]>
Commit | Line | Data |
---|---|---|
58964a49 | 1 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
2 | * All rights reserved. |
3 | * | |
4 | * This package is an SSL implementation written | |
5 | * by Eric Young (eay@cryptsoft.com). | |
6 | * The implementation was written so as to conform with Netscapes SSL. | |
0f113f3e | 7 | * |
d02b48c6 RE |
8 | * This library is free for commercial and non-commercial use as long as |
9 | * the following conditions are aheared to. The following conditions | |
10 | * apply to all code found in this distribution, be it the RC4, RSA, | |
11 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
12 | * included with this distribution is covered by the same copyright terms | |
13 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
0f113f3e | 14 | * |
d02b48c6 RE |
15 | * Copyright remains Eric Young's, and as such any Copyright notices in |
16 | * the code are not to be removed. | |
17 | * If this package is used in a product, Eric Young should be given attribution | |
18 | * as the author of the parts of the library used. | |
19 | * This can be in the form of a textual message at program startup or | |
20 | * in documentation (online or textual) provided with the package. | |
0f113f3e | 21 | * |
d02b48c6 RE |
22 | * Redistribution and use in source and binary forms, with or without |
23 | * modification, are permitted provided that the following conditions | |
24 | * are met: | |
25 | * 1. Redistributions of source code must retain the copyright | |
26 | * notice, this list of conditions and the following disclaimer. | |
27 | * 2. Redistributions in binary form must reproduce the above copyright | |
28 | * notice, this list of conditions and the following disclaimer in the | |
29 | * documentation and/or other materials provided with the distribution. | |
30 | * 3. All advertising materials mentioning features or use of this software | |
31 | * must display the following acknowledgement: | |
32 | * "This product includes cryptographic software written by | |
33 | * Eric Young (eay@cryptsoft.com)" | |
34 | * The word 'cryptographic' can be left out if the rouines from the library | |
35 | * being used are not cryptographic related :-). | |
0f113f3e | 36 | * 4. If you include any Windows specific code (or a derivative thereof) from |
d02b48c6 RE |
37 | * the apps directory (application code) you must include an acknowledgement: |
38 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
0f113f3e | 39 | * |
d02b48c6 RE |
40 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
41 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
43 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
44 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
45 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
46 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
48 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
49 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
50 | * SUCH DAMAGE. | |
0f113f3e | 51 | * |
d02b48c6 RE |
52 | * The licence and distribution terms for any publically available version or |
53 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
54 | * copied and put under another distribution licence | |
55 | * [including the GNU Public Licence.] | |
56 | */ | |
7e1b7485 RS |
57 | /* ==================================================================== |
58 | * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved. | |
59 | * | |
60 | * Redistribution and use in source and binary forms, with or without | |
61 | * modification, are permitted provided that the following conditions | |
62 | * are met: | |
63 | * | |
64 | * 1. Redistributions of source code must retain the above copyright | |
65 | * notice, this list of conditions and the following disclaimer. | |
66 | * | |
67 | * 2. Redistributions in binary form must reproduce the above copyright | |
68 | * notice, this list of conditions and the following disclaimer in | |
69 | * the documentation and/or other materials provided with the | |
70 | * distribution. | |
71 | * | |
