc, argv, gendh_options, &strbits, NULL) != 0) {
110	if (strcmp(*argv, "-out") == 0) {	158	gendh_usage();
111	if (--argc < 1)
112	goto bad;
113	outfile = *(++argv);
114	} else if (strcmp(*argv, "-2") == 0)
115	g = 2;
116	/*
117	* else if (strcmp(*argv,"-3") == 0) g=3;
118	*/
119	else if (strcmp(*argv, "-5") == 0)
120	g = 5;
121	#ifndef OPENSSL_NO_ENGINE
122	else if (strcmp(*argv, "-engine") == 0) {
123	if (--argc < 1)
124	goto bad;
125	engine = *(++argv);
126	}
127	#endif
128	else
129	break;
130	argv++;
131	argc--;
132	}
133	if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) \|\| (num < 0))) {
134	bad:
135	BIO_printf(bio_err, "usage: gendh [args] [numbits]\n");
136	BIO_printf(bio_err, " -out file - output the key to 'file\n");
137	BIO_printf(bio_err, " -2 - use 2 as the generator value\n");
138	/*
139	* BIO_printf(bio_err," -3 - use 3 as the generator
140	* value\n");
141	*/
142	BIO_printf(bio_err, " -5 - use 5 as the generator value\n");
143	#ifndef OPENSSL_NO_ENGINE
144	BIO_printf(bio_err, " -engine e - use engine e, possibly a hardware device.\n");
145	#endif
146	goto end;	159	goto end;
147	}	160	}
		161
		162	if (strbits != NULL) {
		163	const char *errstr;
		164	numbits = strtonum(strbits, 0, INT_MAX, &errstr);
		165	if (errstr) {
		166	fprintf(stderr, "Invalid number of bits: %s\n", errstr);
		167	goto end;
		168	}
		169	}
		170
148	#ifndef OPENSSL_NO_ENGINE	171	#ifndef OPENSSL_NO_ENGINE
149	setup_engine(bio_err, engine, 0);	172	setup_engine(bio_err, gendh_config.engine, 0);
150	#endif	173	#endif
151		174
152	out = BIO_new(BIO_s_file());	175	out = BIO_new(BIO_s_file());
@@ -154,19 +177,21 @@ bad:
154	ERR_print_errors(bio_err);	177	ERR_print_errors(bio_err);
155	goto end;	178	goto end;
156	}	179	}
157	if (outfile == NULL) {	180	if (gendh_config.outfile == NULL) {
158	BIO_set_fp(out, stdout, BIO_NOCLOSE);	181	BIO_set_fp(out, stdout, BIO_NOCLOSE);
159	} else {	182	} else {
160	if (BIO_write_filename(out, outfile) <= 0) {	183	if (BIO_write_filename(out, gendh_config.outfile) <= 0) {
161	perror(outfile);	184	perror(gendh_config.outfile);
162	goto end;	185	goto end;
163	}	186	}
164	}	187	}
165		188
166	BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime, generator %d\n", num, g);	189	BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime,"
		190	" generator %d\n", numbits, gendh_config.g);
167	BIO_printf(bio_err, "This is going to take a long time\n");	191	BIO_printf(bio_err, "This is going to take a long time\n");
168		192
169	if (((dh = DH_new()) == NULL) \|\| !DH_generate_parameters_ex(dh, num, g, &cb))	193	if (((dh = DH_new()) == NULL) \|\|
		194	!DH_generate_parameters_ex(dh, numbits, gendh_config.g, &cb))
170	goto end;	195	goto end;
171		196
172	if (!PEM_write_bio_DHparams(out, dh))	197	if (!PEM_write_bio_DHparams(out, dh))