/*
- * Copyright 2006-2022 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2006-2024 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the Apache License 2.0 (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
OPT_COMMON,
OPT_ENGINE, OPT_OUTFORM, OPT_OUT, OPT_PASS, OPT_PARAMFILE,
OPT_ALGORITHM, OPT_PKEYOPT, OPT_GENPARAM, OPT_TEXT, OPT_CIPHER,
- OPT_VERBOSE, OPT_QUIET, OPT_CONFIG,
- OPT_PROV_ENUM
+ OPT_VERBOSE, OPT_QUIET, OPT_CONFIG, OPT_OUTPUBKEY,
+ OPT_PROV_ENUM, OPT_R_ENUM
} OPTION_CHOICE;
const OPTIONS genpkey_options[] = {
OPT_CONFIG_OPTION,
OPT_SECTION("Output"),
- {"out", OPT_OUT, '>', "Output file"},
+ {"out", OPT_OUT, '>', "Output (private key) file"},
+ {"outpubkey", OPT_OUTPUBKEY, '>', "Output public key file"},
{"outform", OPT_OUTFORM, 'F', "output format (DER or PEM)"},
{"pass", OPT_PASS, 's', "Output file pass phrase source"},
{"genparam", OPT_GENPARAM, '-', "Generate parameters, not key"},
- {"text", OPT_TEXT, '-', "Print the in text"},
+ {"text", OPT_TEXT, '-', "Print the private key in text"},
{"", OPT_CIPHER, '-', "Cipher to use to encrypt the key"},
OPT_PROV_OPTIONS,
+ OPT_R_OPTIONS,
/* This is deliberately last. */
{OPT_HELP_STR, 1, 1,
int genpkey_main(int argc, char **argv)
{
CONF *conf = NULL;
- BIO *in = NULL, *out = NULL;
+ BIO *in = NULL, *out = NULL, *outpubkey = NULL;
ENGINE *e = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *ctx = NULL;
char *outfile = NULL, *passarg = NULL, *pass = NULL, *prog, *p;
+ char *outpubkeyfile = NULL;
const char *ciphername = NULL, *paramfile = NULL, *algname = NULL;
EVP_CIPHER *cipher = NULL;
OPTION_CHOICE o;
case OPT_OUT:
outfile = opt_arg();
break;
+ case OPT_OUTPUBKEY:
+ outpubkeyfile = opt_arg();
+ break;
case OPT_PASS:
passarg = opt_arg();
break;
if (!opt_provider(o))
goto end;
break;
+ case OPT_R_CASES:
+ if (!opt_rand(o))
+ goto end;
+ break;
}
}
if (!opt_check_rest_arg(NULL))
goto opthelp;
+ if (!app_RAND_load())
+ goto end;
+
/* Fetch cipher, etc. */
if (paramfile != NULL) {
if (!init_keygen_file(&ctx, paramfile, e, libctx, app_get0_propq()))
if (out == NULL)
goto end;
+ if (outpubkeyfile != NULL) {
+ outpubkey = bio_open_owner(outpubkeyfile, outformat, private);
+ if (outpubkey == NULL)
+ goto end;
+ }
+
if (verbose)
EVP_PKEY_CTX_set_cb(ctx, progress_cb);
EVP_PKEY_CTX_set_app_data(ctx, bio_err);
pkey = do_param ? app_paramgen(ctx, algname)
: app_keygen(ctx, algname, 0, 0 /* not verbose */);
+ if (pkey == NULL)
+ goto end;
if (do_param) {
rv = PEM_write_bio_Parameters(out, pkey);
} else if (outformat == FORMAT_PEM) {
assert(private);
rv = PEM_write_bio_PrivateKey(out, pkey, cipher, NULL, 0, NULL, pass);
+ if (rv > 0 && outpubkey != NULL)
+ rv = PEM_write_bio_PUBKEY(outpubkey, pkey);
} else if (outformat == FORMAT_ASN1) {
assert(private);
rv = i2d_PrivateKey_bio(out, pkey);
+ if (rv > 0 && outpubkey != NULL)
+ rv = i2d_PUBKEY_bio(outpubkey, pkey);
} else {
BIO_printf(bio_err, "Bad format specified for key\n");
goto end;
ret = 0;
if (rv <= 0) {
- BIO_puts(bio_err, "Error writing key\n");
+ BIO_puts(bio_err, "Error writing key(s)\n");
ret = 1;
}
EVP_PKEY_CTX_free(ctx);
EVP_CIPHER_free(cipher);
BIO_free_all(out);
+ BIO_free_all(outpubkey);
BIO_free(in);
release_engine(e);
OPENSSL_free(pass);