72 | * 3. All advertising materials mentioning features or use of this | |
73 | * software must display the following acknowledgment: | |
74 | * "This product includes software developed by the OpenSSL Project | |
75 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
76 | * | |
77 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
78 | * endorse or promote products derived from this software without | |
79 | * prior written permission. For written permission, please contact | |
80 | * licensing@OpenSSL.org. | |
81 | * | |
82 | * 5. Products derived from this software may not be called "OpenSSL" | |
83 | * nor may "OpenSSL" appear in their names without prior written | |
84 | * permission of the OpenSSL Project. | |
85 | * | |
86 | * 6. Redistributions of any form whatsoever must retain the following | |
87 | * acknowledgment: | |
88 | * "This product includes software developed by the OpenSSL Project | |
89 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
90 | * | |
91 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
92 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
93 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
94 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
95 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
96 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
97 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
98 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
99 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
100 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
101 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
102 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
103 | * ==================================================================== | |
104 | */ | |
d02b48c6 | 105 | |
3eeaab4b | 106 | #include <openssl/opensslconf.h> |
cf1b7d96 | 107 | #ifndef OPENSSL_NO_RSA |
0f113f3e MC |
108 | # include <stdio.h> |
109 | # include <stdlib.h> | |
110 | # include <string.h> | |
111 | # include <time.h> | |
112 | # include "apps.h" | |
113 | # include <openssl/bio.h> | |
114 | # include <openssl/err.h> | |
115 | # include <openssl/rsa.h> | |
116 | # include <openssl/evp.h> | |
117 | # include <openssl/x509.h> | |
118 | # include <openssl/pem.h> | |
119 | # include <openssl/bn.h> | |
120 | ||
7e1b7485 RS |
121 | typedef enum OPTION_choice { |
122 | OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, | |
123 | OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT, | |
124 | OPT_PUBIN, OPT_PUBOUT, OPT_PASSOUT, OPT_PASSIN, | |
125 | OPT_RSAPUBKEY_IN, OPT_RSAPUBKEY_OUT, OPT_PVK_STRONG, OPT_PVK_WEAK, | |
126 | OPT_PVK_NONE, OPT_NOOUT, OPT_TEXT, OPT_MODULUS, OPT_CHECK, OPT_CIPHER | |
127 | } OPTION_CHOICE; | |
128 | ||
129 | OPTIONS rsa_options[] = { | |
130 | {"help", OPT_HELP, '-', "Display this summary"}, | |
131 | {"inform", OPT_INFORM, 'f', "Input format, one of DER NET PEM"}, | |
132 | {"outform", OPT_OUTFORM, 'f', "Output format, one of DER NET PEM PVK"}, | |
133 | {"in", OPT_IN, '<', "Input file"}, | |
134 | {"out", OPT_OUT, '>', "Output file"}, | |
135 | {"pubin", OPT_PUBIN, '-', "Expect a public key in input file"}, | |
136 | {"pubout", OPT_PUBOUT, '-', "Output a public key"}, | |
137 | {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"}, | |
138 | {"passin", OPT_PASSIN, 's', "Input file pass phrase source"}, | |
139 | {"RSAPublicKey_in", OPT_RSAPUBKEY_IN, '-', "Input is an RSAPublicKye"}, | |
140 | {"RSAPublicKey_out", OPT_RSAPUBKEY_OUT, '-', "Output is an RSAPublicKye"}, | |
141 | {"pvk-strong", OPT_PVK_STRONG, '-'}, | |
142 | {"pvk-weak", OPT_PVK_WEAK, '-'}, | |
143 | {"pvk-none", OPT_PVK_NONE, '-'}, | |
144 | {"noout", OPT_NOOUT, '-', "Don't print key out"}, | |
145 | {"text", OPT_TEXT, '-', "Print the key in text"}, | |
146 | {"modulus", OPT_MODULUS, '-', "Print the RSA key modulus"}, | |
147 | {"check", OPT_CHECK, '-', "Verify key consistency"}, | |
148 | {"", OPT_CIPHER, '-', "Any supported cipher"}, | |
149 | # ifndef OPENSSL_NO_ENGINE | |
150 | {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, | |
151 | # endif | |
152 | {NULL} | |
153 | }; | |
