]>
Commit | Line | Data |
---|---|---|
58964a49 | 1 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
d02b48c6 RE |
2 | * All rights reserved. |
3 | * | |
4 | * This package is an SSL implementation written | |
5 | * by Eric Young (eay@cryptsoft.com). | |
6 | * The implementation was written so as to conform with Netscapes SSL. | |
0f113f3e | 7 | * |
d02b48c6 RE |
8 | * This library is free for commercial and non-commercial use as long as |
9 | * the following conditions are aheared to. The following conditions | |
10 | * apply to all code found in this distribution, be it the RC4, RSA, | |
11 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | |
12 | * included with this distribution is covered by the same copyright terms | |
13 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | |
0f113f3e | 14 | * |
d02b48c6 RE |
15 | * Copyright remains Eric Young's, and as such any Copyright notices in |
16 | * the code are not to be removed. | |
17 | * If this package is used in a product, Eric Young should be given attribution | |
18 | * as the author of the parts of the library used. | |
19 | * This can be in the form of a textual message at program startup or | |
20 | * in documentation (online or textual) provided with the package. | |
0f113f3e | 21 | * |
d02b48c6 RE |
22 | * Redistribution and use in source and binary forms, with or without |
23 | * modification, are permitted provided that the following conditions | |
24 | * are met: | |
25 | * 1. Redistributions of source code must retain the copyright | |
26 | * notice, this list of conditions and the following disclaimer. | |
27 | * 2. Redistributions in binary form must reproduce the above copyright | |
28 | * notice, this list of conditions and the following disclaimer in the | |
29 | * documentation and/or other materials provided with the distribution. | |
30 | * 3. All advertising materials mentioning features or use of this software | |
31 | * must display the following acknowledgement: | |
32 | * "This product includes cryptographic software written by | |
33 | * Eric Young (eay@cryptsoft.com)" | |
34 | * The word 'cryptographic' can be left out if the rouines from the library | |
35 | * being used are not cryptographic related :-). | |
0f113f3e | 36 | * 4. If you include any Windows specific code (or a derivative thereof) from |
d02b48c6 RE |
37 | * the apps directory (application code) you must include an acknowledgement: |
38 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | |
0f113f3e | 39 | * |
d02b48c6 RE |
40 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND |
41 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
42 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
43 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | |
44 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
45 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
46 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
48 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
49 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
50 | * SUCH DAMAGE. | |
0f113f3e | 51 | * |
d02b48c6 RE |
52 | * The licence and distribution terms for any publically available version or |
53 | * derivative of this code cannot be changed. i.e. this code cannot simply be | |
