summaryrefslogtreecommitdiff
path: root/usr.bin/openssl/genrsa.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.bin/openssl/genrsa.c')
-rw-r--r--usr.bin/openssl/genrsa.c253
1 files changed, 183 insertions, 70 deletions
diff --git a/usr.bin/openssl/genrsa.c b/usr.bin/openssl/genrsa.c
index 3ed28356316..63d3de42188 100644
--- a/usr.bin/openssl/genrsa.c
+++ b/usr.bin/openssl/genrsa.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: genrsa.c,v 1.13 2019/06/19 01:51:14 inoguchi Exp $ */
+/* $OpenBSD: genrsa.c,v 1.14 2019/07/09 11:02:52 inoguchi Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@@ -92,12 +92,188 @@ static struct {
char *passargout;
} genrsa_config;
+static int
+set_public_exponent(int argc, char **argv, int *argsused)
+{
+ char *option = argv[0];
+
+ if (strcmp(option, "-3") == 0)
+ genrsa_config.f4 = 3;
+ else if (strcmp(option, "-f4") == 0 || strcmp(option, "-F4") == 0)
+ genrsa_config.f4 = RSA_F4;
+ else
+ return (1);
+
+ *argsused = 1;
+ return (0);
+}
+
+static const EVP_CIPHER *get_cipher_by_name(char *name)
+{
+ if (name == NULL || strcmp(name, "") == 0)
+ return (NULL);
+#ifndef OPENSSL_NO_AES
+ else if (strcmp(name, "aes128") == 0)
+ return EVP_aes_128_cbc();
+ else if (strcmp(name, "aes192") == 0)
+ return EVP_aes_192_cbc();
+ else if (strcmp(name, "aes256") == 0)
+ return EVP_aes_256_cbc();
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+ else if (strcmp(name, "camellia128") == 0)
+ return EVP_camellia_128_cbc();
+ else if (strcmp(name, "camellia192") == 0)
+ return EVP_camellia_192_cbc();
+ else if (strcmp(name, "camellia256") == 0)
+ return EVP_camellia_256_cbc();
+#endif
+#ifndef OPENSSL_NO_DES
+ else if (strcmp(name, "des") == 0)
+ return EVP_des_cbc();
+ else if (strcmp(name, "des3") == 0)
+ return EVP_des_ede3_cbc();
+#endif
+#ifndef OPENSSL_NO_IDEA
+ else if (strcmp(name, "idea") == 0)
+ return EVP_idea_cbc();
+#endif
+ else
+ return (NULL);
+}
+
+static int
+set_enc(int argc, char **argv, int *argsused)
+{
+ char *name = argv[0];
+
+ if (*name++ != '-')
+ return (1);
+
+ if ((genrsa_config.enc = get_cipher_by_name(name)) == NULL)
+ return (1);
+
+ *argsused = 1;
+ return (0);
+}
+
+static struct option genrsa_options[] = {
+ {
+ .name = "3",
+ .desc = "Use 3 for the E value",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_public_exponent,
+ },
+ {
+ .name = "f4",
+ .desc = "Use F4 (0x10001) for the E value",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_public_exponent,
+ },
+ {
+ .name = "F4",
+ .desc = "Use F4 (0x10001) for the E value",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_public_exponent,
+ },
+#ifndef OPENSSL_NO_AES
+ {
+ .name = "aes128",
+ .desc = "Encrypt PEM output with cbc aes",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_enc,
+ },
+ {
+ .name = "aes192",
+ .desc = "Encrypt PEM output with cbc aes",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_enc,
+ },
+ {
+ .name = "aes256",
+ .desc = "Encrypt PEM output with cbc aes",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_enc,
+ },
+#endif
+#ifndef OPENSSL_NO_CAMELLIA
+ {
+ .name = "camellia128",
+ .desc = "Encrypt PEM output with cbc camellia",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_enc,
+ },
+ {
+ .name = "camellia192",
+ .desc = "Encrypt PEM output with cbc camellia",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_enc,
+ },
+ {
+ .name = "camellia256",
+ .desc = "Encrypt PEM output with cbc camellia",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_enc,
+ },
+#endif
+#ifndef OPENSSL_NO_DES
+ {
+ .name = "des",
+ .desc = "Encrypt the generated key with DES in cbc mode",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_enc,
+ },
+ {
+ .name = "des3",
+ .desc = "Encrypt the generated key with DES in ede cbc mode (168 bit key)",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_enc,