667ac4ec | 154 | |
7e1b7485 | 155 | int rsa_main(int argc, char **argv) |
0f113f3e MC |
156 | { |
157 | ENGINE *e = NULL; | |
7e1b7485 | 158 | BIO *out = NULL; |
0f113f3e | 159 | RSA *rsa = NULL; |
0f113f3e | 160 | const EVP_CIPHER *enc = NULL; |
7e1b7485 RS |
161 | char *engine = NULL, *infile = NULL, *outfile = NULL, *prog; |
162 | char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL; | |
163 | int i; | |
164 | int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0; | |
165 | int noout = 0, modulus = 0, pubin = 0, pubout = 0, pvk_encr = 2, ret = 1; | |
166 | OPTION_CHOICE o; | |
167 | ||
168 | prog = opt_init(argc, argv, rsa_options); | |
169 | while ((o = opt_next()) != OPT_EOF) { | |
170 | switch (o) { | |
171 | case OPT_EOF: | |
172 | case OPT_ERR: | |
173 | #ifdef OPENSSL_NO_RC4 | |
174 | case OPT_PVK_STRONG: | |
175 | case OPT_PVK_WEAK: | |
176 | case OPT_PVK_NONE: | |
35313768 | 177 | #endif |
7e1b7485 RS |
178 | opthelp: |
179 | BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); | |
180 | goto end; | |
181 | case OPT_HELP: | |
182 | opt_help(rsa_options); | |
183 | ret = 0; | |
184 | goto end; | |
185 | case OPT_INFORM: | |
186 | if (!opt_format(opt_arg(), OPT_FMT_ANY, &informat)) | |
187 | goto opthelp; | |
188 | break; | |
189 | case OPT_IN: | |
190 | infile = opt_arg(); | |
191 | break; | |
192 | case OPT_OUTFORM: | |
193 | if (!opt_format(opt_arg(), OPT_FMT_ANY, &outformat)) | |
194 | goto opthelp; | |
195 | break; | |
196 | case OPT_OUT: | |
197 | outfile = opt_arg(); | |
198 | break; | |
199 | case OPT_PASSIN: | |
200 | passinarg = opt_arg(); | |
201 | break; | |
202 | case OPT_PASSOUT: | |
203 | passoutarg = opt_arg(); | |
204 | break; | |
205 | case OPT_ENGINE: | |
206 | engine = opt_arg(); | |
207 | break; | |
208 | case OPT_PUBIN: | |
0f113f3e | 209 | pubin = 1; |
7e1b7485 RS |
210 | break; |
211 | case OPT_PUBOUT: | |
0f113f3e | 212 | pubout = 1; |
7e1b7485 RS |
213 | break; |
214 | case OPT_RSAPUBKEY_IN: | |
0f113f3e | 215 | pubin = 2; |
7e1b7485 RS |
216 | break; |
217 | case OPT_RSAPUBKEY_OUT: | |
0f113f3e | 218 | pubout = 2; |
7e1b7485 | 219 | break; |
35313768 | 220 | #ifndef OPENSSL_NO_RC4 |
7e1b7485 | 221 | case OPT_PVK_STRONG: |
0f113f3e | 222 | pvk_encr = 2; |
7e1b7485 RS |
223 | break; |
224 | case OPT_PVK_WEAK: | |
0f113f3e | 225 | pvk_encr = 1; |
7e1b7485 RS |
226 | break; |
227 | case OPT_PVK_NONE: | |
0f113f3e | 228 | pvk_encr = 0; |
7e1b7485 | 229 | break; |
35313768 | 230 | #endif |
7e1b7485 | 231 | case OPT_NOOUT: |
0f113f3e | 232 | noout = 1; |
7e1b7485 RS |
233 | break; |
234 | case OPT_TEXT: | |
0f113f3e | 235 | text = 1; |
7e1b7485 RS |
236 | break; |
237 | case OPT_MODULUS: | |
0f113f3e | 238 | modulus = 1; |
7e1b7485 RS |
239 | break; |
240 | case OPT_CHECK: | |
0f113f3e | 241 | check = 1; |
7e1b7485 RS |
242 | break; |
243 | case OPT_CIPHER: | |
244 | if (!opt_cipher(opt_unknown(), &enc)) | |
245 | goto opthelp; | |
0f113f3e MC |
246 | break; |
247 | } | |
0f113f3e | 248 | } |
7e1b7485 RS |
249 | argc = opt_num_rest(); |
250 | argv = opt_rest(); | |
0f113f3e | 251 | |
0f113f3e | 252 | # ifndef OPENSSL_NO_ENGINE |
7e1b7485 | 253 | e = setup_engine(engine, 0); |
0f113f3e | 254 | # endif |
0f113f3e | 255 | |
7e1b7485 | 256 | if (!app_passwd(passinarg, passoutarg, &passin, &passout)) { |
0f113f3e MC |
257 | BIO_printf(bio_err, "Error getting passwords\n"); |
258 | goto end; | |
259 | } | |
260 | ||
261 | if (check && pubin) { | |
262 | BIO_printf(bio_err, "Only private keys can be checked\n"); | |
263 | goto end; | |
264 | } | |
265 | ||
0f113f3e MC |
266 | { |
267 | EVP_PKEY *pkey; | |
268 | ||
269 | if (pubin) { | |
270 | int tmpformat = -1; | |
271 | if (pubin == 2) { | |
272 | if (informat == FORMAT_PEM) | |
273 | tmpformat = FORMAT_PEMRSA; | |
274 | else if (informat == FORMAT_ASN1) | |
275 | tmpformat = FORMAT_ASN1RSA; | |
7e1b7485 | 276 | } else |
0f113f3e MC |
277 | tmpformat = informat; |
278 | ||
7e1b7485 | 279 | pkey = load_pubkey(infile, tmpformat, 1, passin, e, "Public Key"); |
0f113f3e | 280 | } else |
7e1b7485 | 281 | pkey = load_key(infile, informat, 1, passin, e, "Private Key"); |