54 | * copied and put under another distribution licence | |
55 | * [including the GNU Public Licence.] | |
56 | */ | |
7e1b7485 RS |
57 | /* ==================================================================== |
58 | * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved. | |
59 | * | |
60 | * Redistribution and use in source and binary forms, with or without | |
61 | * modification, are permitted provided that the following conditions | |
62 | * are met: | |
63 | * | |
64 | * 1. Redistributions of source code must retain the above copyright | |
65 | * notice, this list of conditions and the following disclaimer. | |
66 | * | |
67 | * 2. Redistributions in binary form must reproduce the above copyright | |
68 | * notice, this list of conditions and the following disclaimer in | |
69 | * the documentation and/or other materials provided with the | |
70 | * distribution. | |
71 | * | |
72 | * 3. All advertising materials mentioning features or use of this | |
73 | * software must display the following acknowledgment: | |
74 | * "This product includes software developed by the OpenSSL Project | |
75 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | |
76 | * | |
77 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | |
78 | * endorse or promote products derived from this software without | |
79 | * prior written permission. For written permission, please contact | |
80 | * licensing@OpenSSL.org. | |
81 | * | |
82 | * 5. Products derived from this software may not be called "OpenSSL" | |
83 | * nor may "OpenSSL" appear in their names without prior written | |
84 | * permission of the OpenSSL Project. | |
85 | * | |
86 | * 6. Redistributions of any form whatsoever must retain the following | |
87 | * acknowledgment: | |
88 | * "This product includes software developed by the OpenSSL Project | |
89 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | |
90 | * | |
91 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | |
92 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
93 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | |
94 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | |
95 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | |
96 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
97 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
98 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
99 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
100 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | |
101 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | |
102 | * OF THE POSSIBILITY OF SUCH DAMAGE. | |
103 | * ==================================================================== | |
104 | */ | |
d02b48c6 | 105 | |
3eeaab4b | 106 | #include <openssl/opensslconf.h> |
cf1b7d96 | 107 | #ifndef OPENSSL_NO_RSA |
0f113f3e MC |
108 | # include <stdio.h> |
109 | # include <stdlib.h> | |
110 | # include <string.h> | |
111 | # include <time.h> | |
112 | # include "apps.h" | |
113 | # include <openssl/bio.h> | |
114 | # include <openssl/err.h> | |
115 | # include <openssl/rsa.h> | |
116 | # include <openssl/evp.h> | |
117 | # include <openssl/x509.h> | |
118 | # include <openssl/pem.h> | |
119 | # include <openssl/bn.h> | |
120 | ||
7e1b7485 RS |
121 | typedef enum OPTION_choice { |
