[thirdparty/openssl.git] / apps / gendsa.c

/* apps/gendsa.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 * 
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 * 
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 * 
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from 
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 * 
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 * 
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <openssl/opensslconf.h>	/* for OPENSSL_NO_DSA */
#ifndef OPENSSL_NO_DSA
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/err.h>
#include <openssl/bn.h>
#include <openssl/dsa.h>
#include <openssl/x509.h>
#include <openssl/pem.h>

#define DEFBITS	512
#undef PROG
#define PROG gendsa_main

int MAIN(int, char **);

int MAIN(int argc, char **argv)
	{
#ifndef OPENSSL_NO_ENGINE
	ENGINE *e = NULL;
#endif
	DSA *dsa=NULL;
	int ret=1;
	char *outfile=NULL;
	char *inrand=NULL,*dsaparams=NULL;
	char *passargout = NULL, *passout = NULL;
	BIO *out=NULL,*in=NULL;
	const EVP_CIPHER *enc=NULL;
#ifndef OPENSSL_NO_ENGINE
	char *engine=NULL;
#endif

	apps_startup();

	if (bio_err == NULL)
		if ((bio_err=BIO_new(BIO_s_file())) != NULL)
			BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT);

	if (!load_config(bio_err, NULL))
		goto end;

	argv++;
	argc--;
	for (;;)
		{
		if (argc <= 0) break;
		if (strcmp(*argv,"-out") == 0)
			{
			if (--argc < 1) goto bad;
			outfile= *(++argv);
			}
		else if (strcmp(*argv,"-passout") == 0)
			{
			if (--argc < 1) goto bad;
			passargout= *(++argv);
			}
#ifndef OPENSSL_NO_ENGINE
		else if (strcmp(*argv,"-engine") == 0)
			{
			if (--argc < 1) goto bad;
			engine= *(++argv);
			}
#endif
		else if (strcmp(*argv,"-rand") == 0)
			{
			if (--argc < 1) goto bad;
			inrand= *(++argv);
			}
		else if (strcmp(*argv,"-") == 0)
			goto bad;
#ifndef OPENSSL_NO_DES
		else if (strcmp(*argv,"-des") == 0)
			enc=EVP_des_cbc();
		else if (strcmp(*argv,"-des3") == 0)
			enc=EVP_des_ede3_cbc();
#endif
#ifndef OPENSSL_NO_IDEA
		else if (strcmp(*argv,"-idea") == 0)
			enc=EVP_idea_cbc();
#endif
#ifndef OPENSSL_NO_AES
		else if (strcmp(*argv,"-aes128") == 0)
			enc=EVP_aes_128_cbc();
		else if (strcmp(*argv,"-aes192") == 0)
			enc=EVP_aes_192_cbc();
		else if (strcmp(*argv,"-aes256") == 0)
			enc=EVP_aes_256_cbc();
#endif
		else if (**argv != '-' && dsaparams == NULL)
			{
			dsaparams = *argv;
			}
		else
			goto bad;
		argv++;
		argc--;
		}

	if (dsaparams == NULL)
		{
bad:
		BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
		BIO_printf(bio_err," -out file - output the key to 'file'\n");
#ifndef OPENSSL_NO_DES
		BIO_printf(bio_err," -des      - encrypt the generated key with DES in cbc mode\n");
		BIO_printf(bio_err," -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
#endif
#ifndef OPENSSL_NO_IDEA
		BIO_printf(bio_err," -idea     - encrypt the generated key with IDEA in cbc mode\n");
#endif
#ifndef OPENSSL_NO_AES
		BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
		BIO_printf(bio_err,"                 encrypt PEM output with cbc aes\n");
#endif
#ifndef OPENSSL_NO_ENGINE
		BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
#endif
		BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
		BIO_printf(bio_err,"           - load the file (or the files in the directory) into\n");
		BIO_printf(bio_err,"             the random number generator\n");
		BIO_printf(bio_err," dsaparam-file\n");
		BIO_printf(bio_err,"           - a DSA parameter file as generated by the dsaparam command\n");
		goto end;
		}

#ifndef OPENSSL_NO_ENGINE
        e = setup_engine(bio_err, engine, 0);
#endif

	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
		BIO_printf(bio_err, "Error getting password\n");
		goto end;
	}


	in=BIO_new(BIO_s_file());
	if (!(BIO_read_filename(in,dsaparams)))
		{
		perror(dsaparams);
		goto end;
		}