0f113f3e MC |
282 | |
283 | if (pkey != NULL) | |
284 | rsa = EVP_PKEY_get1_RSA(pkey); | |
285 | EVP_PKEY_free(pkey); | |
286 | } | |
287 | ||
288 | if (rsa == NULL) { | |
289 | ERR_print_errors(bio_err); | |
290 | goto end; | |
291 | } | |
292 | ||
7e1b7485 RS |
293 | out = bio_open_default(outfile, "w"); |
294 | if (out == NULL) | |
295 | goto end; | |
0f113f3e MC |
296 | |
297 | if (text) | |
298 | if (!RSA_print(out, rsa, 0)) { | |
299 | perror(outfile); | |
300 | ERR_print_errors(bio_err); | |
301 | goto end; | |
302 | } | |
303 | ||
304 | if (modulus) { | |
305 | BIO_printf(out, "Modulus="); | |
306 | BN_print(out, rsa->n); | |
307 | BIO_printf(out, "\n"); | |
308 | } | |
309 | ||
310 | if (check) { | |
311 | int r = RSA_check_key(rsa); | |
312 | ||
313 | if (r == 1) | |
314 | BIO_printf(out, "RSA key ok\n"); | |
315 | else if (r == 0) { | |
316 | unsigned long err; | |
317 | ||
318 | while ((err = ERR_peek_error()) != 0 && | |
319 | ERR_GET_LIB(err) == ERR_LIB_RSA && | |
320 | ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY && | |
321 | ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) { | |
322 | BIO_printf(out, "RSA key error: %s\n", | |
323 | ERR_reason_error_string(err)); | |
324 | ERR_get_error(); /* remove e from error stack */ | |
325 | } | |
326 | } | |
327 | ||
328 | if (r == -1 || ERR_peek_error() != 0) { /* should happen only if r == | |
329 | * -1 */ | |
330 | ERR_print_errors(bio_err); | |
331 | goto end; | |
332 | } | |
333 | } | |
334 | ||
335 | if (noout) { | |
336 | ret = 0; | |
337 | goto end; | |
338 | } | |
339 | BIO_printf(bio_err, "writing RSA key\n"); | |
340 | if (outformat == FORMAT_ASN1) { | |
341 | if (pubout || pubin) { | |
342 | if (pubout == 2) | |
343 | i = i2d_RSAPublicKey_bio(out, rsa); | |
344 | else | |
345 | i = i2d_RSA_PUBKEY_bio(out, rsa); | |
346 | } else | |
347 | i = i2d_RSAPrivateKey_bio(out, rsa); | |
348 | } | |
349 | # ifndef OPENSSL_NO_RC4 | |
350 | else if (outformat == FORMAT_NETSCAPE) { | |
351 | unsigned char *p, *pp; | |
352 | int size; | |
353 | ||
354 | i = 1; | |
7e1b7485 | 355 | size = i2d_RSA_NET(rsa, NULL, NULL, 0); |
0f113f3e MC |
356 | if ((p = (unsigned char *)OPENSSL_malloc(size)) == NULL) { |
357 | BIO_printf(bio_err, "Memory allocation failure\n"); | |
358 | goto end; | |
359 | } | |
360 | pp = p; | |
7e1b7485 | 361 | i2d_RSA_NET(rsa, &p, NULL, 0); |
0f113f3e MC |
362 | BIO_write(out, (char *)pp, size); |
363 | OPENSSL_free(pp); | |
364 | } | |
365 | # endif | |
366 | else if (outformat == FORMAT_PEM) { | |
367 | if (pubout || pubin) { | |
368 | if (pubout == 2) | |
369 | i = PEM_write_bio_RSAPublicKey(out, rsa); | |
370 | else | |
371 | i = PEM_write_bio_RSA_PUBKEY(out, rsa); | |
372 | } else | |
373 | i = PEM_write_bio_RSAPrivateKey(out, rsa, | |
374 | enc, NULL, 0, NULL, passout); | |
375 | # if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) | |
376 | } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { | |
377 | EVP_PKEY *pk; | |
378 | pk = EVP_PKEY_new(); | |
379 | EVP_PKEY_set1_RSA(pk, rsa); | |
380 | if (outformat == FORMAT_PVK) | |
381 | i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); | |
382 | else if (pubin || pubout) | |
383 | i = i2b_PublicKey_bio(out, pk); | |
384 | else | |
385 | i = i2b_PrivateKey_bio(out, pk); | |
386 | EVP_PKEY_free(pk); | |
387 | # endif | |
388 | } else { | |
389 | BIO_printf(bio_err, "bad output format specified for outfile\n"); | |
390 | goto end; | |
391 | } | |
392 | if (i <= 0) { | |
393 | BIO_printf(bio_err, "unable to write key\n"); | |
394 | ERR_print_errors(bio_err); | |
395 | } else | |
396 | ret = 0; | |
397 | end: | |
ca3a82c3 | 398 | BIO_free_all(out); |
d6407083 | 399 | RSA_free(rsa); |
0f113f3e MC |
400 | if (passin) |
401 | OPENSSL_free(passin); | |
402 | if (passout) | |
403 | OPENSSL_free(passout); | |
7e1b7485 | 404 | return (ret); |
0f113f3e MC |
405 | } |
406 | #else /* !OPENSSL_NO_RSA */ | |
752d706a BL |
407 | |
408 | # if PEDANTIC | |
0f113f3e | 409 | static void *dummy = &dummy; |
752d706a BL |
410 | # endif |
411 | ||
f5d7a031 | 412 | #endif |