122 | OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, | |
123 | OPT_INFORM, OPT_OUTFORM, OPT_ENGINE, OPT_IN, OPT_OUT, | |
124 | OPT_PUBIN, OPT_PUBOUT, OPT_PASSOUT, OPT_PASSIN, | |
125 | OPT_RSAPUBKEY_IN, OPT_RSAPUBKEY_OUT, OPT_PVK_STRONG, OPT_PVK_WEAK, | |
126 | OPT_PVK_NONE, OPT_NOOUT, OPT_TEXT, OPT_MODULUS, OPT_CHECK, OPT_CIPHER | |
127 | } OPTION_CHOICE; | |
128 | ||
129 | OPTIONS rsa_options[] = { | |
130 | {"help", OPT_HELP, '-', "Display this summary"}, | |
131 | {"inform", OPT_INFORM, 'f', "Input format, one of DER NET PEM"}, | |
132 | {"outform", OPT_OUTFORM, 'f', "Output format, one of DER NET PEM PVK"}, | |
133 | {"in", OPT_IN, '<', "Input file"}, | |
134 | {"out", OPT_OUT, '>', "Output file"}, | |
135 | {"pubin", OPT_PUBIN, '-', "Expect a public key in input file"}, | |
136 | {"pubout", OPT_PUBOUT, '-', "Output a public key"}, | |
137 | {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"}, | |
138 | {"passin", OPT_PASSIN, 's', "Input file pass phrase source"}, | |
bc2f5803 RS |
139 | {"RSAPublicKey_in", OPT_RSAPUBKEY_IN, '-', "Input is an RSAPublicKey"}, |
140 | {"RSAPublicKey_out", OPT_RSAPUBKEY_OUT, '-', "Output is an RSAPublicKey"}, | |
7e1b7485 RS |
141 | {"noout", OPT_NOOUT, '-', "Don't print key out"}, |
142 | {"text", OPT_TEXT, '-', "Print the key in text"}, | |
143 | {"modulus", OPT_MODULUS, '-', "Print the RSA key modulus"}, | |
144 | {"check", OPT_CHECK, '-', "Verify key consistency"}, | |
145 | {"", OPT_CIPHER, '-', "Any supported cipher"}, | |
9c3bcfa0 RS |
146 | # ifdef OPENSSL_NO_RC4 |
147 | {"pvk-strong", OPT_PVK_STRONG, '-'}, | |
148 | {"pvk-weak", OPT_PVK_WEAK, '-'}, | |
149 | {"pvk-none", OPT_PVK_NONE, '-'}, | |
150 | # endif | |
7e1b7485 RS |
151 | # ifndef OPENSSL_NO_ENGINE |
152 | {"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"}, | |
153 | # endif | |
154 | {NULL} | |
155 | }; | |
667ac4ec | 156 | |
7e1b7485 | 157 | int rsa_main(int argc, char **argv) |
0f113f3e MC |
158 | { |
159 | ENGINE *e = NULL; | |
7e1b7485 | 160 | BIO *out = NULL; |
0f113f3e | 161 | RSA *rsa = NULL; |
0f113f3e | 162 | const EVP_CIPHER *enc = NULL; |
333b070e | 163 | char *infile = NULL, *outfile = NULL, *prog; |
7e1b7485 | 164 | char *passin = NULL, *passout = NULL, *passinarg = NULL, *passoutarg = NULL; |
3b061a00 | 165 | int i, private = 0; |
7e1b7485 RS |
166 | int informat = FORMAT_PEM, outformat = FORMAT_PEM, text = 0, check = 0; |
167 | int noout = 0, modulus = 0, pubin = 0, pubout = 0, pvk_encr = 2, ret = 1; | |
168 | OPTION_CHOICE o; | |
169 | ||
170 | prog = opt_init(argc, argv, rsa_options); | |
171 | while ((o = opt_next()) != OPT_EOF) { | |
172 | switch (o) { | |
173 | case OPT_EOF: | |
174 | case OPT_ERR: | |
7e1b7485 RS |
175 | opthelp: |
176 | BIO_printf(bio_err, "%s: Use -help for summary.\n", prog); | |
177 | goto end; | |
178 | case OPT_HELP: | |
179 | opt_help(rsa_options); | |
180 | ret = 0; | |
181 | goto end; | |
182 | case OPT_INFORM: | |
183 | if (!opt_format(opt_arg(), OPT_FMT_ANY, &informat)) | |
184 | goto opthelp; | |
185 | break; | |
186 | case OPT_IN: | |
187 | infile = opt_arg(); | |
188 | break; | |
189 | case OPT_OUTFORM: | |
190 | if (!opt_format(opt_arg(), OPT_FMT_ANY, &outformat)) | |
191 | goto opthelp; | |
192 | break; | |
193 | case OPT_OUT: | |