	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
		{
		BIO_printf(bio_err,"unable to load DSA parameter file\n");
		goto end;
		}
	BIO_free(in);
	in = NULL;
		
	out=BIO_new(BIO_s_file());
	if (out == NULL) goto end;

	if (outfile == NULL)
		{
		BIO_set_fp(out,stdout,BIO_NOCLOSE);
#ifdef OPENSSL_SYS_VMS
		{
		BIO *tmpbio = BIO_new(BIO_f_linebuffer());
		out = BIO_push(tmpbio, out);
		}
#endif
		}
	else
		{
		if (BIO_write_filename(out,outfile) <= 0)
			{
			perror(outfile);
			goto end;
			}
		}

	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
		{
		BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
		}
	if (inrand != NULL)
		BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
			app_RAND_load_files(inrand));

	BIO_printf(bio_err,"Generating DSA key, %d bits\n",
							BN_num_bits(dsa->p));
	if (!DSA_generate_key(dsa)) goto end;

	app_RAND_write_file(NULL, bio_err);

	if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
		goto end;
	ret=0;
end:
	if (ret != 0)
		ERR_print_errors(bio_err);
	if (in != NULL) BIO_free(in);
	if (out != NULL) BIO_free_all(out);
	if (dsa != NULL) DSA_free(dsa);
	if(passout) OPENSSL_free(passout);
	apps_shutdown();
	OPENSSL_EXIT(ret);
	}
#endif
Commit	Line	Data
d02b48c6	1	/* apps/gendsa.c */
58964a49	2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
d02b48c6 RE	3	* All rights reserved.
	4	*
	5	* This package is an SSL implementation written
	6	* by Eric Young (eay@cryptsoft.com).
	7	* The implementation was written so as to conform with Netscapes SSL.
	8	*
	9	* This library is free for commercial and non-commercial use as long as
	10	* the following conditions are aheared to. The following conditions
	11	* apply to all code found in this distribution, be it the RC4, RSA,
	12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
	13	* included with this distribution is covered by the same copyright terms
	14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
	15	*
	16	* Copyright remains Eric Young's, and as such any Copyright notices in
	17	* the code are not to be removed.
	18	* If this package is used in a product, Eric Young should be given attribution
	19	* as the author of the parts of the library used.
	20	* This can be in the form of a textual message at program startup or
	21	* in documentation (online or textual) provided with the package.
	22	*
	23	* Redistribution and use in source and binary forms, with or without
	24	* modification, are permitted provided that the following conditions
	25	* are met:
	26	* 1. Redistributions of source code must retain the copyright
	27	* notice, this list of conditions and the following disclaimer.
	28	* 2. Redistributions in binary form must reproduce the above copyright
	29	* notice, this list of conditions and the following disclaimer in the
	30	* documentation and/or other materials provided with the distribution.
	31	* 3. All advertising materials mentioning features or use of this software
	32	* must display the following acknowledgement:
	33	* "This product includes cryptographic software written by
	34	* Eric Young (eay@cryptsoft.com)"
	35	* The word 'cryptographic' can be left out if the rouines from the library
	36	* being used are not cryptographic related :-).
	37	* 4. If you include any Windows specific code (or a derivative thereof) from
	38	* the apps directory (application code) you must include an acknowledgement:
	39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
	40	*
	41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
