summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.bin/openssl/gendh.c133
1 files changed, 79 insertions, 54 deletions
diff --git a/usr.bin/openssl/gendh.c b/usr.bin/openssl/gendh.c
index 64307eaadc0..85aaf4d1d17 100644
--- a/usr.bin/openssl/gendh.c
+++ b/usr.bin/openssl/gendh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gendh.c,v 1.2 2014/10/22 13:51:31 jsing Exp $ */
+/* $OpenBSD: gendh.c,v 1.3 2015/07/12 22:09:00 doug Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -69,6 +69,7 @@
#include <sys/types.h>
#include <sys/stat.h>
+#include <limits.h>
#include <stdio.h>
#include <string.h>
@@ -85,6 +86,57 @@
static int dh_cb(int p, int n, BN_GENCB * cb);
+static struct {
+#ifndef OPENSSL_NO_ENGINE
+ char *engine;
+#endif
+ int g;
+ char *outfile;
+} gendh_config;
+
+static struct option gendh_options[] = {
+ {
+ .name = "2",
+ .desc = "Generate DH parameters with a generator value of 2 "
+ "(default)",
+ .type = OPTION_VALUE,
+ .value = 2,
+ .opt.value = &gendh_config.g,
+ },
+ {
+ .name = "5",
+ .desc = "Generate DH parameters with a generator value of 5",
+ .type = OPTION_VALUE,
+ .value = 5,
+ .opt.value = &gendh_config.g,
+ },
+#ifndef OPENSSL_NO_ENGINE
+ {
+ .name = "engine",
+ .argname = "id",
+ .desc = "Use the engine specified by the given identifier",
+ .type = OPTION_ARG,
+ .opt.arg = &gendh_config.engine,
+ },
+#endif
+ {
+ .name = "out",
+ .argname = "file",
+ .desc = "Output file (default stdout)",
+ .type = OPTION_ARG,
+ .opt.arg = &gendh_config.outfile,
+ },
+ { NULL },
+};
+
+static void
+gendh_usage(void)
+{
+ fprintf(stderr,
+ "usage: gendh [-2 | -5] [-engine id] [-out file] [numbits]\n\n");
+ options_usage(gendh_options);
+}
+
int gendh_main(int, char **);
int
@@ -92,61 +144,32 @@ gendh_main(int argc, char **argv)
{
BN_GENCB cb;
DH *dh = NULL;
- int ret = 1, num = DEFBITS;
- int g = 2;
- char *outfile = NULL;
-#ifndef OPENSSL_NO_ENGINE
- char *engine = NULL;
-#endif
+ int ret = 1, numbits = DEFBITS;
BIO *out = NULL;
+ char *strbits = NULL;
BN_GENCB_set(&cb, dh_cb, bio_err);
- argv++;
- argc--;
- for (;;) {
- if (argc <= 0)
- break;
- if (strcmp(*argv, "-out") == 0) {
- if (--argc < 1)
- goto bad;
- outfile = *(++argv);
- } else if (strcmp(*argv, "-2") == 0)
- g = 2;
- /*
- * else if (strcmp(*argv,"-3") == 0) g=3;
- */
- else if (strcmp(*argv, "-5") == 0)
- g = 5;
-#ifndef OPENSSL_NO_ENGINE
- else if (strcmp(*argv, "-engine") == 0) {
- if (--argc < 1)
- goto bad;
- engine = *(++argv);
- }
-#endif
- else
- break;
- argv++;
- argc--;
- }
- if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
-bad:
- BIO_printf(bio_err, "usage: gendh [args] [numbits]\n");
- BIO_printf(bio_err, " -out file - output the key to 'file\n");
- BIO_printf(bio_err, " -2 - use 2 as the generator value\n");
- /*
- * BIO_printf(bio_err," -3 - use 3 as the generator
- * value\n");
- */
- BIO_printf(bio_err, " -5 - use 5 as the generator value\n");
-#ifndef OPENSSL_NO_ENGINE
- BIO_printf(bio_err, " -engine e - use engine e, possibly a hardware device.\n");
-#endif
+ memset(&gendh_config, 0, sizeof(gendh_config));
+
+ gendh_config.g = 2;
+
+ if (options_parse(argc, argv, gendh_options, &strbits, NULL) != 0) {
+ gendh_usage();
goto end;
}
+
+ if (strbits != NULL) {
+ const char *errstr;
+ numbits = strtonum(strbits, 0, INT_MAX, &errstr);
+ if (errstr) {
+ fprintf(stderr, "Invalid number of bits: %s\n", errstr);
+ goto end;
+ }
+ }
+
#ifndef OPENSSL_NO_ENGINE
- setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, gendh_config.engine, 0);
#endif
out = BIO_new(BIO_s_file());
@@ -154,19 +177,21 @@ bad:
ERR_print_errors(bio_err);
goto end;
}
- if (outfile == NULL) {
+ if (gendh_config.outfile == NULL) {
BIO_set_fp(out, stdout, BIO_NOCLOSE);
} else {
- if (BIO_write_filename(out, outfile) <= 0) {
- perror(outfile);
+ if (BIO_write_filename(out, gendh_config.outfile) <= 0) {
+ perror(gendh_config.outfile);
goto end;
}
}
- BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime, generator %d\n", num, g);
+ BIO_printf(bio_err, "Generating DH parameters, %d bit long safe prime,"
+ " generator %d\n", numbits, gendh_config.g);
BIO_printf(bio_err, "This is going to take a long time\n");
- if (((dh = DH_new()) == NULL) || !DH_generate_parameters_ex(dh, num, g, &cb))
+ if (((dh = DH_new()) == NULL) ||
+ !DH_generate_parameters_ex(dh, numbits, gendh_config.g, &cb))
goto end;
if (!PEM_write_bio_DHparams(out, dh))