194 | outfile = opt_arg(); | |
195 | break; | |
196 | case OPT_PASSIN: | |
197 | passinarg = opt_arg(); | |
198 | break; | |
199 | case OPT_PASSOUT: | |
200 | passoutarg = opt_arg(); | |
201 | break; | |
202 | case OPT_ENGINE: | |
333b070e | 203 | e = setup_engine(opt_arg(), 0); |
7e1b7485 RS |
204 | break; |
205 | case OPT_PUBIN: | |
0f113f3e | 206 | pubin = 1; |
7e1b7485 RS |
207 | break; |
208 | case OPT_PUBOUT: | |
0f113f3e | 209 | pubout = 1; |
7e1b7485 RS |
210 | break; |
211 | case OPT_RSAPUBKEY_IN: | |
0f113f3e | 212 | pubin = 2; |
7e1b7485 RS |
213 | break; |
214 | case OPT_RSAPUBKEY_OUT: | |
0f113f3e | 215 | pubout = 2; |
7e1b7485 | 216 | break; |
35313768 | 217 | #ifndef OPENSSL_NO_RC4 |
7e1b7485 | 218 | case OPT_PVK_STRONG: |
0f113f3e | 219 | pvk_encr = 2; |
7e1b7485 RS |
220 | break; |
221 | case OPT_PVK_WEAK: | |
0f113f3e | 222 | pvk_encr = 1; |
7e1b7485 RS |
223 | break; |
224 | case OPT_PVK_NONE: | |
0f113f3e | 225 | pvk_encr = 0; |
7e1b7485 | 226 | break; |
9c3bcfa0 RS |
227 | #else |
228 | case OPT_PVK_STRONG: | |
229 | case OPT_PVK_WEAK: | |
230 | case OPT_PVK_NONE: | |
231 | break; | |
35313768 | 232 | #endif |
7e1b7485 | 233 | case OPT_NOOUT: |
0f113f3e | 234 | noout = 1; |
7e1b7485 RS |
235 | break; |
236 | case OPT_TEXT: | |
0f113f3e | 237 | text = 1; |
7e1b7485 RS |
238 | break; |
239 | case OPT_MODULUS: | |
0f113f3e | 240 | modulus = 1; |
7e1b7485 RS |
241 | break; |
242 | case OPT_CHECK: | |
0f113f3e | 243 | check = 1; |
7e1b7485 RS |
244 | break; |
245 | case OPT_CIPHER: | |
246 | if (!opt_cipher(opt_unknown(), &enc)) | |
247 | goto opthelp; | |
0f113f3e MC |
248 | break; |
249 | } | |
0f113f3e | 250 | } |
7e1b7485 RS |
251 | argc = opt_num_rest(); |
252 | argv = opt_rest(); | |
3b061a00 | 253 | private = text || (!pubout && !noout) ? 1 : 0; |
0f113f3e | 254 | |
7e1b7485 | 255 | if (!app_passwd(passinarg, passoutarg, &passin, &passout)) { |
0f113f3e MC |
256 | BIO_printf(bio_err, "Error getting passwords\n"); |
257 | goto end; | |
258 | } | |
0f113f3e MC |
259 | if (check && pubin) { |
260 | BIO_printf(bio_err, "Only private keys can be checked\n"); | |
261 | goto end; | |
262 | } | |
263 | ||
0f113f3e MC |
264 | { |
265 | EVP_PKEY *pkey; | |
266 | ||
267 | if (pubin) { | |
268 | int tmpformat = -1; | |
269 | if (pubin == 2) { | |
270 | if (informat == FORMAT_PEM) | |
271 | tmpformat = FORMAT_PEMRSA; | |
272 | else if (informat == FORMAT_ASN1) | |
273 | tmpformat = FORMAT_ASN1RSA; | |
7e1b7485 | 274 | } else |
0f113f3e MC |
275 | tmpformat = informat; |
276 | ||
7e1b7485 | 277 | pkey = load_pubkey(infile, tmpformat, 1, passin, e, "Public Key"); |
0f113f3e | 278 | } else |
7e1b7485 | 279 | pkey = load_key(infile, informat, 1, passin, e, "Private Key"); |
0f113f3e MC |
280 | |
281 | if (pkey != NULL) | |
282 | rsa = EVP_PKEY_get1_RSA(pkey); | |
283 | EVP_PKEY_free(pkey); | |
284 | } | |
285 | ||
286 | if (rsa == NULL) { | |
287 | ERR_print_errors(bio_err); | |
288 | goto end; | |
289 | } | |
290 | ||
bdd58d98 | 291 | out = bio_open_owner(outfile, outformat, private); |
7e1b7485 RS |
292 | if (out == NULL) |
293 | goto end; | |
0f113f3e | 294 | |
3b061a00 RS |
295 | if (text) { |
296 | assert(private); | |
0f113f3e MC |
297 | if (!RSA_print(out, rsa, 0)) { |
298 | perror(outfile); | |