	42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
	44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
	45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
	46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
	47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
	49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
	50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
	51	* SUCH DAMAGE.
	52	*
	53	* The licence and distribution terms for any publically available version or
	54	* derivative of this code cannot be changed. i.e. this code cannot simply be
	55	* copied and put under another distribution licence
	56	* [including the GNU Public Licence.]
	57	*/
	58
3eeaab4b	59	#include <openssl/opensslconf.h> /* for OPENSSL_NO_DSA */
cf1b7d96	60	#ifndef OPENSSL_NO_DSA
d02b48c6 RE	61	#include <stdio.h>
	62	#include <string.h>
	63	#include <sys/types.h>
	64	#include <sys/stat.h>
	65	#include "apps.h"
ec577822	66	#include <openssl/bio.h>
ec577822 BM	67	#include <openssl/err.h>
	68	#include <openssl/bn.h>
	69	#include <openssl/dsa.h>
	70	#include <openssl/x509.h>
	71	#include <openssl/pem.h>
d02b48c6 RE	72
	73	#define DEFBITS 512
	74	#undef PROG
	75	#define PROG gendsa_main
	76
667ac4ec RE	77	int MAIN(int, char **);
667ac4ec RE	78
6b691a5c	79	int MAIN(int argc, char **argv)
d02b48c6	80	{
0b13e9f0	81	#ifndef OPENSSL_NO_ENGINE
5270e702	82	ENGINE *e = NULL;
0b13e9f0	83	#endif
d02b48c6	84	DSA *dsa=NULL;
7f9b7b07	85	int ret=1;
d02b48c6	86	char *outfile=NULL;
f365611c	87	char inrand=NULL,dsaparams=NULL;
a3fe382e	88	char passargout = NULL, passout = NULL;
d02b48c6	89	BIO out=NULL,in=NULL;
13588350	90	const EVP_CIPHER *enc=NULL;
0b13e9f0	91	#ifndef OPENSSL_NO_ENGINE
5270e702	92	char *engine=NULL;
0b13e9f0	93	#endif
d02b48c6 RE	94
	95	apps_startup();
	96
	97	if (bio_err == NULL)
	98	if ((bio_err=BIO_new(BIO_s_file())) != NULL)
58964a49	99	BIO_set_fp(bio_err,stderr,BIO_NOCLOSE\|BIO_FP_TEXT);
d02b48c6	100
3647bee2 DSH	101	if (!load_config(bio_err, NULL))
	102	goto end;
	103
d02b48c6 RE	104	argv++;
	105	argc--;
	106	for (;;)
	107	{
	108	if (argc <= 0) break;
	109	if (strcmp(*argv,"-out") == 0)
	110	{
	111	if (--argc < 1) goto bad;
	112	outfile= *(++argv);
	113	}
f07fb9b2 DSH	114	else if (strcmp(*argv,"-passout") == 0)
	115	{
	116	if (--argc < 1) goto bad;
a3fe382e	117	passargout= *(++argv);
f07fb9b2	118	}
0b13e9f0	119	#ifndef OPENSSL_NO_ENGINE
5270e702 RL	120	else if (strcmp(*argv,"-engine") == 0)
	121	{
	122	if (--argc < 1) goto bad;
	123	engine= *(++argv);
	124	}
0b13e9f0	125	#endif
d02b48c6 RE	126	else if (strcmp(*argv,"-rand") == 0)
	127	{
	128	if (--argc < 1) goto bad;
	129	inrand= *(++argv);
	130	}
	131	else if (strcmp(*argv,"-") == 0)
	132	goto bad;
cf1b7d96	133	#ifndef OPENSSL_NO_DES
7f9b7b07 DSH	134	else if (strcmp(*argv,"-des") == 0)
	135	enc=EVP_des_cbc();
	136	else if (strcmp(*argv,"-des3") == 0)
	137	enc=EVP_des_ede3_cbc();
	138	#endif
cf1b7d96	139	#ifndef OPENSSL_NO_IDEA
7f9b7b07 DSH	140	else if (strcmp(*argv,"-idea") == 0)
7f9b7b07 DSH	141	enc=EVP_idea_cbc();
b3dfaaa1 RL	142	#endif
	143	#ifndef OPENSSL_NO_AES
	144	else if (strcmp(*argv,"-aes128") == 0)
	145	enc=EVP_aes_128_cbc();
	146	else if (strcmp(*argv,"-aes192") == 0)
	147	enc=EVP_aes_192_cbc();
	148	else if (strcmp(*argv,"-aes256") == 0)
	149	enc=EVP_aes_256_cbc();
7f9b7b07	150	#endif
e42979f2	151	else if (**argv != '-' && dsaparams == NULL)
c69e361f BM	152	{
	153	dsaparams = *argv;
	154	}
d02b48c6 RE	155	else
	156	goto bad;