+ },
+#endif
+#ifndef OPENSSL_NO_IDEA
+ {
+ .name = "idea",
+ .desc = "Encrypt the generated key with IDEA in cbc mode",
+ .type = OPTION_ARGV_FUNC,
+ .opt.argvfunc = set_enc,
+ },
+#endif
+ {
+ .name = "out",
+ .argname = "file",
+ .desc = "Output the key to 'file'",
+ .type = OPTION_ARG,
+ .opt.arg = &genrsa_config.outfile,
+ },
+ {
+ .name = "passout",
+ .argname = "arg",
+ .desc = "Output file passphrase source",
+ .type = OPTION_ARG,
+ .opt.arg = &genrsa_config.passargout,
+ },
+ { NULL },
+};
+
+static void
+genrsa_usage(void)
+{
+ fprintf(stderr, "usage: genrsa [-3 | -f4] [-aes128 | -aes192 |");
+ fprintf(stderr, " -aes256 |\n");
+ fprintf(stderr, " -camellia128 | -camellia192 | -camellia256 |");
+ fprintf(stderr, " -des | -des3 | -idea]\n");
+ fprintf(stderr, " [-out file] [-passout arg] [numbits]\n\n");
+ options_usage(genrsa_options);
+ fprintf(stderr, "\n");
+}
+
int
genrsa_main(int argc, char **argv)
{
BN_GENCB cb;
int ret = 1;
int i, num = DEFBITS;
+ char *numbits= NULL;
long l;
char *passout = NULL;
BIO *out = NULL;
@@ -124,76 +300,13 @@ genrsa_main(int argc, char **argv)
memset(&genrsa_config, 0, sizeof(genrsa_config));
genrsa_config.f4 = RSA_F4;
- argv++;
- argc--;
- for (;;) {
- if (argc <= 0)
- break;
- if (strcmp(*argv, "-out") == 0) {
- if (--argc < 1)
- goto bad;
- genrsa_config.outfile = *(++argv);
- } else if (strcmp(*argv, "-3") == 0)
- genrsa_config.f4 = 3;
- else if (strcmp(*argv, "-F4") == 0 || strcmp(*argv, "-f4") == 0)
- genrsa_config.f4 = RSA_F4;
-#ifndef OPENSSL_NO_DES
- else if (strcmp(*argv, "-des") == 0)
- genrsa_config.enc = EVP_des_cbc();
- else if (strcmp(*argv, "-des3") == 0)
- genrsa_config.enc = EVP_des_ede3_cbc();
-#endif
-#ifndef OPENSSL_NO_IDEA
- else if (strcmp(*argv, "-idea") == 0)
- genrsa_config.enc = EVP_idea_cbc();
-#endif
-#ifndef OPENSSL_NO_AES
- else if (strcmp(*argv, "-aes128") == 0)
- genrsa_config.enc = EVP_aes_128_cbc();
- else if (strcmp(*argv, "-aes192") == 0)
- genrsa_config.enc = EVP_aes_192_cbc();
- else if (strcmp(*argv, "-aes256") == 0)
- genrsa_config.enc = EVP_aes_256_cbc();
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
- else if (strcmp(*argv, "-camellia128") == 0)
- genrsa_config.enc = EVP_camellia_128_cbc();
- else if (strcmp(*argv, "-camellia192") == 0)
- genrsa_config.enc = EVP_camellia_192_cbc();
- else if (strcmp(*argv, "-camellia256") == 0)
- genrsa_config.enc = EVP_camellia_256_cbc();
-#endif
- else if (strcmp(*argv, "-passout") == 0) {
- if (--argc < 1)
- goto bad;
- genrsa_config.passargout = *(++argv);
- } else
- break;
- argv++;
- argc--;
+ if (options_parse(argc, argv, genrsa_options, &numbits, NULL) != 0) {
+ genrsa_usage();
+ goto err;
}
- if ((argc >= 1) && ((sscanf(*argv, "%d", &num) == 0) || (num < 0))) {
- bad:
- BIO_printf(bio_err, "usage: genrsa [args] [numbits]\n");
-#ifndef OPENSSL_NO_DES
- BIO_printf(bio_err, " -des encrypt the generated key with DES in cbc mode\n");
- BIO_printf(bio_err, " -des3 encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
-#endif
-#ifndef OPENSSL_NO_IDEA
- BIO_printf(bio_err, " -idea encrypt the generated key with IDEA in cbc mode\n");
-#endif
-#ifndef OPENSSL_NO_AES
- BIO_printf(bio_err, " -aes128, -aes192, -aes256\n");
- BIO_printf(bio_err, " encrypt PEM output with cbc aes\n");
-#endif
-#ifndef OPENSSL_NO_CAMELLIA
- BIO_printf(bio_err, " -camellia128, -camellia192, -camellia256\n");
- BIO_printf(bio_err, " encrypt PEM output with cbc camellia\n");
-#endif
- BIO_printf(bio_err, " -out file output the key to 'file\n");
- BIO_printf(bio_err, " -passout arg output file pass phrase source\n");
- BIO_printf(bio_err, " -f4 use F4 (0x10001) for the E value\n");
- BIO_printf(bio_err, " -3 use 3 for the E value\n");
+
+ if ((numbits != NULL) && ((sscanf(numbits, "%d", &num) == 0) || (num < 0))) {
+ genrsa_usage();
goto err;
}