299 | ERR_print_errors(bio_err); | |
300 | goto end; | |
301 | } | |
3b061a00 | 302 | } |
0f113f3e MC |
303 | |
304 | if (modulus) { | |
305 | BIO_printf(out, "Modulus="); | |
306 | BN_print(out, rsa->n); | |
307 | BIO_printf(out, "\n"); | |
308 | } | |
309 | ||
310 | if (check) { | |
311 | int r = RSA_check_key(rsa); | |
312 | ||
313 | if (r == 1) | |
314 | BIO_printf(out, "RSA key ok\n"); | |
315 | else if (r == 0) { | |
316 | unsigned long err; | |
317 | ||
318 | while ((err = ERR_peek_error()) != 0 && | |
319 | ERR_GET_LIB(err) == ERR_LIB_RSA && | |
320 | ERR_GET_FUNC(err) == RSA_F_RSA_CHECK_KEY && | |
321 | ERR_GET_REASON(err) != ERR_R_MALLOC_FAILURE) { | |
322 | BIO_printf(out, "RSA key error: %s\n", | |
323 | ERR_reason_error_string(err)); | |
324 | ERR_get_error(); /* remove e from error stack */ | |
325 | } | |
326 | } | |
327 | ||
bc2f5803 RS |
328 | /* should happen only if r == -1 */ |
329 | if (r == -1 || ERR_peek_error() != 0) { | |
0f113f3e MC |
330 | ERR_print_errors(bio_err); |
331 | goto end; | |
332 | } | |
333 | } | |
334 | ||
335 | if (noout) { | |
336 | ret = 0; | |
337 | goto end; | |
338 | } | |
339 | BIO_printf(bio_err, "writing RSA key\n"); | |
340 | if (outformat == FORMAT_ASN1) { | |
341 | if (pubout || pubin) { | |
342 | if (pubout == 2) | |
343 | i = i2d_RSAPublicKey_bio(out, rsa); | |
344 | else | |
345 | i = i2d_RSA_PUBKEY_bio(out, rsa); | |
3b061a00 RS |
346 | } else { |
347 | assert(private); | |
0f113f3e | 348 | i = i2d_RSAPrivateKey_bio(out, rsa); |
3b061a00 | 349 | } |
0f113f3e | 350 | } |
0f113f3e MC |
351 | else if (outformat == FORMAT_PEM) { |
352 | if (pubout || pubin) { | |
353 | if (pubout == 2) | |
354 | i = PEM_write_bio_RSAPublicKey(out, rsa); | |
355 | else | |
356 | i = PEM_write_bio_RSA_PUBKEY(out, rsa); | |
3b061a00 RS |
357 | } else { |
358 | assert(private); | |
0f113f3e MC |
359 | i = PEM_write_bio_RSAPrivateKey(out, rsa, |
360 | enc, NULL, 0, NULL, passout); | |
3b061a00 | 361 | } |
0f113f3e MC |
362 | # if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) |
363 | } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { | |
364 | EVP_PKEY *pk; | |
365 | pk = EVP_PKEY_new(); | |
366 | EVP_PKEY_set1_RSA(pk, rsa); | |
367 | if (outformat == FORMAT_PVK) | |
368 | i = i2b_PVK_bio(out, pk, pvk_encr, 0, passout); | |
369 | else if (pubin || pubout) | |
370 | i = i2b_PublicKey_bio(out, pk); | |
3b061a00 RS |
371 | else { |
372 | assert(private); | |
0f113f3e | 373 | i = i2b_PrivateKey_bio(out, pk); |
3b061a00 | 374 | } |
0f113f3e MC |
375 | EVP_PKEY_free(pk); |
376 | # endif | |
377 | } else { | |
378 | BIO_printf(bio_err, "bad output format specified for outfile\n"); | |
379 | goto end; | |
380 | } | |
381 | if (i <= 0) { | |
382 | BIO_printf(bio_err, "unable to write key\n"); | |
383 | ERR_print_errors(bio_err); | |
384 | } else | |
385 | ret = 0; | |
386 | end: | |
ca3a82c3 | 387 | BIO_free_all(out); |
d6407083 | 388 | RSA_free(rsa); |
b548a1f1 RS |
389 | OPENSSL_free(passin); |
390 | OPENSSL_free(passout); | |
7e1b7485 | 391 | return (ret); |
0f113f3e MC |
392 | } |
393 | #else /* !OPENSSL_NO_RSA */ | |
752d706a BL |
394 | |
395 | # if PEDANTIC | |
0f113f3e | 396 | static void *dummy = &dummy; |
752d706a BL |
397 | # endif |
398 | ||
f5d7a031 | 399 | #endif |