	157	argv++;
	158	argc--;
	159	}
	160
	161	if (dsaparams == NULL)
	162	{
	163	bad:
f2f351ce	164	BIO_printf(bio_err,"usage: gendsa [args] dsaparam-file\n");
7f9b7b07	165	BIO_printf(bio_err," -out file - output the key to 'file'\n");
cf1b7d96	166	#ifndef OPENSSL_NO_DES
7f9b7b07 DSH	167	BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n");
	168	BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
	169	#endif
cf1b7d96	170	#ifndef OPENSSL_NO_IDEA
7f9b7b07 DSH	171	BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
7f9b7b07 DSH	172	#endif
b3dfaaa1 RL	173	#ifndef OPENSSL_NO_AES
	174	BIO_printf(bio_err," -aes128, -aes192, -aes256\n");
	175	BIO_printf(bio_err," encrypt PEM output with cbc aes\n");
	176	#endif
0b13e9f0	177	#ifndef OPENSSL_NO_ENGINE
5270e702	178	BIO_printf(bio_err," -engine e - use engine e, possibly a hardware device.\n");
0b13e9f0	179	#endif
afbd0746	180	BIO_printf(bio_err," -rand file%cfile%c...\n", LIST_SEPARATOR_CHAR, LIST_SEPARATOR_CHAR);
d02b48c6 RE	181	BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
d02b48c6 RE	182	BIO_printf(bio_err," the random number generator\n");
f2f351ce RE	183	BIO_printf(bio_err," dsaparam-file\n");
f2f351ce RE	184	BIO_printf(bio_err," - a DSA parameter file as generated by the dsaparam command\n");
d02b48c6 RE	185	goto end;
	186	}
	187
0b13e9f0	188	#ifndef OPENSSL_NO_ENGINE
a3376fe8	189	e = setup_engine(bio_err, engine, 0);
0b13e9f0	190	#endif
5270e702	191
a3fe382e DSH	192	if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
	193	BIO_printf(bio_err, "Error getting password\n");
	194	goto end;
	195	}
	196
	197
d02b48c6	198	in=BIO_new(BIO_s_file());
7f9b7b07	199	if (!(BIO_read_filename(in,dsaparams)))
d02b48c6 RE	200	{
	201	perror(dsaparams);
	202	goto end;
	203	}
	204
74678cc2	205	if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL,NULL)) == NULL)
d02b48c6 RE	206	{
	207	BIO_printf(bio_err,"unable to load DSA parameter file\n");
	208	goto end;
	209	}
	210	BIO_free(in);
8652d1c2	211	in = NULL;
d02b48c6 RE	212
	213	out=BIO_new(BIO_s_file());
	214	if (out == NULL) goto end;
	215
	216	if (outfile == NULL)
645749ef	217	{
d02b48c6	218	BIO_set_fp(out,stdout,BIO_NOCLOSE);
bc36ee62	219	#ifdef OPENSSL_SYS_VMS
645749ef RL	220	{
	221	BIO *tmpbio = BIO_new(BIO_f_linebuffer());
	222	out = BIO_push(tmpbio, out);
	223	}
	224	#endif
	225	}
d02b48c6 RE	226	else
	227	{
	228	if (BIO_write_filename(out,outfile) <= 0)
	229	{
	230	perror(outfile);
	231	goto end;
	232	}
	233	}
	234
f365611c	235	if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL)
d02b48c6	236	{
a31011e8	237	BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
d02b48c6	238	}
a31011e8 BM	239	if (inrand != NULL)
	240	BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
	241	app_RAND_load_files(inrand));
d02b48c6	242
7f9b7b07 DSH	243	BIO_printf(bio_err,"Generating DSA key, %d bits\n",
7f9b7b07 DSH	244	BN_num_bits(dsa->p));
d02b48c6 RE	245	if (!DSA_generate_key(dsa)) goto end;
d02b48c6 RE	246
a31011e8	247	app_RAND_write_file(NULL, bio_err);
d02b48c6	248
a3fe382e	249	if (!PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL, passout))
d02b48c6 RE	250	goto end;
	251	ret=0;
	252	end:
	253	if (ret != 0)
	254	ERR_print_errors(bio_err);
8652d1c2	255	if (in != NULL) BIO_free(in);
645749ef	256	if (out != NULL) BIO_free_all(out);
d02b48c6	257	if (dsa != NULL) DSA_free(dsa);
26a3a48d	258	if(passout) OPENSSL_free(passout);
c04f8cf4	259	apps_shutdown();
1c3e4a36	260	OPENSSL_EXIT(ret);
d02b48c6	261	}
f5d7a031	262	#endif