diff options
-rw-r--r-- | usr.bin/openssl/gendh.c | 133 |
1 files changed, 79 insertions, 54 deletions
diff --git a/usr.bin/openssl/gendh.c b/usr.bin/openssl/gendh.c index 64307eaadc0..85aaf4d1d17 100644 --- a/usr.bin/openssl/gendh.c +++ b/usr.bin/openssl/gendh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: gendh.c,v 1.2 2014/10/22 13:51:31 jsing Exp $ */ +/* $OpenBSD: gendh.c,v 1.3 2015/07/12 22:09:00 doug Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -69,6 +69,7 @@ #include <sys/types.h> #include <sys/stat.h> +#include <limits.h> #include <stdio.h> #include <string.h> @@ -85,6 +86,57 @@ static int dh_cb(int p, int n, BN_GENCB * cb); +static struct { +#ifndef OPENSSL_NO_ENGINE + char *engine; +#endif + int g; + char *outfile; +} gendh_config; + +static struct option gendh_options[] = { + { + .name = "2", + .desc = "Generate DH parameters with a generator value of 2 " + "(default)", + .type = OPTION_VALUE, + .value = 2, + .opt.value = &gendh_config.g, + }, + { + .name = "5", + .desc = "Generate DH parameters with a generator value of 5", + .type = OPTION_VALUE, + .value = 5, + .opt.value = &gendh_config.g, + }, +#ifndef OPENSSL_NO_ENGINE + { + .name = "engine", + .argname = "id", + .desc = "Use the engine specified by the given identifier", + .type = OPTION_ARG, + .opt.arg = &gendh_config.engine, + }, +#endif + { + .name = "out", + .argname = "file", + .desc = "Output file (default stdout)", + .type = OPTION_ARG, + .opt.arg = &gendh_config.outfile, + }, + { NULL }, +}; + +static void +gendh_usage(void) +{ + fprintf(stderr, + "usage: gendh [-2 | -5] [-engine id] [-out file] [numbits]\n\n"); + options_usage(gendh_options); +} + int gendh_main(int, char **); int @@ -92,61 +144,32 @@ gendh_main(int argc, char **argv) { BN_GENCB cb; DH *dh = NULL; - int ret = 1, num = DEFBITS; - int g = 2; - char *outfile = NULL; -#ifndef OPENSSL_NO_ENGINE - char *engine = NULL; -#endif + int ret = 1, numbits = DEFBITS; BIO *out = NULL; + char *strbits = NULL; BN_GENCB_set(&cb, dh_cb, bio_err); - argv++; - argc--; - for (;;) { - if (argc <= 0) - break; - if (strcmp(*argv, "-out") == 0) { - if (--argc < 1) - goto bad; - outfile = *(++argv); - } else if (strcmp(*argv, "-2") == 0) - g = 2; - /* - * else if (strcmp(*argv,"-3") == 0) g=3; - */ - else if (strcmp(*argv, "-5") == 0) - g = 5; -#ifndef OPENSSL_NO_ENGINE - else if (strcmp(*argv, "-engine") == 0) { - if (--argc < 1) - goto bad; - engine = *(++argv); - } -#endif - else - break; - argv++; - argc--; - } - if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) { -bad: - BIO_printf(bio_err, "usage: gendh [args] [numbits]\n"); - BIO_printf(bio_err, " -out file - output the key to 'file\n"); - BIO_printf(bio_err, " -2 - use 2 as the generator value\n"); - /* - * BIO_printf(bio_err," -3 - use 3 as the generator - * value\n"); - */ - BIO_printf(bio_err, " -5 - use 5 as the generator value\n"); -#ifndef OPENSSL_NO_ENGINE - BIO_printf(bio_err, " -engine e - use engine e, possibly a hardware device.\n"); -#endif + memset(&gendh_config, 0, sizeof(gendh_config)); + + gendh_config.g = 2; + + if (options_parse(argc, argv, gendh_options, &strbits, NULL) != 0) { + gendh_usage(); goto end; } + + if (strbits != NULL) { + const char *errstr; + numbits = strtonum(strbits, 0, INT_MAX, &errstr); + if (errstr) { + fprintf(stderr, "Invalid number of bits: %s\n", errstr); + goto end; + } + } + #ifndef OPENSSL_NO_ENGINE - setup_engine(bio_err, engine, 0); + setup_engine(bio_err, gendh_config.engine, 0); #endif out = BIO_new(BIO_s_file()); @@ -154,19 +177,21 @@ bad: ERR_print_errors(bio_err); goto end; } - if (outfile == NULL) { + if (gendh_config.outfile == NULL) { BIO_set_fp(out, stdout, BIO_NOCLOSE); } else { - if (BIO_write_filename(out, outfile) <= 0) { - perror(outfile); + if (BIO_write_filename(out, gendh_config.outfile) <= 0) { + perror(gendh_config.outfile); goto end; } } - BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime, generator %d\n", num, g); + BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime," + " generator %d\n", numbits, gendh_config.g); BIO_printf(bio_err, "This is going to take a long time\n"); - if (((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb)) + if (((dh = DH_new()) == NULL) || + !DH_generate_parameters_ex(dh, numbits, gendh_config.g, &cb)) goto end; if (!PEM_write_bio_DHparams(out, dh)) |